Loading core/java/android/net/ConnectivityManager.java +29 −0 Original line number Original line Diff line number Diff line Loading @@ -619,6 +619,35 @@ public class ConnectivityManager { */ */ public static final int NETID_UNSET = 0; public static final int NETID_UNSET = 0; /** * Private DNS Mode values. * * The "private_dns_mode" global setting stores a String value which is * expected to be one of the following. */ /** * @hide */ public static final String PRIVATE_DNS_MODE_OFF = "off"; /** * @hide */ public static final String PRIVATE_DNS_MODE_OPPORTUNISTIC = "opportunistic"; /** * @hide */ public static final String PRIVATE_DNS_MODE_PROVIDER_HOSTNAME = "hostname"; /** * The default Private DNS mode. * * This may change from release to release or may become dependent upon * the capabilities of the underlying platform. * * @hide */ public static final String PRIVATE_DNS_DEFAULT_MODE = PRIVATE_DNS_MODE_OPPORTUNISTIC; private final IConnectivityManager mService; private final IConnectivityManager mService; /** /** * A kludge to facilitate static access where a Context pointer isn't available, like in the * A kludge to facilitate static access where a Context pointer isn't available, like in the Loading core/java/android/provider/Settings.java +14 −3 Original line number Original line Diff line number Diff line Loading @@ -9158,11 +9158,20 @@ public final class Settings { public static final String DEFAULT_DNS_SERVER = "default_dns_server"; public static final String DEFAULT_DNS_SERVER = "default_dns_server"; /** /** * Whether to disable DNS over TLS (boolean) * The requested Private DNS mode (string), and an accompanying specifier (string). * * * Currently, the specifier holds the chosen provider name when the mode requests * a specific provider. It may be used to store the provider name even when the * mode changes so that temporarily disabling and re-enabling the specific * provider mode does not necessitate retyping the provider hostname. * * @hide */ public static final String PRIVATE_DNS_MODE = "private_dns_mode"; /** * @hide * @hide */ */ public static final String DNS_TLS_DISABLED = "dns_tls_disabled"; public static final String PRIVATE_DNS_SPECIFIER = "private_dns_specifier"; /** {@hide} */ /** {@hide} */ public static final String public static final String Loading Loading @@ -10204,7 +10213,9 @@ public final class Settings { DOCK_AUDIO_MEDIA_ENABLED, DOCK_AUDIO_MEDIA_ENABLED, ENCODED_SURROUND_OUTPUT, ENCODED_SURROUND_OUTPUT, LOW_POWER_MODE_TRIGGER_LEVEL, LOW_POWER_MODE_TRIGGER_LEVEL, BLUETOOTH_ON BLUETOOTH_ON, PRIVATE_DNS_MODE, PRIVATE_DNS_SPECIFIER }; }; private static final ContentProviderHolder sProviderHolder = private static final ContentProviderHolder sProviderHolder = Loading core/tests/coretests/src/android/provider/SettingsBackupTest.java +0 −1 Original line number Original line Diff line number Diff line Loading @@ -177,7 +177,6 @@ public class SettingsBackupTest { Settings.Global.DNS_RESOLVER_MIN_SAMPLES, Settings.Global.DNS_RESOLVER_MIN_SAMPLES, Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, Settings.Global.DNS_TLS_DISABLED, Settings.Global.DOCK_SOUNDS_ENABLED_WHEN_ACCESSIBILITY, Settings.Global.DOCK_SOUNDS_ENABLED_WHEN_ACCESSIBILITY, Settings.Global.DOWNLOAD_MAX_BYTES_OVER_MOBILE, Settings.Global.DOWNLOAD_MAX_BYTES_OVER_MOBILE, Settings.Global.DOWNLOAD_RECOMMENDED_MAX_BYTES_OVER_MOBILE, Settings.Global.DOWNLOAD_RECOMMENDED_MAX_BYTES_OVER_MOBILE, Loading packages/SettingsLib/res/values/strings.xml +7 −5 Original line number Original line Diff line number Diff line Loading @@ -505,11 +505,13 @@ <!-- [CHAR LIMIT=NONE] Label for displaying Bluetooth Audio Codec Parameters while streaming --> <!-- [CHAR LIMIT=NONE] Label for displaying Bluetooth Audio Codec Parameters while streaming --> <string name="bluetooth_select_a2dp_codec_streaming_label">Streaming: <xliff:g id="streaming_parameter">%1$s</xliff:g></string> <string name="bluetooth_select_a2dp_codec_streaming_label">Streaming: <xliff:g id="streaming_parameter">%1$s</xliff:g></string> <!-- Title of the developer option for DNS over TLS. --> <!-- Developer option setting for Private DNS --> <string name="dns_tls">DNS over TLS</string> <string name="select_private_dns_configuration_title">Private DNS</string> <!-- Summary to explain the developer option for DNS over TLS. This allows the user to <string name="select_private_dns_configuration_dialog_title">Select Private DNS Mode</string> request that the system attempt TLS with all DNS servers, or none. --> <string name="private_dns_mode_off">Off</string> <string name="dns_tls_summary">If enabled, attempt DNS over TLS on port 853.