[GIT PULL V4] JNI bindings for libopenconnect

Kevin Cernekee cernekee at gmail.com
Sun Nov 3 15:22:52 EST 2013

V3->V4 changes:

Fixed improper JNI API usage: NewStringUTF-allocated objects need to be
released with DeleteLocalRef(), not ReleaseStringUTFChars().

Fixed Android MIPS builds, which were failing due to an apparent NDK issue.
I have contacted MIPS support about this, but I can investigate myself if
that doesn't yield fruit.

Other minor Android updates:

    android: Add "sources" target
    android: Add .gitignore file
    android: Update Makefile to use NDK r9b

The modified ics-openvpn Android app has been tested on ARMv7, x86, and
MIPS devices.  It is able to connect to ocserv and ping through the VPN on
all architectures.

I sometimes see intermittent errors logged on the ocserv side:

    ocserv[25459]: [main] DTLS record version: 1.0
    ocserv[25459]: [main] DTLS hello version: 220.94
    ocserv[25459]: [main] unexpected DTLS content type: 23
    ocserv[25459]: [main] could not determine the owner of received UDP packet

It isn't clear whether these are related to my ocserv installation,
Android, the libopenconnect changes, or something else.  I don't see any
obvious problems connecting from a standard Linux PC to other gateways.

One other wrinkle we'll need to eventually consider is the interaction
between VPN clients and sleep mode on mobile devices.  The official Cisco
client may provide clues as to how this is done (especially if we can
convince it to talk to ocserv).

The following changes since commit 3444f811ae91d77b0bad07ed7b4de61d635bb940:

  Set SO_SNDBUF on DTLS socket and handle -EAGAIN on it (2013-10-03 06:20:35 -0700)

are available in the git repository at:

  git://github.com/cernekee/openconnect.git jni-v4

for you to fetch changes up to 91397f6937b56cc32efb8151bedc4b1a9124433e:

  android: Update Makefile to use NDK r9b (2013-11-03 11:23:28 -0800)

Kevin Cernekee (40):
      Clear peer_addr if aborting XML POST changes the hostname
      library: Remove declaration for nonexistent openconnect_get_vpn_name()
      auth: Hack around const warnings
      Introduce new helper functions for cancel_fd checking
      library: Add new openconnect_setup_cancel_pipe() call
      Move signal handling out of mainloop
      mainloop: Convert vpn_mainloop() into a library function
      main: Introduce xstrdup() function
      tun: Export setup_tun() functionality
      Move vpninfo default settings into library
      library: Check for failed allocations in openconnect_vpninfo_new()
      dtls: Export setup_dtls() function
      cstp: Export make_cstp_connection()
      library: Move the mainloop guts into libopenconnect
      library: Update openconnect.pc.in
      tun, cstp: Don't exit() on failure
      library: Free zlib state
      cstp: Clean up split include/exclude/DNS lists when freeing vpninfo
      library: Add get/set functions for servercert, ifname, reqmtu
      library: Export VPN IP information to callers
      library: Add protect_socket callback
      library: Add support for mobile headers
      library: Add openconnect_set_xmlpost() to support different CSD modes
      library: Update changelog and bump minor version
      main: Add openconnect_vpninfo_free() on a couple of exit paths
      buildsys: Allow overriding -W flags
      acinclude: Add AX_JNI_INCLUDE_DIR macro
      JNI: Initial commit of C wrapper functions
      JNI: Initial commit of Java library + example program
      android: Bump gmp up to version 5.1.2
      android: Enable JNI in build
      android: Add libstoken to build
      android: Add liboath to build
      android: Honor $TMPDIR when writing CSD script
      auth: Fix comment in parse_form()
      auth: Add new group_select argument to xmlpost_initial_req()
      android: Add "sources" target
      android: Fix broken ARCH=mips build
      android: Add .gitignore file
      android: Update Makefile to use NDK r9b

 .gitignore                                         |    1 +
 Makefile.am                                        |   25 +-
 acinclude.m4                                       |  125 +++
 android/.gitignore                                 |    8 +
 android/0001-Remove-call-to-mlockall.patch         |   33 +
 ...-fflush-freadahead-fseeko-Fix-for-Android.patch |   43 +
 android/Makefile                                   |  119 ++-
 auth.c                                             |   32 +-
 configure.ac                                       |   48 +-
 cstp.c                                             |  136 +--
 dtls.c                                             |   18 +-
 gnutls.c                                           |   36 +-
 http.c                                             |   41 +-
 java/.gitignore                                    |    2 +
 java/README                                        |   22 +
 java/build.xml                                     |   33 +
 java/src/com/example/LibTest.java                  |  207 +++++
 .../infradead/libopenconnect/LibOpenConnect.java   |  250 +++++
 jni.c                                              |  975 ++++++++++++++++++++
 libopenconnect.map.in                              |   19 +
 library.c                                          |  106 ++-
 main.c                                             |  149 ++-
 mainloop.c                                         |   31 +-
 openconnect-internal.h                             |   74 +-
 openconnect.h                                      |   80 +-
 openconnect.pc.in                                  |    2 +-
 openssl.c                                          |   36 +-
 ssl.c                                              |   10 +-
 tun.c                                              |  187 ++--
 29 files changed, 2474 insertions(+), 374 deletions(-)
 create mode 100644 android/.gitignore
 create mode 100644 android/0001-Remove-call-to-mlockall.patch
 create mode 100644 android/0001-fflush-freadahead-fseeko-Fix-for-Android.patch
 create mode 100644 java/.gitignore
 create mode 100644 java/README
 create mode 100644 java/build.xml
 create mode 100644 java/src/com/example/LibTest.java
 create mode 100644 java/src/org/infradead/libopenconnect/LibOpenConnect.java
 create mode 100644 jni.c

More information about the openconnect-devel mailing list