This commit adds support for validating and filtering IPsec algorithms.
Without a public API exposing IKEv2 algorithms (and their respective
public APIs), the allowedAlgorithms can only filter the proposals for
IPsec (Child) SA algorithms.
Additionally, this removes the HMAC_SHA1 from the IKE SA's integrity
algorithm proposals due to insecurity
Bug: 153701879
Test: FrameworksNetTests passing, new tests added
Change-Id: I7e61a1612692db275b751330af5bacbf86836a8c
Commit has to on top of aosp/1281921 to skip whole test in Q
device since CaptivePortalData class is introduced in R.
Result in Q will be:
[1/1] android.net.CaptivePortalDataTest#skippedClassForDevSdkMismatch: IGNORED
Bug: 152280218
Bug: 150640683
Test: atest CtsNetTestCasesLatestSdk:CaptivePortalDataTest on
both Q and R device
Change-Id: Iddd00e1c85abe767b1a41a1761d3266ba322dba6
In current design, entries with zeros are preserved after
addition/subtraction. These entries are not very useful
and lead to difficulty of verifying the result of
addition/subtraction.
However, change the behavior in the original NetworkStats
is considered risky in current stage.
Thus, this change provide a function that could remove these
empty entries in tests.
Test: atest FrameworksNetTests
Bug: 152827872
Bug: 150644692
Change-Id: I40a76935d55712b8083ee1e17e137a8a4ef5e029
- InvalidPacketException, public field should be a method so
add getter to get error code.
- KeepalivePacketData, public fields should be methods so
add getter for fields.
Bug: 151322799
Test: atest FrameworksNetTests
atest FrameworksWifiTests
atest FrameworksTelephonyTests: some failure in CarrierAppUtilsTest
Copy from ag/10731108
Change-Id: Id01e6135193716cc21bba11da529bf1507a954f7
Merged-In: Id01e6135193716cc21bba11da529bf1507a954f7
API Council feedback suggests renaming ConnectivityDiagnosticsCallback
'onConnectivityReport' function to be 'onConnectivityReportAvailable'.
Bug: 150598997
Test: atest FrameworksNetTests
Change-Id: Ieea727ecee6cf358a53a215fd4b06233dfe967ea
Merged-In: Ieea727ecee6cf358a53a215fd4b06233dfe967ea
Currently, in NetworkStats, there are many methods to manipulate
the records. However, some methods are similar and ambiguous,
such as addEntry, addValues, setValues, addIfaceValues,
combineValues and combineAllValues.
Thus, properly grouping and renaming methods are necessary.
In this change, for methods that add one record unconditionally,
name them insertEntry.
setIfaceValues -> insertEntry
addEntry -> insertEntry
Test: atest FrameworksNetTests ImsPhoneCallTrackerTest TetheringTests
Test: m doc-comment-check-docs
Bug: 148895143
Change-Id: I801ddc49e283a254b9586700c9b597c0adb0d459
Use the new ModuleNetworkStackClient to retrieve instances IpMemoryStore
& IpClient.
Bug: 145825329
Test: Compiles
Change-Id: I065525fdbd64b9509ef0f47bb35954d267c65fd2
Merged-In: I065525fdbd64b9509ef0f47bb35954d267c65fd2
Add srcs to framework and change import path.
Remove the codes which are moved to frameworks/libs/net.
Bug: 139268426
Bug: 135998869
Bug: 138306002
Bug: 143925787
Test: atest FrameworksNetTests
atest FrameworksTelephonyTests
./frameworks/opt/net/wifi/tests/wifitests/runtests.sh
Change-Id: Ia5692aade490fbc8a037186fcdfc453e0dd8045b
Merged-In: Ibf2f370c97a602f186e37ea9ffbe177dd2ee0f1c
Add the requestorUid & requestorPackageName fields to
NetworkCapabilities. This is populated by CS when
a new network request is received.
These 2 requestor fields are also optionally used for network
matching. All of the regular app initiated requests will have the
requestor uid and package name set by connectivity service. Network
agents can optionally set the requestorUid and requestorPackageName
to restrict the network created only to the app that requested the network.
This will help removing the necessity for the various specifiers to embed
the uid & package name info in the specifier for network matching.
Note: NetworkSpecifier.assertValidFromUid() is deprecated & removed in
favor of setting the uid/package name on the agent to restrict the
network to a certain app (useful for wifi peer to peer API & wifi aware).
Bug: 144102365
Test: Verified that wifi network request related CTS verifier tests
pass.
Test: Device boots up and connects to wifi networks
Merged-In: I207c446108afdac7ee2c25e6bbcbc37c4e3f6529
Change-Id: I58775e82aa7725aac5aa27ca9d2b5ee8f0be4242
This commit allows the startLegacyVpn() call to start Platform VPN
profiles, allowing Settings to use the IKEv2/IPsec VPN options
When using an aliased private key, the
Ikev2VpnProfile.KEYSTORE_ALIAS_PREFIX must be prepended to the front of
the alias. This will in turn result in the fromVpnProfile() function to
pull the key from the KeyStore, as opposed to the inline-key that the
VpnManager API uses.
