From 8b9538df8f885739f2c804e911f09e5c36681874 Mon Sep 17 00:00:00 2001 From: Benedict Wong Date: Mon, 23 Mar 2020 13:56:36 -0700 Subject: Add negotiated DNS servers to VPN config This change plumbs the DNS servers through from the IkeSessionConfiguration. Previously the getInternalDnsServer() was not implemented. Bug: 152242520 Test: FrameworksNetTests passing Change-Id: Icd80b3688de2a39e222a4501787f8c54951c2ba0 Merged-In: Icd80b3688de2a39e222a4501787f8c54951c2ba0 (cherry picked from commit bd2763d977a4cad6f797f5378fc6db96e842dcf2) --- services/core/java/com/android/server/connectivity/Vpn.java | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java index 20ffd9f51d6e..5ecaf6a148aa 100644 --- a/services/core/java/com/android/server/connectivity/Vpn.java +++ b/services/core/java/com/android/server/connectivity/Vpn.java @@ -2248,12 +2248,16 @@ public class Vpn { final String interfaceName = mTunnelIface.getInterfaceName(); final int maxMtu = mProfile.getMaxMtu(); final List internalAddresses = childConfig.getInternalAddresses(); + final List dnsAddrStrings = new ArrayList<>(); final Collection newRoutes = VpnIkev2Utils.getRoutesFromTrafficSelectors( childConfig.getOutboundTrafficSelectors()); for (final LinkAddress address : internalAddresses) { mTunnelIface.addAddress(address.getAddress(), address.getPrefixLength()); } + for (InetAddress addr : childConfig.getInternalDnsServers()) { + dnsAddrStrings.add(addr.getHostAddress()); + } final NetworkAgent networkAgent; final LinkProperties lp; @@ -2269,7 +2273,9 @@ public class Vpn { mConfig.routes.clear(); mConfig.routes.addAll(newRoutes); - // TODO: Add DNS servers from negotiation + if (mConfig.dnsServers == null) mConfig.dnsServers = new ArrayList<>(); + mConfig.dnsServers.clear(); + mConfig.dnsServers.addAll(dnsAddrStrings); networkAgent = mNetworkAgent; -- cgit v1.2.3-59-g8ed1b From 399c1365c23d1ca580d5ce43b8c9136df60ae5e7 Mon Sep 17 00:00:00 2001 From: Benedict Wong Date: Thu, 26 Mar 2020 21:21:03 -0700 Subject: Make VpnProfile.maxMtu default value match Ikev2VpnProfile This change corrects the VpnProfile's maxMtu defaults to match that of the Ikev2VpnProfile. 1400 is too high as a default, and Settings will run into an issue here quite often. Bug: 152573931 Test: FrameworksNetTests passing Change-Id: I97ba5903b3cc1ed6a21c706ed3d78bd8ecbeee0c Merged-In: I97ba5903b3cc1ed6a21c706ed3d78bd8ecbeee0c (cherry picked from commit d0a44f49df01a1aefa505ee90c9806dee135b4e4) --- core/java/android/net/Ikev2VpnProfile.java | 2 +- core/java/android/net/PlatformVpnProfile.java | 3 +++ core/java/com/android/internal/net/VpnProfile.java | 9 +++++---- tests/net/java/com/android/internal/net/VpnProfileTest.java | 2 +- 4 files changed, 10 insertions(+), 6 deletions(-) diff --git a/core/java/android/net/Ikev2VpnProfile.java b/core/java/android/net/Ikev2VpnProfile.java index f19a3410d673..81d03f07d0be 100644 --- a/core/java/android/net/Ikev2VpnProfile.java +++ b/core/java/android/net/Ikev2VpnProfile.java @@ -562,7 +562,7 @@ public final class Ikev2VpnProfile extends PlatformVpnProfile { @NonNull private List mAllowedAlgorithms = new ArrayList<>(); private boolean mIsBypassable = false; private boolean mIsMetered = true; - private int mMaxMtu = 1360; + private int mMaxMtu = PlatformVpnProfile.MAX_MTU_DEFAULT; /** * Creates a new builder with the basic parameters of an IKEv2/IPsec VPN. diff --git a/core/java/android/net/PlatformVpnProfile.java b/core/java/android/net/PlatformVpnProfile.java index fbae63707be2..445ec91e4f46 100644 --- a/core/java/android/net/PlatformVpnProfile.java +++ b/core/java/android/net/PlatformVpnProfile.java @@ -59,6 +59,9 @@ public abstract class PlatformVpnProfile { public static final int TYPE_IKEV2_IPSEC_PSK = VpnProfile.TYPE_IKEV2_IPSEC_PSK; public static final int TYPE_IKEV2_IPSEC_RSA = VpnProfile.TYPE_IKEV2_IPSEC_RSA; + /** @hide */ + public static final int MAX_MTU_DEFAULT = 1360; + /** @hide */ @PlatformVpnType protected final int mType; diff --git a/core/java/com/android/internal/net/VpnProfile.java b/core/java/com/android/internal/net/VpnProfile.java index 23b1ab52cb21..829bd8a5a2a7 100644 --- a/core/java/com/android/internal/net/VpnProfile.java +++ b/core/java/com/android/internal/net/VpnProfile.java @@ -19,6 +19,7 @@ package com.android.internal.net; import android.annotation.NonNull; import android.compat.annotation.UnsupportedAppUsage; import android.net.Ikev2VpnProfile; +import android.net.PlatformVpnProfile; import android.net.ProxyInfo; import android.os.Build; import android.os.Parcel; @@ -131,10 +132,10 @@ public final class VpnProfile implements Cloneable, Parcelable { * delimiters) are not present in the algorithm names. See {@link #validateAllowedAlgorithms()} */ private List mAllowedAlgorithms = new ArrayList<>(); // 19 - public boolean isBypassable = false; // 20 - public boolean isMetered = false; // 21 - public int maxMtu = 1400; // 22 - public boolean areAuthParamsInline = false; // 23 + public boolean isBypassable = false; // 20 + public boolean isMetered = false; // 21 + public int maxMtu = PlatformVpnProfile.MAX_MTU_DEFAULT; // 22 + public boolean areAuthParamsInline = false; // 23 // Helper fields. @UnsupportedAppUsage diff --git a/tests/net/java/com/android/internal/net/VpnProfileTest.java b/tests/net/java/com/android/internal/net/VpnProfileTest.java index 8a4b53343c26..ceca6f028866 100644 --- a/tests/net/java/com/android/internal/net/VpnProfileTest.java +++ b/tests/net/java/com/android/internal/net/VpnProfileTest.java @@ -65,7 +65,7 @@ public class VpnProfileTest { assertTrue(p.getAllowedAlgorithms() != null && p.getAllowedAlgorithms().isEmpty()); assertFalse(p.isBypassable); assertFalse(p.isMetered); - assertEquals(1400, p.maxMtu); + assertEquals(1360, p.maxMtu); assertFalse(p.areAuthParamsInline); } -- cgit v1.2.3-59-g8ed1b