Add a new MANAGE_IPSEC_TUNNELS permission and
protect all IPsec Tunnel mode APIs with it.
This permission is only granted to the system or
through an AppOp.
Bug: 66955045
Test: compilation
Change-Id: I0f618373b500c493ef2211bece681f74652a1833
This CL adds NonNull annotations to a large
number of method returns and parameters as
part of API council feedback.
Bug: 72473424
Test: compilation (docstring-only change)
Merged-In: I2f865dde56fe12116c461ad98e9460bf1802ce18
Change-Id: I2f865dde56fe12116c461ad98e9460bf1802ce18
(cherry picked from commit 8fd26f67fd)
This CL adds NonNull annotations to a large
number of method returns and parameters as
part of API council feedback.
Bug: 72473424
Test: compilation (docstring-only change)
Change-Id: I2f865dde56fe12116c461ad98e9460bf1802ce18
When exposing the APIs, these were missed.
The outer structure is exposed, so this exposes
the addAddress and removeAddress methods.
Bug: 75234273
Test: compilation
Merged-In: I79911434f9baa660e4d8564cc59d80da4a710c42
Change-Id: I79911434f9baa660e4d8564cc59d80da4a710c42
(cherry picked from commit a83601a511)
This change adds implementation details for add/remove addresses onto a
VTI.
Bug: 73675031
Test: New tests added, passing on Walleye
Merged-In: Idde9d943a5285d2c13c5c6b0f7b8a9faf718e6a5
Change-Id: Idde9d943a5285d2c13c5c6b0f7b8a9faf718e6a5
(cherry picked from commit ecc9f7cc08)
Kernel limitations prevent auth-only SAs from being created. Explicitly
request a null encryption algorithm instead of omitting the algorithm
to comply with the kernel requirement for ESP.
Bug: 75049573
Test: CTS tests for auth-only, crypt-only transforms added for all
combinations of (UDP, TCP, IPv4, IPv6, UDP-encap) Also added unit
tests to ensure correct triggering of NULL_CRYPT usage.
Merged-In: Ia9a5cfee9c7786412846bc039f326420f6211c08
Change-Id: Ia9a5cfee9c7786412846bc039f326420f6211c08
(cherry picked from commit bf013a3820)
When exposing the APIs, these were missed.
The outer structure is exposed, so this exposes
the addAddress and removeAddress methods.
Bug: 75234273
Test: compilation
Change-Id: I79911434f9baa660e4d8564cc59d80da4a710c42
-Add anotations to usages of PolicyDirection for
apply...() methods.
-Update the comments on DIRECTION_IN and DIRECTION_OUT
to better reflect their current usage.
-Add a better explanation to the rekey procedure doc.
-Remove disused createTunnelInterface() stub.
Bug: 73751066
Test: make docs
Merged-In: I9f2ec864466148a18899f1e952c74a525902ccbc
Change-Id: I9f2ec864466148a18899f1e952c74a525902ccbc
(cherry picked from commit f4cdf25a90)
Kernel limitations prevent auth-only SAs from being created. Explicitly
request a null encryption algorithm instead of omitting the algorithm
to comply with the kernel requirement for ESP.
Bug: 75049573
Test: CTS tests for auth-only, crypt-only transforms added for all
combinations of (UDP, TCP, IPv4, IPv6, UDP-encap) Also added unit
tests to ensure correct triggering of NULL_CRYPT usage.
Change-Id: Ia9a5cfee9c7786412846bc039f326420f6211c08
-Add anotations to usages of PolicyDirection for
apply...() methods.
-Update the comments on DIRECTION_IN and DIRECTION_OUT
to better reflect their current usage.
-Add a better explanation to the rekey procedure doc.
-Remove disused createTunnelInterface() stub.
Bug: 73751066
Test: make docs
Change-Id: I9f2ec864466148a18899f1e952c74a525902ccbc
This change adds implementation details for add/remove addresses onto a
VTI.
Bug: 73675031
Test: New tests added, passing on Walleye
Change-Id: Idde9d943a5285d2c13c5c6b0f7b8a9faf718e6a5
getType, getTypeName, isConnectedOrConnecting, isConnected,
isAvaisable, isFailover, isRoaming, getState, getDetailedState,
getReason, and the TYPE_* constants in ConnectivityManager
along with methods that use them are now stacked on a boat
bound for the other side of the Styx.
Test: no code changes
Bug: 62844794
Change-Id: Idd70763de5b1af5580b4734cd443ac4b570069cc
getType, getTypeName, isConnectedOrConnecting, isConnected,
isAvaisable, isFailover, isRoaming, getState, getDetailedState,
getReason, and the TYPE_* constants in ConnectivityManager
along with methods that use them are now stacked on a boat
bound for the other side of the Styx.
Test: no code changes
Bug: 62844794
Change-Id: Idd70763de5b1af5580b4734cd443ac4b570069cc
We want to catch potential exceptions that occur when restoring
NetworkPolicy settings. Here, a DateTimeException can be thrown when
we try to read the recurrence rule from the backup data and cannot
parse a timezone.
We also add GTS tests to validate that these catches persist and that
we don't crash when given unexpected backup data to restore.
Bug: 73942796
Test: gts-tradefed run gts -m GtsBackupHostTestCases -t com.google.android.gts.backup.NetworkPolicyRestoreHostSideTest
Change-Id: I6f6ea09d2fff60b8d704c6160234e6f032321103
(cherry picked from commit 853097ca2c)
Addresses a long-standing TODO. Now, when calling IpClient's
startProvisioning(), the interface has to be available (i.e.
InterfaceParams#getByName() must return non-null).
Also:
- add a test
- refactor for testability
- delete some constructors no longer used
- properly handle passed-in null IpClient.Callback
- some more IpManager -> IpClient renaming
- permit recording metrics before starting a provisioning
attempt (logging immediate errors) without Log.wtf().
Test: as follows
- built
- flashed
- booted
- runtest frameworks/opt/net/wifi/tests/wifitests/runtests.sh passes
- runtest frameworks-net passes
- basic WiFi IpClient connections works fine
Bug: 62476366
Bug: 73487570
Merged-In: I68e5e24122dc31e730cdbe8d75e33847e6332da4
Merged-In: Ifd27f5d908947cd7b4e1b8d54f9fa87e43ebb11b
Merged-In: Ief3c8e1652f69af0276fe35946ae1bf6e6b1b57e
Change-Id: Ic83ad2a65637277dcb273feb27b2d1bb7a11eb2b
(cherry picked from commit b152cd0aa4)
Addresses a long-standing TODO. Now, when calling IpClient's
startProvisioning(), the interface has to be available (i.e.
InterfaceParams#getByName() must return non-null).
Also:
- add a test
- refactor for testability
- delete some constructors no longer used
- properly handle passed-in null IpClient.Callback
- some more IpManager -> IpClient renaming
- permit recording metrics before starting a provisioning
attempt (logging immediate errors) without Log.wtf().
Test: as follows
- built
- flashed
- booted
- runtest frameworks/opt/net/wifi/tests/wifitests/runtests.sh passes
- runtest frameworks-net passes
- basic WiFi IpClient connections works fine
Bug: 62476366
Bug: 73487570
Change-Id: Ic83ad2a65637277dcb273feb27b2d1bb7a11eb2b