Bug: 148991741
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested
Change-Id: Icbca695c353b2e12e99305676404dbf1a4495949
Revert "Use createRandomUnicastAddress from MacAddressUtils"
Revert "Add net-utils-framework-net to telephony-common"
Revert submission 1191997-net-utils-framework-net
Reason for revert: Droidcop-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_qt-qpr1-dev-plus-aosp&target=aosp_taimen-userdebug&lkgb=6208131&lkbb=6208273&fkbb=6208273, bug b/149551544
Reverted Changes:
Ib1c807d64:Use createRandomUnicastAddress from MacAddressUtil...
I9e0f297e0:Add net-utils-framework-net to telephony-common
Ieb8927f9a:Remove framework code that has moved to frameworks...
Change-Id: I2824f781babd9f7e0bb9df524dadf6b8397dcaa1
Add the requestorUid & requestorPackageName fields to
NetworkCapabilities. This is populated by CS when
a new network request is received.
These 2 requestor fields are also optionally used for network
matching. All of the regular app initiated requests will have the
requestor uid and package name set by connectivity service. Network
agents can optionally set the requestorUid and requestorPackageName
to restrict the network created only to the app that requested the network.
This will help removing the necessity for the various specifiers to embed
the uid & package name info in the specifier for network matching.
Note: NetworkSpecifier.assertValidFromUid() is deprecated & removed in
favor of setting the uid/package name on the agent to restrict the
network to a certain app (useful for wifi peer to peer API & wifi aware).
Bug: 144102365
Test: Verified that wifi network request related CTS verifier tests
pass.
Test: Device boots up and connects to wifi networks
Merged-In: I207c446108afdac7ee2c25e6bbcbc37c4e3f6529
Change-Id: I58775e82aa7725aac5aa27ca9d2b5ee8f0be4242
Add the requestorUid & requestorPackageName fields to
NetworkCapabilities. This is populated by CS when
a new network request is received.
These 2 requestor fields are also optionally used for network
matching. All of the regular app initiated requests will have the
requestor uid and package name set by connectivity service. Network
agents can optionally set the requestorUid and requestorPackageName
to restrict the network created only to the app that requested the network.
This will help removing the necessity for the various specifiers to embed
the uid & package name info in the specifier for network matching.
Note: NetworkSpecifier.assertValidFromUid() is deprecated & removed in
favor of setting the uid/package name on the agent to restrict the
network to a certain app (useful for wifi peer to peer API & wifi aware).
Bug: 144102365
Test: Verified that wifi network request related CTS verifier tests
pass.
Test: Device boots up and connects to wifi networks
Change-Id: I207c446108afdac7ee2c25e6bbcbc37c4e3f6529
Merged-In: I207c446108afdac7ee2c25e6bbcbc37c4e3f6529
DataStallReport is updated to include the NetworkCapabilities and Link
Properties for the Network being reported on. This provides a more
complete picture of the Network conditions when the suspected data stall
was detected.
Bug: 148966398
Test: atest FrameworksNetTests
Change-Id: I913cf18c348b9f688f9d2a3d25a71bc94eb8f000
INetworkMonitorCallbacks defines notifyNetworkTestedWithExtras() for
notifying ConnectivityService of networks being tested along with a
PersistableBundle of extras. A new event is introduced for
NetworkStateTrackerHandler to notify the ConnectivityDiagnosticsHandler
before continuing with the normal processing for "network tested"
notifications. The event is also used in the
ConnectivityDiagnosticsHandler.
Bug: 143187964
Bug: 147391402
Test: compiles.
Test: atest CtsNetTestCases FrameworksNetTests
Change-Id: Iab29da790c0f5faae68227770bc3a84bbc94f124
Merged-In: Iab29da790c0f5faae68227770bc3a84bbc94f124
This change adds a new VPN user consent flow (using the same text) for
granting the lesser OP_ACTIVATE_PLATFORM_VPN. A new
PlatformVpnConfirmDialog is created as a subclass to preserve all logic,
but ensure the right appop is granted for the relevant dialog.
Intent extras were considered, but are inherently unsafe, since the
caller may add any extras that they would want.
Bug: 144246835
Test: FrameworksNetTests passing
Change-Id: Ia6f36207d43c3748f938430c2780dcf29e5623f3
Merged-In: Ia6f36207d43c3748f938430c2780dcf29e5623f3
Add srcs to framework and change import path.
Remove the codes which are moved to frameworks/libs/net.
