We currently test CONNECTIVITY_ACTION broadcasts by directly
registering BroadcastReceivers with BroadcastInterceptingContext,
and making the receivers unregister themselves when all the
broadcasts they expect have been received.
This works for current test cases, but does not work if anything
registers another receiver for CONNECTIVITY_ACTION. In that case,
when we unregister the receiver in the receiver's onReceive
method, BroadcastInterceptingContext will throw a
ConcurrentModificationException because the list of receivers is
being modified during iteration.
Fix this by adding an ExpectedBroadcast class that stores the
receiver and unregisters the receiver only when the test checks
that the broadcast was received, which happens after the receiver
runs. This is easier to use and also guarantees that the receiver
is unregistered even if the test is expecting that the broadcast
is never fired. Accordingly, remove mRegisteredReceivers and the
code that uses it; it's no longer necessary now that
ExpectedBroadcast always unregisters its receivers.
Also add a convenience expectConnectivityAction method to expect
a CONNECTIVITY_ACTION broadcast with specific contents. This
makes the test easier to read and more detailed. Convert some
existing tests to this method.
While I'm at it, fix a test that was using "mCellNetworkAgent" to
represent a wifi network.
R backport notes: added import for NetworkInfo.DetailedState.
That was added in aosp/1527378, which is impractical to backport.
Bug: 172870110
Test: test-only change
Change-Id: Ibada8b4215625e1016d9fd170526206920af76f5
Merged-In: Ibada8b4215625e1016d9fd170526206920af76f5
Current code treats these nulls as if they weren't there.
Bug: 172870110
Test: test-only change
Change-Id: Id4632e1b004c09910b4b7613f7233d2c19e2f0ac
Merged-In: Id4632e1b004c09910b4b7613f7233d2c19e2f0ac
This test is a bit brittle because it sets the underlying
networks while the VPN is undergoing validation by
NetworkMonitor. The test does attempt to disable validation,
but that's not actually possible - the only thing that's possible
is to tell NetworkMonitor to validate immediately without sending
any probes. So the underlying network change races with the
validation. I'm not sure why the test isn't flaky. It might be
because both the network change and the validation result in a
capabilities change, and the test expects "a capabilities change"
without expressing what change that should be.
Make this a bit more predictable by ensuring that the network
validates before the underlying networks are set.
This is useful because an upcoming CL will change the way
underlying network capabilities are propagated. With this test
CL, both the old and the new code pass.
Bug: 172870110
Test: test-only change
Change-Id: I319858228e8d097c0b60a107029f296385f91269
Merged-In: I319858228e8d097c0b60a107029f296385f91269
MockVpn is very difficult to use because it requires the test
caller keeping track of both the MockVpn object and an
accompanying TestNetworkAgentWrapper.
It's also not very realistic: for example, connect() doesn't
actually connect anything, it just makes it so that if
ConnectivityService tries to update the capabilities, the attempt
will not be ignored. Also, unlike the real code in Vpn, it
connects with empty NetworkCapabilities (in particular, with
empty UID ranges).
Make this easier to use and a bit more realistic by:
- Allowing TestNetworkAgentWrapper to take a "NetworkCapabilities
template" that will form the initial capabilities sent when the
agent registers with ConnectivityService. This allows the VPN
to register its agent with its UID ranges already set, like the
production code does.
- Providing separate methods to register the NetworkAgent and
mark it connected for cases where the test needs to make
changes to the NetworkAgent before connecting (e.g., poking
NetworkMonitor).
- Putting the TestNetworkAgentWrapper inside MockVpn and driving
it through MockVpn's methods. In order not to have too many
wrapper functions (and because we can't delegate like in
Kotlin), there's still an agent() method that returns the
TestNetworkAgentWrapper.
Bug: 172870110
Test: test-only change
Change-Id: I749ff325bc13ac96f512270b86d1f67686eec378
Merged-In: I749ff325bc13ac96f512270b86d1f67686eec378
This CL removes four methods in MockVpn by slightly changing the
test code to leverage the actual methods implemented by the
(production) Vpn superclass.
This works because setting mInterface results in
isRunningLocked() returning true, which makes a number of methods
behave as if the VPN is connected (which is what the test
expects).
The more realistic behaviour exposes a minor bug in the treatment
of underlying networks. Add a TODO to fix it.
Bug: 172870110
Test: test-only change
Change-Id: I49421183538ba61ca790af71e309ece36b653bf9
Merged-In: I49421183538ba61ca790af71e309ece36b653bf9
This test checks that if a VPN declares an underlying network
that does not exist, the capabilities of that network are applied
to the VPN as soon as the network starts to exist.
