Currently, internal handler is set by setHandler after
constructing NSS object. This was introduced in ag/866187 to
access the handler in the unit test.
However, the design put NSS in a bad situation where all classes
that need handler or executor could not be final and need to be
dynamically allocated in order to get a valid handler.
Thus, since the usage of handler is removed in previous patch,
this change eliminate setHandler by initializing the handler in
the constructor.
Test: atest FrameworksNetTests
Bug: 150664039
Change-Id: I794a24d00b0ca9fdc78091e7b9ab7307e0f034b7
Check all routes that are added and removed instead of just some
of them. This is in preparation of an upcoming change that
switches to adding and creating routes by issuing direct calls to
netd.
Also rename the misleading ipv4Default route variable to
ipv4Subnet, which is what it actually is.
Bug: 142892223
Test: test-only change
Change-Id: I7d111382be215a926a7d7d4701bd3c3e94372b99
Currently, to wait for handler becomes idle, specific message
is used and the test would wait for condition variable to be
open when the message is processed.
However, this is already done in the HandlerUtils. Thus,
there is no need to post such message manually in the handler.
Test: atest FrameworksNetTests
Bug: 150664039
Change-Id: Iab32b2dbab01634ca159dcb90fc9f929d1fed1a2
Validate route addition and deletion after linkProperties are
changed.
Test: atest ConnectivityServiceTest#testStackedLinkProperties
Change-Id: I18296b933e856a0f8a4c1dbd75bd35024853bfbb
* changes:
Revert "[NS D05] Rework how to tear down networks"
Revert "[NS D06] Implement more policies"
Revert "[NS D07] Use the unmodified legacy score"
Calling IPC in a constructor is unusual and confusing, and can be
considered bad form. There are multiple reasons for this :
• Users can't obtain an instance of the class without calling the
constructor, but they can't always afford an IPC where they need
this, forcing them to know about the implementation detail and
sometimes design around it.
• On a related but generalized note, constructors should usually
be fast for the same range of reasons.
• Having a separate method to register the agent simply gives more
flexibility to the app.
• It's also a lot easier to test.
But also we can't fix it without an update to the API, so here it is.
Another reason for doing this is consistency with the NetworkProvider
API.
Bug: 138306002
Bug: 139268426
Test: atest FrameworksNetTests FrameworksWifiTests FrameworksTelephonyTests
Change-Id: I1ee5c7b1353d581e487c8a8a159009bebd781643
Merged-In: I1ee5c7b1353d581e487c8a8a159009bebd781643
(clean cherry-pick from internal branch)
Revert submission 10338939
Reason for revert: The feature was punted out of R.
Reverted Changes:
I32c12702c:[NS D04] Implement a simple speed comparison betwe...
I688593cc0:[NS D03] Migrate the bad wifi avoidance policy
Change-Id: I640635a1ed94bed3b53466abe2a988caf0eca2b0
Revert submission 10343065
Reason for revert: This is part of a feature that was punted out of R.
Reverted Changes:
Ic9a3d3363:[NS D05] Rework how to tear down networks
I7d815f873:[NS D06] Implement more policies
I561098476:[NS D07] Use the unmodified legacy score
Change-Id: I8d2696d15999265d79abfc9163e7e5ccad873cfe
Revert submission 10343065
Reason for revert: This is part of a feature that was punted out of R.
Reverted Changes:
Ic9a3d3363:[NS D05] Rework how to tear down networks
I7d815f873:[NS D06] Implement more policies
I561098476:[NS D07] Use the unmodified legacy score
Change-Id: I378449443f99eb0a7f01f31f53398b8f55ce87f1
Revert submission 10343065
Reason for revert: This is part of a feature that was punted out of R.
Reverted Changes:
Ic9a3d3363:[NS D05] Rework how to tear down networks
I7d815f873:[NS D06] Implement more policies
I561098476:[NS D07] Use the unmodified legacy score
Change-Id: I184817e3aa290afdbe6721a7c36332b940434d3a
This change adds permission checking to ensure that the following
conditions are enforced in order for apps to receive the owner UID:
1. The app must be the owner of the network
2. The app must hold the FINE_LOCATION permission/appop
3. The user must have their location toggle enabled.
Bug: 142072839
Test: atest FrameworksNetTests
Change-Id: I7a981a82f1219828ee89c8c96eb9d2efd153377f
Ranking used to make use of the various adjustments in
ConnectivityService. These are now implemented in policy.
