--- doc/android.txt | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/doc/android.txt b/doc/android.txt index 871e399..466afba 100644 --- a/doc/android.txt +++ b/doc/android.txt @@ -2,7 +2,7 @@ This file documents the support in OpenVPN for Android 4.0 and up. This support is primarily used in the "OpenVPN for Android" app (http://code.google.com/p/ics-openvpn/). For building see the developer -README: http://code.google.com/p/ics-openvpn/source/browse/README.txt. +README: http://code.google.com/p/ics-openvpn/source/browse/doc/README.txt. Android provides the VPNService API (http://developer.android.com/reference/android/net/VpnService.html) @@ -55,6 +55,21 @@ To set the DNS server and search domain. The GUI will then respond with a "needok 'command' ok' or "needok 'command' cancel', e.g. "needok 'IFCONFIG' ok". +PERSIST_TUN_ACTION + +In Android 4.4-4.4.2 a bug exists that does not allow to open a new tun fd +while a tun fd is still open. When OpenVPN wants to open an fd it will do +this query. The UI should compare the last configuration of +the tun device with the current tun configuration and reply with either (or +always respond with OPEN_AFTER_BEFORE/OPEN_BEFORE_CLOSE) + +- NOACTION: Keep using the old fd +- OPEN_AFTER_CLOSE: First close the old fd and then open a new to workaround the bug +- OPEN_BEFORE_CLOSE: the normal behaviour when the VPN configuration changed + +For example the UI could respond with +needok 'PERSIST_TUN_ACTION' OPEN_AFTER_CLOSE + To protect a socket the OpenVPN will send a PROTECTFD to the UI. When sending the PROTECTFD command command to the UI it will send the fd of the socket as ancillary message over the UNIX socket. @@ -74,3 +89,4 @@ are not specific to Android but are rarely used on other platform. For example using SIGUSR1 and management-hold to restart, pause, continue the VPN on network changes or the external key management --management-external-key option and inline files. + -- 1.8.5.2 (Apple Git-48)
