Merge "Only set protectFromVpn if explicitlySelected is also true."
diff --git a/server/NetworkController.cpp b/server/NetworkController.cpp
index 8e4c69d..b90976b 100644
--- a/server/NetworkController.cpp
+++ b/server/NetworkController.cpp
@@ -47,6 +47,8 @@
#include "RouteController.h"
#include "VirtualNetwork.h"
+#define DBG 0
+
namespace android {
namespace net {
@@ -287,12 +289,17 @@
Fwmark fwmark;
fwmark.netId = nc.app_netid;
fwmark.explicitlySelected = explicitlySelected;
- fwmark.protectedFromVpn = canProtect(uid);
+ fwmark.protectedFromVpn = explicitlySelected && canProtect(uid);
fwmark.permission = getPermissionForUser(uid);
nc.app_mark = fwmark.intValue;
nc.dns_mark = getNetworkForDns(&(nc.dns_netid), uid);
+ if (DBG) {
+ ALOGD("app_netid:0x%x app_mark:0x%x dns_netid:0x%x dns_mark:0x%x uid:%d",
+ nc.app_netid, nc.app_mark, nc.dns_netid, nc.dns_mark, uid);
+ }
+
if (netcontext) {
*netcontext = nc;
}
diff --git a/server/NetworkController.h b/server/NetworkController.h
index 0c6cd63..d5451ee 100644
--- a/server/NetworkController.h
+++ b/server/NetworkController.h
@@ -118,7 +118,6 @@
std::map<unsigned, Network*> mNetworks; // Map keys are NetIds.
std::map<uid_t, Permission> mUsers;
std::set<uid_t> mProtectableUsers;
-
};
} // namespace net