In future, managing DNS-over-TLS hostname lookup and netd programming
can be encapsulated here.
Test: as follows
- built
- flashed
- booted
- runtest frameworks-net passes
Bug: 64133961
Change-Id: I47ccfa99c30c780524c45c4af605e720ccba34a0
NetworkInterface throws Exceptions every time you look at it askance.
Try to make something we instantiate fully, once, and pass it around.
Partial MacAddress-ification as well, for good measure.
Test: as follows
- built
- flashed
- booted
- runtest frameworks-net passes
- basic IPv6 tethering works
Bug: 32163131
Bug: 62476366
Change-Id: I16c145fddb4e76387370338d792a438eed886d7f
Adds checks to ensure that users can only set the correct types of
algorithms for the Authentication, Encryption and Authenticated
Encryption algorithms.
Bug: 65223935
Test: Added tests in IpSecConfigTest, and passed on aosp_marlin-eng
Change-Id: I462c77d9eb5710b8d03a48866453649d3b6fc6bf
1) toSafeString() is renamed to toOuiString()
2) toOuiString() returns a String that only contains the first 3 bytes
of the mac address.
Bug: 70336442
Test: runtest frameworks-net
Change-Id: I798d8fec32dbff5687a682028e5d90eb941f81c1
Merged-In: I798d8fec32dbff5687a682028e5d90eb941f81c1
(cherry pick from commit a0ecf38d30)
Encap sockets are currently created as the system server, and should be
fchown'd to the user for whom it was created on behalf of.
Bug: 62994731
Test: New tests added and run to IpSecService
Change-Id: Icc49e709ae588981e69765fdb77537d7ffbac5fe
Added calls to tag encap sockets to that of the UID for which the encap
socket is being created on behalf of. This ensures that all data
accounting generated for the UDP-encap-ESP socket is correctly billed to
the right UID.
Bug: 62994731
Test: New tests added to IpSecServiceTest.java, passing
Change-Id: I15365ea9c982fd7b4e3cdeff314ddfba2289c86e
1) toSafeString() is renamed to toOuiString()
2) toOuiString() returns a String that only contains the first 3 bytes
of the mac address.
Bug: 70336442
Test: runtest frameworks-net
Change-Id: I798d8fec32dbff5687a682028e5d90eb941f81c1
This reverts commit 94209ab768.
Reason for revert: should not have auto-submitted prior to more extensive wifi team testing.
Change-Id: Ie81b10473caf34971226948038bc20dc4fa6a1ae
A race condition during an Api rename has caused
the name change from reserveSecurityParameterIndex
to allocateSecurityParameterIndex to be wrong in
a test. Fixing.
Bug: 69128142
Test: runtest frameworks-net
Change-Id: I12fb9832cb938dc19f463b1f1124127435d7b173
A race condition during an Api rename has caused
the name change from reserveSecurityParameterIndex
to allocateSecurityParameterIndex to be wrong in
a test. Fixing.
Bug: 69128142
Test: runtest frameworks-net
Change-Id: I12fb9832cb938dc19f463b1f1124127435d7b173
This is part 2 of 2 of the refcounting refactor for IpSecService
resources.
Switched ManagedResources to use RefcountedResource structure for
managing reference counts and eventual cleanup. Further, resource arrays
and quota management have been aggregated into a UserRecord for better
isolation. UID access checking has been similarly moved into the
UserRecordTracker, and resourceId checking has been rolled into
RefcountedResourceArray's accessor methods.
Bug: 63409385
Test: CTS, all unit tests run on aosp_marlin-eng, new tests added
Change-Id: Iee52dd1c9d2583bb6bfaf65be87569e9d50a5b63
This patch adds (but does not enable the usage of) RefcountedResource
objects to IpSecService, with tests to ensure correct function. This is
patch 1 of a series of patches to refactor the resource management
systems in IpSecService.
RefcountedResource objects allow for management of acyclical dependency
trees, ensuring eventual cleanup when resources are no longer used. This
cleanup may be triggered by binder death or by explicit user action.
Bug: 63409385
Test: New tests written in IpSecServiceRefcountedResourceTest,
explicitly testing the RefcountedResource class
Change-Id: Ib5be7482b2ef5f1c8dec9be68f15e90d8b3aba6d
Additionally, no longer try to transition from within a State's
enter() method (this can encounter Log.wtf()s). Introduce some
CMD_JUMP_* commands and use deferMessage().
Test: as follows
- built
- flashed
- booted
- runtest frameworks-net passes (except for IpConnectivityMetricsTest failures)
- manual changing from DHCP to static configurations works:
2017-12-11T19:06:19.082 - INVOKE onLinkPropertiesChange({{InterfaceName: wlan0 LinkAddresses: [] Routes: [] DnsAddresses: [] Domains: null MTU: 0}})
Bug: 69800563
Bug: 70394432
Change-Id: Ice249a48b66806c0270ec3f11dd2e8e387d4e29b
Throughout the IPsec code (API, system server, netd) we use "reserve"
SPI and "allocate" SPI interchangeably. This renames to use "allocate"
everywhere for self-consistency and consistency with the kernel
(ALLOCSPI).
In javadoc, I am leaving the word "reserve" in several places because it
is still an accurate description of how the method behaves.
Bug: 69128142
Test: TreeHugger should be enough
Change-Id: I8ea603b4612303b0393beef04032671fa53d2106
IpReachabilityMonitor (and IpNeighborMonitor) are only accessed from
the IpManager StateMachine's thread. Consequently lots of locking can
now be removed.
Additionally:
- rename BlockingSocketReader to PacketReader
- incorporate IpReachabilityMonitor output in dump()
Test: as follows
- runtest frameworks-net passes
- "adb shell ip neigh change <address> dev wlan0 nud failed"
triggers wifi to disconnect
Bug: 62476366
Bug: 67013397
Change-Id: I18aca29ae0019a72a7e559c2832e0d9b0e33d81e
