CTS to verify updating addresses of IPsec tunnels
Add CTS tests to verify migrating IPsec tunnels by
updating the existing IpSecTransforms
This commit also updates the input list of
the #getIpSecTunnelTestRunnable and #run method for
supporting the new tests.
Bug: 266149275
Test: atest IpSecManagerTunnelTest(new tests added)
Change-Id: If23c4268f56ab45a4443fa4435507b776bb5fbba
diff --git a/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java b/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java
index 5fc3068..da79158 100644
--- a/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java
+++ b/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java
@@ -76,6 +76,7 @@
import java.net.InetAddress;
import java.net.NetworkInterface;
+// TODO: b/268552823 Improve the readability of IpSecManagerTunnelTest
@RunWith(AndroidJUnit4.class)
@AppModeFull(reason = "MANAGE_TEST_NETWORKS permission can't be granted to instant apps")
public class IpSecManagerTunnelTest extends IpSecBaseTest {
@@ -83,11 +84,6 @@
private static final String TAG = IpSecManagerTunnelTest.class.getSimpleName();
- // Redefine this flag here so that IPsec code shipped in a mainline module can build on old
- // platforms before FEATURE_IPSEC_TUNNEL_MIGRATION API is released.
- private static final String FEATURE_IPSEC_TUNNEL_MIGRATION =
- "android.software.ipsec_tunnel_migration";
-
private static final InetAddress LOCAL_OUTER_4 = InetAddress.parseNumericAddress("192.0.2.1");
private static final InetAddress REMOTE_OUTER_4 = InetAddress.parseNumericAddress("192.0.2.2");
private static final InetAddress LOCAL_OUTER_6 =
@@ -263,14 +259,23 @@
*
* @param ipsecNetwork The IPsec Interface based Network for binding sockets on
* @param tunnelIface The IPsec tunnel interface that will be tested
- * @param underlyingTunUtils The utility of the IPsec tunnel interface's underlying TUN
- * network
- * @return the integer port of the inner socket if outbound, or 0 if inbound
- * IpSecTunnelTestRunnable
+ * @param tunUtils The utility of the IPsec tunnel interface's underlying TUN network
+ * @param inTunnelTransform The inbound tunnel mode transform
+ * @param outTunnelTransform The outbound tunnel mode transform
+ * @param localOuter The local address of the outer IP packet
+ * @param remoteOuter The remote address of the outer IP packet
+ * @param seqNum The expected sequence number of the inbound packet
* @throws Exception if any part of the test failed.
*/
public abstract int run(
- Network ipsecNetwork, IpSecTunnelInterface tunnelIface, TunUtils underlyingTunUtils)
+ Network ipsecNetwork,
+ IpSecTunnelInterface tunnelIface,
+ TunUtils tunUtils,
+ IpSecTransform inTunnelTransform,
+ IpSecTransform outTunnelTransform,
+ InetAddress localOuter,
+ InetAddress remoteOuter,
+ int seqNum)
throws Exception;
}
@@ -306,18 +311,28 @@
}
private interface IpSecTunnelTestRunnableFactory {
+ /**
+ * Build a IpSecTunnelTestRunnable.
