Merge "Change OtDaemonState ephemeralKeyExpiryMillis to ephemeralKeyLifetimeMillis" into main
diff --git a/common/thread_flags.aconfig b/common/thread_flags.aconfig
index 14b70d0..60120bc 100644
--- a/common/thread_flags.aconfig
+++ b/common/thread_flags.aconfig
@@ -35,3 +35,12 @@
description: "Controls whether the Android Thread Ephemeral Key feature is enabled"
bug: "348323500"
}
+
+flag {
+ name: "set_nat64_configuration_enabled"
+ is_exported: true
+ is_fixed_read_only: true
+ namespace: "thread_network"
+ description: "Controls whether the setConfiguration API of NAT64 feature is enabled"
+ bug: "368456504"
+}
diff --git a/framework-t/api/system-current.txt b/framework-t/api/system-current.txt
index 09a3681..08129eb 100644
--- a/framework-t/api/system-current.txt
+++ b/framework-t/api/system-current.txt
@@ -506,6 +506,13 @@
field @NonNull public static final android.os.Parcelable.Creator<android.net.thread.ThreadConfiguration> CREATOR;
}
+ @FlaggedApi("com.android.net.thread.flags.set_nat64_configuration_enabled") public static final class ThreadConfiguration.Builder {
+ ctor @FlaggedApi("com.android.net.thread.flags.set_nat64_configuration_enabled") public ThreadConfiguration.Builder();
+ ctor @FlaggedApi("com.android.net.thread.flags.set_nat64_configuration_enabled") public ThreadConfiguration.Builder(@NonNull android.net.thread.ThreadConfiguration);
+ method @FlaggedApi("com.android.net.thread.flags.set_nat64_configuration_enabled") @NonNull public android.net.thread.ThreadConfiguration build();
+ method @FlaggedApi("com.android.net.thread.flags.set_nat64_configuration_enabled") @NonNull public android.net.thread.ThreadConfiguration.Builder setNat64Enabled(boolean);
+ }
+
@FlaggedApi("com.android.net.thread.flags.thread_enabled") public final class ThreadNetworkController {
method @FlaggedApi("com.android.net.thread.flags.epskc_enabled") @RequiresPermission("android.permission.THREAD_NETWORK_PRIVILEGED") public void activateEphemeralKeyMode(@NonNull java.time.Duration, @NonNull java.util.concurrent.Executor, @NonNull android.os.OutcomeReceiver<java.lang.Void,android.net.thread.ThreadNetworkException>);
method public void createRandomizedDataset(@NonNull String, @NonNull java.util.concurrent.Executor, @NonNull android.os.OutcomeReceiver<android.net.thread.ActiveOperationalDataset,android.net.thread.ThreadNetworkException>);
@@ -520,6 +527,7 @@
method @RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE) public void registerStateCallback(@NonNull java.util.concurrent.Executor, @NonNull android.net.thread.ThreadNetworkController.StateCallback);
method @RequiresPermission("android.permission.THREAD_NETWORK_PRIVILEGED") public void scheduleMigration(@NonNull android.net.thread.PendingOperationalDataset, @NonNull java.util.concurrent.Executor, @NonNull android.os.OutcomeReceiver<java.lang.Void,android.net.thread.ThreadNetworkException>);
method @FlaggedApi("com.android.net.thread.flags.channel_max_powers_enabled") @RequiresPermission("android.permission.THREAD_NETWORK_PRIVILEGED") public void setChannelMaxPowers(@NonNull @Size(min=1) android.util.SparseIntArray, @NonNull java.util.concurrent.Executor, @NonNull android.os.OutcomeReceiver<java.lang.Void,android.net.thread.ThreadNetworkException>);
+ method @FlaggedApi("com.android.net.thread.flags.set_nat64_configuration_enabled") @RequiresPermission(android.Manifest.permission.THREAD_NETWORK_PRIVILEGED) public void setConfiguration(@NonNull android.net.thread.ThreadConfiguration, @NonNull java.util.concurrent.Executor, @NonNull android.os.OutcomeReceiver<java.lang.Void,android.net.thread.ThreadNetworkException>);
