diff options
Diffstat (limited to 'tests/net/java/com/android/server/IpSecServiceParameterizedTest.java')
| -rw-r--r-- | tests/net/java/com/android/server/IpSecServiceParameterizedTest.java | 54 |
1 files changed, 50 insertions, 4 deletions
diff --git a/tests/net/java/com/android/server/IpSecServiceParameterizedTest.java b/tests/net/java/com/android/server/IpSecServiceParameterizedTest.java index 9b919abfa41d..4dc0341c8e2b 100644 --- a/tests/net/java/com/android/server/IpSecServiceParameterizedTest.java +++ b/tests/net/java/com/android/server/IpSecServiceParameterizedTest.java @@ -71,6 +71,9 @@ public class IpSecServiceParameterizedTest { private final LinkAddress mLocalInnerAddress; private final int mFamily; + private static final int[] ADDRESS_FAMILIES = + new int[] {AF_INET, AF_INET6}; + @Parameterized.Parameters public static Collection ipSecConfigs() { return Arrays.asList( @@ -196,6 +199,7 @@ public class IpSecServiceParameterizedTest { anyString(), eq(TEST_SPI), anyInt(), + anyInt(), anyInt()); // Verify quota and RefcountedResource objects cleaned up @@ -231,6 +235,7 @@ public class IpSecServiceParameterizedTest { anyString(), eq(TEST_SPI), anyInt(), + anyInt(), anyInt()); // Verify quota and RefcountedResource objects cleaned up @@ -304,7 +309,8 @@ public class IpSecServiceParameterizedTest { eq((authCrypt != null) ? authCrypt.getTruncationLengthBits() : 0), eq(config.getEncapType()), eq(encapSocketPort), - eq(config.getEncapRemotePort())); + eq(config.getEncapRemotePort()), + eq(config.getXfrmInterfaceId())); } @Test @@ -430,6 +436,7 @@ public class IpSecServiceParameterizedTest { anyString(), eq(TEST_SPI), anyInt(), + anyInt(), anyInt()); // quota is not released until the SPI is released by the Transform assertEquals(1, userRecord.mSpiQuotaTracker.mCurrent); @@ -452,6 +459,7 @@ public class IpSecServiceParameterizedTest { anyString(), eq(TEST_SPI), anyInt(), + anyInt(), anyInt()); // Verify quota and RefcountedResource objects cleaned up @@ -469,6 +477,7 @@ public class IpSecServiceParameterizedTest { anyString(), anyInt(), anyInt(), + anyInt(), anyInt()); assertEquals(0, userRecord.mSpiQuotaTracker.mCurrent); @@ -504,6 +513,7 @@ public class IpSecServiceParameterizedTest { anyString(), eq(TEST_SPI), anyInt(), + anyInt(), anyInt()); // Verify quota and RefcountedResource objects cleaned up @@ -572,11 +582,12 @@ public class IpSecServiceParameterizedTest { assertEquals(1, userRecord.mTunnelQuotaTracker.mCurrent); verify(mMockNetd) - .addVirtualTunnelInterface( + .ipSecAddTunnelInterface( eq(createTunnelResp.interfaceName), eq(mSourceAddr), eq(mDestinationAddr), anyInt(), + anyInt(), anyInt()); } @@ -591,7 +602,7 @@ public class IpSecServiceParameterizedTest { // Verify quota and RefcountedResource objects cleaned up assertEquals(0, userRecord.mTunnelQuotaTracker.mCurrent); - verify(mMockNetd).removeVirtualTunnelInterface(eq(createTunnelResp.interfaceName)); + verify(mMockNetd).ipSecRemoveTunnelInterface(eq(createTunnelResp.interfaceName)); try { userRecord.mTunnelInterfaceRecords.getRefcountedResourceOrThrow( createTunnelResp.resourceId); @@ -614,7 +625,7 @@ public class IpSecServiceParameterizedTest { // Verify quota and RefcountedResource objects cleaned up assertEquals(0, userRecord.mTunnelQuotaTracker.mCurrent); - verify(mMockNetd).removeVirtualTunnelInterface(eq(createTunnelResp.interfaceName)); + verify(mMockNetd).ipSecRemoveTunnelInterface(eq(createTunnelResp.interfaceName)); try { userRecord.mTunnelInterfaceRecords.getRefcountedResourceOrThrow( createTunnelResp.resourceId); @@ -624,6 +635,41 @@ public class IpSecServiceParameterizedTest { } @Test + public void testApplyTunnelModeTransform() throws Exception { + IpSecConfig ipSecConfig = new IpSecConfig(); + ipSecConfig.setMode(IpSecTransform.MODE_TUNNEL); + addDefaultSpisAndRemoteAddrToIpSecConfig(ipSecConfig); + addAuthAndCryptToIpSecConfig(ipSecConfig); + + IpSecTransformResponse createTransformResp = + mIpSecService.createTransform(ipSecConfig, new Binder(), "blessedPackage"); + IpSecTunnelInterfaceResponse createTunnelResp = + createAndValidateTunnel(mSourceAddr, mDestinationAddr, "blessedPackage"); + + int transformResourceId = createTransformResp.resourceId; + int tunnelResourceId = createTunnelResp.resourceId; + mIpSecService.applyTunnelModeTransform(tunnelResourceId, IpSecManager.DIRECTION_OUT, + transformResourceId, "blessedPackage"); + + for (int selAddrFamily : ADDRESS_FAMILIES) { + verify(mMockNetd) + .ipSecUpdateSecurityPolicy( + eq(mUid), + eq(selAddrFamily), + eq(IpSecManager.DIRECTION_OUT), + anyString(), + anyString(), + eq(TEST_SPI), + anyInt(), // iKey/oKey + anyInt(), // mask + eq(tunnelResourceId)); + } + + ipSecConfig.setXfrmInterfaceId(tunnelResourceId); + verifyTransformNetdCalledForCreatingSA(ipSecConfig, createTransformResp); + } + + @Test public void testAddRemoveAddressFromTunnelInterface() throws Exception { for (String pkgName : new String[]{"blessedPackage", "systemPackage"}) { IpSecTunnelInterfaceResponse createTunnelResp = |