From a1d7c7444990f4eabf712db8cceb6d3ab1508dde Mon Sep 17 00:00:00 2001 From: Chad Brubaker Date: Tue, 11 Feb 2014 14:18:56 -0800 Subject: Remove SO_BINDTODEVICE from VPN protect SO_BINDTODEVICE is not needed with policy routing. SO_BINDTODEVICE was also used on the default iface which causes problems when the default iface is IPv6 only and the socket tries to connect to a IPv4 address. Bug: 12940882 Change-Id: I5b2bde0ac5459433fc5749f509072a548532f730 --- services/java/com/android/server/ConnectivityService.java | 3 +-- services/java/com/android/server/connectivity/Vpn.java | 10 +++------- 2 files changed, 4 insertions(+), 9 deletions(-) (limited to 'services/java') diff --git a/services/java/com/android/server/ConnectivityService.java b/services/java/com/android/server/ConnectivityService.java index 83a3bfd..df2fd5e 100644 --- a/services/java/com/android/server/ConnectivityService.java +++ b/services/java/com/android/server/ConnectivityService.java @@ -3658,8 +3658,7 @@ public class ConnectivityService extends IConnectivityManager.Stub { int user = UserHandle.getUserId(Binder.getCallingUid()); if (ConnectivityManager.isNetworkTypeValid(type) && mNetTrackers[type] != null) { synchronized(mVpns) { - mVpns.get(user).protect(socket, - mNetTrackers[type].getLinkProperties().getInterfaceName()); + mVpns.get(user).protect(socket); } return true; } diff --git a/services/java/com/android/server/connectivity/Vpn.java b/services/java/com/android/server/connectivity/Vpn.java index 9ed3eaa..03405e7 100644 --- a/services/java/com/android/server/connectivity/Vpn.java +++ b/services/java/com/android/server/connectivity/Vpn.java @@ -284,13 +284,12 @@ public class Vpn extends BaseNetworkStateTracker { } /** - * Protect a socket from routing changes by binding it to the given - * interface. The socket is NOT closed by this method. + * Protect a socket from VPN rules by binding it to the main routing table. + * The socket is NOT closed by this method. * * @param socket The socket to be bound. - * @param interfaze The name of the interface. */ - public void protect(ParcelFileDescriptor socket, String interfaze) throws Exception { + public void protect(ParcelFileDescriptor socket) throws Exception { PackageManager pm = mContext.getPackageManager(); int appUid = pm.getPackageUid(mPackage, mUserId); @@ -304,8 +303,6 @@ public class Vpn extends BaseNetworkStateTracker { } finally { Binder.restoreCallingIdentity(token); } - // bind the socket to the interface - jniProtect(socket.getFd(), interfaze); } @@ -684,7 +681,6 @@ public class Vpn extends BaseNetworkStateTracker { private native int jniSetRoutes(String interfaze, String routes); private native void jniReset(String interfaze); private native int jniCheck(String interfaze); - private native void jniProtect(int socket, String interfaze); private static RouteInfo findIPv4DefaultRoute(LinkProperties prop) { for (RouteInfo route : prop.getAllRoutes()) { -- cgit v1.1