Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1cddc209 authored by Elliott Hughes's avatar Elliott Hughes
Browse files

Ignore ro.adb.secure in user builds. 

Require authorization by default, and remove the ability to override
that in user builds. (userdebug and eng are still free to do whatever
they want.)

Bug: http://b/21862859
Change-Id: Ibf8af375be5bf1141c1ad481eee7a59fb10a7adb
(cherry picked from commit 5cba5042)
parent 6ee7ff42

adb/Android.mk

+2 −3
Original line number Diff line number Diff line
@@ -232,12 +232,11 @@ LOCAL_CFLAGS := \ 
    -D_GNU_SOURCE \

    -Wno-deprecated-declarations \



ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))

LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=1

endif

LOCAL_CFLAGS += -DALLOW_ADBD_NO_AUTH=$(if $(filter userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)



ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))

LOCAL_CFLAGS += -DALLOW_ADBD_DISABLE_VERITY=1

LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=1

endif



LOCAL_MODULE := adbd

adb/adb.cpp

+2 −2
Original line number Diff line number Diff line
@@ -421,7 +421,7 @@ void handle_packet(apacket *p, atransport *t) 


        parse_banner(reinterpret_cast<const char*>(p->data), t);



        if (HOST || !auth_enabled) {

        if (HOST || !auth_required) {

            handle_online(t);

            if (!HOST) send_connect(t);

        } else {

adb/adb_auth.cpp

+1 −1
Original line number Diff line number Diff line
@@ -28,7 +28,7 @@ 
#include "adb.h"

#include "transport.h"



int auth_enabled = 0;

bool auth_required = true;



void send_auth_request(atransport *t)

{

adb/adb_auth.h

+1 −1
Original line number Diff line number Diff line
@@ -19,7 +19,7 @@ 


#include "adb.h"



extern int auth_enabled;

extern bool auth_required;



int adb_auth_keygen(const char* filename);

void adb_auth_verified(atransport *t);

adb/adb_main.cpp

+5 −4
Original line number Diff line number Diff line
@@ -239,9 +239,10 @@ int adb_main(int is_daemon, int server_port) 
    // descriptor will always be open.

    adbd_cloexec_auth_socket();



    property_get("ro.adb.secure", value, "0");

    auth_enabled = !strcmp(value, "1");

    if (auth_enabled)

    if (ALLOW_ADBD_NO_AUTH && property_get_bool("ro.adb.secure", 0) == 0) {

        auth_required = false;

    }



    adbd_auth_init();



    // Our external storage path may be different than apps, since