Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 30aabe37 authored by Mike Yu's avatar Mike Yu Committed by android-build-merger
Browse files

Merge "Change to use experiment flags to configure private DNS connect timeout" 

am: 0a5416f3

Change-Id: I791dafb24bf1b2f4913fcd42a887ace5a972a49d
parents fe7e8894 0a5416f3

DnsTlsServer.h

+3 −1
Original line number Diff line number Diff line
@@ -62,7 +62,9 @@ struct DnsTlsServer { 
    // The time to wait for the attempt on connecting to the server.

    // Set the default value 127 seconds to be consistent with TCP connect timeout.

    // (presume net.ipv4.tcp_syn_retries = 6)

    std::chrono::milliseconds connectTimeout = std::chrono::milliseconds(127 * 1000);

    std::chrono::milliseconds connectTimeout = std::chrono::milliseconds(kDotConnectTimeoutMs);



    static constexpr int kDotConnectTimeoutMs = 127 * 1000;



    // Exact comparison of DnsTlsServer objects

    bool operator<(const DnsTlsServer& other) const;

PrivateDnsConfiguration.cpp

+21 −13
Original line number Diff line number Diff line
@@ -19,9 +19,11 @@ 
#include "PrivateDnsConfiguration.h"



#include <android-base/logging.h>

#include <android-base/parseint.h>

#include <android-base/stringprintf.h>

#include <netdb.h>

#include <netdutils/ThreadUtil.h>

#include <server_configurable_flags/get_flags.h>

#include <sys/socket.h>



#include "DnsTlsTransport.h"
@@ -30,11 +32,23 @@ 
#include "netdutils/BackoffSequence.h"

#include "resolv_cache.h"



using android::base::ParseInt;

using server_configurable_flags::GetServerConfigurableFlag;

using std::chrono::milliseconds;



namespace android {

namespace net {



namespace {



milliseconds getTimeoutFromExperimentFlag(const std::string& flagName, const int defaultValue) {

    int val = defaultValue;

    ParseInt(GetServerConfigurableFlag("netd_native", flagName, ""), &val);

    return (val < 1000) ? milliseconds(1000) : milliseconds(val);

}



}  // namespace



std::string addrToString(const sockaddr_storage* addr) {

    char out[INET6_ADDRSTRLEN] = {0};

    getnameinfo((const sockaddr*) addr, sizeof(sockaddr_storage), out, INET6_ADDRSTRLEN, nullptr, 0,
@@ -62,30 +76,24 @@ bool parseServer(const char* server, sockaddr_storage* parsed) { 


int PrivateDnsConfiguration::set(int32_t netId, uint32_t mark,

                                 const std::vector<std::string>& servers, const std::string& name,

                                 const std::string& caCert, int32_t connectTimeoutMs) {

                                 const std::string& caCert) {

    LOG(DEBUG) << "PrivateDnsConfiguration::set(" << netId << ", 0x" << std::hex << mark << std::dec

               << ", " << servers.size() << ", " << name << ", " << connectTimeoutMs << "ms)";

               << ", " << servers.size() << ", " << name << ")";



    // Parse the list of servers that has been passed in

    std::set<DnsTlsServer> tlsServers;

    for (size_t i = 0; i < servers.size(); ++i) {

    for (const auto& s : servers) {

        sockaddr_storage parsed;

        if (!parseServer(servers[i].c_str(), &parsed)) {

        if (!parseServer(s.c_str(), &parsed)) {

            return -EINVAL;

        }

        DnsTlsServer server(parsed);

        server.name = name;

        server.certificate = caCert;



        // connectTimeoutMs = 0: use the default timeout value.

        // connectTimeoutMs < 0: invalid timeout value.

        if (connectTimeoutMs > 0) {

            // Set a specific timeout value but limit it to be at least 1 second.

            server.connectTimeout =

                    (connectTimeoutMs < 1000) ? milliseconds(1000) : milliseconds(connectTimeoutMs);

        }



        server.connectTimeout = getTimeoutFromExperimentFlag("dot_connect_timeout_ms",

                                                             DnsTlsServer::kDotConnectTimeoutMs);

        tlsServers.insert(server);

        LOG(DEBUG) << "Set DoT connect timeout " << server.connectTimeout.count() << "ms for " << s;

    }



    std::lock_guard guard(mPrivateDnsLock);

PrivateDnsConfiguration.h

+1 −2
Original line number Diff line number Diff line
@@ -53,8 +53,7 @@ struct PrivateDnsStatus { 
class PrivateDnsConfiguration {

  public:

    int set(int32_t netId, uint32_t mark, const std::vector<std::string>& servers,

            const std::string& name, const std::string& caCert, int32_t connectTimeoutMs)

            EXCLUDES(mPrivateDnsLock);

            const std::string& name, const std::string& caCert) EXCLUDES(mPrivateDnsLock);



    PrivateDnsStatus getStatus(unsigned netId) EXCLUDES(mPrivateDnsLock);

ResolverController.cpp

+3 −3
Original line number Diff line number Diff line
@@ -210,9 +210,9 @@ int ResolverController::setResolverConfiguration(const ResolverParamsParcel& res 
    if (tlsServers.size() > MAXNS) {

        tlsServers.resize(MAXNS);

    }

    const int err = gPrivateDnsConfiguration.set(

            resolverParams.netId, fwmark.intValue, tlsServers, resolverParams.tlsName,

            resolverParams.caCertificate, resolverParams.tlsConnectTimeoutMs);

    const int err =

            gPrivateDnsConfiguration.set(resolverParams.netId, fwmark.intValue, tlsServers,

                                         resolverParams.tlsName, resolverParams.caCertificate);



    if (err != 0) {

        return err;

binder/android/net/ResolverParamsParcel.aidl

+2 −0
Original line number Diff line number Diff line
@@ -93,6 +93,8 @@ parcelable ResolverParamsParcel { 
    /**

     * The timeout for the connection attempt to a Private DNS server.

     * It's initialized to 0 to use the predefined default value.

     * Setting a non-zero value to it takes no effect anymore. The timeout is configurable only

     * by the experiement flag.

     */

    int tlsConnectTimeoutMs = 0;

}