Loading core/java/android/net/LinkProperties.java +20 −0 Original line number Diff line number Diff line Loading @@ -112,6 +112,16 @@ public class LinkProperties implements Parcelable { return Collections.unmodifiableCollection(mLinkAddresses); } /** * Replaces the LinkAddresses on this link with the given collection of addresses */ public void setLinkAddresses(Collection<LinkAddress> addresses) { mLinkAddresses.clear(); for (LinkAddress address: addresses) { addLinkAddress(address); } } public void addDns(InetAddress dns) { if (dns != null) mDnses.add(dns); } Loading @@ -127,6 +137,16 @@ public class LinkProperties implements Parcelable { return Collections.unmodifiableCollection(mRoutes); } /** * Replaces the RouteInfos on this link with the given collection of RouteInfos. */ public void setRoutes(Collection<RouteInfo> routes) { mRoutes.clear(); for (RouteInfo route : routes) { addRoute(route); } } public void setHttpProxy(ProxyProperties proxy) { mHttpProxy = proxy; } Loading services/java/com/android/server/WifiService.java +12 −0 Original line number Diff line number Diff line Loading @@ -43,6 +43,7 @@ import android.net.wifi.WpsInfo; import android.net.wifi.WpsResult; import android.net.ConnectivityManager; import android.net.DhcpInfo; import android.net.LinkProperties; import android.net.NetworkInfo; import android.net.NetworkInfo.State; import android.net.NetworkInfo.DetailedState; Loading Loading @@ -762,6 +763,17 @@ public class WifiService extends IWifiManager.Stub { */ public int addOrUpdateNetwork(WifiConfiguration config) { enforceChangePermission(); // Until we have better UI so the user knows what's up we can't support undisplayable // things (it's a security hole). Even when we can support it we probably need // to lock down who can modify what. TODO - remove this when addOrUpdateNetwork // restricts callers AND when the UI in settings lets users view the data AND // when the VPN code is immune to specific routes. if (config != null) { LinkProperties lp = config.linkProperties; if (lp == null || lp.equals(WifiConfiguration.stripUndisplayableConfig(lp)) == false) { return -1; } } if (mWifiStateMachineChannel != null) { return mWifiStateMachine.syncAddOrUpdateNetwork(mWifiStateMachineChannel, config); } else { Loading wifi/java/android/net/wifi/WifiConfiguration.java +43 −0 Original line number Diff line number Diff line Loading @@ -16,11 +16,16 @@ package android.net.wifi; import android.net.LinkAddress; import android.net.LinkProperties; import android.net.RouteInfo; import android.os.Parcelable; import android.os.Parcel; import java.util.ArrayList; import java.util.BitSet; import java.util.Collection; import java.util.Iterator; /** * A class representing a configured Wi-Fi network, including the Loading Loading @@ -615,6 +620,44 @@ public class WifiConfiguration implements Parcelable { } } /** * We don't want to use routes other than the first default and * correct direct-connect route, or addresses beyond the first as * the user can't see them in the UI and malicious apps * can do malicious things with them. In particular specific routes * circumvent VPNs of this era. * * @hide */ public static LinkProperties stripUndisplayableConfig(LinkProperties lp) { if (lp == null) return lp; LinkProperties newLp = new LinkProperties(lp); Iterator<LinkAddress> i = lp.getLinkAddresses().iterator(); RouteInfo directConnectRoute = null; if (i.hasNext()) { LinkAddress addr = i.next(); Collection<LinkAddress> newAddresses = new ArrayList<LinkAddress>(1); newAddresses.add(addr); newLp.setLinkAddresses(newAddresses); directConnectRoute = new RouteInfo(addr,null); } boolean defaultAdded = false; Collection<RouteInfo> routes = lp.getRoutes(); Collection<RouteInfo> newRoutes = new ArrayList<RouteInfo>(2); for (RouteInfo route : routes) { if (defaultAdded == false && route.isDefaultRoute()) { newRoutes.add(route); defaultAdded = true; } if (route.equals(directConnectRoute)) { newRoutes.add(route); } } newLp.setRoutes(newRoutes); return newLp; } /** Implement the Parcelable interface {@hide} */ public void writeToParcel(Parcel dest, int flags) { dest.writeInt(networkId); Loading wifi/java/android/net/wifi/WifiStateMachine.java +3 −0 Original line number Diff line number Diff line Loading @@ -1606,9 +1606,11 @@ public class WifiStateMachine extends StateMachine { private void configureLinkProperties() { if (mWifiConfigStore.isUsingStaticIp(mLastNetworkId)) { mLinkProperties = mWifiConfigStore.getLinkProperties(mLastNetworkId); mLinkProperties = WifiConfiguration.stripUndisplayableConfig(mLinkProperties); } else { synchronized (mDhcpInfoInternal) { mLinkProperties = mDhcpInfoInternal.makeLinkProperties(); mLinkProperties = WifiConfiguration.stripUndisplayableConfig(mLinkProperties); } mLinkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId)); } Loading Loading @@ -1816,6 +1818,7 @@ public class WifiStateMachine extends StateMachine { //DHCP renewal in connected state LinkProperties linkProperties = dhcpInfoInternal.makeLinkProperties(); linkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId)); linkProperties = WifiConfiguration.stripUndisplayableConfig(linkProperties); linkProperties.setInterfaceName(mInterfaceName); if (!linkProperties.equals(mLinkProperties)) { if (DBG) { Loading Loading
