commit	0a9d120f8bf1887d89abfb8c49daf1d31f5cc412	[log] [tgz]
author	Yan Yan <evitayan@google.com>	Fri May 10 23:54:56 2024 +0000
committer	Yan Yan <evitayan@google.com>	Tue Jun 04 01:33:59 2024 +0000
tree	903c7d3d64bc4f8d7b80c894490c92be3d5a2dfd
parent	6d872f76fe62dc4576a9250c6c35ddddb51bbed6 [diff]

Skip DNS lookup the cached remote addresses match the network

This patch changes the default DNS strategies to add more DNS bypass
cases. This behavior changes are gated by a mendel flag. Specifically
the existing cases and newly added cases to skip DNS are as follows:
  - When network not changed:
    - [EXSITING] the locally supported IP families and cached remote
      addresses match
    - [NEW] the cached remote addresses are dual stack
  - When network changed:
    - [NEW] the locally supported IP families and cached remote
            addresses match
    - [NEW] the cached remote addresses are dual stack

This patch also adds an IKE option that allows a caller to force
DNS lookup.

Bug: 254140820
Test: atest FrameworksIkeTests (new tests) && atest CtsIkeTestCases
Test: adb shell device_config put ipsec \
      config_use_cached_addr_if_matching_network true and observed
      DNS was skipped
Flag: EXEMPT mainline code
Change-Id: I758ca2fe8170c9d4f0223991a712cfb7306a4238

5 files changed

tree: 903c7d3d64bc4f8d7b80c894490c92be3d5a2dfd

README.md

IKEv2 Library for Android

Introduction

This IKEv2 library is an in-process client library implementing the IKEv2 protocol as well as extensions necessary for the support of IWLAN. It is designed to work in a non-privileged fashion on top of the Android IPsec API surface.