Remove IPv6 related codes since we don't support IPv6 NAT-T keepalive
as the kernel doesn't support IPv6 UDP encapsulation.
Renaming keepaliveAck to keepaliveResponce since NAT-T keeaplive
response is not an ack. Also, add generateV4NattKeepaliveFilters()
if multicast filter is disabled.
Verify incoming packet contains 1 byte payload but it is not 0xff will
pass NAT-T keepalive filter.
Bug: 33530442
Test: atest FrameworksNetTests
atest NetworkStackTests
Change-Id: I6d3eb9e6271a0f51dec4a55d68a69b4280175d86
Merged-In: I6d3eb9e6271a0f51dec4a55d68a69b4280175d86
Merged-In: If01bc6a71cf26e13edc049d969d23088fa8242e4
(cherry picked from commit 4ee521b022)
Add PlatformCaptivePortalLogin and PlatformNetworkPermissionConfig build
targets to override CaptivePortalLogin and NetworkPermissionConfig with
platform-key-signed packages easily. The added packages are unused by
default but can simplify setup for OEMs that use InProcessNetworkStack.
Bug: 132635211
Test: Added the new packages to sailfish build, built image: device has
the proper packages signed with the right keys, networking and
captive portal working fine.
Change-Id: I09656deb6ba928f56b478adebb60268fa6f484b0
This avoids shipping both APKs on Go devices, as would be previously
done with the default Go configuration that still included NetworkStack.
Test: Flashed, booted walleye with svelte config. Verified that
NetworkStack is not on the device and InProcessNetworkStack is
used. WiFi working.
Bug: 132666298
Change-Id: If4a7a003128a555e512c88469653c3fb2ad864d5
So that the /system version of NetworkStack.apk can be re-installed on
/data without causing problems. This is useful for testing and necessary
for supporting rollback to the system version of NetworkStack.apk.
Bug: 131703417
Bug: 132195177
Test: Confirm NetworkStack.apk now includes .so files.
Test: adb install --staged NetworkStack.apk
adb reboot
Device reboots without problems.
Change-Id: I7c9a1702a2c18e0333b5e409f04b7658fe685f97
Remove definition of TYPE_NATT and TYPE_TCP since the type
can be identified by checking message.obj is an instance of
NattKeepalivePacketData or TcpKeepalivePacketData.
It's more simple and won't have dependency on KeepaliveInfo.
Bug: 33530442
Test: atest FrameworksNetTests
atest NetworkStackTests
(Clean cherry-pick of aosp/955419)
Change-Id: Ic97ffe9ff5781778efd264460809f5059f0f4230
Merged-In: Ic97ffe9ff5781778efd264460809f5059f0f4230
Currently, it looks like private DNS server resolution uses
OneAddressPerFamilyNetwork and only returns one server address.
It should return all addresses. Use async dns api for this.
Bug: 123435238
Test: atest NetworkStacktests
Change-Id: I2b7e184d9b9800a83b55dceb73af69085668748c
(cherry picked from commit 40c5295cee)
Merged-In: I2b7e184d9b9800a83b55dceb73af69085668748c
Merged-In: I9f50da3c8c2e3b12b29bc8844291e4bf1559cd1f
Currently, strict mode private DNS does not work on VPNs because
NetworkMonitor does not validate VPNs. When a VPN connects, it
immediately transitions to ValidatedState, skipping private DNS
hostname resolution.
This change makes NetworkMonitor perform private DNS hostname
resolution and evaluation even on VPNs.
In order to ensure that the system always immediately switches to
the VPN as soon as it connects, remove the unvalidated penalty
for VPN networks. This ensures that the VPN score is always 101
and the VPN always outscores other networks as soon as it
connects. Previously, it would only outscore other networks
when no-op validation completed.
Bug: 122652057
Test: atest FrameworksNetTests NetworkStackTests
Test: manually ran a VPN with private DNS in strict mode
atest android.net.cts.ConnectivityManagerTest com.android.cts.net.HostsideVpnTests
Change-Id: Iaa78a7edcf23755c89d7b354edbc28d37d74d891
Merged-In: Iaa78a7edcf23755c89d7b354edbc28d37d74d891
(cherry picked from commit 414b8c8b1c)
"mNonPrivateDnsBypassNetwork" is not very easy to understand.
Bug: 122652057
Test: atest FrameworksNetTests NetworkStackTests
Change-Id: If5801c81c6ef222b46f631bd6570dcd0fea465bd
Merged-In: If5801c81c6ef222b46f631bd6570dcd0fea465bd
(cherry picked from commit 669dc6cea7)
Test successful and failed validation, and updating the config.