+ *
+ * @param transportInTunnelMode indicate if there needs to be a transport mode transform
+ * inside the tunnel mode transform
+ * @param spi The IPsec SPI
+ * @param localInner The local address of the inner IP packet
+ * @param remoteInner The remote address of the inner IP packet
+ * @param inTransportTransform The inbound transport mode transform
+ * @param outTransportTransform The outbound transport mode transform
+ * @param encapPort The port of the UDP encapsulation socket
+ * @param innerSocketPort The inner socket port
+ */
IpSecTunnelTestRunnable getIpSecTunnelTestRunnable(
boolean transportInTunnelMode,
int spi,
InetAddress localInner,
InetAddress remoteInner,
- InetAddress localOuter,
- InetAddress remoteOuter,
IpSecTransform inTransportTransform,
IpSecTransform outTransportTransform,
int encapPort,
- int innerSocketPort,
- int expectedPacketSize)
+ int innerSocketPort)
throws Exception;
}
@@ -327,17 +342,21 @@
int spi,
InetAddress localInner,
InetAddress remoteInner,
- InetAddress localOuter,
- InetAddress remoteOuter,
IpSecTransform inTransportTransform,
IpSecTransform outTransportTransform,
int encapPort,
- int unusedInnerSocketPort,
- int expectedPacketSize) {
+ int unusedInnerSocketPort) {
return new IpSecTunnelTestRunnable() {
@Override
public int run(
- Network ipsecNetwork, IpSecTunnelInterface tunnelIface, TunUtils tunUtils)
+ Network ipsecNetwork,
+ IpSecTunnelInterface tunnelIface,
+ TunUtils tunUtils,
+ IpSecTransform inTunnelTransform,
+ IpSecTransform outTunnelTransform,
+ InetAddress localOuter,
+ InetAddress remoteOuter,
+ int seqNum)
throws Exception {
// Build a socket and send traffic
JavaUdpSocket socket = new JavaUdpSocket(localInner);
@@ -357,9 +376,14 @@
// Verify that an encrypted packet is sent. As of right now, checking encrypted
// body is not possible, due to the test not knowing some of the fields of the
// inner IP header (flow label, flags, etc)
+ int innerFamily = localInner instanceof Inet4Address ? AF_INET : AF_INET6;
+ int outerFamily = localOuter instanceof Inet4Address ? AF_INET : AF_INET6;
+ boolean useEncap = encapPort != 0;
+ int expectedPacketSize =
+ getPacketSize(
+ innerFamily, outerFamily, useEncap, transportInTunnelMode);
tunUtils.awaitEspPacketNoPlaintext(
- spi, TEST_DATA, encapPort != 0, expectedPacketSize);
-
+ spi, TEST_DATA, useEncap, expectedPacketSize);
socket.close();
return innerSocketPort;
@@ -375,18 +399,22 @@
int spi,
InetAddress localInner,
InetAddress remoteInner,
- InetAddress localOuter,
- InetAddress remoteOuter,
IpSecTransform inTransportTransform,
IpSecTransform outTransportTransform,
int encapPort,
- int innerSocketPort,
- int expectedPacketSize)
+ int innerSocketPort)
throws Exception {
return new IpSecTunnelTestRunnable() {
@Override
public int run(
- Network ipsecNetwork, IpSecTunnelInterface tunnelIface, TunUtils tunUtils)
+ Network ipsecNetwork,
+ IpSecTunnelInterface tunnelIface,
+ TunUtils tunUtils,
+ IpSecTransform inTunnelTransform,
+ IpSecTransform outTunnelTransform,
+ InetAddress localOuter,
+ InetAddress remoteOuter,
+ int seqNum)
throws Exception {
// Build a socket and receive traffic
JavaUdpSocket socket = new JavaUdpSocket(localInner, innerSocketPort);
@@ -420,18 +448,22 @@
int spi,
InetAddress localInner,
InetAddress remoteInner,
- InetAddress localOuter,
- InetAddress remoteOuter,
IpSecTransform inTransportTransform,
IpSecTransform outTransportTransform,
int encapPort,
- int innerSocketPort,
- int expectedPacketSize)
