Firewall rules don't work on 464xlat because they were created under
an assumption that there's only one address for the server and it's
ipv4, which doesn't go so well when we're on an ipv6-only network.
Bug: 33159037
Test: runtest -x net/java/com/android/server/connectivity/VpnTest.java
Change-Id: Id331526367fe13838874961da194b07bd50d4c97
This cleanup helps declutter ConnectivityService, and encapsulates the
always-on setting inside of Vpn instead of spreading it across two
classes.
In particular having the save code in one file and the load code in
another file was weird and I apologise for that.
Added a SystemServices wrapper for Settings.Secure and PendingIntent
calls to decouple some of the global state nastiness and make it
testable without forcing ConnectivityService to drive the load/save.
Test: runtest -x tests/net/java/com/android/server/ConnectivityServiceTest.java
Test: runtest -x tests/net/java/com/android/server/connectivity/VpnTest.java
Bug: 33159037
Change-Id: Ie2adb1c377adfcef0a5900dc866e6118f451b265
The request network with timeout was originally created with a
check of max timeout against a constant of 100 minutes. However,
the API was not public and did not implement a timeout. Any users
were internal and never got any onUnavailable() callback (since
timeout never triggered).
There is no reason to have a max timeout so the constant is
remove.
Bug: 31399536
Test: unit tests and CTS of ConnectivityManager
Change-Id: Icbedfb4299d75b6a7e3e43720111531f1faafd06
Rename the class and ensure that all code related to bad wifi
avoidance has names that reflect its purpose. This will allow us
to reuse most of the the code for other purposes in future CLs.
Test: runtest frameworks-net passes
Bug: 34630278
Change-Id: Ida190e5a79e7a12f4eec07e1a3e4d9d138e83bcd
This patch removes testNotWaitingForIdleCausesRaceConditions() from
ConnectivityServiceTest because it is in nature flaky and prevents using
ConnectivityServiceTest as a patch presubmit check. Estimated failure
rate is 1/15 on Nexus 6p.
This patch also simplifies how ConnectivityServiceTest waits for
handlers to become idle by removing IdleableHandlerThread and turning it
into a signle static method.
Test: $ runtest frameworks-net
Bug: 31479480
Change-Id: I2d78709cbb61d5d01cd59cff326469417f73f1ab
Symptom : Infinite reboot
Reproduce step :
1. Set the Always-on VPN in M OS
2. OS upgrade from M to N
Reproduce frequency : 100%
Reason of issue :
https://android.googlesource.com/platform/frameworks/base/+/4908ef3
As you know, in M OS, Always-on VPN information is stored in keystore with encryted.
However, in N OS, there is no encryption when it put in keystore.
So, You deleted keystore check(locked/unlock) logic on ConnectivityService.
By this reason, when device upgrade to N OS(set Always-on VPN), it goes infinite boot.
(Cannot read old always-on vpn information untill device unlock.)
Solution :
I founded exception handling when this case as follows:
If getting Credentials.LOCKDOWN_VPN information has null value(catch the exception),
updateLockdownVpn returns false value.
Signed-off-by: SangJin Cha <sj.cha@lge.com>
Change-Id: I6fd980152440bb5248aab45e2f8fda448d3f6c7b
When network setting reset is started while always-on VPN is enabled,
application crash occurs with IllegalStateException in prepareVpn().
Therefore, it's necessary to also disable always-on VPN in factoryReset
before prepareVpn() when turning off VPN.
Bug: 29030858
Change-Id: I08c5406717dd7937d197c2e934a56d037477aafc
This patch improves system logging around captive portal detection to
make inspection of bug reports sligthly easier:
- NetworkMonitor now logs by default CMD_CAPTIVE_PORTAL_RECHECK and
CMD_CAPTIVE_PORTAL_APP_FINISHED. Other system logs are kept off with
a new VDBG boolean contant,
- NetworkNotificationManager now prints the notification id at
notification time. This allows to easily correlate show and clear.
- errors in NetworkNotificationManager are logged as Throwable instead
of through their implicit toString() method.
Test: $ runtest frameworks-net
Bug: 32198726
(cherry picked from commit 6fe7d3cdb3)
Change-Id: I1eaab5ea702063dde3e23324d3a1b3dc172c5ac5
During IpManager startup, anything sending messages to the state machine
must not begin doing so until after the state machine has been started.
Reorder the constructor accordingly.
During shutdown, AvoidBadWifiTracker needs to unregister the registered
BroadcastReceiver and might as well also unregister the ContentObserver.
Test: backport from internal
Bug: 33388922
Change-Id: I58e07f7ccddaab160c153bcfb69fd45f50bb8710
Dependent on ag/1550196 where API is defined.
Bug: 31015360
Bug: 26545374
Test: runtest --path
frameworks/base/core/tests/coretests/src/android/net/NetworkStatsTest.java,
other test classes.
(cherry picked from commit 7581e6d766)
Change-Id: I46da93ba4afa968facf98f7c3d844fd0c469095a
Most tests were failing because due to a null NetworkCapabilities.
