summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--services/core/java/com/android/server/connectivity/Vpn.java91
1 files changed, 48 insertions, 43 deletions
diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java
index f0f187098bc5..5ec57cd2d9f7 100644
--- a/services/core/java/com/android/server/connectivity/Vpn.java
+++ b/services/core/java/com/android/server/connectivity/Vpn.java
@@ -763,31 +763,36 @@ public class Vpn {
// Also notify the new package if there was a provider change.
final boolean shouldNotifyNewPkg = isVpnApp(packageName) && isPackageChanged;
- if (setAlwaysOnPackageInternal(packageName, lockdown, lockdownAllowlist)) {
- saveAlwaysOnPackage();
- // TODO(b/230548427): Remove SDK check once VPN related stuff are decoupled from
- // ConnectivityServiceTest.
- if (shouldNotifyOldPkg && SdkLevel.isAtLeastT()) {
- // If both of shouldNotifyOldPkg & isPackageChanged are true, which means the
- // always-on of old package is disabled or the old package is replaced with the new
- // package. In this case, VpnProfileState should be disconnected.
- sendEventToVpnManagerApp(VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED,
- -1 /* errorClass */, -1 /* errorCode*/, oldPackage,
- null /* sessionKey */, isPackageChanged ? makeDisconnectedVpnProfileState()
- : makeVpnProfileStateLocked(),
- null /* underlyingNetwork */, null /* nc */, null /* lp */);
- }
- // TODO(b/230548427): Remove SDK check once VPN related stuff are decoupled from
- // ConnectivityServiceTest.
- if (shouldNotifyNewPkg && SdkLevel.isAtLeastT()) {
- sendEventToVpnManagerApp(VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED,
- -1 /* errorClass */, -1 /* errorCode*/, packageName,
- getSessionKeyLocked(), makeVpnProfileStateLocked(),
- null /* underlyingNetwork */, null /* nc */, null /* lp */);
- }
+ if (!setAlwaysOnPackageInternal(packageName, lockdown, lockdownAllowlist)) {
+ return false;
+ }
+
+ saveAlwaysOnPackage();
+
+ // TODO(b/230548427): Remove SDK check once VPN related stuff are decoupled from
+ // ConnectivityServiceTest.
+ if (!SdkLevel.isAtLeastT()) {
return true;
}
- return false;
+
+ if (shouldNotifyOldPkg) {
+ // If both of shouldNotifyOldPkg & isPackageChanged are true, that means the
+ // always-on of old package is disabled or the old package is replaced with the new
+ // package. In this case, VpnProfileState should be disconnected.
+ sendEventToVpnManagerApp(VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED,
+ -1 /* errorClass */, -1 /* errorCode*/, oldPackage,
+ null /* sessionKey */, isPackageChanged ? makeDisconnectedVpnProfileState()
+ : makeVpnProfileStateLocked(),
+ null /* underlyingNetwork */, null /* nc */, null /* lp */);
+ }
+
+ if (shouldNotifyNewPkg) {
+ sendEventToVpnManagerApp(VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED,
+ -1 /* errorClass */, -1 /* errorCode*/, packageName,
+ getSessionKeyLocked(), makeVpnProfileStateLocked(),
+ null /* underlyingNetwork */, null /* nc */, null /* lp */);
+ }
+ return true;
}
/**
@@ -2637,8 +2642,8 @@ public class Vpn {
@Nullable private IpSecTunnelInterface mTunnelIface;
@Nullable private IkeSession mSession;
@Nullable private Network mActiveNetwork;
- @Nullable private NetworkCapabilities mNetworkCapabilities;
- @Nullable private LinkProperties mLinkProperties;
+ @Nullable private NetworkCapabilities mUnderlyingNetworkCapabilities;
+ @Nullable private LinkProperties mUnderlyingLinkProperties;
private final String mSessionKey;
IkeV2VpnRunner(@NonNull Ikev2VpnProfile profile) {
@@ -2870,12 +2875,12 @@ public class Vpn {
/** Called when the NetworkCapabilities of underlying network is changed */
