Loading core/java/android/net/IpSecTransform.java +1 −1 Original line number Diff line number Diff line Loading @@ -462,7 +462,7 @@ public final class IpSecTransform implements AutoCloseable { mConfig.setMode(MODE_TUNNEL); mConfig.setSourceAddress(sourceAddress.getHostAddress()); mConfig.setSpiResourceId(spi.getResourceId()); return new IpSecTransform(mContext, mConfig); return new IpSecTransform(mContext, mConfig).activate(); } /** Loading services/core/java/com/android/server/IpSecService.java +34 −23 Original line number Diff line number Diff line Loading @@ -87,6 +87,7 @@ public class IpSecService extends IIpSecService.Stub { private static final String NETD_SERVICE_NAME = "netd"; private static final int[] DIRECTIONS = new int[] {IpSecManager.DIRECTION_OUT, IpSecManager.DIRECTION_IN}; private static final String[] WILDCARD_ADDRESSES = new String[]{"0.0.0.0", "::"}; private static final int NETD_FETCH_TIMEOUT_MS = 5000; // ms private static final int MAX_PORT_BIND_ATTEMPTS = 10; Loading Loading @@ -413,12 +414,16 @@ public class IpSecService extends IIpSecService.Stub { .append(mTransformQuotaTracker) .append(", mSocketQuotaTracker=") .append(mSocketQuotaTracker) .append(", mTunnelQuotaTracker=") .append(mTunnelQuotaTracker) .append(", mSpiRecords=") .append(mSpiRecords) .append(", mTransformRecords=") .append(mTransformRecords) .append(", mEncapSocketRecords=") .append(mEncapSocketRecords) .append(", mTunnelInterfaceRecords=") .append(mTunnelInterfaceRecords) .append("}") .toString(); } Loading Loading @@ -815,12 +820,14 @@ public class IpSecService extends IIpSecService.Stub { try { mSrvConfig.getNetdInstance().removeVirtualTunnelInterface(mInterfaceName); for(String wildcardAddr : WILDCARD_ADDRESSES) { for (int direction : DIRECTIONS) { int mark = (direction == IpSecManager.DIRECTION_IN) ? mIkey : mOkey; mSrvConfig .getNetdInstance() .ipSecDeleteSecurityPolicy( 0, direction, mLocalAddress, mRemoteAddress, mark, 0xffffffff); 0, direction, wildcardAddr, wildcardAddr, mark, 0xffffffff); } } } catch (ServiceSpecificException e) { // FIXME: get the error code and throw is at an IOException from Errno Exception Loading Loading @@ -1261,6 +1268,7 @@ public class IpSecService extends IIpSecService.Stub { .getNetdInstance() .addVirtualTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey); for(String wildcardAddr : WILDCARD_ADDRESSES) { for (int direction : DIRECTIONS) { int mark = (direction == IpSecManager.DIRECTION_OUT) ? okey : ikey; Loading @@ -1269,12 +1277,13 @@ public class IpSecService extends IIpSecService.Stub { .ipSecAddSecurityPolicy( 0, // Use 0 for reqId direction, "", "", wildcardAddr, wildcardAddr, 0, mark, 0xffffffff); } } userRecord.mTunnelInterfaceRecords.put( resourceId, Loading Loading @@ -1646,17 +1655,19 @@ public class IpSecService extends IIpSecService.Stub { c.setNetwork(tunnelInterfaceInfo.getUnderlyingNetwork()); // If outbound, also add SPI to the policy. for(String wildcardAddr : WILDCARD_ADDRESSES) { mSrvConfig .getNetdInstance() .ipSecUpdateSecurityPolicy( 0, // Use 0 for reqId direction, "", "", wildcardAddr, wildcardAddr, transformInfo.getSpiRecord().getSpi(), mark, 0xffffffff); } } // Update SA with tunnel mark (ikey or okey based on direction) createOrUpdateTransform(c, transformResourceId, spiRecord, socketRecord); Loading Loading
