Loading packages/StatementService/AndroidManifest.xml +1 −0 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ <uses-permission android:name="android.permission.INTENT_FILTER_VERIFICATION_AGENT"/> <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS" /> <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.OBSERVE_NETWORK_POLICY"/> <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" /> <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/> <uses-permission android:name="android.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION"/> Loading packages/StatementService/src/com/android/statementservice/domain/DomainVerifier.kt +16 −0 Original line number Diff line number Diff line Loading @@ -17,8 +17,12 @@ package com.android.statementservice.domain import android.content.Context import android.content.pm.PackageManager import android.content.pm.verify.domain.DomainVerificationManager import android.net.ConnectivityManager import android.net.Network import android.net.NetworkCapabilities import android.net.NetworkPolicyManager import android.util.Log import androidx.collection.LruCache import com.android.statementservice.network.retriever.StatementRetriever Loading Loading @@ -91,6 +95,18 @@ class DomainVerifier private constructor( val assetMatcher = synchronized(targetAssetCache) { targetAssetCache[packageName] } .takeIf { it!!.isPresent } ?: return WorkResult.failure() to VerifyStatus.FAILURE_PACKAGE_MANAGER // Only verify hosts if UID's networking is not blocked val networkPolicyManager = appContext.getSystemService(NetworkPolicyManager::class.java) if (networkPolicyManager != null) { val isNetworkMetered = appContext.getSystemService(ConnectivityManager::class.java) ?.getNetworkCapabilities(network)?.hasCapability( NetworkCapabilities.NET_CAPABILITY_NOT_METERED) == false val packageUid = appContext.packageManager.getPackageUid(packageName, PackageManager.PackageInfoFlags.of(0)) if (networkPolicyManager.isUidNetworkingBlocked(packageUid, isNetworkMetered)) { return WorkResult.failure() to VerifyStatus.NO_RESPONSE } } return verifyHost(host, assetMatcher.get(), network) } Loading Loading
packages/StatementService/AndroidManifest.xml +1 −0 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ <uses-permission android:name="android.permission.INTENT_FILTER_VERIFICATION_AGENT"/> <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS" /> <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.OBSERVE_NETWORK_POLICY"/> <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" /> <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/> <uses-permission android:name="android.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION"/> Loading
packages/StatementService/src/com/android/statementservice/domain/DomainVerifier.kt +16 −0 Original line number Diff line number Diff line Loading @@ -17,8 +17,12 @@ package com.android.statementservice.domain import android.content.Context import android.content.pm.PackageManager import android.content.pm.verify.domain.DomainVerificationManager import android.net.ConnectivityManager import android.net.Network import android.net.NetworkCapabilities import android.net.NetworkPolicyManager import android.util.Log import androidx.collection.LruCache import com.android.statementservice.network.retriever.StatementRetriever Loading Loading @@ -91,6 +95,18 @@ class DomainVerifier private constructor( val assetMatcher = synchronized(targetAssetCache) { targetAssetCache[packageName] } .takeIf { it!!.isPresent } ?: return WorkResult.failure() to VerifyStatus.FAILURE_PACKAGE_MANAGER // Only verify hosts if UID's networking is not blocked val networkPolicyManager = appContext.getSystemService(NetworkPolicyManager::class.java) if (networkPolicyManager != null) { val isNetworkMetered = appContext.getSystemService(ConnectivityManager::class.java) ?.getNetworkCapabilities(network)?.hasCapability( NetworkCapabilities.NET_CAPABILITY_NOT_METERED) == false val packageUid = appContext.packageManager.getPackageUid(packageName, PackageManager.PackageInfoFlags.of(0)) if (networkPolicyManager.isUidNetworkingBlocked(packageUid, isNetworkMetered)) { return WorkResult.failure() to VerifyStatus.NO_RESPONSE } } return verifyHost(host, assetMatcher.get(), network) } Loading
