1. the certtool.h is modified for avoiding the side effect,
for saving the configuration with wpa_supplicant.
2. put the loadLibrary back in CertTool.java
3. Fix incorrect JNI declarations.
1. Also change the keyname delimiter in CertTool.java.
2. Return NOTFOUND if the result.len==0 in the listKeys().
3. Define the keystore states in the class Keystore.
1. We will progressively migrate to this implementation.
2. For richc to have a quick review on the keymgmt part.
3. Add remove_key and make sure all functions are working.
4. Add permission check for get operation.
5. Return the retry count if unlock failed.
6. Add the reset operation for keystore reset.
7. Add the putfile shell command for putting the key value from file.
8. Fix the boundary issue during parsing command.
9. Use the ' ' as delimiter and reset the reply structure for each request.
10. Add change password retry count check.
11. Extract the read_marshal/write_marshal for certtool.h.
12. Remove the old implementation.
Backup & restore is still enabled by default, but with the expectation that it
will be enabled during the course of the Setup Wizard or some other privileged
entity that has notified the user about the ramifications. While disabled,
data-changed notices will still be collected, but no backup pass will be
scheduled. When the backup manager is later enabled, any pending data-changed
notices will then be processed and the apps invoked for backup.
This change retools the transport selection mechanism a fair bit. Transports
are now specified by name rather than by numeric ID, and the name of the
currently selected transport is stored in a persistent system property under the
name "persist.service.bkup.trans".
The name -> IBackupTransport translation is now handled by maintaining a map
from the names to the live IBackupTransport objects that correspond. The Google
transport service observer now registers and unregisters the transport as the
service goes up and down.
The bmgr command has been expanded to include real transport interrogation and
selection by name, and some documentation has been written for it.
The am command is now the one that takes care of opening the target file,
handling the opened file descriptor to the process that will be profiled.
This allows you to send profile data to anywhere the shell can access, and
avoids any problems coming up from the target process trying to open the
file.
On restore now, the backup manager gets the signature blocks corresponding to
the restore set from the transport. It then validates those signatures against
the on-device app signatures, and refuses to restore data to an app whose
on-device sig block does not match the backup image's.
Also actually implement 'bmgr transport N' so that we can select the local
transport easily during runtime.
The 'list sets' and 'restore token#' commands from bmgr now do what they are
supposed to. At this point we see the restore target's data being cleared
properly and its agent being launched and invoked for restore.
The keystore service is protected by the user 'keystore'. Only keystore
user/group can access the key content. All users are able to do the
following commands from shell as well:
listcerts
listuserkeys
installcert
removecert
installuserkey
removeuserkey
Now we have a 5-second time after home is pressed, during which
only the home app (and the status bar) can switch to another app.
After that time, any start activity requests that occurred will
be executed, to allow things like alarms to be displayed. Also
if during that time the user launches another app, the pending
starts will be executed without resuming their activities and
the one they started placed at the top and executed.
You can now use android:testOnly="true" to not allow your .apk to be installed
as a normal app. The only way to do so is with the pm command and giving the
-t option, which sets a new INSTALL_ALLOW_TEST flag when installing.
I also used this to clean up the install API... actually, mostly to hide
it, since it is not accessible to apps so shouldn't be in the SDK. We
will be doing some more work on it, so this will prevent adding yet
another backwards-compatibility-for-no-reason version.
This adds new attributes for specifying a targetSdkVersion and maxSdkVersion.
There is a new ApplicationInfo flag that is set if the application has set
its targetSdkVersion to the current platform or later. Also you can now
use a string for minSdkVersion and targetSdkVerion, to indicate you are
building against a development tree instead of an official platform.
