This change adds the ability for IKEv2/IPsec VPN profiles to run on Test
Networks. If enabled, the IKEv2/IPsec VPN profiles will request ONLY
test networks.
Bug: 148582947
Test: FrameworksNetTests passing
Test: Added for testing
Change-Id: I2511b39b27a1e29ae97907cdb12728d13fb1628f
Merged-In: I2511b39b27a1e29ae97907cdb12728d13fb1628f
(cherry picked from commit 9e18eeb4a676ef3afc4bc510f18f81213b8edc55)
The constructor was changed to allow for unit tests.
Bug: 137328719
Test: atest FrameworksNetIntegrationTests
Original-Change: https://android-review.googlesource.com/1295360
Merged-In: I46f247268310e12d420531745a22e93cf3550e89
Change-Id: I46f247268310e12d420531745a22e93cf3550e89
This change sets the owner and administrator UIDs for test networks when
their initial values match the UID for the app creating the test
network. This ensures that apps registering test networks can only make
themselves owners / administrators of the network.
Bug: 153449964
Test: atest NetworkAgentTest
Change-Id: I3a974700aa1d83cb285295ed1de0aa263e2e5b58
Merged-In: I3a974700aa1d83cb285295ed1de0aa263e2e5b58
(cherry picked from commit 35782280a2adceec96b8e03c217788afa05894a0)
This change adds tests to validate that both transport and tunnel mode
transforms continue to work even after the SPI resource has been
released. Specifically, since SPI resources are effectively subsumed by
the creation of a Transform, the SPI resource is still "alive", but
removed from the user-tracking sparse arrays.
Bug: 142072071
Test: Added these new tests. Failing prior to aosp/1133555, passes with.
Change-Id: I37dd459d08b57b14f72f3b28ea80fa231b152f10
Merged-In: I37dd459d08b57b14f72f3b28ea80fa231b152f10
(cherry picked from commit 4d3f871a944d24cd7cbe3aa51a789a71020eafb5)
IpSecService.applyTunnelModeTransform() currently does not take an
SpiRecord instance, yet implicitly requires that the SpiRecord instance
is still alive based on the stored SpiRecord resourceId in
the TransformRecord's IpSecConfig.
This check is unnecessary, as the SpiRecord has been subsumed into the
TransformRecord, and the kernel resources are kept alive whether or
not the SpiRecord is still held by the user.
This allows users of the IpSecManager API to allocate short-lived SPIs
during the creation of an IpSecTransform, without having to keep track
of both of them (even though the SPI is no longer usable).
The TransformRecord.getSpiRecord() call is already used in
multiple other places in the same method.
Bug: 142072071
Test: New tests added, passing.
Change-Id: I1959f3080946267243564459ff4207647922566e
Merged-In: I1959f3080946267243564459ff4207647922566e
(cherry picked from commit 5258b1b82f39bf17e0751bcb94479464250aaec5)
This commit adds support for validating and filtering IPsec algorithms.
Without a public API exposing IKEv2 algorithms (and their respective
public APIs), the allowedAlgorithms can only filter the proposals for
IPsec (Child) SA algorithms.
Additionally, this removes the HMAC_SHA1 from the IKE SA's integrity
algorithm proposals due to insecurity
Bug: 153701879
Test: FrameworksNetTests passing, new tests added
Change-Id: I7e61a1612692db275b751330af5bacbf86836a8c
Merged-In: I7e61a1612692db275b751330af5bacbf86836a8c
(cherry picked from commit 94e1c08a9ad4b0ff17e0f3a77fff0d3364040ba5)
NetworkStats calculation needs to filter out debug entries to
prevent over counting. While NetworkStatsFactory migrates data
usage over a VPN to the TUN network, NetworkStatsFactory does
not filter out debug entries per vpn which will cause debug
entries left and cause exception.
Bug: 152678151
Test: atest com.android.server.net.NetworkStatsFactoryTest
and verify no exception
Change-Id: I3525edc385b07858b48c7add2d331c4b5a2e84ad
Merged-In: I3525edc385b07858b48c7add2d331c4b5a2e84ad
Address issues found during AIDL review:
- Rename clientAddr to singleClientAddr
- Do not use a ParcelableBundle for notifyNetworkTested or
notifyDataStallSuspected; instead use AIDL parcelables for stronger
backwards compatibility guarantees.
Test: atest NetworkMonitorTest ConnectivityServiceTest
ConnectivityServiceIntegrationTest, manual
Bug: 153500847
Merged-In: Id9b71784e5f6294d203230e57737979e063ff0f8
Change-Id: Id9b71784e5f6294d203230e57737979e063ff0f8
TelephonyNetworkSpecifier will now treat null as matching nothing. When
the request specifies a TelephonyNetworkSpecifier while the network does
not, this should not be treated as a match.
