| Age | Commit message (Collapse) | Author |
|---|
|
This change addresses the issue of some applications using tapjack
attacks to trick users into disconnecting the VPN connection.
Bug: 182806691
Test: manually check that the VPN dialog is not being overlaid by
windows from the PoC application.
Change-Id: I03e600dec306af8b7d4c7ec024a5903f4591d9b4
|
|
This commit will try to sanitize the content of VpnDialog. This
commit creates a function which will try to sanitize the VPN
label, if the sanitized VPN label is different from the original
one, which means the VPN label might contain HTML tag or the VPN
label violates the words restriction(may contain some wording
which will mislead the user). For this kind of case, show the
package name instead of the VPN label to prevent misleading the
user.
The malicious VPN app might be able to add a large number of line
breaks with HTML in order to hide the system-displayed text from
the user in the connection request dialog. Thus, sanitizing the
content of the dialog is needed.
Bug: 204554636
Test: atest VpnDialogsTests
Change-Id: I8eb890fd2e5797d8d6ab5b12f9c628bc9616081d
|
|
1. Stop using ConnectivityManager for VPNs in VpnDialogs.
2. Delete updateLockdownVpn, since all callers have been migrated
to calling VpnManager directly.
3. Delete the call to VpnManager in factoryReset, since the only
caller (ResetNetworkConfirm) has been updated to call into
VpnManager directly.
4. Delete getVpnManager, since it is now unused.
This reverts commit 51bf8e979eddcf9c8b3d2a8a96d49ed52aa7f8b6.
Reason for revert: should be safe to submit now that aosp/1596096 is merged
Bug: 173331190
Test: treehugger
Change-Id: Ife3607c024006ce4fe46c981e9742170becb6331
|
|
This reverts commit 279b79f062b2fe79e9a18620281da872f7f99a20.
Bug: 180710918
Reason for revert: Broken build
Change-Id: I6e6318b4c01ccab27ca3e9f16bb2194aa1d9ffd2
|
|
1. Stop using ConnectivityManager for VPNs in VpnDialogs.
2. Delete updateLockdownVpn, since all callers have been migrated
to calling VpnManager directly.
3. Delete the call to VpnManager in factoryReset, since the only
caller (ResetNetworkConfirm) has been updated to call into
VpnManager directly.
4. Delete getVpnManager, since it is now unused.
Test: m
Bug: 173331190
Change-Id: I5d071281c0e36f6523fea10671a9abf994c66d66
|
|
The VPN code is moving out of ConnectivityService to a new
VpnManagerService. Update VpnDialogs to call into the new
service.
Bug: 173331190
Test: builds, boots
Test: atest HostsideVpnTests
Change-Id: I173ed0c3e39afb91c0dde1426dc492e9225afb00
|
|
This change adds a new VPN user consent flow (using the same text) for
granting the lesser OP_ACTIVATE_PLATFORM_VPN. A new
PlatformVpnConfirmDialog is created as a subclass to preserve all logic,
but ensure the right appop is granted for the relevant dialog.
Intent extras were considered, but are inherently unsafe, since the
caller may add any extras that they would want.
Bug: 144246835
Test: FrameworksNetTests passing
Change-Id: Ia6f36207d43c3748f938430c2780dcf29e5623f3
Merged-In: Ia6f36207d43c3748f938430c2780dcf29e5623f3
|
|
Bug: 130568701
Test: manual. After this, can't display on top of it
Change-Id: Ib032f800edb0416cc15f01a34954340d0d0ffa78
(cherry picked from commit 4e80dc2861614d25a1f957f50040a8cf04812d11)
|
|
Bug: 129463858
Test: manual
Change-Id: I423aeaf5296f53e44817b1a92138c3ba3dff0786
|
|
As part of the improvement to always-on VPN, we're adding this dialog
which is shown when the user taps the "Always-on VPN disconnected"
notification. This dialog shows a relatively detailed explanation of the
situation and offers two actions: 1) to attempt to reconnect, and 2) to
open the VpnSettings page in Settings. As a result, we expect the users
to be more aware of the consequences of a disconnected VPN, and offer
them more actionable options.
Bug: 36650087
Test: manual
Change-Id: I5ae3ff5d25740ea52357012b75d7eb1776dfdc5e
|
|
Bug:29000925
Change-Id: I1087dbb2c366cebb4583ae0bb97302b3d2caf42c
|
|
The purpose of DISALLOW_CONFIG_VPN is to stop users from configuring
VPN, not from using it at all.
The key difference being that if the admin already enforced a VPN then
that setting should be respected (but it still shouldn't be tamperable).
