Merge changes I3b16caad,Iaf5ea7ab,I09a94042,I69a39039,I35300309, ...
* changes: Let network requests see VPNs. Move constants into a new file. Make sure listen requests from VPN apps see their own networks Add a test for new UID checking code. Remove UID_RANGES_ADDED and REMOVED. Move VPN allowed UIDs into NetworkCapabilities. Pre-import to remove a conflict.
This commit is contained in:
Chalard Jean
@@ -34,12 +34,15 @@ import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertNotEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import android.os.Parcel;
|
||||
import android.support.test.runner.AndroidJUnit4;
|
||||
import android.test.suitebuilder.annotation.SmallTest;
|
||||
import android.util.ArraySet;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
@RunWith(AndroidJUnit4.class)
|
||||
@SmallTest
|
||||
@@ -189,4 +192,84 @@ public class NetworkCapabilitiesTest {
|
||||
assertEquals(20, NetworkCapabilities
|
||||
.maxBandwidth(10, 20));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSetUids() {
|
||||
final NetworkCapabilities netCap = new NetworkCapabilities();
|
||||
final Set<UidRange> uids = new ArraySet<>();
|
||||
uids.add(new UidRange(50, 100));
|
||||
uids.add(new UidRange(3000, 4000));
|
||||
netCap.setUids(uids);
|
||||
assertTrue(netCap.appliesToUid(50));
|
||||
assertTrue(netCap.appliesToUid(80));
|
||||
assertTrue(netCap.appliesToUid(100));
|
||||
assertTrue(netCap.appliesToUid(3000));
|
||||
assertTrue(netCap.appliesToUid(3001));
|
||||
assertFalse(netCap.appliesToUid(10));
|
||||
assertFalse(netCap.appliesToUid(25));
|
||||
assertFalse(netCap.appliesToUid(49));
|
||||
assertFalse(netCap.appliesToUid(101));
|
||||
assertFalse(netCap.appliesToUid(2000));
|
||||
assertFalse(netCap.appliesToUid(100000));
|
||||
|
||||
assertTrue(netCap.appliesToUidRange(new UidRange(50, 100)));
|
||||
assertTrue(netCap.appliesToUidRange(new UidRange(70, 72)));
|
||||
assertTrue(netCap.appliesToUidRange(new UidRange(3500, 3912)));
|
||||
assertFalse(netCap.appliesToUidRange(new UidRange(1, 100)));
|
||||
assertFalse(netCap.appliesToUidRange(new UidRange(49, 100)));
|
||||
assertFalse(netCap.appliesToUidRange(new UidRange(1, 10)));
|
||||
assertFalse(netCap.appliesToUidRange(new UidRange(60, 101)));
|
||||
assertFalse(netCap.appliesToUidRange(new UidRange(60, 3400)));
|
||||
|
||||
NetworkCapabilities netCap2 = new NetworkCapabilities();
|
||||
assertFalse(netCap2.satisfiedByUids(netCap));
|
||||
assertFalse(netCap2.equalsUids(netCap));
|
||||
netCap2.setUids(uids);
|
||||
assertTrue(netCap2.satisfiedByUids(netCap));
|
||||
assertTrue(netCap.equalsUids(netCap2));
|
||||
assertTrue(netCap2.equalsUids(netCap));
|
||||
|
||||
uids.add(new UidRange(600, 700));
|
||||
netCap2.setUids(uids);
|
||||
assertFalse(netCap2.satisfiedByUids(netCap));
|
||||
assertFalse(netCap.appliesToUid(650));
|
||||
assertTrue(netCap2.appliesToUid(650));
|
||||
netCap.combineCapabilities(netCap2);
|
||||
assertTrue(netCap2.satisfiedByUids(netCap));
|
||||
assertTrue(netCap.appliesToUid(650));
|
||||
assertFalse(netCap.appliesToUid(500));
|
||||
|
||||
assertFalse(new NetworkCapabilities().satisfiedByUids(netCap));
|
||||
netCap.combineCapabilities(new NetworkCapabilities());
|
||||
assertTrue(netCap.appliesToUid(500));
|
||||
assertTrue(netCap.appliesToUidRange(new UidRange(1, 100000)));
|
||||
assertFalse(netCap2.appliesToUid(500));
|
||||
assertFalse(netCap2.appliesToUidRange(new UidRange(1, 100000)));
|
||||
assertTrue(new NetworkCapabilities().satisfiedByUids(netCap));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testParcelNetworkCapabilities() {
|
||||
final Set<UidRange> uids = new ArraySet<>();
|
||||
uids.add(new UidRange(50, 100));
|
||||
uids.add(new UidRange(3000, 4000));
|
||||
final NetworkCapabilities netCap = new NetworkCapabilities()
|
||||
.addCapability(NET_CAPABILITY_INTERNET)
|
||||
.setUids(uids)
|
||||
.addCapability(NET_CAPABILITY_EIMS)