Bug: 154703135
Test: atest android.net.TelephonyNetworkSpecifierTest
Change-Id: I329110e929995c9eae6c6ce33b5414777acea1e1
Add network agent to test more situation that could get the
onNetworkRequested callback.
Bug: 153614605
Bug: 153613690
Bug: 153612373
Test: atest CtsNetTestCasesLatestSdk:android.net.NetworkProviderTest
Change-Id: I7f827710b47546bd4419cc1ff06f03ec4635583d
Merged-In: Id494a1697cc1b73e8e56ae585a69faec31c59f52
(cherry picked from commit 9e92e57fd70944cbe8bb61bbb7a5fa728d0e68f5)
Currently, if a prefix is learned from an RA while prefix
discovery is running, clatd will be correctly started, but
prefix discovery will be stopped.
In order to fix this, make it possible to call
stopPrefixDiscovery without transitioning to IDLE state (which
is obviously necessary in this case), by moving the assignment of
the next state from that method to its callers. For consistency,
do the same for startPrefixDiscovery.
Bug: 150648313
Test: new test coverage
Change-Id: I3803fa3d9806848b331c35ee8bac256934bd1f21
Merged-In: I3803fa3d9806848b331c35ee8bac256934bd1f21
(cherry picked from commit c7c6f76402a989f91b02c37574b6a9de592cf1af)
464xlat will never be started on a network that is not connected,
or on a network that has no IPv6 address.
This is a no-op test-only change but it is necessary for an
upcoming change that violates some of the invalid assumptions
currently made by this test and causes it to fail.
Bug: 150648313
Test: test-only change
Change-Id: I41766e9adaa7c24454648b371e6e3cc647693be5
Merged-In: I41766e9adaa7c24454648b371e6e3cc647693be5
(cherry picked from commit df0c522d18ee73c1d20cff1a1dc955b383e6c355)
The NAT64 prefix from the RA always takes precedence over the
NAT64 prefix from DNS discovery, because it is detected faster,
and detecting it does not require sending any packets.
Bug: 150648313
Test: new unit test
Merged-In: Ic7452431d2d9aea1ae59b67a9d8383c6cc5b3902
Change-Id: Ic7452431d2d9aea1ae59b67a9d8383c6cc5b3902
Address comment from aosp/1162443.
Move to FrameworksNetCommonTests so that it can be run in
cts test and presubmit test.
Also change package name from android.net.cts to android.net
Bug: 154299158
Test: atest FrameworksNetTest
atest CtsNetTestCasesLatestSdk:android.net.DhcpInfoTest
Change-Id: Ib6c9b7729ec4c348d94d025996efa9a1f436258b
Merged-In: I42a965ae5cb748fdd80b4d5c0f8b26f36f74be72
>>>>>>>>>>>>>>>>>>>>>>
aosp/1284588
Adjust permission of NetworkProvider related API
- Allow an app holds NETWORK_SETTINGS to acess registerNetworkProvier()
and unregisterNetworkProvider().
- To access declareNetworkRequestUnfulfillable(), allow an app holds
MANAGE_TEST_NETWORKS to declare a unfulfillable request that contains
TRANSPORT_TEST transport.
This makes easier to write cts to test.
>>>>>>>>>>>>>>>>>>>>>>
aosp/1285957
Add cts test for NetworkProvider
It will skip whole tests on Q device since NetworkProvider class
is introduced in R.
Result on Q device would be:
[1/1] android.net.NetworkProviderTest#skippedClassForDevSdkMismatch: IGNORED (3ms)
>>>>>>>>>>>>>>>>>>>>>>
Bug: 153614605
Bug: 153613690
Bug: 153612373
Test: atest FrameworksNetTests
atest CtsNetTestCases:android.net.NetworkProviderTest
Test: atest CtsNetTestCasesLatestSdk:android.net.NetworkProviderTest
Change-Id: Ib6f42b8f0e94e8c2715a030587e065864edff25b
Merged-In: Ic9809e731aa811a51c2f82d189372169d99a5ed9
Merged-In: If7bfc7fae503e3497c37754697d0b148ff4cab3b
(cherry picked from commit 10138d42a8f3892fcdb129a39409efe42873f6fe)
A test that ensures that NetworkCapabilities.TRANSPORT_* is eaual
to IDnsResolver.TRANSPORT_* for every possible value of each.
