LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Cosmetic Cleanups for IpSecService"

Browse Source
This commit is contained in:
nharold
2017-10-05 00:14:16 +00:00
committed by Gerrit Code Review
parent 727fe3e941 37b4cf3ecb
commit 87d6fc04b2
3 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
core/java/android/net/IpSecConfig.java
View File

@@ -34,7 +34,7 @@ public final class IpSecConfig implements Parcelable {
// Preventing this from being null simplifies Java->Native binder // Preventing this from being null simplifies Java->Native binder
private String mRemoteAddress = ""; private String mRemoteAddress = "";
// The underlying network interface that represents the "gateway" Network // The underlying Network that represents the "gateway" Network
// for outbound packets. It may also be used to select packets. // for outbound packets. It may also be used to select packets.
private Network mNetwork; private Network mNetwork;
@@ -273,6 +273,7 @@ public final class IpSecConfig implements Parcelable {
}; };
@VisibleForTesting @VisibleForTesting
/** Equals method used for testing */
public static boolean equals(IpSecConfig lhs, IpSecConfig rhs) { public static boolean equals(IpSecConfig lhs, IpSecConfig rhs) {
if (lhs == null || rhs == null) return (lhs == rhs); if (lhs == null || rhs == null) return (lhs == rhs);
return (lhs.mMode == rhs.mMode return (lhs.mMode == rhs.mMode

2
core/java/android/net/IpSecTransform.java
View File

@@ -409,8 +409,6 @@ public final class IpSecTransform implements AutoCloseable {
public IpSecTransform buildTransportModeTransform(InetAddress remoteAddress) public IpSecTransform buildTransportModeTransform(InetAddress remoteAddress)
throws IpSecManager.ResourceUnavailableException, throws IpSecManager.ResourceUnavailableException,
IpSecManager.SpiUnavailableException, IOException { IpSecManager.SpiUnavailableException, IOException {
//FIXME: argument validation here
//throw new IllegalArgumentException("Natt Keepalive requires UDP Encapsulation");
mConfig.setMode(MODE_TRANSPORT); mConfig.setMode(MODE_TRANSPORT);
mConfig.setRemoteAddress(remoteAddress.getHostAddress()); mConfig.setRemoteAddress(remoteAddress.getHostAddress());
return new IpSecTransform(mContext, mConfig).activate(); return new IpSecTransform(mContext, mConfig).activate();

15
services/core/java/com/android/server/IpSecService.java
View File

@@ -344,7 +344,7 @@ public class IpSecService extends IIpSecService.Stub {
private class ManagedResourceArray<T extends ManagedResource> { private class ManagedResourceArray<T extends ManagedResource> {
SparseArray<T> mArray = new SparseArray<>(); SparseArray<T> mArray = new SparseArray<>();
T get(int key) { T getAndCheckOwner(int key) {
T val = mArray.get(key); T val = mArray.get(key);
// The value should never be null unless the resource doesn't exist // The value should never be null unless the resource doesn't exist
// (since we do not allow null resources to be added). // (since we do not allow null resources to be added).
@@ -723,7 +723,7 @@ public class IpSecService extends IIpSecService.Stub {
throws RemoteException { throws RemoteException {
// We want to non-destructively get so that we can check credentials before removing // We want to non-destructively get so that we can check credentials before removing
// this from the records. // this from the records.
T record = resArray.get(resourceId); T record = resArray.getAndCheckOwner(resourceId);
if (record == null) { if (record == null) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
@@ -863,7 +863,8 @@ public class IpSecService extends IIpSecService.Stub {
break; break;
case IpSecTransform.ENCAP_ESPINUDP: case IpSecTransform.ENCAP_ESPINUDP:
case IpSecTransform.ENCAP_ESPINUDP_NON_IKE: case IpSecTransform.ENCAP_ESPINUDP_NON_IKE:
if (mUdpSocketRecords.get(config.getEncapSocketResourceId()) == null) { if (mUdpSocketRecords.getAndCheckOwner(
config.getEncapSocketResourceId()) == null) {
throw new IllegalStateException( throw new IllegalStateException(
"No Encapsulation socket for Resource Id: " "No Encapsulation socket for Resource Id: "
+ config.getEncapSocketResourceId()); + config.getEncapSocketResourceId());
@@ -885,7 +886,7 @@ public class IpSecService extends IIpSecService.Stub {
throw new IllegalArgumentException("Encryption and Authentication are both null"); throw new IllegalArgumentException("Encryption and Authentication are both null");
} }
if (mSpiRecords.get(config.getSpiResourceId(direction)) == null) { if (mSpiRecords.getAndCheckOwner(config.getSpiResourceId(direction)) == null) {
throw new IllegalStateException("No SPI for specified Resource Id"); throw new IllegalStateException("No SPI for specified Resource Id");
} }
} }
@@ -913,7 +914,7 @@ public class IpSecService extends IIpSecService.Stub {
UdpSocketRecord socketRecord = null; UdpSocketRecord socketRecord = null;
encapType = c.getEncapType(); encapType = c.getEncapType();
if (encapType != IpSecTransform.ENCAP_NONE) { if (encapType != IpSecTransform.ENCAP_NONE) {
socketRecord = mUdpSocketRecords.get(c.getEncapSocketResourceId()); socketRecord = mUdpSocketRecords.getAndCheckOwner(c.getEncapSocketResourceId());
encapLocalPort = socketRecord.getPort(); encapLocalPort = socketRecord.getPort();
encapRemotePort = c.getEncapRemotePort(); encapRemotePort = c.getEncapRemotePort();
} }
@@ -922,7 +923,7 @@ public class IpSecService extends IIpSecService.Stub {
IpSecAlgorithm auth = c.getAuthentication(direction); IpSecAlgorithm auth = c.getAuthentication(direction);
IpSecAlgorithm crypt = c.getEncryption(direction); IpSecAlgorithm crypt = c.getEncryption(direction);
spis[direction] = mSpiRecords.get(c.getSpiResourceId(direction)); spis[direction] = mSpiRecords.getAndCheckOwner(c.getSpiResourceId(direction));
int spi = spis[direction].getSpi(); int spi = spis[direction].getSpi();
try { try {
mSrvConfig mSrvConfig
@@ -976,7 +977,7 @@ public class IpSecService extends IIpSecService.Stub {
// Synchronize liberally here because we are using ManagedResources in this block // Synchronize liberally here because we are using ManagedResources in this block
TransformRecord info; TransformRecord info;
// FIXME: this code should be factored out into a security check + getter // FIXME: this code should be factored out into a security check + getter
info = mTransformRecords.get(resourceId); info = mTransformRecords.getAndCheckOwner(resourceId);
if (info == null) { if (info == null) {
throw new IllegalArgumentException("Transform " + resourceId + " is not active"); throw new IllegalArgumentException("Transform " + resourceId + " is not active");