Bug: 172870110
Test: test-only change
Change-Id: Icc0701cb4cea7d91f7738c1e426e94cd26686b74
Merged-In: Icc0701cb4cea7d91f7738c1e426e94cd26686b74
Test extra info sent to NetworkMonitor correctly if network
agent is created through new NetworkAgent constructor without
legacy network info taken as parameter.
Bug: 156173829
Test: atest FrameworkNetTests
Merged-In: I4f827664c528bea30cc957a0a617dd37693f4460
Change-Id: I4f827664c528bea30cc957a0a617dd37693f4460
This is only necessary when learning the NAT64 prefix from the
RA, because if the NAT64 prefix is learned from DNS, the DNS
resolver already knows the prefix and automatically enables
DNS64 synthesis.
The DNS resolver needs to be informed of the prefix any time
clat is running on a prefix learned from an RA. This is simple to
implement: just set the prefix when starting clat if prefix
discovery is not running, and clear the prefix when stopping clat
if prefix discovery was not running. This ensures that the prefix
is cleared iff it was set.
Bug: 156914456
Test: new unit test coverage
Original-Change: https://android-review.googlesource.com/1315578
Merged-In: If8ad2d30712a6df3e207c8d3e8a129705242191e
Change-Id: If8ad2d30712a6df3e207c8d3e8a129705242191e
This is not particularly likely to happen unless the pref64 RA is
sent by a different router than the main RA. But more tests are
always good, and this additional coverage will be more useful
in an upcoming change.
Bug: 150648313
Test: test-only change
Original-Change: https://android-review.googlesource.com/1316094
Merged-In: I3316d49d42100800740afadc4edf0a13a4d8377c
Change-Id: I3316d49d42100800740afadc4edf0a13a4d8377c
As NetworkAgent is in a transition where all agents need
to include the NOT_SUSPENDED capability as part of their
migration to the system API, ConnectivityService adds it
forcefully to all agents that don't have the CELLULAR
transport. This doesn't include VPNs when VPNs have some
cellular network as their underlying network.
The best way to solve this is to make sure the VPN
capabilities reflect those of the underlying networks as
far as the NOT_SUSPENDED capability is concerned. This
is how they work for other similar capabilities.
This also happens to contain a drive-by fix for an issue
with a spurious capabilities callback is triggered when
a VPN connects and it has any underlying network (which
means almost always, because it will take the default
network if it doesn't declare any). Fixing this was
necessary to have a cogent test of this issue, but it
could be moved to another patch or it could stay unfixed
with some minor ajustment to the tests if judged too
dangerous to include in R at this point.
Test: New tests in this patch. Also manually tested with
tcpdump as described in b/150570873.
Bug: 150570873
Original-Change: https://android-review.googlesource.com/1301317
Merged-In: I3e4ff990c0d4825b21c7679be29a482a2d1324ec
Change-Id: I3e4ff990c0d4825b21c7679be29a482a2d1324ec
When a VPN connects and it has any underlying network (which
means almost always, because it will take the default network
if it doesn't declare any), it has default capabilities and
will only take the capabilities of its underlying network
as part of an update happening after making the network
available but before the rematch can take place. This in turn
causes the capabilities callback sent as part of the rematch
to be spuriously sent.
Test: FrameworksNetTests. Also tested together with a
followup that adds tests with drive-by coverage for this.
Bug: 150570873
Original-Change: https://android-review.googlesource.com/1305393
Merged-In: Id7d8bba486bada1a7ba5b0f152d2aa02e407f249
Change-Id: Id7d8bba486bada1a7ba5b0f152d2aa02e407f249
This change sets the owner and administrator UIDs for test networks when
their initial values match the UID for the app creating the test
network. This ensures that apps registering test networks can only make
themselves owners / administrators of the network.
Bug: 153449964
Test: atest NetworkAgentTest
Change-Id: I3a974700aa1d83cb285295ed1de0aa263e2e5b58
Merged-In: I3a974700aa1d83cb285295ed1de0aa263e2e5b58
(cherry picked from commit 35782280a2)
Address issues found during AIDL review:
- Rename clientAddr to singleClientAddr
- Do not use a ParcelableBundle for notifyNetworkTested or
notifyDataStallSuspected; instead use AIDL parcelables for stronger
backwards compatibility guarantees.
Test: atest NetworkMonitorTest ConnectivityServiceTest
ConnectivityServiceIntegrationTest, manual
Bug: 153500847
Merged-In: Id9b71784e5f6294d203230e57737979e063ff0f8
Change-Id: Id9b71784e5f6294d203230e57737979e063ff0f8
Currently, if a prefix is learned from an RA while prefix
discovery is running, clatd will be correctly started, but
prefix discovery will be stopped.
