summaryrefslogtreecommitdiffstats
path: root/keystore
diff options
context:
space:
mode:
authorJeff Sharkey <jsharkey@android.com>2012-08-25 00:05:46 -0700
committerJeff Sharkey <jsharkey@android.com>2012-08-27 12:35:05 -0700
commit69ddab4575ff684c533c995e07ca15fe18543fc0 (patch)
treedfae3a89b9027c33d47b58f80200af021bbe7426 /keystore
parent080ca09c7f4c0033d0efece23687b71f7f8febc9 (diff)
downloadframeworks_base-69ddab4575ff684c533c995e07ca15fe18543fc0.zip
frameworks_base-69ddab4575ff684c533c995e07ca15fe18543fc0.tar.gz
frameworks_base-69ddab4575ff684c533c995e07ca15fe18543fc0.tar.bz2
Always-on VPN.
Adds support for always-on VPN profiles, also called "lockdown." When enabled, LockdownVpnTracker manages the netd firewall to prevent unencrypted traffic from leaving the device. It creates narrow rules to only allow traffic to the selected VPN server. When an egress network becomes available, LockdownVpnTracker will try bringing up the VPN connection, and will reconnect if disconnected. ConnectivityService augments any NetworkInfo based on the lockdown VPN status to help apps wait until the VPN is connected. This feature requires that VPN profiles use an IP address for both VPN server and DNS. It also blocks non-default APN access when enabled. Waits for USER_PRESENT after boot to check KeyStore status. Bug: 5756357 Change-Id: If615f206b1634000d78a8350a17e88bfcac8e0d0
Diffstat (limited to 'keystore')
-rw-r--r--keystore/java/android/security/Credentials.java3
1 files changed, 3 insertions, 0 deletions
diff --git a/keystore/java/android/security/Credentials.java b/keystore/java/android/security/Credentials.java
index f6bf432..b233ff6 100644
--- a/keystore/java/android/security/Credentials.java
+++ b/keystore/java/android/security/Credentials.java
@@ -61,6 +61,9 @@ public class Credentials {
/** Key prefix for WIFI. */
public static final String WIFI = "WIFI_";
+ /** Key containing suffix of lockdown VPN profile. */
+ public static final String LOCKDOWN_VPN = "LOCKDOWN_VPN";
+
/** Data type for public keys. */
public static final String EXTRA_PUBLIC_KEY = "KEY";