</string> <string name="private_dns_mode_opportunistic">Opportunistic</string> <string name="private_dns_mode_provider">Private DNS provider hostname</string> <string name="private_dns_mode_provider_hostname_hint">Enter hostname of DNS provider</string> <!-- setting Checkbox summary whether to show options for wireless display certification --> <!-- setting Checkbox summary whether to show options for wireless display certification --> <string name="wifi_display_certification_summary">Show options for wireless display certification</string> <string name="wifi_display_certification_summary">Show options for wireless display certification</string> Loading services/core/java/com/android/server/NetworkManagementService.java +36 −7 Original line number Original line Diff line number Diff line Loading @@ -20,6 +20,9 @@ import static android.Manifest.permission.CONNECTIVITY_INTERNAL; import static android.Manifest.permission.DUMP; import static android.Manifest.permission.DUMP; import static android.Manifest.permission.NETWORK_STACK; import static android.Manifest.permission.NETWORK_STACK; import static android.Manifest.permission.SHUTDOWN; import static android.Manifest.permission.SHUTDOWN; import static android.net.ConnectivityManager.PRIVATE_DNS_DEFAULT_MODE; import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_OPPORTUNISTIC; import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_PROVIDER_HOSTNAME; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE; Loading Loading @@ -92,6 +95,7 @@ import android.telephony.DataConnectionRealTimeInfo; import android.telephony.PhoneStateListener; import android.telephony.PhoneStateListener; import android.telephony.SubscriptionManager; import android.telephony.SubscriptionManager; import android.telephony.TelephonyManager; import android.telephony.TelephonyManager; import android.text.TextUtils; import android.util.Log; import android.util.Log; import android.util.Slog; import android.util.Slog; import android.util.SparseBooleanArray; import android.util.SparseBooleanArray; Loading Loading @@ -1946,9 +1950,9 @@ public class NetworkManagementService extends INetworkManagementService.Stub public void setDnsConfigurationForNetwork(int netId, String[] servers, String domains) { public void setDnsConfigurationForNetwork(int netId, String[] servers, String domains) { mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); ContentResolver resolver = mContext.getContentResolver(); final ContentResolver cr = mContext.getContentResolver(); int sampleValidity = Settings.Global.getInt(resolver, int sampleValidity = Settings.Global.getInt(cr, Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS); DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS); if (sampleValidity < 0 || sampleValidity > 65535) { if (sampleValidity < 0 || sampleValidity > 65535) { Loading @@ -1957,7 +1961,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub sampleValidity = DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS; sampleValidity = DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS; } } int successThreshold = Settings.Global.getInt(resolver, int successThreshold = Settings.Global.getInt(cr, Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT); DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT); if (successThreshold < 0 || successThreshold > 100) { if (successThreshold < 0 || successThreshold > 100) { Loading @@ -1966,9 +1970,9 @@ public class NetworkManagementService extends INetworkManagementService.Stub successThreshold = DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT; successThreshold = DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT; } } int minSamples = Settings.Global.getInt(resolver, int minSamples = Settings.Global.getInt(cr, Settings.Global.DNS_RESOLVER_MIN_SAMPLES, DNS_RESOLVER_DEFAULT_MIN_SAMPLES); Settings.Global.DNS_RESOLVER_MIN_SAMPLES, DNS_RESOLVER_DEFAULT_MIN_SAMPLES); int maxSamples = Settings.Global.getInt(resolver, int maxSamples = Settings.Global.getInt(cr, Settings.Global.DNS_RESOLVER_MAX_SAMPLES, DNS_RESOLVER_DEFAULT_MAX_SAMPLES); Settings.Global.DNS_RESOLVER_MAX_SAMPLES, DNS_RESOLVER_DEFAULT_MAX_SAMPLES); if (minSamples < 0 || minSamples > maxSamples || maxSamples > 64) { if (minSamples < 0 || minSamples > maxSamples || maxSamples > 64) { Slog.w(TAG, "Invalid sample count (min, max)=(" + minSamples + ", " + maxSamples + Slog.w(TAG, "Invalid sample count (min, max)=(" + minSamples + ", " + maxSamples + Loading @@ -1980,8 +1984,24 @@ public class