Make legacy VPN work over stacked interfaces.

On stacked interfaces like 464xlat, Legacy VPN can't find the
default gateway because it uses getRoutes, which only returns
routes for the base link and not for the stacked links. It also
assumes that the interface that the default route points to is
the interface for the base link (e.g., rmnet0) instead of the
interface the route actually points to (e.g., clat4).

Fix this by calling getAllRoutes to find the default IPv4 route,
and get the interface name from the route we find instead of
assuming it's the base interface.

Bug: 9597516
Change-Id: Ia6ce0b6258a421cd22f60dedca7e94176b32176b

diff --git a/services/java/com/android/server/connectivity/Vpn.java b/services/java/com/android/server/connectivity/Vpn.java
index 2fc972f..63d3958 100644 (file)
--- a/services/java/com/android/server/connectivity/Vpn.java
+++ b/services/java/com/android/server/connectivity/Vpn.java
@@ -467,15 +467,15 @@ public class Vpn extends BaseNetworkStateTracker {
     private native int jniCheck(String interfaze);
     private native void jniProtect(int socket, String interfaze);
 
-    private static String findLegacyVpnGateway(LinkProperties prop) {
-        for (RouteInfo route : prop.getRoutes()) {
+    private static RouteInfo findIPv4DefaultRoute(LinkProperties prop) {
+        for (RouteInfo route : prop.getAllRoutes()) {
             // Currently legacy VPN only works on IPv4.
             if (route.isDefaultRoute() && route.getGateway() instanceof Inet4Address) {
-                return route.getGateway().getHostAddress();
+                return route;
             }
         }
 
-        throw new IllegalStateException("Unable to find suitable gateway");
+        throw new IllegalStateException("Unable to find IPv4 default gateway");
     }
 
     /**
@@ -488,8 +488,9 @@ public class Vpn extends BaseNetworkStateTracker {
             throw new IllegalStateException("KeyStore isn't unlocked");
         }
 
-        final String iface = egress.getInterfaceName();
-        final String gateway = findLegacyVpnGateway(egress);
+        final RouteInfo ipv4DefaultRoute = findIPv4DefaultRoute(egress);
+        final String gateway = ipv4DefaultRoute.getGateway().getHostAddress();
+        final String iface = ipv4DefaultRoute.getInterface();
 
         // Load certificates.
         String privateKey = "";