Currently, unprivileged Nat-T keepalives are limited to 1 slot
per uid. Add CTS to verify that the keepalive slots are limited
as customized for unprivileged requests.
Bug: 129371366
Test: atest android.net.cts
.ConnectivityManagerTest#testSocketKeepaliveUnprivileged
--generate-new-metrics 10
Change-Id: I60b9e9ae9cf2b63490493ced9738cd2f402c3f9b
Per SDK requirement, OEM is required to support minimum number of
concurrent keepalives. Implement CTS to verify this.
Bug: 129371366
Test: atest android.net.cts
.ConnectivityManagerTest#testSocketKeepaliveLimit
--generate-new-metrics 10
Change-Id: I8be89116bed5c4dedb2ca42b6d633aa9e8c6a49a
This commit adds a second condition to whether the device is expected to
have the tunnel mode feature. If a device's first API/launch version is
Q or above, require IPsec tunnels
Bug: 72950854
Test: Ran on device with first API level < Q and == Q.
Change-Id: I7b849ad24a04b6b7899a80f1856236b5ceb5a839
This change adds single-direction tests for the IPsec Tunnel Mode API.
In the outbound direction, TUNs are used to capture outgoing packets,
and values are inspected. In the inbound direction, packets are built
manually, using the PacketUtils framework. Additional testing for
end-to-end integration tests will follow in aosp/941021 using packet
reflection via the TUN.
Bug: 72950854
Test: This; passing
Change-Id: Ic4181fc857fa880db5553314efa914f870dbe87c
This change adds utility methods to generate packets incrementally. It
supports UDP, ESP, IPv4, IPv6 packet generation.
For ESP, it exclusively does AES-CBC, HMAC-SHA256.
Bug: 72950854
Test: This
Change-Id: Icffeed2ebb2005d79faf04f48fd5126d1d6fb175
This patch adds a TunUtils class, allowing for packet capture over a TUN
interface, inspection of some basic header fields, and reflection of
packets with flipped src/dst headers.
Bug: 72950854
Test: Ran, passing
Change-Id: I9fdba4a905886c7a4820d86ef52c0cc1843215b2
See build/soong/README.md for more information.
Bug: 122332514
Test: atest CtsHostsideNetworkTests
(same failures as in baseline)
Change-Id: I5b6a22263331b19570b42f156d7ad5d59f8208b4
...so this does not happen again.
This is a test for the fix in Ic91660d974dce21f2affdcacaeffe9accf8451ac
Bug: 1866121
Test: This
Change-Id: Ib7ee866f65baf99b46a31e2115355a42a829421e
Tests cover scenarios related to whether VPN has explicitly declared its
underlying networks plus whether it is an always metered VPN.
For each of these scenarios, we ensure VPN meteredness based on its
capabilities and ConnectivityManager#isActiveNetworkMetered matches.
Bug: 123727651
Test: atest HostsideVpnTests
Change-Id: I3030e5468a55bbc32be2a753f098dcf7f0256af8
These are not multi-ABI because the behaviour does not depend on
the ABI of the app. Some of the APIs are ultimately backed by JNI
code in the system server, but that only depends on the system
server's ABI, not the app's.
Enable instant mode because these applications are subject to the
same network restrictions as other apps.
Fix: 123364589
Test: atest CtsHostsideNetworkTests
Test: cts-tradefed run commandAndExit cts --enable-parameterized-modules --module-parameter instant_app -m CtsHostsideNetworkTests
Change-Id: Ib3c4cd365ffe95889d51a236f035ea84516f0abd
am: 8f755d309d -s ours
am skip reason: change_id Iee8bfe418bf6003e5c78df77d75f6f9745249267 with SHA1 3852fd92f5 is in history
Change-Id: I5a6edd6e8f9216e670edb0e046ffd762fc02da3d
am: f9b246a320 -s ours
am skip reason: change_id Iee8bfe418bf6003e5c78df77d75f6f9745249267 with SHA1 3852fd92f5 is in history
Change-Id: I16d2ba7d301964e1beaf261c1b769a05be4a0187
