| c0c30eb6f377b1eefd57d1bfd908546ca92b527c |
|
05-Oct-2016 |
Neil Fuller <nfuller@google.com> |
Attempt to make NetworkSecurityPolicyTest less flaky
The test has been flaky on the ART build bots but it is not
clear why.
This change includes some tweaks to increase timeouts. It also
includes a switch to ExecutorService that tidies the code up
slightly but should have no effect on the semantics.
During testing it was noticed that an instance of
SocketHandler created by a test is not being closed: this has been
fixed.
Bug: 31258002
Test: Ran the test with vogar on device and host
Change-Id: I1fabf2f4b4e4a8e6606f49bc9cdfe57f5814ec9d
|
| 88e73140702b45b792f91edddfe41ca3e9310c04 |
|
26-Apr-2016 |
Chad Brubaker <cbrubaker@google.com> |
Expose CT enforcement through NetworkSecurityPolicy
Bug: 28746284
Change-Id: I8b7f567554ea2ceec012b75220ab5487d347b565
|
| b80fefa18b3a185422222cfad3c7210c4903c37f |
|
09-Dec-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add hostname aware isCleartextTrafficPermitted
By default it is equivalent to the non-hostname aware version.
Change-Id: I22b9ea277407846f9c333ce0cc37c25a2be1381e
|
| 4320ad12c5bb04819088e436a3537f46c59f9caf |
|
08-Dec-2015 |
Chad Brubaker <cbrubaker@google.com> |
Refactor NetworkSecurityPolicy to be pluggable
This allows us to keep the logic for the NetworkSecurityPolicy in the
framework instead of in libcore.
(cherry-picked from commit 7a6f1687cfa0929e68ac7813b7432259b8088b4d)
Change-Id: I4bf494f79c27729cb17d93d90a91319492270ce9
|
| 7a6f1687cfa0929e68ac7813b7432259b8088b4d |
|
08-Dec-2015 |
Chad Brubaker <cbrubaker@google.com> |
Refactor NetworkSecurityPolicy to be pluggable
This allows us to keep the logic for the NetworkSecurityPolicy in the
framework instead of in libcore.
Change-Id: I4bf494f79c27729cb17d93d90a91319492270ce9
|
| 5a0a80d050d1bc7da77af16b7b2ad8a94d8e9bf6 |
|
26-Mar-2015 |
Alex Klyubin <klyubin@google.com> |
Test NetworkSecurityPolicy effect on HTTP connections.
This adds CTS tests that assert that platform-provided URLConnection
instances that use cleartext HTTP honor the cleartext traffic policy
from NetworkSecurityPolicy.
Bug: 19215516
Change-Id: I79f5fce5e00434e96f4325c1aae65a573f10dcdd
|
| 2f4d25190a7d2cc8328a202417ca9077a02e6d9a |
|
23-Mar-2015 |
Alex Klyubin <klyubin@google.com> |
Add libcore.net.NetworkSecurityPolicy.
This hidden libcore API is to be used by bundled network stacks to
determine whether cleartext network traffic is permitted. These stacks
cannot directly use the public Android framework API
android.security.NetworkSecurityPolicy because the framework package
typically compile-time depends on the packages offering these bundled
network stacks.
As an example, this CL makes java.util.logging.SocketHandler and
platform-provided URLConnection instances for the FTP protocol honor
this new flag.
To avoid duplication, the intention is that framework's
android.security.NetworkSecurityPolicy implementaion will switch to
this new libcore API to store/retrive the state of framework's
NetworkSecurityPolicy class.
Bug: 19215516
Change-Id: I78e348458975d69c52918582a43db25df87e2a15
|