Add TCP polling mechanism in KeepaliveTracker to understand if
there are any TCP sockets in the target network. This is a
preparation commit for dynamically control keepalive based on
the existence of TCP sockets. This is non-functional now since
there is no caller to retrieve the information now.
Bug: 259000745
Test: atest FrameworksNetTests
Test: Manually test by creating TCP sockets on the target network
in device and check if deisgn works.
Change-Id: I355ac340cad2fac618bb9d65fb1b1539ea644959
In the context of ConnectivityServiceTest this is plenty
clear, so terser is better.
Test: ConnectivityServiceTest
Change-Id: Id20afc8a81a6c00c932ffae3b8dbc2919773d35b
Create the MdnsDiscoveryManager for mdns discovery and resolution
if the feature is enable.
Bug: 254166302
Test: atest FrameworksNetTests CtsNetTestCases
Change-Id: I4d7591b50cb06f0efcc0dde9834b775c513cceff
Build ExitAnnouncementInfo in MdnsRecordRepository.exitService. Use a
separate class for AnnouncementInfo and ExitAnnouncementInfo, so
announcement callbacks can differentiate each case.
Bug: 241738458
Test: atest
Change-Id: I3b1ad1bef3dc1514479d7c789ef06b6a7de02e59
Once probing succeeds, the advertiser sends announcements for its
records as per RFC6762 8.3.
Implement MdnsRecordRepository.onProbingSucceeded to return the
AnnouncementInfo which will be sent.
Bug: 241738458
Test: atest
Change-Id: Id4c2e610911fdf471a6d6ae08c2127fbf1530dc7
Instead of using a separate service-mdns library, move the code to
service-connectivity-t.
service-connectivity-t is chosen because it has access to hidden API of
classes that were made updatable in T, such as NsdServiceInfo and
NsdManager. mdns code can be there as it is only loaded on T+.
Bug: 241738458
Test: atest
Change-Id: I7eb6c9ab8bf0e0a614ea2994c6ed80a1a780241f
Add tests for MdnsRecordRepository and MdnsInterfaceAdvertiser
implementations of probing.
Bug: 241738458
Test: atest
Change-Id: If41a387f14e805e81b6d0d8217d081ca053e340f
Add MdnsMultinetworkSocketClient which is using for managing
multinetwork for discovery and resolution. If the requests are
specified the network to do the discovery or resolution, it
should send the queries and receive the responses on the active
networks only. This can save the resource by reducing unnecessary
queries and align the behavior with mdnsresponder.
Bug: 254166302
Test: atest FramworksNetTests
Change-Id: I9f49ac11e70cb945f9a90efc5eb684be87801286
PacketRepeater can just try to send to both v4 and v6 multicast
addresses, and rely on MdnsReplySender to check whether the sockets have
(automatically) joined the v4 or v6 groups, so there is no need to use
this unusual lambda setup anymore.
Bug: 264947218
Test: atest MdnsProberTest MdnsAnnouncerTest
Change-Id: I09e0fa4bf14e1f31f2d2508f17e23adf1415feb7
This commit exposes APIs to migrate a tunnel mode transform to
new source/destination addresses, as required by MOBIKE.
By calling the exposed API, the caller only caches the new
address in the transform. To complete the migration, caller
MUST apply the tranform to the appropriate tunnel.
This API design is mainly based on the kernel interface and use
cases. The Linux kernel requires Android to provide both the
IpSecTransform and the IpSecTunnelInterface to perform the
migration. And in most cases those two instances are managed
by different entities: IpSecTranform is managed by the key
exchange protocol (e.g. IKE) and IpSecTunnelInterface is managed by
the security tunnel provider (e.g. VPN, VCN, and IWLAN). Thus the
migration process has been designed to have two steps where the
key exchange protocol negotiates and caches the new address,
passes out the updated transform, and the security tunnel
provider applies the transform to a tunnel.
Another benefit of this API is it can also apply to the case
where the network peer does not support MOBIKE and thus cannot
update the existing transforms. In this case, the key exchange
protocol can create a new transform and give it to the security
tunnel provider, and the tunnel provider can still call "apply"
to perform migration without needing to know the details of the
transform update process.
Bug: 169171001
Test: atest FrameworksNetTests, IpSecManagerTunnelTest
Change-Id: I0658cdb09fb31f7e0fb9d0b07f37c2b72b6e705f
MdnsAdvertiser takes requests to advertise services on given Networks,
and relays them to internal maps of MdnsInterfaceAdvertisers.
SocketProvider is used to create the sockets for the requested networks.
It also ensures that added services do not have name conflicts, as
registration of one service should use the same name on all interfaces,
so any conflict means that every MdnsInterfaceAdvertiser needs to use a
different name. Names are automatically updated with a number suffix
(like "service (2)", "service (3)"), similarly to the legacy
mdnsresponder implementation.
The implementatio of MdnsInterfaceAdvertiser will be added in a
different change.
