Example 1 with NetworkAgent
use of android.net.NetworkAgent in project android_frameworks_base by DirtyUnicorns.
the class Vpn method establish.
/**
* Establish a VPN network and return the file descriptor of the VPN
* interface. This methods returns {@code null} if the application is
* revoked or not prepared.
*
* @param config The parameters to configure the network.
* @return The file descriptor of the VPN interface.
*/
public synchronized ParcelFileDescriptor establish(VpnConfig config) {
// Check if the caller is already prepared.
UserManager mgr = UserManager.get(mContext);
if (Binder.getCallingUid() != mOwnerUID) {
return null;
}
// Check to ensure consent hasn't been revoked since we were prepared.
if (!isVpnUserPreConsented(mPackage)) {
return null;
}
// Check if the service is properly declared.
Intent intent = new Intent(VpnConfig.SERVICE_INTERFACE);
intent.setClassName(mPackage, config.user);
long token = Binder.clearCallingIdentity();
try {
// Restricted users are not allowed to create VPNs, they are tied to Owner
UserInfo user = mgr.getUserInfo(mUserHandle);
if (user.isRestricted()) {
throw new SecurityException("Restricted users cannot establish VPNs");
}
ResolveInfo info = AppGlobals.getPackageManager().resolveService(intent, null, 0, mUserHandle);
if (info == null) {
throw new SecurityException("Cannot find " + config.user);
}
if (!BIND_VPN_SERVICE.equals(info.serviceInfo.permission)) {
throw new SecurityException(config.user + " does not require " + BIND_VPN_SERVICE);
}
} catch (RemoteException e) {
throw new SecurityException("Cannot find " + config.user);
} finally {
Binder.restoreCallingIdentity(token);
}
// Save the old config in case we need to go back.
VpnConfig oldConfig = mConfig;
String oldInterface = mInterface;
Connection oldConnection = mConnection;
NetworkAgent oldNetworkAgent = mNetworkAgent;
mNetworkAgent = null;
Set<UidRange> oldUsers = mVpnUsers;
// Configure the interface. Abort if any of these steps fails.
ParcelFileDescriptor tun = ParcelFileDescriptor.adoptFd(jniCreate(config.mtu));
try {
updateState(DetailedState.CONNECTING, "establish");
String interfaze = jniGetName(tun.getFd());
// TEMP use the old jni calls until there is support for netd address setting
StringBuilder builder = new StringBuilder();
for (LinkAddress address : config.addresses) {
builder.append(" " + address);
}
if (jniSetAddresses(interfaze, builder.toString()) < 1) {
throw new IllegalArgumentException("At least one address must be specified");
}
Connection connection = new Connection();
if (!mContext.bindServiceAsUser(intent, connection, Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE, new UserHandle(mUserHandle))) {
throw new IllegalStateException("Cannot bind " + config.user);
}
mConnection = connection;
mInterface = interfaze;
// Fill more values.
config.user = mPackage;
config.interfaze = mInterface;
config.startTime = SystemClock.elapsedRealtime();
mConfig = config;
// Set up forwarding and DNS rules.
agentConnect();
if (oldConnection != null) {
mContext.unbindService(oldConnection);
}
// Remove the old tun's user forwarding rules
// The new tun's user rules have already been added so they will take over
// as rules are deleted. This prevents data leakage as the rules are moved over.
