Tunnel Chrome traffic through Android VPNs |
|||||||||||||||
Issue descriptionCurrently, the Android container supports apps that use VpnService to connect to a VPN gateway, and this is sufficient to pass CTS. However, Chrome browser traffic (from Chrome OS) is not sent through the VPN, and the Chrome OS UI does not reflect the connection state. Ideally, Chrome browser traffic would be able to utilize an Android-based VPN if it is connected.
,
Mar 4 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/ddb56e72316dbead19e930e047ed68564e85062b commit ddb56e72316dbead19e930e047ed68564e85062b Author: Kevin Cernekee <cernekee@chromium.org> Date: Sat Mar 04 01:11:31 2017 CHROMIUM: Enable CONFIG_IP6_NF_MATCH_RPFILTER netd creates an ip6tables rule that requires the rpfilter match module for IPv6. Without this module, the operation fails. BUG= chromium:696865 TEST=start an Android VPN, and then run in android-sh: ndc ipfwd enable tethering ndc ipfwd add arc0 tun0 ndc nat enable arc0 tun0 0 TEST=`ip6tables -w -t raw -A PREROUTING -i br0 -m rpfilter \ --invert '!' -s fe80::/64 -j DROP` Change-Id: I98777c5ab738f3e9fc27880546e6afcf808fe11a Signed-off-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/447303 Reviewed-by: Kirtika Ruchandani <kirtika@chromium.org> [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/mips/common.config [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/i386/common.config [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/armel/chromiumos-arm.flavour.config [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/armel/chromiumos-rockchip.flavour.config [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/arm64/common.config [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/base.config [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/armel/chromiumos-cygnus.flavour.config [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/x86_64/common.config [modify] https://crrev.com/ddb56e72316dbead19e930e047ed68564e85062b/chromeos/config/armel/chromiumos-ipq806x.flavour.config
,
Jul 25 2017
This is a pretty significant change, we could be forcing all Chrome traffic through an easier-to-compromise container. Maybe it should have a Launch bug? Does this involve third-party VPN apps on Android?
,
Jul 25 2017
> Does this involve third-party VPN apps on Android? Yes > Maybe it should have a Launch bug? +Yoshi
,
Jul 26 2017
,
Aug 3 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/f16fa9a6725d517b5ef2b70b918476d654135ffe commit f16fa9a6725d517b5ef2b70b918476d654135ffe Author: Kevin Cernekee <cernekee@chromium.org> Date: Thu Aug 03 08:11:05 2017 shill: Sanitize DNS server IPs and search domains It is desirable to let Chrome configure ARC VPN DNS through the StaticIPConfig Service property, which accepts free-form strings for the DNS settings. Validate those strings and canonicalize IPs before writing them into /etc/resolv.conf. BUG= chromium:696865 TEST=unit tests TEST=manually set bogus values through StaticIPConfig Change-Id: I0641094da5654b580e4eaa5b34a66df9404f1b38 Reviewed-on: https://chromium-review.googlesource.com/599214 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/f16fa9a6725d517b5ef2b70b918476d654135ffe/shill.gyp [add] https://crrev.com/f16fa9a6725d517b5ef2b70b918476d654135ffe/dns_util.h [modify] https://crrev.com/f16fa9a6725d517b5ef2b70b918476d654135ffe/resolver.cc [add] https://crrev.com/f16fa9a6725d517b5ef2b70b918476d654135ffe/dns_util.cc [modify] https://crrev.com/f16fa9a6725d517b5ef2b70b918476d654135ffe/resolver_unittest.cc [add] https://crrev.com/f16fa9a6725d517b5ef2b70b918476d654135ffe/dns_util_unittest.cc
,
Aug 17 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/1ea853cda7a9bb487552a881087ccbdc27c371b3 commit 1ea853cda7a9bb487552a881087ccbdc27c371b3 Author: Kevin Cernekee <cernekee@chromium.org> Date: Thu Aug 17 06:37:53 2017 shill: Allow creation of non-RTN_UNICAST routes The VPN code will benefit from using RTN_THROW routes, so plumb up the routing code to support it. No intended change in functionality. BUG= chromium:696865 TEST=unit tests Change-Id: Iefdbf4ae389e94bf0eb4ca78ec3725457bad3ad3 Reviewed-on: https://chromium-review.googlesource.com/573496 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/1ea853cda7a9bb487552a881087ccbdc27c371b3/connection_diagnostics_unittest.cc [modify] https://crrev.com/1ea853cda7a9bb487552a881087ccbdc27c371b3/routing_table_entry.h [modify] https://crrev.com/1ea853cda7a9bb487552a881087ccbdc27c371b3/routing_table_unittest.cc [modify] https://crrev.com/1ea853cda7a9bb487552a881087ccbdc27c371b3/connection.cc [modify] https://crrev.com/1ea853cda7a9bb487552a881087ccbdc27c371b3/routing_table.cc
,
Aug 17 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/4767a8d01e45ae33b7ccf40b91ccb8081fa2b024 commit 4767a8d01e45ae33b7ccf40b91ccb8081fa2b024 Author: Kevin Cernekee <cernekee@chromium.org> Date: Thu Aug 17 08:56:48 2017 shill: Use RTN_THROW routes for third party VPN excluded IPs Since the third party VPN code uses a dedicated routing table to handle all VPN traffic, we can add RTN_UNICAST routes for included IP ranges and RTN_THROW routes for excluded IP ranges. This eliminates the need to maintain excluded routes that are pinned to the default physical interface (e.g. eth0). Any traffic matching the RTN_THROW route will bypass the VPN and fall through to the normal system routing table. Once OpenVPN and L2TP/IPsec are converted over to use per-device routing tables, we can eliminate the route pinning logic in connection.cc, leading to a simpler implementation. Therefore that code (Connection::PinHostRoute() and friends) is deprecated, and a new test case was not created in order to exercise it. BUG= chromium:696865 TEST=manually connect to a third party VPN using a mix of include + exclude routes and verify that the traffic is handled correctly Change-Id: I66283aa3465289e429f0195f363612865676e622 Reviewed-on: https://chromium-review.googlesource.com/573497 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/4767a8d01e45ae33b7ccf40b91ccb8081fa2b024/connection_unittest.cc [modify] https://crrev.com/4767a8d01e45ae33b7ccf40b91ccb8081fa2b024/connection.cc [modify] https://crrev.com/4767a8d01e45ae33b7ccf40b91ccb8081fa2b024/connection.h
