summaryrefslogtreecommitdiffstats
path: root/services
diff options
context:
space:
mode:
Diffstat (limited to 'services')
-rw-r--r--services/java/com/android/server/am/ActivityManagerService.java32
-rw-r--r--services/java/com/android/server/am/UriPermission.java4
-rw-r--r--services/java/com/android/server/sip/SipSessionGroup.java91
-rw-r--r--services/jni/com_android_server_InputManager.cpp8
4 files changed, 102 insertions, 33 deletions
diff --git a/services/java/com/android/server/am/ActivityManagerService.java b/services/java/com/android/server/am/ActivityManagerService.java
index 223d77d..22cd8ff 100644
--- a/services/java/com/android/server/am/ActivityManagerService.java
+++ b/services/java/com/android/server/am/ActivityManagerService.java
@@ -5592,6 +5592,38 @@ public final class ActivityManagerService extends ActivityManagerNative
}
}
+ /**
+ * Allows app to retrieve the MIME type of a URI without having permission
+ * to access its content provider.
+ *
+ * CTS tests for this functionality can be run with "runtest cts-appsecurity".
+ *
+ * Test cases are at cts/tests/appsecurity-tests/test-apps/UsePermissionDiffCert/
+ * src/com/android/cts/usespermissiondiffcertapp/AccessPermissionWithDiffSigTest.java
+ */
+ public String getProviderMimeType(Uri uri) {
+ final String name = uri.getAuthority();
+ final long ident = Binder.clearCallingIdentity();
+ ContentProviderHolder holder = null;
+
+ try {
+ holder = getContentProviderExternal(name);
+ if (holder != null) {
+ return holder.provider.getType(uri);
+ }
+ } catch (RemoteException e) {
+ Log.w(TAG, "Content provider dead retrieving " + uri, e);
+ return null;
+ } finally {
+ if (holder != null) {
+ removeContentProviderExternal(name);
+ }
+ Binder.restoreCallingIdentity(ident);
+ }
+
+ return null;
+ }
+
// =========================================================
// GLOBAL MANAGEMENT
// =========================================================
diff --git a/services/java/com/android/server/am/UriPermission.java b/services/java/com/android/server/am/UriPermission.java
index 0cb6943..e3347cb 100644
--- a/services/java/com/android/server/am/UriPermission.java
+++ b/services/java/com/android/server/am/UriPermission.java
@@ -27,8 +27,8 @@ import java.util.HashSet;
*
* CTS tests for this functionality can be run with "runtest cts-appsecurity".
*
- * Test cases are at cts/tests/appsecurity-tests/test-apps/UsePermissionDiffCert
- * /src/com/android/cts/usespermissiondiffcertapp/AccessPermissionWithDiffSigTest.java
+ * Test cases are at cts/tests/appsecurity-tests/test-apps/UsePermissionDiffCert/
+ * src/com/android/cts/usespermissiondiffcertapp/AccessPermissionWithDiffSigTest.java
*/
class UriPermission {
final int uid;
diff --git a/services/java/com/android/server/sip/SipSessionGroup.java b/services/java/com/android/server/sip/SipSessionGroup.java
index fa3f64a..91677a2 100644
--- a/services/java/com/android/server/sip/SipSessionGroup.java
+++ b/services/java/com/android/server/sip/SipSessionGroup.java
@@ -620,13 +620,15 @@ class SipSessionGroup implements SipListener {
Response.CALL_OR_TRANSACTION_DOES_NOT_EXIST);
return true;
} else if (evt instanceof TransactionTerminatedEvent) {
- if (evt instanceof TimeoutEvent) {
- processTimeout((TimeoutEvent) evt);
- } else {
- processTransactionTerminated(
- (TransactionTerminatedEvent) evt);
+ if (isCurrentTransaction((TransactionTerminatedEvent) evt)) {
+ if (evt instanceof TimeoutEvent) {
+ processTimeout((TimeoutEvent) evt);
+ } else {
+ processTransactionTerminated(
+ (TransactionTerminatedEvent) evt);
+ }
+ return true;
}
- return true;
} else if (isRequestEvent(Request.OPTIONS, evt)) {
mSipHelper.sendResponse((RequestEvent) evt, Response.OK);
return true;
@@ -646,6 +648,37 @@ class SipSessionGroup implements SipListener {
}
}
+ private boolean isCurrentTransaction(TransactionTerminatedEvent event) {
+ Transaction current = event.isServerTransaction()
+ ? mServerTransaction
+ : mClientTransaction;
+ Transaction target = event.isServerTransaction()
+ ? event.getServerTransaction()
+ : event.getClientTransaction();
+
+ if ((current != target) && (mState != SipSession.State.PINGING)) {
+ Log.d(TAG, "not the current transaction; current="
+ + toString(current) + ", target=" + toString(target));
+ return false;
+ } else if (current != null) {
+ Log.d(TAG, "transaction terminated: " + toString(current));
+ return true;
+ } else {
+ // no transaction; shouldn't be here; ignored
+ return true;
+ }
+ }
+
+ private String toString(Transaction transaction) {
+ if (transaction == null) return "null";
+ Request request = transaction.getRequest();
