Merge "Clean up for TetheringManager API change"
diff --git a/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java b/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
index c43d421..26397ef 100755
--- a/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
+++ b/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
@@ -20,6 +20,7 @@
import static android.system.OsConstants.*;
import android.annotation.Nullable;
+import android.content.ContentResolver;
import android.content.Context;
import android.content.Intent;
import android.content.pm.PackageManager;
@@ -33,6 +34,7 @@
import android.net.ProxyInfo;
import android.net.VpnService;
import android.net.wifi.WifiManager;
+import android.provider.Settings;
import android.os.ParcelFileDescriptor;
import android.os.Process;
import android.os.SystemProperties;
@@ -62,8 +64,11 @@
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
+import java.net.SocketException;
+import java.net.UnknownHostException;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
+import java.util.Objects;
import java.util.Random;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
@@ -95,6 +100,13 @@
*/
public class VpnTest extends InstrumentationTestCase {
+ // These are neither public nor @TestApi.
+ // TODO: add them to @TestApi.
+ private static final String PRIVATE_DNS_MODE_SETTING = "private_dns_mode";
+ private static final String PRIVATE_DNS_MODE_PROVIDER_HOSTNAME = "hostname";
+ private static final String PRIVATE_DNS_MODE_OPPORTUNISTIC = "opportunistic";
+ private static final String PRIVATE_DNS_SPECIFIER_SETTING = "private_dns_specifier";
+
public static String TAG = "VpnTest";
public static int TIMEOUT_MS = 3 * 1000;
public static int SOCKET_TIMEOUT_MS = 100;
@@ -112,6 +124,9 @@
final Object mLock = new Object();
final Object mLockShutdown = new Object();
+ private String mOldPrivateDnsMode;
+ private String mOldPrivateDnsSpecifier;
+
private boolean supportedHardware() {
final PackageManager pm = getInstrumentation().getContext().getPackageManager();
return !pm.hasSystemFeature("android.hardware.type.watch");
@@ -123,6 +138,7 @@
mNetwork = null;
mCallback = null;
+ storePrivateDnsSetting();
mDevice = UiDevice.getInstance(getInstrumentation());
mActivity = launchActivity(getInstrumentation().getTargetContext().getPackageName(),
@@ -137,6 +153,7 @@
@Override
public void tearDown() throws Exception {
+ restorePrivateDnsSetting();
mRemoteSocketFactoryClient.unbind();
if (mCallback != null) {
mCM.unregisterNetworkCallback(mCallback);
@@ -567,6 +584,95 @@
}
}
+ private ContentResolver getContentResolver() {
+ return getInstrumentation().getContext().getContentResolver();
+ }
+
+ private boolean isPrivateDnsInStrictMode() {
+ return PRIVATE_DNS_MODE_PROVIDER_HOSTNAME.equals(
+ Settings.Global.getString(getContentResolver(), PRIVATE_DNS_MODE_SETTING));
+ }
+
+ private void storePrivateDnsSetting() {
+ mOldPrivateDnsMode = Settings.Global.getString(getContentResolver(),
+ PRIVATE_DNS_MODE_SETTING);
+ mOldPrivateDnsSpecifier = Settings.Global.getString(getContentResolver(),
+ PRIVATE_DNS_SPECIFIER_SETTING);
+ }
+
+ private void restorePrivateDnsSetting() {
+ Settings.Global.putString(getContentResolver(), PRIVATE_DNS_MODE_SETTING,
+ mOldPrivateDnsMode);
+ Settings.Global.putString(getContentResolver(), PRIVATE_DNS_SPECIFIER_SETTING,
+ mOldPrivateDnsSpecifier);
+ }
+
+ // TODO: replace with CtsNetUtils.awaitPrivateDnsSetting in Q or above.