Bug: 241738458
Test: atest
Change-Id: I21aa93c681dd179b9d6ec425bc0f247a10ba5b0b
This allows us to skip any older CONNECTIVITY_ACTION broadcasts
waiting to be delivered when a new broadcast is dispatched.
Bug: 255545931
Test: TH
Change-Id: Iac5da2f727e295d1775bfe91358900f316258be4
In the original design that using qtaguid module to get the
stats, mDevRecorder was for interface-level summary which
may include non IP layer traffic and mXtRecorder was for
interface-level summary which is only IP layer traffic.
It's migrated to use xt_bpf to read ifaces stats currently
since the qtaguid proc file is no longer exist. Both
readNetworkStatsSummaryXt() and readNetworkStatsSummaryDev()
return stats from bpf iface stats map. mDevRecorder has the
same content as mXtRecorder, and there's no usage actually
reference to mDevRecorder. Thus mDevRecorder can be removed.
Bug: 241880278
Test: FrameworksNetTests
CtsNetTestCases
Change-Id: Ib0fe823517c81989ee01dc8835ab69a9da818162
NetworkTemplate was moved into mainline module and
provide Builder for external users to build template.
MATCH_MOBILE_WILDCARD and MATCH_WIFI_WILDCARD are not
exposed so currently the usage of these two constants
only in module. This change is to remove the constants.
After removing the constants, two methods matchesWifi
and matchesMobile are changed to adapt the original
matches[Wifi|Mobile]Wildcard behavior.
Bug: 238843364
Test: FrameworksNetTests
Change-Id: I9e156b504ce4eb903b39279e443fad27bc921186
Currently NetworkTemplate provides Builder for users to build a
template and it supports multiple subscriber ids. The mSubscriberId
is a local variable in current design so it can be removed from
NetworkTemplate and also can be removed from the parameter of a
constructor as long as the constructor is not annotated with
@UnsupportedAppUsage.
Bug: 238843364
Test: build, FrameworksNetTests
CtsNetTestCases
Change-Id: Ic6a695e1c1719111bf26ba905a38673952a24736
Currently, mSubscriberIdMatchRule is only used in NetworkTemplate
and it depends on if mMatchSubscriberIds is empty or not. Thus,
remove it since is not really necessary and replace it with
checking matchSubscriberIds if needed.
Bug: 238843364
Test: build, FrameworksNetTests
CtsNetTestCases
Change-Id: Ic66d2ff2826846778b004bb15a4718a62fa1f470
"isStrictMode" is a poor name to set whether the private DNS
probe succeeded.
Test: ConnectivityServiceTest
Change-Id: I5d0d7ebabc5791b4b6cb7c1cce54b515d2e7e9d9
This commit adds methods to support migrating tunnel mode
IpSecTransform to new source/destination addresses.
Bug: 169171001
Test: atest FrameworksNetTests (new tests added)
Change-Id: Ic177015fba5b62d3f73009633118109d3631086f
* changes:
Add HostsideVpnTests for testing setVpnDefaultForUids()
Add CTS for ConnectivityManager#setVpnDefaultForUids()
Create a new API to make a set of UIDs use only VPN by default
Setting the MTU for an interface should not be skipped when the
interface names are different. This occurs when a VPN network creates
a new interface with identical MTU.
Bug: 246398088
Test: atest ConnectivityServiceTest
Test: Manual test: Connect to VPN network and switch networks
Test: Confirm MTU of interface is set correctly with `adb shell ip addr`
Change-Id: I811a01feca2fb2130c57c6c924145314180434c5
Create a new API - setVpnNetworkPreference() for the caller to
set VPN as the preference network.
VPN will be disconnected when its underlying network is gone.
To prevent packets going through an underlying network when the
underlying network is back but VPN is not connected yet, set VPN
as the only preferred network for specific apps.
Bug: 231749077
Test: 1. atest FrameworksNetTests
2. Create a test app to register default network and check if
the VPN is the only default network for the test app.
Change-Id: Iabcd38e2fec2aefedbf78d20e338f222d83a9e7f
MdnsAnnouncer is a implementations of MdnsPacketRepeater, which sends a
packet at various intervals.
It will be used to send initial advertisements when a service is
registered or there is a network change.
Bug: 241738458
Test: atest
Change-Id: If187d023dd48d9b575431759cc6b67460bc0d33b
The previous implementation of writeLabels would not include a
compressed name in the label dictionary, so if a packet had
"something.local", "a.service.local" and "b.service.local",
"service.local" would not be compressed because "a.service.local"
already used compression (for .local).
Fix this and add a test.
Bug: 254166302
Test: atest
Change-Id: I41c557d6debd11acb4c0813735ef7af7323f45d7
Although RFC3845 2.1.1 specifies that NSEC records should not use
compression for the Next DomainName field, RFC6762 18.14 specifies that
compression should also be used for NSEC RDATA. The legacy mDNS
implementation does use compression for that field.
Bug: 241738458
Test: atest
Change-Id: I9cd2b8618b01bb569a7f1d13dc3bfd09a0433300