agentDisconnect(oldNetworkAgent);
if (oldInterface != null && !oldInterface.equals(interfaze)) {
jniReset(oldInterface);
}
try {
IoUtils.setBlocking(tun.getFileDescriptor(), config.blocking);
} catch (IOException e) {
throw new IllegalStateException("Cannot set tunnel's fd as blocking=" + config.blocking, e);
}
} catch (RuntimeException e) {
IoUtils.closeQuietly(tun);
agentDisconnect();
// restore old state
mConfig = oldConfig;
mConnection = oldConnection;
mVpnUsers = oldUsers;
mNetworkAgent = oldNetworkAgent;
mInterface = oldInterface;
throw e;
}
Log.i(TAG, "Established by " + config.user + " on " + mInterface);
return tun;
}
Also used :
LinkAddress(android.net.LinkAddress)
NetworkAgent(android.net.NetworkAgent)
VpnConfig(com.android.internal.net.VpnConfig)
UidRange(android.net.UidRange)
ServiceConnection(android.content.ServiceConnection)
PendingIntent(android.app.PendingIntent)
Intent(android.content.Intent)
UserInfo(android.content.pm.UserInfo)
IOException(java.io.IOException)
ResolveInfo(android.content.pm.ResolveInfo)
UserManager(android.os.UserManager)
UserHandle(android.os.UserHandle)
ParcelFileDescriptor(android.os.ParcelFileDescriptor)
RemoteException(android.os.RemoteException)
Example 2 with NetworkAgent
use of android.net.NetworkAgent in project platform_frameworks_base by android.
the class Vpn method establish.
/**
* Establish a VPN network and return the file descriptor of the VPN
* interface. This methods returns {@code null} if the application is
* revoked or not prepared.
*
* @param config The parameters to configure the network.
* @return The file descriptor of the VPN interface.
*/
public synchronized ParcelFileDescriptor establish(VpnConfig config) {
// Check if the caller is already prepared.
UserManager mgr = UserManager.get(mContext);
if (Binder.getCallingUid() != mOwnerUID) {
return null;
}
// Check to ensure consent hasn't been revoked since we were prepared.
if (!isVpnUserPreConsented(mPackage)) {
return null;
}
// Check if the service is properly declared.
Intent intent = new Intent(VpnConfig.SERVICE_INTERFACE);
intent.setClassName(mPackage, config.user);
long token = Binder.clearCallingIdentity();
try {
// Restricted users are not allowed to create VPNs, they are tied to Owner
UserInfo user = mgr.getUserInfo(mUserHandle);
if (user.isRestricted()) {
throw new SecurityException("Restricted users cannot establish VPNs");
}
ResolveInfo info = AppGlobals.getPackageManager().resolveService(intent, null, 0, mUserHandle);
if (info == null) {
throw new SecurityException("Cannot find " + config.user);
}
if (!BIND_VPN_SERVICE.equals(info.serviceInfo.permission)) {
throw new SecurityException(config.user + " does not require " + BIND_VPN_SERVICE);
}
} catch (RemoteException e) {
throw new SecurityException("Cannot find " + config.user);
} finally {
Binder.restoreCallingIdentity(token);
}
// Save the old config in case we need to go back.
VpnConfig oldConfig = mConfig;
String oldInterface = mInterface;
Connection oldConnection = mConnection;
NetworkAgent oldNetworkAgent = mNetworkAgent;
mNetworkAgent = null;
Set<UidRange> oldUsers = mVpnUsers;
// Configure the interface. Abort if any of these steps fails.
ParcelFileDescriptor tun = ParcelFileDescriptor.adoptFd(jniCreate(config.mtu));
try {
updateState(DetailedState.CONNECTING, "establish");
String interfaze = jniGetName(tun.getFd());
// TEMP use the old jni calls until there is support for netd address setting
StringBuilder builder = new StringBuilder();
for (LinkAddress address : config.addresses) {
builder.append(" " + address);
}
if (jniSetAddresses(interfaze, builder.toString()) < 1) {
throw new IllegalArgumentException("At least one address must be specified");
}
Connection connection = new Connection();
if (!mContext.bindServiceAsUser(intent, connection, Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE, new UserHandle(mUserHandle))) {
throw new IllegalStateException("Cannot bind " + config.user);
}
mConnection = connection;
mInterface = interfaze;
// Fill more values.
config.user = mPackage;
config.interfaze = mInterface;
config.startTime = SystemClock.elapsedRealtime();
mConfig = config;
// Set up forwarding and DNS rules.
