Support the RFC 6762 section 7.1. Known-Answer Suppression.
If the response contains an answer that is also present in the
answer section and the known-answer's TTL is greater than half
of the original TTL, suppress the response.

Bug: 312657709
Test: atest FrameworksNetTests NsdManagerTest
      Passed DUPLICAE SUPPRESSION test case of BCT
Change-Id: I1890e9fba068c1f59a1d93c3514f0e7d07da1814

This is the servide-side impl of the subtypes advertising added in
aosp/2608627. See that CL for more backgrounds.

Bug: 265095929
Test: atest CtsNetTestCases FrameworksNetTests
Change-Id: I3d6f96822ac89d12fe29c00f688d848297c25787

This commit adds support of advertising and discovering services
with subtypes.

With this change, client can publish a new service with subtypes with
code:
```
NsdServiceInfo info = new NsdServiceInfo();
info.setServiceName("My Service");
info.setServiceType("_meshcop._udp");
info.setSubtypes(Set.of("_abc"));

nsdManager.registerService(info, PROTOCOL_DNS_SD, listener);
```

Bug: 265095929
Test: atest CtsNetTestCases FrameworksNetTests
Change-Id: Ia83182e2d43002243d1ef4357d14a8056d7da14b

This causes the module to crash on rollback because the current
production code does not consider LOCAL_NETWORK to be a valid
capability.

Change-Id: Idf57d72c384b41b483098c4c302738072ebf7f90
Test: TH
Fix: 313030307

This reverts commit 69eb8325.

Bug: 308011229
Change-Id: I4dd68bdedc0088860895a833f2b4cb8e1845429a
Test: IpSecServiceParameterizedTest (new tests)

This reverts commit ab5006c1.

Reason for revert: b/316010034 breaking VCN unit tests

Change-Id: I68cb1a99bb6e492c16901972d201761cd00df6fa

The verification happened earlier than the interaction with
production code. This may happen in low performance devices,
e.g. cuttlefish. Add timeout for the verification to deflake
the test.

Bug: 313828402
Test: atest FrameworksNetTests
Change-Id: I1ffa7e7573d503eb0396aa211a90ba032175b3a1

Bug: 308011229
Test: IpSecServiceParameterizedTest (new tests)
Change-Id: I3f1c2ef60ee9b6ac17909e0ee083ee6f8483588e

Bug: 308011229
Test: IpSecXfrmControllerTest
Change-Id: Id765cd8d8d7e330969877cb0890bd828417fb6b8

BYPASS_INCLUSIVE_LANGUAGE_REASON=Using public API
Test: atest ConnectivityCoverageTests:android.net.connectivity.com.android.server.CSBpfNetMapsTest
      (on U and V devices respectively)
Bug: 297836825
Fix: 314858283

Change-Id: Ibeac8cd3a33468c6539234255328affc6b3f8ffe

This is a test only change, replacing the MdnsPointerRecord
constructor usage for queries with the new version.

Bug: 312657709
Test: atest FrameworksNetTests
Change-Id: Ie9e51df78bfc27090503b861c5ac979201f10608

aosp/2854709 reverted canSeeAllowedUids change done by aosp/2405720.
But aosp/2854709 did not update testAllowedUids and broke
testAllowedUids since cts can no longer see allowedUids.
This CL updates testAllowedUids to skip some test cases.

Followup CLs will allow ownerUid to see allowedUids again and re-enable
test cases.

Bug: 315112049
Test: TH
Change-Id: I1e4ca09ad15b6150182325cbfda1548e5fec79d1

This test require latest Connectivity module

Bug: 314392808
Test: mts-tradefed run mts-wifi
Change-Id: I283ffe9b20af957818584cddfb0d188a5a8625a7

The test reuqires WiFi becomes the default network. But in
some bad networks, the probing time may take more than the
existing timer(5s). Increase it to 30s to prevent flakes
causing by bad network.

Fix: 313372234
Test: atest CtsNetTestCases
Change-Id: Ie0d2f014d2551826596d4a0e28448ba129f5e9eb

Test: atest FrameworksNetTests:android.net.connectivity.android.net.NetworkUtilsTest
Change-Id: I3d94172fa8a42e2ab8ba4caf80d5caaa11fac703

The current implementation of MdnsAdvertiser doesn't support updating an
existing registration. For an update request, the client needs to
unregister it first, which will trigger an exit message and then
register again, which will trigger an announcement message. There are
some clients that don't want to trigger the exit and announcement
message every time. This CL adds the API to support that use case.

Bug: 309372239
Test: TH
Change-Id: Iabe69a987a11104090082e01969e7595f05504e8

This reverts commit db884c9a.

Reason for revert: reason of aosp/2849874 revert is solved by aosp/2854408

Change-Id: Ic5ffddf2f811c0d2c359f292c3b44b833bae5eaa

This reverts commit 1e7c4a49.

This change is a suspect for causing test breakages, it may or may not be reverted.

Bug: 314087796

Reason for revert: 314087796

Change-Id: If0a1c1e2d0e260319cf64b2d00828638abebb7fe

aosp/2405720 allowed network owner uid to see allowed uids
But this breaked old cts.
This CL reverts the behavior for network owner uid.

Bug: 312093253
Bug: 313025186
Bug: 312196228
Test: TH
Change-Id: Iaa732d22f67ecce7678e68bb8b20cec526116dc9

aosp/2792436 updated NetworkAgent and NetworkAgentTest.
But the NetworkAgent change was not compatible with the old
NetworkAgentTest.
This CL makes NetworkAgent change to compatible with the old
NetworkAgentTest.

aosp/2851330 will update NetworkAgentTest to support NetworkAgent change
done in aosp/2792436.
Once the old cts is EOL, workaround in NetworkAgentTest and NetworkAgent
can be removed.

