Various authenticator results such as getAuthToken and addAccount might
result in an Intent returned to the AccountManager caller. A malicious
authenticator could exploit the fact that the Settings are a system app,
lead the user to launch add account for their account type and thus get
Settings to use the intent to start some arbitrary third parties Activity.
The fix is to make sure that the UID of the app associated with Activity
to be launched by the supplied intent and the Authenticators UID share
the same signature. This means that an authenticator implementer can only
exploit apps they control.
Bug: 7699048
Change-Id: I34330454c341e6a8422ca1ed3b390466a0feedce
(cherry picked from commit 5bab9daf3cf66f4de19f8757e386030e8bef23ce)
Do this both on input from apps (giving error) and between wifi and
ConnectivityService (ignoring bad data). This means removing all
addresses beyond the first and all routes but the first default and
the implied direct-connect routes.
We do this because the user can't monitor the others (no UI), their
support wasn't intended, they allow redirection of all traffic
without user knowledge and they allow circumvention of legacy VPNs.
This should not move forward from JB as it breaks IPv6 and K has
a more resilient VPN.
Bug:12663469
Change-Id: I0d92db7efc30a1bb3e5b8c6e5595bdb9793a16f2
Conflicts:
core/java/android/net/LinkProperties.java
services/java/com/android/server/WifiService.java
wifi/java/android/net/wifi/WifiStateMachine.java
In particular, if a 3rd party app tries to define a permission that
turns out to be defined by system packages following an upgrade,
the system package gets ownership and grants are re-evaluated
on that basis.
Bug 11242510
(Cherry-pick backport to JB)
Change-Id: Iabf7b6280e6c6674a51af5624142bd19ea0750ed
I'd changed DetailedState to force ConnectivityService to treat
provisioning apn's specially. In particular so that they wouldn't
be identified they were fully connected until the provisioning
actually started. The problem is that DetailedState is a public enum
that has a CTS test and just changing the CTS to allow for the new
state (CONNECTED_TO_PROVISIONING_NETWORK) was inappropriate.
Instead I've added a new mIsConnectedToProvisioningNetwork variable
and used the DetailedState.SUSPENDED as the intermediate state.
Bug: 10620248
Change-Id: Id4a842398cad67455541ce629959351c27d83639
When a sim is new or it has expired it needs to be provisioned
with the carrier. Basically provisioning is associating a sim with
a user account. When a sim isn't provisioned then operators will
restrict access to the network and only allow certain addresses
or services to be used.
This set of changes allows two types of provisioning networks to be
recognized. The first is a network that causes all DNS lookups to be
redirected to a different address than was intended. This is exemplified
by how T-Mobile works.
The second technique uses a special apn for provisioning. An example is
AT&T where lwaactivate is the provisioning apn and broadband is the
normal apn. We first try broadband and if we are unable to connect we
try lwaactivate. When we see the activate we identify it as special and
the ApnContext.isProvisioningApn will return true.
In the future our plan is to create a new network type that can be added
to the apn list, but for now it identified by name.
Here is a list of significant changes:
- CaptivePortalTracker now only test WiFi networks instead of all networks
- checkMobileProvisioning checks for provisioning networks and doesn't
try to ping.
- IConnectivityManager.aidl changes:
* getProvisioningOrActiveNetworkInfo was added to and used by Manage
mobile plan in WirelessSettings so even when there is no active
network it will still allow provisioning. Otherwise it would report
no internet connection.
* setSignInErrorNotificationVisible is used by both
CaptiviePortalTracker and checkMobileProvisioning so they use the
same code for the notifications.
* checkMobileProvisioning was simplified to have only a timeout as
returning the result is now harder as we abort simultaneous call
otherwise we'd could get into loops because we now check every time
we connect to mobile.
- Enhanced MDST to handle the provisioning network.
- Added CONNECTED_TO_PROVISIONING_NETWORK to NetworkInfo to make a new
state so we don't announce to the world we're connected.