NetworkManagementService extends INetworkManagementService.Stub final String[] domainStrs = domains == null ? new String[0] : domains.split(" "); final String[] domainStrs = domains == null ? new String[0] : domains.split(" "); final int[] params = { sampleValidity, successThreshold, minSamples, maxSamples }; final int[] params = { sampleValidity, successThreshold, minSamples, maxSamples }; final boolean useTls = Settings.Global.getInt(resolver, final boolean useTls = shouldUseTls(cr); Settings.Global.DNS_TLS_DISABLED, 0) == 0; // TODO: Populate tlsHostname once it's decided how the hostname's IP // addresses will be resolved: // // [1] network-provided DNS servers are included here with the // hostname and netd will use the network-provided servers to // resolve the hostname and fix up its internal structures, or // // [2] network-provided DNS servers are included here without the // hostname, the ConnectivityService layer resolves the given // hostname, and then reconfigures netd with this information. // // In practice, there will always be a need for ConnectivityService or // the captive portal app to use the network-provided services to make // some queries. This argues in favor of [1], in concert with another // mechanism, perhaps setting a high bit in the netid, to indicate // via existing DNS APIs which set of servers (network-provided or // non-network-provided private DNS) should be queried. final String tlsHostname = ""; final String tlsHostname = ""; final String[] tlsFingerprints = new String[0]; final String[] tlsFingerprints = new String[0]; try { try { Loading @@ -1992,6 +2012,15 @@ public class NetworkManagementService extends INetworkManagementService.Stub } } } } private static boolean shouldUseTls(ContentResolver cr) { String privateDns = Settings.Global.getString(cr, Settings.Global.PRIVATE_DNS_MODE); if (TextUtils.isEmpty(privateDns)) { privateDns = PRIVATE_DNS_DEFAULT_MODE; } return privateDns.equals(PRIVATE_DNS_MODE_OPPORTUNISTIC) || privateDns.startsWith(PRIVATE_DNS_MODE_PROVIDER_HOSTNAME); } @Override @Override public void addVpnUidRanges(int netId, UidRange[] ranges) { public void addVpnUidRanges(int netId, UidRange[] ranges) { mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); Loading Loading
core/java/android/net/ConnectivityManager.java +29 −0 Original line number Original line Diff line number Diff line Loading @@ -619,6 +619,35 @@ public class ConnectivityManager { */ */ public static final int NETID_UNSET = 0; public static final int NETID_UNSET = 0; /** * Private DNS Mode values. * * The "private_dns_mode" global setting stores a String value which is * expected to be one of the following. */ /** * @hide */ public static final String PRIVATE_DNS_MODE_OFF = "off"; /** * @hide */ public static final String PRIVATE_DNS_MODE_OPPORTUNISTIC = "opportunistic"; /** * @hide */ public static final String PRIVATE_DNS_MODE_PROVIDER_HOSTNAME = "hostname"; /** * The default Private DNS mode. * * This may change from release to release or may become dependent upon * the capabilities of the underlying platform. * * @hide */ public static final String PRIVATE_DNS_DEFAULT_MODE = PRIVATE_DNS_MODE_OPPORTUNISTIC; private final IConnectivityManager mService; private final IConnectivityManager mService; /** /** * A kludge to facilitate static access where a Context pointer isn't available, like in the * A kludge to facilitate static access where a Context pointer isn't available, like in the Loading
core/java/android/provider/Settings.java +14 −3 Original line number Original line Diff line number Diff line Loading @@ -9158,11 +9158,20 @@ public final class Settings { public static final String DEFAULT_DNS_SERVER = "default_dns_server"; public static final String DEFAULT_DNS_SERVER = "default_dns_server"; /** /** * Whether to disable DNS over TLS (boolean) * The requested Private DNS mode (string), and an accompanying specifier (string). * * * Currently, the specifier holds the chosen provider name when the mode requests * a specific provider. It may be used to store the provider name even when the * mode changes so that temporarily disabling and re-enabling the specific * provider mode does not necessitate retyping the provider hostname. * * @hide */ public static final String PRIVATE_DNS_MODE = "private_dns_mode"; /** * @hide * @hide */ */ public static final String DNS_TLS_DISABLED = "dns_tls_disabled"; public static final String PRIVATE_DNS_SPECIFIER = "private_dns_specifier"; /** {@hide} */ /** {@hide} */ public static final String public static final String Loading Loading @@ -10204,7 +10213,9 @@ public final class Settings { DOCK_AUDIO_MEDIA_ENABLED, DOCK_AUDIO_MEDIA_ENABLED, ENCODED_SURROUND_OUTPUT, ENCODED_SURROUND_OUTPUT, LOW_POWER_MODE_TRIGGER_LEVEL, LOW_POWER_MODE_TRIGGER_LEVEL, BLUETOOTH_ON BLUETOOTH_ON, PRIVATE_DNS_MODE, PRIVATE_DNS_SPECIFIER }; }; private static final ContentProviderHolder sProviderHolder = private static final ContentProviderHolder sProviderHolder = Loading
