Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2d0750b2 authored by Maciej Żenczykowski's avatar Maciej Żenczykowski Committed by Automerger Merge Worker
Browse files

Dns over TLS - lower mss for ipv4 by 8 am: 2c10321e 

Original change: https://android-review.googlesource.com/c/platform/packages/modules/DnsResolver/+/2574690



Change-Id: I48b1d47d2c44aa5496eb4077dd7b74b16da41699
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 775c74d3 2c10321e

DnsTlsSocket.cpp

+13 −17
Original line number Original line Diff line number Diff line
@@ -68,36 +68,32 @@ int waitForWriting(int fd, int timeoutMs = -1) { 
}  // namespace

}  // namespace





Status DnsTlsSocket::tcpConnect() {

Status DnsTlsSocket::tcpConnect() {

    if (mServer.protocol != IPPROTO_TCP) return Status(EPROTONOSUPPORT);



    LOG(DEBUG) << mMark << " connecting TCP socket";

    LOG(DEBUG) << mMark << " connecting TCP socket";

    int type = SOCK_NONBLOCK | SOCK_CLOEXEC;

    switch (mServer.protocol) {

        case IPPROTO_TCP:

            type |= SOCK_STREAM;

            break;

        default:

            return Status(EPROTONOSUPPORT);

    }





    mSslFd.reset(socket(mServer.ss.ss_family, type, mServer.protocol));

    mSslFd.reset(socket(mServer.ss.ss_family, SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0));

    if (mSslFd.get() == -1) {

    if (mSslFd.get() == -1) {

        PLOG(ERROR) << "Failed to create socket";

        const int err = errno;

        return Status(errno);

        PLOG(ERROR) << "Failed to create socket, errno=" << err;

        return Status(err);

    }

    }





    resolv_tag_socket(mSslFd.get(), AID_DNS, NET_CONTEXT_INVALID_PID);

    resolv_tag_socket(mSslFd.get(), AID_DNS, NET_CONTEXT_INVALID_PID);





    const socklen_t len = sizeof(mMark);

    const socklen_t len = sizeof(mMark);

    if (setsockopt(mSslFd.get(), SOL_SOCKET, SO_MARK, &mMark, len) == -1) {

    if (setsockopt(mSslFd.get(), SOL_SOCKET, SO_MARK, &mMark, len)) {

        const int err = errno;

        const int err = errno;

        PLOG(ERROR) << "Failed to set socket mark";

        PLOG(ERROR) << "Failed to set socket mark, errno=" << err;

        mSslFd.reset();

        mSslFd.reset();

        return Status(err);

        return Status(err);

    }

    }





    // Set TCP MSS to a suitably low value to be more reliable.

    // Set TCP MSS to a suitably low value to be more reliable.

    const int v = 1220;

    const int v = (mServer.ss.ss_family == AF_INET) ? 1212 : 1220;

    if (setsockopt(mSslFd.get(), SOL_TCP, TCP_MAXSEG, &v, sizeof(v)) == -1) {

    if (setsockopt(mSslFd.get(), SOL_TCP, TCP_MAXSEG, &v, sizeof(v))) {

        LOG(WARNING) << "Failed to set TCP_MAXSEG: " << errno;

        const int err = errno;

        LOG(WARNING) << "Failed to set TCP_MAXSEG, errno=" << err;

    }

    }





    const Status tfo = enableSockopt(mSslFd.get(), SOL_TCP, TCP_FASTOPEN_CONNECT);

    const Status tfo = enableSockopt(mSslFd.get(), SOL_TCP, TCP_FASTOPEN_CONNECT);
@@ -112,7 +108,7 @@ Status DnsTlsSocket::tcpConnect() { 
                sizeof(mServer.ss)) != 0 &&

                sizeof(mServer.ss)) != 0 &&

            errno != EINPROGRESS) {

            errno != EINPROGRESS) {

        const int err = errno;

        const int err = errno;

        PLOG(WARNING) << "Socket failed to connect";

        PLOG(WARNING) << "Socket failed to connect, errno=" << err;

        mSslFd.reset();

        mSslFd.reset();

        return Status(err);

        return Status(err);

    }

    }