+ int innerSocketPort)
throws Exception {
return new IpSecTunnelTestRunnable() {
@Override
public int run(
- Network ipsecNetwork, IpSecTunnelInterface tunnelIface, TunUtils tunUtils)
+ Network ipsecNetwork,
+ IpSecTunnelInterface tunnelIface,
+ TunUtils tunUtils,
+ IpSecTransform inTunnelTransform,
+ IpSecTransform outTunnelTransform,
+ InetAddress localOuter,
+ InetAddress remoteOuter,
+ int seqNum)
throws Exception {
// Build a socket and receive traffic
JavaUdpSocket socket = new JavaUdpSocket(localInner);
@@ -456,7 +488,8 @@
remoteOuter,
localOuter,
socket.getPort(),
- encapPort);
+ encapPort,
+ seqNum);
} else {
pkt =
getTunnelModePacket(
@@ -466,7 +499,8 @@
remoteOuter,
localOuter,
socket.getPort(),
- encapPort);
+ encapPort,
+ seqNum);
}
tunUtils.injectPacket(pkt);
@@ -498,17 +532,21 @@
int spi,
InetAddress localInner,
InetAddress remoteInner,
- InetAddress localOuter,
- InetAddress remoteOuter,
IpSecTransform inTransportTransform,
IpSecTransform outTransportTransform,
int encapPort,
- int unusedInnerSocketPort,
- int expectedPacketSize) {
+ int unusedInnerSocketPort) {
return new IpSecTunnelTestRunnable() {
@Override
public int run(
- Network ipsecNetwork, IpSecTunnelInterface tunnelIface, TunUtils tunUtils)
+ Network ipsecNetwork,
+ IpSecTunnelInterface tunnelIface,
+ TunUtils tunUtils,
+ IpSecTransform inTunnelTransform,
+ IpSecTransform outTunnelTransform,
+ InetAddress localOuter,
+ InetAddress remoteOuter,
+ int seqNum)
throws Exception {
mTestRunnableFactory
.getIpSecTunnelTestRunnable(
@@ -516,15 +554,19 @@
spi,
localInner,
remoteInner,
- localOuter,
- remoteOuter,
inTransportTransform,
outTransportTransform,
encapPort,
- unusedInnerSocketPort,
- expectedPacketSize)
- .run(ipsecNetwork, tunnelIface, sTunWrapper.utils);
-
+ unusedInnerSocketPort)
+ .run(
+ ipsecNetwork,
+ tunnelIface,
+ tunUtils,
+ inTunnelTransform,
+ outTunnelTransform,
+ localOuter,
+ remoteOuter,
+ seqNum);
tunnelIface.setUnderlyingNetwork(sTunWrapperNew.network);
// Verify migrating to IPv4 and IPv6 addresses. It ensures that not only
@@ -623,19 +665,143 @@
spi,
localInner,
remoteInner,
- localOuter,
- remoteOuter,
inTransportTransform,
outTransportTransform,
useEncap ? encapSocket.getPort() : 0,
- 0,
- expectedPacketSize)
- .run(ipsecNetwork, tunnelIface, tunUtils);
+ 0)
+ .run(
+ ipsecNetwork,
+ tunnelIface,
+ tunUtils,
+ inTransform,
+ outTransform,
+ localOuter,
+ remoteOuter,
+ 1 /* seqNum */);
}
}
}
}
+ private class MigrateTunnelModeIpSecTransformTestRunnableFactory
+ implements IpSecTunnelTestRunnableFactory {
+ private final IpSecTunnelTestRunnableFactory mTestRunnableFactory;
+
+ MigrateTunnelModeIpSecTransformTestRunnableFactory(boolean isOutputTest) {
+ if (isOutputTest) {
+ mTestRunnableFactory = new OutputIpSecTunnelTestRunnableFactory();
+ } else {
+ mTestRunnableFactory = new InputPacketGeneratorIpSecTunnelTestRunnableFactory();
+ }
+ }
+
+ @Override
+ public IpSecTunnelTestRunnable getIpSecTunnelTestRunnable(
+ boolean transportInTunnelMode,
+ int spi,
+ InetAddress localInner,
+ InetAddress remoteInner,
+ IpSecTransform inTransportTransform,
+ IpSecTransform outTransportTransform,
+ int encapPort,
+ int unusedInnerSocketPort) {
+ return new IpSecTunnelTestRunnable() {
+ @Override
+ public int run(
+ Network ipsecNetwork,
+ IpSecTunnelInterface tunnelIface,
+ TunUtils tunUtils,
+ IpSecTransform inTunnelTransform,
+ IpSecTransform outTunnelTransform,
+ InetAddress localOuter,
+ InetAddress remoteOuter,
