Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 117e7f3c authored by Erik Kline's avatar Erik Kline
Browse files

Pass all relevant resolver info to netd 

Test: runtest frameworks-net passes
Test: manual testing of opportunistic and strict mode works
Bug: 34953048
Bug: 64133961
Bug: 72345192
Merged-In: I96f7747b8f0bb38d95579b688b4c2d068f1229cf
Merged-In: Ia4d896c4cc33c02f0c46d5d4c760cc33b13dff0b
Change-Id: Ia4f1905e1fa60e7a468c2246fb809191d2ba796b
(cherry picked from commit e5dac904)
parent 9ecfce3b

core/java/android/os/INetworkManagementService.aidl

+1 −1
Original line number Diff line number Diff line
@@ -340,7 +340,7 @@ interface INetworkManagementService 
     * Configure name servers, search paths, and resolver parameters for the given network.

     */

    void setDnsConfigurationForNetwork(int netId, in String[] servers, in String[] domains,

            in int[] params, boolean useTls, String tlsHostname);

            in int[] params, String tlsHostname, in String[] tlsServers);



    void setFirewallEnabled(boolean enabled);

    boolean isFirewallEnabled();

services/core/java/com/android/server/ConnectivityService.java

+8 −8
Original line number Diff line number Diff line
@@ -4581,17 +4581,17 @@ public class ConnectivityService extends IConnectivityManager.Stub 
        return nai.network.netId;

    }



    private void handleRegisterNetworkAgent(NetworkAgentInfo na) {

    private void handleRegisterNetworkAgent(NetworkAgentInfo nai) {

        if (VDBG) log("Got NetworkAgent Messenger");

        mNetworkAgentInfos.put(na.messenger, na);

        mNetworkAgentInfos.put(nai.messenger, nai);

        synchronized (mNetworkForNetId) {

            mNetworkForNetId.put(na.network.netId, na);

            mNetworkForNetId.put(nai.network.netId, nai);

        }

        na.asyncChannel.connect(mContext, mTrackerHandler, na.messenger);

        NetworkInfo networkInfo = na.networkInfo;

        na.networkInfo = null;

        updateNetworkInfo(na, networkInfo);

        updateUids(na, null, na.networkCapabilities);

        nai.asyncChannel.connect(mContext, mTrackerHandler, nai.messenger);

        NetworkInfo networkInfo = nai.networkInfo;

        nai.networkInfo = null;

        updateNetworkInfo(nai, networkInfo);

        updateUids(nai, null, nai.networkCapabilities);

    }



    private void updateLinkProperties(NetworkAgentInfo networkAgent, LinkProperties oldLp) {

services/core/java/com/android/server/NetworkManagementService.java

+2 −2
Original line number Diff line number Diff line
@@ -1944,13 +1944,13 @@ public class NetworkManagementService extends INetworkManagementService.Stub 


    @Override

    public void setDnsConfigurationForNetwork(int netId, String[] servers, String[] domains,

                    int[] params, boolean useTls, String tlsHostname) {

                    int[] params, String tlsHostname, String[] tlsServers) {

        mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);



        final String[] tlsFingerprints = new String[0];

        try {

            mNetdService.setResolverConfiguration(

                    netId, servers, domains, params, useTls, tlsHostname, tlsFingerprints);

                    netId, servers, domains, params, tlsHostname, tlsServers, tlsFingerprints);

        } catch (RemoteException e) {

            throw new RuntimeException(e);

        }

services/core/java/com/android/server/connectivity/DnsManager.java

+16 −13
Original line number Diff line number Diff line
@@ -192,6 +192,12 @@ public class DnsManager { 


    public void setDnsConfigurationForNetwork(

            int netId, LinkProperties lp, boolean isDefaultNetwork) {

        final String[] assignedServers = NetworkUtils.makeStrings(lp.getDnsServers());

        final String[] domainStrs = getDomainStrings(lp.getDomains());



        updateParametersSettings();

        final int[] params = { mSampleValidity, mSuccessThreshold, mMinSamples, mMaxSamples };