,
Aug 17 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/1bb4f314f10faf49d94955e49b3b3dfd5053cebf commit 1bb4f314f10faf49d94955e49b3b3dfd5053cebf Author: Kevin Cernekee <cernekee@chromium.org> Date: Thu Aug 17 08:56:48 2017 shill: Fix rtm_flags type This is an unsigned int, not an unsigned char. Flags like RTM_F_NOTIFY will not fit in a char. BUG= chromium:696865 TEST=unit tests Change-Id: I5656f91475f53863ece27aca05b856db00d491f5 Reviewed-on: https://chromium-review.googlesource.com/573498 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/1bb4f314f10faf49d94955e49b3b3dfd5053cebf/net/rtnl_message.h
,
Aug 18 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform/system_api/+/5484a0346e1ec87f7cc1fadb8265b3ed82cbd13c commit 5484a0346e1ec87f7cc1fadb8265b3ed82cbd13c Author: Kevin Cernekee <cernekee@chromium.org> Date: Fri Aug 18 01:42:28 2017 shill: Add arcvpn properties Add the properties used by the new "arcvpn" driver. Also, consolidate the "orphaned" IPConfig properties into the main IPConfig section of the file. BUG= chromium:696865 TEST=none Change-Id: I4ac120f9746b3d70009dd31be5321806c4824bb1 Reviewed-on: https://chromium-review.googlesource.com/573622 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Reviewed-by: Abhishek Bhardwaj <abhishekbh@google.com> [modify] https://crrev.com/5484a0346e1ec87f7cc1fadb8265b3ed82cbd13c/dbus/shill/dbus-constants.h
,
Aug 18 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/6c415f1ec71668ce98617926387050ae22f6ecc5 commit 6c415f1ec71668ce98617926387050ae22f6ecc5 Author: Kevin Cernekee <cernekee@chromium.org> Date: Fri Aug 18 01:42:27 2017 linux-headers: Add uidrange routing APIs This adds the netlink attributes needed to create policy routing rules that filter by the originating application's UID. BUG= chromium:696865 TEST=`emerge-samus linux-headers` Change-Id: Ib78cdde72d1e1f83e16af3118658d802419cd528 Reviewed-on: https://chromium-review.googlesource.com/572416 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Abhishek Bhardwaj <abhishekbh@google.com> [rename] https://crrev.com/6c415f1ec71668ce98617926387050ae22f6ecc5/sys-kernel/linux-headers/linux-headers-4.4-r7.ebuild [modify] https://crrev.com/6c415f1ec71668ce98617926387050ae22f6ecc5/sys-kernel/linux-headers/linux-headers-4.4.ebuild [add] https://crrev.com/6c415f1ec71668ce98617926387050ae22f6ecc5/sys-kernel/linux-headers/files/0018-BACKPORT-net-core-add-UID-to-flows-rules-and-routes.patch
,
Aug 23 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/4efd66e6f6f0e6fde882dfb014fe22977a5d6d64 commit 4efd66e6f6f0e6fde882dfb014fe22977a5d6d64 Author: Kevin Cernekee <cernekee@chromium.org> Date: Wed Aug 23 02:05:06 2017 shill: Add support for routing rules to rtnl code Currently the rtnl code only handles routes (`ip route show`), not rules (`ip rule show`). These use essentially the same format with different attributes, so add the necessary special cases to make it work. BUG= chromium:696865 TEST=unit tests Change-Id: Ibd8df45da82c1ee49fbf8ecd256277169a66e967 Reviewed-on: https://chromium-review.googlesource.com/573499 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/4efd66e6f6f0e6fde882dfb014fe22977a5d6d64/net/rtnl_message.h [modify] https://crrev.com/4efd66e6f6f0e6fde882dfb014fe22977a5d6d64/net/rtnl_message_unittest.cc [modify] https://crrev.com/4efd66e6f6f0e6fde882dfb014fe22977a5d6d64/net/rtnl_handler.cc [modify] https://crrev.com/4efd66e6f6f0e6fde882dfb014fe22977a5d6d64/net/rtnl_handler.h [modify] https://crrev.com/4efd66e6f6f0e6fde882dfb014fe22977a5d6d64/net/rtnl_message.cc
,
Aug 23 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/d2dca408d5942af096d892d6ea2ea3763b2862b8 commit d2dca408d5942af096d892d6ea2ea3763b2862b8 Author: Kevin Cernekee <cernekee@chromium.org> Date: Wed Aug 23 02:05:06 2017 shill: Add RoutingTable functions for routing policy rules Add a routing policy database and public functions to add/flush rules. This also flushes stale rules on startup, in case an old instance of shill leaves them lying around. BUG= chromium:696865 TEST=unit tests Change-Id: I24591faa0e1f4b3d560233e78c096c68be88fb24 Reviewed-on: https://chromium-review.googlesource.com/573640 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/d2dca408d5942af096d892d6ea2ea3763b2862b8/routing_table_unittest.cc [modify] https://crrev.com/d2dca408d5942af096d892d6ea2ea3763b2862b8/routing_table.cc [modify] https://crrev.com/d2dca408d5942af096d892d6ea2ea3763b2862b8/routing_table.h [modify] https://crrev.com/d2dca408d5942af096d892d6ea2ea3763b2862b8/routing_table_entry.h
,
Aug 26 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/8ce227d5c042b00aaea1b3b09edd22a72e91217e commit 8ce227d5c042b00aaea1b3b09edd22a72e91217e Author: Kevin Cernekee <cernekee@chromium.org> Date: Sat Aug 26 04:52:46 2017 shill: Move connection_unittest matchers to the top of the file These will need to be used in class methods. No change to functionality. BUG= chromium:696865 TEST=unit tests Change-Id: I3b246627701cc4c5ac75d0c787c3a2d9fa3ef10d Reviewed-on: https://chromium-review.googlesource.com/636468 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/8ce227d5c042b00aaea1b3b09edd22a72e91217e/connection_unittest.cc