Example:
1) testNetworkStatsWifi(com.android.server.net.NetworkStatsServiceTest)
java.lang.NullPointerException: Attempt to invoke virtual method 'boolean android.net.NetworkCapabilities.hasCapability(int)' on a null object reference
at
com.android.server.net.NetworkStatsService.updateIfacesLocked(NetworkStatsService.java:983)
BUG: 30839080
(cherry picked from commit 34634f9339)
Change-Id: Ie09b2f43cf6ec745e404d5ec98bd0b072d211ea3
Nothing in the system consumes these properties, they were never part
of an official public API, and they can leak information about the
current network to applications without networking prvileges.
Specifically, these properites allow applications to access network state
(and detect network changes, etc.) without having the ACCESS_NETWORK_STATE
permission.
Test: runtest ConnectivityServiceTest passes
Bug: 33308258
Change-Id: I85abc52bc11aee33940fd0af2397478a9a5c3b8f
Guarantees that timeouts are only delivered if a network never
becomes available. Once a network is available the timeout is
canceled.
Bug: 31402633
Test: all timeout related unit tests pass (new one added)
(cherry picked from commit 88087226a6)
Change-Id: I7cd3086544c881915fc6dbf14b87a24ab0cd8748
This will give us a good place to put all the networking tests.
Fix: 31479480
Test: adb shell am instrument -w -e notClass com.android.server.connectivity.tethering.TetherInterfaceStateMachineTest 'com.android.frameworks.tests.net/android.support.test.runner.AndroidJUnitRunner' # PASS
(cherry picked from commit 384a9cb1f9)
Change-Id: I993eeaa5dec001c39389023f355f506129b356e7
Removing the static dependency on guava reduces test compile time
by about 20 seconds on a Z840, thus substantially speeding up the
compile/test cycle.
Make FutureIntent public instead of package-private because it is
used directly by NetworkPolicyManagementServiceTest, which as of
this CL is now in a different package.
(cherry picked from commit f59c92bb17)
Test: runtest frameworks-services -c com.android.server.ConnectivityServiceTest # PASS
Test: runtest frameworks-services -c com.android.server.NetworkPolicyManagerServiceTest # PASS
Test: runtest frameworks-services -c com.android.server.net.NetworkStatsServiceTest # PASS
Test: runtest frameworks-services -c com.android.server.NetworkManagementServiceTest # Already failing.
Bug: 31479480
Change-Id: Ifab32c9214e9caab71dbf93b3d3ca88df6f49636
This patch extracts into its own independent test a test sub-block looking
for a race condition when not waiting on handlers to become idle:
there is no way to prevent the race from not happening when looking for
it this way. This makes the test flakky.
This new independent test is tagged with @FlakkyTest(tolerance = 3).
Test: ConnectivityServiceTest passes, with higher probability.
Bug: 31479480
(cherry picked from commit 6d278a5693)
Change-Id: I3c702bd981ed80ed606be0fb52d61eb3d7195a6f
Test: ConnectivityServiceTest updated with test cases.
Test: Manually tested against att-wifi in B42.
Bug: 30222699
(cherry picked from commit 3fd101e574)
Change-Id: I90c0f97fe0e41de4059bceae7b56ab3a70145696
This adds hostname, array of addresses, total count of IP addresses
and uid to the existing pipeline.
Currently ignores the new data it receives, further work will be
done in the subsequent CLs.
Test: for now just the benchmarking, in the future unit and CTS
Bug: 29748723
Change-Id: Ice7db208282934e74f0e1808ffbae96d476c4216
(cherry picked from commit 33fa018898)
Check that we tolerate various dependencies not being available.
Bug: 31946071
Test: These are tests
Change-Id: Ic0a9cd6f255ba9ff4c774dee640df1a0bdf8dc39
Additionally, add this utility class to IpManager for compatibility
verification. A follow-on CL will make use of IpManager's local
AvoidBadWifiTracker.
Bug: 31827713
Change-Id: If8c56c3f8076d6a5157ea180e361bbdadc2bc1dd
(cherry-pick of d73faf07606d40d3915d22a72fa14f7ba956d459)
No longer do this in ConnectivityService#tether/untether.
Instead, have Tethering do it when an interface is actually
tethered.
Bug: 31405407
Test: Toggling hotspot now disables data saver
Change-Id: I9910a2e488c30c92d45f817c8f5df0fac5510de6
This patch defines new Settings symbols for
- setting the probe urls for captive portal detection.
- setting which User-Agent to use for captive portal detection.
The existing default values for these settings are not changed, i.e:
- HTTP and HTTPS probes urls are unchanged.
- the fallback probe is not used.
- User-Agent is empty by default.
Bug: 29367974
Change-Id: I6e4b3b172e56b8b67fffa4b51f776d68d5851f25
This patch adds the possitibility to send a 3rd fallback validation
probe in sendParallelHttpProbes when neither the 1st http probe nor the
https probe came back with a conclusive answer.
This 3rd probe is only used for trying again captive portal detection
and does not return success, so that network validation always fails if
the https probe fails.
In addition, the url reveals a captive portal is now sent to the
CaptivePortalLoginActivity so that all three probes can use different
urls.
Bug: 29367974
Change-Id: I7385fde1aa1316d94aac350af0e956cb193aa4ee
When a network goes into the background, tell netd to set the
network's permission to NETWORK. Also, close all TCP sockets on
that network, to prevent long-lived TCP connections from staying
on it and possibly continuing to use metered data.
Bug: 23113288
Change-Id: Ie89c1940b6739160e25c6e9022b8b977afb3e16e