        // We only use the PrivateDnsConfig data pushed to this class instance

        // from ConnectivityService because it works in coordination with

        // NetworkMonitor to decide which networks need validation and runs the
@@ -204,23 +210,20 @@ public class DnsManager { 
        final boolean useTls = (privateDnsCfg != null) && privateDnsCfg.useTls;

        final boolean strictMode = (privateDnsCfg != null) && privateDnsCfg.inStrictMode();

        final String tlsHostname = strictMode ? privateDnsCfg.hostname : "";



        final String[] serverStrs = NetworkUtils.makeStrings(

                strictMode ? Arrays.stream(privateDnsCfg.ips)

        final String[] tlsServers =

                strictMode ? NetworkUtils.makeStrings(

                        Arrays.stream(privateDnsCfg.ips)

                              .filter((ip) -> lp.isReachable(ip))

                                   .collect(Collectors.toList())

                           : lp.getDnsServers());

        final String[] domainStrs = getDomainStrings(lp.getDomains());



        updateParametersSettings();

        final int[] params = { mSampleValidity, mSuccessThreshold, mMinSamples, mMaxSamples };

                              .collect(Collectors.toList()))

                : useTls ? assignedServers  // Opportunistic

                : new String[0];            // Off



        Slog.d(TAG, String.format("setDnsConfigurationForNetwork(%d, %s, %s, %s, %s, %s)",

                netId, Arrays.toString(serverStrs), Arrays.toString(domainStrs),

                Arrays.toString(params), useTls, tlsHostname));

                netId, Arrays.toString(assignedServers), Arrays.toString(domainStrs),

                Arrays.toString(params), tlsHostname, Arrays.toString(tlsServers)));

        try {

            mNMS.setDnsConfigurationForNetwork(

                    netId, serverStrs, domainStrs, params, useTls, tlsHostname);

                    netId, assignedServers, domainStrs, params, tlsHostname, tlsServers);

        } catch (Exception e) {

            Slog.e(TAG, "Error setting DNS configuration: " + e);

            return;

tests/net/java/com/android/server/ConnectivityServiceTest.java

+40 −5
Original line number Diff line number Diff line
@@ -63,6 +63,7 @@ import static org.mockito.Matchers.anyInt; 
import static org.mockito.Matchers.anyString;

import static org.mockito.Mockito.any;

import static org.mockito.Mockito.atLeastOnce;

import static org.mockito.Mockito.eq;

import static org.mockito.Mockito.mock;

import static org.mockito.Mockito.never;

import static org.mockito.Mockito.reset;
@@ -133,6 +134,7 @@ import com.android.internal.util.test.BroadcastInterceptingContext; 
import com.android.internal.util.test.FakeSettingsProvider;

import com.android.server.connectivity.ConnectivityConstants;

import com.android.server.connectivity.DefaultNetworkMetrics;

import com.android.server.connectivity.DnsManager;

import com.android.server.connectivity.IpConnectivityMetrics;

import com.android.server.connectivity.MockableSystemProperties;

import com.android.server.connectivity.NetworkAgentInfo;
@@ -749,6 +751,7 @@ public class ConnectivityServiceTest { 


    // NetworkMonitor implementation allowing overriding of Internet connectivity probe result.

    private class WrappedNetworkMonitor extends NetworkMonitor {

        public Handler connectivityHandler;

        // HTTP response code fed back to NetworkMonitor for Internet connectivity probe.

        public int gen204ProbeResult = 500;

        public String gen204ProbeRedirectUrl = null;
@@ -758,6 +761,7 @@ public class ConnectivityServiceTest { 
                IpConnectivityLog log) {

            super(context, handler, networkAgentInfo, defaultRequest, log,

                    NetworkMonitor.NetworkMonitorSettings.DEFAULT);

            connectivityHandler = handler;

        }



        @Override
@@ -3668,18 +3672,29 @@ public class ConnectivityServiceTest { 


    @Test

    public void testBasicDnsConfigurationPushed() throws Exception {

        final String IFNAME = "test_rmnet_data0";

        final String[] EMPTY_TLS_SERVERS = new String[0];

        mCellNetworkAgent = new MockNetworkAgent(TRANSPORT_CELLULAR);

        waitForIdle();

        verify(mNetworkManagementService, never()).setDnsConfigurationForNetwork(

                anyInt(), any(), any(), any(), anyBoolean(), anyString());

                anyInt(), any(), any(), any(), anyString(), eq(EMPTY_TLS_SERVERS));



        final LinkProperties cellLp = new LinkProperties();

        cellLp.setInterfaceName("test_rmnet_data0");

        cellLp.setInterfaceName(IFNAME);

