diff options
| author | Chia-chi Yeh <chiachi@android.com> | 2011-07-14 16:19:19 -0700 |
|---|---|---|
| committer | Chia-chi Yeh <chiachi@android.com> | 2011-07-14 16:19:19 -0700 |
| commit | 5779c9c2d9f1f7a28279fe907aebbb43981286fd (patch) | |
| tree | 77177eb1a442dced4a8f8cd2273c2601f18c6b2a /services | |
| parent | fbaa1ea13cf4ebf95f6b4228219d9385781127e5 (diff) | |
| download | frameworks_base-5779c9c2d9f1f7a28279fe907aebbb43981286fd.zip frameworks_base-5779c9c2d9f1f7a28279fe907aebbb43981286fd.tar.gz frameworks_base-5779c9c2d9f1f7a28279fe907aebbb43981286fd.tar.bz2 | |
VPN: close the socket in protectVpn() to avoid leaking descriptors.
Change-Id: Idda0c2ea1770abc490566e894711bcb08f60b354
Diffstat (limited to 'services')
| -rw-r--r-- | services/java/com/android/server/ConnectivityService.java | 32 | ||||
| -rw-r--r-- | services/java/com/android/server/connectivity/Vpn.java | 14 |
2 files changed, 20 insertions, 26 deletions
diff --git a/services/java/com/android/server/ConnectivityService.java b/services/java/com/android/server/ConnectivityService.java index 85891a2..bf5deb7 100644 --- a/services/java/com/android/server/ConnectivityService.java +++ b/services/java/com/android/server/ConnectivityService.java @@ -2528,8 +2528,23 @@ public class ConnectivityService extends IConnectivityManager.Stub { * @hide */ @Override - public void protectVpn(ParcelFileDescriptor socket) { - mVpn.protect(socket, getDefaultInterface()); + public boolean protectVpn(ParcelFileDescriptor socket) { + try { + int type = mActiveDefaultNetwork; + if (ConnectivityManager.isNetworkTypeValid(type)) { + mVpn.protect(socket, mNetTrackers[type].getLinkProperties().getInterfaceName()); + return true; + } + } catch (Exception e) { + // ignore + } finally { + try { + socket.close(); + } catch (Exception e) { + // ignore + } + } + return false; } /** @@ -2577,19 +2592,6 @@ public class ConnectivityService extends IConnectivityManager.Stub { return mVpn.getLegacyVpnInfo(); } - private String getDefaultInterface() { - if (ConnectivityManager.isNetworkTypeValid(mActiveDefaultNetwork)) { - NetworkStateTracker tracker = mNetTrackers[mActiveDefaultNetwork]; - if (tracker != null) { - LinkProperties properties = tracker.getLinkProperties(); - if (properties != null) { - return properties.getInterfaceName(); - } - } - } - throw new IllegalStateException("No default interface"); - } - /** * Callback for VPN subsystem. Currently VPN is not adapted to the service * through NetworkStateTracker since it works differently. For example, it diff --git a/services/java/com/android/server/connectivity/Vpn.java b/services/java/com/android/server/connectivity/Vpn.java index 55ba8e2..9fb9349 100644 --- a/services/java/com/android/server/connectivity/Vpn.java +++ b/services/java/com/android/server/connectivity/Vpn.java @@ -70,22 +70,14 @@ public class Vpn extends INetworkManagementEventObserver.Stub { /** * Protect a socket from routing changes by binding it to the given - * interface. The socket IS closed by this method. + * interface. The socket is NOT closed by this method. * * @param socket The socket to be bound. * @param name The name of the interface. */ public void protect(ParcelFileDescriptor socket, String interfaze) { - try { - mContext.enforceCallingPermission(VPN, "protect"); - jniProtect(socket.getFd(), interfaze); - } finally { - try { - socket.close(); - } catch (Exception e) { - // ignore - } - } + mContext.enforceCallingPermission(VPN, "protect"); + jniProtect(socket.getFd(), interfaze); } /** |