core/java/android/net/LinkProperties.java +20 −0 Original line number Diff line number Diff line Loading @@ -112,6 +112,16 @@ public class LinkProperties implements Parcelable { return Collections.unmodifiableCollection(mLinkAddresses); } /** * Replaces the LinkAddresses on this link with the given collection of addresses */ public void setLinkAddresses(Collection<LinkAddress> addresses) { mLinkAddresses.clear(); for (LinkAddress address: addresses) { addLinkAddress(address); } } public void addDns(InetAddress dns) { if (dns != null) mDnses.add(dns); } Loading @@ -127,6 +137,16 @@ public class LinkProperties implements Parcelable { return Collections.unmodifiableCollection(mRoutes); } /** * Replaces the RouteInfos on this link with the given collection of RouteInfos. */ public void setRoutes(Collection<RouteInfo> routes) { mRoutes.clear(); for (RouteInfo route : routes) { addRoute(route); } } public void setHttpProxy(ProxyProperties proxy) { mHttpProxy = proxy; } Loading
services/java/com/android/server/WifiService.java +12 −0 Original line number Diff line number Diff line Loading @@ -43,6 +43,7 @@ import android.net.wifi.WpsInfo; import android.net.wifi.WpsResult; import android.net.ConnectivityManager; import android.net.DhcpInfo; import android.net.LinkProperties; import android.net.NetworkInfo; import android.net.NetworkInfo.State; import android.net.NetworkInfo.DetailedState; Loading Loading @@ -762,6 +763,17 @@ public class WifiService extends IWifiManager.Stub { */ public int addOrUpdateNetwork(WifiConfiguration config) { enforceChangePermission(); // Until we have better UI so the user knows what's up we can't support undisplayable // things (it's a security hole). Even when we can support it we probably need // to lock down who can modify what. TODO - remove this when addOrUpdateNetwork // restricts callers AND when the UI in settings lets users view the data AND // when the VPN code is immune to specific routes. if (config != null) { LinkProperties lp = config.linkProperties; if (lp == null || lp.equals(WifiConfiguration.stripUndisplayableConfig(lp)) == false) { return -1; } } if (mWifiStateMachineChannel != null) { return mWifiStateMachine.syncAddOrUpdateNetwork(mWifiStateMachineChannel, config); } else { Loading
wifi/java/android/net/wifi/WifiConfiguration.java +43 −0 Original line number Diff line number Diff line Loading @@ -16,11 +16,16 @@ package android.net.wifi; import android.net.LinkAddress; import android.net.LinkProperties; import android.net.RouteInfo; import android.os.Parcelable; import android.os.Parcel; import java.util.ArrayList; import java.util.BitSet; import java.util.Collection; import java.util.Iterator; /** * A class representing a configured Wi-Fi network, including the Loading Loading @@ -615,6 +620,44 @@ public class WifiConfiguration implements Parcelable { } } /** * We don't want to use routes other than the first default and * correct direct-connect route, or addresses beyond the first as * the user can't see them in the UI and malicious apps * can do malicious things with them. In particular specific routes * circumvent VPNs of this era. * * @hide */ public static LinkProperties stripUndisplayableConfig(LinkProperties lp) { if (lp == null) return lp; LinkProperties newLp = new LinkProperties(lp); Iterator<LinkAddress> i = lp.getLinkAddresses().iterator(); RouteInfo directConnectRoute = null; if (i.hasNext()) { LinkAddress addr = i.next(); Collection<LinkAddress> newAddresses = new ArrayList<LinkAddress>(1); newAddresses.add(addr); newLp.setLinkAddresses(newAddresses); directConnectRoute = new RouteInfo(addr,null); } boolean defaultAdded = false; Collection<RouteInfo> routes = lp.getRoutes(); Collection<RouteInfo> newRoutes = new ArrayList<RouteInfo>(2); for (RouteInfo route : routes) { if (defaultAdded == false && route.isDefaultRoute()) { newRoutes.add(route); defaultAdded = true; } if (route.equals(directConnectRoute)) { newRoutes.add(route); } } newLp.setRoutes(newRoutes); return newLp; } /** Implement the Parcelable interface {@hide} */ public void writeToParcel(Parcel dest, int flags) { dest.writeInt(networkId); Loading
wifi/java/android/net/wifi/WifiStateMachine.java +3 −0 Original line number Diff line number Diff line Loading @@ -1606,9 +1606,11 @@ public class WifiStateMachine extends StateMachine { private void configureLinkProperties() { if (mWifiConfigStore.isUsingStaticIp(mLastNetworkId)) { mLinkProperties = mWifiConfigStore.getLinkProperties(mLastNetworkId); mLinkProperties = WifiConfiguration.stripUndisplayableConfig(mLinkProperties); } else { synchronized (mDhcpInfoInternal) { mLinkProperties = mDhcpInfoInternal.makeLinkProperties(); mLinkProperties = WifiConfiguration.stripUndisplayableConfig(mLinkProperties); } mLinkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId)); } Loading Loading @@ -1816,6 +1818,7 @@ public class WifiStateMachine extends StateMachine { //DHCP renewal in connected state LinkProperties linkProperties = dhcpInfoInternal.makeLinkProperties(); linkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId)); linkProperties = WifiConfiguration.stripUndisplayableConfig(linkProperties); linkProperties.setInterfaceName(mInterfaceName); if (!linkProperties.equals(mLinkProperties)) { if (DBG) { Loading
