Implement support for bypassable VPNs.
Bypassable VPNs grab all traffic by default (just like secure VPNs), but:
+ They allow all apps to choose other networks using the multinetwork APIs.
If these other networks are insecure ("untrusted"), they will enforce that the
app holds the necessary permissions, such as CHANGE_NETWORK_STATE.
+ They support consistent routing. If an app has an existing connection over
some other network when the bypassable VPN comes up, it's not interrupted.
Bug: 15347374
Change-Id: Iaee9c6f6fa8103215738570d2b65d3fcf10343f3
diff --git a/server/VirtualNetwork.h b/server/VirtualNetwork.h
index 92a1b0e..d315f97 100644
--- a/server/VirtualNetwork.h
+++ b/server/VirtualNetwork.h
@@ -20,12 +20,20 @@
#include "Network.h"
#include "UidRanges.h"
+// A VirtualNetwork may be "secure" or not.
+//
+// A secure VPN is the usual type of VPN that grabs the default route (and thus all user traffic).
+// Only a few privileged UIDs may skip the VPN and go directly to the underlying physical network.
+//
+// A non-secure VPN ("bypassable" VPN) also grabs all user traffic by default. But all apps are
+// permitted to skip it and pick any other network for their connections.
class VirtualNetwork : public Network {
public:
- VirtualNetwork(unsigned netId, bool hasDns);
+ VirtualNetwork(unsigned netId, bool hasDns, bool secure);
virtual ~VirtualNetwork();
bool getHasDns() const;
+ bool isSecure() const;
bool appliesToUser(uid_t uid) const;
int addUsers(const UidRanges& uidRanges) WARN_UNUSED_RESULT;
@@ -37,6 +45,7 @@
int removeInterface(const std::string& interface) override WARN_UNUSED_RESULT;
const bool mHasDns;
+ const bool mSecure;
UidRanges mUidRanges;
};