In order to fix this, make it possible to call
stopPrefixDiscovery without transitioning to IDLE state (which
is obviously necessary in this case), by moving the assignment of
the next state from that method to its callers. For consistency,
do the same for startPrefixDiscovery.
Bug: 150648313
Test: new test coverage
Change-Id: I3803fa3d9806848b331c35ee8bac256934bd1f21
Merged-In: I3803fa3d9806848b331c35ee8bac256934bd1f21
(cherry picked from commit c7c6f76402)
The NAT64 prefix from the RA always takes precedence over the
NAT64 prefix from DNS discovery, because it is detected faster,
and detecting it does not require sending any packets.
Bug: 150648313
Test: new unit test
Merged-In: Ic7452431d2d9aea1ae59b67a9d8383c6cc5b3902
Change-Id: Ic7452431d2d9aea1ae59b67a9d8383c6cc5b3902
This cannot (currently) happen with DNS64 detection, but it can
happen with the PREF64 option.
Bug: 150648313
Test: atest ConnectivityServiceTest Nat464XlatTest --rerun-until-failure 100
Merged-In: I789fe9d46d3ac5d074ae697d23013f24a9e0246d
Change-Id: I789fe9d46d3ac5d074ae697d23013f24a9e0246d
For a given network, resolver doesn't know what transport types are.
Therefore, when a new network is created or transport types are changed
in a give network, transport types will be updated and sent by calling
setResolverConfiguration(). In the same time, if link properties or
transport types are null, setResolverConfiguration() won't be called.
The original behaviors of setResolverConfiguration() aren't changed.
Only increasing one new behavior that when a given network has transport
type change, calling setResolverConfiguration() directly and resolver
updates the transport types for that given network.
Bug: 143732914
Test: atest FrameworksNetTests
atest FrameworksNetIntegrationTests
Change-Id: I6527cde0e177ba08c886576131b35fc769c2bb53
VPN is considered fully routed if both IPv4 and IPv6 have
either a default route or a prohibit route.
Bug: 145332510
Test: atest FrameworksNetTests
Merged-In: I59cf48552bca98092d1212e3d718fd420add5458
Change-Id: I59cf48552bca98092d1212e3d718fd420add5458
This change updates ConnectivityService to use IBinder instances as keys
when storing ConnectivityDiagnosticsCallbacks.
When storing ConnectivityDiagnosticsCallbacks in ConnectivityService,
the IConnectivityDiagnsoticsCallback is used as the key for
ConnectivityService.mConnectivityDiagnosticsCallbacks. However,
IConnectivityDiagnosticsCallback instances are received as different
objects. This causes them to produce different hashCode() values, so
attempts to remove an IConnectivityDiagnosticsCallback fail.
Bug: 150867635
Test: atest FrameworksNetTests
Change-Id: Ib99e68d5ae47fa27e12428f9a60a2c1204ac59a2
Merged-In: Ib99e68d5ae47fa27e12428f9a60a2c1204ac59a2
(cherry picked from commit c7c6a4ac12)
This change updates the behavior for registering
ConnectivityDiagnosticsCallbacks. Now, after a successful register()
call, callbacks will receive cached ConnectivityReports for all
matching, permissioned networks. This allows registrants to be updated
with the network state for their networks without having to wait for the
next network validation.
Bug: 147849853
Test: atest FrameworksNetTests
Change-Id: I924ba8fdcc847f453557021591bde38602fe089c
Merged-In: I924ba8fdcc847f453557021591bde38602fe089c
(cherry picked from commit 95ec0b206b)
Add gating via PlatformCompat and DeviceConfig and logging via
PlatformCompat to the limit instituted on per-process listeners
Fixes: 152074216
Test: atest CtsTelephonyHostCases
Change-Id: I4d6681d90705b68c3349f4124e434a29b50fd3a2
Connectivity Diagnostics included an unnecessary try-catch for verifying
that the permissions check for invoking ConnectivityDiagnosticsCallbacks
doesn't throw when the uid and package name do not match.
Bug: 149119324
Test: atest FrameworksNetTests
Change-Id: Ie302b1f4f437e819fdd15ec28adb0b56750c2c53
Merged-In: Ie302b1f4f437e819fdd15ec28adb0b56750c2c53
(cherry picked from commit 66b5e081b7)
ConnectivityDiagnosticsCallbacks should only be invoked for the
underlying networks declared by active VPNs. This encourages VPN apps to
declare their underlying networks.
The previous permission model for VPNs allowed active VPNs to receive
callbacks on any network.