method @RequiresPermission("android.permission.THREAD_NETWORK_PRIVILEGED") public void setEnabled(boolean, @NonNull java.util.concurrent.Executor, @NonNull android.os.OutcomeReceiver<java.lang.Void,android.net.thread.ThreadNetworkException>);
method @FlaggedApi("com.android.net.thread.flags.configuration_enabled") @RequiresPermission(android.Manifest.permission.THREAD_NETWORK_PRIVILEGED) public void unregisterConfigurationCallback(@NonNull java.util.function.Consumer<android.net.thread.ThreadConfiguration>);
method @RequiresPermission(allOf={android.Manifest.permission.ACCESS_NETWORK_STATE, "android.permission.THREAD_NETWORK_PRIVILEGED"}) public void unregisterOperationalDatasetCallback(@NonNull android.net.thread.ThreadNetworkController.OperationalDatasetCallback);
diff --git a/networksecurity/service/src/com/android/server/net/ct/CertificateTransparencyDownloader.java b/networksecurity/service/src/com/android/server/net/ct/CertificateTransparencyDownloader.java
index b2ef345..fd73b29 100644
--- a/networksecurity/service/src/com/android/server/net/ct/CertificateTransparencyDownloader.java
+++ b/networksecurity/service/src/com/android/server/net/ct/CertificateTransparencyDownloader.java
@@ -15,6 +15,7 @@
*/
package com.android.server.net.ct;
+import android.annotation.NonNull;
import android.annotation.RequiresApi;
import android.app.DownloadManager;
import android.content.BroadcastReceiver;
@@ -31,10 +32,13 @@
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
+import java.security.InvalidKeyException;
import java.security.KeyFactory;
+import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
+import java.util.Optional;
/** Helper class to download certificate transparency log files. */
@RequiresApi(Build.VERSION_CODES.VANILLA_ICE_CREAM)
@@ -42,41 +46,23 @@
private static final String TAG = "CertificateTransparencyDownloader";
- // TODO: move key to a DeviceConfig flag.
- private static final byte[] PUBLIC_KEY_BYTES =
- Base64.getDecoder()
- .decode(
- "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsu0BHGnQ++W2CTdyZyxv"
- + "HHRALOZPlnu/VMVgo2m+JZ8MNbAOH2cgXb8mvOj8flsX/qPMuKIaauO+PwROMjiq"
- + "fUpcFm80Kl7i97ZQyBDYKm3MkEYYpGN+skAR2OebX9G2DfDqFY8+jUpOOWtBNr3L"
- + "rmVcwx+FcFdMjGDlrZ5JRmoJ/SeGKiORkbbu9eY1Wd0uVhz/xI5bQb0OgII7hEj+"
- + "i/IPbJqOHgB8xQ5zWAJJ0DmG+FM6o7gk403v6W3S8qRYiR84c50KppGwe4YqSMkF"
- + "bLDleGQWLoaDSpEWtESisb4JiLaY4H+Kk0EyAhPSb+49JfUozYl+lf7iFN3qRq/S"
- + "IXXTh6z0S7Qa8EYDhKGCrpI03/+qprwy+my6fpWHi6aUIk4holUCmWvFxZDfixox"
- + "K0RlqbFDl2JXMBquwlQpm8u5wrsic1ksIv9z8x9zh4PJqNpCah0ciemI3YGRQqSe"
- + "/mRRXBiSn9YQBUPcaeqCYan+snGADFwHuXCd9xIAdFBolw9R9HTedHGUfVXPJDiF"
- + "4VusfX6BRR/qaadB+bqEArF/TzuDUr6FvOR4o8lUUxgLuZ/7HO+bHnaPFKYHHSm+"
- + "+z1lVDhhYuSZ8ax3T0C3FZpb7HMjZtpEorSV5ElKJEJwrhrBCMOD8L01EoSPrGlS"
- + "1w22i9uGHMn/uGQKo28u7AsCAwEAAQ==");
-
private final Context mContext;
private final DataStore mDataStore;
private final DownloadHelper mDownloadHelper;
private final CertificateTransparencyInstaller mInstaller;
- private final byte[] mPublicKey;
+
+ @NonNull private Optional<PublicKey> mPublicKey = Optional.empty();
@VisibleForTesting
CertificateTransparencyDownloader(
Context context,
DataStore dataStore,
DownloadHelper downloadHelper,
- CertificateTransparencyInstaller installer,
- byte[] publicKey) {
+ CertificateTransparencyInstaller installer) {
mContext = context;
mDataStore = dataStore;
mDownloadHelper = downloadHelper;