,
Aug 29 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6 commit 4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6 Author: Kevin Cernekee <cernekee@chromium.org> Date: Tue Aug 29 09:39:05 2017 shill: Use uidrange policy routing for third party VPN The third party VPN implementation currently uses xt_owner, packet marking, and rerouting to selectively route traffic from Chrome and crosh through the tunnel, while letting other traffic (such as update_engine) bypass the tunnel. This involves making requests to firewalld on VPN connection and disconnection. But now that UID-based policy routing has been backported from upstream to the Chrome OS kernels, shill can accomplish the same objective by merely creating rules in the routing policy database. This patch allows any Connection to optionally use a dedicated routing table and create appropriately-priorized policy rules that point to it. It will initially be used to support third party VPN, but in the future, per-device routing tables will be necessary to support proper multinetworking capabilities. Connections that do not have a dedicated routing table will create a routing policy rule that points to RT_TABLE_MAIN, in order to make sure that routes are properly prioritized. e.g. if a third party VPN uses metric 10, and the wifi Connection uses metric 1, there will be one policy rule at metric 10 for the VPN pointing to the VPN's routing table, and another policy rule at metric 1 pointing to RT_TABLE_MAIN. BUG= chromium:696865 TEST=manually connect to a third party VPN and inspect the routing rules Change-Id: Ie1fb9c350a1dcf4bfee7935b0118c7829d7b9692 Reviewed-on: https://chromium-review.googlesource.com/573641 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Eric Caruso <ejcaruso@chromium.org> [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/dbus/chromeos_dbus_control.cc [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/dbus/chromeos_dbus_control.h [delete] https://crrev.com/3abb45947be7c5121fc3684d3c8600aba340e278/dbus/chromeos_permission_broker_proxy.h [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/vpn/third_party_vpn_driver_unittest.cc [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/ipconfig.h [delete] https://crrev.com/3abb45947be7c5121fc3684d3c8600aba340e278/dbus/chromeos_permission_broker_proxy.cc [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/nice_mock_control.h [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/mock_control.h [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/shill.gyp [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/vpn/vpn_provider.cc [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/vpn/third_party_vpn_driver.cc [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/manager.h [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/mock_routing_table.h [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/connection.h [delete] https://crrev.com/3abb45947be7c5121fc3684d3c8600aba340e278/firewall_proxy_interface.h [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/connection_unittest.cc [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/control_interface.h [delete] https://crrev.com/3abb45947be7c5121fc3684d3c8600aba340e278/mock_firewall_proxy.h [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/connection.cc [modify] https://crrev.com/4ec05b7bf2fb7bd08384a0191eb3abc6252ee1e6/vpn/vpn_provider.h
,
Aug 29 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/42906c1d810202d4e4faa2b1ddcb7e20995c1535 commit 42906c1d810202d4e4faa2b1ddcb7e20995c1535 Author: Kevin Cernekee <cernekee@chromium.org> Date: Tue Aug 29 09:39:05 2017 shill: Add search domains and include/exclude routes to StaticIPConfig These parameters are currently set through IPConfig::Properties in the VPN code, but they are not directly configurable by shill clients. Plumb up the appropriate Service properties so that they can be set from Chrome. BUG= chromium:696865 TEST=unit tests Change-Id: I766012d2e60f1d31b1086a3cef0be6f2cd168605 Reviewed-on: https://chromium-review.googlesource.com/599196 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/42906c1d810202d4e4faa2b1ddcb7e20995c1535/static_ip_parameters.cc [modify] https://crrev.com/42906c1d810202d4e4faa2b1ddcb7e20995c1535/static_ip_parameters_unittest.cc [modify] https://crrev.com/42906c1d810202d4e4faa2b1ddcb7e20995c1535/doc/service-api.txt [modify] https://crrev.com/42906c1d810202d4e4faa2b1ddcb7e20995c1535/static_ip_parameters.h
,
Aug 29 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4 commit da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4 Author: Kevin Cernekee <cernekee@chromium.org> Date: Tue Aug 29 09:39:05 2017 shill: Change IPConfig::Route to use prefixes instead of netmasks Most users call IPAddress::GetPrefixLengthFromMask() to convert the string to an int. And that function only works for IPv4 anyway. Store it as an int "natively" to simplify the code. Minor downside: if openvpn pushes a route that is missing the netmask, that condition will not be detected. That shouldn't happen anyway, because route_{network,netmask,gateway} are all set from the same function in the openvpn code. BUG= chromium:696865 TEST=unit tests Change-Id: I7049bc81481c7bebb267d0a242cc7e3049a7a93d Reviewed-on: https://chromium-review.googlesource.com/636156 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/vpn/openvpn_driver.cc [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/ipconfig.h [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/dhcp/dhcpv4_config_unittest.cc [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/routing_table_unittest.cc [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/dhcp/dhcpv4_config.cc [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/vpn/third_party_vpn_driver.cc [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/vpn/third_party_vpn_driver_unittest.cc [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/vpn/openvpn_driver_unittest.cc [modify] https://crrev.com/da56e94a5e5a69c89c1a4d9db7329a31cc1f1dd4/routing_table.cc