In order to do this, add a FakeDns class so we can change DNS
responses dynamically while the test is running.
Also a couple of minor fixes:
1. Make sure the DNS timeout is set. Before this CL, it was
always 0. Not sure why. It does seem to be set to the default
value (12500) when actually running on device. We didn't
catch this because the only tests that use the timeout set it
explicitly.
2. Make runNetworkTest a bit more realistic: always send
NetworkCapabilities *before* calling notifyNetworkConnected.
This is what ConnectivityService does.
Bug: 122652057
Test: atest FrameworksNetTests NetworkStackTests
Test: atest --generate-new-metrics 50 NetworkStackTests:com.android.server.connectivity.NetworkMonitorTest
Change-Id: Ifd6694262501874f3261c864a049cb35c6afb9c8
Merged-In: Ifd6694262501874f3261c864a049cb35c6afb9c8
(cherry picked from commit 89909befd2)
The Java code was already using sdk_version: "current", but the
JNI library did not have an sdk_version attribute, and had
forbidden dependencies on internal libraries such as libcutils,
liblog and libnativehelper.
This CL fixes things as follows:
- Use the NDK log functions, and switch to the NDK liblog.
- Switch to the NDK libnativehelper.
- Drop the dependencies on libcutils and libpcap, which were
unused.
- Use the libc++ STL, and set the sdk_version of the library to
current.
Bug: 131703417
Test: m
Test: installed NetworkStack APK via "adb install --staged" results in working networking
Test: builds, boots, wifi works
Test: atest FrameworksNetTests NetworkStackTests
Change-Id: I1a7bd7fe2809b90a66073d8c5d5dcdff646c4286
Support adding NATT keepalive packet filter to APF
filter.
Generating APF program will be addressed in another CL.
Bug: 33530442
Test: - atest NetworkStackTests
- atest FrameworksNetTests
Change-Id: I403cd14ac9aa6b001c4e580abbb33a615931a192
Merged-In: Idaa7238a5c9acdae9f6cff13095ee9436c7c92c8
(cherry picked from commit 038c11d564)
This reverts commit 796afddd6c.
Reason for revert: breaks updatability because persistent processes are not updatable.
Bug: 131046856
Change-Id: I35ded113b31e742f13ad8523a10af3a83a111374
Merged-In: I35ded113b31e742f13ad8523a10af3a83a111374
(cherry picked from commit b2a5d85522)
Use the Generated code suppression comment filter instead of the
IndentationCheck suppression comment filter because the latter
complains that '+' should be on a new line.
Bug: 120584519
Bug: 127423755
Test: atest NetworkStackTests
Test: atest FrameworksNetTests
Change-Id: I35b8c943b95a4301c25b7f6cfb02f03a8c1bc34e
Merged-In: I60071bc029d25485bf204cfd3a8cebd538ca12b6
(cherry picked from commit 65f6ae271b)
- Add the hostname to DhcpResultsParcelable.
- Don't store the server hostname if option overload is in use,
as this is not valid.
- Add unit tests.
Bug: 120584519
Bug: 127423755
Test: atest NetworkStackTests
Test: atest FrameworksNetTests
Change-Id: I5e9fee5471740f5d7c001e9e98017f32be452344
Merged-In: I60071bc029d25485bf204cfd3a8cebd538ca12b6
(cherry picked from commit 681f33cc6a)
Some hotspot devices will fill in the server host name field of the DHCP
package, such as iphone. Parsing the server host name of the DHCP
package can help identify ios hotspots.
Bug: 120584519
Test: 127423755
Test: builds, boots, wifi works
Change-Id: I8c5a7dc8ab117f062f9401f58832edada321436b
Merged-In: I60071bc029d25485bf204cfd3a8cebd538ca12b6
(cherry picked from commit 43f1bc9d53)
The Beta 3 builds (which are in dogfood an public beta) will receive modules via the Play Store with version numbers 210000000. Hence, we must bump the version in qt-dev and hence beta 4.
BUG: 131240537
Change-Id: I4f09986002f660896dbc1f8a0482c16b4a554d1e
The network stack should never be killed, because if it does,
recovering networking requires a reboot. Make the process
persistent to reduce the chances of it being killed by the OOM
killer.
