Some hotspot devices will fill in the server host name field of the DHCP
package, such as iphone. Parsing the server host name of the DHCP
package can help identify ios hotspots.
Bug: 120584519
Test: 127423755
Test: builds, boots, wifi works
Change-Id: Idbe10c36332ce421f1bba93eb87e9e1e12463088
This change maps EPROTONOSUPPORT to the list of error codes that map to
UnsupportedOperationException in IpSecManager.
Bug: 80103456
Test: Compiles, CTS tests ran
Change-Id: Iec3d5fc4a9bcad7c104414afefae775232d46558
This change adds a new NATTKeepalive resource type, along with the
associated allocation/deallocation. Additionally, this change allows
ReferenceCountedResource(s) to not be binder-linked, to allow the
ConnectivityService to verify ownership and allocate a NattKeepalive
without double-registering for binder-death notifications.
Bug: 125517194
Test: IpSecService frameworks tests ran
Change-Id: I8293f79940ad57dabb6f2b9de5e334d06b869443
This commit adds the ability to pass in LinkProperties and meteredness
for additional testing use cases.
Bug: ?
Test: Compiles. Test utility only.
Change-Id: Idf6c3bcae2dea5e61c0418b72b889496919be8ba
For implementing parcelable interface for NattKeepalivePacketData.
Move this class out of framework.jar and move to services.jar
This class is used in telephony-common.jar and it also loads
service.jar.
Bug: 33530442
Test: - build pass
- atest NetworkStackTests
- atest ConnectivityServiceTest
Change-Id: Id2fdec5c4015d2cefd8a93e0cfdcc3c304fc9b64
As per API council feedback, these constants should live in
a place that is private to the network stack, only with a
range defined in system API.
Bug: 129433383
Test: m
Change-Id: I84a90f84a9af6fef4667ee4d512ebd0413222086
Merged-In: I4882686a86e7c6d42f4b0619b921d02619ed6d4c
Merged-In: I9b648ed6c687d56db61a54570c7880c51c1bae51
This reverts commit 3897df2e36.
Reason for revert: Rolling forward, will fix tests in same CL stack.
Bug: 114231106
Bug: 130397860
Test: FrameworksNetTests
Change-Id: Ia8a0c99b4e1fd5dff26c881715cd876618ca4321
This reverts commit fd8f96d719.
This change does not have any topic: not reverting the other 2 commits in the original topic.
Reason for revert: broke FrameworksNetTests presubmit: b/130397860
Change-Id: Iff41d9fe97fafea44680c8d67d1ce19277548cc0
To address the API review feedback provided by
the API council.
Bug: 129261432
Test: atest DnsResolverTest
Change-Id: I3de11c913682abf790850b45cd5d50ac28b3fc5c
When a fully-routed VPN is running, we want to prevent normal apps
under the VPN from receiving packets originating from any local non-VPN
interfaces. This is achieved by using eBPF to create a per-UID input
interface whitelist and populate the whitelist such that all
non-bypassable apps under a VPN can only receive packets from the VPN's
TUN interface (and loopback implicitly)
This is the framework part of the change that build the whitelist.
The whitelist needs to be updated in the following cases:
* When a VPN is connected and disconnected
This will cover the change to allowBypass bit, since that can't be
changed without reconnecting.
* When a VPN's NetworkCapabilites is changed (whitelist/blacklist app changes)
* When a new app is installed
* When an existing app is removed
* When a VPN becomes fully-routed or is no longer fully-routed
New user/profile creation will automatically result in a whitelist app change
transition so it doesn't need to be handled specially here.
Due to the limitation of the kernel IPSec interacting with eBPF (sk_buf->ifindex
does not point to the virtual tunnel interface for kernel IPSec), the whitelist
will only apply to app VPNs but not legacy VPN connections, to prevent breaking
connectivity with kernel IPSec entirely.
