Stop checking IP address with the DoH list if the hostname is known am:... (2e604d3e) · Commits · e / os / android_packages_modules_DnsResolver

PrivateDnsConfiguration.h

+16 −5

Original line number	Original line	Diff line number	Diff line
	@@ -232,13 +232,24 @@ class PrivateDnsConfiguration {
	std::string host;		std::string host;
	std::string httpsTemplate;		std::string httpsTemplate;
	bool requireRootPermission;		bool requireRootPermission;
	base::Result<DohIdentity> getDohIdentity(const std::vector<std::string>& ips,
			base::Result<DohIdentity> getDohIdentity(const std::vector<std::string>& sortedValidIps,
	const std::string& host) const {		const std::string& host) const {
	if (!host.empty() && this->host != host) return Errorf("host {} not matched", host);		// If the private DNS hostname is known, `sortedValidIps` are the IP addresses
	for (const auto& ip : ips) {		// resolved from the hostname, and hostname verification will be performed during
	if (this->ips.find(ip) == this->ips.end()) continue;		// TLS handshake to ensure the validity of the server, so it's not necessary to
			// check the IP address.
			if (!host.empty()) {
			if (this->host != host) return Errorf("host {} not matched", host);
			if (!sortedValidIps.empty()) {
			const auto& ip = sortedValidIps[0];
			LOG(INFO) << fmt::format("getDohIdentity: {} {}", ip, host);
			return DohIdentity{httpsTemplate, ip, host, Validation::in_process};
			}
			}
			for (const auto& ip : sortedValidIps) {
			if (ips.find(ip) == ips.end()) continue;
	LOG(INFO) << fmt::format("getDohIdentity: {} {}", ip, host);		LOG(INFO) << fmt::format("getDohIdentity: {} {}", ip, host);
	// Only pick the first one for now.
	return DohIdentity{httpsTemplate, ip, host, Validation::in_process};		return DohIdentity{httpsTemplate, ip, host, Validation::in_process};
	}		}
	return Errorf("server not matched");		return Errorf("server not matched");