mInstaller = installer;
- mPublicKey = publicKey;
}
CertificateTransparencyDownloader(Context context, DataStore dataStore) {
@@ -84,8 +70,7 @@
context,
dataStore,
new DownloadHelper(context),
- new CertificateTransparencyInstaller(),
- PUBLIC_KEY_BYTES);
+ new CertificateTransparencyInstaller());
}
void registerReceiver() {
@@ -98,6 +83,20 @@
}
}
+ void setPublicKey(String publicKey) throws GeneralSecurityException {
+ mPublicKey =
+ Optional.of(
+ KeyFactory.getInstance("RSA")
+ .generatePublic(
+ new X509EncodedKeySpec(
+ Base64.getDecoder().decode(publicKey))));
+ }
+
+ @VisibleForTesting
+ void resetPublicKey() {
+ mPublicKey = Optional.empty();
+ }
+
void startMetadataDownload(String metadataUrl) {
long downloadId = download(metadataUrl);
if (downloadId == -1) {
@@ -202,9 +201,11 @@
}
private boolean verify(Uri file, Uri signature) throws IOException, GeneralSecurityException {
+ if (!mPublicKey.isPresent()) {
+ throw new InvalidKeyException("Missing public key for signature verification");
+ }
Signature verifier = Signature.getInstance("SHA256withRSA");
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- verifier.initVerify(keyFactory.generatePublic(new X509EncodedKeySpec(mPublicKey)));
+ verifier.initVerify(mPublicKey.get());
ContentResolver contentResolver = mContext.getContentResolver();
try (InputStream fileStream = contentResolver.openInputStream(file);
diff --git a/networksecurity/service/src/com/android/server/net/ct/CertificateTransparencyFlagsListener.java b/networksecurity/service/src/com/android/server/net/ct/CertificateTransparencyFlagsListener.java
index a263546..914af06 100644
--- a/networksecurity/service/src/com/android/server/net/ct/CertificateTransparencyFlagsListener.java
+++ b/networksecurity/service/src/com/android/server/net/ct/CertificateTransparencyFlagsListener.java
@@ -23,6 +23,7 @@
import android.text.TextUtils;
import android.util.Log;
+import java.security.GeneralSecurityException;
import java.util.concurrent.Executors;
/** Listener class for the Certificate Transparency Phenotype flags. */
@@ -57,21 +58,35 @@
return;
}
+ String newPublicKey =
+ DeviceConfig.getString(
+ Config.NAMESPACE_NETWORK_SECURITY,
+ Config.FLAG_PUBLIC_KEY,
+ /* defaultValue= */ "");
String newVersion =
- DeviceConfig.getString(Config.NAMESPACE_NETWORK_SECURITY, Config.FLAG_VERSION, "");
+ DeviceConfig.getString(
+ Config.NAMESPACE_NETWORK_SECURITY,
+ Config.FLAG_VERSION,
+ /* defaultValue= */ "");
String newContentUrl =
DeviceConfig.getString(
- Config.NAMESPACE_NETWORK_SECURITY, Config.FLAG_CONTENT_URL, "");
+ Config.NAMESPACE_NETWORK_SECURITY,
+ Config.FLAG_CONTENT_URL,
+ /* defaultValue= */ "");
String newMetadataUrl =
DeviceConfig.getString(
- Config.NAMESPACE_NETWORK_SECURITY, Config.FLAG_METADATA_URL, "");
- if (TextUtils.isEmpty(newVersion)
+ Config.NAMESPACE_NETWORK_SECURITY,
+ Config.FLAG_METADATA_URL,
+ /* defaultValue= */ "");
+ if (TextUtils.isEmpty(newPublicKey)
+ || TextUtils.isEmpty(newVersion)
|| TextUtils.isEmpty(newContentUrl)
|| TextUtils.isEmpty(newMetadataUrl)) {
return;
}
if (Config.DEBUG) {
+ Log.d(TAG, "newPublicKey=" + newPublicKey);
Log.d(TAG, "newVersion=" + newVersion);
Log.d(TAG, "newContentUrl=" + newContentUrl);
Log.d(TAG, "newMetadataUrl=" + newMetadataUrl);
@@ -88,6 +103,13 @@
return;
}
+ try {
+ mCertificateTransparencyDownloader.setPublicKey(newPublicKey);
+ } catch (GeneralSecurityException e) {
+ Log.e(TAG, "Error setting the public Key", e);
+ return;
+ }
+
// TODO: handle the case where there is already a pending download.
