Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 13185f60 authored by Sandro Montanari's avatar Sandro Montanari
Browse files

Revert "Delay CompatChanges evaluation for CT enabled default value" 

Revert submission 33242067-cts_sdk_36

Reason for revert: b/415229614

Reverted changes: /q/submissionid:33242067-cts_sdk_36

Change-Id: Iecf09086f4608d12cc783aa66385b129a283e88a
parent 54f14da0

core/java/android/security/net/config/ApplicationConfig.java

+1 −1
Original line number Diff line number Diff line
@@ -165,7 +165,7 @@ public final class ApplicationConfig { 
    public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) {

        return certificateTransparencyConfiguration()

                ? getConfigForHostname(hostname).isCertificateTransparencyVerificationRequired()

                : NetworkSecurityConfig.certificateTransparencyVerificationRequiredDefault();

                : NetworkSecurityConfig.DEFAULT_CERTIFICATE_TRANSPARENCY_VERIFICATION_REQUIRED;

    }



    public void handleTrustStorageUpdate() {

core/java/android/security/net/config/NetworkSecurityConfig.java

+8 −14
Original line number Diff line number Diff line
@@ -56,6 +56,12 @@ public final class NetworkSecurityConfig { 
    @EnabledAfter(targetSdkVersion = Build.VERSION_CODES.BAKLAVA)

    static final long DEFAULT_ENABLE_CERTIFICATE_TRANSPARENCY = 407952621L;



    /** @hide */

    public static final boolean DEFAULT_CERTIFICATE_TRANSPARENCY_VERIFICATION_REQUIRED =

            certificateTransparencyDefaultEnabled()

                    && majorMinorVersioningScheme()

                    && CompatChanges.isChangeEnabled(DEFAULT_ENABLE_CERTIFICATE_TRANSPARENCY);



    private final boolean mCleartextTrafficPermitted;

    private final boolean mHstsEnforced;

    private final boolean mCertificateTransparencyVerificationRequired;
@@ -185,18 +191,6 @@ public final class NetworkSecurityConfig { 
        getTrustManager().handleTrustStorageUpdate();

    }



    /**

     * Returns the default value for SCT verification. The value depends on the platform version and

     * on the app target sdk level.

     *

     * @hide

     */

    public static boolean certificateTransparencyVerificationRequiredDefault() {

        return certificateTransparencyDefaultEnabled()

                && majorMinorVersioningScheme()

                && CompatChanges.isChangeEnabled(DEFAULT_ENABLE_CERTIFICATE_TRANSPARENCY);

    }



    /**

     * Return a {@link Builder} for the default {@code NetworkSecurityConfig}.

     *
@@ -249,7 +243,7 @@ public final class NetworkSecurityConfig { 
        private boolean mCleartextTrafficPermittedSet = false;

        private boolean mHstsEnforcedSet = false;

        private boolean mCertificateTransparencyVerificationRequired =

                certificateTransparencyVerificationRequiredDefault();

                DEFAULT_CERTIFICATE_TRANSPARENCY_VERIFICATION_REQUIRED;

        private boolean mCertificateTransparencyVerificationRequiredSet = false;

        private Builder mParentBuilder;
@@ -379,7 +373,7 @@ public final class NetworkSecurityConfig { 
            if (mParentBuilder != null) {

                return mParentBuilder.getCertificateTransparencyVerificationRequired();

            }

            return certificateTransparencyVerificationRequiredDefault();

            return DEFAULT_CERTIFICATE_TRANSPARENCY_VERIFICATION_REQUIRED;

        }



        public NetworkSecurityConfig build() {