libwg-go: reenable sticky sockets, just slightly less sticky

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

app/src/main/java/com/wireguard/android/backend/GoBackend.java

@@ -51,6 +51,10 @@ public final class GoBackend implements Backend {
 
     private static native int wgGetSocketV6(int handle);
 
+    private static native void wgPutSocketV4(int handle);
+
+    private static native void wgPutSocketV6(int handle);
+
     private static native void wgTurnOff(int handle);
 
     private static native int wgTurnOn(String ifName, int tunFd, String settings);
@@ -186,7 +190,9 @@ public final class GoBackend implements Backend {
             currentTunnel = tunnel;
 
             service.protect(wgGetSocketV4(currentTunnelHandle));
+            wgPutSocketV4(currentTunnelHandle);
             service.protect(wgGetSocketV6(currentTunnelHandle));
+            wgPutSocketV6(currentTunnelHandle);
         } else {
             Log.i(TAG, "Bringing tunnel down");
 

app/tools/libwg-go/src/git.zx2c4.com/wireguard-go/api-android.go

@@ -85,6 +85,7 @@ func wgTurnOn(ifnameRef string, tun_fd int32, settings string) int32 {
 	}
 
 	device.Up()
+	device.net.bind.(*NativeBind).clearSourceOnAllRouteChanges = true
 	logger.Info.Println("Device started")
 
 	var i int32
@@ -121,18 +122,7 @@ func wgGetSocketV4(tunnelHandle int32) int32 {
 	if !ok {
 		return -1
 	}
-	fd := int32(-1)
-	conn, err := native.ipv4.SyscallConn()
-	if err != nil {
-		return -1
-	}
-	err = conn.Control(func(f uintptr) {
-		fd = int32(f)
-	})
-	if err != nil {
-		return -1
-	}
-	return fd
+	return int32(native.sock4)
 }
 
 //export wgGetSocketV6
@@ -145,18 +135,41 @@ func wgGetSocketV6(tunnelHandle int32) int32 {
 	if !ok {
 		return -1
 	}
-	fd := int32(-1)
-	conn, err := native.ipv6.SyscallConn()
-	if err != nil {
-		return -1
+	return int32(native.sock6)
+}
+
+//export wgPutSocketV4
+func wgPutSocketV4(tunnelHandle int32) {
+	device, ok := tunnelHandles[tunnelHandle]
+	if !ok {
+		return
 	}
-	err = conn.Control(func(f uintptr) {
-		fd = int32(f)
-	})
-	if err != nil {
-		return -1
+	native, ok := device.net.bind.(*NativeBind)
+	if !ok {
+		return
+	}
+	fwmark, err := unix.GetsockoptInt(native.sock6, unix.SOL_SOCKET, unix.SO_MARK)
+	if err == nil {
+		native.lastMark = uint32(fwmark)
+		device.net.fwmark = uint32(fwmark)
+	}
+}
+
+//export wgPutSocketV6
+func wgPutSocketV6(tunnelHandle int32) {
+	device, ok := tunnelHandles[tunnelHandle]
+	if !ok {
+		return
+	}
+	native, ok := device.net.bind.(*NativeBind)
+	if !ok {
+		return
+	}
+	fwmark, err := unix.GetsockoptInt(native.sock6, unix.SOL_SOCKET, unix.SO_MARK)
+	if err == nil {
+		native.lastMark = uint32(fwmark)
+		device.net.fwmark = uint32(fwmark)
 	}
-	return fd
 }
 
 func main() {}

app/tools/libwg-go/src/git.zx2c4.com/wireguard-go/jni.c

@@ -10,6 +10,8 @@ extern int wgTurnOn(struct go_string ifname, int tun_fd, struct go_string settin
 extern void wgTurnOff(int handle);
 extern int wgGetSocketV4(int handle);
 extern int wgGetSocketV6(int handle);
+extern void wgPutSocketV4(int handle);
+extern void wgPutSocketV6(int handle);
 
 JNIEXPORT jint JNICALL Java_com_wireguard_android_backend_GoBackend_wgTurnOn(JNIEnv *env, jclass c, jstring ifname, jint tun_fd, jstring settings)
 {
@@ -43,3 +45,13 @@ JNIEXPORT jint JNICALL Java_com_wireguard_android_backend_GoBackend_wgGetSocketV
 {
 	return wgGetSocketV6(handle);
 }
+
+JNIEXPORT void JNICALL Java_com_wireguard_android_backend_GoBackend_wgPutSocketV4(JNIEnv *env, jclass c, jint handle)
+{
+	wgPutSocketV4(handle);
+}
+
+JNIEXPORT void JNICALL Java_com_wireguard_android_backend_GoBackend_wgPutSocketV6(JNIEnv *env, jclass c, jint handle)
+{
+	wgPutSocketV6(handle);
+}

app/tools/wireguard-go

@@ -1 +1 @@
-Subproject commit 0b647d1ca7e079f3bb2fe95c3ca7c05898315a6e
+Subproject commit 4365b4583fa32b1b77d33f5074da9c165a28f824