Merge "Cosmetic Cleanups for IpSecService" am: 87d6fc04b2 am: ffb9ae2323
am: cc51ef0a47 Change-Id: I0a9c52ca26ad1b7e4505f7c9dc32ad9550b62afc
This commit is contained in:
nharold
@@ -34,7 +34,7 @@ public final class IpSecConfig implements Parcelable {
|
|||||||
// Preventing this from being null simplifies Java->Native binder
|
// Preventing this from being null simplifies Java->Native binder
|
||||||
private String mRemoteAddress = "";
|
private String mRemoteAddress = "";
|
||||||
|
|
||||||
// The underlying network interface that represents the "gateway" Network
|
// The underlying Network that represents the "gateway" Network
|
||||||
// for outbound packets. It may also be used to select packets.
|
// for outbound packets. It may also be used to select packets.
|
||||||
private Network mNetwork;
|
private Network mNetwork;
|
||||||
|
|
||||||
@@ -273,6 +273,7 @@ public final class IpSecConfig implements Parcelable {
|
|||||||
};
|
};
|
||||||
|
|
||||||
@VisibleForTesting
|
@VisibleForTesting
|
||||||
|
/** Equals method used for testing */
|
||||||
public static boolean equals(IpSecConfig lhs, IpSecConfig rhs) {
|
public static boolean equals(IpSecConfig lhs, IpSecConfig rhs) {
|
||||||
if (lhs == null || rhs == null) return (lhs == rhs);
|
if (lhs == null || rhs == null) return (lhs == rhs);
|
||||||
return (lhs.mMode == rhs.mMode
|
return (lhs.mMode == rhs.mMode
|
||||||
|
|||||||
@@ -409,8 +409,6 @@ public final class IpSecTransform implements AutoCloseable {
|
|||||||
public IpSecTransform buildTransportModeTransform(InetAddress remoteAddress)
|
public IpSecTransform buildTransportModeTransform(InetAddress remoteAddress)
|
||||||
throws IpSecManager.ResourceUnavailableException,
|
throws IpSecManager.ResourceUnavailableException,
|
||||||
IpSecManager.SpiUnavailableException, IOException {
|
IpSecManager.SpiUnavailableException, IOException {
|
||||||
//FIXME: argument validation here
|
|
||||||
//throw new IllegalArgumentException("Natt Keepalive requires UDP Encapsulation");
|
|
||||||
mConfig.setMode(MODE_TRANSPORT);
|
mConfig.setMode(MODE_TRANSPORT);
|
||||||
mConfig.setRemoteAddress(remoteAddress.getHostAddress());
|
mConfig.setRemoteAddress(remoteAddress.getHostAddress());
|
||||||
return new IpSecTransform(mContext, mConfig).activate();
|
return new IpSecTransform(mContext, mConfig).activate();
|
||||||
|
|||||||
@@ -344,7 +344,7 @@ public class IpSecService extends IIpSecService.Stub {
|
|||||||
private class ManagedResourceArray<T extends ManagedResource> {
|
private class ManagedResourceArray<T extends ManagedResource> {
|
||||||
SparseArray<T> mArray = new SparseArray<>();
|
SparseArray<T> mArray = new SparseArray<>();
|
||||||
|
|
||||||
T get(int key) {
|
T getAndCheckOwner(int key) {
|
||||||
T val = mArray.get(key);
|
T val = mArray.get(key);
|
||||||
// The value should never be null unless the resource doesn't exist
|
// The value should never be null unless the resource doesn't exist
|
||||||
// (since we do not allow null resources to be added).
|
// (since we do not allow null resources to be added).
|
||||||
@@ -723,7 +723,7 @@ public class IpSecService extends IIpSecService.Stub {
|
|||||||
throws RemoteException {
|
throws RemoteException {
|
||||||
// We want to non-destructively get so that we can check credentials before removing
|
// We want to non-destructively get so that we can check credentials before removing
|
||||||
// this from the records.
|
// this from the records.
