LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

VPN: close the socket in protectVpn() to avoid leaking descriptors. am: 9e4ff6ef91

Browse Source 
Original change: undetermined

Change-Id: I6bbb4fe9f03b9dec6d328589f5e089140b5011e0
This commit is contained in:
Chia-chi Yeh
2021-05-31 11:44:40 +00:00
committed by Automerger Merge Worker
parent eb5e1470bf 9e4ff6ef91
commit d292e009c3
2 changed files with 18 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/android/net/IConnectivityManager.aidl
View File

@@ -100,7 +100,7 @@ interface IConnectivityManager
void setDataDependency(int networkType, boolean met); void setDataDependency(int networkType, boolean met);
void protectVpn(in ParcelFileDescriptor socket); boolean protectVpn(in ParcelFileDescriptor socket);
boolean prepareVpn(String oldPackage, String newPackage); boolean prepareVpn(String oldPackage, String newPackage);

32
services/java/com/android/server/ConnectivityService.java
View File

@@ -2528,8 +2528,23 @@ public class ConnectivityService extends IConnectivityManager.Stub {
* @hide * @hide
*/ */
@Override @Override
public void protectVpn(ParcelFileDescriptor socket) { public boolean protectVpn(ParcelFileDescriptor socket) {
mVpn.protect(socket, getDefaultInterface()); try {
int type = mActiveDefaultNetwork;
if (ConnectivityManager.isNetworkTypeValid(type)) {
mVpn.protect(socket, mNetTrackers[type].getLinkProperties().getInterfaceName());
return true;
}
} catch (Exception e) {
// ignore
} finally {
try {
socket.close();
} catch (Exception e) {
// ignore
}
}
return false;
} }
/** /**
@@ -2577,19 +2592,6 @@ public class ConnectivityService extends IConnectivityManager.Stub {
return mVpn.getLegacyVpnInfo(); return mVpn.getLegacyVpnInfo();
} }
private String getDefaultInterface() {
if (ConnectivityManager.isNetworkTypeValid(mActiveDefaultNetwork)) {
NetworkStateTracker tracker = mNetTrackers[mActiveDefaultNetwork];
if (tracker != null) {
LinkProperties properties = tracker.getLinkProperties();
if (properties != null) {
return properties.getInterfaceName();
}
}
}
throw new IllegalStateException("No default interface");
}
/** /**
* Callback for VPN subsystem. Currently VPN is not adapted to the service * Callback for VPN subsystem. Currently VPN is not adapted to the service
* through NetworkStateTracker since it works differently. For example, it * through NetworkStateTracker since it works differently. For example, it