drgreen/android_frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

am 868d4c34: am 95023066: DO NOT MERGE Sanitize WifiConfigs

Browse Source 
* commit '868d4c341034de6e2ebb6c1a247488b00d17c78d':
  DO NOT MERGE Sanitize WifiConfigs
This commit is contained in:
Robert Greenwalt
2014-02-25 10:12:35 -08:00
committed by Android Git Automerger
parent 26c6c15f54 868d4c3410
commit 1f9ebc5fa7
4 changed files with 79 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
core/java/android/net/LinkProperties.java
View File

@ -144,6 +144,16 @@ public class LinkProperties implements Parcelable {
return Collections.unmodifiableCollection(mLinkAddresses); return Collections.unmodifiableCollection(mLinkAddresses);
} }
/**
* Replaces the LinkAddresses on this link with the given collection of addresses
*/
public void setLinkAddresses(Collection<LinkAddress> addresses) {
mLinkAddresses.clear();
for (LinkAddress address: addresses) {
addLinkAddress(address);
}
}
public void addDns(InetAddress dns) { public void addDns(InetAddress dns) {
if (dns != null) mDnses.add(dns); if (dns != null) mDnses.add(dns);
} }
@ -198,6 +208,16 @@ public class LinkProperties implements Parcelable {
return routes; return routes;
} }
/**
* Replaces the RouteInfos on this link with the given collection of RouteInfos.
*/
public void setRoutes(Collection<RouteInfo> routes) {
mRoutes.clear();
for (RouteInfo route : routes) {
addRoute(route);
}
}
public void setHttpProxy(ProxyProperties proxy) { public void setHttpProxy(ProxyProperties proxy) {
mHttpProxy = proxy; mHttpProxy = proxy;
} }

12
services/java/com/android/server/wifi/WifiService.java
View File

@ -35,6 +35,7 @@ import android.net.wifi.WifiWatchdogStateMachine;
import android.net.DhcpInfo; import android.net.DhcpInfo;
import android.net.DhcpResults; import android.net.DhcpResults;
import android.net.LinkAddress; import android.net.LinkAddress;
import android.net.LinkProperties;
import android.net.NetworkUtils; import android.net.NetworkUtils;
import android.net.RouteInfo; import android.net.RouteInfo;
import android.os.Binder; import android.os.Binder;
@ -470,6 +471,17 @@ public final class WifiService extends IWifiManager.Stub {
*/ */
public int addOrUpdateNetwork(WifiConfiguration config) { public int addOrUpdateNetwork(WifiConfiguration config) {
enforceChangePermission(); enforceChangePermission();
// Until we have better UI so the user knows what's up we can't support undisplayable
// things (it's a security hole). Even when we can support it we probably need
// to lock down who can modify what. TODO - remove this when addOrUpdateNetwork
// restricts callers AND when the UI in settings lets users view the data AND
// when the VPN code is immune to specific routes.
if (config != null) {
LinkProperties lp = config.linkProperties;
if (lp == null || lp.equals(WifiConfiguration.stripUndisplayableConfig(lp)) == false) {
return -1;
}
}
if (mWifiStateMachineChannel != null) { if (mWifiStateMachineChannel != null) {
return mWifiStateMachine.syncAddOrUpdateNetwork(mWifiStateMachineChannel, config); return mWifiStateMachine.syncAddOrUpdateNetwork(mWifiStateMachineChannel, config);
} else { } else {

