From 49ea93861d1bee28c9acee421b11364c401751de Mon Sep 17 00:00:00 2001
From: Paul Hu <paulhu@google.com>
Date: Tue, 14 May 2019 04:28:35 -0700
Subject: [PATCH] Fix captive portal app can be launched w/o
 MAINLINE_NETWORK_STACK permission

Caller should get SecurityException if called
ConnectivityManager#startCaptivePortalApp() w/o
MAINLINE_NETWORK_STACK permission. But now it will not get any
exception and can launch captive portal app successfully.

Bug: 132662433
Test: atest android.net.cts.ConnectivityManagerTest#testStartCaptivePortalApp
      w and w/o MAINLINE_NETWORK_STACK permission
Test: atest FrameworksNetTests NetworkStackTests

Change-Id: Ib70fe6fad107f3e9dce9ce673188c5ce5dc1ad7b
Merged-In: I1025da29beb53259f57bd9ca5648b32f2847ed4a
Merged-In: Ib70fe6fad107f3e9dce9ce673188c5ce5dc1ad7b
(cherry picked from commit 72b3ab18ca302a3117f424a0f0ef6c08897c310e)
---
 services/core/java/com/android/server/ConnectivityService.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index facc299450..f12bfc33ea 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -3497,7 +3497,8 @@ public class ConnectivityService extends IConnectivityManager.Stub
      */
     @Override
     public void startCaptivePortalAppInternal(Network network, Bundle appExtras) {
-        mContext.checkCallingOrSelfPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
+        mContext.enforceCallingOrSelfPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK,
+                "ConnectivityService");
 
         final Intent appIntent = new Intent(ConnectivityManager.ACTION_CAPTIVE_PORTAL_SIGN_IN);
         appIntent.putExtras(appExtras);