As part of creating a full facade over OkHttp code there
are some changes to OkHttp-related classes that must be tracked.
See the related external/okhttp commit for details.
Some non-functional lint / WS changes have been made as part of this
change.
Test: Ran CtsLibcoreOkHttpTestCases entirely
Test: Ran CtsLibcoreTestCases entirely
Test: run cts-dev -m CtsNetTestCases -t android.net.http.cts.HttpResponseCacheTest
Bug: 111055375
Change-Id: I0b0ec21fa376ea33e2fa5486e203e92d3c3337cf
* changes:
Disable the AppOp Restriction for IpSec Tunnels
Rework Exception Handling for IpSecManager
Update IpSecManager to use InetAddress and prefixLen
Add AppOps Checks for MANAGE_IPSEC_TUNNELS
Add MANAGE_IPSEC_TUNNELS Permission
In order to properly support EOPNOTSUPP this CL
applies a consistent approach to handling Exceptions.
Hereafter, all exceptions that aren't of a special
method-specific type (such as SpiUnavailableException)
will all be returned to the calling process unchanged.
At the API call site, the ServiceSpecificException,
which is really an Errno, will be inspected and either
converted to an unchecked exception for types we know,
or it will be converted to an IOException in cases where
that method can return a checked exception. In cases
where we do not expect an errno, we will simply throw
a generic RuntimeException. This means all API calls
will now properly throw UnsupportedOperationException
and may be CTS tested accordingly.
Bug: 72420898
Test: runtest frameworks-net
Merged-In: I4a00e221618896223fcdb4b4279fb14cd14e34d8
Change-Id: I4a00e221618896223fcdb4b4279fb14cd14e34d8
(cherry picked from commit ddeb90aa9d)
LinkAddress constructors are currently @hide; this change updates
IpSecManager to use InetAddress and prefixLen, and then construct a
LinkAddress internally. LinkAddress is used over the binder interface to
IpSecService to ensure validity.
Bug: 77528639
Test: CTS, Java unit tests ran on walleye
Merged-In: I19e124adef6d9f4992d8293db3190bcf74c95848
Change-Id: I19e124adef6d9f4992d8293db3190bcf74c95848
(cherry picked from commit 3f2c54b782)
Adds support for a new AppOp to permit services to
use IpSec tunnel mode. The IpSecService now needs
a context so change the service mode to a cached
service rather than a static service.
Bug: 66955045
Test: runtest frameworks-net
Merged-In: I17a4a286225b432c3e15ea1587d946189931b4f4
Change-Id: I17a4a286225b432c3e15ea1587d946189931b4f4
(cherry picked from commit 592dadbd43)
Add a new MANAGE_IPSEC_TUNNELS permission and
protect all IPsec Tunnel mode APIs with it.
This permission is only granted to the system or
through an AppOp.
Bug: 66955045
Test: compilation
Merged-In: I0f618373b500c493ef2211bece681f74652a1833
Change-Id: I0f618373b500c493ef2211bece681f74652a1833
(cherry picked from commit 159788455c)
* changes:
Let tests enumerate all transports/capabilities.
Destroy networks as soon as they are disconnected.
Fix a ConcurrentModificationException crash.
Unify behavior of various cases of "no underlying networks"
Fix: VPNs update caps upon underlying network disconnect.
Add tests for setUnderlyingNetworks.
Fix setCapabilities.
Fix SSID not being logged by the validation logs
Make sure getActiveNetwork is consistent with default callbacks
Add tests for getActiveNetwork.
Guard the SSID with NETWORK_SETTINGS
Add a new ssid field in NetworkCapabilities.
Notif manager and captive portal app to read SSID again
Remove unwanted capability from the java-doc
Actually @hide unwanted capability methods.
API council requested tweaks to NetworkRequest.
Add OEM_PAID capability to system api
add airplane mode shell commands to connectivity
Enable cleartext for captive portal apps
Expose CONNECTIVITY_ACTION to Instant Apps
fix isActiveNetworkMetered with VPNs
This gives them a way to collect all included values without
resorting to manual probing of each newly added value.
Cherry-pick of ag/4052941 with minor conflicts in the imports.
Bug: 16207332
Test: atest com.android.cts.net.HostsideVpnTests
Change-Id: Ia764b3412bf834890612378e0c3846913f4e0a06
Merged-In: Ie5cd22cfa2b6a60510fd1e31d7ebcd8f6cc890a0
Merged-In: If07e77c92046807235229a4f67ee087bdd7bccf1
P introduced setSSID, UIDs and unwanted capabilities.