- TelephonyIntents.ACTION_DATA_CONNECTION_CONNECTED_TO_PROVISIONING_APN
is sent by the low level data connection code to notify Connectivity
Service that a provisioning apn has connected. This allows CS to
handle the connection differently than a normal connection.
Bug: 10328264
Change-Id: I3925004011bb1243793c4c1b963d923dc2b00cb5
When the system becomes loaded the PhoneApp can be delayed
significantly and a call to setEnableFailFastMobileData may not
occur because the channel between the MobileDataStateTracker (MDST)
and DcTracker (DCT) is not connected.
Solution: Add a isReady to MDST and isMobileDataStateTrackerReady to
ConnectivityService and call it from isMobileOk.
Bug: 10351868
Change-Id: I92f9d58121b88186b636cd71c2fd2ef9a28f7cf6
Move the early return outside the try {} finally so we don't call
setEnableFailFastMobileData(DctContants.DISABLED). Otherwise
referencing counting is wrong and an exception is thrown in DcTrackerBase.
Bug: 10304904
Change-Id: I5ba5121e473bada9f3daa8d6f3d3577cec8212fc
When captive portal checking completes pass back the result.
This is used to enable/disable failing fast for mobile. When
failing fast is enabled we don't check for data stalls and thus
won't be continually trying to do recovery operations, such as
restarting the radio.
Bug: 9462512
Change-Id: I0dea0eee519f8ee7f94e79d40e82c18f30d7fe2e
...to original but not all modified ones
Very stupid mistakes in messing up the iteration when pruning op
entries.
Change-Id: Ie536b9095f797fcd2b86c9a386a72746796430d1
I needed to test the result of startUsingNetworkFeature, otherwise
on mobile networks that are slow to come up, we won't detect
warm SIMs after booting.
Bug: 9962943
Change-Id: Ib638a4e43867ecaa85d6abff65643b77a63526b6
After detecting there is a captive portal the url used in the
notification for mobile networks should be updateable via gservices.
These urls will be the same as used by CheckMp and is needed for
carriers that have specific provisioning urls such as AT&T and Verizon.
Bug: 9622647
Change-Id: Idcf4dabc72ece1dbbe1d5e5a21e550dd06fe16c7
All old versions drop their modes except for the notification op
(which is the only one there is currently a user-visible control for).
Change-Id: I9e09cebe63e9ea81f2adc01aef7d1a5a59f57a56
Stepping carefully around the fix in change Idc788527, we
perform security (and AppOps, and therefore user block)
checks against the uid passed to enqueueNotificationInternal
rather than the Binder caller.
Bug: 9502541
Change-Id: I91745db92823381df75721c1b8f11013a7fa4ecc
...when clipboard listener attached
We need to clear the calling identity before dispatching change
notifications. Also make this more robust, so that in the face
of any failure we will clean up the broadcast state.
Integrated from master.
Change-Id: I05e1f76ffd486439535631fe4062dabe94bd2ccf
On stacked interfaces like 464xlat, Legacy VPN can't find the
default gateway because it uses getRoutes, which only returns
routes for the base link and not for the stacked links. It also
assumes that the interface that the default route points to is
the interface for the base link (e.g., rmnet0) instead of the
interface the route actually points to (e.g., clat4).
Fix this by calling getAllRoutes to find the default IPv4 route,
and get the interface name from the route we find instead of
assuming it's the base interface.
Bug: 9597516
Change-Id: Ia6ce0b6258a421cd22f60dedca7e94176b32176b
Various applications such as Skype and our legacy VPN code
do not understand routes pointed directly at point-to-point
interfaces and require a default gateway IPv4 address in
order to function.
Grudgingly accept that routes without default gateways Are Hard
and use gatewayed routes instead. This causes routing to go from:
default dev clat4 scope link
to:
default via 192.0.0.4 dev clat4 scope link
192.0.0.4 dev clat4 scope link
and those apps now work.
Bug: 9597256
Bug: 9597516
Change-Id: I7b7890873802d3cb99affd6eb70b8ab75e7a2cf6
