diff options
| -rw-r--r-- | core/java/android/net/VpnManager.java | 4 | ||||
| -rw-r--r-- | core/java/com/android/internal/net/VpnProfile.java | 13 | ||||
| -rw-r--r-- | services/core/java/com/android/server/VpnManagerService.java | 10 |
3 files changed, 22 insertions, 5 deletions
diff --git a/core/java/android/net/VpnManager.java b/core/java/android/net/VpnManager.java index 662ebb356f4c..5c2855307509 100644 --- a/core/java/android/net/VpnManager.java +++ b/core/java/android/net/VpnManager.java @@ -389,6 +389,10 @@ public class VpnManager { /** * Starts a legacy VPN. + * + * Legacy VPN is deprecated starting from Android S. So this API shouldn't be called if the + * initial SDK version of device is Android S+. Otherwise, UnsupportedOperationException will be + * thrown. * @hide */ public void startLegacyVpn(VpnProfile profile) { diff --git a/core/java/com/android/internal/net/VpnProfile.java b/core/java/com/android/internal/net/VpnProfile.java index 6e1d3ce9a297..5f84b5a92305 100644 --- a/core/java/com/android/internal/net/VpnProfile.java +++ b/core/java/com/android/internal/net/VpnProfile.java @@ -377,12 +377,15 @@ public final class VpnProfile implements Cloneable, Parcelable { /** Checks if this profile specifies a LegacyVpn type. */ public static boolean isLegacyType(int type) { switch (type) { - case VpnProfile.TYPE_IKEV2_IPSEC_USER_PASS: // fall through - case VpnProfile.TYPE_IKEV2_IPSEC_RSA: // fall through - case VpnProfile.TYPE_IKEV2_IPSEC_PSK: - return false; - default: + case VpnProfile.TYPE_PPTP: + case VpnProfile.TYPE_L2TP_IPSEC_PSK: + case VpnProfile.TYPE_L2TP_IPSEC_RSA: + case VpnProfile.TYPE_IPSEC_XAUTH_PSK: + case VpnProfile.TYPE_IPSEC_XAUTH_RSA: + case VpnProfile.TYPE_IPSEC_HYBRID_RSA: return true; + default: + return false; } } diff --git a/services/core/java/com/android/server/VpnManagerService.java b/services/core/java/com/android/server/VpnManagerService.java index 26ecee8f21ab..d483f1863258 100644 --- a/services/core/java/com/android/server/VpnManagerService.java +++ b/services/core/java/com/android/server/VpnManagerService.java @@ -38,6 +38,7 @@ import android.net.VpnManager; import android.net.VpnService; import android.net.util.NetdService; import android.os.Binder; +import android.os.Build; import android.os.Handler; import android.os.HandlerThread; import android.os.INetworkManagementService; @@ -348,9 +349,18 @@ public class VpnManagerService extends IVpnManager.Stub { /** * Start legacy VPN, controlling native daemons as needed. Creates a * secondary thread to perform connection work, returning quickly. + * + * Legacy VPN is deprecated starting from Android S. So this API shouldn't be called if the + * initial SDK version of device is Android S+. Otherwise, UnsupportedOperationException will be + * thrown. */ + @SuppressWarnings("AndroidFrameworkCompatChange") // This is not an app-visible API. @Override public void startLegacyVpn(VpnProfile profile) { + if (Build.VERSION.DEVICE_INITIAL_SDK_INT >= Build.VERSION_CODES.S + && VpnProfile.isLegacyType(profile.type)) { + throw new UnsupportedOperationException("Legacy VPN is deprecated"); + } int user = UserHandle.getUserId(mDeps.getCallingUid()); // Note that if the caller is not system (uid >= Process.FIRST_APPLICATION_UID), // the code might not work well since getActiveNetwork might return null if the uid is |