Loading api/current.txt +2 −2 Original line number Diff line number Diff line Loading @@ -6623,7 +6623,7 @@ package android.app.admin { method @Nullable public String[] getAccountTypesWithManagementDisabled(); method @Nullable public java.util.List<android.content.ComponentName> getActiveAdmins(); method @NonNull public java.util.Set<java.lang.String> getAffiliationIds(@NonNull android.content.ComponentName); method @Nullable public java.util.List<java.lang.String> getAlwaysOnVpnLockdownWhitelist(@NonNull android.content.ComponentName); method @Nullable public java.util.Set<java.lang.String> getAlwaysOnVpnLockdownWhitelist(@NonNull android.content.ComponentName); method @Nullable public String getAlwaysOnVpnPackage(@NonNull android.content.ComponentName); method @WorkerThread @NonNull public android.os.Bundle getApplicationRestrictions(@Nullable android.content.ComponentName, String); method @Deprecated @Nullable public String getApplicationRestrictionsManagingPackage(@NonNull android.content.ComponentName); Loading Loading @@ -6736,7 +6736,7 @@ package android.app.admin { method public void setAccountManagementDisabled(@NonNull android.content.ComponentName, String, boolean); method public void setAffiliationIds(@NonNull android.content.ComponentName, @NonNull java.util.Set<java.lang.String>); method public void setAlwaysOnVpnPackage(@NonNull android.content.ComponentName, @Nullable String, boolean) throws android.content.pm.PackageManager.NameNotFoundException; method public void setAlwaysOnVpnPackage(@NonNull android.content.ComponentName, @Nullable String, boolean, @Nullable java.util.List<java.lang.String>) throws android.content.pm.PackageManager.NameNotFoundException; method public void setAlwaysOnVpnPackage(@NonNull android.content.ComponentName, @Nullable String, boolean, @Nullable java.util.Set<java.lang.String>) throws android.content.pm.PackageManager.NameNotFoundException; method public boolean setApplicationHidden(@NonNull android.content.ComponentName, String, boolean); method @WorkerThread public void setApplicationRestrictions(@Nullable android.content.ComponentName, String, android.os.Bundle); method @Deprecated public void setApplicationRestrictionsManagingPackage(@NonNull android.content.ComponentName, @Nullable String) throws android.content.pm.PackageManager.NameNotFoundException; core/java/android/app/admin/DevicePolicyManager.java +19 −10 Original line number Diff line number Diff line Loading @@ -112,6 +112,7 @@ import java.security.spec.PKCS8EncodedKeySpec; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.concurrent.CompletableFuture; Loading Loading @@ -5171,7 +5172,8 @@ public class DevicePolicyManager { * </ul> * The call will fail if called with the package name of an unsupported VPN app. * <p> Enabling lockdown via {@code lockdownEnabled} argument carries the risk that any failure * of the VPN provider could break networking for all apps. * of the VPN provider could break networking for all apps. This method clears any lockdown * whitelist set by {@link #setAlwaysOnVpnPackage(ComponentName, String, boolean, Set)}. * * @param vpnPackage The package name for an installed VPN app on the device, or {@code null} to * remove an existing always-on VPN configuration. Loading @@ -5181,11 +5183,11 @@ public class DevicePolicyManager { * @throws NameNotFoundException if {@code vpnPackage} is not installed. * @throws UnsupportedOperationException if {@code vpnPackage} exists but does not support being * set as always-on, or if always-on VPN is not available. * @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, List) * @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, Set) */ public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage, boolean lockdownEnabled) throws NameNotFoundException { setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled, Collections.emptyList()); setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled, Collections.emptySet()); } /** Loading @@ -5195,6 +5197,11 @@ public class DevicePolicyManager { * System apps can always bypass VPN. * <p> Note that the system doesn't update the whitelist when packages are installed or * uninstalled, the admin app must call this method to keep the list up to date. * <p> When {@code lockdownEnabled} is false {@code lockdownWhitelist} is ignored . When * {@code lockdownEnabled} is {@code true} and {@code lockdownWhitelist} is {@code null} or * empty, only system apps can bypass VPN. * <p> Setting always-on VPN