Add configuration whether to exclude local traffic in the VPN (de8c6218) · Commits · e / os / android_frameworks_base

core/java/android/net/Ikev2VpnProfile.java

+23 −5

Original line number	Diff line number	Diff line
		@@ -142,8 +142,9 @@ public final class Ikev2VpnProfile extends PlatformVpnProfile {
		boolean isBypassable,
		boolean isMetered,
		int maxMtu,
		boolean restrictToTestNetworks) {
		super(type);
		boolean restrictToTestNetworks,
		boolean excludeLocalRoutes) {
		super(type, excludeLocalRoutes);

		checkNotNull(serverAddr, MISSING_PARAM_MSG_TMPL, "Server address");
		checkNotNull(userIdentity, MISSING_PARAM_MSG_TMPL, "User Identity");
		@@ -403,7 +404,8 @@ public final class Ikev2VpnProfile extends PlatformVpnProfile {
		&& mIsBypassable == other.mIsBypassable
		&& mIsMetered == other.mIsMetered
		&& mMaxMtu == other.mMaxMtu
		&& mIsRestrictedToTestNetworks == other.mIsRestrictedToTestNetworks;
		&& mIsRestrictedToTestNetworks == other.mIsRestrictedToTestNetworks
		&& mExcludeLocalRoutes == other.mExcludeLocalRoutes;
		}

		/**
		@@ -417,7 +419,7 @@ public final class Ikev2VpnProfile extends PlatformVpnProfile {
		@NonNull
		public VpnProfile toVpnProfile() throws IOException, GeneralSecurityException {
		final VpnProfile profile = new VpnProfile("" /* Key; value unused by IKEv2VpnProfile(s) */,
		mIsRestrictedToTestNetworks);
		mIsRestrictedToTestNetworks, mExcludeLocalRoutes);
		profile.type = mType;
		profile.server = mServerAddr;
		profile.ipsecIdentifier = mUserIdentity;
		@@ -518,6 +520,8 @@ public final class Ikev2VpnProfile extends PlatformVpnProfile {
		throw new IllegalArgumentException("Invalid auth method set");
		}

		builder.setExcludeLocalRoutes(profile.excludeLocalRoutes);

		return builder.build();
		}

		@@ -657,6 +661,7 @@ public final class Ikev2VpnProfile extends PlatformVpnProfile {
		private boolean mIsMetered = true;
		private int mMaxMtu = PlatformVpnProfile.MAX_MTU_DEFAULT;
		private boolean mIsRestrictedToTestNetworks = false;
		private boolean mExcludeLocalRoutes = false;

		/**
		* Creates a new builder with the basic parameters of an IKEv2/IPsec VPN.
		@@ -901,6 +906,18 @@ public final class Ikev2VpnProfile extends PlatformVpnProfile {
		return this;
		}

		/**
		* Sets whether the local traffic is exempted from the VPN.
		*
		* @hide TODO(184750836): unhide once the implementation is completed
		*/
		@NonNull
		@RequiresFeature(PackageManager.FEATURE_IPSEC_TUNNELS)
		public Builder setExcludeLocalRoutes(boolean excludeLocalRoutes) {
		mExcludeLocalRoutes = excludeLocalRoutes;
		return this;
		}

		/**
		* Validates, builds and provisions the VpnProfile.
		*
		@@ -924,7 +941,8 @@ public final class Ikev2VpnProfile extends PlatformVpnProfile {
		mIsBypassable,
		mIsMetered,
		mMaxMtu,
		mIsRestrictedToTestNetworks);
		mIsRestrictedToTestNetworks,
		mExcludeLocalRoutes);
		}
		}
		}

core/java/android/net/PlatformVpnProfile.java

+16 −1

Original line number	Diff line number	Diff line
		@@ -66,15 +66,30 @@ public abstract class PlatformVpnProfile {
		@PlatformVpnType protected final int mType;

		/** @hide */
		PlatformVpnProfile(@PlatformVpnType int type) {
		protected final boolean mExcludeLocalRoutes;

		/** @hide */
		PlatformVpnProfile(@PlatformVpnType int type, boolean excludeLocalRoutes) {
		mType = type;
		mExcludeLocalRoutes = excludeLocalRoutes;
		}

		/** Returns the profile integer type. */
		@PlatformVpnType
		public final int getType() {
		return mType;
		}


		/**
		* Returns if the local traffic is exempted from the VPN.
		*
		* @hide TODO(184750836): unhide once the implementation is completed
		*/
		public final boolean getExcludeLocalRoutes() {
		return mExcludeLocalRoutes;
		}