mDataStore.setProperty(Config.VERSION_PENDING, newVersion);
diff --git a/networksecurity/service/src/com/android/server/net/ct/Config.java b/networksecurity/service/src/com/android/server/net/ct/Config.java
index 2a6b8e2..611a5c7 100644
--- a/networksecurity/service/src/com/android/server/net/ct/Config.java
+++ b/networksecurity/service/src/com/android/server/net/ct/Config.java
@@ -40,6 +40,7 @@
static final String FLAG_CONTENT_URL = FLAGS_PREFIX + "content_url";
static final String FLAG_METADATA_URL = FLAGS_PREFIX + "metadata_url";
static final String FLAG_VERSION = FLAGS_PREFIX + "version";
+ static final String FLAG_PUBLIC_KEY = FLAGS_PREFIX + "public_key";
// properties
static final String VERSION_PENDING = "version_pending";
diff --git a/networksecurity/tests/unit/src/com/android/server/net/ct/CertificateTransparencyDownloaderTest.java b/networksecurity/tests/unit/src/com/android/server/net/ct/CertificateTransparencyDownloaderTest.java
index a056c35..1aad028 100644
--- a/networksecurity/tests/unit/src/com/android/server/net/ct/CertificateTransparencyDownloaderTest.java
+++ b/networksecurity/tests/unit/src/com/android/server/net/ct/CertificateTransparencyDownloaderTest.java
@@ -48,9 +48,10 @@
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
+import java.security.PublicKey;
import java.security.Signature;
+import java.util.Base64;
/** Tests for the {@link CertificateTransparencyDownloader}. */
@RunWith(JUnit4.class)
@@ -60,18 +61,20 @@
@Mock private CertificateTransparencyInstaller mCertificateTransparencyInstaller;
private PrivateKey mPrivateKey;
+ private PublicKey mPublicKey;
private Context mContext;
private File mTempFile;
private DataStore mDataStore;
private CertificateTransparencyDownloader mCertificateTransparencyDownloader;
@Before
- public void setUp() throws IOException, NoSuchAlgorithmException {
+ public void setUp() throws IOException, GeneralSecurityException {
MockitoAnnotations.initMocks(this);
KeyPairGenerator instance = KeyPairGenerator.getInstance("RSA");
KeyPair keyPair = instance.generateKeyPair();
mPrivateKey = keyPair.getPrivate();
+ mPublicKey = keyPair.getPublic();
mContext = InstrumentationRegistry.getInstrumentation().getContext();
mTempFile = File.createTempFile("datastore-test", ".properties");
@@ -80,16 +83,13 @@
mCertificateTransparencyDownloader =
new CertificateTransparencyDownloader(
- mContext,
- mDataStore,
- mDownloadHelper,
- mCertificateTransparencyInstaller,
- keyPair.getPublic().getEncoded());
+ mContext, mDataStore, mDownloadHelper, mCertificateTransparencyInstaller);
}
@After
public void tearDown() {
mTempFile.delete();
+ mCertificateTransparencyDownloader.resetPublicKey();
}
@Test
@@ -155,6 +155,8 @@
long metadataId = 123;
File metadataFile = sign(logListFile);
Uri metadataUri = Uri.fromFile(metadataFile);
+ mCertificateTransparencyDownloader.setPublicKey(
+ Base64.getEncoder().encodeToString(mPublicKey.getEncoded()));
setUpDownloadComplete(version, metadataId, metadataUri, contentId, contentUri);
when(mCertificateTransparencyInstaller.install(any(), eq(version))).thenReturn(true);
@@ -212,6 +214,28 @@
assertThat(mDataStore.getProperty(Config.METADATA_URL)).isNull();
}
+ @Test
+ public void testDownloader_handleContentCompleteMissingVerificationPublicKey()
+ throws Exception {
+ String version = "666";
+ long contentId = 666;
+ File logListFile = File.createTempFile("log_list", "json");