Test: atest PermissionMonitorTest
Test: atest android.net.RouteInfoTest
Test: atest com.android.server.ConnectivityServiceTest
Test: atest HostsideVpnTests
Bug: 114231106
Change-Id: I143b03d60e46cb1b04732b4a4034f5847b4d1b1a
This follow-up change performs some cleanup changes without affecting
functionality
Bug: 72950854
Test: Compiles, CTS tests using this pass
Change-Id: Ic7394f24f11d713c9374b438182e29d2a02ea236
ConnectivityManager and its usages are removed from
NetworkStatsService. After that, forceUpdateIfaces requires
information that only ConnectivityService has, hence
restricting the calling permission to NETWORK_STACK or
MAINLINE_NETWORK_STACK permission. The required permission
will be changed from READ_NETWORK_USAGE_HISTORY to
NETWORK_STACK or MAINLINE_NETWORK_STACK. This change would make
it impossible to call outside the system.
Bug: 126830974
Test: atest FrameworksNetTests
Change-Id: I776484921b2dbb6735d7940c558fb5e4baed6d1e
This API was added in Q but is not necessary anymore as
Os#setsockoptTimeval was exposed as public API.
Test: m
Fixes: 129433363
Change-Id: Ifd04c0314f7f7c0dbd0ed89dbaf69b9c152d3330
The SocketUtils.attach*Filter and SocketUtils.addArpEntry methods
were added there because they could not be added as JNI inside
the NetworkStack. This was not possible because on Go devices,
the NetworkStack was a jar library. But now, Go also uses an APK.
Hence, move these methods to the NetworkStack.
Change-Id: I1d88a0f0be23f2b15d5103fa092b9bf982329d7c
Fix: 129433183
Test: atest NetworkStackTests FrameworksNetTests
These two classes were added to @SystemApi because they are used
both by NetworkMonitor and CaptivePortalLogin. However it turns
out they are not needed in the framework, so having them as a
library sounds better.
Change-Id: Iadf77ec5952b6da8812dc6d006a39bd4e93d2bd9
Fix: 129433264
Test: atest NetworkStackTests FrameworksNetTests
- Add documentation to CaptivePortal#logEvent
- Add paragraph breaks to StaticIpConfiguration class javadoc
- Format javadoc for API documentation
- Move setters to a builder and hide fields for apps targeting P or
older
- Document StaticIpConfiguration getters and builder setters
- Add documentation for StaticIpConfiguration#getRoutes
Bug: 129362244
Bug: 129433304
Test: built, flashed, booted, WiFi working
Test: atest FrameworksNetTests NetworkStackTests
Change-Id: Ia66c1097f01ca87d02eba3456547aedb1e480186
- Restrict unprivileged apps to use
NetworkRequest.Builder#setSignalStrength.
- Remove the "throws NullPointerException" in
CaptivePortalProbeSpec constructor.
- Remove the null check in LinkProperties.
- Add annotataion into all ConnectivityManager.NetworkCallback
methods.
Change-Id: Id275cac1d6a30d7515cd7b113394f5e8a0179314
Fix: 129097486
Test: atest FrameworksNetTests
NetworkMonitor obtained LinkProperties and NetworkCapabilities via
synchronous calls to ConnectivityManager after receiving an asynchronous
notification, which is prone to races: the network could be gone before
the LinkProperties/NetworkCapabilities can be fetched.
Fix the race by passing LinkProperties/NetworkCapabilities directly to
NetworkMonitor in the asynchronous notifications.
Test: atest FrameworksNetTests NetworkStackTests
Test: booted, WiFi works
Bug: 129375892
Change-Id: I200ac7ca6ff79590b11c9be705f650c92fd3cb63
This method was removed as part of addressing API council feedback in b/129261432
Add back previous DnsResolver#query which is already being used by developers.
Bug: 129395490
Test: atest DnsResolverTest
Change-Id: Ic956db204f3940d39d42e1b11dda39e57d356fad