Bug: 148903617
Test: atest FrameworksNetTests
Change-Id: Ic08cdd2e2532580fda0fd3034e2bdff27e0ff84b
Merged-In: Ic08cdd2e2532580fda0fd3034e2bdff27e0ff84b
(cherry picked from commit e1f0c56f74)
CONNECTIVITY_ACTION_SUPL is marked as a "temporary hack" and has
never been public. Remove this intent definition since no one is
receiving this intent and should use network callback to know the
connection change.
Bug: 109636544
Test: atest FrameworksNetTests
Change-Id: Ie9e5127742beba04f1c191e894e8a29fe1e704bb
Merged-In: Ie9e5127742beba04f1c191e894e8a29fe1e704bb
(cherry picked from aosp/1224697)
NetworkCapabilities#mAdministratorUids is used to track the UIDs that
are administrators of the given Network. This value was previously
stored as List<Integer>. However, general Android API Council guidelines
recommend using Arrays for primitive values. In order to be consistent
with the guidelines, updating the field to use an Array.
Bug: 147903575
Test: atest FrameworksNetTests
Change-Id: I2652a5b0f276b8944454af5cb4b1383a3e054cfa
- Change route to update existing route
- MTU parameter added to AddRoute
Bug: 142892223
Test: unit test
Change-Id: I2164808ef628eb7c12e875f0bde7f5151bf6a5b5
Merged-In: Ie339d0cee5be12c2232a4631fed61219a0facc64
(cherry picked from commit e521f07e8b)
The NetworkStack.getService() API should be used instead.
Bug: 151243982
Test: atest FrameworksNetTests TetheringTests
Manual tethering test
Change-Id: I7855090bffbe895c8349ad4903b8f2eb55515f0b
ConnectivityService currently calls
LocationPermissionChecker#checkLocationPermission. This method call
throws a SecurityException if the given package name and UID do not
match. This permission check is made from the ConnectivityService
Thread, so any Exception being thrown will crash the SystemServer. This
is not acceptable, so surround the permission check in a try-catch in
case any SecurityExceptions are thrown.
Bug: 149119324
Test: atest ConnectivityServiceTest
Change-Id: Ibe2874f2a5249432270aa1b9eb7d004bbba35ac2
Merged-In: Ibe2874f2a5249432270aa1b9eb7d004bbba35ac2
(cherry picked from commit 9eacc855b6)
API Council feedback suggests renaming ConnectivityDiagnosticsCallback
'onConnectivityReport' function to be 'onConnectivityReportAvailable'.
Bug: 150598997
Test: atest FrameworksNetTests
Change-Id: Ieea727ecee6cf358a53a215fd4b06233dfe967ea
(cherry picked from commit 324b224cc48fcb12125bd1727be70ad2effbfce3)
CTS tests don't have access to TestNetworkAgent and therefore
require overloading this method, which means 'null' is ambiguous.
Bug: 139268426
Test: FrameworksNetTests
Change-Id: I5d7deea82d7114fa38f37b90f94fe7e6073bd848
(cherry picked from commit ff83f1d7ee)
NetworkFactory is turning into a one-time object that cannot be
re-used. Check for this in ConnectivityService.
Bug: 148635501
Test: test continues to pass
Change-Id: I793436ee0f4b5d778788ad34b8a2575d2ad0ed80
ConnectivityDiagnostics shares NetworkCapabilities in
ConnectivityReports and DataStallReports. These NetworkCapabilities need
to have their UIDs scrubbed before they are shared with callbacks.
Bug: 148942124
Test: atest FrameworksNetTests
Change-Id: I5bde5a8116f7e36b8f4de49adf4cab8ec45a5aa4
Merged-In: I5bde5a8116f7e36b8f4de49adf4cab8ec45a5aa4
(cherry picked from commit 3de2432655)
Check all routes that are added and removed instead of just some
of them. This is in preparation of an upcoming change that
switches to adding and creating routes by issuing direct calls to
netd.
Also rename the misleading ipv4Default route variable to
ipv4Subnet, which is what it actually is.
Bug: 142892223
Test: test-only change
Change-Id: I7d111382be215a926a7d7d4701bd3c3e94372b99
Merged-In: I7d111382be215a926a7d7d4701bd3c3e94372b99
(cherry picked from commit dcb35cb9a5)
This class is useless at this point and introduces overhead.
Bug: 113554781
Test: FrameworksNetTests
Change-Id: Ib5f540070222865260c16c7182cc13c710a243c2
Merged-In: Ib5f540070222865260c16c7182cc13c710a243c2
(cherry picked from commit c3489ad3a6)