+ Dialog dialog = transaction.getDialog();
+ CSeqHeader cseq = (CSeqHeader) request.getHeader(CSeqHeader.NAME);
+ return String.format("req=%s,%s,s=%s,ds=%s,", request.getMethod(),
+ cseq.getSeqNumber(), transaction.getState(),
+ ((dialog == null) ? "-" : dialog.getState()));
+ }
+
private void processTransactionTerminated(
TransactionTerminatedEvent event) {
switch (mState) {
@@ -661,19 +694,7 @@ class SipSessionGroup implements SipListener {
}
private void processTimeout(TimeoutEvent event) {
- Log.d(TAG, "processing Timeout..." + event);
- Transaction current = event.isServerTransaction()
- ? mServerTransaction
- : mClientTransaction;
- Transaction target = event.isServerTransaction()
- ? event.getServerTransaction()
- : event.getClientTransaction();
-
- if ((current != target) && (mState != SipSession.State.PINGING)) {
- Log.d(TAG, "not the current transaction; current=" + current
- + ", timed out=" + target);
- return;
- }
+ Log.d(TAG, "processing Timeout...");
switch (mState) {
case SipSession.State.REGISTERING:
case SipSession.State.DEREGISTERING:
@@ -810,6 +831,12 @@ class SipSessionGroup implements SipListener {
}
}
+ private boolean crossDomainAuthenticationRequired(Response response) {
+ String realm = getRealmFromResponse(response);
+ if (realm == null) realm = "";
+ return !mLocalProfile.getSipDomain().trim().equals(realm.trim());
+ }
+
private AccountManager getAccountManager() {
return new AccountManager() {
public UserCredentials getCredentials(ClientTransaction
@@ -831,6 +858,15 @@ class SipSessionGroup implements SipListener {
};
}
+ private String getRealmFromResponse(Response response) {
+ WWWAuthenticate wwwAuth = (WWWAuthenticate)response.getHeader(
+ SIPHeaderNames.WWW_AUTHENTICATE);
+ if (wwwAuth != null) return wwwAuth.getRealm();
+ ProxyAuthenticate proxyAuth = (ProxyAuthenticate)response.getHeader(
+ SIPHeaderNames.PROXY_AUTHENTICATE);
+ return (proxyAuth == null) ? null : proxyAuth.getRealm();
+ }
+
private String getNonceFromResponse(Response response) {
WWWAuthenticate wwwAuth = (WWWAuthenticate)response.getHeader(
SIPHeaderNames.WWW_AUTHENTICATE);
@@ -937,7 +973,10 @@ class SipSessionGroup implements SipListener {
return true;
case Response.UNAUTHORIZED:
case Response.PROXY_AUTHENTICATION_REQUIRED:
- if (handleAuthentication(event)) {
+ if (crossDomainAuthenticationRequired(response)) {
+ onError(SipErrorCode.CROSS_DOMAIN_AUTHENTICATION,
+ getRealmFromResponse(response));
+ } else if (handleAuthentication(event)) {
addSipSession(this);
} else if (mLastNonce == null) {
onError(SipErrorCode.SERVER_ERROR,
@@ -982,19 +1021,19 @@ class SipSessionGroup implements SipListener {
Response response = event.getResponse();
int statusCode = response.getStatusCode();
if (expectResponse(Request.CANCEL, evt)) {
+ if (statusCode == Response.OK) {
+ // do nothing; wait for REQUEST_TERMINATED
+ return true;
+ }
+ } else if (expectResponse(Request.INVITE, evt)) {
switch (statusCode) {
case Response.OK:
- // do nothing; wait for REQUEST_TERMINATED
+ outgoingCall(evt); // abort Cancel
return true;
case Response.REQUEST_TERMINATED:
endCallNormally();
return true;
}
- } else if (expectResponse(Request.INVITE, evt)) {
- if (statusCode == Response.OK) {
- outgoingCall(evt); // abort Cancel
- return true;
- }
} else {
return false;
}
diff --git a/services/jni/com_android_server_InputManager.cpp b/services/jni/com_android_server_InputManager.cpp
index e3bae56..6f52f24 100644
--- a/services/jni/com_android_server_InputManager.cpp
+++ b/services/jni/com_android_server_InputManager.cpp
@@ -207,7 +207,7 @@ public:
virtual int32_t getMaxEventsPerSecond();
virtual bool interceptKeyBeforeDispatching(const sp<InputChannel>& inputChannel,
const KeyEvent* keyEvent, uint32_t policyFlags);
- virtual void pokeUserActivity(nsecs_t eventTime, int32_t windowType, int32_t eventType);
+ virtual void pokeUserActivity(nsecs_t eventTime, int32_t eventType);
virtual bool checkInjectEventsPermissionNonReentrant(
int32_t injectorPid, int32_t injectorUid);
@@ -973,10 +973,8 @@ bool NativeInputManager::interceptKeyBeforeDispatching(const sp<InputChannel>& i
return consumed && ! error;
}
-void NativeInputManager::pokeUserActivity(nsecs_t eventTime, int32_t windowType, int32_t eventType) {
- if (windowType != InputWindow::TYPE_KEYGUARD) {
- android_server_PowerManagerService_userActivity(eventTime, eventType);
- }
+void NativeInputManager::pokeUserActivity(nsecs_t eventTime, int32_t eventType) {
+ android_server_PowerManagerService_userActivity(eventTime, eventType);
}
generated by cgit v1.1 at 2024-08-12 03:20:36 +0000