+ Uri contentUri = Uri.fromFile(logListFile);
+ long metadataId = 123;
+ File metadataFile = sign(logListFile);
+ Uri metadataUri = Uri.fromFile(metadataFile);
+
+ setUpDownloadComplete(version, metadataId, metadataUri, contentId, contentUri);
+
+ mCertificateTransparencyDownloader.onReceive(
+ mContext, makeDownloadCompleteIntent(contentId));
+
+ verify(mCertificateTransparencyInstaller, never()).install(any(), eq(version));
+ assertThat(mDataStore.getProperty(Config.VERSION)).isNull();
+ assertThat(mDataStore.getProperty(Config.CONTENT_URL)).isNull();
+ assertThat(mDataStore.getProperty(Config.METADATA_URL)).isNull();
+ }
+
private Intent makeDownloadCompleteIntent(long downloadId) {
return new Intent(DownloadManager.ACTION_DOWNLOAD_COMPLETE)
.putExtra(DownloadManager.EXTRA_DOWNLOAD_ID, downloadId);
diff --git a/thread/framework/java/android/net/thread/ThreadConfiguration.java b/thread/framework/java/android/net/thread/ThreadConfiguration.java
index 1c25535..e6fa1ef 100644
--- a/thread/framework/java/android/net/thread/ThreadConfiguration.java
+++ b/thread/framework/java/android/net/thread/ThreadConfiguration.java
@@ -126,18 +126,29 @@
*
* @hide
*/
+ @FlaggedApi(Flags.FLAG_SET_NAT64_CONFIGURATION_ENABLED)
+ @SystemApi
public static final class Builder {
private boolean mNat64Enabled = false;
private boolean mDhcpv6PdEnabled = false;
- /** Creates a new {@link Builder} object with all features disabled. */
+ /**
+ * Creates a new {@link Builder} object with all features disabled.
+ *
+ * @hide
+ */
+ @FlaggedApi(Flags.FLAG_SET_NAT64_CONFIGURATION_ENABLED)
+ @SystemApi
public Builder() {}
/**
* Creates a new {@link Builder} object from a {@link ThreadConfiguration} object.
*
* @param config the Border Router configurations to be copied
+ * @hide
*/
+ @FlaggedApi(Flags.FLAG_SET_NAT64_CONFIGURATION_ENABLED)
+ @SystemApi
public Builder(@NonNull ThreadConfiguration config) {
Objects.requireNonNull(config);
@@ -150,7 +161,11 @@
*
* <p>Enabling this feature will allow Thread devices to connect to the internet/cloud over
* IPv4.
+ *
+ * @hide
*/
+ @FlaggedApi(Flags.FLAG_SET_NAT64_CONFIGURATION_ENABLED)
+ @SystemApi
@NonNull
public Builder setNat64Enabled(boolean enabled) {
this.mNat64Enabled = enabled;
@@ -162,6 +177,8 @@
*
* <p>Enabling this feature will allow Thread devices to connect to the internet/cloud over
* IPv6.
+ *
+ * @hide
*/
@NonNull
public Builder setDhcpv6PdEnabled(boolean enabled) {
@@ -169,7 +186,13 @@
return this;
}
- /** Creates a new {@link ThreadConfiguration} object. */
+ /**
+ * Creates a new {@link ThreadConfiguration} object.
+ *
+ * @hide
+ */
+ @FlaggedApi(Flags.FLAG_SET_NAT64_CONFIGURATION_ENABLED)
+ @SystemApi
@NonNull
public ThreadConfiguration build() {
return new ThreadConfiguration(this);
diff --git a/thread/framework/java/android/net/thread/ThreadNetworkController.java b/thread/framework/java/android/net/thread/ThreadNetworkController.java
index f82d211..bcef76c 100644
--- a/thread/framework/java/android/net/thread/ThreadNetworkController.java
+++ b/thread/framework/java/android/net/thread/ThreadNetworkController.java
@@ -750,15 +750,19 @@
* OutcomeReceiver#onResult} will be called, and the {@code configuration} will be applied and
* persisted to the device; the configuration changes can be observed by {@link
* #registerConfigurationCallback}. On failure, {@link OutcomeReceiver#onError} of {@code
- * receiver} will be invoked with a specific error.
