Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 633f0e87 authored by Sreeram Ramachandran's avatar Sreeram Ramachandran
Browse files

Let VpnService specify a white/black list of apps that are allowed access. 

New API with stub implementation to be filled out later.

Bug: 13651397
Change-Id: Ibabd6c22495ce58dc88142bb958c1ef12adcf78e
parent 1e2554b9

api/current.txt

+3 −1
Original line number Diff line number Diff line
@@ -852,7 +852,7 @@ package android { 
    field public static final int mirrorForRtl = 16843726; // 0x10103ce

    field public static final int mode = 16843134; // 0x101017e

    field public static final int moreIcon = 16843061; // 0x1010135

    field public static final int multiArch = 16843918; // 0x101048e

    field public static final int multiArch = 16843919; // 0x101048f

    field public static final int multiprocess = 16842771; // 0x1010013

    field public static final int name = 16842755; // 0x1010003

    field public static final int navigationBarColor = 16843860; // 0x1010454
@@ -16841,6 +16841,8 @@ package android.net { 
    ctor public VpnService.Builder();

    method public android.net.VpnService.Builder addAddress(java.net.InetAddress, int);

    method public android.net.VpnService.Builder addAddress(java.lang.String, int);

    method public android.net.VpnService.Builder addAllowedApplication(java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;

    method public android.net.VpnService.Builder addDisallowedApplication(java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;

    method public android.net.VpnService.Builder addDnsServer(java.net.InetAddress);

    method public android.net.VpnService.Builder addDnsServer(java.lang.String);

    method public android.net.VpnService.Builder addRoute(java.net.InetAddress, int);

core/java/android/net/VpnService.java

+52 −0
Original line number Diff line number Diff line
@@ -24,6 +24,7 @@ import android.app.PendingIntent; 
import android.app.Service;

import android.content.Context;

import android.content.Intent;

import android.content.pm.PackageManager;

import android.net.NetworkUtils;

import android.os.Binder;

import android.os.IBinder;
@@ -500,6 +501,57 @@ public class VpnService extends Service { 
            return this;

        }



        /**

         * Adds an application that's allowed to access the VPN connection.

         *

         * If this method is called at least once, only applications added through this method (and

         * no others) are allowed access. Else (if this method is never called), all applications

         * are allowed by default.

         *

         * A {@link Builder} may have only a set of allowed applications OR a set of disallowed

         * ones, but not both. Calling this method after {@link #addDisallowedApplication} has

         * already been called, or vice versa, will throw an {@link UnsupportedOperationException}.

         *

         * {@code packageName} must be the canonical name of a currently installed application.

         * {@link PackageManager.NameNotFoundException} is thrown if there's no such application.

         *

         * @throws {@link PackageManager.NameNotFoundException} If the application isn't installed.

         *

         * @param packageName The full name (e.g.: "com.google.apps.contacts") of an application.

         *

         * @return this {@link Builder} object to facilitate chaining method calls.

         */

        public Builder addAllowedApplication(String packageName)

                throws PackageManager.NameNotFoundException {

            // TODO

            return this;

        }



        /**

         * Adds an application that's denied access to the VPN connection.

         *

         * By default, all applications are allowed access, except for those denied through this

         * method.

         *

         * A {@link Builder} may have only a set of allowed applications OR a set of disallowed

         * ones, but not both. Calling this method after {@link #addAllowedApplication} has already

         * been called, or vice versa, will throw an {@link UnsupportedOperationException}.

         *

         * {@code packageName} must be the canonical name of a currently installed application.

         * {@link PackageManager.NameNotFoundException} is thrown if there's no such application.

         *

         * @throws {@link PackageManager.NameNotFoundException} If the application isn't installed.

         *

         * @param packageName The full name (e.g.: "com.google.apps.contacts") of an application.

         *

         * @return this {@link Builder} object to facilitate chaining method calls.

         */

        public Builder addDisallowedApplication(String packageName)

                throws PackageManager.NameNotFoundException {

            // TODO

            return this;

        }



        /**

         * Create a VPN interface using the parameters supplied to this

         * builder. The interface works on IP packets, and a file descriptor