From 838913359283c0697326c123fe8bbbf39de7a78a Mon Sep 17 00:00:00 2001
From: Erik Kline <ek@google.com>
Date: Tue, 6 Dec 2016 11:53:25 +0900
Subject: [PATCH] Stop setting net.dns{1234} system properties.

Nothing in the system consumes these properties, they were never part
of an official public API, and they can leak information about the
current network to applications without networking prvileges.

Specifically, these properites allow applications to access network state
(and detect network changes, etc.) without having the ACCESS_NETWORK_STATE
permission.

Test: runtest ConnectivityServiceTest passes
Bug: 33308258
Change-Id: I85abc52bc11aee33940fd0af2397478a9a5c3b8f
---
 .../android/server/ConnectivityService.java   | 20 -------------------
 1 file changed, 20 deletions(-)

diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index 090c7444c1..8108c4c00e 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -4615,28 +4615,9 @@ public class ConnectivityService extends IConnectivityManager.Stub
         } catch (Exception e) {
             loge("Exception in setDnsConfigurationForNetwork: " + e);
         }
-        final NetworkAgentInfo defaultNai = getDefaultNetwork();
-        if (defaultNai != null && defaultNai.network.netId == netId) {
-            setDefaultDnsSystemProperties(dnses);
-        }
         flushVmDnsCache();
     }
 
-    private void setDefaultDnsSystemProperties(Collection<InetAddress> dnses) {
-        int last = 0;
-        for (InetAddress dns : dnses) {
-            ++last;
-            String key = "net.dns" + last;
-            String value = dns.getHostAddress();
-            SystemProperties.set(key, value);
-        }
-        for (int i = last + 1; i <= mNumDnsEntries; ++i) {
-            String key = "net.dns" + i;
-            SystemProperties.set(key, "");
-        }
-        mNumDnsEntries = last;
-    }
-
     private String getNetworkPermission(NetworkCapabilities nc) {
         // TODO: make these permission strings AIDL constants instead.
         if (!nc.hasCapability(NET_CAPABILITY_NOT_RESTRICTED)) {
@@ -4853,7 +4834,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
         notifyLockdownVpn(newNetwork);
         handleApplyDefaultProxy(newNetwork.linkProperties.getHttpProxy());
         updateTcpBufferSizes(newNetwork);
-        setDefaultDnsSystemProperties(newNetwork.linkProperties.getDnsServers());
     }
 
     private void processListenRequests(NetworkAgentInfo nai, boolean capabilitiesChanged) {