package to {@code null} or using * {@link #setAlwaysOnVpnPackage(ComponentName, String, boolean)} clears lockdown whitelist. * * @param vpnPackage package name for an installed VPN app on the device, or {@code null} * to remove an existing always-on VPN configuration Loading @@ -5211,13 +5218,13 @@ public class DevicePolicyManager { * available. */ public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage, boolean lockdownEnabled, @Nullable List<String> lockdownWhitelist) boolean lockdownEnabled, @Nullable Set<String> lockdownWhitelist) throws NameNotFoundException { throwIfParentInstance("setAlwaysOnVpnPackage"); if (mService != null) { try { mService.setAlwaysOnVpnPackage( admin, vpnPackage, lockdownEnabled, lockdownWhitelist); mService.setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled, lockdownWhitelist == null ? null : new ArrayList<>(lockdownWhitelist)); } catch (ServiceSpecificException e) { switch (e.errorCode) { case ERROR_VPN_PACKAGE_NOT_FOUND: Loading Loading @@ -5255,7 +5262,7 @@ public class DevicePolicyManager { } /** * Called by device or profile owner to query the list of packages that are allowed to access * Called by device or profile owner to query the set of packages that are allowed to access * the network directly when always-on VPN is in lockdown mode but not connected. Returns * {@code null} when always-on VPN is not active or not in lockdown mode. * Loading @@ -5263,13 +5270,15 @@ public class DevicePolicyManager { * * @throws SecurityException if {@code admin} is not a device or a profile owner. * * @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, List) * @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, Set) */ public @Nullable List<String> getAlwaysOnVpnLockdownWhitelist(@NonNull ComponentName admin) { public @Nullable Set<String> getAlwaysOnVpnLockdownWhitelist(@NonNull ComponentName admin) { throwIfParentInstance("getAlwaysOnVpnLockdownWhitelist"); if (mService != null) { try { return mService.getAlwaysOnVpnLockdownWhitelist(admin); final List<String> whitelist = mService.getAlwaysOnVpnLockdownWhitelist(admin); return whitelist == null ? null : new HashSet<>(whitelist); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } Loading core/java/android/net/VpnService.java +13 −4 Original line number Diff line number Diff line Loading @@ -27,6 +27,8 @@ import android.annotation.UnsupportedAppUsage; import android.app.Activity; import android.app.PendingIntent; import android.app.Service; import android.app.admin.DevicePolicyManager; import android.content.ComponentName; import android.content.Context; import android.content.Intent; import android.content.pm.IPackageManager; Loading @@ -48,6 +50,7 @@ import java.net.InetAddress; import java.net.Socket; import java.util.ArrayList; import java.util.List; import java.util.Set; /** * VpnService is a base class for applications to extend and build their Loading Loading @@ -138,7 +141,7 @@ public class VpnService extends Service { * provides users with the ability to set it as always-on, so that VPN connection is * persisted after device reboot and app upgrade. Always-on VPN can also be enabled by device * owner and profile owner apps through * {@link android.app.admin.DevicePolicyManager#setAlwaysOnVpnPackage}. * {@link DevicePolicyManager#setAlwaysOnVpnPackage}. * * <p>VPN apps not supporting this feature should opt out by adding this meta-data field to the * {@code VpnService} component of {@code AndroidManifest.xml}. In case there is more than one Loading Loading @@ -370,7 +373,10 @@ public class VpnService extends Service { } /** * Returns whether the service is running in always-on VPN mode. * Returns whether the service is running in always-on VPN mode. In this mode the system ensures * that the service is always running by restarting it when necessary, e.g. after reboot. * * @see DevicePolicyManager#setAlwaysOnVpnPackage(ComponentName, String, boolean, Set) */ public final boolean isAlwaysOn() { try { Loading @@ -381,8 +387,11 @@ public class VpnService extends Service { } /** * Returns whether the service is running in always-on VPN mode blocking connections without * VPN. * Returns whether the service is running in always-on VPN lockdown mode. In this mode the * system ensures that the service is always running and that the apps aren't allowed to bypass * the VPN. * * @see DevicePolicyManager#setAlwaysOnVpnPackage(ComponentName, String, boolean, Set) */ public final boolean isLockdownEnabled() { try { Loading Loading
