The current utilities map the higher-order bytes of ints to the
lower-order bytes of IPv4 addresses, which makes applying masks and
generating series of addresses confusing.
For example, the current utilities would convert 1.2.3.4 to 0x04030201,
or generate 0x0080ffff for a /17 subnet mask. The utilities in this CL
convert 1.2.3.4 to 0x01020304, and a /17 subnet mask is represented as
0xffff8000.
Includes tests for all the above methods and migration of
NetworkUtilsTest to JUnit4.
Test: added tests pass
Change-Id: I5f5aa2e6e3b054b66b9dc507dab64f41be9139b1
Some methods in SSLCertificateSocketFactory return connected sockets
and some return unconnected sockets. Be explicit in each method's
documentation about whether it returns a connected or unconnected
socket.
Bug: 37618511
Test: cts -m CtsNetTestCases -t android.net.cts.SSLCertificateSocketFactoryTest
Change-Id: Ia9c6c8bec15a2d3fbd0d86f8accff13627c79565
Users have requested access to the underlying certificate, which is
usually available (as all non-deprecated constructors set it) and can
give access to additional properties that are useful to developers,
allow them to validate it with an X509TrustManager, or otherwise use
it with APIs that take an X509Certificate object.
Bug: 111696337
Bug: 36984840
Test: cts -m CtsNetTestCases -t android.net.http
Change-Id: I6aebaa38fad683e09e095e5b5e2f3424694ec426
The only user of UriCodec is android.net.Uri so it can
be moved to android.net.
This change moves the UriCodecTest to the unit tests
and there is an associated change to Uri's CTS tests
to ensure we're testing public method behavior there too.
Test: make droid && make cts
Bug: 111055375
Change-Id: Id032f849b439adf3fd7cb1a3c8b234a5eec68fac
Also includes registering validation events as metrics.
Bug: b/111596247
Test: as follows:
- Built, flashed, booted
- Configured strict mode
- Connected to working WiFi, then WiFi with no connectivity
- Changed private DNS server to invalid value
- Re-connected to working WiFi
- adb shell dumpsys connectivity has PROBE_PRIVDNS events with success
and failures of the probe
Change-Id: I2691dffd60593fdeaedd22f7ec04a76029f6297c
As part of creating a full facade over OkHttp code there
are some changes to OkHttp-related classes that must be tracked.
See the related external/okhttp commit for details.
Some non-functional lint / WS changes have been made as part of this
change.
Test: Ran CtsLibcoreOkHttpTestCases entirely
Test: Ran CtsLibcoreTestCases entirely
Test: run cts-dev -m CtsNetTestCases -t android.net.http.cts.HttpResponseCacheTest
Bug: 111055375
Change-Id: I0b0ec21fa376ea33e2fa5486e203e92d3c3337cf
* changes:
Disable the AppOp Restriction for IpSec Tunnels
Rework Exception Handling for IpSecManager
Update IpSecManager to use InetAddress and prefixLen
Add AppOps Checks for MANAGE_IPSEC_TUNNELS
Add MANAGE_IPSEC_TUNNELS Permission
In order to properly support EOPNOTSUPP this CL
applies a consistent approach to handling Exceptions.
Hereafter, all exceptions that aren't of a special
method-specific type (such as SpiUnavailableException)
will all be returned to the calling process unchanged.
At the API call site, the ServiceSpecificException,
which is really an Errno, will be inspected and either
converted to an unchecked exception for types we know,
or it will be converted to an IOException in cases where
that method can return a checked exception. In cases
where we do not expect an errno, we will simply throw
a generic RuntimeException. This means all API calls
will now properly throw UnsupportedOperationException
and may be CTS tested accordingly.
Bug: 72420898
Test: runtest frameworks-net
Merged-In: I4a00e221618896223fcdb4b4279fb14cd14e34d8
Change-Id: I4a00e221618896223fcdb4b4279fb14cd14e34d8
(cherry picked from commit ddeb90aa9d)
LinkAddress constructors are currently @hide; this change updates
IpSecManager to use InetAddress and prefixLen, and then construct a
LinkAddress internally. LinkAddress is used over the binder interface to
IpSecService to ensure validity.
Bug: 77528639
Test: CTS, Java unit tests ran on walleye
Merged-In: I19e124adef6d9f4992d8293db3190bcf74c95848
Change-Id: I19e124adef6d9f4992d8293db3190bcf74c95848
(cherry picked from commit 3f2c54b782)
Adds support for a new AppOp to permit services to
use IpSec tunnel mode. The IpSecService now needs
a context so change the service mode to a cached
service rather than a static service.
Bug: 66955045
Test: runtest frameworks-net
Merged-In: I17a4a286225b432c3e15ea1587d946189931b4f4
Change-Id: I17a4a286225b432c3e15ea1587d946189931b4f4
(cherry picked from commit 592dadbd43)
Add a new MANAGE_IPSEC_TUNNELS permission and
protect all IPsec Tunnel mode APIs with it.
This permission is only granted to the system or
through an AppOp.
Bug: 66955045
Test: compilation
Merged-In: I0f618373b500c493ef2211bece681f74652a1833
Change-Id: I0f618373b500c493ef2211bece681f74652a1833
(cherry picked from commit 159788455c)
* changes:
Let tests enumerate all transports/capabilities.
Destroy networks as soon as they are disconnected.
Fix a ConcurrentModificationException crash.