Test: ConnectivityServiceTest
Change-Id: I56109847678ea5cda1752511123ba652c0f4fe36
Namely :
• Explicitly selected policy
• VPN policy
• Validated policy
These go together to avoid breaking any test, because multiple
tests rely on all of these working.
Test: ConnectivityServiceTest
Change-Id: I7d815f87320c2becbfc93a60a3c54346ff4f47c9
Networks are torn down if they don't satisfy requests but only if
they are found unable to ever do so. This is important because
general-purpose networks typically turn up unvalidated, which
means they would get torn down immediately in the presence of
some worse network that is already validated.
Note that functionally it's the same as before for the existing
scores, except that
• An exiting network that doesn't satisfy any request is always
torn down immediately – this is WAI
• An unmetered network is never torn down when compared to a
metered network – this is a bugfix (previously the platform
would tear down an unmetered cellular on grounds that it
could not beat the performance of a metered Ethernet, but
that's wrong ; the bug was never realized because Android
always thinks Ethernet is unmetered)
• An unvalidated network will not be torn down if the current
satisfier is also unvalidated, even if the satisfier is much
faster. This is the reason for the change in the test. It's
wrong to tear down in this case because even if much slower
the slower network should win if it validates and the other
doesn't.
Test: ConnectivityServiceTest
Change-Id: Ic9a3d336306a25d1272976ce467aa7c908af7bef
This commit allows the startLegacyVpn() call to start Platform VPN
profiles, allowing Settings to use the IKEv2/IPsec VPN options
When using an aliased private key, the
Ikev2VpnProfile.KEYSTORE_ALIAS_PREFIX must be prepended to the front of
the alias. This will in turn result in the fromVpnProfile() function to
pull the key from the KeyStore, as opposed to the inline-key that the
VpnManager API uses.
Bug: 148991741
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested
Change-Id: Icbca695c353b2e12e99305676404dbf1a4495949
This commit allows Platform VPNs to be started as part of always-on
mode.
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested.
Change-Id: I5eda88e5b406a0e425eb7424665cf702e0979324
Merged-In: I5eda88e5b406a0e425eb7424665cf702e0979324
This commit allows Platform VPNs to be started as part of always-on
mode.
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested.
Change-Id: I5eda88e5b406a0e425eb7424665cf702e0979324
When new CaptivePortalData is received from NetworkMonitor, send a
LinkProperties updated callback.
The updated LinkProperties only contain CaptivePortalData if the
receiver has NETWORK_SETTINGS or MAINLINE_NETWORK_STACK permissions, as
defined in the current callback code.
Test: atest FrameworksNetTests
Bug: 139269711
Change-Id: I68595a519171b31792259849efff5f58c43cacd4
Revert "Use createRandomUnicastAddress from MacAddressUtils"
Revert "Add net-utils-framework-net to telephony-common"
Revert submission 1191997-net-utils-framework-net
Reason for revert: Droidcop-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_qt-qpr1-dev-plus-aosp&target=aosp_taimen-userdebug&lkgb=6208131&lkbb=6208273&fkbb=6208273, bug b/149551544
Reverted Changes:
Ib1c807d64:Use createRandomUnicastAddress from MacAddressUtil...
I9e0f297e0:Add net-utils-framework-net to telephony-common
Ieb8927f9a:Remove framework code that has moved to frameworks...
Change-Id: I2824f781babd9f7e0bb9df524dadf6b8397dcaa1
State override is only handled when state is changed from
CONNECTED to SUSPENDED but not reverse path. Handle both ways
for SUSPENDED state.
Bug: 148678431
Test: FrameworkNetTests
Change-Id: I9333f865d61bbf008fdb8ca162ad17dfdffd1d67
This CL adds checks to ensure restricted users cannot change or
start/stop platform VPNs. In addition, this also adds checks to the
ConnectivityManager#getConnectionOwnerUid() to ensure that only
VpnService based VPNs can identify connections
Bug: 148040659
Test: FrameworksNetTests run
Change-Id: Id47ada5766036bfc84f3ba47f66f2d2683af916d