core/java/android/net/IpSecTransform.java +1 −1 Original line number Diff line number Diff line Loading @@ -462,7 +462,7 @@ public final class IpSecTransform implements AutoCloseable { mConfig.setMode(MODE_TUNNEL); mConfig.setSourceAddress(sourceAddress.getHostAddress()); mConfig.setSpiResourceId(spi.getResourceId()); return new IpSecTransform(mContext, mConfig); return new IpSecTransform(mContext, mConfig).activate(); } /** Loading
services/core/java/com/android/server/IpSecService.java +34 −23 Original line number Diff line number Diff line Loading @@ -87,6 +87,7 @@ public class IpSecService extends IIpSecService.Stub { private static final String NETD_SERVICE_NAME = "netd"; private static final int[] DIRECTIONS = new int[] {IpSecManager.DIRECTION_OUT, IpSecManager.DIRECTION_IN}; private static final String[] WILDCARD_ADDRESSES = new String[]{"0.0.0.0", "::"}; private static final int NETD_FETCH_TIMEOUT_MS = 5000; // ms private static final int MAX_PORT_BIND_ATTEMPTS = 10; Loading Loading @@ -413,12 +414,16 @@ public class IpSecService extends IIpSecService.Stub { .append(mTransformQuotaTracker) .append(", mSocketQuotaTracker=") .append(mSocketQuotaTracker) .append(", mTunnelQuotaTracker=") .append(mTunnelQuotaTracker) .append(", mSpiRecords=") .append(mSpiRecords) .append(", mTransformRecords=") .append(mTransformRecords) .append(", mEncapSocketRecords=") .append(mEncapSocketRecords) .append(", mTunnelInterfaceRecords=") .append(mTunnelInterfaceRecords) .append("}") .toString(); } Loading Loading @@ -815,12 +820,14 @@ public class IpSecService extends IIpSecService.Stub { try { mSrvConfig.getNetdInstance().removeVirtualTunnelInterface(mInterfaceName); for(String wildcardAddr : WILDCARD_ADDRESSES) { for (int direction : DIRECTIONS) { int mark = (direction == IpSecManager.DIRECTION_IN) ? mIkey : mOkey; mSrvConfig .getNetdInstance() .ipSecDeleteSecurityPolicy( 0, direction, mLocalAddress, mRemoteAddress, mark, 0xffffffff); 0, direction, wildcardAddr, wildcardAddr, mark, 0xffffffff); } } } catch (ServiceSpecificException e) { // FIXME: get the error code and throw is at an IOException from Errno Exception Loading Loading @@ -1261,6 +1268,7 @@ public class IpSecService extends IIpSecService.Stub { .getNetdInstance() .addVirtualTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey); for(String wildcardAddr : WILDCARD_ADDRESSES) { for (int direction : DIRECTIONS) { int mark = (direction == IpSecManager.DIRECTION_OUT) ? okey : ikey; Loading @@ -1269,12 +1277,13 @@ public class IpSecService extends IIpSecService.Stub { .ipSecAddSecurityPolicy( 0, // Use 0 for reqId direction, "", "", wildcardAddr, wildcardAddr, 0, mark, 0xffffffff); } } userRecord.mTunnelInterfaceRecords.put( resourceId, Loading Loading @@ -1646,17 +1655,19 @@ public class IpSecService extends IIpSecService.Stub { c.setNetwork(tunnelInterfaceInfo.getUnderlyingNetwork()); // If outbound, also add SPI to the policy. for(String wildcardAddr : WILDCARD_ADDRESSES) { mSrvConfig .getNetdInstance() .ipSecUpdateSecurityPolicy( 0, // Use 0 for reqId direction, "", "", wildcardAddr, wildcardAddr, transformInfo.getSpiRecord().getSpi(), mark, 0xffffffff); } } // Update SA with tunnel mark (ikey or okey based on direction) createOrUpdateTransform(c, transformResourceId, spiRecord, socketRecord); Loading
