cts: fix android.net.cts.VpnServiceTest#testProtect_int flake
This is written based on observation that
testStartVpnProfileNoPreviousConsent()
appears to result in the right things happening when running
adb logcat | egrep --color -i 'Switched from |protect'
ie. it results in:
I netd : networkSetProtectDeny(<ctsappuid>) <0.01ms>
I Vpn : Switched from android.net.cts to [Legacy VPN]
I netd : networkSetProtectAllow(1000) <0.00ms>
Which disallows the CTS uid, and allows AID_SYSTEM.
That in turn appears to be the 'default' state of things.
So this basically copies that logic into tearDown()
Test: atest android.net.cts.{Ikev2VpnTest,VpnServiceTest} --iterations 2
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ic9cca56097d78ae48157e808081de2ebb76635e8
diff --git a/tests/cts/net/src/android/net/cts/Ikev2VpnTest.java b/tests/cts/net/src/android/net/cts/Ikev2VpnTest.java
index a3a65b6..6b7954a 100644
--- a/tests/cts/net/src/android/net/cts/Ikev2VpnTest.java
+++ b/tests/cts/net/src/android/net/cts/Ikev2VpnTest.java
@@ -216,6 +216,15 @@
}
setAppop(AppOpsManager.OP_ACTIVATE_VPN, false);
setAppop(AppOpsManager.OP_ACTIVATE_PLATFORM_VPN, false);
+
+ // Make sure the VpnProfile is not provisioned already.
+ sVpnMgr.stopProvisionedVpnProfile();
+
+ try {
+ sVpnMgr.startProvisionedVpnProfile();
+ fail("Expected SecurityException for missing consent");
+ } catch (SecurityException expected) {
+ }
}
/**