core/tests/coretests/src/android/provider/SettingsBackupTest.java +0 −1 Original line number Original line Diff line number Diff line Loading @@ -177,7 +177,6 @@ public class SettingsBackupTest { Settings.Global.DNS_RESOLVER_MIN_SAMPLES, Settings.Global.DNS_RESOLVER_MIN_SAMPLES, Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, Settings.Global.DNS_TLS_DISABLED, Settings.Global.DOCK_SOUNDS_ENABLED_WHEN_ACCESSIBILITY, Settings.Global.DOCK_SOUNDS_ENABLED_WHEN_ACCESSIBILITY, Settings.Global.DOWNLOAD_MAX_BYTES_OVER_MOBILE, Settings.Global.DOWNLOAD_MAX_BYTES_OVER_MOBILE, Settings.Global.DOWNLOAD_RECOMMENDED_MAX_BYTES_OVER_MOBILE, Settings.Global.DOWNLOAD_RECOMMENDED_MAX_BYTES_OVER_MOBILE, Loading
packages/SettingsLib/res/values/strings.xml +7 −5 Original line number Original line Diff line number Diff line Loading @@ -505,11 +505,13 @@ <!-- [CHAR LIMIT=NONE] Label for displaying Bluetooth Audio Codec Parameters while streaming --> <!-- [CHAR LIMIT=NONE] Label for displaying Bluetooth Audio Codec Parameters while streaming --> <string name="bluetooth_select_a2dp_codec_streaming_label">Streaming: <xliff:g id="streaming_parameter">%1$s</xliff:g></string> <string name="bluetooth_select_a2dp_codec_streaming_label">Streaming: <xliff:g id="streaming_parameter">%1$s</xliff:g></string> <!-- Title of the developer option for DNS over TLS. --> <!-- Developer option setting for Private DNS --> <string name="dns_tls">DNS over TLS</string> <string name="select_private_dns_configuration_title">Private DNS</string> <!-- Summary to explain the developer option for DNS over TLS. This allows the user to <string name="select_private_dns_configuration_dialog_title">Select Private DNS Mode</string> request that the system attempt TLS with all DNS servers, or none. --> <string name="private_dns_mode_off">Off</string> <string name="dns_tls_summary">If enabled, attempt DNS over TLS on port 853.</string> <string name="private_dns_mode_opportunistic">Opportunistic</string> <string name="private_dns_mode_provider">Private DNS provider hostname</string> <string name="private_dns_mode_provider_hostname_hint">Enter hostname of DNS provider</string> <!-- setting Checkbox summary whether to show options for wireless display certification --> <!-- setting Checkbox summary whether to show options for wireless display certification --> <string name="wifi_display_certification_summary">Show options for wireless display certification</string> <string name="wifi_display_certification_summary">Show options for wireless display certification</string> Loading
services/core/java/com/android/server/NetworkManagementService.java +36 −7 Original line number Original line Diff line number Diff line Loading @@ -20,6 +20,9 @@ import static android.Manifest.permission.CONNECTIVITY_INTERNAL; import static android.Manifest.permission.DUMP; import static android.Manifest.permission.DUMP; import static android.Manifest.permission.NETWORK_STACK; import static android.Manifest.permission.NETWORK_STACK; import static android.Manifest.permission.SHUTDOWN; import static android.Manifest.permission.SHUTDOWN; import static android.net.ConnectivityManager.PRIVATE_DNS_DEFAULT_MODE; import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_OPPORTUNISTIC; import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_PROVIDER_HOSTNAME; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE; import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE; Loading Loading @@ -92,6 +95,7 @@ import android.telephony.DataConnectionRealTimeInfo; import android.telephony.PhoneStateListener; import android.telephony.PhoneStateListener; import android.telephony.SubscriptionManager; import android.telephony.SubscriptionManager; import android.telephony.TelephonyManager; import android.telephony.TelephonyManager; import android.text.TextUtils; import android.util.Log; import android.util.Log; import android.util.Slog; import android.util.Slog; import android.util.SparseBooleanArray; import android.util.SparseBooleanArray; Loading Loading @@ -1946,9 +1950,9 @@ public class NetworkManagementService extends INetworkManagementService.Stub public void