,
Aug 31 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/5cc813b6e2641667669900b6664a928c96b754b8 commit 5cc813b6e2641667669900b6664a928c96b754b8 Author: Kevin Cernekee <cernekee@chromium.org> Date: Thu Aug 31 05:23:23 2017 shill: Add SetFixedIpParams() device setting Allow callers to specify that an interface's IP parameters should not be changed. This will be used for the ARC network bridge interface, which is not configured through shill. When ARC becomes the default service, we want shill to change the systemwide DNS and routing configuration but we do not want it to manipulate the interface's IP configuration (address, prefix, broadcast, or interface up/down state). BUG= chromium:696865 TEST=unit tests Change-Id: I5908c2a61ba2d66c79948610e046f7aa62f84fb7 Reviewed-on: https://chromium-review.googlesource.com/573642 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Abhishek Bhardwaj <abhishekbh@google.com> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/5cc813b6e2641667669900b6664a928c96b754b8/mock_connection.cc [modify] https://crrev.com/5cc813b6e2641667669900b6664a928c96b754b8/virtual_device.cc [modify] https://crrev.com/5cc813b6e2641667669900b6664a928c96b754b8/connection.h [modify] https://crrev.com/5cc813b6e2641667669900b6664a928c96b754b8/device.cc [modify] https://crrev.com/5cc813b6e2641667669900b6664a928c96b754b8/connection_unittest.cc [modify] https://crrev.com/5cc813b6e2641667669900b6664a928c96b754b8/device.h [modify] https://crrev.com/5cc813b6e2641667669900b6664a928c96b754b8/connection.cc [modify] https://crrev.com/5cc813b6e2641667669900b6664a928c96b754b8/device_unittest.cc
,
Aug 31 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac commit f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac Author: Kevin Cernekee <cernekee@chromium.org> Date: Thu Aug 31 05:23:24 2017 shill: Allow --arc-device to be specified on command line The ARC device is a network interface that connects the host system with an ARC container. shill needs to know which interface it is so that it can set up ARC based VPNs. The command line option allows the interface to be changed from the upstart scripts, which is where much of the other ARC network / bridge configuration takes place. The IP configuration of the ARC device will not be managed by shill. Absent an ARC VPN, it will behave similarly to a blacklisted device. By default this will use the interface name "arcbr0" instead of "br0", and the cheets-scripts will be updated accordingly. This way, a user who is not running ARC will not see surprising behavioral differences between a bridge named "br0" and a bridge named "br1". BUG= chromium:696865 TEST=use --arc-device=arcbr0 instead of adding it to the blacklist, and verify that shill leaves its IP configuration alone Change-Id: I2b648f93520ba7dc00ef171641e01607917e3a6c Reviewed-on: https://chromium-review.googlesource.com/573643 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Abhishek Bhardwaj <abhishekbh@google.com> Reviewed-by: Ben Chan <benchan@chromium.org> [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/technology.h [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/init/shill.sh [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/daemon_task.h [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/device_info.cc [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/init/shill.conf.in [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/daemon_task.cc [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/device_info_unittest.cc [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/manager.h [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/vpn/vpn_provider.h [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/vpn/vpn_provider.cc [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/vpn/vpn_provider_unittest.cc [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/manager.cc [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/shill_main.cc [modify] https://crrev.com/f6d73f6f8fb4ab34d4809e5527838ca75fcd4dac/vpn/mock_vpn_provider.h
,
Aug 31 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/085cefbd0226ec5c053548823c2113d878c553a1 commit 085cefbd0226ec5c053548823c2113d878c553a1 Author: Kevin Cernekee <cernekee@chromium.org> Date: Thu Aug 31 05:23:24 2017 shill: Add ArcVpnDriver A service of type "arcvpn" modifies the system routing and DNS configuration so that Chrome browser traffic is sent through |StaticIP.Gateway| on ${ARC_DEVICE}. BUG= chromium:696865 TEST=cd /usr/local/lib/flimflam/test && \ ./configure-service arcvpn \ Name arcvpn \ Type vpn \ Provider.Type arcvpn \ Provider.Host arcvpn \ StaticIP.Gateway 100.115.92.2 \ StaticIP.NameServers 8.8.4.4 \ ArcVpn.TunnelChrome true && \ ./connect-service arcvpn Change-Id: Ifa467f7b715bfce7e07de472b5bb8632ef8b3659 Reviewed-on: https://chromium-review.googlesource.com/573644 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> [modify] https://crrev.com/085cefbd0226ec5c053548823c2113d878c553a1/manager.h [modify] https://crrev.com/085cefbd0226ec5c053548823c2113d878c553a1/vpn/vpn_provider.cc [modify] https://crrev.com/085cefbd0226ec5c053548823c2113d878c553a1/shill.gyp [add] https://crrev.com/085cefbd0226ec5c053548823c2113d878c553a1/vpn/arc_vpn_driver.cc [add] https://crrev.com/085cefbd0226ec5c053548823c2113d878c553a1/vpn/arc_vpn_driver.h [add] https://crrev.com/085cefbd0226ec5c053548823c2113d878c553a1/vpn/arc_vpn_driver_unittest.cc [modify] https://crrev.com/085cefbd0226ec5c053548823c2113d878c553a1/vpn/vpn_provider.h [modify] https://crrev.com/085cefbd0226ec5c053548823c2113d878c553a1/static_ip_parameters.h
