Require MOBIKE for IkeSessionParams in VCN configs. (92959d67) · Commits · e / os / android_frameworks_base

core/java/android/net/vcn/VcnGatewayConnectionConfig.java

+8 −0

Original line number	Diff line number	Diff line
		@@ -15,6 +15,8 @@
		*/
		package android.net.vcn;

		import static android.net.ipsec.ike.IkeSessionParams.IKE_OPTION_MOBIKE;

		import static com.android.internal.annotations.VisibleForTesting.Visibility;

		import android.annotation.IntDef;
		@@ -433,6 +435,8 @@ public final class VcnGatewayConnectionConfig {
		* distinguish between VcnGatewayConnectionConfigs configured on a single {@link
		* VcnConfig}. This will be used as the identifier in VcnStatusCallback invocations.
		* @param tunnelConnectionParams the IKE tunnel connection configuration
		* @throws IllegalArgumentException if the provided IkeTunnelConnectionParams is not
		* configured to support MOBIKE
		* @see IkeTunnelConnectionParams
		* @see VcnManager.VcnStatusCallback#onGatewayConnectionError
		*/
		@@ -441,6 +445,10 @@ public final class VcnGatewayConnectionConfig {
		@NonNull IkeTunnelConnectionParams tunnelConnectionParams) {
		Objects.requireNonNull(gatewayConnectionName, "gatewayConnectionName was null");
		Objects.requireNonNull(tunnelConnectionParams, "tunnelConnectionParams was null");
		if (!tunnelConnectionParams.getIkeSessionParams().hasIkeOption(IKE_OPTION_MOBIKE)) {
		throw new IllegalArgumentException(
		"MOBIKE must be configured for the provided IkeSessionParams");
		}

		mGatewayConnectionName = gatewayConnectionName;
		mTunnelConnectionParams = tunnelConnectionParams;

+19 −0

Original line number	Diff line number	Diff line
		@@ -16,13 +16,17 @@

		package android.net.vcn;

		import static android.net.ipsec.ike.IkeSessionParams.IKE_OPTION_MOBIKE;

		import static org.junit.Assert.assertArrayEquals;
		import static org.junit.Assert.assertEquals;
		import static org.junit.Assert.assertTrue;
		import static org.junit.Assert.fail;

		import android.net.NetworkCapabilities;
		import android.net.ipsec.ike.IkeSessionParams;
		import android.net.ipsec.ike.IkeTunnelConnectionParams;
		import android.net.vcn.persistablebundleutils.IkeSessionParamsUtilsTest;
		import android.net.vcn.persistablebundleutils.TunnelConnectionParamsUtilsTest;

		import androidx.test.filters.SmallTest;
		@@ -119,6 +123,21 @@ public class VcnGatewayConnectionConfigTest {
		}
		}

		@Test
		public void testBuilderRequiresMobikeEnabled() {
		try {
		final IkeSessionParams ikeParams =
		IkeSessionParamsUtilsTest.createBuilderMinimum()
		.removeIkeOption(IKE_OPTION_MOBIKE)
		.build();
		final IkeTunnelConnectionParams tunnelParams =
		TunnelConnectionParamsUtilsTest.buildTestParams(ikeParams);
		new VcnGatewayConnectionConfig.Builder(GATEWAY_CONNECTION_NAME_PREFIX, tunnelParams);
		fail("Expected exception due to MOBIKE not enabled");
		} catch (IllegalArgumentException e) {
		}
		}

		@Test
		public void testBuilderRequiresNonEmptyExposedCaps() {
		try {

+3 −2

Original line number	Diff line number	Diff line
		@@ -52,8 +52,8 @@ import java.util.concurrent.TimeUnit;
		@RunWith(AndroidJUnit4.class)
		@SmallTest
		public class IkeSessionParamsUtilsTest {
		// Package private for use in EncryptedTunnelParamsUtilsTest
		static IkeSessionParams.Builder createBuilderMinimum() {
		// Public for use in VcnGatewayConnectionConfigTest, EncryptedTunnelParamsUtilsTest
		public static IkeSessionParams.Builder createBuilderMinimum() {
		final InetAddress serverAddress = InetAddresses.parseNumericAddress("192.0.2.100");

		// TODO: b/185941731 Make sure all valid IKE_OPTIONS are added and validated.
		@@ -63,6 +63,7 @@ public class IkeSessionParamsUtilsTest {
		.setLocalIdentification(new IkeFqdnIdentification("client.test.android.net"))
		.setRemoteIdentification(new IkeFqdnIdentification("server.test.android.net"))
		.addIkeOption(IkeSessionParams.IKE_OPTION_FORCE_PORT_4500)
		.addIkeOption(IkeSessionParams.IKE_OPTION_MOBIKE)
		.setAuthPsk("psk".getBytes());
		}

+7 −2

Original line number	Diff line number	Diff line
		@@ -18,6 +18,7 @@ package android.net.vcn.persistablebundleutils;

		import static org.junit.Assert.assertEquals;

		import android.net.ipsec.ike.IkeSessionParams;
		import android.net.ipsec.ike.IkeTunnelConnectionParams;

		import androidx.test.filters.SmallTest;
		@@ -31,9 +32,13 @@ import org.junit.runner.RunWith;
		public class TunnelConnectionParamsUtilsTest {
		// Public for use in VcnGatewayConnectionConfigTest
		public static IkeTunnelConnectionParams buildTestParams() {
		return buildTestParams(IkeSessionParamsUtilsTest.createBuilderMinimum().build());
		}

		// Public for use in VcnGatewayConnectionConfigTest
		public static IkeTunnelConnectionParams buildTestParams(IkeSessionParams params) {
		return new IkeTunnelConnectionParams(
		IkeSessionParamsUtilsTest.createBuilderMinimum().build(),
		TunnelModeChildSessionParamsUtilsTest.createBuilderMinimum().build());
		params, TunnelModeChildSessionParamsUtilsTest.createBuilderMinimum().build());
		}

		@Test