api/current.txt +2 −2 Original line number Diff line number Diff line Loading @@ -6623,7 +6623,7 @@ package android.app.admin { method @Nullable public String[] getAccountTypesWithManagementDisabled(); method @Nullable public java.util.List<android.content.ComponentName> getActiveAdmins(); method @NonNull public java.util.Set<java.lang.String> getAffiliationIds(@NonNull android.content.ComponentName); method @Nullable public java.util.List<java.lang.String> getAlwaysOnVpnLockdownWhitelist(@NonNull android.content.ComponentName); method @Nullable public java.util.Set<java.lang.String> getAlwaysOnVpnLockdownWhitelist(@NonNull android.content.ComponentName); method @Nullable public String getAlwaysOnVpnPackage(@NonNull android.content.ComponentName); method @WorkerThread @NonNull public android.os.Bundle getApplicationRestrictions(@Nullable android.content.ComponentName, String); method @Deprecated @Nullable public String getApplicationRestrictionsManagingPackage(@NonNull android.content.ComponentName); Loading Loading @@ -6736,7 +6736,7 @@ package android.app.admin { method public void setAccountManagementDisabled(@NonNull android.content.ComponentName, String, boolean); method public void setAffiliationIds(@NonNull android.content.ComponentName, @NonNull java.util.Set<java.lang.String>); method public void setAlwaysOnVpnPackage(@NonNull android.content.ComponentName, @Nullable String, boolean) throws android.content.pm.PackageManager.NameNotFoundException; method public void setAlwaysOnVpnPackage(@NonNull android.content.ComponentName, @Nullable String, boolean, @Nullable java.util.List<java.lang.String>) throws android.content.pm.PackageManager.NameNotFoundException; method public void setAlwaysOnVpnPackage(@NonNull android.content.ComponentName, @Nullable String, boolean, @Nullable java.util.Set<java.lang.String>) throws android.content.pm.PackageManager.NameNotFoundException; method public boolean setApplicationHidden(@NonNull android.content.ComponentName, String, boolean); method @WorkerThread public void setApplicationRestrictions(@Nullable android.content.ComponentName, String, android.os.Bundle); method @Deprecated public void setApplicationRestrictionsManagingPackage(@NonNull android.content.ComponentName, @Nullable String) throws android.content.pm.PackageManager.NameNotFoundException;
core/java/android/app/admin/DevicePolicyManager.java +19 −10 Original line number Diff line number Diff line Loading @@ -112,6 +112,7 @@ import java.security.spec.PKCS8EncodedKeySpec; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.concurrent.CompletableFuture; Loading Loading @@ -5171,7 +5172,8 @@ public class DevicePolicyManager { * </ul> * The call will fail if called with the package name of an unsupported VPN app. * <p> Enabling lockdown via {@code lockdownEnabled} argument carries the risk that any failure * of the VPN provider could break networking for all apps. * of the VPN provider could break networking for all apps. This method clears any lockdown * whitelist set by {@link #setAlwaysOnVpnPackage(ComponentName, String, boolean, Set)}. * * @param vpnPackage The package name for an installed VPN app on the device, or {@code null} to * remove an existing always-on VPN configuration. Loading @@ -5181,11 +5183,11 @@ public class DevicePolicyManager { * @throws NameNotFoundException if {@code vpnPackage} is not installed. * @throws UnsupportedOperationException if {@code vpnPackage} exists but does not support being * set as always-on, or if always-on VPN is not available. * @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, List) * @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, Set) */ public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage, boolean lockdownEnabled) throws NameNotFoundException { setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled, Collections.emptyList()); setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled, Collections.emptySet()); } /** Loading @@ -5195,6 +5197,11 @@ public class DevicePolicyManager { * System apps can always bypass VPN. * <p> Note that the system doesn't update the whitelist when packages are installed or * uninstalled, the admin app must call this method to keep the list up to date. * <p> When {@code lockdownEnabled} is false {@code lockdownWhitelist} is ignored . When * {@code lockdownEnabled} is {@code true} and {@code lockdownWhitelist} is {@code null} or * empty, only system apps can bypass VPN. * <p> Setting always-on VPN