Privileged applications provide core system functionality and as such a
MiTM in one can put the entire system at risk. These applications should
not be trusting user added CAs by default.
Bug: 65406503
Test: runtest --path framework/base/tests/NetworkSecurityConfigTest
Change-Id: I033258fe1c66ad245d172899df52e9cd02e9ca75
Allows native AES-GCM-ESP to be used as an IPSec transport/tunnel mode
algorithm with kernel support
Bug: 63589918
Test: IPsecService tests added, existing ones pass
Change-Id: Ie1a9a902be205f269aa37bf956198f2e5b177c21
This updates the FeatureSplit test sample to reflect the current
way of doing correct feature splits.
This is not final, as aapt2 will be gaining some improvements to
make access of private resources across feature splits valid by default.
Bug: 65096694
Test: manual
Change-Id: I4524dc161d46c5479b5abe340eb93844078ed316
Although commit 893a762c2f fixed some flakyness issues in
testNetworkCallbackMaximum so that it became stable when ran on its own,
it introduced a new source of random failures because instead of
registering callbacks after callbacks until a limit was reached, commit
893a762c2f changed the test logic to push the assertions right up to
the theoretical limit.
More precisely when registering and unregistering PendingIntents in a
loop, not introducing some delay for checking that previous
PendingIntents have been effectively unregistered can cause the test to
fail. This patch fixes this issue.
Bug: 32561414
Bug: 62918393
Test: runtest frameworks-net
testNetworkCallbackMaximum now succeeds 100 in a row on sailfish
Change-Id: I086817a738ab99fd53ba76ca8faada6151f46472
This patch is a batch of mechanical changes to test classes to migrate
away from AndroidTestCase and TestCase.
Bug: 62918393
Test: runtest frameworks-net
Change-Id: I74134609e511f22c4d9ecd65780e981f9ba7ae3f
Still very rough UI, but basically does what is intended.
Also add two tests apps for manual tests (CTS test will
be coming).
Bug: 63937884
Test: manual
Change-Id: I45a6a2b122a75f8125510a2027bb1faf57c6956d
Test: Pulled out of a client app ; the client app is behaving
Test: identically to how it was behaving before. Wrote unit
Test: tests in frameworks-net.
Change-Id: I397137748a95c65cee2e1e1b243a1a260e83a6f7
Having spaces in the trace file names introduces slashes in the
file names and not able to pull the file names with the slashes
from the device.So avoid having spaces while constructing the
trace file names.
Bug : b/65737738
Change-Id: Ie1971566586f77d18b17722ce0e3cc9ef3ebfdd3
(cherry picked from commit 3f04fb1bcf)
-Split IpSecServiceTest into parameterized
and single tests.
-Add IPv6 parameters
Bug: 66954381
Test: this
Change-Id: Ib98c112560014f73bccc3d2842c31d297c7a07ef
Add equality testing methods to support tests
for parceling and un-parceling IpSecConfig.
Bug: 38397094
Test: runtest -x IpSecConfigTest.java
Change-Id: I31e318334d39ed6e9daf5ec8f3be7dcec75e12ad
All of the input to IpSecService over the Binder
interface needs to be validated both for sanity
and for safety.
-Sanity check all the parameters coming from binder.
-Added setters for IpSecConfig to decouple the test
from the IpSecManager. This was needed because the
input validation caused the tests to fail due to a
null parameter that was previously un-tested.
-Added the mode flag to the IpSecConfig bundle this
oversight was found during testing.
-Expose the getResourceId() methods for testing in
UdpEncapsulationSocket, SecurityParameterIndex, and
IpSecTransform classes.
-Remove the unneeded getIpSecConfig() from
IpSecTransform: unneeded now that we can synthesize
configs.
Bug: 38397094
Test: runtest frameworks-net
Change-Id: I5241fc7fbfa9816d54219acd8d81a9f7eef10dd4
Registered requests are not keyed by PendingIntents in
ConnectivityService, which means that unregistering a request with a
PendingIntent causes a linear search in all registered requests.
testNetworkRequestMaximum was registering too many PendingIntents
simultaneously, causing the unregistration loop to have n^2
complexity and to take a long time to take effect.
To make the unregistering loop less likely to trigger a timeout on
waitForIdle, this patch changes the test to not register MAX_REQUEST
number of PendingIntent, but instead mixes a small number of
PendingIntents with NetworkCallbacks to reach MAX_REQUEST number of
simultaneously registered requests.
When unregistering these requests, callbacks are unregistered first.
Bug: 32561414
Test: runtest frameworks-net
Change-Id: I48b882c884abe20b388190b7f28baee293446f37
This patch changes describeImmutableDifferences in NetworkCapabilities
to ignore differences in NET_CAPABILITY_DUN, so that updateCapabilities
in ConnectivityService to not report wtf errors when a NetworkAgent
degrades its NetworkCapabilities object by removing NET_CAPABILITY_DUN.
Bug: 65257223
Test: runtest frameworks-net
Change-Id: I115ed1b366da01a3f8c3c6e97e0db8ce995fd377