+ * receiver} will be invoked with a specific error:
+ *
+ * <ul>
+ * <li>{@link ThreadNetworkException#ERROR_UNSUPPORTED_FEATURE} the configuration enables a
+ * feature which is not supported by the platform.
+ * </ul>
*
* @param configuration the configuration to set
* @param executor the executor to execute {@code receiver}
* @param receiver the receiver to receive result of this operation
- * @hide
*/
- // @FlaggedApi(ThreadNetworkFlags.FLAG_CONFIGURATION_ENABLED)
- // @RequiresPermission(permission.THREAD_NETWORK_PRIVILEGED)
+ @FlaggedApi(Flags.FLAG_SET_NAT64_CONFIGURATION_ENABLED)
+ @RequiresPermission(permission.THREAD_NETWORK_PRIVILEGED)
public void setConfiguration(
@NonNull ThreadConfiguration configuration,
@NonNull @CallbackExecutor Executor executor,
diff --git a/thread/service/java/com/android/server/thread/ThreadNetworkControllerService.java b/thread/service/java/com/android/server/thread/ThreadNetworkControllerService.java
index dbcea78..4e812fb 100644
--- a/thread/service/java/com/android/server/thread/ThreadNetworkControllerService.java
+++ b/thread/service/java/com/android/server/thread/ThreadNetworkControllerService.java
@@ -220,7 +220,6 @@
private boolean mUserRestricted;
private boolean mForceStopOtDaemonEnabled;
- private OtDaemonConfiguration mOtDaemonConfig;
private InfraLinkState mInfraLinkState;
@VisibleForTesting
@@ -249,7 +248,6 @@
// TODO: networkToLinkProperties should be shared with NsdPublisher, add a test/assert to
// verify they are the same.
mNetworkToLinkProperties = networkToLinkProperties;
- mOtDaemonConfig = new OtDaemonConfiguration.Builder().build();
mInfraLinkState = new InfraLinkState.Builder().build();
mPersistentSettings = persistentSettings;
mNsdPublisher = nsdPublisher;
@@ -346,6 +344,7 @@
otDaemon.initialize(
mTunIfController.getTunFd(),
shouldEnableThread(),
+ newOtDaemonConfig(mPersistentSettings.getConfiguration()),
mNsdPublisher,
getMeshcopTxtAttributes(mResources.get()),
mOtDaemonCallbackProxy,
@@ -556,22 +555,21 @@
public void setConfiguration(
@NonNull ThreadConfiguration configuration, @NonNull IOperationReceiver receiver) {
enforceAllPermissionsGranted(PERMISSION_THREAD_NETWORK_PRIVILEGED);
- mHandler.post(() -> setConfigurationInternal(configuration, receiver));
+ mHandler.post(
+ () ->
+ setConfigurationInternal(
+ configuration, new OperationReceiverWrapper(receiver)));
}
private void setConfigurationInternal(
@NonNull ThreadConfiguration configuration,
- @NonNull IOperationReceiver operationReceiver) {
+ @NonNull OperationReceiverWrapper receiver) {
checkOnHandlerThread();
LOG.i("Set Thread configuration: " + configuration);
final boolean changed = mPersistentSettings.putConfiguration(configuration);
- try {
- operationReceiver.onSuccess();
- } catch (RemoteException e) {
- // do nothing if the client is dead
- }
+ receiver.onSuccess();
if (changed) {
for (IConfigurationReceiver configReceiver : mConfigurationReceivers.keySet()) {
try {
@@ -581,7 +579,22 @@
}
}
}
- // TODO: set the configuration at ot-daemon
+ try {
+ getOtDaemon()
+ .setConfiguration(
+ newOtDaemonConfig(configuration),
+ new LoggingOtStatusReceiver("setConfiguration"));
+ } catch (RemoteException | ThreadNetworkException e) {
+ LOG.e("otDaemon.setConfiguration failed. Config: " + configuration, e);
+ }
+ }
+
+ private static OtDaemonConfiguration newOtDaemonConfig(
+ @NonNull ThreadConfiguration threadConfig) {
+ return new OtDaemonConfiguration.Builder()