Bug: 139268426
Bug: 135998869
Bug: 138306002
Bug: 143925787
Test: atest FrameworksNetTests
atest FrameworksTelephonyTests
./frameworks/opt/net/wifi/tests/wifitests/runtests.sh
Change-Id: Ieb8927f9af7f87a5ae038bd6c7daeb3d70117fef
Merged-In: Ieb8927f9af7f87a5ae038bd6c7daeb3d70117fef
ConnectivityDiagnosticsManager will send callbacks to
ConnectivityService for registering and unregistering them with the
system. ConnectivityService needs to do the processing for persisting
(and deleting) these callbacks on the ConnectivityService Thread, so
messages are sent to the Connectivity Diagnostics Handler, which runs
on the ConnectivityService Thread.
Bug: 146444622
Bug: 143187964
Bug: 147848028
Test: compiles
Test: atest FrameworksNetTests
Change-Id: Ia5c8f90a60c050504e8676de9564a7607a9b03bc
This commit adds the relevant calls to ConnectivityService for the
VpnManager API to be functional
Bug: 144246837
Test: VpnManagerTest updated, FrameworksNetTests passing
Change-Id: I446a8595e3583a842a7f89c4f8d74526a85e311c
An IBinder implementation of the ConnectivityDiagnosticsCallback AIDL is
needed so that apps can receive notfications with their registered
callbacks for callbacks coming from ConnectivityService.
Bug: 143187964
Bug: 147848028
Test: compiles
Test: atest FrameworksNetTests
Change-Id: Ie62678f794d81e1edee68977ec684a911b5070b7
This change adds the VpnManager, which will be used by apps to install
profiles for all platform VPN types (currently only IKEv2).
Bug: 143325939
Test: Compiles, FrameworksNetTests passing.
Change-Id: I57f854d0a5b18358f3541c24ca0cd8aed03fd7a1
This change adds configuration classes for Platform VPNs, with the
extensibility for further platform VPNs to be added in future.
Profile validity is checked upon construction, and upon changing
conversion from VpnProfile instances. Internal storage and method calls
all use VpnProfiles to allow for reuse of existing infrastructure.
However, when Platform VPN implementations are started, the internal
VpnProfile will be converted back into the respective
PlatformVpnProfile for validity checking.
Bug: 143325939
Test: Compiles, FrameworksNetTests passing.
Change-Id: I3c375fb08c132fc062e893c375f5c36460122162
CaptivePortalData will be used to hold data advertised by the network
following RFC7710bis.
To fetch the CaptivePortalData, the API URL is added to LinkProperties,
to be provided by the NetworkAgent.
Because CaptivePortalData can be used to guess user location (especially
from the URLs provided by the portal), it is only exposed to
applications that have privileged permissions.
Test: atest FrameworksNetTests
Bug: 139269711
Change-Id: I341175b5fece8ee00e19898af5e8eabe66cefbf3
DataStallReport is defined inside ConnectivityDiagnosticsManager. In
order for DataStallReport to be used in aidls, it must implement the
Parcelable interface.
Bug: 143187964
Test: compiles
Test: atest FrameworksNetTests
Change-Id: Idbb4885e2f67fb3f85d406a622ae45d34492dca4
ConnectivityReport is defined inside ConnectivityDiagnosticsManager. In
order for ConnectivityReport to be used in aidl interfaces, it must
implement the Parcelable interface.
Bug: 143187964
Test: compiles
Test: atest FrameworksNetTests
Change-Id: I8e862c78bd84b5da14203f61ce44beb1ca4a623d
StringNetworkSpecifier is widely used to specify subscription id for
the NetworkRequest. The raw string field introduce ambiguity and leave
large space for bugs. With TelephonyNetworkSpecifer, we are able to
settle down the type and value of the fields (although currently only
one) and introduce validation to detect the bug in the beginning.
Bug: 145993724
Test: atest FrameworksNetTests FrameworksTelephonyTests &
make offline-sdk-docs
Change-Id: Iefbad9b1deb3de2c0b262d9ce5ae0704a50d08a6
In order to let external module report their network stats,
expose necessary APIs to construct NetworkStats object.
Test: atest FrameworksNetTests CtsUsageStatsTestCases
Test: m doc-comment-check-docs
Bug: 130855321
Change-Id: Id3ec8aaff3df67948c25eac2319a74cf33a27979
Add KeepalivePacketData to system API for mainline support.
Also, remove InvalidPacketException class from SocketKeepalive
and create a new InvalidPacketException class in android.net
Bug: 139268426
Bug: 135998869
Bug: 138306002
Test: atest FrameworksNetTests
atest NetworkStackTests
atest FrameworksTelephonyTests
./frameworks/opt/net/wifi/tests/wifitests/runtests.sh
atest android.net.cts
atest android.net.wifi.cts
atest android.telephony.cts
Change-Id: I2d982e8abb5cb6b4c74a20483550b18cf814320d
Merged-In: I2d982e8abb5cb6b4c74a20483550b18cf814320d