		/** Returns a type string describing the VPN profile type */
		@NonNull
		public final String getTypeString() {

core/java/com/android/internal/net/VpnProfile.java

+26 −5

Original line number	Diff line number	Diff line
		@@ -143,17 +143,24 @@ public final class VpnProfile implements Cloneable, Parcelable {
		public boolean areAuthParamsInline = false; // 23
		public final boolean isRestrictedToTestNetworks; // 24

		public final boolean excludeLocalRoutes; // 25

		// Helper fields.
		@UnsupportedAppUsage
		public transient boolean saveLogin = false;

		public VpnProfile(String key) {
		this(key, false);
		this(key, false, false);
		}

		public VpnProfile(String key, boolean isRestrictedToTestNetworks) {
		this(key, isRestrictedToTestNetworks, false);
		}

		public VpnProfile(String key, boolean isRestrictedToTestNetworks, boolean excludeLocalRoutes) {
		this.key = key;
		this.isRestrictedToTestNetworks = isRestrictedToTestNetworks;
		this.excludeLocalRoutes = excludeLocalRoutes;
		}

		@UnsupportedAppUsage
		@@ -183,6 +190,7 @@ public final class VpnProfile implements Cloneable, Parcelable {
		maxMtu = in.readInt();
		areAuthParamsInline = in.readBoolean();
		isRestrictedToTestNetworks = in.readBoolean();
		excludeLocalRoutes = in.readBoolean();
		}

		/**
		@@ -230,6 +238,7 @@ public final class VpnProfile implements Cloneable, Parcelable {
		out.writeInt(maxMtu);
		out.writeBoolean(areAuthParamsInline);
		out.writeBoolean(isRestrictedToTestNetworks);
		out.writeBoolean(excludeLocalRoutes);
		}

		/**
		@@ -249,8 +258,9 @@ public final class VpnProfile implements Cloneable, Parcelable {
		// 14-19: Standard profile, with option for serverCert, proxy
		// 24: Standard profile with serverCert, proxy and platform-VPN parameters
		// 25: Standard profile with platform-VPN parameters and isRestrictedToTestNetworks
		// 26: Standard profile with platform-VPN parameters and excludeLocalRoutes
		if ((values.length < 14 \|\| values.length > 19)
		&& values.length != 24 && values.length != 25) {
		&& values.length != 24 && values.length != 25 && values.length != 26) {
		return null;
		}

		@@ -261,7 +271,15 @@ public final class VpnProfile implements Cloneable, Parcelable {
		isRestrictedToTestNetworks = false;
		}

		VpnProfile profile = new VpnProfile(key, isRestrictedToTestNetworks);
		final boolean excludeLocalRoutes;
		if (values.length >= 26) {
		excludeLocalRoutes = Boolean.parseBoolean(values[25]);
		} else {
		excludeLocalRoutes = false;
		}

		VpnProfile profile = new VpnProfile(key, isRestrictedToTestNetworks,
		excludeLocalRoutes);
		profile.name = values[0];
		profile.type = Integer.parseInt(values[1]);
		if (profile.type < 0 \|\| profile.type > TYPE_MAX) {
		@@ -371,6 +389,8 @@ public final class VpnProfile implements Cloneable, Parcelable {
		builder.append(VALUE_DELIMITER).append(areAuthParamsInline);
		builder.append(VALUE_DELIMITER).append(isRestrictedToTestNetworks);

		builder.append(VALUE_DELIMITER).append(excludeLocalRoutes);

		return builder.toString().getBytes(StandardCharsets.UTF_8);
		}

		@@ -451,7 +471,7 @@ public final class VpnProfile implements Cloneable, Parcelable {
		key, type, server, username, password, dnsServers, searchDomains, routes, mppe,
		l2tpSecret, ipsecIdentifier, ipsecSecret, ipsecUserCert, ipsecCaCert, ipsecServerCert,
		proxy, mAllowedAlgorithms, isBypassable, isMetered, maxMtu, areAuthParamsInline,
		isRestrictedToTestNetworks);
		isRestrictedToTestNetworks, excludeLocalRoutes);
		}

		/** Checks VPN profiles for interior equality. */
		@@ -484,7 +504,8 @@ public final class VpnProfile implements Cloneable, Parcelable {
		&& isMetered == other.isMetered
		&& maxMtu == other.maxMtu
		&& areAuthParamsInline == other.areAuthParamsInline
		&& isRestrictedToTestNetworks == other.isRestrictedToTestNetworks;
		&& isRestrictedToTestNetworks == other.isRestrictedToTestNetworks
		&& excludeLocalRoutes == other.excludeLocalRoutes;
		}

		@NonNull