The URL path could contain credentials that apps don't want exposed
to a potentially malicious PAC script.
Bug: 27593919
Change-Id: I4bb0362fc91f70ad47c4c7453d77d6f9a1e8eeed
If an app uses the new api (requestNetwork) to bring up MMS, don't
mark it as a legacy request. This was done because the messaging
service had to use a combination of new API and old
(requestRouteToHost) due to api problems. This has been resolved
so don't mark these as legacy requests anymore.
The general stuff is still in for other types due to lack of testing
time but this should be removed altogether in the future.
bug:23350688
Change-Id: I41c27efb253c39d8af1357ae7916ed5315c716db
Requests without NET_CAPABILITIES_INTERNET and just the default network
capabilities should not be marked restricted. Without this fix apps
can hit permissions exceptions if they inadvertently make requests
without NET_CAPABILITIES_INTERNET.
Bug:23164917
Change-Id: I4c7136821315bcb05dfc42ffbc505a5d4f6109e6
(cherry picked from commit aae613d961)
With this change:
1. NOT_RESTRICTED should be removed from NetworkRequests that bring up
special restricted carrier networks (e.g. IMS, FOTA).
2. NetworkRequests without NOT_RESTRICTED require CONNECTIVITY_INTERNAL
permission to register
3. Binding sockets to networks without NOT_RESTRICTED requires
CONNECTIVITY_INTERNAL permission
Bug:21637535
Change-Id: I5991d39facaa6b690e969fe15dcbeec52e918321
(cherry picked from commit 487ffe7d3d)
Requests without NET_CAPABILITIES_INTERNET and just the default network
capabilities should not be marked restricted. Without this fix apps
can hit permissions exceptions if they inadvertently make requests
without NET_CAPABILITIES_INTERNET.
Bug:23164917
Change-Id: I4c7136821315bcb05dfc42ffbc505a5d4f6109e6
Merge the CHANGE_NETWORK_STATE permission with WRITE_SETTINGS.
AndroidManifest.xml:
Raised the protection level of CHANGE_NETWORK_STATE permission from
normal to signature|appops and pre23|preinstall for compatibility
provider/Settings:
Wrote new helper methods to check if app is allowed to change network
state.
ConnectivityManager.java & ConnectivityService.java:
Replace enforcement checks for CHANGE_NETWORK_STATE with
checkAndNoteChangeNetworkStateOperations instead.
Change-Id: If8c2dd3c76a5324ca43f1d90fa17973216c2bcc5
Compare caller and scorer uids to decide if caller is the
active scorer instead of calling AppOps.checkPackage().
Bug: 23000690
Change-Id: I64285f965716f3aceb24f193d86ab9d6be7202c5
With this change:
1. NOT_RESTRICTED should be removed from NetworkRequests that bring up
special restricted carrier networks (e.g. IMS, FOTA).
2. NetworkRequests without NOT_RESTRICTED require CONNECTIVITY_INTERNAL
permission to register
3. Binding sockets to networks without NOT_RESTRICTED requires
CONNECTIVITY_INTERNAL permission
Bug:21637535
Change-Id: I5991d39facaa6b690e969fe15dcbeec52e918321
The methods startUsingNetworkFeature, stopUsingNetworkFeature and
requestRouteToHost were @removed in all the M preview builds, but
internal and external developers have noted that this imposes
additional burden for applications that need to work across
multiple platform versions because it causes compile-time errors.
We switched from @removed back to @deprecated to avoid these
problems. In order to effectively deprecate these methods, which
are error-prone and insecure, make them throw
UnsupportedOperationException if the app's target SDK is M or
above.
Because there are still one or two places in system code that use
these APIs, exempt Process.SYSTEM_UID and the OMA-DM client from
the check for now.
Bug: 22728205
Change-Id: I790bd32f3aa8067cbb625962a209bb9232f4b58c
These were @removed too soon. We need to keep them @deprecated until
the bulk of devices support the new API and then we can remove them.
bug:22728205
Change-Id: If1b46ff1878f1778517624112b195c461645ddd1
If a network no longer satisfies a NetworkRequest, send the onLost
NetworkCallback. If it was a real request (not listen) then update
the NetworkFactories.
