Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3df6695d authored by Eran Messeri's avatar Eran Messeri
Browse files

Address DPM Private DNS API Review 

Changes:
* Split setGlobalPrivateDNS to setGlobalPrivateDNSModeOpportunistic
  and setGlobalPrivateDNSModeSpecifiedHost as the original method had a
  potentially unused parameter.
* Annotated return value.
* Annotated with @WorkerThread the method that shouldn't be called on
  the main thread.

Bug: 124301971
Test: atest com.android.cts.devicepolicy.DeviceOwnerTest#testPrivateDnsPolicy
Change-Id: Iace4de642bcf02ad6ee3a02804643890a5017d89
parent 73b844d8

api/current.txt

+2 −1
Original line number Diff line number Diff line
@@ -6751,7 +6751,8 @@ package android.app.admin { 
    method public void setDelegatedScopes(@NonNull android.content.ComponentName, @NonNull String, @NonNull java.util.List<java.lang.String>);

    method public void setDeviceOwnerLockScreenInfo(@NonNull android.content.ComponentName, CharSequence);

    method public void setEndUserSessionMessage(@NonNull android.content.ComponentName, @Nullable CharSequence);

    method public int setGlobalPrivateDns(@NonNull android.content.ComponentName, int, @Nullable String);

    method public int setGlobalPrivateDnsModeOpportunistic(@NonNull android.content.ComponentName);

    method @WorkerThread public int setGlobalPrivateDnsModeSpecifiedHost(@NonNull android.content.ComponentName, @NonNull String);

    method public void setGlobalSetting(@NonNull android.content.ComponentName, String, String);

    method public void setKeepUninstalledPackages(@Nullable android.content.ComponentName, @NonNull java.util.List<java.lang.String>);

    method public boolean setKeyPairCertificate(@Nullable android.content.ComponentName, @NonNull String, @NonNull java.util.List<java.security.cert.Certificate>, boolean);

core/java/android/app/admin/DevicePolicyManager.java

+49 −28
Original line number Diff line number Diff line
@@ -84,7 +84,6 @@ import android.security.keystore.StrongBoxUnavailableException; 
import android.service.restrictions.RestrictionsReceiver;

import android.telephony.TelephonyManager;

import android.telephony.data.ApnSetting;

import android.text.TextUtils;

import android.util.ArraySet;

import android.util.Log;
@@ -2210,7 +2209,7 @@ public class DevicePolicyManager { 
            PRIVATE_DNS_SET_ERROR_FAILURE_SETTING

    })

    @Retention(RetentionPolicy.SOURCE)

    public @interface SetPrivateDnsModeResultConstants {}

    public @interface PrivateDnsModeErrorCodes {}



    /**

     * Activity action: Starts the administrator to get the mode for the provisioning.
@@ -10450,13 +10449,41 @@ public class DevicePolicyManager { 
    }



    /**

     * Sets the global Private DNS mode and host to be used.

     * Sets the global Private DNS mode to opportunistic.

     * May only be called by the device owner.

     *

     * <p>Note that in case a Private DNS resolver is specified, the method is blocking as it

     * will perform a connectivity check to the resolver, to ensure it is valid. Because of that,

     * the method should not be called on any thread that relates to user interaction, such as the

     * UI thread.

     * <p>In this mode, the DNS subsystem will attempt a TLS handshake to the network-supplied

     * resolver prior to attempting name resolution in cleartext.

     *

     * @param admin which {@link DeviceAdminReceiver} this request is associated with.

     *

     * @return {@code PRIVATE_DNS_SET_SUCCESS} if the mode was set successfully, or

     *         {@code PRIVATE_DNS_SET_ERROR_FAILURE_SETTING} if it could not be set.

     *

     * @throws SecurityException if the caller is not the device owner.

     */

    public @PrivateDnsModeErrorCodes int setGlobalPrivateDnsModeOpportunistic(

            @NonNull ComponentName admin) {

        throwIfParentInstance("setGlobalPrivateDnsModeOpportunistic");



        if (mService == null) {

            return PRIVATE_DNS_SET_ERROR_FAILURE_SETTING;

        }



        try {

            return mService.setGlobalPrivateDns(admin, PRIVATE_DNS_MODE_OPPORTUNISTIC, null);

        } catch (RemoteException re) {

            throw re.rethrowFromSystemServer();

        }

    }



    /**

     * Sets the global Private DNS host to be used.

