Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 37ade6cc authored by Ken Chen's avatar Ken Chen
Browse files

Add a function to query enforceDnsUid setting 

The "DNS query fail-fast when network access is restricted" feature
needs to know whether the enforceDnsUid is set or not in
DnsProxyListener.

Bug: 288340533
Test: atest resolv_unit_test:ResolvCacheTest#IsEnforceDnsUidEnabled
Change-Id: I8e7a5d5d030602eced05c6f7f3809a57bfabebc3
parent 592e8227

res_cache.cpp

+9 −1
Original line number Diff line number Diff line
@@ -2102,3 +2102,11 @@ int resolv_get_max_cache_entries(unsigned netid) { 
    }

    return info->cache->get_max_cache_entries();

}



bool resolv_is_enforceDnsUid_enabled_network(unsigned netid) {

    std::lock_guard guard(cache_mutex);

    if (const auto info = find_netconfig_locked(netid); info != nullptr) {

        return info->enforceDnsUid;

    }

    return false;

}

resolv_cache.h

+3 −0
Original line number Diff line number Diff line
@@ -143,3 +143,6 @@ void resolv_netconfig_dump(android::netdutils::DumpWriter& dw, unsigned netid); 
// Get the maximum cache size of a network.

// Return positive value on success, -1 on failure.

int resolv_get_max_cache_entries(unsigned netid);



// Return true if the enforceDnsUid is enabled on the network.

bool resolv_is_enforceDnsUid_enabled_network(unsigned netid);

tests/resolv_cache_unit_test.cpp

+32 −0
Original line number Diff line number Diff line
@@ -928,6 +928,38 @@ TEST_F(ResolvCacheTest, GetResolverStats) { 
    }

}



TEST_F(ResolvCacheTest, IsEnforceDnsUidEnabled) {

    const SetupParams unenforcedDnsUidCfg = {

            .servers = {"127.0.0.1", "::127.0.0.2", "fe80::3"},

            .domains = {"domain1.com", "domain2.com"},

            .params = kParams,

    };

    // Network #1

    EXPECT_EQ(0, cacheCreate(TEST_NETID));

    EXPECT_EQ(0, cacheSetupResolver(TEST_NETID, unenforcedDnsUidCfg));

    EXPECT_FALSE(resolv_is_enforceDnsUid_enabled_network(TEST_NETID));



    // Network #2

    EXPECT_EQ(0, cacheCreate(TEST_NETID + 1));

    EXPECT_EQ(0, cacheSetupResolver(TEST_NETID + 1, unenforcedDnsUidCfg));

    EXPECT_FALSE(resolv_is_enforceDnsUid_enabled_network(TEST_NETID + 1));



    // Change the enforceDnsUid setting on network #1

    const SetupParams enforcedDnsUidCfg = {

            .servers = {"127.0.0.1", "::127.0.0.2", "fe80::3"},

            .domains = {"domain1.com", "domain2.com"},

            .params = kParams,

            .resolverOptions = {.enforceDnsUid = true},

    };

    EXPECT_EQ(0, cacheSetupResolver(TEST_NETID, enforcedDnsUidCfg));

    EXPECT_TRUE(resolv_is_enforceDnsUid_enabled_network(TEST_NETID));



    // Network #2 is unaffected

    EXPECT_FALSE(resolv_is_enforceDnsUid_enabled_network(TEST_NETID + 1));



    // Returns false on non-existent network

    EXPECT_FALSE(resolv_is_enforceDnsUid_enabled_network(TEST_NETID + 2));

}

namespace {



constexpr int EAI_OK = 0;