Skip to content

[android] allow selection/deselection of network resources on android peers #4607

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 26 commits into
base: main
Choose a base branch
from
Open

[android] allow selection/deselection of network resources on android peers #4607

wants to merge 26 commits into from

Conversation

@doromaraujo
Copy link
Collaborator

@doromaraujo doromaraujo commented Oct 8, 2025
edited
Loading

Describe your changes

Allows user to toggle network resources on android client via exported functions.

Since we can't update the routes table on android's tun interface after creating a VPN when a network route change is detected, this also exports a function to renew the tun.Device's file descriptor used in android devices with a new implementation of WireGuard's tun.Device interface.

RenewableTUN is used in place of the created unmonitored tun on client/iface/device/device_android's Create function when passing a tun.Device to WGTunDevice's filteredDevice field. The unmonitored tun is added as a device to RenewableTUN, which manages a queue of tun.Devices internally.

Every call to a tun.Device method implemented by RenewableTUN uses the latest queued tun.Device's implementation.

When renewing a file descriptor in device_android, a new unmonitored tun is created with it, then it is added to RenewableTUN, deferring closure of the oldest tun.Device managed by it.

This also fixes a bug that didn't allow android clients to properly save its current profile's state with the same approach
used in iOS.

Issue ticket number and link

Stack

Checklist

  • Is it a bug fix
  • Is a typo/documentation fix
  • Is a feature enhancement
  • It is a refactor
  • Created tests that fail without the change (if possible)

By submitting this pull request, you confirm that you have read and agree to the terms of the Contributor License Agreement.

Documentation

Select exactly one:

  • I added/updated documentation for this change
  • Documentation is not needed for this change (explain why)

Docs PR URL (required if "docs added" is checked)

Paste the PR link from https://github.com/netbirdio/docs here:

https://github.com/netbirdio/docs/pull/__

pappz and others added 20 commits September 23, 2025 19:29
@pappz
Export RenewFD function for Android
f088b4a
@doromaraujo
[client] add initial implementation of RenewTun for android device
b2fbdfa
@doromaraujo
[android] add usage of routeSelector when retrieving networks
c58ccc5 
To return information regarding if the network route is selected for a
given peer or not
@doromaraujo
[android] add route commands to toggle routes
6e57e55
@doromaraujo
[android] add state file path to android client constructor and struct
51b664c 
Android has the same limitation as iOS in regard to file creation, so
it can't create the state file at the default location returned by
ServiceManager's GetStatePath (/var/lib/netbird/state.json)
@doromaraujo
[client] add android check to use mobile dependency's StateFilePath
880ec01 
When setting engine's state manager
@doromaraujo
[client] pass state file to be set as mobile dependency to RunOnAndroid
9016f5d 
on ConnectClient
@doromaraujo
Revert changed todo message
53d706a
@doromaraujo
[android] Add peer routes to peers and network domains to networks
41fc5aa
@doromaraujo
[android] Add resolved IP addresses to network domains
970e3de
@doromaraujo
Merge branch 'main' into feature/android-allow-selecting-routes
0190059
@doromaraujo
[android] Add rudimentary implementation of RenewableTUN
eed622d
@doromaraujo
[android] Add some nil checks to tun.Device implementations on Renewa…
369a560 
…bleTUN
@doromaraujo
[android] Add usage of RenewableTUN when renewing tun fd on android
e67cd45
@doromaraujo
[android] Use mutex when peeking, dequeueing and adding to devices list
040ed99
@doromaraujo
Merge branch 'netbirdio:main' into main
4e094f8
@doromaraujo
[test] Add missing RenewFd mock to MockWGIface used in engine_test
fb864e5
@doromaraujo
[client] Add missing RenewTun implementation
971eea3 
Added to iface_create.go and iface_create_darwin.go
Since this is only used in android's context, it throws an error
when those implementations are called
@doromaraujo
[test] remove unused definition from MockWGIface struct
546d022
@doromaraujo
[client] add go:build android to new android files
039c940
pappz
pappz requested changes Oct 8, 2025
View reviewed changes
@doromaraujo
[client] sort imports, fix typo
90a7846
@doromaraujo
[android] add PlatformFiles interface to group config and state file …
4ff93da 
…paths

This was done to lower the amount of parameters passed to
android/client's NewClient function
@doromaraujo doromaraujo requested a review from pappz October 9, 2025 03:14
pappz
pappz requested changes Oct 17, 2025
View reviewed changes
@doromaraujo
[client] Wrap RenewableTUN's device with closeAwareDevice
6dc4d57 
closeAwareDevice adds a bool indicating whether its
wrapped tun.Device's Close method was called.

This was done so that when the engine reads or writes
from a device, it won't receive an error if the device
has already been closed in order to not call RenewableTUN
Close method (which will close all devices)
@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 18, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@doromaraujo doromaraujo requested a review from pappz October 18, 2025 00:20
pappz
pappz requested changes Oct 31, 2025
View reviewed changes
client/iface/device/renewable_tun.go
log.Debugf("error reading from device: %v", err)

if device.IsClosed() {
err = nil
Copy link
Contributor

@pappz pappz Oct 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this case, we will lose packages. Right? We should solve this somehow.
I see multiple options.

  • Syncrhonize the AddDevice and Read, Write functions. So the r.peekLast will provide an up-to-date device.
  • In case of error, retry to read, write the package into, from a "newer" device if it is available. So rerun the r.peekLast() in a for loop while there are new devices.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pappz pappz pappz requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@doromaraujo @pappz