To test this change I created a little infrastructure to fake
different Internet connectivity probe results during tests. This
allowed me to rewrite some of ConnectivityServiceTest's logic for
validating networks. This brought to light a couple issues that
I had to address to keep tests passing:
1. testUnlingeringDoesNotValidate was relying on a bad side-effect
of my old method of ConnectivityServiceTest's logic for
validating networks, so I rewrote the test.
2. ConnectivityService was not sending out NetworkCallbacks for
WiFi when Cellular was validated. I'm including a fix for this
in this CL also.
Bug:22220234
Change-Id: I29314f38189817f8b2561a213c4f9e8522696663
Currently, NetworkDiagnostics only checks off-link connectivity if
one of the DNS servers is off-link. Make it check off-link
connectivity in all cases by sending probes to Google Public DNS
if off-link DNS servers are not specified.
Bug: 22569331
Bug: 22641669
Bug: 22748900
Change-Id: I6cb0dd8491bc0c1a488631deca56722b9c1d2b3f
If the user selects "No" in the "Stay connected?" dialog box:
1. Disable autojoining that network in the future, and
2. Disassociate from that network.
Bug:22187193
Change-Id: I14dc9236c57e3ab7d3ec95edc906787cbfbf3c9f
Hooks the ConnectivityManager.TYPE_MOBILE_EMERGENCY,
PhoneConstants.APN_TYPE_EMERGENCY, and NetworkCapabilities.NET_CAPABILITY_EIMS
together so carrier apps can request connections to this APN.
bug:21785357
Change-Id: Id92a5e28d19407cc7a8f8b5478b23457f2f7f89d
This new class replaces the awkward string token and ConnectivityManager APIs
used by apps handling captive portals.
Bug:21343774
Change-Id: I1a2c69edb17322715bf8422bb4216b0ea60bfd59
This got lost in the multinetwork work for L. It means
that if telephony stops having the ability to pass packets for a while
the rest of the platform doesn't know.
Telephony enters the suspended state if it enters a telephony call
while using certain radio access technologies, or if it switches to
one of those RATs while in a call. It also can enter this state if
it temporarily loses contact with the network - the modem will
not report the loss of the data call for an indeterminant time in
the hope that regaining the network will restore the connection
without harm to any ongoing ip layer interactions. For example
passing through a tunnel or taking an elevator trip may use this
mechanism.
bug: 19637156
Change-Id: If9fde68175e8561c19323c81fbfcb02a6e5a00fb
This way, system applications with INTERACT_ACROSS_USERS permission will
be able to fetch the information they need.
Pre-requisite for bug 21499103
Change-Id: I7e759d5039ae6e85abc6435049016b1dcaabc834
Move reachable DNS server computation out of ConnectivityService
and split it into LinkProperties#isReachable() and a companion
change in WifiStateMachine's makeLinkProperties().
Restore previous ConnectivityService#updateDnses() behaviour, as
the pruning is done in WifiStateMachine now.
Bug: 19470192
Bug: 20733156
Bug: 22098233
Change-Id: I810ef74d504e5dc1ca2017d435cdadd6b82171e6
It's not clear what it means to request a network with a mutable
NetworkCapability like NET_CAPABILITY_VALIDATED or
NET_CAPABILITY_CAPTIVE_PORTAL. Presently requesting such a network
would fail in a number of different ways:
1. The NetworkFactories would fail to match the request against their
filter which doesn't include stateful NetworkCapabilities.
2. If the NetworkFactories did match, they'd bring up networks to try
and satisfy the requests, but the networks would not have any
mutable NetworkCapabilities initially so they'd be reaped.
Because of these problems it's safest to simply disallow these
requests.
Bug: 21343774
Change-Id: I56303242b81d39b370b8d5d1e32059bfcfc25949
Without this API we're more or less encouraging apps to have long running
processes (battery draining) to receive NetworkCallbacks for the stateful
NetworkCapabilities NET_CAPABILITIES_VALIDATED and
NET_CAPABILITIES_CAPTIVE_PORTAL. With this API they can instead using
PendingIntents which outlive their apps.
Bug: 21343774
Change-Id: I168d0ac3757729acf7ca5546079846f575a0eedd