,
Sep 12 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/378087df9f74030321f1ad9a5383d28f9ae458e9 commit 378087df9f74030321f1ad9a5383d28f9ae458e9 Author: Kevin Cernekee <cernekee@chromium.org> Date: Tue Sep 12 23:20:20 2017 ONC: Add SearchDomains, IncludedRoutes, ExcludedRoutes to StaticIPConfig These are needed to support the new ARC VPN type. BUG= 696865 TEST=use chrome.networkingPrivate to create/query a network with the new properties Change-Id: I3157ca6d8ccf51c0071b1c3b6b0f6a47f5dd5360 Reviewed-on: https://chromium-review.googlesource.com/592540 Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Cr-Commit-Position: refs/heads/master@{#501447} [modify] https://crrev.com/378087df9f74030321f1ad9a5383d28f9ae458e9/chromeos/network/onc/onc_signature.cc [modify] https://crrev.com/378087df9f74030321f1ad9a5383d28f9ae458e9/chromeos/network/onc/onc_translation_tables.cc [modify] https://crrev.com/378087df9f74030321f1ad9a5383d28f9ae458e9/components/onc/docs/onc_spec.md [modify] https://crrev.com/378087df9f74030321f1ad9a5383d28f9ae458e9/components/onc/onc_constants.cc [modify] https://crrev.com/378087df9f74030321f1ad9a5383d28f9ae458e9/components/onc/onc_constants.h
,
Sep 13 2017
The following revision refers to this bug: https://chrome-internal.googlesource.com/chromeos/overlays/project-cheets-private/+/582494123c0876aac84b3fec60a708dd4f1f792b commit 582494123c0876aac84b3fec60a708dd4f1f792b Author: Kevin Cernekee <cernekee@chromium.org> Date: Wed Sep 13 01:16:27 2017
,
Sep 13 2017
The following revision refers to this bug: https://chrome-internal.googlesource.com/chromeos/cheets-scripts/+/dc854db062955413408c0a1d5d39a39c12b7fcd0 commit dc854db062955413408c0a1d5d39a39c12b7fcd0 Author: Kevin Cernekee <cernekee@chromium.org> Date: Wed Sep 13 01:16:27 2017
,
Sep 13 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6d926e1c872ec2726d4c1034d18a6c9600a54ac8 commit 6d926e1c872ec2726d4c1034d18a6c9600a54ac8 Author: Kevin Cernekee <cernekee@chromium.org> Date: Wed Sep 13 01:31:27 2017 ONC: Add ARCVPN translations This is a new VPN type supported by shill, intended to let Android VPNs handle traffic from Chrome OS. BUG= 696865 TEST=manually configure and query an ARCVPN network Change-Id: I591c914d5a6b22e4ba044a4d1c83520ee0e7fc36 Reviewed-on: https://chromium-review.googlesource.com/592541 Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Cr-Commit-Position: refs/heads/master@{#501503} [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_normalizer.cc [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_signature.cc [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_signature.h [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_translation_tables.cc [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_translator_shill_to_onc.cc [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_translator_unittest.cc [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_validator.cc [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_validator.h [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/network/onc/onc_validator_unittest.cc [add] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/test/data/network/arc_vpn.onc [add] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/chromeos/test/data/network/shill_arc_vpn.json [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/components/onc/onc_constants.cc [modify] https://crrev.com/6d926e1c872ec2726d4c1034d18a6c9600a54ac8/components/onc/onc_constants.h
,
Sep 13 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/4d83ac596e4f77cbcc7892c6d962442775a57838 commit 4d83ac596e4f77cbcc7892c6d962442775a57838 Author: Kevin Cernekee <cernekee@chromium.org> Date: Wed Sep 13 02:29:02 2017 Hide UI activity for ARC VPNs If a VPN connection is being managed by the OS, we do not want to let the user connect manually, manipulate its settings, delete it, or get a notification when it disconnects. BUG= 696865 TEST=manually create an arcvpn and play around with the UI Change-Id: I6853df43b8e1cc3896c277c761f8de01c498ab99 Reviewed-on: https://chromium-review.googlesource.com/592544 Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Cr-Commit-Position: refs/heads/master@{#501526} [modify] https://crrev.com/4d83ac596e4f77cbcc7892c6d962442775a57838/ash/system/network/vpn_list_view.cc [modify] https://crrev.com/4d83ac596e4f77cbcc7892c6d962442775a57838/chrome/browser/chromeos/net/network_state_notifier.cc
,
Sep 13 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/8b98078b0e818229142781f2c7959af99ec16d3f commit 8b98078b0e818229142781f2c7959af99ec16d3f Author: Kevin Cernekee <cernekee@chromium.org> Date: Wed Sep 13 08:51:00 2017 shill: Rename br0 to arcbr0 This is required in order to make arc-network-forward.sh do the right thing. BUG= chromium:696865 TEST=none Change-Id: Ia977d5d916e495fcac898117fc6da01d81b3bfa5 Reviewed-on: https://chromium-review.googlesource.com/664305 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Kirtika Ruchandani <kirtika@chromium.org> [modify] https://crrev.com/8b98078b0e818229142781f2c7959af99ec16d3f/routing_table_unittest.cc [modify] https://crrev.com/8b98078b0e818229142781f2c7959af99ec16d3f/test-scripts/arc-network-forward.sh
