diff options
author | Chad Brubaker <cbrubaker@google.com> | 2016-06-20 12:41:47 -0700 |
---|---|---|
committer | Chad Brubaker <cbrubaker@google.com> | 2016-06-20 16:28:12 -0700 |
commit | 473ee1358deac95b094a40fd47397ab97b975751 (patch) | |
tree | 9cfe6a64a9b216f8ada2821f523d931d40776ce3 /src/com/android/providers/downloads/RealSystemFacade.java | |
parent | 41cb108131aef89bc0406cc8143363311a75ca2d (diff) | |
download | android_packages_providers_DownloadProvider-473ee1358deac95b094a40fd47397ab97b975751.tar.gz android_packages_providers_DownloadProvider-473ee1358deac95b094a40fd47397ab97b975751.tar.bz2 android_packages_providers_DownloadProvider-473ee1358deac95b094a40fd47397ab97b975751.zip |
Use calling app's Network Security Config for HTTPS downloads
Bug:29505888
Change-Id: Ifc33fd75e44d1dbc5a4ce5caa8e1ff938b94623e
Diffstat (limited to 'src/com/android/providers/downloads/RealSystemFacade.java')
-rw-r--r-- | src/com/android/providers/downloads/RealSystemFacade.java | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/com/android/providers/downloads/RealSystemFacade.java b/src/com/android/providers/downloads/RealSystemFacade.java index 2203eefc..df1d245f 100644 --- a/src/com/android/providers/downloads/RealSystemFacade.java +++ b/src/com/android/providers/downloads/RealSystemFacade.java @@ -26,6 +26,13 @@ import android.content.pm.PackageManager.NameNotFoundException; import android.net.ConnectivityManager; import android.net.Network; import android.net.NetworkInfo; +import android.security.NetworkSecurityPolicy; +import android.security.net.config.ApplicationConfig; + +import java.security.GeneralSecurityException; + +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManager; import com.android.internal.util.ArrayUtils; @@ -94,6 +101,21 @@ class RealSystemFacade implements SystemFacade { return false; } + @Override + public SSLContext getSSLContextForPackage(Context context, String packageName) + throws GeneralSecurityException { + ApplicationConfig appConfig; + try { + appConfig = NetworkSecurityPolicy.getApplicationConfigForPackage(context, packageName); + } catch (NameNotFoundException e) { + // Unknown package -- fallback to the default SSLContext + return SSLContext.getDefault(); + } + SSLContext ctx = SSLContext.getInstance("TLS"); + ctx.init(null, new TrustManager[] {appConfig.getTrustManager()}, null); + return ctx; + } + /** * Returns whether cleartext network traffic (HTTP) is permitted for the provided package. */ |