+ int seqNum)
+ throws Exception {
+ final IpSecTunnelTestRunnable testRunnable =
+ mTestRunnableFactory.getIpSecTunnelTestRunnable(
+ transportInTunnelMode,
+ spi,
+ localInner,
+ remoteInner,
+ inTransportTransform,
+ outTransportTransform,
+ encapPort,
+ unusedInnerSocketPort);
+ testRunnable.run(
+ ipsecNetwork,
+ tunnelIface,
+ tunUtils,
+ inTunnelTransform,
+ outTunnelTransform,
+ localOuter,
+ remoteOuter,
+ seqNum++);
+
+ tunnelIface.setUnderlyingNetwork(sTunWrapperNew.network);
+ checkMigrateTunnelModeTransform(
+ testRunnable,
+ inTunnelTransform,
+ outTunnelTransform,
+ tunnelIface,
+ ipsecNetwork,
+ sTunWrapperNew.utils,
+ LOCAL_OUTER_4_NEW,
+ REMOTE_OUTER_4_NEW,
+ seqNum++);
+
+ // Only test migration to IPv6 in non-UDP Encapsulation case
+ if (encapPort == 0) {
+ checkMigrateTunnelModeTransform(
+ testRunnable,
+ inTunnelTransform,
+ outTunnelTransform,
+ tunnelIface,
+ ipsecNetwork,
+ sTunWrapperNew.utils,
+ LOCAL_OUTER_6_NEW,
+ REMOTE_OUTER_6_NEW,
+ seqNum++);
+ }
+
+ // Unused return value for MigrateTunnelModeIpSecTransformTest
+ return 0;
+ }
+ };
+ }
+
+ private void checkMigrateTunnelModeTransform(
+ IpSecTunnelTestRunnable testRunnable,
+ IpSecTransform inTunnelTransform,
+ IpSecTransform outTunnelTransform,
+ IpSecTunnelInterface tunnelIface,
+ Network ipsecNetwork,
+ TunUtils tunUtils,
+ InetAddress newLocalOuter,
+ InetAddress newRemoteOuter,
+ int seqNum)
+ throws Exception {
+ mISM.startTunnelModeTransformMigration(
+ inTunnelTransform, newRemoteOuter, newLocalOuter);
+ mISM.startTunnelModeTransformMigration(
+ outTunnelTransform, newLocalOuter, newRemoteOuter);
+
+ mISM.applyTunnelModeTransform(
+ tunnelIface, IpSecManager.DIRECTION_IN, inTunnelTransform);
+ mISM.applyTunnelModeTransform(
+ tunnelIface, IpSecManager.DIRECTION_OUT, outTunnelTransform);
+
+ testRunnable.run(
+ ipsecNetwork,
+ tunnelIface,
+ tunUtils,
+ inTunnelTransform,
+ outTunnelTransform,
+ newLocalOuter,
+ newRemoteOuter,
+ seqNum);
+ }
+ }
+
private void checkTunnelOutput(
int innerFamily, int outerFamily, boolean useEncap, boolean transportInTunnelMode)
throws Exception {
@@ -680,6 +846,28 @@
new MigrateIpSecTunnelTestRunnableFactory(false));
}
+ private void checkMigrateTunnelModeTransformOutput(
+ int innerFamily, int outerFamily, boolean useEncap, boolean transportInTunnelMode)
+ throws Exception {
+ checkTunnel(
+ innerFamily,
+ outerFamily,
+ useEncap,
+ transportInTunnelMode,
+ new MigrateTunnelModeIpSecTransformTestRunnableFactory(true /* isOutputTest */));
+ }
+
+ private void checkMigrateTunnelModeTransformInput(
+ int innerFamily, int outerFamily, boolean useEncap, boolean transportInTunnelMode)
+ throws Exception {
+ checkTunnel(
+ innerFamily,
+ outerFamily,
+ useEncap,
+ transportInTunnelMode,
+ new MigrateTunnelModeIpSecTransformTestRunnableFactory(false /* isOutputTest */));
+ }
+
/**
* Validates that the kernel can talk to itself.
*
@@ -719,22 +907,19 @@
spi,
localInner,
remoteInner,
- localOuter,
- remoteOuter,
inTransportTransform,
outTransportTransform,
useEncap ? encapSocket.getPort() : 0,
- 0,
- expectedPacketSize);
+ 0);
int innerSocketPort =
buildTunnelNetworkAndRunTests(
- localInner,
- remoteInner,
- localOuter,
- remoteOuter,
- spi,
- useEncap ? encapSocket : null,
- outputIpSecTunnelTestRunnable);
+ localInner,
+ remoteInner,
+ localOuter,
+ remoteOuter,
+ spi,
+ useEncap ? encapSocket : null,
+ outputIpSecTunnelTestRunnable);
// Input direction tests, with matching inner socket ports.
