8dc1fd0237992e1d693376b4f6eea45e7447e9db |
|
05-Apr-2017 |
Nathan Harold <nharold@google.com> |
Add UDP Encap Socket Support to IpSecManager -Implement the UdpEncapsulationSocket -Convert all ManagedResources to use resourceIds -Rework ManagedResource to track resourceIds Bug: 30984788 Test: cts - IpSecManagerTest#testUdpEncapsulation() Change-Id: I7b1099c487051a8d951c1485791c4b6cef2deb1d
/frameworks/base/core/java/android/net/IpSecTransform.java
|
ac11ccb1f66d5dadb6c6fd1d47408e36c48c94ce |
|
25-Apr-2017 |
Nathan Harold <nharold@google.com> |
Hide IpSecManager, IpSecTransform, and IpSecAlgorithm These classes, originally planned to be part of the public API, are not ready for public consumption. They are planned to be un-hidden in a future release. Bug: 37681043 Test: make update-api and make Change-Id: I8caccd3f8455341cb56a2256354eacbadedff047
/frameworks/base/core/java/android/net/IpSecTransform.java
|
93962f34ce21f5aac825afbcebf2f3e8c7a30910 |
|
07-Mar-2017 |
Nathan Harold <nharold@google.com> |
Add Initial IPsec APIs to IpSecService -Plumb IpSecManager APIs to NetD -Add Resource Management to IpSecService Bug: 33695893 Test: CTS verifies nearly all of these paths Change-Id: Ic43965c6158f28cac53810adbf5cf50d2c54f920
/frameworks/base/core/java/android/net/IpSecTransform.java
|
48b566557d5a66d4476008b3c59b815eb78cb373 |
|
30-Mar-2017 |
Nathan Harold <nharold@google.com> |
IpSecManager and IpSecTransform API Cleanup -Remove Int-based SPI usage from the IpSecTransform.Builder This is essentially a less-safe method overload, and it is both unnecessary and difficult to implement: the cross-validation between SPI and Transform is actually useful, and the kernel requires two different mechanisms to use an unreserved vs a reserved (alloc'd) SPI: CREATESA vs UPDATESA, which makes this hard to support. API Council has questioned the value of this, and they are right: everything points to "remove this". In the future, if we find that SPI reservation is overhead, we can always add it back. -Hiding the TunnelMode builder method and application/remove methods. These will not land by the time the next API stabilizes, so better to hide them now that this is a near-certainty. Expectation is to un-hide them in the subsequent API bump. Bug: 36073210 Test: Compilation, verified nobody is calling these stubs Change-Id: Ic1a3f2cf7128633318ac175d6b56b45eb8d21cab
/frameworks/base/core/java/android/net/IpSecTransform.java
|
c4f879925b58b1b5ca9a3cfdc898c20cbf56355a |
|
29-Mar-2017 |
Nathan Harold <nharold@google.com> |
Change reserveSecurityParameterIndex() to take a remoteAddress To make the SPI reservation more semantically consistent with the transform creation API, and to ensure that we always create SPI reservations relative to a well-known remote, we should take the SPI request relative to a remote (rather than to a destination). This necessitates that we now consider direction separately, which is used for keying the SA-Id. Bug: 36073210 Test: compilation Change-Id: I81e955c20128c1f8e04fd68eb26669561f827a78
/frameworks/base/core/java/android/net/IpSecTransform.java
|
330e1089da80cddcd68758512370d217b19f8890 |
|
13-Jan-2017 |
Nathan Harold <nharold@google.com> |
Add API Surface for creating IpSec Transforms This CL adds an API to set up an IPSec Security Association and Security Policy to perform Transport-Mode and Tunnel-Mode encapuslation of IP Packets. Bug: 30984788 Bug: 34811752 Test: 34812052, 34811227 Change-Id: Ic9f63c7bb366302a24baa3e1b79020210910ac0a
/frameworks/base/core/java/android/net/IpSecTransform.java
|