Use SecureRandom instead of Random since Random is time based and can
increase the chance of generating same MAC address across multiple
devices.
createRandomUnicastAddress should randomize all bits of the address,
except for locally assigned bit and unicast bit. The previous method
that only randomizes NIC and use Google Base OUI is renamed to
createRandomUnicastAddressWithGoogleBase.
Bug: 72450936
Test: runtest frameworks-net
Change-Id: Icda650638c2c1c9fd90d509a87e86347c0e05f2d
Test: this is the exact code these changes were meant to give
without conflict had the auto-merger not squashed them
together before it tried to merge them. It was tested on
master in this state.
Change-Id: I5cbde17fb6016e5e6b5d0b04c8f41858d708ef4a
Test: runtest frameworks-net
Test: also new specific tests for this new code
Test: also tested with VPN app
Test: also cts passing
Change-Id: If0311bae2bf99dedac959febadecf4f92f3064b8
This allows us to maintain NetworkStats entries that track
whether the traffic was on the default network.
At the moment, the stats collection code always passes in
DEFAULT_NETWORK_NO. However, this value is a no-op, since it is
not persisted to disk. Only the ident, the uid/set/tag, and the
packet/byte/operation counters are persisted.
A future change will add defaultNetwork to the ident and start
persisting it.
Bug: 35142602
Test: runtest frameworks-net
Change-Id: Ifa291c62c0fa389b88e5561086a29dcd7cee2253
Convert the IpSecTransform from being a bi-directional
pair of SAs to a unidirectional single SA. This CL
also removes the concept of "direction from SAs meaning
that a IpSecTransform may now be applied to a socket
in either direction.
-Make transforms unidirectional
-Add Convert allocateSpi() to use destination rather
than direction and remote address
-Remove directionality from builders for IpSecTransform
-Change applyTransportModeTransform() to take a
direction in which to apply the transform object.
-Additional minor naming updates
-Restrict IpSecConfig to only print keys on eng builds
-Move DIRECTION constants to IpSecManager
-Add sourceAddress parameter to IpSecTransform to provide
additional guarantees about the source address of data;
(explicit failure rather than implicit failure).
-Move SPI to the build() method of IpSecTransform
Bug: 71717213
Test: runtest frameworks-net, CTS - IpSecManagerTest
Change-Id: I0824b37f443f4b8c62536d9801238c63ed8f2a1c
This patch adds to the MacAddress class:
- getAddressType() method which replaces addressType(), for naming
consistency
- @NonNull annotations on all input and output reference values for
all public methods (@hide and public).
TYPE_UNKNOWN, which currently cannot be observed with a non @hide
method, is also removed from the public api.
Bug: 71866627
Test: $ runtest frameworks-net
Change-Id: I2af70408d46f431b7b32183e6b48ddae9a261a2c
NetworkInterface throws Exceptions every time you look at it askance.
Try to make something we instantiate fully, once, and pass it around.
Partial MacAddress-ification as well, for good measure.
Test: as follows
- built
- flashed
- booted
- runtest frameworks-net passes
- basic IPv6 tethering works
Bug: 32163131
Bug: 62476366
Change-Id: I16c145fddb4e76387370338d792a438eed886d7f
1) toSafeString() is renamed to toOuiString()
2) toOuiString() returns a String that only contains the first 3 bytes
of the mac address.
Bug: 70336442
Test: runtest frameworks-net
Change-Id: I798d8fec32dbff5687a682028e5d90eb941f81c1
Merged-In: I798d8fec32dbff5687a682028e5d90eb941f81c1
(cherry pick from commit a0ecf38d30)
1) toSafeString() is renamed to toOuiString()
2) toOuiString() returns a String that only contains the first 3 bytes
of the mac address.
Bug: 70336442
Test: runtest frameworks-net
Change-Id: I798d8fec32dbff5687a682028e5d90eb941f81c1
This reverts commit 94209ab768.
Reason for revert: should not have auto-submitted prior to more extensive wifi team testing.
Change-Id: Ie81b10473caf34971226948038bc20dc4fa6a1ae
Additionally, no longer try to transition from within a State's
enter() method (this can encounter Log.wtf()s). Introduce some
CMD_JUMP_* commands and use deferMessage().
Test: as follows
- built
- flashed
- booted
- runtest frameworks-net passes (except for IpConnectivityMetricsTest failures)
- manual changing from DHCP to static configurations works:
2017-12-11T19:06:19.082 - INVOKE onLinkPropertiesChange({{InterfaceName: wlan0 LinkAddresses: [] Routes: [] DnsAddresses: [] Domains: null MTU: 0}})
Bug: 69800563
Bug: 70394432
Change-Id: Ice249a48b66806c0270ec3f11dd2e8e387d4e29b
Throughout the IPsec code (API, system server, netd) we use "reserve"
SPI and "allocate" SPI interchangeably. This renames to use "allocate"
everywhere for self-consistency and consistency with the kernel
(ALLOCSPI).
In javadoc, I am leaving the word "reserve" in several places because it
is still an accurate description of how the method behaves.
Bug: 69128142
Test: TreeHugger should be enough
Change-Id: I8ea603b4612303b0393beef04032671fa53d2106
IpReachabilityMonitor (and IpNeighborMonitor) are only accessed from
the IpManager StateMachine's thread. Consequently lots of locking can
now be removed.
Additionally:
- rename BlockingSocketReader to PacketReader
- incorporate IpReachabilityMonitor output in dump()
Test: as follows
- runtest frameworks-net passes
- "adb shell ip neigh change <address> dev wlan0 nud failed"
triggers wifi to disconnect
Bug: 62476366
Bug: 67013397
Change-Id: I18aca29ae0019a72a7e559c2832e0d9b0e33d81e
Improve the Validation of IpSecAlgorithm by
explicitly checking the length in addition to
the truncation length (previously an oversight).
In addition, we now check the lengths during
un-parceling, which will catch someone maliciously
manually building a parcel and passing it, bypassing
the checks in the constructor.
Bug: 68780091
Test: runtest -x IpSecAlgorithmTest.java
Change-Id: I8172762617264d34f47d5144336464510f07a701
