Loading core/java/android/net/IpSecManager.java +1 −1 Original line number Diff line number Diff line Loading @@ -51,7 +51,7 @@ import java.net.Socket; * * <p>Note that not all aspects of IPsec are permitted by this API. Applications may create * transport mode security associations and apply them to individual sockets. Applications looking * to create a VPN should use {@link VpnService}. * to create an IPsec VPN should use {@link VpnManager} and {@link Ikev2VpnProfile}. * * @see <a href="https://tools.ietf.org/html/rfc4301">RFC 4301, Security Architecture for the * Internet Protocol</a> Loading services/core/java/com/android/server/IpSecService.java +9 −9 Original line number Diff line number Diff line Loading @@ -1557,16 +1557,16 @@ public class IpSecService extends IIpSecService.Stub { } checkNotNull(callingPackage, "Null calling package cannot create IpSec tunnels"); switch (getAppOpsManager().noteOp(TUNNEL_OP, Binder.getCallingUid(), callingPackage)) { case AppOpsManager.MODE_DEFAULT: mContext.enforceCallingOrSelfPermission( android.Manifest.permission.MANAGE_IPSEC_TUNNELS, "IpSecService"); break; case AppOpsManager.MODE_ALLOWED: // OP_MANAGE_IPSEC_TUNNELS will return MODE_ERRORED by default, including for the system // server. If the appop is not granted, require that the caller has the MANAGE_IPSEC_TUNNELS // permission or is the System Server. if (AppOpsManager.MODE_ALLOWED == getAppOpsManager().noteOpNoThrow( TUNNEL_OP, Binder.getCallingUid(), callingPackage)) { return; default: throw new SecurityException("Request to ignore AppOps for non-legacy API"); } mContext.enforceCallingOrSelfPermission( android.Manifest.permission.MANAGE_IPSEC_TUNNELS, "IpSecService"); } private void createOrUpdateTransform( Loading Loading
core/java/android/net/IpSecManager.java +1 −1 Original line number Diff line number Diff line Loading @@ -51,7 +51,7 @@ import java.net.Socket; * * <p>Note that not all aspects of IPsec are permitted by this API. Applications may create * transport mode security associations and apply them to individual sockets. Applications looking * to create a VPN should use {@link VpnService}. * to create an IPsec VPN should use {@link VpnManager} and {@link Ikev2VpnProfile}. * * @see <a href="https://tools.ietf.org/html/rfc4301">RFC 4301, Security Architecture for the * Internet Protocol</a> Loading
services/core/java/com/android/server/IpSecService.java +9 −9 Original line number Diff line number Diff line Loading @@ -1557,16 +1557,16 @@ public class IpSecService extends IIpSecService.Stub { } checkNotNull(callingPackage, "Null calling package cannot create IpSec tunnels"); switch (getAppOpsManager().noteOp(TUNNEL_OP, Binder.getCallingUid(), callingPackage)) { case AppOpsManager.MODE_DEFAULT: mContext.enforceCallingOrSelfPermission( android.Manifest.permission.MANAGE_IPSEC_TUNNELS, "IpSecService"); break; case AppOpsManager.MODE_ALLOWED: // OP_MANAGE_IPSEC_TUNNELS will return MODE_ERRORED by default, including for the system // server. If the appop is not granted, require that the caller has the MANAGE_IPSEC_TUNNELS // permission or is the System Server. if (AppOpsManager.MODE_ALLOWED == getAppOpsManager().noteOpNoThrow( TUNNEL_OP, Binder.getCallingUid(), callingPackage)) { return; default: throw new SecurityException("Request to ignore AppOps for non-legacy API"); } mContext.enforceCallingOrSelfPermission( android.Manifest.permission.MANAGE_IPSEC_TUNNELS, "IpSecService"); } private void createOrUpdateTransform( Loading
