如何在 Android 上以编程方式配置 VPN?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10444757/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to configure VPN programmatically on Android?
提问by Paul
I need to implement an Android app that would allow the user to configure a VPN connection without having to access the native menu of the Android device. With this I have two problems:
我需要实现一个 Android 应用程序,它允许用户配置 VPN 连接,而无需访问 Android 设备的本机菜单。有了这个,我有两个问题:
in Android 4.0 + (api level 14 and above) I have found there is a new component called VpnService which provides a hook for creating a virtual network interface, configuring it and intercepting / forwarding pachets from it to a VPN server, but there are no built in vpn protocols like PPTP or IPSec, there is just the possibility of implementing them. My question is is there any ready made solution for PPTP and IPSec to work with VpnService?
In earlier versions of Android, from what I have found so far, it seems the only way to use VPN is to access and configure the built in vpn solution of the device by wrapping (using reflection) some hidden apis in android but this is a cumbersome solution since the device needs to be rooted, also the hidden api implementations may differ from device to device, and from OS version to OS version. Is there a better way to programmatically configure the built in VPN of the underlying linux OS?
在 Android 4.0 +(api 级别 14 及以上)中,我发现有一个名为 VpnService 的新组件,它提供了一个钩子,用于创建虚拟网络接口、配置它以及从它拦截/转发数据包到 VPN 服务器,但是没有内置 VPN 协议,如 PPTP 或 IPSec,只有实现它们的可能性。我的问题是是否有任何现成的解决方案可以让 PPTP 和 IPSec 与 VpnService 一起使用?
在早期版本的 Android 中,从我目前发现的情况来看,似乎使用 VPN 的唯一方法是通过在 android 中包装(使用反射)一些隐藏的 api 来访问和配置设备的内置 vpn 解决方案,但这是一个麻烦的解决方案,因为设备需要植根,而且隐藏的 api 实现可能因设备而异,因操作系统版本而异。有没有更好的方法来以编程方式配置底层 linux 操作系统的内置 VPN?
采纳答案by Rajiv Makhijani
1) I don't know of any open-source PPTP or IPSec implementations for the Android 4.x ICS VpnService. VpnService is designed for creating custom-protocol VPN applications (which could in theory be pptp or IPSec). The only open-source implementation I have found that leverages this new API is one for OpenVPN:
1) 我不知道 Android 4.x ICS VpnService 的任何开源 PPTP 或 IPSec 实现。VpnService 旨在创建自定义协议 VPN 应用程序(理论上可以是 pptp 或 IPSec)。我发现利用这个新 API 的唯一开源实现是 OpenVPN:
https://github.com/schwabe/ics-openvpn
https://github.com/schwabe/ics-openvpn
This provides one potential VPN solution that you are fully in control of (the server is open-source also), but it is not PPTP or IPSec. If you understand the PPTP protocol, it should be possible to use this as a model to implement such a VPN client.
这提供了一种您可以完全控制的潜在 VPN 解决方案(服务器也是开源的),但它不是 PPTP 或 IPSec。如果你了解PPTP协议,应该可以以此为模型来实现这样的VPN客户端。
2) Yes, it is true that in earlier versions, the only way is through private APIs. In fact, even if you want to do it in later versions using the built in VPN support (i.e. built in PPTP or IPSec support), you have to leverage these hidden APIs. It maybe be possible to do it at a lower-level using the underlying linux kernel, but this would require rooting the OS and circumventing the Android application paradigm. This is not necessarily a better alternative to using private APIs.
2) 是的,确实在早期版本中,唯一的方法是通过私有 API。事实上,即使您想在使用内置 VPN 支持(即内置 PPTP 或 IPSec 支持)的更高版本中执行此操作,您也必须利用这些隐藏的 API。也许可以使用底层 linux 内核在较低级别执行此操作,但这需要植根操作系统并绕过 Android 应用程序范式。这不一定是使用私有 API 的更好替代方案。
For some info on howto configure VPN using those APIs:
有关如何使用这些 API 配置 VPN 的一些信息:
http://grepcode.com/file/repository.grepcode.com/java/ext/com.google.android/android/2.2_r1.1/android/net/vpn/PptpProfile.java(example of a PPTP profile object, needed to pass into the API)
http://grepcode.com/file/repository.grepcode.com/java/ext/com.google.android/android/2.2_r1.1/android/net/vpn/PptpProfile.java(PPTP配置文件对象的示例,需要传递到 API 中)
How to programmatically create a new VPN interface with Android 4.0?(Explains how to store this new VPN profile on the system)
如何以编程方式使用 Android 4.0 创建新的 VPN 接口?(解释如何在系统上存储这个新的 VPN 配置文件)
I am not sure how consistent and reliable these APIs will be. I would expect them to work on most Android devices as vendors are unlikely to re-implement the basic VPN implementations, although they may have added their own. They also may have altered the APIs necessary to enable such profiles, or have extended their capabilities.
我不确定这些 API 的一致性和可靠性如何。我希望它们能在大多数 Android 设备上运行,因为供应商不太可能重新实现基本的 VPN 实现,尽管他们可能已经添加了自己的。他们还可能更改了启用此类配置文件所需的 API,或者扩展了其功能。