Unify behavior of various cases of "no underlying networks"
Fix: VPNs update caps upon underlying network disconnect.
Add tests for setUnderlyingNetworks.
Fix setCapabilities.
Fix SSID not being logged by the validation logs
Make sure getActiveNetwork is consistent with default callbacks
Add tests for getActiveNetwork.
Guard the SSID with NETWORK_SETTINGS
Add a new ssid field in NetworkCapabilities.
Notif manager and captive portal app to read SSID again
Remove unwanted capability from the java-doc
Actually @hide unwanted capability methods.
API council requested tweaks to NetworkRequest.
Add OEM_PAID capability to system api
add airplane mode shell commands to connectivity
Enable cleartext for captive portal apps
Expose CONNECTIVITY_ACTION to Instant Apps
fix isActiveNetworkMetered with VPNs
This gives them a way to collect all included values without
resorting to manual probing of each newly added value.
Cherry-pick of ag/4052941 with minor conflicts in the imports.
Bug: 16207332
Test: atest com.android.cts.net.HostsideVpnTests
Change-Id: Ia764b3412bf834890612378e0c3846913f4e0a06
Merged-In: Ie5cd22cfa2b6a60510fd1e31d7ebcd8f6cc890a0
Merged-In: If07e77c92046807235229a4f67ee087bdd7bccf1
P introduced setSSID, UIDs and unwanted capabilities.
None of these exhibit commutative behavior through combineCapabilities
because their semantics don't allow it. Therefore
NetworkRequest.setCapabilities() is badly broken around any of
these. Look at the comments in the new tests to realize the
extent of the damage.
Clean cherry-pick of ag/4083952
Bug: 79748782
Test: new tests written, old tests pass
Change-Id: Iafe074126132a82af37f4bf056c4a7b8d56bdc83
Merged-In: Ia5bebf8a233775367bbf1b788870528934ecbcfb
Merged-In: I13d7782a6c0c7b1f94137995bbb0d257a58d89c1
Per API council feedback remove unwanted capaibility from public API
java docs
Clean cherry-pick from ag/3868438
Bug: 77601789
Test: make docs
Test: build and flash
Change-Id: I4f3b8b558e8dab2bcc9ef4cc6cfc3135c264c291
Merged-In: I7fef43cce3cfe17dae6a5e4f564ad8857371502a
Merged-In: Ib02988daf44dabfaef7a0b788385b7f7c655b8b2
If you put values into the Builder, you should be able to observe
those values on the built object.
Clean cherry-pick of ag/3813257
Test: atest android.net.cts.NetworkRequestTest
Bug: 74945408
Change-Id: Ib28de279efb8b33ab46aa64f580e10fe5f8720e3
Merged-In: I0d090ebb7d57689a061badcf593ae9a37d88f7ce
Merged-In: I539184f7385c1f288cfb77be8307e4463e07e9e6
Some system apps should be able to request OEM_PAID networks. This
makes a lot of sense when Android is used as in-vehicle infotainment
systems.
Clean cherry-pick of ag/3782591
Bug: 68762530
Test: runtest -x frameworks/base/tests/net/ -c android.net.NetworkCapabilitiesTest
Change-Id: I306f060c5a386ff4b82cd99a03dc037ce60ded6a
Merged-In: Ic164c4a29cd449a31b2f1c12c8c345bcc5dc77fa
Merged-In: I6e9c4130db23a4f1c89ce7e9071ae519a2b0b7ec
When NFC event transaction intent is sent,
the device shows AID information on logcat.
But such information should not be shown for security reasons.
Test: Send NFC EventTransaction and check logcat
Bug: 80551185
Change-Id: I8d1f9c1946bb1514e3a6bfa70fff03be4525d6b5
NTP may be necessary in order to validate Private DNS certificates,
so it should be allowed to bypass Private DNS.
Test: as follows
- built, flashed, booted
- tcpdump for port 53; adb shell am restart
queries for the NTP hostname appear in the clear
- runtest frameworks-net passes
Bug: 64133961
Bug: 80118648
Merged-In: I4655e3ce5691098c73bf070b8a9e4759485bb17a
Merged-In: I327b816a9f472e94328232157a3b8887d17b0baf
Change-Id: Id9ceb3fcaaffb48cbbd4cd381d48cae991572c9e
(cherry picked from commit 7eccfeb9ca)
The probes allow testing for a configurable status code and location
header (regexes). They are disabled by default, so this CL is a
no-op unless the probe configurations are pushed.
Bug: b/79499239
Test: tests in CL pass, manual: captive portal login works
Merged-In: Iec7a74bbf2569a91e958c497200d77e8451cbf7b
Merged-In: Ia958815325d1466345e9626efc8f62fc9d08d774
(clean cherry-pick of pi-dev I785723aaed06054b9aa8ebff77803f23d7836db9)
Change-Id: I18b3f263fed08fa4fee20d5e88f3ec8647d7f835
This is necessary to resolve visibility issues for the next change.
Bug: b/79499239
Test: runtest frameworks-net
Merged-In: Ia48b32307a51a66f2672d7112f71166dd6db41b1
Merged-In: I5df7ee9f16bc6be4f02353d40a843a383dd4cbd9
(Clean cherry-pick of pi-dev I50bc96afe6ae88c8f58a693f0a4e821f1f9b3299)
Change-Id: I3c416c1a91ebfdf914fd528ff8ab73e3eb490562