+ private void expectPrivateDnsHostname(final String hostname) throws Exception {
+ final NetworkRequest request = new NetworkRequest.Builder()
+ .removeCapability(NetworkCapabilities.NET_CAPABILITY_NOT_VPN)
+ .build();
+ final CountDownLatch latch = new CountDownLatch(1);
+ final NetworkCallback callback = new NetworkCallback() {
+ @Override
+ public void onLinkPropertiesChanged(Network network, LinkProperties lp) {
+ if (network.equals(mNetwork) &&
+ Objects.equals(lp.getPrivateDnsServerName(), hostname)) {
+ latch.countDown();
+ }
+ }
+ };
+
+ mCM.registerNetworkCallback(request, callback);
+
+ try {
+ assertTrue("Private DNS hostname was not " + hostname + " after " + TIMEOUT_MS + "ms",
+ latch.await(TIMEOUT_MS, TimeUnit.MILLISECONDS));
+ } finally {
+ mCM.unregisterNetworkCallback(callback);
+ }
+ }
+
+ private void setAndVerifyPrivateDns(boolean strictMode) throws Exception {
+ final ContentResolver cr = getInstrumentation().getContext().getContentResolver();
+ String privateDnsHostname;
+
+ if (strictMode) {
+ privateDnsHostname = "vpncts-nx.metric.gstatic.com";
+ Settings.Global.putString(cr, PRIVATE_DNS_SPECIFIER_SETTING, privateDnsHostname);
+ Settings.Global.putString(cr, PRIVATE_DNS_MODE_SETTING,
+ PRIVATE_DNS_MODE_PROVIDER_HOSTNAME);
+ } else {
+ Settings.Global.putString(cr, PRIVATE_DNS_MODE_SETTING, PRIVATE_DNS_MODE_OPPORTUNISTIC);
+ privateDnsHostname = null;
+ }
+
+ expectPrivateDnsHostname(privateDnsHostname);
+
+ String randomName = "vpncts-" + new Random().nextInt(1000000000) + "-ds.metric.gstatic.com";
+ if (strictMode) {
+ // Strict mode private DNS is enabled. DNS lookups should fail, because the private DNS
+ // server name is invalid.
+ try {
+ InetAddress.getByName(randomName);
+ fail("VPN DNS lookup should fail with private DNS enabled");
+ } catch (UnknownHostException expected) {
+ }
+ } else {
+ // Strict mode private DNS is disabled. DNS lookup should succeed, because the VPN
+ // provides no DNS servers, and thus DNS falls through to the default network.
+ assertNotNull("VPN DNS lookup should succeed with private DNS disabled",
+ InetAddress.getByName(randomName));
+ }
+ }
+
+ // Tests that strict mode private DNS is used on VPNs.
+ private void checkStrictModePrivateDns() throws Exception {
+ final boolean initialMode = isPrivateDnsInStrictMode();
+ setAndVerifyPrivateDns(!initialMode);
+ setAndVerifyPrivateDns(initialMode);
+ }
+
public void testDefault() throws Exception {
if (!supportedHardware()) return;
// If adb TCP port opened, this test may running by adb over network.
@@ -598,6 +704,9 @@
assertSocketClosed(fd, TEST_HOST);
checkTrafficOnVpn();
+
+ checkStrictModePrivateDns();
+
receiver.unregisterQuietly();
}
@@ -615,6 +724,8 @@
assertSocketClosed(fd, TEST_HOST);
checkTrafficOnVpn();
+
+ checkStrictModePrivateDns();
}
public void testAppDisallowed() throws Exception {
diff --git a/tests/cts/net/ipsec/OWNERS b/tests/cts/net/ipsec/OWNERS
new file mode 100644
index 0000000..26407ff
--- /dev/null
+++ b/tests/cts/net/ipsec/OWNERS
@@ -0,0 +1,3 @@
+lorenzo@google.com
+nharold@google.com
+satk@google.com
diff --git a/tests/cts/net/src/android/net/cts/IpConfigurationTest.java b/tests/cts/net/src/android/net/cts/IpConfigurationTest.java
new file mode 100644
index 0000000..21be351
--- /dev/null
+++ b/tests/cts/net/src/android/net/cts/IpConfigurationTest.java
@@ -0,0 +1,151 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.net.cts;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+
+import android.net.IpConfiguration;
+import android.net.LinkAddress;
+import android.net.ProxyInfo;
+import android.net.StaticIpConfiguration;
+
+import androidx.test.runner.AndroidJUnit4;
+
+import libcore.net.InetAddressUtils;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import java.net.InetAddress;
+import java.util.ArrayList;
+
+@RunWith(AndroidJUnit4.class)
+public final class IpConfigurationTest {
+ private static final int TYPE_IPASSIGNMENT_STATIC = 0;