Bug: 310124646
Test: atest NetworkAgentTest
Change-Id: Ic99b0ab72526a9ba22653f5bb132214ef0814440

Check if the bpf loader rc file is differs from the template files when
ConnectivityService starts. Use Log.wtf() to log the file if there is a
diff.

Bug: 312638861
Test: TH
Change-Id: I0b9ed9962ad0954a051a17b01357d04a0e655ff4

Update registerOffloadEngine() permission check to check the
DEVICE_POWER permission in U. This change is required to allow the
android TV device to access the API in U because the
REGISTER_NSD_OFFLOAD_ENGINE permission can not be backported.

Bug: 313546516
Test: TH
Change-Id: I84b80d102a34487ad54719a86eb525b319e2fd8b

In PrivateDnsConfig class, `useTls` is replaced with `mode`.
This CL a corresponding change.

Bug: 240259333
Test: atest ConnectivityCoverageTests
Change-Id: I60c53e52f287fc7fa05543603a62632d934bb2e6

Vpn.Dependencies contains methods used for legacy VPNs that are
now unused. Remove them.

Bug: 161776767
Test: atest FrameworksNetTests
Change-Id: I68bbb3e519f5558f9006f680df79ae8073e196cd

On mobile networks it is more likely that the user needs to top up or
get a mobile data subscription, rather than "sign in" as the previous
messaging was suggesting.
Following feedback from interaction designers / UX writers, change the
strings to be more appropriate for the most common use-case.

Bug: 153673376
Test: atest FrameworksNetTests
      manual test on mobile network force-detecting a portal.
Change-Id: I5b4d4a17fd507d8cf3c9863cf23b5fedb258852e

The issue arises when the network becomes validated based on the
isCaptivePortal success with HTTPS, even though the HTTP probe
hasn't been executed yet. Given that there is no way to ensure
HTTP probe was sent in this case, the pass condition should be
relaxed, allowing a single https query instead of expecting both.

Test: atest FrameworksNetIntegrationTests:ConnectivityServiceIntegrationTest#testValidation \
      --rerun-until-failure 100
      (With hardcoded sleep when starting HTTP probe)
Fix: 303351630
Change-Id: I580e9a3a868cd0b3395a20ace27b006529475312

This is a clean up commit to address TODO for resetting the
LISTEN_ACTIVITY_TIMEOUT_MS timer as aosp/2188755 was shipped.

Fix: 252972908
Test: atest CtsNetTestCases
Change-Id: Ibc1a1c68883a3772729f24b01f9dc8d3cc37c1eb

This reverts commit 14499f01.

Reason for revert: b/312408745

Change-Id: I8b03799fe6e0e256263240909ee7446c178bf508

Also add MonitorThreadLeak annotation to check thread leak.

Test: atest ConnectivityCoverageTests --test-filter mdns*
Change-Id: Ie47f30360e36784428173f6cc87a4a6b09826405

The NsdManager constructor creates a new thread, which is not
intended to be closed. However, the test in NsdMangerTest and
NsdServiceTest create a new NsdManager instance, resulting in a
large number of threads running during the tests. This can lead
to an out-of-memory error for the tests. To resolve this issue,
use the common singleton thread ConnectivityThread to handle
tasks from the various instances.

Fix: 308544734
Test: atest ConnectivityCoverageTests --test-filter Nsd*
Change-Id: I1908a2bb1bd20da8e0498353bca26f7e89e16626

Bug: 308519360
Test: CarrierPrivilegeAuthenticatorTest
Change-Id: I59164be00a9e1fcced8538537c1dcabd214f2170

This method tests whether the UID is the carrier service
UID, not whether the UID has carrier privilege.

Note that in normal operation, the carrier service UID always
has carrier privilege.

Test: NetworkAgentTest
Change-Id: I30f8814cc0419a2d6bdbe75fdc82156516eba026

Bug: 236669534
Test: New tests in this patch
Change-Id: If312b8f8359888558969c022811d6b203be602a0

This tests that the network providers are subject to appropriate
limitations as to what they can set as allowedUids – both in the
positive (can do) case, and the negative (can't do) case.

Test: this
Change-Id: I115e2a4bc02ddcd03ecf2f35130fcb0378da22bd

Bug: 240259333
Test: atest ConnectivityCoverageTests
Change-Id: I92ab5e1eef7ba1715176e3628222084067d14603

This reverts commit 30fb9b1c.

Reason for revert: Potential culprit for CtsLibcoreTestCases test failures b/311612650

Change-Id: Ie7de97159f92a174476a8fa8ea83e3e01914aea1

Bug: 161776767
Test: atest FrameworksNetTests
Change-Id: Id2cef626c5893a4ff29161c801e497b7de551136

Test: atest FrameworksNetTests CtsNetTestCases
Bug: 307217169

Change-Id: I006e3191a8c6100af3d2906d5d37f4e38a3db519

As a specialized network, a network with PRIORITIZE_* is not
generally a good default network, and might cause unexpected
charges if allowed to become one.

Test: CSDefaultNetworkTests
Change-Id: I8f7184f80bb987da720bd067862bd7a546a38e26

The profile is modified within startLegacyVpnPrivileged(), e.g.
ipsecCaCert, ipsecUserCert. This causes subsequent calls from
callers such as LockdownVpnTracker to fail.

Add a new test to ensure the VpnProfile is not modified in
startLegacyVpn.
Add testClone in VpnProfileTest.

Bug: 190572822
Bug: 309591931
Test: atest FrameworksNetTests, test before and after fix.
Test: Manual test
Change-Id: Id090e0dd3b9e74a7461ae90e68c41e802b458744