diff options
| author | 2017-04-02 00:26:41 +0000 | |
|---|---|---|
| committer | 2017-04-02 00:26:41 +0000 | |
| commit | 37f260f5d8d88b9339b9c53a889867eede4234a7 (patch) | |
| tree | 1807721d4e568f8bacbde4de8100a83df0a37629 | |
| parent | 7fb2305d9c16f676fd122c250358113b1e6d8a5c (diff) | |
| parent | 5eaf5393a5b8b1af17bfd9856b3b003fba617eb6 (diff) | |
IpSecManager and IpSecTransform API Cleanup am: 48b566557d
am: 5eaf5393a5
Change-Id: I30390e7341265cee055b38ba621f050e8be71f7e
| -rw-r--r-- | api/current.txt | 1 | ||||
| -rw-r--r-- | api/system-current.txt | 4 | ||||
| -rw-r--r-- | api/test-current.txt | 1 | ||||
| -rw-r--r-- | core/java/android/net/IpSecManager.java | 2 | ||||
| -rw-r--r-- | core/java/android/net/IpSecTransform.java | 30 |
5 files changed, 3 insertions, 35 deletions
diff --git a/api/current.txt b/api/current.txt index 12355f182f0d..39642219b780 100644 --- a/api/current.txt +++ b/api/current.txt @@ -23929,7 +23929,6 @@ package android.net { method public android.net.IpSecTransform.Builder setAuthentication(int, android.net.IpSecAlgorithm); method public android.net.IpSecTransform.Builder setEncryption(int, android.net.IpSecAlgorithm); method public android.net.IpSecTransform.Builder setIpv4Encapsulation(android.net.IpSecManager.UdpEncapsulationSocket, int); - method public android.net.IpSecTransform.Builder setSpi(int, int); method public android.net.IpSecTransform.Builder setSpi(int, android.net.IpSecManager.SecurityParameterIndex); } diff --git a/api/system-current.txt b/api/system-current.txt index 5a7856179211..9d4794da3c4e 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -25729,12 +25729,10 @@ package android.net { public final class IpSecManager { method public void applyTransportModeTransform(java.net.Socket, android.net.IpSecTransform) throws java.io.IOException; method public void applyTransportModeTransform(java.net.DatagramSocket, android.net.IpSecTransform) throws java.io.IOException; - method public void applyTunnelModeTransform(android.net.Network, android.net.IpSecTransform); method public android.net.IpSecManager.UdpEncapsulationSocket openUdpEncapsulationSocket(int) throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException; method public android.net.IpSecManager.UdpEncapsulationSocket openUdpEncapsulationSocket() throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException; method public void removeTransportModeTransform(java.net.Socket, android.net.IpSecTransform); method public void removeTransportModeTransform(java.net.DatagramSocket, android.net.IpSecTransform); - method public void removeTunnelModeTransform(android.net.Network, android.net.IpSecTransform); method public android.net.IpSecManager.SecurityParameterIndex reserveSecurityParameterIndex(int, java.net.InetAddress, int) throws android.net.IpSecManager.ResourceUnavailableException, android.net.IpSecManager.SpiUnavailableException; field public static final int INVALID_SECURITY_PARAMETER_INDEX = 0; // 0x0 } @@ -25766,12 +25764,10 @@ package android.net { public static class IpSecTransform.Builder { ctor public IpSecTransform.Builder(android.content.Context); method public android.net.IpSecTransform buildTransportModeTransform(java.net.InetAddress) throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException, android.net.IpSecManager.SpiUnavailableException; - method public android.net.IpSecTransform buildTunnelModeTransform(java.net.InetAddress, java.net.InetAddress); method public android.net.IpSecTransform.Builder setAuthentication(int, android.net.IpSecAlgorithm); method public android.net.IpSecTransform.Builder setEncryption(int, android.net.IpSecAlgorithm); method public android.net.IpSecTransform.Builder setIpv4Encapsulation(android.net.IpSecManager.UdpEncapsulationSocket, int); method public android.net.IpSecTransform.Builder setNattKeepalive(int); - method public android.net.IpSecTransform.Builder setSpi(int, int); method