-The ability to launch VPNs is now sticky; once approved by the user,
further approvals are not needed UNLESS the connection is revoked in
Quick Settings.
-The old persistent notification has been removed in favor of the new
Quick Settings UI.
-The name of the VPN app is now pulled from the label of the VPN
service rather than the app itself, if one is set.
Bug: 12878887
Bug: 16578022
Change-Id: I102a14c05db26ee3aef030cda971e5165f078a91
LinkProperties can represent way more complicated configurations
than what we can actually apply to interfaces. This makes it
error-prone to use it to represent static configuration, both
when trying to apply configuration coming from LinkProperties
and when trying to save configuration from current
LinkProperties.
Instead, move static configuration (IPv4 only, since we don't
support static IPv6 configuration) into a separate
StaticIpConfiguration class.
Bug: 16114392
Bug: 16893413
Change-Id: Ib33f35c004e30b6067bb20235ffa43c247d174df
Add logic to obtain the mtu from the network PCO parameter and set it to kernel
when the mobile data connection is established. When there is no PCO mtu configured
from the network, the mtu size defined in the corresponding APN will be used. In case
no mtu size is defined for an APN used for data connection, the MCC/MNC based MTU
defined in the framework overaly will be applied.
bug:17046179
Change-Id: I6465d4b8f2076aaa380ae3617fb3f24adbe136d4
This addresses a TODO and also makes it possible to create
routes to destinations that are not valid LinkAddresses, such as
multicast addresses.
Bug: 16875580
Change-Id: Id4c77b00dc3064bf27d78cdcbbe035e645748cfe
Some devices use clatd for catching raw IPv4 traffic when running on
a pure-IPv6 carrier network. In those situations, the per-UID
stats are accounted against the clat iface, so framework users need
to combine both the "base" and "stacked" iface usage together.
This also means that policy rules (like restricting background data
or battery saver) need to apply to the stacked ifaces.
Finally, we need to massage stats data slightly:
-- Currently xt_qtaguid double-counts the clatd traffic *leaving*
the device; both against the original UID on the clat iface, and
against UID 0 on the final egress interface.
-- All clatd traffic *arriving* at the device is missing the extra
IPv6 packet header overhead when accounted against the final UID.
Bug: 12249687, 15459248, 16296564
Change-Id: I0ee59d96831f52782de7a980e4cce9b061902fff
If Socket.connect() times out, the socket cannot be used any
more - any attempt to do so fails with EBADF. Use a new
socket for each IP address.
Bug: 16664129
Change-Id: If3616df86f7c2da0eabd30dca5db65d0da85cb17
Starting with startUsingNetworkFeature and stop.
Figure it's easier to code review incremental changes.
Change-Id: I19aee65e740858c3a9a2a1a785663f6fee094334
Bypassable VPNs grab all traffic by default (just like secure VPNs), but:
+ They allow all apps to choose other networks using the multinetwork APIs.
If these other networks are insecure ("untrusted"), they will enforce that the
app holds the necessary permissions, such as CHANGE_NETWORK_STATE.
+ They support consistent routing. If an app has an existing connection over
some other network when the bypassable VPN comes up, it's not interrupted.
Bug: 15347374
Change-Id: Iaee9c6f6fa8103215738570d2b65d3fcf10343f3
It was calling into dead ConnectivityService code rather than using
the new ConnectivityManager shim code.
bug:15221541
Change-Id: I1e3eea8a658a162ce36673ed1cf7b1e7e4372c42
ConnectivityManager.requestNetwork pass TYPE_NONE to
sendRequestForNetwork which prevents it from being used with legacy API
requestRouteToHostAddress. This CL infers the legacy network type
automatically from the network capabilities.
b/16324360
Change-Id: I591d38f875f42f56e8cfc157db2069c9eee0ee26
Allows transport specific network selectivity where multi-sim or sta+sta
is supported.
bug:1575597
Change-Id: I9c60fe7710e988c17d63236788b492a3ddd264a1
This eliminates the need for the ConnectivityService.VpnCallback class.