|
||||
.addCapability(NET_CAPABILITY_NOT_METERED);
|
||||
assertEqualsThroughMarshalling(netCap);
|
||||
}
|
||||
|
||||
private void assertEqualsThroughMarshalling(NetworkCapabilities netCap) {
|
||||
Parcel p = Parcel.obtain();
|
||||
netCap.writeToParcel(p, /* flags */ 0);
|
||||
p.setDataPosition(0);
|
||||
byte[] marshalledData = p.marshall();
|
||||
|
||||
p = Parcel.obtain();
|
||||
p.unmarshall(marshalledData, 0, marshalledData.length);
|
||||
p.setDataPosition(0);
|
||||
assertEquals(NetworkCapabilities.CREATOR.createFromParcel(p), netCap);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -44,6 +44,7 @@ import static android.net.NetworkCapabilities.NET_CAPABILITY_WIFI_P2P;
|
||||
import static android.net.NetworkCapabilities.NET_CAPABILITY_XCAP;
|
||||
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
|
||||
import static android.net.NetworkCapabilities.TRANSPORT_ETHERNET;
|
||||
import static android.net.NetworkCapabilities.TRANSPORT_VPN;
|
||||
import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
|
||||
import static android.net.NetworkCapabilities.TRANSPORT_WIFI_AWARE;
|
||||
|
||||
@@ -101,6 +102,7 @@ import android.net.NetworkSpecifier;
|
||||
import android.net.NetworkUtils;
|
||||
import android.net.RouteInfo;
|
||||
import android.net.StringNetworkSpecifier;
|
||||
import android.net.UidRange;
|
||||
import android.net.metrics.IpConnectivityLog;
|
||||
import android.net.util.MultinetworkPolicyTracker;
|
||||
import android.os.ConditionVariable;
|
||||
@@ -126,11 +128,13 @@ import com.android.internal.util.ArrayUtils;
|
||||
import com.android.internal.util.WakeupMessage;
|
||||
import com.android.internal.util.test.BroadcastInterceptingContext;
|
||||
import com.android.internal.util.test.FakeSettingsProvider;
|
||||
import com.android.server.connectivity.ConnectivityConstants;
|
||||
import com.android.server.connectivity.DefaultNetworkMetrics;
|
||||
import com.android.server.connectivity.IpConnectivityMetrics;
|
||||
import com.android.server.connectivity.MockableSystemProperties;
|
||||
import com.android.server.connectivity.NetworkAgentInfo;
|
||||
import com.android.server.connectivity.NetworkMonitor;
|
||||
import com.android.server.connectivity.Vpn;
|
||||
import com.android.server.net.NetworkPinner;
|
||||
import com.android.server.net.NetworkPolicyManagerInternal;
|
||||
|
||||
@@ -360,7 +364,7 @@ public class ConnectivityServiceTest {
|
||||
|
||||
MockNetworkAgent(int transport, LinkProperties linkProperties) {
|
||||
final int type = transportToLegacyType(transport);
|
||||
final String typeName = ConnectivityManager.getNetworkTypeName(type);
|
||||
final String typeName = ConnectivityManager.getNetworkTypeName(transport);
|
||||
mNetworkInfo = new NetworkInfo(type, 0, typeName, "Mock");
|
||||
mNetworkCapabilities = new NetworkCapabilities();
|
||||
mNetworkCapabilities.addTransportType(transport);
|
||||
@@ -377,6 +381,9 @@ public class ConnectivityServiceTest {
|
||||
case TRANSPORT_WIFI_AWARE:
|
||||
mScore = 20;
|
||||
break;
|
||||
case TRANSPORT_VPN:
|
||||
mScore = ConnectivityConstants.VPN_DEFAULT_SCORE;
|
||||
break;
|
||||
default:
|
||||
throw new UnsupportedOperationException("unimplemented network type");
|
||||
}
|
||||
@@ -438,6 +445,11 @@ public class ConnectivityServiceTest {
|
||||
mNetworkAgent.sendNetworkCapabilities(mNetworkCapabilities);
|
||||
}
|
||||
|
||||
public void setUids(Set<UidRange> uids) {
|
||||
mNetworkCapabilities.setUids(uids);
|
||||
mNetworkAgent.sendNetworkCapabilities(mNetworkCapabilities);
|
||||
}
|
||||
|
||||
public void setSignalStrength(int signalStrength) {
|
||||
mNetworkCapabilities.setSignalStrength(signalStrength);
|
||||
mNetworkAgent.sendNetworkCapabilities(mNetworkCapabilities);
|
||||
@@ -1463,6 +1475,11 @@ public class ConnectivityServiceTest {
|
||||
return nc;
|
||||
}
|
||||
|
||||