     * May only be called by the device owner.

     *

     * <p>Note that the method is blocking as it will perform a connectivity check to the resolver,

     * to ensure it is valid. Because of that, the method should not be called on any thread that

     * relates to user interaction, such as the UI thread.

     *

     * <p>In case a VPN is used in conjunction with Private DNS resolver, the Private DNS resolver

     * must be reachable both from within and outside the VPN. Otherwise, the device may lose
@@ -10464,41 +10491,35 @@ public class DevicePolicyManager { 
     * VPN.

     *

     * @param admin which {@link DeviceAdminReceiver} this request is associated with.

     * @param mode Which mode to set - either {@code PRIVATE_DNS_MODE_OPPORTUNISTIC} or

     *             {@code PRIVATE_DNS_MODE_PROVIDER_HOSTNAME}.

     *             Since the opportunistic mode defaults to ordinary DNS lookups, the

     *             option to turn it completely off is not available, so this method

     *             may not be called with {@code PRIVATE_DNS_MODE_OFF}.

     * @param privateDnsHost The hostname of a server that implements DNS over TLS (RFC7858), if

     *                       {@code PRIVATE_DNS_MODE_PROVIDER_HOSTNAME} was specified as the mode,

     *                       null otherwise.

     *

     * @return One of the values in {@link SetPrivateDnsModeResultConstants}.

     *

     * @throws IllegalArgumentException in the following cases: if a {@code privateDnsHost} was

     * provided but the mode was not {@code PRIVATE_DNS_MODE_PROVIDER_HOSTNAME}, if the mode

     * specified was {@code PRIVATE_DNS_MODE_PROVIDER_HOSTNAME} but {@code privateDnsHost} does

     * not look like a valid hostname, or if the mode specified is not one of the two valid modes.

     * @param privateDnsHost The hostname of a server that implements DNS over TLS (RFC7858).

     *

     * @return {@code PRIVATE_DNS_SET_SUCCESS} if the mode was set successfully,

     *         {@code PRIVATE_DNS_SET_ERROR_FAILURE_SETTING} if it could not be set or

     *         {@code PRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING} if the specified host does not

     *         implement RFC7858.

     *

     * @throws IllegalArgumentException if the {@code privateDnsHost} is not a valid hostname.

     *

     * @throws SecurityException if the caller is not the device owner.

     */

    public int setGlobalPrivateDns(@NonNull ComponentName admin,

            @PrivateDnsMode int mode, @Nullable String privateDnsHost) {

        throwIfParentInstance("setGlobalPrivateDns");

    @WorkerThread public @PrivateDnsModeErrorCodes int setGlobalPrivateDnsModeSpecifiedHost(

            @NonNull ComponentName admin, @NonNull String privateDnsHost) {

        throwIfParentInstance("setGlobalPrivateDnsModeSpecifiedHost");

        Preconditions.checkNotNull(privateDnsHost, "dns resolver is null");



        if (mService == null) {

            return PRIVATE_DNS_SET_ERROR_FAILURE_SETTING;

        }



        if (mode == PRIVATE_DNS_MODE_PROVIDER_HOSTNAME && !TextUtils.isEmpty(privateDnsHost)

                && NetworkUtils.isWeaklyValidatedHostname(privateDnsHost)) {

        if (NetworkUtils.isWeaklyValidatedHostname(privateDnsHost)) {

            if (!PrivateDnsConnectivityChecker.canConnectToPrivateDnsServer(privateDnsHost)) {

                return PRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING;

            }

        }



        try {

            return mService.setGlobalPrivateDns(admin, mode, privateDnsHost);

            return mService.setGlobalPrivateDns(

                    admin, PRIVATE_DNS_MODE_PROVIDER_HOSTNAME, privateDnsHost);

        } catch (RemoteException re) {

            throw re.rethrowFromSystemServer();

        }