Backwards-incompatible resolv module API change for making... (37255186) · Commits · e / os / android_packages_modules_DnsResolver

Android.bp

+1 −0

Original line number	Diff line number	Diff line
		@@ -8,6 +8,7 @@ aidl_interface {
		local_include_dir: "binder",
		srcs: [
		"binder/android/net/IDnsResolver.aidl",
		"binder/android/net/ResolverParamsParcel.aidl",
		],
		imports: [
		"netd_event_listener_interface",

DnsResolverService.cpp

+9 −8

Original line number	Diff line number	Diff line
		@@ -36,6 +36,7 @@
		#include "netdutils/DumpWriter.h"
		#include "resolv_cache.h"

		using aidl::android::net::ResolverParamsParcel;
		using android::base::Join;
		using android::base::StringPrintf;
		using android::netdutils::DumpWriter;
		@@ -186,19 +187,19 @@ static std::vector<uint8_t> parseBase64(const std::string& input) {
		} // namespace

		::ndk::ScopedAStatus DnsResolverService::setResolverConfiguration(
		int32_t netId, const std::vector<std::string>& servers,
		const std::vector<std::string>& domains, const std::vector<int32_t>& params,
		const std::string& tlsName, const std::vector<std::string>& tlsServers,
		const std::vector<std::string>& tlsFingerprints) {
		const ResolverParamsParcel& resolverParams) {
		// Locking happens in PrivateDnsConfiguration and res_* functions.
		ENFORCE_INTERNAL_PERMISSIONS();
		auto entry =
		gDnsResolverLog.newEntry()
		.prettyFunction(__PRETTY_FUNCTION__)
		.args(netId, servers, domains, params, tlsName, tlsServers, tlsFingerprints);
		.args(resolverParams.netId, resolverParams.servers, resolverParams.domains,
		resolverParams.sampleValiditySeconds, resolverParams.successThreshold,
		resolverParams.minSamples, resolverParams.maxSamples,
		resolverParams.baseTimeoutMsec, resolverParams.retryCount);

		std::set<std::vector<uint8_t>> decoded_fingerprints;
		for (const std::string& fingerprint : tlsFingerprints) {
		for (const std::string& fingerprint : resolverParams.tlsFingerprints) {
		std::vector<uint8_t> decoded = parseBase64(fingerprint);
		if (decoded.empty()) {
		return ::ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
		@@ -207,8 +208,8 @@ static std::vector<uint8_t> parseBase64(const std::string& input) {
		decoded_fingerprints.emplace(decoded);
		}

		int err = gDnsResolv->resolverCtrl.setResolverConfiguration(
		netId, servers, domains, params, tlsName, tlsServers, decoded_fingerprints);
		int err =
		gDnsResolv->resolverCtrl.setResolverConfiguration(resolverParams, decoded_fingerprints);

		gResNetdCallbacks.log(entry.returns(err).withAutomaticDuration().toString().c_str());
		if (err != 0) {

DnsResolverService.h

+2 −4

Original line number	Diff line number	Diff line
		@@ -20,6 +20,7 @@
		#include <vector>

		#include <aidl/android/net/BnDnsResolver.h>
		#include <aidl/android/net/ResolverParamsParcel.h>
		#include <android/binder_ibinder.h>

		#include "netd_resolv/resolv.h"
		@@ -41,10 +42,7 @@ class DnsResolverService : public aidl::android::net::BnDnsResolver {

		// Resolver commands.
		::ndk::ScopedAStatus setResolverConfiguration(
		int32_t netId, const std::vector<std::string>& servers,
		const std::vector<std::string>& domains, const std::vector<int32_t>& params,
		const std::string& tlsName, const std::vector<std::string>& tlsServers,
		const std::vector<std::string>& tlsFingerprints) override;
		const aidl::android::net::ResolverParamsParcel& resolverParams) override;
		::ndk::ScopedAStatus getResolverInfo(
		int32_t netId, std::vector<std::string>* servers, std::vector<std::string>* domains,
		std::vector<std::string>* tlsServers, std::vector<int32_t>* params,

ResolverController.cpp

+22 −39

Original line number	Diff line number	Diff line
		@@ -38,6 +38,7 @@
		#include "netd_resolv/stats.h"

		using namespace std::placeholders;
		using aidl::android::net::ResolverParamsParcel;

		namespace android {

		@@ -195,24 +196,15 @@ int ResolverController::clearDnsServers(unsigned netId) {
		// resolv_delete_private_dns_for_net()
		// resolv_get_private_dns_status_for_net()
		int ResolverController::setResolverConfiguration(
		int32_t netId, const std::vector<std::string>& servers,
		const std::vector<std::string>& domains, const std::vector<int32_t>& params,
		const std::string& tlsName, const std::vector<std::string>& tlsServers,
		const ResolverParamsParcel& resolverParams,
		const std::set<std::vector<uint8_t>>& tlsFingerprints) {
		using aidl::android::net::IDnsResolver;
		// TODO: make RESOLVER_PARAMS_BASE_TIMEOUT_MSEC a mandatory parameter once all callers
		// have been updated to specify it.
		if (params.size() < IDnsResolver::RESOLVER_PARAMS_BASE_TIMEOUT_MSEC \|\|
		params.size() > IDnsResolver::RESOLVER_PARAMS_COUNT) {
		ALOGE("%s: params.size()=%zu", __FUNCTION__, params.size());
		return -EINVAL;
		}

