From 7dd731a1141a00edca2e4ce7a7261de2f84bafdf Mon Sep 17 00:00:00 2001 From: evitayan Date: Fri, 6 Dec 2019 15:17:33 -0800 Subject: [PATCH 1/2] Child Session API changes in configuring and retrieving internal address This commit: - creates separate methods for requesting IPv4 and IPv6 internal address - removes method to request internal subnet - removes methods to request specific DNS and DHCP server - uses IpPrefix to represent subnet Bug: 145453636 Bug: 145454043 Bug: 145451419 Bug: 145454818 Test: atest FrameworksIkeTests(all passed) Test: make update-api && make Change-Id: Ic3fdccc12e7f2c361637e004e34b27e09d7900a0 --- api/system-current.txt | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/api/system-current.txt b/api/system-current.txt index a41564e37cc31..673553c5b6821 100755 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -4557,7 +4557,7 @@ package android.net.ipsec.ike { method @NonNull public java.util.List getInternalAddresses(); method @NonNull public java.util.List getInternalDhcpServers(); method @NonNull public java.util.List getInternalDnsServers(); - method @NonNull public java.util.List getInternalSubnets(); + method @NonNull public java.util.List getInternalSubnets(); method @NonNull public java.util.List getOutboundTrafficSelectors(); } @@ -4729,12 +4729,10 @@ package android.net.ipsec.ike { ctor public TunnelModeChildSessionParams.Builder(); method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInboundTrafficSelectors(@NonNull android.net.ipsec.ike.IkeTrafficSelector); method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalAddressRequest(int); - method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalAddressRequest(@NonNull java.net.InetAddress, int); + method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalAddressRequest(@NonNull java.net.Inet4Address); + method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalAddressRequest(@NonNull java.net.Inet6Address, int); method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalDhcpServerRequest(int); - method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalDhcpServerRequest(@NonNull java.net.InetAddress); method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalDnsServerRequest(int); - method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalDnsServerRequest(@NonNull java.net.InetAddress); - method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addInternalSubnetRequest(int); method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addOutboundTrafficSelectors(@NonNull android.net.ipsec.ike.IkeTrafficSelector); method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams.Builder addSaProposal(@NonNull android.net.ipsec.ike.ChildSaProposal); method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams build(); @@ -4758,9 +4756,6 @@ package android.net.ipsec.ike { public static interface TunnelModeChildSessionParams.ConfigRequestIpv4Netmask extends android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequest { } - public static interface TunnelModeChildSessionParams.ConfigRequestIpv4Subnet extends android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequest { - } - public static interface TunnelModeChildSessionParams.ConfigRequestIpv6Address extends android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequest { method @Nullable public java.net.Inet6Address getAddress(); method public int getPrefixLength(); @@ -4770,9 +4765,6 @@ package android.net.ipsec.ike { method @Nullable public java.net.Inet6Address getAddress(); } - public static interface TunnelModeChildSessionParams.ConfigRequestIpv6Subnet extends android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequest { - } - } package android.net.ipsec.ike.exceptions { From 1785e0628145162c2bdff2d9de966567326d866e Mon Sep 17 00:00:00 2001 From: evitayan Date: Thu, 12 Dec 2019 13:07:44 -0800 Subject: [PATCH 2/2] IKE Session API changes in setting CA cert and retrieving vendor ID This commit: - makes serverCaCert @Nullable - adds interface to retrieve vendor ID of the remote server Bug: 145276978 Bug: 146168441 Test: atest FrameworksIkeTests(all passed) Test: make update-api && make Change-Id: If55a0a70c99a98287933a6d134413ab1329ff402 --- api/system-current.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/api/system-current.txt b/api/system-current.txt index 673553c5b6821..34aa5674fa95e 100755 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -4626,6 +4626,7 @@ package android.net.ipsec.ike { public final class IkeSessionConfiguration { ctor public IkeSessionConfiguration(); method @NonNull public String getRemoteApplicationVersion(); + method @NonNull public java.util.List getRemoteVendorIDs(); method public boolean isIkeExtensionEnabled(int); field public static final int EXTENSION_TYPE_FRAGMENTATION = 1; // 0x1 field public static final int EXTENSION_TYPE_MOBIKE = 2; // 0x2 @@ -4645,9 +4646,9 @@ package android.net.ipsec.ike { ctor public IkeSessionParams.Builder(); method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder addSaProposal(@NonNull android.net.ipsec.ike.IkeSaProposal); method @NonNull public android.net.ipsec.ike.IkeSessionParams build(); - method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setAuthDigitalSignature(@NonNull java.security.cert.X509Certificate, @NonNull java.security.cert.X509Certificate, @NonNull java.security.PrivateKey); - method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setAuthDigitalSignature(@NonNull java.security.cert.X509Certificate, @NonNull java.security.cert.X509Certificate, @NonNull java.util.List, @NonNull java.security.PrivateKey); - method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setAuthEap(@NonNull java.security.cert.X509Certificate, @NonNull android.net.eap.EapSessionConfig); + method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setAuthDigitalSignature(@Nullable java.security.cert.X509Certificate, @NonNull java.security.cert.X509Certificate, @NonNull java.security.PrivateKey); + method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setAuthDigitalSignature(@Nullable java.security.cert.X509Certificate, @NonNull java.security.cert.X509Certificate, @NonNull java.util.List, @NonNull java.security.PrivateKey); + method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setAuthEap(@Nullable java.security.cert.X509Certificate, @NonNull android.net.eap.EapSessionConfig); method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setAuthPsk(@NonNull byte[]); method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setLocalIdentification(@NonNull android.net.ipsec.ike.IkeIdentification); method @NonNull public android.net.ipsec.ike.IkeSessionParams.Builder setRemoteIdentification(@NonNull android.net.ipsec.ike.IkeIdentification); @@ -4665,7 +4666,7 @@ package android.net.ipsec.ike { } public static class IkeSessionParams.IkeAuthDigitalSignRemoteConfig extends android.net.ipsec.ike.IkeSessionParams.IkeAuthConfig { - method @NonNull public java.security.cert.X509Certificate getRemoteCaCert(); + method @Nullable public java.security.cert.X509Certificate getRemoteCaCert(); } public static class IkeSessionParams.IkeAuthEapConfig extends android.net.ipsec.ike.IkeSessionParams.IkeAuthConfig {