void expectCapabilitiesLike(Predicate<NetworkCapabilities> fn, MockNetworkAgent agent) {
|
||||
CallbackInfo cbi = expectCallback(CallbackState.NETWORK_CAPABILITIES, agent);
|
||||
assertTrue(fn.test((NetworkCapabilities) cbi.arg));
|
||||
}
|
||||
|
||||
void assertNoCallback() {
|
||||
waitForIdle();
|
||||
CallbackInfo c = mCallbacks.peek();
|
||||
@@ -3625,4 +3642,76 @@ public class ConnectivityServiceTest {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVpnNetworkActive() {
|
||||
final int uid = Process.myUid();
|
||||
|
||||
final TestNetworkCallback genericNetworkCallback = new TestNetworkCallback();
|
||||
final TestNetworkCallback wifiNetworkCallback = new TestNetworkCallback();
|
||||
final TestNetworkCallback vpnNetworkCallback = new TestNetworkCallback();
|
||||
final NetworkRequest genericRequest = new NetworkRequest.Builder().build();
|
||||
final NetworkRequest wifiRequest = new NetworkRequest.Builder()
|
||||
.addTransportType(TRANSPORT_WIFI).build();
|
||||
final NetworkRequest vpnNetworkRequest = new NetworkRequest.Builder()
|
||||
.addTransportType(TRANSPORT_VPN).build();
|
||||
mCm.registerNetworkCallback(genericRequest, genericNetworkCallback);
|
||||
mCm.registerNetworkCallback(wifiRequest, wifiNetworkCallback);
|
||||
mCm.registerNetworkCallback(vpnNetworkRequest, vpnNetworkCallback);
|
||||
|
||||
mWiFiNetworkAgent = new MockNetworkAgent(TRANSPORT_WIFI);
|
||||
mWiFiNetworkAgent.connect(false);
|
||||
|
||||
genericNetworkCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
|
||||
wifiNetworkCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
|
||||
vpnNetworkCallback.assertNoCallback();
|
||||
|
||||
// TODO : check callbacks agree with the return value of mCm.getActiveNetwork().
|
||||
// Right now this is not possible because establish() is not adequately instrumented
|
||||
// in this test.
|
||||
|
||||
final MockNetworkAgent vpnNetworkAgent = new MockNetworkAgent(TRANSPORT_VPN);
|
||||
final ArraySet<UidRange> ranges = new ArraySet<>();
|
||||
ranges.add(new UidRange(uid, uid));
|
||||
vpnNetworkAgent.setUids(ranges);
|
||||
vpnNetworkAgent.connect(false);
|
||||
|
||||
genericNetworkCallback.expectAvailableCallbacksUnvalidated(vpnNetworkAgent);
|
||||
wifiNetworkCallback.assertNoCallback();
|
||||
vpnNetworkCallback.expectAvailableCallbacksUnvalidated(vpnNetworkAgent);
|
||||
|
||||
genericNetworkCallback.expectCallback(CallbackState.NETWORK_CAPABILITIES, vpnNetworkAgent);
|
||||
vpnNetworkCallback.expectCapabilitiesLike(
|
||||
nc -> nc.appliesToUid(uid) && !nc.appliesToUid(uid + 1), vpnNetworkAgent);
|
||||
|
||||
ranges.clear();
|
||||
vpnNetworkAgent.setUids(ranges);
|
||||
|
||||
genericNetworkCallback.expectCallback(CallbackState.LOST, vpnNetworkAgent);
|
||||
wifiNetworkCallback.assertNoCallback();
|
||||
vpnNetworkCallback.expectCallback(CallbackState.LOST, vpnNetworkAgent);
|
||||
|
||||
ranges.add(new UidRange(uid, uid));
|
||||
vpnNetworkAgent.setUids(ranges);
|
||||
|
||||
genericNetworkCallback.expectAvailableCallbacksValidated(vpnNetworkAgent);
|
||||
wifiNetworkCallback.assertNoCallback();
|
||||
vpnNetworkCallback.expectAvailableCallbacksValidated(vpnNetworkAgent);
|
||||
|
||||
mWiFiNetworkAgent.disconnect();
|
||||
|
||||
genericNetworkCallback.expectCallback(CallbackState.LOST, mWiFiNetworkAgent);
|
||||
wifiNetworkCallback.expectCallback(CallbackState.LOST, mWiFiNetworkAgent);
|
||||
vpnNetworkCallback.assertNoCallback();
|
||||
|
||||
vpnNetworkAgent.disconnect();
|
||||
|
||||
genericNetworkCallback.expectCallback(CallbackState.LOST, vpnNetworkAgent);
|
||||
wifiNetworkCallback.assertNoCallback();
|
||||
vpnNetworkCallback.expectCallback(CallbackState.LOST, vpnNetworkAgent);
|
||||
|
||||
mCm.unregisterNetworkCallback(genericNetworkCallback);
|
||||
mCm.unregisterNetworkCallback(wifiNetworkCallback);
|
||||
mCm.unregisterNetworkCallback(vpnNetworkCallback);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user