public void onDefaultNetworkCapabilitiesChanged(@NonNull NetworkCapabilities nc) {
- mNetworkCapabilities = nc;
+ mUnderlyingNetworkCapabilities = nc;
}
/** Called when the LinkProperties of underlying network is changed */
public void onDefaultNetworkLinkPropertiesChanged(@NonNull LinkProperties lp) {
- mLinkProperties = lp;
+ mUnderlyingLinkProperties = lp;
}
/** Marks the state as FAILED, and disconnects. */
@@ -2929,9 +2934,9 @@ public class Vpn {
getPackage(), mSessionKey, makeVpnProfileStateLocked(),
mActiveNetwork,
getRedactedNetworkCapabilitiesOfUnderlyingNetwork(
- this.mNetworkCapabilities),
+ mUnderlyingNetworkCapabilities),
getRedactedLinkPropertiesOfUnderlyingNetwork(
- this.mLinkProperties));
+ mUnderlyingLinkProperties));
}
markFailedAndDisconnect(exception);
return;
@@ -2947,9 +2952,9 @@ public class Vpn {
getPackage(), mSessionKey, makeVpnProfileStateLocked(),
mActiveNetwork,
getRedactedNetworkCapabilitiesOfUnderlyingNetwork(
- this.mNetworkCapabilities),
+ mUnderlyingNetworkCapabilities),
getRedactedLinkPropertiesOfUnderlyingNetwork(
- this.mLinkProperties));
+ mUnderlyingLinkProperties));
}
}
} else if (exception instanceof IllegalArgumentException) {
@@ -2966,9 +2971,9 @@ public class Vpn {
getPackage(), mSessionKey, makeVpnProfileStateLocked(),
mActiveNetwork,
getRedactedNetworkCapabilitiesOfUnderlyingNetwork(
- this.mNetworkCapabilities),
+ mUnderlyingNetworkCapabilities),
getRedactedLinkPropertiesOfUnderlyingNetwork(
- this.mLinkProperties));
+ mUnderlyingLinkProperties));
}
} else if (exception instanceof IkeNonProtocolException) {
if (exception.getCause() instanceof UnknownHostException) {
@@ -2981,9 +2986,9 @@ public class Vpn {
getPackage(), mSessionKey, makeVpnProfileStateLocked(),
mActiveNetwork,
getRedactedNetworkCapabilitiesOfUnderlyingNetwork(
- this.mNetworkCapabilities),
+ mUnderlyingNetworkCapabilities),
getRedactedLinkPropertiesOfUnderlyingNetwork(
- this.mLinkProperties));
+ mUnderlyingLinkProperties));
}
} else if (exception.getCause() instanceof IkeTimeoutException) {
// TODO(b/230548427): Remove SDK check once VPN related stuff are
@@ -2995,9 +3000,9 @@ public class Vpn {
getPackage(), mSessionKey, makeVpnProfileStateLocked(),
mActiveNetwork,
getRedactedNetworkCapabilitiesOfUnderlyingNetwork(
- this.mNetworkCapabilities),
+ mUnderlyingNetworkCapabilities),
getRedactedLinkPropertiesOfUnderlyingNetwork(
- this.mLinkProperties));
+ mUnderlyingLinkProperties));
}
} else if (exception.getCause() instanceof IOException) {
// TODO(b/230548427): Remove SDK check once VPN related stuff are
@@ -3009,9 +3014,9 @@ public class Vpn {
getPackage(), mSessionKey, makeVpnProfileStateLocked(),
mActiveNetwork,
getRedactedNetworkCapabilitiesOfUnderlyingNetwork(
- this.mNetworkCapabilities),
+ mUnderlyingNetworkCapabilities),
getRedactedLinkPropertiesOfUnderlyingNetwork(
- this.mLinkProperties));
+ mUnderlyingLinkProperties));
}
}
} else if (exception != null) {
@@ -3020,8 +3025,8 @@ public class Vpn {
}
mActiveNetwork = null;
- mNetworkCapabilities = null;
- mLinkProperties = null;
+ mUnderlyingNetworkCapabilities = null;
+ mUnderlyingLinkProperties = null;
// Close all obsolete state, but keep VPN alive incase a usable network comes up.
// (Mirrors VpnService behavior)
@@ -3086,8 +3091,8 @@ public class Vpn {
*/
private void disconnectVpnRunner() {
mActiveNetwork = null;
- mNetworkCapabilities = null;
- mLinkProperties = null;
+ mUnderlyingNetworkCapabilities = null;
+ mUnderlyingLinkProperties = null;
mIsRunning = false;
resetIkeState();
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-11-02 09:32:45 +0000