setDnsConfigurationForNetwork(int netId, String[] servers, String domains) { public void setDnsConfigurationForNetwork(int netId, String[] servers, String domains) { mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); ContentResolver resolver = mContext.getContentResolver(); final ContentResolver cr = mContext.getContentResolver(); int sampleValidity = Settings.Global.getInt(resolver, int sampleValidity = Settings.Global.getInt(cr, Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS); DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS); if (sampleValidity < 0 || sampleValidity > 65535) { if (sampleValidity < 0 || sampleValidity > 65535) { Loading @@ -1957,7 +1961,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub sampleValidity = DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS; sampleValidity = DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS; } } int successThreshold = Settings.Global.getInt(resolver, int successThreshold = Settings.Global.getInt(cr, Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT); DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT); if (successThreshold < 0 || successThreshold > 100) { if (successThreshold < 0 || successThreshold > 100) { Loading @@ -1966,9 +1970,9 @@ public class NetworkManagementService extends INetworkManagementService.Stub successThreshold = DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT; successThreshold = DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT; } } int minSamples = Settings.Global.getInt(resolver, int minSamples = Settings.Global.getInt(cr, Settings.Global.DNS_RESOLVER_MIN_SAMPLES, DNS_RESOLVER_DEFAULT_MIN_SAMPLES); Settings.Global.DNS_RESOLVER_MIN_SAMPLES, DNS_RESOLVER_DEFAULT_MIN_SAMPLES); int maxSamples = Settings.Global.getInt(resolver, int maxSamples = Settings.Global.getInt(cr, Settings.Global.DNS_RESOLVER_MAX_SAMPLES, DNS_RESOLVER_DEFAULT_MAX_SAMPLES); Settings.Global.DNS_RESOLVER_MAX_SAMPLES, DNS_RESOLVER_DEFAULT_MAX_SAMPLES); if (minSamples < 0 || minSamples > maxSamples || maxSamples > 64) { if (minSamples < 0 || minSamples > maxSamples || maxSamples > 64) { Slog.w(TAG, "Invalid sample count (min, max)=(" + minSamples + ", " + maxSamples + Slog.w(TAG, "Invalid sample count (min, max)=(" + minSamples + ", " + maxSamples + Loading @@ -1980,8 +1984,24 @@ public class NetworkManagementService extends INetworkManagementService.Stub final String[] domainStrs = domains == null ? new String[0] : domains.split(" "); final String[] domainStrs = domains == null ? new String[0] : domains.split(" "); final int[] params = { sampleValidity, successThreshold, minSamples, maxSamples }; final int[] params = { sampleValidity, successThreshold, minSamples, maxSamples }; final boolean useTls = Settings.Global.getInt(resolver, final boolean useTls = shouldUseTls(cr); Settings.Global.DNS_TLS_DISABLED, 0) == 0; // TODO: Populate tlsHostname once it's decided how the hostname's IP // addresses will be resolved: // // [1] network-provided DNS servers are included here with the // hostname and netd will use the network-provided servers to // resolve the hostname and fix up its internal structures, or // // [2] network-provided DNS servers are included here without the // hostname, the ConnectivityService layer resolves the given // hostname, and then reconfigures netd with this information. // // In practice, there will always be a need for ConnectivityService or // the captive portal app to use the network-provided services to make // some queries. This argues in favor of [1], in concert with another // mechanism, perhaps setting a high bit in the netid, to indicate // via existing DNS APIs which set of servers (network-provided or // non-network-provided private DNS) should be queried. final String tlsHostname = ""; final String tlsHostname = ""; final String[] tlsFingerprints = new String[0]; final String[] tlsFingerprints = new String[0]; try { try { Loading @@ -1992,6 +2012,15 @@ public class NetworkManagementService extends INetworkManagementService.Stub } } } } private static boolean shouldUseTls(ContentResolver cr) { String privateDns = Settings.Global.getString(cr, Settings.Global.PRIVATE_DNS_MODE); if (TextUtils.isEmpty(privateDns)) { privateDns = PRIVATE_DNS_DEFAULT_MODE; } return privateDns.equals(PRIVATE_DNS_MODE_OPPORTUNISTIC) || privateDns.startsWith(PRIVATE_DNS_MODE_PROVIDER_HOSTNAME); } @Override @Override public void addVpnUidRanges(int netId, UidRange[] ranges) { public void addVpnUidRanges(int netId, UidRange[] ranges) { mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); Loading