,
Sep 18 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7373ddb0b1254c892585baef08a1fcb65b084b1e commit 7373ddb0b1254c892585baef08a1fcb65b084b1e Author: Kevin Cernekee <cernekee@chromium.org> Date: Mon Sep 18 19:16:38 2017 Fix incorrect IsConnectedState() test condition This should check for networks that are either connecting or connected. BUG= 696865 TEST=connect to a third party VPN on Android Change-Id: If1e1f92234c74aee0f70b96058c3cdc6bd8fa475 Reviewed-on: https://chromium-review.googlesource.com/669709 Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Cr-Commit-Position: refs/heads/master@{#502633} [modify] https://crrev.com/7373ddb0b1254c892585baef08a1fcb65b084b1e/ash/system/network/vpn_list_view.cc
,
Sep 19 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/360f366c9f4682617efe61beabb13df0bb82a998 commit 360f366c9f4682617efe61beabb13df0bb82a998 Author: Kevin Cernekee <cernekee@chromium.org> Date: Tue Sep 19 15:35:15 2017 arc: New net APIs for Android VPN integration Add Android->Chrome RPC calls to report that an Android VPN client has connected or disconnected. Add a Chrome->Android RPC call to let users terminate Android VPNs through the Chrome OS UI. BUG= 696865 TEST=connect to a third party VPN on Android Change-Id: Iadedfc6c458267f009a3b3dc8cbb8c37dcbebd6f Reviewed-on: https://chromium-review.googlesource.com/592545 Reviewed-by: Mattias Nissler <mnissler@chromium.org> Reviewed-by: Luis Hector Chavez <lhchavez@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Cr-Commit-Position: refs/heads/master@{#502856} [modify] https://crrev.com/360f366c9f4682617efe61beabb13df0bb82a998/chrome/browser/ui/ash/system_tray_client.cc [modify] https://crrev.com/360f366c9f4682617efe61beabb13df0bb82a998/components/arc/common/net.mojom [modify] https://crrev.com/360f366c9f4682617efe61beabb13df0bb82a998/components/arc/net/DEPS [modify] https://crrev.com/360f366c9f4682617efe61beabb13df0bb82a998/components/arc/net/arc_net_host_impl.cc [modify] https://crrev.com/360f366c9f4682617efe61beabb13df0bb82a998/components/arc/net/arc_net_host_impl.h
,
Sep 22 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9 commit 0aa1c4f44b39a8c6c7e91510033daa53d9569fe9 Author: Kazuhiro Inaba <kinaba@chromium.org> Date: Fri Sep 22 05:36:23 2017 CHROMIUM: Enable CONFIG_IP6_NF_MATCH_RPFILTER netd creates an ip6tables rule that requires the rpfilter match module for IPv6. Without this module, the operation fails. BUG= chromium:696865 BUG=b:66515222 TEST=CtsHostsideNetworkTests Change-Id: I11b43185567f610868117cb5d390ef1dced2cc00 Signed-off-by: Kazuhiro Inaba <kinaba@chromium.org> (cherry picked from commit ddb56e72316dbead19e930e047ed68564e85062b) Reviewed-on: https://chromium-review.googlesource.com/678134 Reviewed-by: Kevin Cernekee <cernekee@chromium.org> [modify] https://crrev.com/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9/chromeos/config/mips/common.config [modify] https://crrev.com/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9/chromeos/config/i386/common.config [modify] https://crrev.com/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9/chromeos/config/armel/chromiumos-arm.flavour.config [modify] https://crrev.com/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9/chromeos/config/armel/chromiumos-armada38x.flavour.config [modify] https://crrev.com/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9/chromeos/config/arm64/common.config [modify] https://crrev.com/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9/chromeos/config/base.config [modify] https://crrev.com/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9/chromeos/config/armel/chromiumos-ipq40xx.flavour.config [modify] https://crrev.com/0aa1c4f44b39a8c6c7e91510033daa53d9569fe9/chromeos/config/x86_64/common.config
,
Sep 22 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4bef3376775745998d2ff00372bc0e93adbb624b commit 4bef3376775745998d2ff00372bc0e93adbb624b Author: Kazuhiro Inaba <kinaba@chromium.org> Date: Fri Sep 22 09:02:02 2017 CHROMIUM: Enable CONFIG_IP6_NF_MATCH_RPFILTER netd creates an ip6tables rule that requires the rpfilter match module for IPv6. Without this module, the operation fails. BUG= chromium:696865 BUG=b:66515222 TEST=CtsHostsideNetworkTests Change-Id: I3d9270dca89af0a16f19475badbf3032441d930a Signed-off-by: Kazuhiro Inaba <kinaba@chromium.org> (cherry picked from commit ddb56e72316dbead19e930e047ed68564e85062b) Reviewed-on: https://chromium-review.googlesource.com/678214 Reviewed-by: Kevin Cernekee <cernekee@chromium.org> [modify] https://crrev.com/4bef3376775745998d2ff00372bc0e93adbb624b/chromeos/config/base.config
,
Sep 22 2017
This feature has landed in canary channel (9964.0.0 / 63.0.3222.0). Known caveats: 1) chrome://settings UI changes are under way. Right now this page is not aware of ARC VPN so it allows some operations that the user shouldn't be able to perform. 2) Bug 768053 - Android VPN apps are not currently notified of physical connection changes. 3) Bug 768062 - No IPv6 support yet. 4) AppOps UID mismatch in logcat when clicking Disconnect from the Chrome OS system menu.
,
Sep 23 2017
Updating bug with Android commits, as they are not auto-populated: http://go/ag/topic:arcvpn-696865+(status:open+OR+status:merged) http://go/ag/2916253 http://go/ag/2848190 Always-on VPN is untested, and may or may not respond to the Disconnect button in current builds.