Bug: 153267602
Test: atest FrameworksNetTests
Merged-In: I6b23ccc6ce1659fdfd9573dfcd895f2c20fa9417
Change-Id: I3dd4ed0d1fcceca9c8aec9b3e6769603e4fa913b
(cherry picked from commit 5f28e6f881e0ea52e8e96c1207654ce44b0d05a1)
This cannot (currently) happen with DNS64 detection, but it can
happen with the PREF64 option.
Bug: 150648313
Test: atest ConnectivityServiceTest Nat464XlatTest --rerun-until-failure 100
Merged-In: I789fe9d46d3ac5d074ae697d23013f24a9e0246d
Change-Id: I789fe9d46d3ac5d074ae697d23013f24a9e0246d
Add missing tests to cover all system APIs
Bug: 152280218
Bug: 150640683
Test: atest CtsNetTestCasesLatestSdk:CaptivePortalDataTest on
both Q and R device
Change-Id: I6d3826922f16816d5b18ed3540266442a0ed3e49
Merged-In: I6d3826922f16816d5b18ed3540266442a0ed3e49
(cherry picked from commit d9f9bf34637f699608fa3b919b3c85f3d5514a83)
Commit has to on top of aosp/1281921 to skip whole test in Q
device since CaptivePortalData class is introduced in R.
Result in Q will be:
[1/1] android.net.CaptivePortalDataTest#skippedClassForDevSdkMismatch: IGNORED
Bug: 152280218
Bug: 150640683
Test: atest CtsNetTestCasesLatestSdk:CaptivePortalDataTest on
both Q and R device
Merged-In: Iddd00e1c85abe767b1a41a1761d3266ba322dba6
Change-Id: Iddd00e1c85abe767b1a41a1761d3266ba322dba6
For a given network, resolver doesn't know what transport types are.
Therefore, when a new network is created or transport types are changed
in a give network, transport types will be updated and sent by calling
setResolverConfiguration(). In the same time, if link properties or
transport types are null, setResolverConfiguration() won't be called.
The original behaviors of setResolverConfiguration() aren't changed.
Only increasing one new behavior that when a given network has transport
type change, calling setResolverConfiguration() directly and resolver
updates the transport types for that given network.
Bug: 143732914
Test: atest FrameworksNetTests
atest FrameworksNetIntegrationTests
Change-Id: I6527cde0e177ba08c886576131b35fc769c2bb53
Currently, TestableNetworkStatsProvider is a subclass of
INetworkStatsProvider. This is not very accurate naming after
API council review feedback since now we have
NetworkStatsProvider as a system api interface.
This is the counter-part change of actual renaming CL in
NetworkStack.
Test: atest FrameworksNetTests TetheringTests
Bug: 150643374
Change-Id: Ifa8175dc4e2fe2b907ec13b3bd2eca12974f5ea7
Currently, the addEntry method is used in constructor of test,
which is not correct since there is no such method in Q devices.
Thus, initialize of NetworkStats variables outside of constructor.
Test: atest NetworkStatsApiTest
Test: atest CtsNetTestCasesLatestSdk:NetworkStatsApiTest on Q device
Bug: 150644692
Change-Id: Ibf2f8118c459a8d7a0992deca8f0f339ccd1bcea
Merged-In: Ibf2f8118c459a8d7a0992deca8f0f339ccd1bcea
(cherry picked from commit ae023a8bbd3a7482fd66547d58759c88e100f207)
This just a rename with no functional changes at all. It is
preparation for supporting getting the NAT64 prefix from the
RA.
Bug: 150648313
Test: covered by existing ConnectivityServiceTest and Nat464XlatTest
Merged-In: Ia9a09a708870827b1e4cf068f930fa9542dd116c
Change-Id: Ia9a09a708870827b1e4cf068f930fa9542dd116c
In current design, entries with zeros are preserved after
addition/subtraction. These entries are not very useful
and lead to difficulty of verifying the result of
addition/subtraction.
However, change the behavior in the original NetworkStats
is considered risky in current stage.
Thus, this change provide a function that could remove these
empty entries in tests.
Test: atest FrameworksNetTests
Bug: 152827872
Bug: 150644692
Change-Id: I40a76935d55712b8083ee1e17e137a8a4ef5e029
Merged-In: I40a76935d55712b8083ee1e17e137a8a4ef5e029
(cherry picked from commit 6c7bef3064dbe949b7b213036b8e70c125ddd343)
setAdministratorUids does not exist on Q, so such tests must be skipped
on Q devices.
Bug: 147903575
Test: atest CtsNetTestCasesLatestSdk on Q and AOSP devices
Merged-In: I1b362660de9733bb9f0ede1ed5cf62279bf1c05e
Change-Id: I1b362660de9733bb9f0ede1ed5cf62279bf1c05e