package to {@code null} or using * {@link #setAlwaysOnVpnPackage(ComponentName, String, boolean)} clears lockdown whitelist. * * @param vpnPackage package name for an installed VPN app on the device, or {@code null} * to remove an existing always-on VPN configuration Loading @@ -5211,13 +5218,13 @@ public class DevicePolicyManager { * available. */ public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage, boolean lockdownEnabled, @Nullable List<String> lockdownWhitelist) boolean lockdownEnabled, @Nullable Set<String> lockdownWhitelist) throws NameNotFoundException { throwIfParentInstance("setAlwaysOnVpnPackage"); if (mService != null) { try { mService.setAlwaysOnVpnPackage( admin, vpnPackage, lockdownEnabled, lockdownWhitelist); mService.setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled, lockdownWhitelist == null ? null : new ArrayList<>(lockdownWhitelist)); } catch (ServiceSpecificException e) { switch (e.errorCode) { case ERROR_VPN_PACKAGE_NOT_FOUND: Loading Loading @@ -5255,7 +5262,7 @@ public class DevicePolicyManager { } /** * Called by device or profile owner to query the list of packages that are allowed to access * Called by device or profile owner to query the set of packages that are allowed to access * the network directly when always-on VPN is in lockdown mode but not connected. Returns * {@code null} when always-on VPN is not active or not in lockdown mode. * Loading @@ -5263,13 +5270,15 @@ public class DevicePolicyManager { * * @throws SecurityException if {@code admin} is not a device or a profile owner. * * @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, List) * @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, Set) */ public @Nullable List<String> getAlwaysOnVpnLockdownWhitelist(@NonNull ComponentName admin) { public @Nullable Set<String> getAlwaysOnVpnLockdownWhitelist(@NonNull ComponentName admin) { throwIfParentInstance("getAlwaysOnVpnLockdownWhitelist"); if (mService != null) { try { return mService.getAlwaysOnVpnLockdownWhitelist(admin); final List<String> whitelist = mService.getAlwaysOnVpnLockdownWhitelist(admin); return whitelist == null ? null : new HashSet<>(whitelist); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } Loading
core/java/android/net/VpnService.java +13 −4 Original line number Diff line number Diff line Loading @@ -27,6 +27,8 @@ import android.annotation.UnsupportedAppUsage; import android.app.Activity; import android.app.PendingIntent; import android.app.Service; import android.app.admin.DevicePolicyManager; import android.content.ComponentName; import android.content.Context; import android.content.Intent; import android.content.pm.IPackageManager; Loading @@ -48,6 +50,7 @@ import java.net.InetAddress; import java.net.Socket; import java.util.ArrayList; import java.util.List; import java.util.Set; /** * VpnService is a base class for applications to extend and build their Loading Loading @@ -138,7 +141,7 @@ public class VpnService extends Service { * provides users with the ability to set it as always-on, so that VPN connection is * persisted after device reboot and app upgrade. Always-on VPN can also be enabled by device * owner and profile owner apps through * {@link android.app.admin.DevicePolicyManager#setAlwaysOnVpnPackage}. * {@link DevicePolicyManager#setAlwaysOnVpnPackage}. * * <p>VPN apps not supporting this feature should opt out by adding this meta-data field to the * {@code VpnService} component of {@code AndroidManifest.xml}. In case there is more than one Loading Loading @@ -370,7 +373,10 @@ public class VpnService extends Service { } /** * Returns whether the service is running in always-on VPN mode. * Returns whether the service is running in always-on VPN mode. In this mode the system ensures * that the service is always running by restarting it when necessary, e.g. after reboot. * * @see DevicePolicyManager#setAlwaysOnVpnPackage(ComponentName, String, boolean, Set) */ public final boolean isAlwaysOn() { try { Loading @@ -381,8 +387,11 @@ public class VpnService extends Service { } /** * Returns whether the service is running in always-on VPN mode blocking connections without * VPN. * Returns whether the service is running in always-on VPN lockdown mode. In this mode the * system ensures that the service is always running and that the apps aren't allowed to bypass * the VPN. * * @see DevicePolicyManager#setAlwaysOnVpnPackage(ComponentName, String, boolean, Set) */ public final boolean isLockdownEnabled() { try { Loading
