Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fe975fea authored by Benedict Wong's avatar Benedict Wong Committed by evitayan
Browse files

Pass server address directly to IKE. 

This is a clean cherry-pick from aosp/1237528

This change updates the buildIkeSessionParams() method to use the new
IKE API that allows the VPN to pass the server address, and let IKE do
the DNS resolution.

Bug: 149356682
Test: FrameworksNetTests passing
Change-Id: Ic1077c6eb1f49bca9331e49555b3787cee02788c
parent 818dca1a

services/core/java/com/android/server/connectivity/Vpn.java

+3 −2
Original line number Diff line number Diff line
@@ -2357,10 +2357,11 @@ public class Vpn { 


                    // TODO: Remove the need for adding two unused addresses with

                    // IPsec tunnels.

                    final InetAddress address = InetAddress.getLocalHost();

                    mTunnelIface =

                            mIpSecManager.createIpSecTunnelInterface(

                                    ikeSessionParams.getServerAddress() /* unused */,

                                    ikeSessionParams.getServerAddress() /* unused */,

                                    address /* unused */,

                                    address /* unused */,

                                    network);

                    mNetd.setInterfaceUp(mTunnelIface.getInterfaceName());

services/core/java/com/android/server/connectivity/VpnIkev2Utils.java

+1 −5
Original line number Diff line number Diff line
@@ -85,16 +85,12 @@ import java.util.List; 
public class VpnIkev2Utils {

    static IkeSessionParams buildIkeSessionParams(

            @NonNull Context context, @NonNull Ikev2VpnProfile profile, @NonNull Network network) {

        // TODO(b/149356682): Update this based on new IKE API. Only numeric addresses supported

        //                    until then. All others throw IAE (caught by caller).

        final InetAddress serverAddr = InetAddresses.parseNumericAddress(profile.getServerAddr());

        final IkeIdentification localId = parseIkeIdentification(profile.getUserIdentity());

        final IkeIdentification remoteId = parseIkeIdentification(profile.getServerAddr());



        // TODO(b/149356682): Update this based on new IKE API.

        final IkeSessionParams.Builder ikeOptionsBuilder =

                new IkeSessionParams.Builder(context)

                        .setServerAddress(serverAddr)

                        .setServerHostname(profile.getServerAddr())

                        .setNetwork(network)

                        .setLocalIdentification(localId)

                        .setRemoteIdentification(remoteId);