        // Add IPv4 and IPv6 default routes, because DNS-over-TLS code does

        // "is-reachable" testing in order to not program netd with unreachable

        // nameservers that it might try repeated to validate.

        cellLp.addLinkAddress(new LinkAddress("192.0.2.4/24"));

        cellLp.addRoute(new RouteInfo((IpPrefix) null, InetAddress.getByName("192.0.2.4"), IFNAME));

        cellLp.addLinkAddress(new LinkAddress("2001:db8:1::1/64"));

        cellLp.addRoute(

                new RouteInfo((IpPrefix) null, InetAddress.getByName("2001:db8:1::1"), IFNAME));

        mCellNetworkAgent.sendLinkProperties(cellLp);

        mCellNetworkAgent.connect(false);

        waitForIdle();

        verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(

                anyInt(), mStringArrayCaptor.capture(), any(), any(), anyBoolean(), anyString());

                anyInt(), mStringArrayCaptor.capture(), any(), any(),

                anyString(), eq(EMPTY_TLS_SERVERS));

        // CS tells netd about the empty DNS config for this network.

        assertEmpty(mStringArrayCaptor.getValue());

        reset(mNetworkManagementService);
@@ -3688,7 +3703,8 @@ public class ConnectivityServiceTest { 
        mCellNetworkAgent.sendLinkProperties(cellLp);

        waitForIdle();

        verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(

                anyInt(), mStringArrayCaptor.capture(), any(), any(), anyBoolean(), anyString());

                anyInt(), mStringArrayCaptor.capture(), any(), any(),

                anyString(), eq(EMPTY_TLS_SERVERS));

        assertEquals(1, mStringArrayCaptor.getValue().length);

        assertTrue(ArrayUtils.contains(mStringArrayCaptor.getValue(), "2001:db8::1"));

        reset(mNetworkManagementService);
@@ -3697,7 +3713,26 @@ public class ConnectivityServiceTest { 
        mCellNetworkAgent.sendLinkProperties(cellLp);

        waitForIdle();

        verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(

                anyInt(), mStringArrayCaptor.capture(), any(), any(), anyBoolean(), anyString());

                anyInt(), mStringArrayCaptor.capture(), any(), any(),

                anyString(), eq(EMPTY_TLS_SERVERS));

        assertEquals(2, mStringArrayCaptor.getValue().length);

        assertTrue(ArrayUtils.containsAll(mStringArrayCaptor.getValue(),

                new String[]{"2001:db8::1", "192.0.2.1"}));

        reset(mNetworkManagementService);



        final String TLS_SPECIFIER = "tls.example.com";

        final String TLS_SERVER6 = "2001:db8:53::53";

        final InetAddress[] TLS_IPS = new InetAddress[]{ InetAddress.getByName(TLS_SERVER6) };

        final String[] TLS_SERVERS = new String[]{ TLS_SERVER6 };

        final Handler h = mCellNetworkAgent.getWrappedNetworkMonitor().connectivityHandler;

        h.sendMessage(h.obtainMessage(

                NetworkMonitor.EVENT_PRIVATE_DNS_CONFIG_RESOLVED, 0,

                mCellNetworkAgent.getNetwork().netId,

                new DnsManager.PrivateDnsConfig(TLS_SPECIFIER, TLS_IPS)));

        waitForIdle();

        verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(

                anyInt(), mStringArrayCaptor.capture(), any(), any(),

                eq(TLS_SPECIFIER), eq(TLS_SERVERS));

        assertEquals(2, mStringArrayCaptor.getValue().length);

        assertTrue(ArrayUtils.containsAll(mStringArrayCaptor.getValue(),

                new String[]{"2001:db8::1", "192.0.2.1"}));