LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge changes from topic "xfrmi-support" am: f928c1e4b9 am: 4b7bb9f374

Browse Source 
am: b71b2aefef

Change-Id: I9c543d38c88181b12cdbc7bdb93d7e38f1dfd425
This commit is contained in:
Benedict Wong
2018-11-25 19:38:35 -08:00
committed by android-build-merger
parent baca8b7647 b71b2aefef
commit c1f747bb5e
2 changed files with 52 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/net/java/android/net/IpSecConfigTest.java
View File

@@ -47,6 +47,7 @@ public class IpSecConfigTest {
assertNull(c.getEncryption()); assertNull(c.getEncryption());
assertNull(c.getAuthentication()); assertNull(c.getAuthentication());
assertEquals(IpSecManager.INVALID_RESOURCE_ID, c.getSpiResourceId()); assertEquals(IpSecManager.INVALID_RESOURCE_ID, c.getSpiResourceId());
assertEquals(0, c.getXfrmInterfaceId());
} }
private IpSecConfig getSampleConfig() { private IpSecConfig getSampleConfig() {
@@ -77,6 +78,7 @@ public class IpSecConfigTest {
c.setNattKeepaliveInterval(42); c.setNattKeepaliveInterval(42);
c.setMarkValue(12); c.setMarkValue(12);
c.setMarkMask(23); c.setMarkMask(23);
c.setXfrmInterfaceId(34);
return c; return c;
} }

54
tests/net/java/com/android/server/IpSecServiceParameterizedTest.java
View File

