Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dc67971a authored by Robin Lee's avatar Robin Lee
Browse files

Add lockdownEnabled parameter to always-on VPN API

Allows callers to opt-out of blockading network traffic during boot and
on VPN app failure.

Bug: 26694104
Change-Id: Ibfbd43ad09a25f2e38053fcd6306df3711f8bde2
parent 7544ac22
Loading
Loading
Loading
Loading
+1 −1
Original line number Original line Diff line number Diff line
@@ -5965,7 +5965,7 @@ package android.app.admin {
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrievePreRebootSecurityLogs(android.content.ComponentName);
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrievePreRebootSecurityLogs(android.content.ComponentName);
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
    method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
    method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
    method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
    method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String, boolean) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
    method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
    method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
    method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
    method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
    method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;
    method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;
+1 −1
Original line number Original line Diff line number Diff line
@@ -6126,7 +6126,7 @@ package android.app.admin {
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
    method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
    method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
    method public deprecated boolean setActiveProfileOwner(android.content.ComponentName, java.lang.String) throws java.lang.IllegalArgumentException;
    method public deprecated boolean setActiveProfileOwner(android.content.ComponentName, java.lang.String) throws java.lang.IllegalArgumentException;
    method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
    method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String, boolean) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
    method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
    method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
    method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
    method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
    method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;
    method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;
+1 −1
Original line number Original line Diff line number Diff line
@@ -5969,7 +5969,7 @@ package android.app.admin {
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrievePreRebootSecurityLogs(android.content.ComponentName);
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrievePreRebootSecurityLogs(android.content.ComponentName);
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
    method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
    method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
    method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
    method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
    method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String, boolean) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
    method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
    method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
    method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
    method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
    method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;
    method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;
+20 −3
Original line number Original line Diff line number Diff line
@@ -2996,6 +2996,19 @@ public class DevicePolicyManager {
        return null;
        return null;
    }
    }


    /**
     * Called by a device or profile owner to configure an always-on VPN connection through a
     * specific application for the current user.
     *
     * @deprecated this version only exists for compability with previous developer preview builds.
     *             TODO: delete once there are no longer any live references.
     * @hide
     */
    public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage)
            throws NameNotFoundException, UnsupportedOperationException {
        setAlwaysOnVpnPackage(admin, vpnPackage, /* lockdownEnabled */ true);
    }

    /**
    /**
     * Called by a device or profile owner to configure an always-on VPN connection through a
     * Called by a device or profile owner to configure an always-on VPN connection through a
     * specific application for the current user. This connection is automatically granted and
     * specific application for the current user. This connection is automatically granted and
@@ -3007,6 +3020,9 @@ public class DevicePolicyManager {
     *
     *
     * @param vpnPackage The package name for an installed VPN app on the device, or {@code null} to
     * @param vpnPackage The package name for an installed VPN app on the device, or {@code null} to
     *        remove an existing always-on VPN configuration.
     *        remove an existing always-on VPN configuration.
     * @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or
     *        {@code false} otherwise. This carries the risk that any failure of the VPN provider
     *        could break networking for all apps. This has no effect when clearing.
     * @return {@code true} if the package is set as always-on VPN controller; {@code false}
     * @return {@code true} if the package is set as always-on VPN controller; {@code false}
     *         otherwise.
     *         otherwise.
     * @throws SecurityException if {@code admin} is not a device or a profile owner.
     * @throws SecurityException if {@code admin} is not a device or a profile owner.
@@ -3014,12 +3030,13 @@ public class DevicePolicyManager {
     * @throws UnsupportedOperationException if {@code vpnPackage} exists but does not support being
     * @throws UnsupportedOperationException if {@code vpnPackage} exists but does not support being
     *         set as always-on, or if always-on VPN is not available.
     *         set as always-on, or if always-on VPN is not available.
     */
     */
    public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage)
    public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage,
            boolean lockdownEnabled)
            throws NameNotFoundException, UnsupportedOperationException {
            throws NameNotFoundException, UnsupportedOperationException {
        throwIfParentInstance("setAlwaysOnVpnPackage");
        throwIfParentInstance("setAlwaysOnVpnPackage");
        if (mService != null) {
        if (mService != null) {
            try {
            try {
                if (!mService.setAlwaysOnVpnPackage(admin, vpnPackage)) {
                if (!mService.setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled)) {
                    throw new NameNotFoundException(vpnPackage);
                    throw new NameNotFoundException(vpnPackage);
                }
                }
            } catch (RemoteException e) {
            } catch (RemoteException e) {
+1 −1
Original line number Original line Diff line number Diff line
@@ -157,7 +157,7 @@ interface IDevicePolicyManager {
    void setCertInstallerPackage(in ComponentName who, String installerPackage);
    void setCertInstallerPackage(in ComponentName who, String installerPackage);
    String getCertInstallerPackage(in ComponentName who);
    String getCertInstallerPackage(in ComponentName who);


    boolean setAlwaysOnVpnPackage(in ComponentName who, String vpnPackage);
    boolean setAlwaysOnVpnPackage(in ComponentName who, String vpnPackage, boolean lockdown);
    String getAlwaysOnVpnPackage(in ComponentName who);
    String getAlwaysOnVpnPackage(in ComponentName who);


    void addPersistentPreferredActivity(in ComponentName admin, in IntentFilter filter, in ComponentName activity);
    void addPersistentPreferredActivity(in ComponentName admin, in IntentFilter filter, in ComponentName activity);
Loading