LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

VPN: close the socket in protectVpn() to avoid leaking descriptors. am: 9e4ff6ef91

Browse Source 
Original change: undetermined

Change-Id: I0852a049429f9d372dfec53f982cbea3b470ddb9
This commit is contained in:
Chia-chi Yeh
2021-05-31 04:42:57 +00:00
committed by Automerger Merge Worker
parent 5ffe006db9 9e4ff6ef91
commit 82fb938e19
2 changed files with 18 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/android/net/IConnectivityManager.aidl
View File

@@ -100,7 +100,7 @@ interface IConnectivityManager
void setDataDependency(int networkType, boolean met);
void protectVpn(in ParcelFileDescriptor socket);
boolean protectVpn(in ParcelFileDescriptor socket);
boolean prepareVpn(String oldPackage, String newPackage);

32
services/java/com/android/server/ConnectivityService.java
View File

@@ -2528,8 +2528,23 @@ public class ConnectivityService extends IConnectivityManager.Stub {
* @hide
*/
@Override
public void protectVpn(ParcelFileDescriptor socket) {
mVpn.protect(socket, getDefaultInterface());
public boolean protectVpn(ParcelFileDescriptor socket) {
try {
int type = mActiveDefaultNetwork;
if (ConnectivityManager.isNetworkTypeValid(type)) {
mVpn.protect(socket, mNetTrackers[type].getLinkProperties().getInterfaceName());
return true;
}
} catch (Exception e) {
// ignore
} finally {
try {
socket.close();
} catch (Exception e) {
// ignore
}
}
return false;
}
/**
@@ -2577,19 +2592,6 @@ public class ConnectivityService extends IConnectivityManager.Stub {
return mVpn.getLegacyVpnInfo();
}
private String getDefaultInterface() {
if (ConnectivityManager.isNetworkTypeValid(mActiveDefaultNetwork)) {
NetworkStateTracker tracker = mNetTrackers[mActiveDefaultNetwork];
if (tracker != null) {
LinkProperties properties = tracker.getLinkProperties();
if (properties != null) {
return properties.getInterfaceName();
}
}
}
throw new IllegalStateException("No default interface");
}
/**
* Callback for VPN subsystem. Currently VPN is not adapted to the service
* through NetworkStateTracker since it works differently. For example, it