@@ -71,6 +71,9 @@ public class IpSecServiceParameterizedTest {
private final LinkAddress mLocalInnerAddress; private final LinkAddress mLocalInnerAddress;
private final int mFamily; private final int mFamily;
private static final int[] ADDRESS_FAMILIES =
new int[] {AF_INET, AF_INET6};
@Parameterized.Parameters @Parameterized.Parameters
public static Collection ipSecConfigs() { public static Collection ipSecConfigs() {
return Arrays.asList( return Arrays.asList(
@@ -196,6 +199,7 @@ public class IpSecServiceParameterizedTest {
anyString(), anyString(),
eq(TEST_SPI), eq(TEST_SPI),
anyInt(), anyInt(),
anyInt(),
anyInt()); anyInt());
// Verify quota and RefcountedResource objects cleaned up // Verify quota and RefcountedResource objects cleaned up
@@ -231,6 +235,7 @@ public class IpSecServiceParameterizedTest {
anyString(), anyString(),
eq(TEST_SPI), eq(TEST_SPI),
anyInt(), anyInt(),
anyInt(),
anyInt()); anyInt());
// Verify quota and RefcountedResource objects cleaned up // Verify quota and RefcountedResource objects cleaned up
@@ -304,7 +309,8 @@ public class IpSecServiceParameterizedTest {
eq((authCrypt != null) ? authCrypt.getTruncationLengthBits() : 0), eq((authCrypt != null) ? authCrypt.getTruncationLengthBits() : 0),
eq(config.getEncapType()), eq(config.getEncapType()),
eq(encapSocketPort), eq(encapSocketPort),
eq(config.getEncapRemotePort())); eq(config.getEncapRemotePort()),
eq(config.getXfrmInterfaceId()));
} }
@Test @Test
@@ -430,6 +436,7 @@ public class IpSecServiceParameterizedTest {
anyString(), anyString(),
eq(TEST_SPI), eq(TEST_SPI),
anyInt(), anyInt(),
anyInt(),
anyInt()); anyInt());
// quota is not released until the SPI is released by the Transform // quota is not released until the SPI is released by the Transform
assertEquals(1, userRecord.mSpiQuotaTracker.mCurrent); assertEquals(1, userRecord.mSpiQuotaTracker.mCurrent);
@@ -452,6 +459,7 @@ public class IpSecServiceParameterizedTest {
anyString(), anyString(),
eq(TEST_SPI), eq(TEST_SPI),
anyInt(), anyInt(),
anyInt(),
anyInt()); anyInt());
// Verify quota and RefcountedResource objects cleaned up // Verify quota and RefcountedResource objects cleaned up
@@ -469,6 +477,7 @@ public class IpSecServiceParameterizedTest {
anyString(), anyString(),
anyInt(), anyInt(),
anyInt(), anyInt(),
anyInt(),
anyInt()); anyInt());
assertEquals(0, userRecord.mSpiQuotaTracker.mCurrent); assertEquals(0, userRecord.mSpiQuotaTracker.mCurrent);
@@ -504,6 +513,7 @@ public class IpSecServiceParameterizedTest {
anyString(), anyString(),
eq(TEST_SPI), eq(TEST_SPI),
anyInt(), anyInt(),
anyInt(),
anyInt()); anyInt());
// Verify quota and RefcountedResource objects cleaned up // Verify quota and RefcountedResource objects cleaned up
@@ -572,11 +582,12 @@ public class IpSecServiceParameterizedTest {
assertEquals(1, userRecord.mTunnelQuotaTracker.mCurrent); assertEquals(1, userRecord.mTunnelQuotaTracker.mCurrent);
verify(mMockNetd) verify(mMockNetd)
.addVirtualTunnelInterface( .ipSecAddTunnelInterface(
eq(createTunnelResp.interfaceName), eq(createTunnelResp.interfaceName),
eq(mSourceAddr), eq(mSourceAddr),
eq(mDestinationAddr), eq(mDestinationAddr),
anyInt(), anyInt(),
anyInt(),
anyInt()); anyInt());
} }
@@ -591,7 +602,7 @@ public class IpSecServiceParameterizedTest {
// Verify quota and RefcountedResource objects cleaned up // Verify quota and RefcountedResource objects cleaned up
assertEquals(0, userRecord.mTunnelQuotaTracker.mCurrent); assertEquals(0, userRecord.mTunnelQuotaTracker.mCurrent);
verify(mMockNetd).removeVirtualTunnelInterface(eq(createTunnelResp.interfaceName)); verify(mMockNetd).ipSecRemoveTunnelInterface(eq(createTunnelResp.interfaceName));
try { try {
userRecord.mTunnelInterfaceRecords.getRefcountedResourceOrThrow( userRecord.mTunnelInterfaceRecords.getRefcountedResourceOrThrow(
createTunnelResp.resourceId); createTunnelResp.resourceId);
@@ -614,7 +625,7 @@ public class IpSecServiceParameterizedTest {
// Verify quota and RefcountedResource objects cleaned up // Verify quota and RefcountedResource objects cleaned up
assertEquals(0, userRecord.mTunnelQuotaTracker.mCurrent); assertEquals(0, userRecord.mTunnelQuotaTracker.mCurrent);
verify(mMockNetd).removeVirtualTunnelInterface(eq(createTunnelResp.interfaceName)); verify(mMockNetd).ipSecRemoveTunnelInterface(eq(createTunnelResp.interfaceName));
try { try {
userRecord.mTunnelInterfaceRecords.getRefcountedResourceOrThrow( userRecord.mTunnelInterfaceRecords.getRefcountedResourceOrThrow(
createTunnelResp.resourceId); createTunnelResp.resourceId);
@@ -623,6 +634,41 @@ public class IpSecServiceParameterizedTest {
} }
} }
@Test
public void testApplyTunnelModeTransform() throws Exception {
IpSecConfig ipSecConfig = new IpSecConfig();
ipSecConfig.setMode(IpSecTransform.MODE_TUNNEL);
addDefaultSpisAndRemoteAddrToIpSecConfig(ipSecConfig);
addAuthAndCryptToIpSecConfig(ipSecConfig);
IpSecTransformResponse createTransformResp =
mIpSecService.createTransform(ipSecConfig, new Binder(), "blessedPackage");
IpSecTunnelInterfaceResponse createTunnelResp =
createAndValidateTunnel(mSourceAddr, mDestinationAddr, "blessedPackage");
int transformResourceId = createTransformResp.resourceId;
int tunnelResourceId = createTunnelResp.resourceId;
mIpSecService.applyTunnelModeTransform(tunnelResourceId, IpSecManager.DIRECTION_OUT,
transformResourceId, "blessedPackage");
for (int selAddrFamily : ADDRESS_FAMILIES) {
verify(mMockNetd)
.ipSecUpdateSecurityPolicy(
eq(mUid),
eq(selAddrFamily),
eq(IpSecManager.DIRECTION_OUT),
anyString(),
anyString(),
eq(TEST_SPI),
anyInt(), // iKey/oKey
anyInt(), // mask
eq(tunnelResourceId));
}
ipSecConfig.setXfrmInterfaceId(tunnelResourceId);
verifyTransformNetdCalledForCreatingSA(ipSecConfig, createTransformResp);
}
@Test @Test
public void testAddRemoveAddressFromTunnelInterface() throws Exception { public void testAddRemoveAddressFromTunnelInterface() throws Exception {
for (String pkgName : new String[]{"blessedPackage", "systemPackage"}) { for (String pkgName : new String[]{"blessedPackage", "systemPackage"}) {