43
wifi/java/android/net/wifi/WifiConfiguration.java
View File

@ -16,12 +16,17 @@
package android.net.wifi; package android.net.wifi;
import android.net.LinkAddress;
import android.net.LinkProperties; import android.net.LinkProperties;
import android.net.RouteInfo;
import android.os.Parcelable; import android.os.Parcelable;
import android.os.Parcel; import android.os.Parcel;
import android.text.TextUtils; import android.text.TextUtils;
import java.util.ArrayList;
import java.util.BitSet; import java.util.BitSet;
import java.util.Collection;
import java.util.Iterator;
/** /**
* A class representing a configured Wi-Fi network, including the * A class representing a configured Wi-Fi network, including the
@ -581,6 +586,44 @@ public class WifiConfiguration implements Parcelable {
} }
} }
/**
* We don't want to use routes other than the first default and
* correct direct-connect route, or addresses beyond the first as
* the user can't see them in the UI and malicious apps
* can do malicious things with them. In particular specific routes
* circumvent VPNs of this era.
*
* @hide
*/
public static LinkProperties stripUndisplayableConfig(LinkProperties lp) {
if (lp == null) return lp;
LinkProperties newLp = new LinkProperties(lp);
Iterator<LinkAddress> i = lp.getLinkAddresses().iterator();
RouteInfo directConnectRoute = null;
if (i.hasNext()) {
LinkAddress addr = i.next();
Collection<LinkAddress> newAddresses = new ArrayList<LinkAddress>(1);
newAddresses.add(addr);
newLp.setLinkAddresses(newAddresses);
directConnectRoute = new RouteInfo(addr,null);
}
boolean defaultAdded = false;
Collection<RouteInfo> routes = lp.getRoutes();
Collection<RouteInfo> newRoutes = new ArrayList<RouteInfo>(2);
for (RouteInfo route : routes) {
if (defaultAdded == false && route.isDefaultRoute()) {
newRoutes.add(route);
defaultAdded = true;
}
if (route.equals(directConnectRoute)) {
newRoutes.add(route);
}
}
newLp.setRoutes(newRoutes);
return newLp;
}
/** Implement the Parcelable interface {@hide} */ /** Implement the Parcelable interface {@hide} */
public void writeToParcel(Parcel dest, int flags) { public void writeToParcel(Parcel dest, int flags) {
dest.writeInt(networkId); dest.writeInt(networkId);

5
wifi/java/android/net/wifi/WifiStateMachine.java
View File

@ -1587,10 +1587,12 @@ public class WifiStateMachine extends StateMachine {
private void configureLinkProperties() { private void configureLinkProperties() {
if (mWifiConfigStore.isUsingStaticIp(mLastNetworkId)) { if (mWifiConfigStore.isUsingStaticIp(mLastNetworkId)) {
mLinkProperties = mWifiConfigStore.getLinkProperties(mLastNetworkId); mLinkProperties = mWifiConfigStore.getLinkProperties(mLastNetworkId);
mLinkProperties = WifiConfiguration.stripUndisplayableConfig(mLinkProperties);
} else { } else {
synchronized (mDhcpResultsLock) { synchronized (mDhcpResultsLock) {
if ((mDhcpResults != null) && (mDhcpResults.linkProperties != null)) { if ((mDhcpResults != null) && (mDhcpResults.linkProperties != null)) {
mLinkProperties = mDhcpResults.linkProperties; mLinkProperties = WifiConfiguration.stripUndisplayableConfig(
mDhcpResults.linkProperties);
} }
} }
mLinkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId)); mLinkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId));
@ -1831,6 +1833,7 @@ public class WifiStateMachine extends StateMachine {
if (getNetworkDetailedState() == DetailedState.CONNECTED) { if (getNetworkDetailedState() == DetailedState.CONNECTED) {
//DHCP renewal in connected state //DHCP renewal in connected state
linkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId)); linkProperties.setHttpProxy(mWifiConfigStore.getProxyProperties(mLastNetworkId));
linkProperties = WifiConfiguration.stripUndisplayableConfig(linkProperties);
if (!linkProperties.equals(mLinkProperties)) { if (!linkProperties.equals(mLinkProperties)) {
if (DBG) { if (DBG) {
log("Link configuration changed for netId: " + mLastNetworkId log("Link configuration changed for netId: " + mLastNetworkId