,
Sep 23 2017
Ran into this while updating the VPN dialog text: Bug 768173 - Can't revoke ARC VPN access
,
Sep 24 2017
,
Sep 25 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3229a83ed7a4bbf7e85c91d8802bd97bd4f20be4 commit 3229a83ed7a4bbf7e85c91d8802bd97bd4f20be4 Author: Kevin Cernekee <cernekee@chromium.org> Date: Mon Sep 25 20:55:23 2017 Add histograms for new Chrome OS VPN types shill now handles connections from Android VPN apps. BUG= 696865 TEST=none Change-Id: I5e2fab8ccb9e212098caba87cbe27ae96df4469d Reviewed-on: https://chromium-review.googlesource.com/679866 Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Ilya Sherman <isherman@chromium.org> Cr-Commit-Position: refs/heads/master@{#504158} [modify] https://crrev.com/3229a83ed7a4bbf7e85c91d8802bd97bd4f20be4/tools/metrics/histograms/enums.xml [modify] https://crrev.com/3229a83ed7a4bbf7e85c91d8802bd97bd4f20be4/tools/metrics/histograms/histograms.xml
,
Sep 25 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/dc19337844d3411a7199bb3fd3015034375b595e commit dc19337844d3411a7199bb3fd3015034375b595e Author: Kevin Cernekee <cernekee@chromium.org> Date: Mon Sep 25 22:52:50 2017 shill: Update documentation with arcvpn properties BUG= chromium:696865 TEST=none Change-Id: I6c49e6af678a5c62d4a1a13e49a4d15554903eb2 Reviewed-on: https://chromium-review.googlesource.com/671664 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Kirtika Ruchandani <kirtika@chromium.org> [modify] https://crrev.com/dc19337844d3411a7199bb3fd3015034375b595e/doc/service-api.txt
,
Sep 25 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/035d3a388a596ff9a900e2502096ddced5e522cd commit 035d3a388a596ff9a900e2502096ddced5e522cd Author: Kevin Cernekee <cernekee@chromium.org> Date: Mon Sep 25 22:52:43 2017 arc-networkd: Change default internal interface from br0 to arcbr0 This isn't strictly necessary because it is forced from arc-network.conf, but it keeps the default in line with actual usage. BUG= chromium:696865 TEST=none Change-Id: I83cbf6da6d5414a7f8d23ffb60d71a8812760c31 Reviewed-on: https://chromium-review.googlesource.com/664422 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Kirtika Ruchandani <kirtika@chromium.org> [modify] https://crrev.com/035d3a388a596ff9a900e2502096ddced5e522cd/arc-networkd/main.cc
,
Sep 26 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/connectivity/shill/+/77a107700378fc042723a3d543de261e63c45085 commit 77a107700378fc042723a3d543de261e63c45085 Author: Kevin Cernekee <cernekee@chromium.org> Date: Tue Sep 26 20:36:16 2017 shill: Record metric for ARC VPN connections BUG= chromium:696865 TEST=unit tests Change-Id: I6cee608e872399c6d667ff925227c0a4dbfaa36f Reviewed-on: https://chromium-review.googlesource.com/679867 Commit-Ready: Kevin Cernekee <cernekee@chromium.org> Tested-by: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Kirtika Ruchandani <kirtika@chromium.org> [modify] https://crrev.com/77a107700378fc042723a3d543de261e63c45085/metrics.h [modify] https://crrev.com/77a107700378fc042723a3d543de261e63c45085/vpn/arc_vpn_driver.cc
,
Oct 2 2017
I tried to test this on the latest Canary with the OpenVPN Android app and I could connect through the VPN using other Android apps but not with the native Chrome. Is there something else the user needs to do to make this work?
,
Oct 2 2017
Not really. What version did you test? Could you please attach file:///var/log/net.log (captured while the Android VPN is connected)?
,
Oct 15 2017
Sorry Cernekee, it turns out that it just needed one more reboot until I was fully updated to the latest Canary. After doing that, it does indeed work as advertised. Apologies for the noise.
,
Oct 17 2017
We have tested the fix and is working just fine on Dev 63, I would like to know if you are planning to have this on Stable version sooner than version 63? Thank you in advanced.
,
Oct 17 2017
Thanks for the feedback. :-) M63 stable will roll out in mid-December with this new feature. If you're willing to make the leap to beta channel, you'll get it in a few weeks.
,
Oct 25 2017
Update: In M63 this will be gated by a feature flag: chrome://flags#arc-vpn . There are a couple of UI improvements in the pipeline which will land in M64. In M64 the ARC VPN feature will be enabled by default, and it will formally launch.