Bug: 131046856
Test: builds, boots
Test: process oom_score_adj is -800
Test: process goes from "Persistent Service" to "Persistent" in dumpsys meminfo
Change-Id: Ic8ebf6356e23489f6cd984d680ff9f1b4cbbe52d
Merged-In: Ic8ebf6356e23489f6cd984d680ff9f1b4cbbe52d
(cherry picked from commit c1eedfcd12)
This freezes the interface as of the latest beta build, not the tip of
tree. IIpClient#setL2KeyAndGroupHint is not in the frozen definition in
particular.
Generated with:
m networkstack-aidl-interfaces-freeze-api \
ipmemorystore-aidl-interfaces-freeze-api
Test: flashed, booted, WiFi and captive portal working
Bug: 128803828
Change-Id: Ideabe73fc93bbefca2d624ee9ca190cf31419424
Merged-In: Ideabe73fc93bbefca2d624ee9ca190cf31419424
(cherry picked from commit 9b89cdaaf4)
The definitions reference of these constants are moved from
Settings to DeviceConfig. These definitions are @hide and the
usage in the Settings are removed. Thus, remove the definitions
from API level.
Bug: 123167629
Test: make system-api-stubs-docs-update-current-api \
test-api-stubs-docs-update-current-api
Test: atest NetworkStackTests
Change-Id: I28c4bf2c0b72e154cea91d11007a9497c7f21570
From mainline perspective, we should use android flag api
instead of using Settings. Thus, move the definitions into
NetworkStack and apply new flag design.
Bug: 123167629
Test: atest NetworkStackTests
Change-Id: I9602263f0bff5d8e942bd652de69ccfcb3034a2f
Merged-In: I6820300c412f94989a5fce7bd6c6f2a3b983b96e
Merged-In: I4f6d130ffbee14f5087d75a8bc211680a34be682
(cherry picked from commit 01440ea909)
The default HTTPS and fallback validation URLs are not accessible from
China, so users in China never get a validated network on WiFi with the
default AOSP settings. OEMs selling devices targeting China typically
change the check URLs for that reason.
When the device uses a Chinese SIM card, change the default validation
URLs to URLs accessible accessible from China as of now.
Test: inserted China SIM, WiFi off/on, dumpsys network_stack shows new
URL used
Bug: 111819230
Change-Id: Ib7f41f470ef1a9c7712f2477ebfab44e915cf1b9
Merged-In: Ib7f41f470ef1a9c7712f2477ebfab44e915cf1b9
(cherry picked from commit 990ea84d2d)
As per API council feedback, these constants should live in
a place that is private to the network stack, only with a
range defined in system API.
Bug: 129433383
Test: m
Change-Id: I84a90f84a9af6fef4667ee4d512ebd0413222086
(cherry picked from commit 79a6330650ca04bd7a08afbd63f8016a3b30bc72)
This freezes the interface as of the latest beta build, although it has
not changed since then.
This change adds the necessary implementations for getInterfaceVersion.
Test: flashed, WiFi working
Bug: 128803828
Merged-In: Ib852b0555f0e20b858f9dd0b16dbd98dbbd22b55
Merged-In: I0c231bdce89474b53603cc15d55787c8c78a809d
(cherry picked from commit fd4eafe8f6)
Change-Id: Idc0e7ea98dbf57e07ee578bc1772c2111af2e563
Now that the new metrics API can be used, NetworkStack
metrics need to migrate off the legacy StatsLog.write.
Bug: 130323000
Test: Test with ./out/host/linux-x86/bin/statsd_testdrive 121
to ensure log properly
Test: Ensure NetworkStackStatsLog will be generated as expected
Test: atest NetworkStackTest
Change-Id: I8c70503cf1d9f1d06f30a1936d2d88857d0cff53
- Ensure that NetworkMonitor quits when notifyNetworkDisconnected
is called.
- Ensure that BroadcastReceivers are registered when a captive
portal is detected and unregistered when the network validates
or when NetworkMonitor quits.
Bug: 122164725
Test: atest FrameworksNetTests NetworkStackTests
Test: atest --generate-new-metrics 10 NetworkStackTests:com.android.server.connectivity.NetworkMonitorTest
Test: test fails if "Don't leak captive portal broadcast receivers." change reverted
Change-Id: I1202626face33cc1e1ec02016b95da487b3335c8
Merged-In: I1202626face33cc1e1ec02016b95da487b3335c8
(cherry picked from commit bb41c8f751)
This allows OEMs to customize the added resources with an overlay APK
installed in the product, system or vendor partition.
Bug: 111819230
Test: Installed test APK, verified resources changed. Resources not
mentioned in overlayable file were not changed.
Change-Id: I24670005ea940d2ac29b8a0ff93e1559604fd3a8