+ private static final int TYPE_IPASSIGNMENT_DHCP = 1;
+
+ private static final int TYPE_PROXY_SETTINGS_NONE = 0;
+ private static final int TYPE_PROXY_SETTINGS_STATIC = 1;
+ private static final int TYPE_PROXY_SETTINGS_PAC = 2;
+
+ private static final LinkAddress LINKADDR = new LinkAddress("192.0.2.2/25");
+ private static final InetAddress GATEWAY = InetAddressUtils.parseNumericAddress("192.0.2.1");
+ private static final InetAddress DNS1 = InetAddressUtils.parseNumericAddress("8.8.8.8");
+ private static final InetAddress DNS2 = InetAddressUtils.parseNumericAddress("8.8.4.4");
+ private static final String DOMAINS = "example.com";
+
+ private static final ArrayList<InetAddress> dnsServers = new ArrayList<>();
+
+ private StaticIpConfiguration mStaticIpConfig;
+ private ProxyInfo mProxy;
+
+ @Before
+ public void setUp() {
+ dnsServers.add(DNS1);
+ dnsServers.add(DNS2);
+ mStaticIpConfig = new StaticIpConfiguration.Builder()
+ .setIpAddress(LINKADDR)
+ .setGateway(GATEWAY)
+ .setDnsServers(dnsServers)
+ .setDomains(DOMAINS)
+ .build();
+
+ mProxy = ProxyInfo.buildDirectProxy("test", 8888);
+ }
+
+ @Test
+ public void testConstructor() {
+ IpConfiguration ipConfig = new IpConfiguration();
+ checkEmpty(ipConfig);
+ assertIpConfigurationEqual(ipConfig, new IpConfiguration());
+ assertIpConfigurationEqual(ipConfig, new IpConfiguration(ipConfig));
+
+ ipConfig = createIpConfiguration(TYPE_IPASSIGNMENT_STATIC,
+ TYPE_PROXY_SETTINGS_PAC);
+ assertIpConfigurationEqual(ipConfig, new IpConfiguration(ipConfig));
+
+ ipConfig = createIpConfiguration(TYPE_IPASSIGNMENT_STATIC,
+ TYPE_PROXY_SETTINGS_STATIC);
+ assertIpConfigurationEqual(ipConfig, new IpConfiguration(ipConfig));
+
+ ipConfig = createIpConfiguration(TYPE_IPASSIGNMENT_DHCP,
+ TYPE_PROXY_SETTINGS_PAC);
+ assertIpConfigurationEqual(ipConfig, new IpConfiguration(ipConfig));
+
+ ipConfig = createIpConfiguration(TYPE_IPASSIGNMENT_DHCP,
+ TYPE_PROXY_SETTINGS_STATIC);
+ assertIpConfigurationEqual(ipConfig, new IpConfiguration(ipConfig));
+
+ ipConfig = createIpConfiguration(TYPE_IPASSIGNMENT_DHCP,
+ TYPE_PROXY_SETTINGS_NONE);
+ assertIpConfigurationEqual(ipConfig, new IpConfiguration(ipConfig));
+ }
+
+ private void checkEmpty(IpConfiguration config) {
+ assertEquals(IpConfiguration.IpAssignment.UNASSIGNED,
+ config.getIpAssignment().UNASSIGNED);
+ assertEquals(IpConfiguration.ProxySettings.UNASSIGNED,
+ config.getProxySettings().UNASSIGNED);
+ assertNull(config.getStaticIpConfiguration());
+ assertNull(config.getHttpProxy());
+ }
+
+ private IpConfiguration createIpConfiguration(int ipAssignmentType,
+ int proxySettingType) {
+
+ final IpConfiguration ipConfig = new IpConfiguration();
+
+ switch (ipAssignmentType) {
+ case TYPE_IPASSIGNMENT_STATIC:
+ ipConfig.setIpAssignment(IpConfiguration.IpAssignment.STATIC);
+ break;
+ case TYPE_IPASSIGNMENT_DHCP:
+ ipConfig.setIpAssignment(IpConfiguration.IpAssignment.DHCP);
+ break;
+ default:
+ throw new IllegalArgumentException("Unknown ip assignment type.");
+ }
+
+ switch (proxySettingType) {
+ case TYPE_PROXY_SETTINGS_NONE:
+ ipConfig.setProxySettings(IpConfiguration.ProxySettings.NONE);
+ break;
+ case TYPE_PROXY_SETTINGS_STATIC:
+ ipConfig.setProxySettings(IpConfiguration.ProxySettings.STATIC);
+ break;
+ case TYPE_PROXY_SETTINGS_PAC:
+ ipConfig.setProxySettings(IpConfiguration.ProxySettings.PAC);
+ break;
+ default:
+ throw new IllegalArgumentException("Unknown proxy setting type.");
+ }
+
+ ipConfig.setStaticIpConfiguration(mStaticIpConfig);
+ ipConfig.setHttpProxy(mProxy);
+
+ return ipConfig;
+ }
+
+ private void assertIpConfigurationEqual(IpConfiguration source, IpConfiguration target) {
+ assertEquals(source.getIpAssignment(), target.getIpAssignment());
+ assertEquals(source.getProxySettings(), target.getProxySettings());
+ assertEquals(source.getHttpProxy(), target.getHttpProxy());
+ assertEquals(source.getStaticIpConfiguration(), target.getStaticIpConfiguration());
+ }
+}