Merge "Update clearifaceforuidrange to take the interface" into klp-dev
diff --git a/DnsProxyListener.cpp b/DnsProxyListener.cpp
index eb02f01..6990f26 100644
--- a/DnsProxyListener.cpp
+++ b/DnsProxyListener.cpp
@@ -133,8 +133,7 @@
if (mIface == NULL) {
//fall back to the per uid interface if no per pid interface exists
if(!_resolv_get_pids_associated_interface(mPid, tmp, sizeof(tmp)))
- if(!_resolv_get_uids_associated_interface(mUid, tmp, sizeof(tmp)))
- mark = -1; // if we don't have a targeted iface don't use a mark
+ _resolv_get_uids_associated_interface(mUid, tmp, sizeof(tmp));
}
struct addrinfo* result = NULL;
@@ -473,8 +472,7 @@
if (mIface == NULL) {
//fall back to the per uid interface if no per pid interface exists
if(!_resolv_get_pids_associated_interface(mPid, tmp, sizeof(tmp)))
- if(!_resolv_get_uids_associated_interface(mUid, tmp, sizeof(tmp)))
- mark = -1;
+ _resolv_get_uids_associated_interface(mUid, tmp, sizeof(tmp));
}
struct hostent* hp;
diff --git a/NetdConstants.h b/NetdConstants.h
index d686968..2508ea2 100644
--- a/NetdConstants.h
+++ b/NetdConstants.h
@@ -21,6 +21,8 @@
#include <list>
#include <stdarg.h>
+const int PROTECT_MARK = 0x1;
+
extern const char * const IPTABLES_PATH;
extern const char * const IP6TABLES_PATH;
extern const char * const IP_PATH;
diff --git a/SecondaryTableController.h b/SecondaryTableController.h
index a153685..716e11d 100644
--- a/SecondaryTableController.h
+++ b/SecondaryTableController.h
@@ -30,7 +30,6 @@
static const int INTERFACES_TRACKED = 10;
static const int BASE_TABLE_NUMBER = 60;
static int MAX_TABLE_NUMBER = BASE_TABLE_NUMBER + INTERFACES_TRACKED;
-static const int PROTECT_MARK = 0x1;
static const char *EXEMPT_PRIO = "99";
static const char *RULE_PRIO = "100";
diff --git a/UidMarkMap.cpp b/UidMarkMap.cpp
index d30ac53..932d3de 100644
--- a/UidMarkMap.cpp
+++ b/UidMarkMap.cpp
@@ -15,6 +15,7 @@
*/
#include "UidMarkMap.h"
+#include "NetdConstants.h"
UidMarkMap::UidMarkEntry::UidMarkEntry(int start, int end, int new_mark) :
uid_start(start),
@@ -63,7 +64,9 @@
return entry->mark;
}
}
- return -1;
+ // If the uid has no mark specified then it should be protected from any VPN rules that might
+ // be affecting the service acting on its behalf.
+ return PROTECT_MARK;
};
bool UidMarkMap::anyRulesForMark(int mark) {