,
Oct 25 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b7f96a5e6d6b07dde77de608e680d6c51658e4b0 commit b7f96a5e6d6b07dde77de608e680d6c51658e4b0 Author: Kevin Cernekee <cernekee@chromium.org> Date: Wed Oct 25 17:40:18 2017 Hide ARC VPN behind a feature flag The UI work will be completed in the M64 timeframe, so for M63 we will require ARC VPN to be manually enabled via chrome://flags#arc-vpn BUG= 696865 TEST=manually test in both Enabled and Disabled state Change-Id: I5e362f2437629980c69dcfcef60a11786131e986 Reviewed-on: https://chromium-review.googlesource.com/736817 Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Elijah Taylor <elijahtaylor@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Cr-Commit-Position: refs/heads/master@{#511507} [modify] https://crrev.com/b7f96a5e6d6b07dde77de608e680d6c51658e4b0/chrome/browser/about_flags.cc [modify] https://crrev.com/b7f96a5e6d6b07dde77de608e680d6c51658e4b0/chrome/browser/flag_descriptions.cc [modify] https://crrev.com/b7f96a5e6d6b07dde77de608e680d6c51658e4b0/chrome/browser/flag_descriptions.h [modify] https://crrev.com/b7f96a5e6d6b07dde77de608e680d6c51658e4b0/components/arc/arc_features.cc [modify] https://crrev.com/b7f96a5e6d6b07dde77de608e680d6c51658e4b0/components/arc/arc_features.h [modify] https://crrev.com/b7f96a5e6d6b07dde77de608e680d6c51658e4b0/components/arc/net/arc_net_host_impl.cc [modify] https://crrev.com/b7f96a5e6d6b07dde77de608e680d6c51658e4b0/tools/metrics/histograms/enums.xml
,
Oct 27 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/4d245271176d9c542fe957b3ec1570305ac2a547 commit 4d245271176d9c542fe957b3ec1570305ac2a547 Author: Kevin Cernekee <cernekee@chromium.org> Date: Fri Oct 27 23:20:38 2017 Hide ARC VPN behind a feature flag The UI work will be completed in the M64 timeframe, so for M63 we will require ARC VPN to be manually enabled via chrome://flags#arc-vpn BUG= 696865 TEST=manually test in both Enabled and Disabled state (cherry picked from commit b7f96a5e6d6b07dde77de608e680d6c51658e4b0) Change-Id: I5e362f2437629980c69dcfcef60a11786131e986 Reviewed-on: https://chromium-review.googlesource.com/736817 Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Reviewed-by: Elijah Taylor <elijahtaylor@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#511507} Reviewed-on: https://chromium-review.googlesource.com/742685 Reviewed-by: Kevin Cernekee <cernekee@chromium.org> Cr-Commit-Position: refs/branch-heads/3239@{#280} Cr-Branched-From: adb61db19020ed8ecee5e91b1a0ea4c924ae2988-refs/heads/master@{#508578} [modify] https://crrev.com/4d245271176d9c542fe957b3ec1570305ac2a547/chrome/browser/about_flags.cc [modify] https://crrev.com/4d245271176d9c542fe957b3ec1570305ac2a547/chrome/browser/flag_descriptions.cc [modify] https://crrev.com/4d245271176d9c542fe957b3ec1570305ac2a547/chrome/browser/flag_descriptions.h [modify] https://crrev.com/4d245271176d9c542fe957b3ec1570305ac2a547/components/arc/arc_features.cc [modify] https://crrev.com/4d245271176d9c542fe957b3ec1570305ac2a547/components/arc/arc_features.h [modify] https://crrev.com/4d245271176d9c542fe957b3ec1570305ac2a547/components/arc/net/arc_net_host_impl.cc [modify] https://crrev.com/4d245271176d9c542fe957b3ec1570305ac2a547/tools/metrics/histograms/enums.xml
,
Dec 11 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/57f7023ada59ded13abce350a7ed702597d8b202 commit 57f7023ada59ded13abce350a7ed702597d8b202 Author: Kevin Cernekee <cernekee@chromium.org> Date: Mon Dec 11 19:18:01 2017 Enable ARC VPN feature flag by default The ARC VPN feature will go live in M64. Leave the flag in place in case it causes trouble, but enable the feature by default. BUG= 696865 TEST=buildbots Change-Id: If64e60945d299f5ef6c538471e07a41e47024ea1 Reviewed-on: https://chromium-review.googlesource.com/812499 Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Reviewed-by: Luis Hector Chavez <lhchavez@chromium.org> Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Cr-Commit-Position: refs/heads/master@{#523166} [modify] https://crrev.com/57f7023ada59ded13abce350a7ed702597d8b202/components/arc/arc_features.cc
,
Dec 11 2017
,
Dec 12 2017
This bug requires manual review: DEPS changes referenced in bugdroid comments. Please contact the milestone owner if you have questions. Owners: cmasso@(Android), cmasso@(iOS), kbleicher@(ChromeOS), abdulsyed@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 22 2017
Per #47 is this launch associated with crbug/748910?
,
Dec 22 2017
Yes, same feature If you could approve the merge, I'll flip the feature flag to Enabled-by-default on M64.
,
Dec 27 2017
Approving merge to M64 Chrome OS.
,
Dec 28 2017
,
Dec 28 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/8c1d5ac04b16b16cec1045415ea9cf1f2a498d46 commit 8c1d5ac04b16b16cec1045415ea9cf1f2a498d46 Author: Kevin Cernekee <cernekee@chromium.org> Date: Thu Dec 28 00:47:29 2017 Enable ARC VPN feature flag by default The ARC VPN feature will go live in M64. Leave the flag in place in case it causes trouble, but enable the feature by default. BUG= 696865 TEST=buildbots Change-Id: If64e60945d299f5ef6c538471e07a41e47024ea1 Reviewed-on: https://chromium-review.googlesource.com/812499 Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Reviewed-by: Luis Hector Chavez <lhchavez@chromium.org> Commit-Queue: Kevin Cernekee <cernekee@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#523166}(cherry picked from commit 57f7023ada59ded13abce350a7ed702597d8b202) Reviewed-on: https://chromium-review.googlesource.com/845055 Reviewed-by: Kevin Cernekee <cernekee@chromium.org> Cr-Commit-Position: refs/branch-heads/3282@{#365} Cr-Branched-From: 5fdc0fab22ce7efd32532ee989b223fa12f8171e-refs/heads/master@{#520840} [modify] https://crrev.com/8c1d5ac04b16b16cec1045415ea9cf1f2a498d46/components/arc/arc_features.cc
,
Jan 22 2018
,
Jan 23 2018
,
Mar 3 2018
Closing this as verified.
,
Mar 5 2018
,
Aug 14
|
|||||||||||||||
►
Sign in to add a comment |
|||||||||||||||
Comment 1 by bugdroid1@chromium.org
, Mar 3 2017