As NetworkAgent is in a transition where all agents need
to include the NOT_SUSPENDED capability as part of their
migration to the system API, ConnectivityService adds it
forcefully to all agents that don't have the CELLULAR
transport. This doesn't include VPNs when VPNs have some
cellular network as their underlying network.
The best way to solve this is to make sure the VPN
capabilities reflect those of the underlying networks as
far as the NOT_SUSPENDED capability is concerned. This
is how they work for other similar capabilities.
This also happens to contain a drive-by fix for an issue
with a spurious capabilities callback is triggered when
a VPN connects and it has any underlying network (which
means almost always, because it will take the default
network if it doesn't declare any). Fixing this was
necessary to have a cogent test of this issue, but it
could be moved to another patch or it could stay unfixed
with some minor ajustment to the tests if judged too
dangerous to include in R at this point.
Test: New tests in this patch. Also manually tested with
tcpdump as described in b/150570873.
Bug: 150570873
Change-Id: I3e4ff990c0d4825b21c7679be29a482a2d1324ec
Set the parcelSensitiveFields bit when sending LinkProperties to
NetworkMonitor, so that the captive portal API URL is not lost.
Test: atest ConnectivityServiceIntegrationTest (see followup change)
Bug: 156062304
Change-Id: Ifd4e9c02a6b9a2b2b8b254fc4da7bfb9e0a84550
When a VPN connects and it has any underlying network (which
means almost always, because it will take the default network
if it doesn't declare any), it has default capabilities and
will only take the capabilities of its underlying network
as part of an update happening after making the network
available but before the rematch can take place. This in turn
causes the capabilities callback sent as part of the rematch
to be spuriously sent.
Test: FrameworksNetTests. Also tested together with a
followup that adds tests with drive-by coverage for this.
Bug: 150570873
Change-Id: Id7d8bba486bada1a7ba5b0f152d2aa02e407f249
Added a new network capability TEMOPORARILY_NOT_METERED to support
the case that a network can temporarily become unmetered. This
allows carriers to deploy unmetered 5G network. When devices
camp on 5G network, this capability will be dynamically added
to the network and will be removed once leaving 5G coverage.
Bug: 153081494
Test: Manual
Change-Id: I10e26cb0852e67f614e7b9c4e49f95e078602e21
Merged-In: I10e26cb0852e67f614e7b9c4e49f95e078602e21
MatchAllNetworkSpecifier is a subclass of NetworkSpecifer. The method
satisfiedBy should be renamed to canBeSatisfiedBy together with other
subclass of NetworkSpecifer in b/152238712.
Add annotation @Overide for the method to make sure it will not get
ignored when refactor in the future.
Bug: 154956584
Test: atest android.net.MatchAllNetworkSpecifierTest
Change-Id: Ibe32fd50fae43aa635c1c0dad66eaea82011c8b7
NetworkStats calculation needs to filter out debug entries to
prevent over counting. While NetworkStatsFactory migrates data
usage over a VPN to the TUN network, NetworkStatsFactory does
not filter out debug entries per vpn which will cause debug
entries left and cause exception.
Bug: 152678151
Test: atest com.android.server.net.NetworkStatsFactoryTest
and verify no exception
Change-Id: I3525edc385b07858b48c7add2d331c4b5a2e84ad
The constructor was changed to allow for unit tests.
Bug: 137328719
Test: atest FrameworksNetIntegrationTests
Change-Id: I46f247268310e12d420531745a22e93cf3550e89
Add a comment explaining the ordering of messages sent to the tracker
and connectivity diagnostics handlers.
Add a Slog.wtf call in case the deprecated notifyNetworkTested callback
is called.
Bug: 153500847
Test: atest ConnectivityServiceTest
Change-Id: I2dbfc9bf7b2f785ea4594851bd354e9fd0fc0bd1
Address issues found during AIDL review:
- Rename clientAddr to singleClientAddr
- Do not use a ParcelableBundle for notifyNetworkTested or
notifyDataStallSuspected; instead use AIDL parcelables for stronger
backwards compatibility guarantees.
Test: atest NetworkMonitorTest ConnectivityServiceTest
ConnectivityServiceIntegrationTest, manual
Bug: 153500847
Change-Id: Id9b71784e5f6294d203230e57737979e063ff0f8
Currently, if a prefix is learned from an RA while prefix
discovery is running, clatd will be correctly started, but
prefix discovery will be stopped.
In order to fix this, make it possible to call
stopPrefixDiscovery without transitioning to IDLE state (which
is obviously necessary in this case), by moving the assignment of
the next state from that method to its callers. For consistency,
do the same for startPrefixDiscovery.
Bug: 150648313
Test: new test coverage
Change-Id: I3803fa3d9806848b331c35ee8bac256934bd1f21
464xlat will never be started on a network that is not connected,
or on a network that has no IPv6 address.
This is a no-op test-only change but it is necessary for an
upcoming change that violates some of the invalid assumptions
currently made by this test and causes it to fail.
