LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Disable the AppOp Restriction for IpSec Tunnels" into stage-aosp-master am: bda7c96038

Browse Source 
am: 48474a78ad

Change-Id: Idb6ff2adc72d0a293e1d99c287d0df68df88fe79
This commit is contained in:
Nathan Harold
2018-06-09 09:43:53 -07:00
committed by android-build-merger
parent e7e5a5a0db 48474a78ad
commit ebe4aa77d4
1 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
services/core/java/com/android/server/IpSecService.java
View File

@@ -1481,10 +1481,13 @@ public class IpSecService extends IIpSecService.Stub {
}
}
private static final String TUNNEL_OP = "STOPSHIP"; // = AppOpsManager.OP_MANAGE_IPSEC_TUNNELS;
private void enforceTunnelPermissions(String callingPackage) {
checkNotNull(callingPackage, "Null calling package cannot create IpSec tunnels");
if (false) { // STOPSHIP if this line is present
switch (getAppOpsManager().noteOp(
AppOpsManager.OP_MANAGE_IPSEC_TUNNELS,
TUNNEL_OP,
Binder.getCallingUid(), callingPackage)) {
case AppOpsManager.MODE_DEFAULT:
mContext.enforceCallingOrSelfPermission(
@@ -1496,6 +1499,7 @@ public class IpSecService extends IIpSecService.Stub {
throw new SecurityException("Request to ignore AppOps for non-legacy API");
}
}
}
private void createOrUpdateTransform(
IpSecConfig c, int resourceId, SpiRecord spiRecord, EncapSocketRecord socketRecord)