netbird/util/net/protectsocket_android.go

package net

import (
	"fmt"
	"sync"
	"syscall"
)

var (
	androidProtectSocketLock sync.Mutex
	androidProtectSocket     func(fd int32) bool
)

func SetAndroidProtectSocketFn(fn func(fd int32) bool) {
	androidProtectSocketLock.Lock()
	androidProtectSocket = fn
	androidProtectSocketLock.Unlock()
}

// ControlProtectSocket is a Control function that sets the fwmark on the socket
func ControlProtectSocket(_, _ string, c syscall.RawConn) error {
	var aErr error
	err := c.Control(func(fd uintptr) {
		androidProtectSocketLock.Lock()
		defer androidProtectSocketLock.Unlock()

		if androidProtectSocket == nil {
			aErr = fmt.Errorf("socket protection function not set")
			return
		}

		if !androidProtectSocket(int32(fd)) {
			aErr = fmt.Errorf("failed to protect socket via Android")
		}
	})

	if err != nil {
		return err
	}

	return aErr
}
Feature/exit node Android (#1916) Support exit node on Android. With the protect socket function, we mark every connection that should be used out of VPN. 2024-05-07 12:28:30 +02:00			`package net`

[client] Code cleaning in net pkg and fix exit node feature on Android(#2932) Code cleaning around the util/net package. The goal was to write a more understandable source code but modify nothing on the logic. Protect the WireGuard UDP listeners with marks. The implementation can support the VPN permission revocation events in thread safe way. It will be important if we start to support the running time route and DNS update features. - uniformize the file name convention: [struct_name] _ [functions] _ [os].go - code cleaning in net_linux.go - move env variables to env.go file 2024-11-26 23:34:27 +01:00			`import (`
			`"fmt"`
			`"sync"`
			`"syscall"`
			`)`
Feature/exit node Android (#1916) Support exit node on Android. With the protect socket function, we mark every connection that should be used out of VPN. 2024-05-07 12:28:30 +02:00
			`var (`
			`androidProtectSocketLock sync.Mutex`
			`androidProtectSocket func(fd int32) bool`
			`)`

[client] Code cleaning in net pkg and fix exit node feature on Android(#2932) Code cleaning around the util/net package. The goal was to write a more understandable source code but modify nothing on the logic. Protect the WireGuard UDP listeners with marks. The implementation can support the VPN permission revocation events in thread safe way. It will be important if we start to support the running time route and DNS update features. - uniformize the file name convention: [struct_name] _ [functions] _ [os].go - code cleaning in net_linux.go - move env variables to env.go file 2024-11-26 23:34:27 +01:00			`func SetAndroidProtectSocketFn(fn func(fd int32) bool) {`
Feature/exit node Android (#1916) Support exit node on Android. With the protect socket function, we mark every connection that should be used out of VPN. 2024-05-07 12:28:30 +02:00			`androidProtectSocketLock.Lock()`
[client] Code cleaning in net pkg and fix exit node feature on Android(#2932) Code cleaning around the util/net package. The goal was to write a more understandable source code but modify nothing on the logic. Protect the WireGuard UDP listeners with marks. The implementation can support the VPN permission revocation events in thread safe way. It will be important if we start to support the running time route and DNS update features. - uniformize the file name convention: [struct_name] _ [functions] _ [os].go - code cleaning in net_linux.go - move env variables to env.go file 2024-11-26 23:34:27 +01:00			`androidProtectSocket = fn`
Feature/exit node Android (#1916) Support exit node on Android. With the protect socket function, we mark every connection that should be used out of VPN. 2024-05-07 12:28:30 +02:00			`androidProtectSocketLock.Unlock()`
			`}`
[client] Code cleaning in net pkg and fix exit node feature on Android(#2932) Code cleaning around the util/net package. The goal was to write a more understandable source code but modify nothing on the logic. Protect the WireGuard UDP listeners with marks. The implementation can support the VPN permission revocation events in thread safe way. It will be important if we start to support the running time route and DNS update features. - uniformize the file name convention: [struct_name] _ [functions] _ [os].go - code cleaning in net_linux.go - move env variables to env.go file 2024-11-26 23:34:27 +01:00
			`// ControlProtectSocket is a Control function that sets the fwmark on the socket`
			`func ControlProtectSocket(_, _ string, c syscall.RawConn) error {`
			`var aErr error`
			`err := c.Control(func(fd uintptr) {`
			`androidProtectSocketLock.Lock()`
			`defer androidProtectSocketLock.Unlock()`

			`if androidProtectSocket == nil {`
			`aErr = fmt.Errorf("socket protection function not set")`
			`return`
			`}`

			`if !androidProtectSocket(int32(fd)) {`
			`aErr = fmt.Errorf("failed to protect socket via Android")`
			`}`
			`})`

			`if err != nil {`
			`return err`
			`}`

			`return aErr`
			`}`