		std::vector<const char*> server_ptrs;
		size_t count = std::min<size_t>(MAXNS, tlsServers.size());
		size_t count = std::min<size_t>(MAXNS, resolverParams.tlsServers.size());
		server_ptrs.reserve(count);
		for (size_t i = 0; i < count; i++) {
		server_ptrs.push_back(tlsServers[i].data());
		server_ptrs.push_back(resolverParams.tlsServers[i].data());
		}

		std::vector<const uint8_t*> fingerprint_ptrs;
		@@ -225,53 +217,44 @@ int ResolverController::setResolverConfiguration(
		// At private DNS validation time, we only know the netId, so we have to guess/compute the
		// corresponding socket mark.
		Fwmark fwmark;
		fwmark.netId = netId;
		fwmark.netId = resolverParams.netId;
		fwmark.explicitlySelected = true;
		fwmark.protectedFromVpn = true;
		fwmark.permission = PERMISSION_SYSTEM;

		// TODO: Change resolv_set_private_dns_for_net() to take a vector directly.
		const int err = resolv_set_private_dns_for_net(
		netId, fwmark.intValue, server_ptrs.data(), server_ptrs.size(), tlsName.c_str(),
		fingerprint_ptrs.data(), fingerprint_ptrs.size());
		resolverParams.netId, fwmark.intValue, server_ptrs.data(), server_ptrs.size(),
		resolverParams.tlsName.c_str(), fingerprint_ptrs.data(), fingerprint_ptrs.size());
		if (err != 0) {
		return err;
		}

		// Convert network-assigned server list to bionic's format.
		server_ptrs.clear();
		count = std::min<size_t>(MAXNS, servers.size());
		count = std::min<size_t>(MAXNS, resolverParams.servers.size());
		server_ptrs.reserve(count);
		for (size_t i = 0; i < count; ++i) {
		server_ptrs.push_back(servers[i].c_str());
		server_ptrs.push_back(resolverParams.servers[i].c_str());
		}

		std::string domains_str;
		if (!domains.empty()) {
		domains_str = domains[0];
		count = std::min<size_t>(MAXDNSRCH, domains.size());
		for (size_t i = 1; i < count; ++i) {
		domains_str += " " + domains[i];
		}
		}
		std::string domains_str = android::base::Join(resolverParams.domains, " ");

		// TODO: Change resolv_set_nameservers_for_net() to use ResolverParamsParcel directly.
		res_params res_params = {};
		res_params.sample_validity = params[IDnsResolver::RESOLVER_PARAMS_SAMPLE_VALIDITY];
		res_params.success_threshold = params[IDnsResolver::RESOLVER_PARAMS_SUCCESS_THRESHOLD];
		res_params.min_samples = params[IDnsResolver::RESOLVER_PARAMS_MIN_SAMPLES];
		res_params.max_samples = params[IDnsResolver::RESOLVER_PARAMS_MAX_SAMPLES];
		if (params.size() > IDnsResolver::RESOLVER_PARAMS_BASE_TIMEOUT_MSEC) {
		res_params.base_timeout_msec = params[IDnsResolver::RESOLVER_PARAMS_BASE_TIMEOUT_MSEC];
		}
		if (params.size() > IDnsResolver::RESOLVER_PARAMS_RETRY_COUNT) {
		res_params.retry_count = params[IDnsResolver::RESOLVER_PARAMS_RETRY_COUNT];
		}
		res_params.sample_validity = resolverParams.sampleValiditySeconds;
		res_params.success_threshold = resolverParams.successThreshold;
		res_params.min_samples = resolverParams.minSamples;
		res_params.max_samples = resolverParams.maxSamples;
		res_params.base_timeout_msec = resolverParams.baseTimeoutMsec;
		res_params.retry_count = resolverParams.retryCount;

		if (DBG) {
		ALOGD("setDnsServers netId = %u, numservers = %d", netId,
		static_cast<int>(domains_str.size()));
		ALOGD("setDnsServers netId = %u, numservers = %zu", resolverParams.netId,
		resolverParams.domains.size());
		}
		return -resolv_set_nameservers_for_net(netId, server_ptrs.data(), server_ptrs.size(),
		domains_str.c_str(), &res_params);
		return -resolv_set_nameservers_for_net(resolverParams.netId, server_ptrs.data(),
		server_ptrs.size(), domains_str.c_str(), &res_params);
		}

		int ResolverController::getResolverInfo(int32_t netId, std::vector<std::string>* servers,

ResolverController.h

+3 −5

Original line number	Diff line number	Diff line
		@@ -21,6 +21,7 @@
		#include <set>
		#include <vector>

		#include <aidl/android/net/ResolverParamsParcel.h>
		#include "Dns64Configuration.h"
		#include "netd_resolv/resolv.h"
		#include "netdutils/DumpWriter.h"
		@@ -41,12 +42,9 @@ class ResolverController {

		int getPrefix64(unsigned netId, netdutils::IPPrefix* prefix);

		// Binder specific functions, which convert between the binder int/string arrays and the
		// Binder specific functions, which convert between the ResolverParamsParcel and the
		// actual data structures, and call setDnsServer() / getDnsInfo() for the actual processing.
		int setResolverConfiguration(int32_t netId, const std::vector<std::string>& servers,
		const std::vector<std::string>& domains,
		const std::vector<int32_t>& params, const std::string& tlsName,
		const std::vector<std::string>& tlsServers,
		int setResolverConfiguration(const aidl::android::net::ResolverParamsParcel& resolverParams,
		const std::set<std::vector<uint8_t>>& tlsFingerprints);

		int getResolverInfo(int32_t netId, std::vector<std::string>* servers,