This requires shifting VPNs to the new "network" netd API.
VpnService.protect() is modified to no longer go through ConnectivityService.
NetworkCapabilities is extended to add a transport type for VPNs and a
capability requiring a non-VPN (so the default NetworkRequest isn't satisfied
by a VPN).
bug:15409918
Change-Id: Ic4498f1961582208add6f375ad16ce376ee9eb95
Add getTetheredDhcpRanges() interface and call it before calling
mNwService.startTethering to update dhcp ranges. This will allow
p2p apps to run well concurently with other tethering apps.
Manual import of AOSP change 81546 by jianzheng.zhou@freescale.com
Change-Id: Iebc62f95bdcedde80e2c1d3e9580d3f625c3b50b
Indicates the user has indicated implicit trust of a network. This
generally means it's a sim-selected carrier, a plugged in ethernet,
a paired BT device or a wifi they've asked to connect to. Untrusted
networks are probably limited to unknown wifi AP.
Change-Id: I89490bdaa3c2d63d33f876c72d8b088dc155fa3d
When making Network requests in ConnectivityManager, make sure we install the
callback prior to a response from ConnectivityService arriving causing us to
search for the callback and inadvertently not find it.
bug:15928097
Change-Id: Ie5feb9cc8f5effc19870f54dba07218b2e11d82a
1. Make addDnsServer not add duplicate servers and return a
boolean value incating whether it changed anything. This is
consistent with what we do for LinkAddresses and routes.
2. Add a setDnsServers method that sets all the DNS servers to
the specified collection. This is consistent with what we do
for LinkAddress.
Bug: 9180552
Change-Id: I5baed09253261b66ea42ae2ea82398118e3ab0ac
In IPv4, a link is provisioned when DHCP succeeds. In IPv6, a
there is no such signal, because addresses and DNS servers can
be notified by the kernel at different times.
Add an isProvisioned method that returns true if we believe that
enough information has configured to use a network. For IPv6,
this requires an IP address, default route, and DNS server. For
IPv4, this requires only an IPv4 address, because we support
static configuration that doesn't have a default route or DNS
server.
To do this we use the existing hasIPv4Address method, rename the
all-but unused hasIPv6Address method to hasGlobalIPv6Address
(which is what we want anyway) and add new hasIPv[46]DefaultRoute
and hasIPv[46]DnsServer methods.
Bug: 9180552
Change-Id: Ib2f5ff8af920f7b6f1edf0e2afaaa0edce9bc72d
1. Realize that mDestination can never be null and update the
code accordingly.
2. Simplify isDefaultRoute.
3. Provide two new hidden utility methods, isIPv4Default() and
isIPv6Default(), that can be used by LinkProperties to
to determine if the system has connectivity.
4. Update tests.
Bug: 9180552
Change-Id: I85028d50556c888261d250925962bdedfe08e0c6
This will allow us to dynamically track routes being added and
removed, similar to what we do for IP addresses.
1. Support removing routes. Since this is a new function, we
don't need to jump through hoops to support callers passing
in routes that have no interface, we just fail to match them.
2. Make the addRoute method return a boolean value indicating
whether anything changed. This is consistent with what we do
for addresses and is used to decide whether to update the
rest of the system when an update comes in.
Bug: 9180552
Change-Id: I50648b5f81ec55c88501a7640e119cda2bb540f2
1. Allow IpPrefixes to be created from strings. In order to do
this, factor out the code from LinkAddress which already does
this to a small utility class in NetworkUtils.
2. Truncate prefixes on creation, fixing a TODO.
3. Add a toString method.
4. Write a unit test.
While I'm at it, make RouteInfoTest pass again, and convert it
to use IpPrefix instead of LinkAddress.
Change-Id: I5f68f8af8f4aedb25afaee00e05369f01e82a70b
If these constants are zero (or, rather, if they're not all
different), the test will fail with more cryptic error messages
whose cause is not obvious. Clearly check for that here.
Bug: 15602893
Change-Id: I7ca4a9c5e3d592fd93fbfa1b50666a1861a0031d
