From 78d4712f272e2e68fdcd69f33f4d413eecc89390 Mon Sep 17 00:00:00 2001
From: Chad Brubaker <cbrubaker@google.com>
Date: Tue, 17 Nov 2015 22:26:58 -0800
Subject: [PATCH] Install the Network Security Config Provider

The provider is installed early in ActivityThread to ensure that no
TLS objects are created in the application before the provider is
installed.

Change-Id: I5f77addfa75a4ee19301de54e01507d8dca33657
---
 core/java/android/app/ActivityThread.java | 6 ++++++
 preloaded-classes                         | 1 +
 2 files changed, 7 insertions(+)

diff --git a/core/java/android/app/ActivityThread.java b/core/java/android/app/ActivityThread.java
index b3d6382524fbd..802880dc7ebcc 100644
--- a/core/java/android/app/ActivityThread.java
+++ b/core/java/android/app/ActivityThread.java
@@ -78,6 +78,7 @@ import android.os.Trace;
 import android.os.UserHandle;
 import android.provider.Settings;
 import android.security.NetworkSecurityPolicy;
+import android.security.net.config.NetworkSecurityConfigProvider;
 import android.util.AndroidRuntimeException;
 import android.util.ArrayMap;
 import android.util.DisplayMetrics;
@@ -4831,6 +4832,11 @@ public final class ActivityThread {
             }
         }
 
+        // Install the Network Security Config Provider. This must happen before the application
+        // code is loaded to prevent issues with instances of TLS objects being created before
+        // the provider is installed.
+        NetworkSecurityConfigProvider.install(appContext);
+
         // Continue loading instrumentation.
         if (ii != null) {
             final ApplicationInfo instrApp = new ApplicationInfo();
diff --git a/preloaded-classes b/preloaded-classes
index d6b4ec9efd0e1..e48255c1efa73 100644
--- a/preloaded-classes
+++ b/preloaded-classes
@@ -1566,6 +1566,7 @@ android.security.keystore.AndroidKeyStoreBCWorkaroundProvider
 android.security.keystore.AndroidKeyStoreKey
 android.security.keystore.AndroidKeyStoreProvider
 android.security.keystore.KeyStoreCryptoOperation
+android.security.net.config.NetworkSecurityConfigProvider
 android.service.persistentdata.PersistentDataBlockManager
 android.system.ErrnoException
 android.system.GaiException