agentConnect();
if (oldConnection != null) {
mContext.unbindService(oldConnection);
}
// Remove the old tun's user forwarding rules
// The new tun's user rules have already been added so they will take over
// as rules are deleted. This prevents data leakage as the rules are moved over.
agentDisconnect(oldNetworkAgent);
if (oldInterface != null && !oldInterface.equals(interfaze)) {
jniReset(oldInterface);
}
try {
IoUtils.setBlocking(tun.getFileDescriptor(), config.blocking);
} catch (IOException e) {
throw new IllegalStateException("Cannot set tunnel's fd as blocking=" + config.blocking, e);
}
} catch (RuntimeException e) {
IoUtils.closeQuietly(tun);
agentDisconnect();
// restore old state
mConfig = oldConfig;
mConnection = oldConnection;
mVpnUsers = oldUsers;
mNetworkAgent = oldNetworkAgent;
mInterface = oldInterface;
throw e;
}
Log.i(TAG, "Established by " + config.user + " on " + mInterface);
return tun;
}
Also used :
LinkAddress(android.net.LinkAddress)
NetworkAgent(android.net.NetworkAgent)
VpnConfig(com.android.internal.net.VpnConfig)
UidRange(android.net.UidRange)
ServiceConnection(android.content.ServiceConnection)
PendingIntent(android.app.PendingIntent)
Intent(android.content.Intent)
UserInfo(android.content.pm.UserInfo)
IOException(java.io.IOException)
ResolveInfo(android.content.pm.ResolveInfo)
UserManager(android.os.UserManager)
UserHandle(android.os.UserHandle)
ParcelFileDescriptor(android.os.ParcelFileDescriptor)
RemoteException(android.os.RemoteException)
Example 3 with NetworkAgent
use of android.net.NetworkAgent in project android_frameworks_base by AOSPA.
the class Vpn method agentConnect.
private void agentConnect() {
LinkProperties lp = makeLinkProperties();
if (lp.hasIPv4DefaultRoute() || lp.hasIPv6DefaultRoute()) {
mNetworkCapabilities.addCapability(NetworkCapabilities.NET_CAPABILITY_INTERNET);
} else {
mNetworkCapabilities.removeCapability(NetworkCapabilities.NET_CAPABILITY_INTERNET);
}
mNetworkInfo.setDetailedState(DetailedState.CONNECTING, null, null);
NetworkMisc networkMisc = new NetworkMisc();
networkMisc.allowBypass = mConfig.allowBypass && !mLockdown;
long token = Binder.clearCallingIdentity();
try {
mNetworkAgent = new NetworkAgent(mLooper, mContext, NETWORKTYPE, mNetworkInfo, mNetworkCapabilities, lp, 0, networkMisc) {
@Override
public void unwanted() {
// We are user controlled, not driven by NetworkRequest.
}
};
} finally {
Binder.restoreCallingIdentity(token);
}
mVpnUsers = createUserAndRestrictedProfilesRanges(mUserHandle, mConfig.allowedApplications, mConfig.disallowedApplications);
mNetworkAgent.addUidRanges(mVpnUsers.toArray(new UidRange[mVpnUsers.size()]));
mNetworkInfo.setIsAvailable(true);
updateState(DetailedState.CONNECTED, "agentConnect");
}
Also used :
NetworkMisc(android.net.NetworkMisc)
NetworkAgent(android.net.NetworkAgent)
UidRange(android.net.UidRange)
LinkProperties(android.net.LinkProperties)
Example 4 with NetworkAgent
use of android.net.NetworkAgent in project platform_frameworks_base by android.
the class Vpn method agentConnect.
