am 868d4c34: am 95023066: DO NOT MERGE Sanitize WifiConfigs

* commit '868d4c341034de6e2ebb6c1a247488b00d17c78d':
  DO NOT MERGE Sanitize WifiConfigs
This commit is contained in:
Robert Greenwalt
2014-02-25 10:12:35 -08:00
committed by Android Git Automerger
4 changed files with 79 additions and 1 deletions

View File

@ -144,6 +144,16 @@ public class LinkProperties implements Parcelable {
return Collections.unmodifiableCollection(mLinkAddresses);
}
/**
* Replaces the LinkAddresses on this link with the given collection of addresses
*/
public void setLinkAddresses(Collection<LinkAddress> addresses) {
mLinkAddresses.clear();
for (LinkAddress address: addresses) {
addLinkAddress(address);
}
}
public void addDns(InetAddress dns) {
if (dns != null) mDnses.add(dns);
}
@ -198,6 +208,16 @@ public class LinkProperties implements Parcelable {
return routes;
}
/**
* Replaces the RouteInfos on this link with the given collection of RouteInfos.
*/
public void setRoutes(Collection<RouteInfo> routes) {
mRoutes.clear();
for (RouteInfo route : routes) {
addRoute(route);
}
}
public void setHttpProxy(ProxyProperties proxy) {
mHttpProxy = proxy;
}

View File

@ -35,6 +35,7 @@ import android.net.wifi.WifiWatchdogStateMachine;
import android.net.DhcpInfo;
import android.net.DhcpResults;
import android.net.LinkAddress;
import android.net.LinkProperties;
import android.net.NetworkUtils;
import android.net.RouteInfo;
import android.os.Binder;
@ -470,6 +471,17 @@ public final class WifiService extends IWifiManager.Stub {
*/
public int addOrUpdateNetwork(WifiConfiguration config) {
enforceChangePermission();
// Until we have better UI so the user knows what's up we can't support undisplayable
// things (it's a security hole). Even when we can support it we probably need
// to lock down who can modify what. TODO - remove this when addOrUpdateNetwork
// restricts callers AND when the UI in settings lets users view the data AND
// when the VPN code is immune to specific routes.
if (config != null) {
LinkProperties lp = config.linkProperties;
if (lp == null || lp.equals(WifiConfiguration.stripUndisplayableConfig(lp)) == false) {
return -1;
}
}
if (mWifiStateMachineChannel != null) {
return mWifiStateMachine.syncAddOrUpdateNetwork(mWifiStateMachineChannel, config);
} else {

View File

@ -16,12 +16,17 @@
package android.net.wifi;
import android.net.LinkAddress;
import android.net.LinkProperties;
import android.net.RouteInfo;
import android.os.Parcelable;
import android.os.Parcel;
import android.text.TextUtils;
import java.util.ArrayList;
import java.util.BitSet;
import java.util.Collection;
import java.util.Iterator;
/**
* A class representing a configured Wi-Fi network, including the
@ -581,6 +586,44 @@ public class WifiConfiguration implements Parcelable {
}
}
/**
* We don't want to use routes other than the first default and
* correct direct-connect route, or addresses beyond the first as
* the user can't see them in the UI and malicious apps
* can do malicious things with them. In particular specific routes
* circumvent VPNs of this era.
*
* @hide
*/
public static LinkProperties stripUndisplayableConfig(LinkProperties lp) {
if (lp == null) return lp;
LinkProperties newLp = new LinkProperties(lp);
Iterator<LinkAddress> i = lp.getLinkAddresses().iterator();
RouteInfo directConnectRoute = null;
if (i.hasNext()) {
LinkAddress addr = i.next();
Collection<LinkAddress> newAddresses = new ArrayList<LinkAddress>(1);
newAddresses.add(addr);
newLp.setLinkAddresses(newAddresses);
directConnectRoute = new RouteInfo(addr,null);
}
boolean defaultAdded = false;
Collection<RouteInfo> routes = lp.getRoutes();
Collection<RouteInfo> newRoutes = new ArrayList<RouteInfo>(2);
for (RouteInfo route : routes) {
if (defaultAdded == false && route.isDefaultRoute()) {
newRoutes.add(route);
defaultAdded = true;
}
if (route.equals(directConnectRoute)) {
newRoutes.add(route);
}
}
newLp.setRoutes(newRoutes);
return newLp;
}
/** Implement the Parcelable interface {@hide} */
public void writeToParcel(Parcel dest, int flags) {
dest.writeInt(networkId);

View File

@ -1587,10 +1587,12 @@ public class WifiStateMachine extends StateMachine {
private void configureLinkProperties() {
if (mWifiConfigStore.isUsingStaticIp(mLastNetworkId)) {
mLinkProperties = mWifiConfigStore.getLinkProperties(mLastNetworkId);
mLinkProperties = WifiConfiguration.stripUndisplayableConfig(mLinkProperties);
} else {
synchronized (mDhcpResultsLock) {
if ((mDhcpResults != null) && (mDhcpResults.linkProperties != null)) {
mLinkProperties = mDhcpResults.linkProperties;
mLinkProperties = WifiConfiguration.stripUndisplayableConfig(
mDhcpResults.linkProperties);
}
}
mLinkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId));
@ -1831,6 +1833,7 @@ public class WifiStateMachine extends StateMachine {
if (getNetworkDetailedState() == DetailedState.CONNECTED) {
//DHCP renewal in connected state
linkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId));
linkProperties = WifiConfiguration.stripUndisplayableConfig(linkProperties);
if (!linkProperties.equals(mLinkProperties)) {
if (DBG) {
log("Link configuration changed for netId: " + mLastNetworkId