Here is the second iteration of my JNI/Android patch series. This has grown into a relatively large set of changes so I put together a quick proof of concept based on an existing Android OpenVPN client, to prove to myself that the new interfaces are suitable for the task at hand: https://github.com/cernekee/ics-openvpn/commits/oc-v1 https://dl.dropboxusercontent.com/u/169702767/icsvpn/screenshot-log.png https://dl.dropboxusercontent.com/u/169702767/icsvpn/screenshot-notif.png https://dl.dropboxusercontent.com/u/169702767/icsvpn/icsopenvpn.apk V1->V2 changes: Split JNI wrappers into a separate shared library by default, but still allow building a monolithic library for Android Don't require JAVAC to be set if javac can be found via JAVA_HOME or PATH Rename org.infradead.openconnect.LibOpenConnect to org.infradead.libopenconnect.LibOpenConnect, so the library code is guaranteed to have its own package Move the Java code under java/, and use ant to build it Add connection initiation and mainloop support to C and Java libraries Modify main.c to take advantage of the new library APIs Get rid of forward declarations in jni.c by overriding -Wmissing-declarations Add or enhance Java library functions: - cancel() / isCanceled(), to make it easier for callers to shut down after user aborts - setLogLevel(), to avoid calling back into Java on every single packet (PRG_TRACE message) - parseURL() - convert to use helper macros - all: use JNI global references to clean up the PUSH_CTX/POP_CTX hacks - Removed a bunch of helper functions in favor of direct object field access from C These patches are posted at: git://github.com/cernekee/openconnect jni-v2 Possible trouble spots: I'm using explicit routes at the moment so I don't see problems on this setup, but I think we need to be able to call VpnService.protect() on the sockets used for SSL and DTLS connections. This may require another library->JNI->Java callback to handle cases like reconnect. It would be nice to have a way to obtain byte counts from the library. Maybe through a periodic mainloop callback that runs every second or so? Can somebody check to see if strsignal() works on Solaris? The openconnect.pc.in changes are untested and should be scrutinized. This patch series has gone through quite a bit of churn so there are probably at least a few bugs remaining. I still haven't looked for memory leaks in the JNI code. Kevin Cernekee (26): library: Remove declaration for nonexistent openconnect_get_vpn_name() auth: Hack around const warnings Introduce new helper functions for cancel_fd checking library: Add new openconnect_setup_cancel_pipe() call Convert vpn_mainloop() into a library function main: Introduce xstrdup() function tun: Export setup_tun() functionality Move vpninfo default settings into library library: Check for failed allocations in openconnect_vpninfo_new() dtls: Export setup_dtls() function cstp: Export make_cstp_connection() library: Move the mainloop guts into libopenconnect library: Update openconnect.pc.in tun, cstp: Don't exit() on failure library: Free zlib state cstp: Clean up split include/exclude/DNS lists when freeing vpninfo library: Add get/set functions for servercert, ifname, reqmtu library: Export VPN IP information to callers main: Add openconnect_vpninfo_free() on a couple of exit paths buildsys: Allow overriding -W flags acinclude: Add AX_JNI_INCLUDE_DIR macro JNI: Initial commit of C wrapper functions JNI: Initial commit of Java library + example program android: Enable JNI in build android: Add libstoken to build library: Update changelog and bump minor version .gitignore | 1 + Makefile.am | 25 +- acinclude.m4 | 125 +++ android/0001-Remove-call-to-mlockall.patch | 33 + android/Makefile | 72 +- auth.c | 8 +- configure.ac | 48 +- cstp.c | 135 +-- dtls.c | 14 +- gnutls.c | 36 +- http.c | 18 +- java/.gitignore | 2 + java/README | 22 + java/build.xml | 33 + java/src/com/example/LibTest.java | 201 +++++ .../infradead/libopenconnect/LibOpenConnect.java | 231 +++++ jni.c | 926 ++++++++++++++++++++ libopenconnect.map.in | 16 + library.c | 77 +- main.c | 137 ++- mainloop.c | 28 +- openconnect-internal.h | 66 +- openconnect.h | 61 +- openconnect.pc.in | 2 +- openssl.c | 36 +- ssl.c | 8 +- tun.c | 185 ++-- 27 files changed, 2192 insertions(+), 354 deletions(-) create mode 100644 android/0001-Remove-call-to-mlockall.patch create mode 100644 java/.gitignore create mode 100644 java/README create mode 100644 java/build.xml create mode 100644 java/src/com/example/LibTest.java create mode 100644 java/src/org/infradead/libopenconnect/LibOpenConnect.java create mode 100644 jni.c -- 1.7.9.5