IpSecTunnelTestRunnable inputIpSecTunnelTestRunnable =
@@ -744,13 +929,10 @@
spi,
remoteInner,
localInner,
- localOuter,
- remoteOuter,
inTransportTransform,
outTransportTransform,
useEncap ? encapSocket.getPort() : 0,
- innerSocketPort,
- expectedPacketSize);
+ innerSocketPort);
buildTunnelNetworkAndRunTests(
remoteInner,
localInner,
@@ -805,13 +987,10 @@
spi,
localInner,
remoteInner,
- localOuter,
- remoteOuter,
inTransportTransform,
outTransportTransform,
useEncap ? encapSocket.getPort() : 0,
- 0,
- expectedPacketSize));
+ 0));
}
}
@@ -870,7 +1049,16 @@
mISM.applyTunnelModeTransform(
tunnelIface, IpSecManager.DIRECTION_OUT, outTransform);
- innerSocketPort = test.run(testNetwork, tunnelIface, sTunWrapper.utils);
+ innerSocketPort =
+ test.run(
+ testNetwork,
+ tunnelIface,
+ sTunWrapper.utils,
+ inTransform,
+ outTransform,
+ localOuter,
+ remoteOuter,
+ 1 /* seqNum */);
}
// Teardown the test network
@@ -909,13 +1097,14 @@
}
private EspHeader buildTransportModeEspPacket(
- int spi, InetAddress src, InetAddress dst, int port, Payload payload) throws Exception {
+ int spi, int seqNum, InetAddress src, InetAddress dst, Payload payload)
+ throws Exception {
IpHeader preEspIpHeader = getIpHeader(payload.getProtocolId(), src, dst, payload);
return new EspHeader(
payload.getProtocolId(),
spi,
- 1, // sequence number
+ seqNum,
CRYPT_KEY, // Same key for auth and crypt
payload.getPacketBytes(preEspIpHeader));
}
@@ -928,13 +1117,14 @@
InetAddress dstOuter,
int port,
int encapPort,
+ int seqNum,
Payload payload)
throws Exception {
IpHeader innerIp = getIpHeader(payload.getProtocolId(), srcInner, dstInner, payload);
return new EspHeader(
innerIp.getProtocolId(),
spi,
- 1, // sequence number
+ seqNum, // sequence number
CRYPT_KEY, // Same key for auth and crypt
innerIp.getPacketBytes());
}
@@ -958,13 +1148,14 @@
InetAddress srcOuter,
InetAddress dstOuter,
int port,
- int encapPort)
+ int encapPort,
+ int seqNum)
throws Exception {
UdpHeader udp = new UdpHeader(port, port, new BytePayload(TEST_DATA));
EspHeader espPayload =
buildTunnelModeEspPacket(
- spi, srcInner, dstInner, srcOuter, dstOuter, port, encapPort, udp);
+ spi, srcInner, dstInner, srcOuter, dstOuter, port, encapPort, seqNum, udp);
return maybeEncapPacket(srcOuter, dstOuter, encapPort, espPayload).getPacketBytes();
}
@@ -976,11 +1167,13 @@
InetAddress srcOuter,
InetAddress dstOuter,
int port,
- int encapPort)
+ int encapPort,
+ int seqNum)
throws Exception {
UdpHeader udp = new UdpHeader(port, port, new BytePayload(TEST_DATA));
- EspHeader espPayload = buildTransportModeEspPacket(spiInner, srcInner, dstInner, port, udp);
+ EspHeader espPayload =
+ buildTransportModeEspPacket(spiInner, seqNum, srcInner, dstInner, udp);
espPayload =
buildTunnelModeEspPacket(
spiOuter,
@@ -990,6 +1183,7 @@
dstOuter,
port,
encapPort,
+ seqNum,
espPayload);
return maybeEncapPacket(srcOuter, dstOuter, encapPort, espPayload).getPacketBytes();
}
@@ -998,13 +1192,19 @@
int innerFamily, int outerFamily, boolean useEncap, boolean transportInTunnelMode)
throws Exception {
assumeTrue(mCtsNetUtils.hasIpsecTunnelsFeature());
- checkTunnelOutput(innerFamily, outerFamily, useEncap, transportInTunnelMode);
- checkTunnelInput(innerFamily, outerFamily, useEncap, transportInTunnelMode);
+ checkMigrateTunnelOutput(innerFamily, outerFamily, useEncap, transportInTunnelMode);
+ checkMigrateTunnelInput(innerFamily, outerFamily, useEncap, transportInTunnelMode);
}
- /** Checks if FEATURE_IPSEC_TUNNEL_MIGRATION is enabled on the device */
- private static boolean hasIpsecTunnelMigrateFeature() {
- return sContext.getPackageManager().hasSystemFeature(FEATURE_IPSEC_TUNNEL_MIGRATION);
+ private void doTestMigrateTunnelModeTransform(
+ int innerFamily, int outerFamily, boolean useEncap, boolean transportInTunnelMode)
