Make PrivateDnsConfiguration report event to binder directly

#define LOG_TAG "PrivateDnsConfiguration"

#define DBG 0

#include "PrivateDnsConfiguration.h"

#include <log/log.h>

#include <netdb.h>

#include <sys/socket.h>

#include "DnsTlsTransport.h"

#include "PrivateDnsConfiguration.h"

#include "ResolverEventReporter.h"

#include "netd_resolv/resolv.h"

#include "netdutils/BackoffSequence.h"

using aidl::android::net::metrics::INetdEventListener;

int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark, const char** servers,

                                   const int numServers, const char* tlsName,

                                   const uint8_t** fingerprints, const int numFingerprint) {

    android::net::gPrivateDnsConfiguration.getStatus(netid, status);

}

void resolv_register_private_dns_callback(private_dns_validated_callback callback) {

    android::net::gPrivateDnsConfiguration.setCallback(callback);

}

namespace android {

using android::netdutils::BackoffSequence;

    return true;

}

void PrivateDnsConfiguration::setCallback(private_dns_validated_callback callback) {

    if (mCallback == nullptr) {

        mCallback = callback;

    }

}

int PrivateDnsConfiguration::set(int32_t netId, uint32_t mark,

                                 const std::vector<std::string>& servers, const std::string& name,

                                 const std::set<std::vector<uint8_t>>& fingerprints) {

                                                         PrivateDnsTracker& tracker, unsigned netId,

                                                         uint32_t mark) REQUIRES(mPrivateDnsLock) {

    if (DBG) {

        ALOGD("validatePrivateDnsProvider(%s, %u)", addrToString(&(server.ss)).c_str(), netId);

        ALOGD("validatePrivateDnsProvider(%s, %u)", addrToString(&server.ss).c_str(), netId);

    }

    tracker[server] = Validation::in_process;

    if (DBG) {

        ALOGD("Server %s marked as in_process.  Tracker now has size %zu",

              addrToString(&(server.ss)).c_str(), tracker.size());

              addrToString(&server.ss).c_str(), tracker.size());

    }

    // Note that capturing |server| and |netId| in this lambda create copies.

    std::thread validate_thread([this, server, netId, mark] {

            const bool success = DnsTlsTransport::validate(server, netId, mark);

            if (DBG) {

                ALOGD("validateDnsTlsServer returned %d for %s", success,

                      addrToString(&(server.ss)).c_str());

                      addrToString(&server.ss).c_str());

            }

            const bool needs_reeval = this->recordPrivateDnsValidation(server, netId, success);

    auto serverPair = tracker.find(server);

    if (serverPair == tracker.end()) {

        ALOGW("Server %s was removed during private DNS validation",

              addrToString(&(server.ss)).c_str());

              addrToString(&server.ss).c_str());

        success = false;

        reevaluationStatus = DONT_REEVALUATE;

    } else if (!(serverPair->first == server)) {

        // TODO: It doesn't seem correct to overwrite the tracker entry for

        // |server| down below in this circumstance... Fix this.

        ALOGW("Server %s was changed during private DNS validation",

              addrToString(&(server.ss)).c_str());

              addrToString(&server.ss).c_str());

        success = false;

        reevaluationStatus = DONT_REEVALUATE;

    }

    // Invoke the callback to send a validation event to NetdEventListenerService.

    if (mCallback != nullptr) {

        const std::string ipLiteral = addrToString(&(server.ss));

        const char* hostname = server.name.empty() ? "" : server.name.c_str();

        mCallback(netId, ipLiteral.c_str(), hostname, success);

    // Send a validation event to NetdEventListenerService.

    const std::shared_ptr<INetdEventListener> listener = ResolverEventReporter::getListener();

    if (listener != nullptr) {

        listener->onPrivateDnsValidationEvent(netId, addrToString(&server.ss), server.name,

                                              success);

        if (DBG) {

            ALOGD("Sent validation %s event on netId %u for %s with hostname %s",

                  success ? "success" : "failure", netId, addrToString(&server.ss).c_str(),

                  server.name.c_str());

        }

    } else {

        ALOGE("Validation event not sent since NetdEventListenerService is unavailable.");

    }

    if (success) {

        tracker[server] = Validation::success;

        if (DBG) {

            ALOGD("Validation succeeded for %s! Tracker now has %zu entries.",

                  addrToString(&(server.ss)).c_str(), tracker.size());

                  addrToString(&server.ss).c_str(), tracker.size());

        }

    } else {

        // Validation failure is expected if a user is on a captive portal.

        tracker[server] = (reevaluationStatus == NEEDS_REEVALUATION) ? Validation::in_process

                                                                     : Validation::fail;

        if (DBG) {

            ALOGD("Validation failed for %s!", addrToString(&(server.ss)).c_str());

            ALOGD("Validation failed for %s!", addrToString(&server.ss).c_str());

        }

    }

#include <list>

#include <map>

#include <mutex>

#include <vector>

#include <android-base/thread_annotations.h>

    // Externally used for netd.

    void getStatus(unsigned netId, ExternalPrivateDnsStatus* status);

    int getPrivateDnsModeAndStatus(unsigned netId);

    void clear(unsigned netId);

    void setCallback(private_dns_validated_callback callback);

  private:

    typedef std::map<DnsTlsServer, Validation, AddressComparator> PrivateDnsTracker;

    // Structure for tracking the validation status of servers on a specific netId.

    // Using the AddressComparator ensures at most one entry per IP address.

    std::map<unsigned, PrivateDnsTracker> mPrivateDnsTransports GUARDED_BY(mPrivateDnsLock);

    private_dns_validated_callback mCallback = nullptr;

};

extern PrivateDnsConfiguration gPrivateDnsConfiguration;

// libbinder_ndk or by converting IPermissionController into a stable AIDL interface.

typedef bool (*check_calling_permission_callback)(const char* permission);

// TODO: Remove the callback.

typedef void (*private_dns_validated_callback)(unsigned netid, const char* server,

                                               const char* hostname, bool success);

// TODO: Remove the callback after moving NAT64 prefix discovery out of netd to libnetd_resolv.

typedef bool (*get_dns64_prefix_callback)(unsigned netid, in6_addr* prefix, uint8_t* prefix_len);

LIBNETD_RESOLV_PUBLIC void resolv_get_private_dns_status_for_net(unsigned netid,

                                                                 ExternalPrivateDnsStatus* status);

// Register callback to listen whether private DNS validated

// TODO: Remove it. Use ResolverEventReporter instead.

LIBNETD_RESOLV_PUBLIC void resolv_register_private_dns_callback(

        private_dns_validated_callback callback);

// Delete the cache associated with a certain network

LIBNETD_RESOLV_PUBLIC void resolv_delete_cache_for_net(unsigned netid);

    bool (*resolv_init)(const dnsproxylistener_callbacks& callbacks);

    void (*resolv_register_private_dns_callback)(private_dns_validated_callback callback);

    int (*resolv_set_nameservers_for_net)(unsigned netid, const char** servers, unsigned numservers,

                                          const char* domains, const __res_params* params);

    resolv_get_private_dns_status_for_net;

    resolv_has_nameservers;

    resolv_init;

    resolv_register_private_dns_callback;

    resolv_set_nameservers_for_net;

    resolv_set_private_dns_for_net;

  local: