diff options
author | Remi NGUYEN VAN <reminv@google.com> | 2022-04-07 16:33:03 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-04-07 16:33:03 +0000 |
commit | 0684759f10babe50ec0312cdcdb9e694dc9da23c (patch) | |
tree | 97a6fcfaf80f1a3eb5ad46a423f74833fe7814f0 | |
parent | 88af43ac602645779d12b3d67d627edd9d172908 (diff) | |
parent | c14e995495c1113210d9f5196ac311c1875cebd2 (diff) | |
download | base-0684759f10babe50ec0312cdcdb9e694dc9da23c.tar.gz |
Disallow PAP authentication when MPPE is requested am: 4f319df8ff am: 49f031ea4d am: 2f74509789 am: c14e995495
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/17614780
Change-Id: Ifb8d0d20243e35601011eedb9442594f24067fe0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | services/core/java/com/android/server/connectivity/Vpn.java | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java index 3762ccaae13b..1bd158dfe96e 100644 --- a/services/core/java/com/android/server/connectivity/Vpn.java +++ b/services/core/java/com/android/server/connectivity/Vpn.java @@ -2242,6 +2242,13 @@ public class Vpn { "usepeerdns", "idle", "1800", "mtu", "1270", "mru", "1270", (profile.mppe ? "+mppe" : "nomppe"), }; + if (profile.mppe) { + // Disallow PAP authentication when MPPE is requested, as MPPE cannot work + // with PAP anyway, and users may not expect PAP (plain text) to be used when + // MPPE was requested. + mtpd = Arrays.copyOf(mtpd, mtpd.length + 1); + mtpd[mtpd.length - 1] = "-pap"; + } break; case VpnProfile.TYPE_L2TP_IPSEC_PSK: case VpnProfile.TYPE_L2TP_IPSEC_RSA: |