None of these exhibit commutative behavior through combineCapabilities
because their semantics don't allow it. Therefore
NetworkRequest.setCapabilities() is badly broken around any of
these. Look at the comments in the new tests to realize the
extent of the damage.
Clean cherry-pick of ag/4083952
Bug: 79748782
Test: new tests written, old tests pass
Change-Id: Iafe074126132a82af37f4bf056c4a7b8d56bdc83
Merged-In: Ia5bebf8a233775367bbf1b788870528934ecbcfb
Merged-In: I13d7782a6c0c7b1f94137995bbb0d257a58d89c1
Per API council feedback remove unwanted capaibility from public API
java docs
Clean cherry-pick from ag/3868438
Bug: 77601789
Test: make docs
Test: build and flash
Change-Id: I4f3b8b558e8dab2bcc9ef4cc6cfc3135c264c291
Merged-In: I7fef43cce3cfe17dae6a5e4f564ad8857371502a
Merged-In: Ib02988daf44dabfaef7a0b788385b7f7c655b8b2
If you put values into the Builder, you should be able to observe
those values on the built object.
Clean cherry-pick of ag/3813257
Test: atest android.net.cts.NetworkRequestTest
Bug: 74945408
Change-Id: Ib28de279efb8b33ab46aa64f580e10fe5f8720e3
Merged-In: I0d090ebb7d57689a061badcf593ae9a37d88f7ce
Merged-In: I539184f7385c1f288cfb77be8307e4463e07e9e6
Some system apps should be able to request OEM_PAID networks. This
makes a lot of sense when Android is used as in-vehicle infotainment
systems.
Clean cherry-pick of ag/3782591
Bug: 68762530
Test: runtest -x frameworks/base/tests/net/ -c android.net.NetworkCapabilitiesTest
Change-Id: I306f060c5a386ff4b82cd99a03dc037ce60ded6a
Merged-In: Ic164c4a29cd449a31b2f1c12c8c345bcc5dc77fa
Merged-In: I6e9c4130db23a4f1c89ce7e9071ae519a2b0b7ec
When NFC event transaction intent is sent,
the device shows AID information on logcat.
But such information should not be shown for security reasons.
Test: Send NFC EventTransaction and check logcat
Bug: 80551185
Change-Id: I8d1f9c1946bb1514e3a6bfa70fff03be4525d6b5
NTP may be necessary in order to validate Private DNS certificates,
so it should be allowed to bypass Private DNS.
Test: as follows
- built, flashed, booted
- tcpdump for port 53; adb shell am restart
queries for the NTP hostname appear in the clear
- runtest frameworks-net passes
Bug: 64133961
Bug: 80118648
Merged-In: I4655e3ce5691098c73bf070b8a9e4759485bb17a
Merged-In: I327b816a9f472e94328232157a3b8887d17b0baf
Change-Id: Id9ceb3fcaaffb48cbbd4cd381d48cae991572c9e
(cherry picked from commit 7eccfeb9ca)
The probes allow testing for a configurable status code and location
header (regexes). They are disabled by default, so this CL is a
no-op unless the probe configurations are pushed.
Bug: b/79499239
Test: tests in CL pass, manual: captive portal login works
Merged-In: Iec7a74bbf2569a91e958c497200d77e8451cbf7b
Merged-In: Ia958815325d1466345e9626efc8f62fc9d08d774
(clean cherry-pick of pi-dev I785723aaed06054b9aa8ebff77803f23d7836db9)
Change-Id: I18b3f263fed08fa4fee20d5e88f3ec8647d7f835
This is necessary to resolve visibility issues for the next change.
Bug: b/79499239
Test: runtest frameworks-net
Merged-In: Ia48b32307a51a66f2672d7112f71166dd6db41b1
Merged-In: I5df7ee9f16bc6be4f02353d40a843a383dd4cbd9
(Clean cherry-pick of pi-dev I50bc96afe6ae88c8f58a693f0a4e821f1f9b3299)
Change-Id: I3c416c1a91ebfdf914fd528ff8ab73e3eb490562
Permits syncing over a specific network instead of the default for
the process. This was causing an issue with Android Wear devices
paired with iOS where the default network is bluetooth
(see b/32663274).