|
||||||
T record = resArray.get(resourceId);
|
T record = resArray.getAndCheckOwner(resourceId);
|
||||||
|
|
||||||
if (record == null) {
|
if (record == null) {
|
||||||
throw new IllegalArgumentException(
|
throw new IllegalArgumentException(
|
||||||
@@ -863,7 +863,8 @@ public class IpSecService extends IIpSecService.Stub {
|
|||||||
break;
|
break;
|
||||||
case IpSecTransform.ENCAP_ESPINUDP:
|
case IpSecTransform.ENCAP_ESPINUDP:
|
||||||
case IpSecTransform.ENCAP_ESPINUDP_NON_IKE:
|
case IpSecTransform.ENCAP_ESPINUDP_NON_IKE:
|
||||||
if (mUdpSocketRecords.get(config.getEncapSocketResourceId()) == null) {
|
if (mUdpSocketRecords.getAndCheckOwner(
|
||||||
|
config.getEncapSocketResourceId()) == null) {
|
||||||
throw new IllegalStateException(
|
throw new IllegalStateException(
|
||||||
"No Encapsulation socket for Resource Id: "
|
"No Encapsulation socket for Resource Id: "
|
||||||
+ config.getEncapSocketResourceId());
|
+ config.getEncapSocketResourceId());
|
||||||
@@ -885,7 +886,7 @@ public class IpSecService extends IIpSecService.Stub {
|
|||||||
throw new IllegalArgumentException("Encryption and Authentication are both null");
|
throw new IllegalArgumentException("Encryption and Authentication are both null");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (mSpiRecords.get(config.getSpiResourceId(direction)) == null) {
|
if (mSpiRecords.getAndCheckOwner(config.getSpiResourceId(direction)) == null) {
|
||||||
throw new IllegalStateException("No SPI for specified Resource Id");
|
throw new IllegalStateException("No SPI for specified Resource Id");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -913,7 +914,7 @@ public class IpSecService extends IIpSecService.Stub {
|
|||||||
UdpSocketRecord socketRecord = null;
|
UdpSocketRecord socketRecord = null;
|
||||||
encapType = c.getEncapType();
|
encapType = c.getEncapType();
|
||||||
if (encapType != IpSecTransform.ENCAP_NONE) {
|
if (encapType != IpSecTransform.ENCAP_NONE) {
|
||||||
socketRecord = mUdpSocketRecords.get(c.getEncapSocketResourceId());
|
socketRecord = mUdpSocketRecords.getAndCheckOwner(c.getEncapSocketResourceId());
|
||||||
encapLocalPort = socketRecord.getPort();
|
encapLocalPort = socketRecord.getPort();
|
||||||
encapRemotePort = c.getEncapRemotePort();
|
encapRemotePort = c.getEncapRemotePort();
|
||||||
}
|
}
|
||||||
@@ -922,7 +923,7 @@ public class IpSecService extends IIpSecService.Stub {
|
|||||||
IpSecAlgorithm auth = c.getAuthentication(direction);
|
IpSecAlgorithm auth = c.getAuthentication(direction);
|
||||||
IpSecAlgorithm crypt = c.getEncryption(direction);
|
IpSecAlgorithm crypt = c.getEncryption(direction);
|
||||||
|
|
||||||
spis[direction] = mSpiRecords.get(c.getSpiResourceId(direction));
|
spis[direction] = mSpiRecords.getAndCheckOwner(c.getSpiResourceId(direction));
|
||||||
int spi = spis[direction].getSpi();
|
int spi = spis[direction].getSpi();
|
||||||
try {
|
try {
|
||||||
mSrvConfig
|
mSrvConfig
|
||||||
@@ -976,7 +977,7 @@ public class IpSecService extends IIpSecService.Stub {
|
|||||||
// Synchronize liberally here because we are using ManagedResources in this block
|
// Synchronize liberally here because we are using ManagedResources in this block
|
||||||
TransformRecord info;
|
TransformRecord info;
|
||||||
// FIXME: this code should be factored out into a security check + getter
|
// FIXME: this code should be factored out into a security check + getter
|
||||||
info = mTransformRecords.get(resourceId);
|
info = mTransformRecords.getAndCheckOwner(resourceId);
|
||||||
|
|
||||||
if (info == null) {
|
if (info == null) {
|
||||||
throw new IllegalArgumentException("Transform " + resourceId + " is not active");
|
throw new IllegalArgumentException("Transform " + resourceId + " is not active");
|
||||||
|
|||||||
Reference in New Issue
Block a user