Bug: 28733079
Change-Id: Ib8cab5657a9d5819a019093da3812cd8c2ca4050
|
|
Bug: 25786112
Change-Id: I3dc2ccdce4cc9b449968ab59d1e1d0ff0476ecec
|
|
setupAlert() was called multiple times and this was causing an error.
Bug: 24412662
Change-Id: I5ff91f9f65d3298fc3b6996e147e3133c0bea882
|
|
Settings and SystemUI need to act on other users than USER_OWNER.
This is gated by INTERACT_ACROSS_USERS_FULL in addition to the existing
CONTROL_VPN checks, so the number of processes able to interfere with
other profiles' VPNs should be quite small.
Bug: 20692490
Bug: 20747154
Bug: 20872408
Change-Id: I6e5d7220f73435bec350719e7b4715935caf4e19
|
|
Change-Id: I031443de83f93eb57a98863001826671b18f3b17
|
|
Was originally removed in ag/522961, but restoring to keep legacy VPN
behavior the same from within VpnSettings. This dialog is only
accesible from VpnSettings and so should only ever be shown for legacy
VPNs.
Bug: 17164793
Change-Id: I06c4e136e1023b8f84edfd15a15264d2e41d325b
|
|
-The ability to launch VPNs is now sticky; once approved by the user,
further approvals are not needed UNLESS the connection is revoked in
Quick Settings.
-The old persistent notification has been removed in favor of the new
Quick Settings UI.
-The name of the VPN app is now pulled from the label of the VPN
service rather than the app itself, if one is set.
Bug: 12878887
Bug: 16578022
Change-Id: I102a14c05db26ee3aef030cda971e5165f078a91
|
|
Change-Id: Ia1f99bd2c1105b0b0f70aa614f1f4a67b2840906
|
|
First, startTime's default value is -1 and not 0, so use it to test
if the startTime is set. Also, startTime isn't being set when connecting
legacy VPN; this change fixes that too.
Bug: 10985174
Change-Id: Ibf52b8f489b18c96efba501b76aa73e9a9e0e3e8
|
|
Move away from storing the configs in the Intent to prevent issues with
PendingIntents and multiple configs.
The Dialog now queries ConnectivityService for the configuration to
display in the management dialog.
Change-Id: I0e0ef52db840152914d117a24f776d8106e836ff
|
|
Change-Id: Ifcc919c36006c88e36363f5160f9334df0cf7e5b
|
|
Replaces the current usage of the GB alert
drawable with theme-consistent holo ones.
Change-Id: I8594ef8276db5bb0e192f3a541937d7281321043
|
|
Generate the racoon and mtpd daemon arguments in system_server,
instead of accepting them from Settings.
Bug: 5756357
Change-Id: I42c1a644f6add477fe4222342640d7db15982cb8
|
|
Created base tracker that handles common bookkeeping, and move VPN
to become a tracker. VPN status is now reflected in NetworkInfo, and
is mapped to LegacyVpnInfo.
Legacy VPN now "babysits" any init services it starts, watching for
when they stop unexpectedly.
Bug: 5756357
Change-Id: Iba7ec79da69469f6bd9a970cc39cf6b885b4c9c4
|
|
Bug: 5954284
Change-Id: I2321984d4f423e951989d799073a9da17a577ef9
|
|
Bug: 5699057
Change-Id: Iad1b32cafa32f98b27b6c96a63e1e9d97908983a
|
|
Also hide statistics when they are not available.
Bug: 5372746
Change-Id: Iceffc8732cd51461630127f4fd17d505bc8b05aa
|
|
VpnBuilder will be replaced by VpnService in the next change.
Change-Id: I2dea67a1616b74d17b372f7b214d207f1617198e
|
|
Change-Id: I1bb3bd4616309f091ef653ee246b97b1a006a225
|
|
When someone tries to revoke packageA, it is possible that packageA is
already revoked by packageB. In this case packageB should not be revoked,
and the new prepare() can help solve this problem.
Change-Id: Iee056a191dd99467b8ad1b5379a17b02d404bad1
|
|
Change-Id: I2b59cbe8554b6c6f8da48c465252489394f32653
|
|
And add more comments.
Change-Id: I0cbc495fcb2c8dd105e16a841619b3b9bd227eae
|
|
- Use PendingIntent to start activities.
- Handle configs without package names.
- Switch to system UID.
Change-Id: Ia78112a97e3628b603d9e059705e32694ebe142b
|
|
Also hide the configure button when configureActivity is not set.
Change-Id: Ic8eeec89970bb67d42397754d1f54a2744183eed
|
|
Change-Id: I8870a43ecbffa606d2e29f6c4b1b1a605b2b79e5
|
|
Change-Id: Ia9b7d516f977bc0fa7c30f44ff8111466838d1aa
|