public android.net.IpSecTransform.Builder setSpi(int, android.net.IpSecManager.SecurityParameterIndex); method public android.net.IpSecTransform.Builder setUnderlyingNetwork(android.net.Network); } diff --git a/api/test-current.txt b/api/test-current.txt index 1d76d6afea1a..f6a97c35c8c9 100644 --- a/api/test-current.txt +++ b/api/test-current.txt @@ -24003,7 +24003,6 @@ package android.net { method public android.net.IpSecTransform.Builder setAuthentication(int, android.net.IpSecAlgorithm); method public android.net.IpSecTransform.Builder setEncryption(int, android.net.IpSecAlgorithm); method public android.net.IpSecTransform.Builder setIpv4Encapsulation(android.net.IpSecManager.UdpEncapsulationSocket, int); - method public android.net.IpSecTransform.Builder setSpi(int, int); method public android.net.IpSecTransform.Builder setSpi(int, android.net.IpSecManager.SecurityParameterIndex); } diff --git a/core/java/android/net/IpSecManager.java b/core/java/android/net/IpSecManager.java index 83f4cc97b8fa..3fcdb7e28cf7 100644 --- a/core/java/android/net/IpSecManager.java +++ b/core/java/android/net/IpSecManager.java @@ -197,7 +197,6 @@ public final class IpSecManager { * @param transform an {@link IpSecTransform}, which must be an active Tunnel Mode transform. * @hide */ - @SystemApi public void applyTunnelModeTransform(Network net, IpSecTransform transform) {} /** @@ -242,7 +241,6 @@ public final class IpSecManager { * network * @hide */ - @SystemApi public void removeTunnelModeTransform(Network net, IpSecTransform transform) {} /** diff --git a/core/java/android/net/IpSecTransform.java b/core/java/android/net/IpSecTransform.java index 5c0bbe6a1437..74d60106c083 100644 --- a/core/java/android/net/IpSecTransform.java +++ b/core/java/android/net/IpSecTransform.java @@ -305,32 +305,9 @@ public final class IpSecTransform implements AutoCloseable { * given destination address. * * <p>Care should be chosen when selecting an SPI to ensure that is is as unique as - * possible. Random number generation is a reasonable approach to selecting an SPI. For - * outbound SPIs, they must be reserved by calling {@link - * IpSecManager#reserveSecurityParameterIndex(int, InetAddress, int)}. Otherwise, Transforms will - * fail to build. - * - * <p>Unless an SPI is set for a given direction, traffic in that direction will be - * sent/received without any IPsec applied. - * - * @param direction either {@link #DIRECTION_IN or #DIRECTION_OUT} - * @param spi a unique 32-bit integer to identify transformed traffic - */ - public IpSecTransform.Builder setSpi(@TransformDirection int direction, int spi) { - mConfig.flow[direction].spi = spi; - return this; - } - - /** - * Set the SPI, which uniquely identifies a particular IPsec session from others. Because - * IPsec operates at the IP layer, this 32-bit identifier uniquely identifies packets to a - * given destination address. - * - * <p>Care should be chosen when selecting an SPI to ensure that is is as unique as - * possible. Random number generation is a reasonable approach to selecting an SPI. For - * outbound SPIs, they must be reserved by calling {@link - * IpSecManager#reserveSecurityParameterIndex(int, InetAddress, int)}. Otherwise, Transforms will - * fail to activate. + * possible. To reserve a value call {@link IpSecManager#reserveSecurityParameterIndex(int, + * InetAddress, int)}. Otherwise, SPI collisions would prevent a transform from being + * activated. IpSecManager#reserveSecurityParameterIndex(int, InetAddres$s, int)}. * * <p>Unless an SPI is set for a given direction, traffic in that direction will be * sent/received without any IPsec applied. @@ -447,7 +424,6 @@ public final class IpSecTransform implements AutoCloseable { * properties is invalid. * @hide */ - @SystemApi public IpSecTransform buildTunnelModeTransform( InetAddress localAddress, InetAddress remoteAddress) { //FIXME: argument validation here |