This CL is in support of ag/3776564
Bug: 32663274
Test: adb shell am instrument -e class android.net.SntpClientTest -w \
com.android.frameworks.coretests/android.support.test.runner.AndroidJUnitRunner
(cherry-pick of pi-dev Ic9fc169cf75457810d4992121d85d7642e350b90)
Merged-In: I339c77063c72a9d76a5c4cb17052e20fb6e045a6
Merged-In: I8dfd1cad99c63efdc14c174c19f094a61cdfc44f
Change-Id: I44df66688292b144ec7dfcdd9ae5d82489f82774
The test is failing because of lack of visibility (IllegalAccessError).
Also rename it to match the tested class, migrate to JUnit4, and remove
an old test that is unused (suppressed), relies on third-party servers
and is not a proper unit test (would try to make real network requests).
Test: test now passes
Change-Id: I5032a056df83d4f572d89860b52bd85a1993d9dc
This required advancing the IpManager to IpClient refactoring
(Bluetooth used IpManager and friends). Most importantly, the
Bluetooth code used WaitForProvisioningCallback, so this is
moved into IpClient proper now. Also: some more renaming
cleanup.
Test: as follows
- built
- flashed
- booted
- runtest frameworks-net passes
Bug: 62476366
Bug: 72663849
Change-Id: I9eee2a9d5c31cdd48a054a7edc3403584efb1864
This change forces Socket and DatagramSocket to populate the
SocketImpl, ensuring that the socket file descriptor can be
retrieved when applying Transport mode Transforms
This is done by calling getSoLinger(), triggering a getImpl(), which
triggers setImpl() if needed.
Bug: 77491294
Test: Added tests in IpSecManagerTest, ran on walleye
Change-Id: I40da08b031357710eb794e0f866aec5660c79594
Bug: 68762530
Exempt-From-Owner-Approval: OWNERS have approved, but gerrit doesn't see it
Test: runtest -x frameworks/base/tests/net/ -c android.net.NetworkCapabilitiesTest
Change-Id: Ieadef7c42634d890281543226203530fb18eb0a3
Instead of providing default truncation lengths (based on RFC or
otherwise), this change imposes a restriction that the truncation length
must be supplied for all auth or aead algorithms.
Bug: 77204048
Test: Updated tests, ran on walleye
Change-Id: I4a0e2e71aa97259e56f44e7c8a2ce53135708d97
Disallow the allocation of SPIs in the range
reserved for future use by RFC 4303.
Bug: 77205120
Test: runtest frameworks-net
Change-Id: I05e26ed34b5871f1a07d5bd7b58b79a64cd74b67
Usage stats corrections for 464xlat in NetworkStatsFactory are not applied
to tethered traffic. Add adjustments in NetworkStatsService. After
migrating external callers off NetworkStatsFactory, we will be able to
only apply adjustments in NetworkStatsService and remove stacked
interface tracking from NetworkStatsFactory.
Bug: 72107146
Fixes: 72107146
Test: runtest frameworks-net & manual - checked corrected network usage
Change-Id: I5ce450e616b4fddf21f2a491fe5d0c9e9f969bda
This change updates the getSocket() methods for IPsec to improve clarity
of the return types, both for public APIs, and internal-only methods.
Bug: 72473753
Test: APIs updated, CTS + unit tests ran.
Change-Id: I0afebd432c5d04c47c93daa1ce616d712aa323d7
Updates API documentation to mention that TCP sockets where transforms
are deactivated will not send FIN packets.
Bug: 74851550
Test: API updates only
Change-Id: I8169f221c8c747538a8bddfbf02dcc73c9337189
This will let ConnectivityService send the right callbacks to the
relevant apps.
Test: manual with apps
runtest frameworks-net
cts
new tests for this functionality
Bug: 67408339
Change-Id: I6f08efd9e73c7e191f833d7f307a3bf4c9e2f0b4
Useful for clients such as BatteryStats which currently rely
on NetworkStatsFactory. Data at that stage is incomplete as
it does not account for tethering, VT data and corresponding
464xlat corrections.
Test: runtest frameworks-net, CTS tests pass.
Change-Id: I763b77f601c827fd2963204694fb5b45425cc791
Bug: 73217368
Test: manual
Using Datally on work profile. Before this, enabling the VPN
does not show the key icon. After this it does.
Change-Id: I454eb8f3881a48af1b0187c2b14a2a399d3c2445
This CL adds NonNull annotations to a large
number of method returns and parameters as
part of API council feedback.
Bug: 72473424
Test: compilation (docstring-only change)
Change-Id: I2f865dde56fe12116c461ad98e9460bf1802ce18
