I want to Programmatically create vpn profile; somehow i figure out how to access android.net.vpnmanager and android.net.vpn.vpnprofile (they are not part of offical API and are part of hide APIs) but they have no function create new vpn profile. any suggestions?
Using Hidden APIs is not a good idea as there is no guarantee that with an update they will still work as intended, moreover there is no guarantee that they will work in a consistent manner across different devices manufactured by different vendors.
Android 4.0 ICS has a VPN client API but again it allows you to create your own VPN client.
The only reason I can think of as to why you cannot access VPN settings just as you will access wifi settings is the inherent nature of VPN connections. Here is a link to the VPN features in ICS4.0. The first part of the document discuss these risks. You can still write your own client for your app.
http://developer.android.com/reference/android/net/VpnService.html
Another approach can be to use a third party VPN client and check if you can pass any actions to it via an intent. My recommendation if you are targeting ICS only will be to go with the client API as that you know how your code is working.
I thinkt that VPN Android isn't yet on a stable release, there are a couple of other clients besides the built-in there. But there's so many changes between the last versions of Android regarding the VPN and proxy settings. At the beginning there aren't any VPN support at all, then you can only get that rooting your device and now there's a kind of stable native VPN client inside Android but like you noted, lack of documentation in many aspects and other bugs too.
My recommendation would be to wait to create your code after we have a slightly more stable VPN Android and documentation. If you can't or don't want to wait, go forward with that undocumented API, it could change in the future but I don't see any better option right now.
If You are using a phone from Motorola look into using this as it has code to create working vpn connections using L2tp and Pptp
http://developer.motorola.com/docs/Motorola_Enterprise_Device_Management_SDK_Getting_Started/
Related
I am trying to develop a Mobile Device Management Application. I have so far implemented native or basic restrictions (policies) based on http://developer.android.com/guide/topics/admin/device-admin.html
Now I want more access to the device to put more restrictions, I searched and found a page which is almost exactly same for what I want to implement. Below is the page:
http://www.manageengine.com/products/desktop-central/help/mobile_device_management/mdm_android_restrictions.html
I understand that almost all of these require the device to be SAFE. Once I have the SAFE device then where can I find any documentation or source code or samples where I can see how these restrictions are getting implemented in code. I am unable to find any such thing so far. There must be some API or tutorials etc to guide on implementing these.
Please guide me on how to implement these on SAFE device.
You need to register to Samsung Safe program. As soon as you will be member you will have access to
Documentation
Examples
Special API token which will allow you to call these API's
Variants of this question exist, but I can't seem to understand something.
If you read at the end of the features in ICS / 4.0, there is mention of
Enterprises can also take advantage of a standard VPN client built into the platform that provides access to L2TP and IPSec protocols.
My assumption here is that since it's not under the "Developer" section, that we didn't get a developer API access other than the VpnService API. I've looked at ToyVPN and this is just useless, since I need a REAL IPSec IKEv1 XAuth connection to connect to enterprise firewalls.
I've found several solutions which require root and VPNCilla which apparently doesn't though I haven't been able to successfully have it establish the connection.
Does this mean that there really is no way to PROGRAMMATICALLY create a profile for or connect to an IPSec IKEv1 XAuth gateway/firewall unless we implement the protocol in Java or using the NDK (like StrongSwan did with IKEv2) ?
It's extremely unlikely that there is a way to create a VPN profile without root or system app privileges. You can take a look at how this is implemented in AOSP settings here.
I need to implement an Android app that would allow the user to configure a VPN connection without having to access the native menu of the Android device. With this I have two problems:
in Android 4.0 + (api level 14 and above) I have found there is a new component called VpnService which provides a hook for creating a virtual network interface, configuring it and intercepting / forwarding pachets from it to a VPN server, but there are no built in vpn protocols like PPTP or IPSec, there is just the possibility of implementing them. My question is is there any ready made solution for PPTP and IPSec to work with VpnService?
In earlier versions of Android, from what I have found so far, it seems the only way to use VPN is to access and configure the built in vpn solution of the device by wrapping (using reflection) some hidden apis in android but this is a cumbersome solution since the device needs to be rooted, also the hidden api implementations may differ from device to device, and from OS version to OS version. Is there a better way to programmatically configure the built in VPN of the underlying linux OS?
1) I don't know of any open-source PPTP or IPSec implementations for the Android 4.x ICS VpnService. VpnService is designed for creating custom-protocol VPN applications (which could in theory be pptp or IPSec). The only open-source implementation I have found that leverages this new API is one for OpenVPN:
https://github.com/schwabe/ics-openvpn
This provides one potential VPN solution that you are fully in control of (the server is open-source also), but it is not PPTP or IPSec. If you understand the PPTP protocol, it should be possible to use this as a model to implement such a VPN client.
2) Yes, it is true that in earlier versions, the only way is through private APIs. In fact, even if you want to do it in later versions using the built in VPN support (i.e. built in PPTP or IPSec support), you have to leverage these hidden APIs. It maybe be possible to do it at a lower-level using the underlying linux kernel, but this would require rooting the OS and circumventing the Android application paradigm. This is not necessarily a better alternative to using private APIs.
For some info on howto configure VPN using those APIs:
http://grepcode.com/file/repository.grepcode.com/java/ext/com.google.android/android/2.2_r1.1/android/net/vpn/PptpProfile.java
(example of a PPTP profile object, needed to pass into the API)
How to programmatically create a new VPN interface with Android 4.0? (Explains how to store this new VPN profile on the system)
I am not sure how consistent and reliable these APIs will be. I would expect them to work on most Android devices as vendors are unlikely to re-implement the basic VPN implementations, although they may have added their own. They also may have altered the APIs necessary to enable such profiles, or have extended their capabilities.
The Settings on Android provides an option to add VPN manually.
Can this be done programmatically through some kind of an API?
I'm not looking for a way to connect to a VPN. I'm only concerned about configuring a VPN profile.
Please see this answer, it is not possible with the Android SDK.
This is not possible with Android SDK. However, some manufactures like
Motorola have their own flavor of android and in their SDK they have
made it possible.
See also this question -- Create VPN profile on Android. Briefly, we came to the conclusion that it's not only not possible with the Android SDK, but it's not possible even with a hacked SDK unless you have a rooted device (because the VPN profiles are stored via the system KeyStore, so you would need to be running as a system process to add / modify them).
However, there does appear to be a third-party VPN app that at least claims to do this without a rooted device, but it doesn't appear to be open-source and I can't vouch for it (see the comments here: http://code.google.com/p/android/issues/detail?id=8915).
I know how to develop in Android and use the Apache HTTP lib, but I want to go lower, get hold of the wireless interface adapter and be able to send & receive packets wirelessly. I know its possible since there are sniffer apps in the android market. I have looked around and googled a lot, but can't seem to get any ideas on how to even start. Surprisingly nobody seems to have asked this question on SO before too.
I suppose there is no android API that does it for you. Please suggest a way of sending/receiving packets in android or post references to any such resources.
Thanks!
Note: I know java.net api can be used in android (though I haven't used it before) but that doesn't give me the kind of access I want.
There is no way to do this with the standard SDK/NDK.
On a rooted device, you could possibly call into tcpdump, or another libpcap-based application. There is not a supported way to give Java applications the required privileges on a production Android device.
For example, this blog post describes how to use tcpdump to do a basic packet capture on Android.
Did you have a look at the NDK? Maybe you can do what you want in C(++).
Android OS 4.0 or later provides a VpnService through which you can monitor the network traffic. Application provided at http://www.taosoftware.co.jp/en/android/packetcapture/ uses VpnService that capture the data.