private void agentConnect() {
LinkProperties lp = makeLinkProperties();
if (lp.hasIPv4DefaultRoute() || lp.hasIPv6DefaultRoute()) {
mNetworkCapabilities.addCapability(NetworkCapabilities.NET_CAPABILITY_INTERNET);
} else {
mNetworkCapabilities.removeCapability(NetworkCapabilities.NET_CAPABILITY_INTERNET);
}
mNetworkInfo.setDetailedState(DetailedState.CONNECTING, null, null);
NetworkMisc networkMisc = new NetworkMisc();
networkMisc.allowBypass = mConfig.allowBypass && !mLockdown;
long token = Binder.clearCallingIdentity();
try {
mNetworkAgent = new NetworkAgent(mLooper, mContext, NETWORKTYPE, mNetworkInfo, mNetworkCapabilities, lp, 0, networkMisc) {
@Override
public void unwanted() {
// We are user controlled, not driven by NetworkRequest.
}
};
} finally {
Binder.restoreCallingIdentity(token);
}
mVpnUsers = createUserAndRestrictedProfilesRanges(mUserHandle, mConfig.allowedApplications, mConfig.disallowedApplications);
mNetworkAgent.addUidRanges(mVpnUsers.toArray(new UidRange[mVpnUsers.size()]));
mNetworkInfo.setIsAvailable(true);
updateState(DetailedState.CONNECTED, "agentConnect");
}
Also used :
NetworkMisc(android.net.NetworkMisc)
NetworkAgent(android.net.NetworkAgent)
UidRange(android.net.UidRange)
LinkProperties(android.net.LinkProperties)
Example 5 with NetworkAgent
use of android.net.NetworkAgent in project android_frameworks_base by DirtyUnicorns.
the class Vpn method agentConnect.
private void agentConnect() {
LinkProperties lp = makeLinkProperties();
if (lp.hasIPv4DefaultRoute() || lp.hasIPv6DefaultRoute()) {
mNetworkCapabilities.addCapability(NetworkCapabilities.NET_CAPABILITY_INTERNET);
} else {
mNetworkCapabilities.removeCapability(NetworkCapabilities.NET_CAPABILITY_INTERNET);
}
mNetworkInfo.setDetailedState(DetailedState.CONNECTING, null, null);
NetworkMisc networkMisc = new NetworkMisc();
networkMisc.allowBypass = mConfig.allowBypass && !mLockdown;
long token = Binder.clearCallingIdentity();
try {
mNetworkAgent = new NetworkAgent(mLooper, mContext, NETWORKTYPE, mNetworkInfo, mNetworkCapabilities, lp, 0, networkMisc) {
@Override
public void unwanted() {
// We are user controlled, not driven by NetworkRequest.
}
};
} finally {
Binder.restoreCallingIdentity(token);
}
mVpnUsers = createUserAndRestrictedProfilesRanges(mUserHandle, mConfig.allowedApplications, mConfig.disallowedApplications);
mNetworkAgent.addUidRanges(mVpnUsers.toArray(new UidRange[mVpnUsers.size()]));
mNetworkInfo.setIsAvailable(true);
updateState(DetailedState.CONNECTED, "agentConnect");
}
Also used :
NetworkMisc(android.net.NetworkMisc)
NetworkAgent(android.net.NetworkAgent)
UidRange(android.net.UidRange)
LinkProperties(android.net.LinkProperties)
Aggregations
NetworkAgent (android.net.NetworkAgent)10
UidRange (android.net.UidRange)10
PendingIntent (android.app.PendingIntent)5
Intent (android.content.Intent)5
ServiceConnection (android.content.ServiceConnection)5
ResolveInfo (android.content.pm.ResolveInfo)5
UserInfo (android.content.pm.UserInfo)5
LinkAddress (android.net.LinkAddress)5
LinkProperties (android.net.LinkProperties)5
NetworkMisc (android.net.NetworkMisc)5
ParcelFileDescriptor (android.os.ParcelFileDescriptor)5
RemoteException (android.os.RemoteException)5
UserHandle (android.os.UserHandle)5
UserManager (android.os.UserManager)5
VpnConfig (com.android.internal.net.VpnConfig)5
IOException (java.io.IOException)5