+ .setNat64Enabled(threadConfig.isNat64Enabled())
+ .setDhcpv6PdEnabled(threadConfig.isDhcpv6PdEnabled())
+ .build();
}
@Override
@@ -764,19 +777,17 @@
+ ", localNetworkInfo: "
+ localNetworkInfo
+ "}");
- if (localNetworkInfo.getUpstreamNetwork() == null) {
+ mUpstreamNetwork = localNetworkInfo.getUpstreamNetwork();
+ if (mUpstreamNetwork == null) {
setInfraLinkState(newInfraLinkStateBuilder().build());
return;
}
- if (!localNetworkInfo.getUpstreamNetwork().equals(mUpstreamNetwork)) {
- mUpstreamNetwork = localNetworkInfo.getUpstreamNetwork();
- if (mNetworkToLinkProperties.containsKey(mUpstreamNetwork)) {
- setInfraLinkState(
- newInfraLinkStateBuilder(mNetworkToLinkProperties.get(mUpstreamNetwork))
- .build());
- }
- mNsdPublisher.setNetworkForHostResolution(mUpstreamNetwork);
+ if (mNetworkToLinkProperties.containsKey(mUpstreamNetwork)) {
+ setInfraLinkState(
+ newInfraLinkStateBuilder(mNetworkToLinkProperties.get(mUpstreamNetwork))
+ .build());
}
+ mNsdPublisher.setNetworkForHostResolution(mUpstreamNetwork);
}
}
@@ -1308,20 +1319,15 @@
}
private void setInfraLinkState(InfraLinkState newInfraLinkState) {
- if (mInfraLinkState.equals(newInfraLinkState)) {
- return;
+ if (!Objects.equals(mInfraLinkState, newInfraLinkState)) {
+ LOG.i("Infra link state changed: " + mInfraLinkState + " -> " + newInfraLinkState);
}
- LOG.i("Infra link state changed: " + mInfraLinkState + " -> " + newInfraLinkState);
-
setInfraLinkInterfaceName(newInfraLinkState.interfaceName);
setInfraLinkNat64Prefix(newInfraLinkState.nat64Prefix);
mInfraLinkState = newInfraLinkState;
}
private void setInfraLinkInterfaceName(String newInfraLinkInterfaceName) {
- if (Objects.equals(mInfraLinkState.interfaceName, newInfraLinkInterfaceName)) {
- return;
- }
ParcelFileDescriptor infraIcmp6Socket = null;
if (newInfraLinkInterfaceName != null) {
try {
@@ -1342,9 +1348,6 @@
}
private void setInfraLinkNat64Prefix(@Nullable String newNat64Prefix) {
- if (Objects.equals(mInfraLinkState.nat64Prefix, newNat64Prefix)) {
- return;
- }
try {
getOtDaemon()
.setInfraLinkNat64Prefix(
@@ -1477,11 +1480,6 @@
return builder.build();
}
- private static OtDaemonConfiguration.Builder newOtDaemonConfigBuilder(
- OtDaemonConfiguration config) {
- return new OtDaemonConfiguration.Builder();
- }
-
private static InfraLinkState.Builder newInfraLinkStateBuilder() {
return new InfraLinkState.Builder().setInterfaceName("");
}
diff --git a/thread/tests/cts/src/android/net/thread/cts/ThreadNetworkControllerTest.java b/thread/tests/cts/src/android/net/thread/cts/ThreadNetworkControllerTest.java
index 1074609..d9ce9e1 100644
--- a/thread/tests/cts/src/android/net/thread/cts/ThreadNetworkControllerTest.java
+++ b/thread/tests/cts/src/android/net/thread/cts/ThreadNetworkControllerTest.java
@@ -182,6 +182,7 @@
@After
public void tearDown() throws Exception {
dropAllPermissions();
+ setEnabledAndWait(mController, true);
leaveAndWait(mController);
tearDownTestNetwork();
setConfigurationAndWait(mController, DEFAULT_CONFIG);
@@ -1150,15 +1151,9 @@
CompletableFuture<Void> setFuture2 = new CompletableFuture<>();
ConfigurationListener listener = new ConfigurationListener(mController);
ThreadConfiguration config1 =
- new ThreadConfiguration.Builder()
- .setNat64Enabled(true)
- .setDhcpv6PdEnabled(true)
- .build();
+ new ThreadConfiguration.Builder().setNat64Enabled(true).build();
ThreadConfiguration config2 =
- new ThreadConfiguration.Builder()