Bug: 150648313
Test: test-only change
Change-Id: I41766e9adaa7c24454648b371e6e3cc647693be5
The NAT64 prefix from the RA always takes precedence over the
NAT64 prefix from DNS discovery, because it is detected faster,
and detecting it does not require sending any packets.
Bug: 150648313
Test: new unit test
Change-Id: Ic7452431d2d9aea1ae59b67a9d8383c6cc5b3902
Address comment from aosp/1162443.
Move to FrameworksNetCommonTests so that it can be run in
cts test and presubmit test.
Also change package name from android.net.cts to android.net
Bug: 154299158
Test: atest FrameworksNetTest
atest CtsNetTestCasesLatestSdk:android.net.DhcpInfoTest
Change-Id: I42a965ae5cb748fdd80b4d5c0f8b26f36f74be72
Add network agent to test more situation that could get the
onNetworkRequested callback.
Bug: 153614605
Bug: 153613690
Bug: 153612373
Test: atest CtsNetTestCasesLatestSdk:android.net.NetworkProviderTest
Change-Id: Id494a1697cc1b73e8e56ae585a69faec31c59f52
A test that ensures that NetworkCapabilities.TRANSPORT_* is eaual
to IDnsResolver.TRANSPORT_* for every possible value of each.
Bug: 153267602
Test: atest FrameworksNetTests
Change-Id: I6b23ccc6ce1659fdfd9573dfcd895f2c20fa9417
There are tasks that need to be performed when receiving
LinkProperties directly from a NetworkAgent (either at
registration time or in subsequent updates).
Currently, the only example of such a task is calling
ensureDirectlyConnectedRoutes. This is currently done in
handleUpdateLinkProperties, which is often unnecessary,
because that method iscalled in many other cases than when
receiving properties directly from an agent. Ensuring directly
connected routes only needs to be done when receiving
LinkProperties from the agent, because ConnectivityService does
not directly manipulate routes.
This CL does not do much except remove these superfluous calls
and add the method. A future CL will add more code to the method.
Bug: 150648313
Test: atest ConnectivityServiceTest
Change-Id: Ibeeb5f79e8afd3350c935934713d7882f2e0281f
It will skip whole tests on Q device since NetworkProvider class
is introduced in R.
Result on Q device would be:
[1/1] android.net.NetworkProviderTest#skippedClassForDevSdkMismatch: IGNORED (3ms)
Bug: 153614605
Bug: 153613690
Bug: 153612373
Test: atest CtsNetTestCasesLatestSdk:android.net.NetworkProviderTest
Change-Id: If7bfc7fae503e3497c37754697d0b148ff4cab3b
- Allow an app holds NETWORK_SETTINGS to acess registerNetworkProvier()
and unregisterNetworkProvider().
- To access declareNetworkRequestUnfulfillable(), allow an app holds
MANAGE_TEST_NETWORKS to declare a unfulfillable request that contains
TRANSPORT_TEST transport.
This makes easier to write cts to test.
Bug: 153612373
Bug: 153614605
Test: atest FrameworksNetTests
atest CtsNetTestCases:android.net.NetworkProviderTest
Change-Id: Ic9809e731aa811a51c2f82d189372169d99a5ed9
This cannot (currently) happen with DNS64 detection, but it can
happen with the PREF64 option.
Bug: 150648313
Test: atest ConnectivityServiceTest Nat464XlatTest --rerun-until-failure 100
Change-Id: I789fe9d46d3ac5d074ae697d23013f24a9e0246d
Currently, TestableNetworkStatsProvider is a subclass of
INetworkStatsProvider. This is not very accurate naming after
API council review feedback since now we have
NetworkStatsProvider as a system api interface.
This is the counter-part change of actual renaming CL in
NetworkStack.
Test: atest FrameworksNetTests TetheringTests
Bug: 150643374
Change-Id: Ifa8175dc4e2fe2b907ec13b3bd2eca12974f5ea7
Merged-In: Ifa8175dc4e2fe2b907ec13b3bd2eca12974f5ea7
(cherry-picked from ag/10976522)
This commit adds support for validating and filtering IPsec algorithms.
Without a public API exposing IKEv2 algorithms (and their respective
public APIs), the allowedAlgorithms can only filter the proposals for
IPsec (Child) SA algorithms.
Additionally, this removes the HMAC_SHA1 from the IKE SA's integrity
algorithm proposals due to insecurity
Bug: 153701879
Test: FrameworksNetTests passing, new tests added
Change-Id: I7e61a1612692db275b751330af5bacbf86836a8c
- Let any process with NETWORK_SETTINGS register for signal strength
wakeup.
- Allow agents registering test networks to assign them a signal
strength.
Test: NetworkAgentTest
Bug: 139268426
Change-Id: I2b4b89be3e69f4853fd6978d2c8f5c8eb4271f21
Add missing tests to cover all system APIs
Bug: 152280218
Bug: 150640683
Test: atest CtsNetTestCasesLatestSdk:CaptivePortalDataTest on
both Q and R device
Change-Id: I6d3826922f16816d5b18ed3540266442a0ed3e49