+ throws Exception {
+ assumeTrue(mCtsNetUtils.hasIpsecTunnelsFeature());
+ assumeTrue(mCtsNetUtils.hasIpsecTunnelMigrateFeature());
+ checkMigrateTunnelModeTransformOutput(
+ innerFamily, outerFamily, useEncap, transportInTunnelMode);
+ checkMigrateTunnelModeTransformInput(
+ innerFamily, outerFamily, useEncap, transportInTunnelMode);
}
@IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
@@ -1012,28 +1212,7 @@
public void testHasIpSecTunnelMigrateFeature() throws Exception {
// FEATURE_IPSEC_TUNNEL_MIGRATION is required when VSR API is U/U+
if (getVsrApiLevel() > Build.VERSION_CODES.TIRAMISU) {
- assertTrue(hasIpsecTunnelMigrateFeature());
- }
- }
-
- @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
- @Test
- public void testMigrateTunnelModeTransform() throws Exception {
- assumeTrue(mCtsNetUtils.hasIpsecTunnelsFeature());
- assumeTrue(hasIpsecTunnelMigrateFeature());
-
- IpSecTransform.Builder transformBuilder = new IpSecTransform.Builder(sContext);
- transformBuilder.setEncryption(new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY));
- transformBuilder.setAuthentication(
- new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, AUTH_KEY, AUTH_KEY.length * 4));
- int spi = getRandomSpi(LOCAL_OUTER_4, REMOTE_OUTER_4);
-
- try (IpSecManager.SecurityParameterIndex outSpi =
- mISM.allocateSecurityParameterIndex(REMOTE_OUTER_4, spi);
- IpSecTransform outTunnelTransform =
- transformBuilder.buildTunnelModeTransform(LOCAL_INNER_4, outSpi)) {
- mISM.startTunnelModeTransformMigration(
- outTunnelTransform, LOCAL_OUTER_4_NEW, REMOTE_OUTER_4_NEW);
+ assertTrue(mCtsNetUtils.hasIpsecTunnelMigrateFeature());
}
}
@@ -1266,4 +1445,76 @@
assumeTrue(mCtsNetUtils.hasIpsecTunnelsFeature());
checkTunnelReflected(AF_INET6, AF_INET6, false, false);
}
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTransportInTunnelModeV4InV4() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET, AF_INET, false, true);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTransportInTunnelModeV6InV4() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET6, AF_INET, false, true);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTransportInTunnelModeV4InV6() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET, AF_INET6, false, true);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTransportInTunnelModeV6InV6() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET, AF_INET6, false, true);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTransportInTunnelModeV4InV4UdpEncap() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET, AF_INET, true, true);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTransportInTunnelModeV6InV4UdpEncap() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET6, AF_INET, true, true);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTunnelV4InV4() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET, AF_INET, false, false);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTunnelV6InV4() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET6, AF_INET, false, false);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTunnelV4InV6() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET, AF_INET6, false, false);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTunnelV6InV6() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET6, AF_INET6, false, false);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTunnelV4InV4UdpEncap() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET, AF_INET, true, false);
+ }
+
+ @IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+ @Test
+ public void testMigrateTransformTunnelV6InV4UdpEncap() throws Exception {
+ doTestMigrateTunnelModeTransform(AF_INET6, AF_INET, true, false);
+ }
}