- .setNat64Enabled(false)
- .setDhcpv6PdEnabled(true)
- .build();
+ new ThreadConfiguration.Builder().setNat64Enabled(false).build();
try {
runAsShell(
diff --git a/thread/tests/integration/src/android/net/thread/BorderRoutingTest.java b/thread/tests/integration/src/android/net/thread/BorderRoutingTest.java
index 4a8462d8..3539331 100644
--- a/thread/tests/integration/src/android/net/thread/BorderRoutingTest.java
+++ b/thread/tests/integration/src/android/net/thread/BorderRoutingTest.java
@@ -29,6 +29,7 @@
import static android.net.thread.utils.IntegrationTestUtils.newPacketReader;
import static android.net.thread.utils.IntegrationTestUtils.pollForPacket;
import static android.net.thread.utils.IntegrationTestUtils.sendUdpMessage;
+import static android.net.thread.utils.IntegrationTestUtils.stopOtDaemon;
import static android.net.thread.utils.IntegrationTestUtils.waitFor;
import static android.system.OsConstants.ICMP_ECHO;
@@ -46,7 +47,6 @@
import static java.util.Objects.requireNonNull;
import android.content.Context;
-import android.net.InetAddresses;
import android.net.IpPrefix;
import android.net.LinkAddress;
import android.net.LinkProperties;
@@ -274,6 +274,28 @@
}
@Test
+ public void unicastRouting_otDaemonRestarts_borderRoutingWorks() throws Exception {
+ /*
+ * <pre>
+ * Topology:
+ * infra network Thread
+ * infra device -------------------- Border Router -------------- Full Thread device
+ * (Cuttlefish)
+ * </pre>
+ */
+
+ FullThreadDevice ftd = mFtds.get(0);
+ joinNetworkAndWaitForOmr(ftd, DEFAULT_DATASET);
+
+ stopOtDaemon();
+ ftd.waitForStateAnyOf(List.of("leader", "router", "child"), Duration.ofSeconds(40));
+
+ startInfraDeviceAndWaitForOnLinkAddr();
+ mInfraDevice.sendEchoRequest(ftd.getOmrAddress());
+ assertNotNull(pollForIcmpPacketOnInfraNetwork(ICMPV6_ECHO_REPLY_TYPE, ftd.getOmrAddress()));
+ }
+
+ @Test
@RequiresIpv6MulticastRouting
public void multicastRouting_ftdSubscribedMulticastAddress_infraLinkJoinsMulticastGroup()
throws Exception {
diff --git a/thread/tests/integration/src/android/net/thread/utils/IntegrationTestUtils.kt b/thread/tests/integration/src/android/net/thread/utils/IntegrationTestUtils.kt
index 3df74b0..7f31728 100644
--- a/thread/tests/integration/src/android/net/thread/utils/IntegrationTestUtils.kt
+++ b/thread/tests/integration/src/android/net/thread/utils/IntegrationTestUtils.kt
@@ -601,4 +601,12 @@
fun tearDownInfraNetwork(testNetworkTracker: TestNetworkTracker) {
runAsShell(MANAGE_TEST_NETWORKS) { testNetworkTracker.teardown() }
}
+
+ /**
+ * Stop the ot-daemon by shell command.
+ */
+ @JvmStatic
+ fun stopOtDaemon() {
+ runShellCommandOrThrow("stop ot-daemon")
+ }
}
diff --git a/thread/tests/unit/src/com/android/server/thread/ThreadNetworkControllerServiceTest.java b/thread/tests/unit/src/com/android/server/thread/ThreadNetworkControllerServiceTest.java
index b97e2b7..7ac404f 100644
--- a/thread/tests/unit/src/com/android/server/thread/ThreadNetworkControllerServiceTest.java
+++ b/thread/tests/unit/src/com/android/server/thread/ThreadNetworkControllerServiceTest.java
@@ -741,10 +741,7 @@
.setDhcpv6PdEnabled(false)
.build();
ThreadConfiguration config2 =
- new ThreadConfiguration.Builder()
- .setNat64Enabled(true)
- .setDhcpv6PdEnabled(true)
- .build();
+ new ThreadConfiguration.Builder().setNat64Enabled(true).build();
ThreadConfiguration config3 =
new ThreadConfiguration.Builder(config2).build(); // Same as config2