Remove ExternalPrivateDnsStatus (3e829060) · Commits · e / os / android_packages_modules_DnsResolver

DnsProxyListener.cpp

+4 −11

Original line number	Diff line number	Diff line
		@@ -118,18 +118,11 @@ constexpr bool requestingUseLocalNameservers(unsigned flags) {
		return (flags & NET_CONTEXT_FLAG_USE_LOCAL_NAMESERVERS) != 0;
		}

		inline bool queryingViaTls(unsigned dns_netid) {
		// TODO: The simpler PrivateDnsStatus should suffice here.
		ExternalPrivateDnsStatus privateDnsStatus = {PrivateDnsMode::OFF, 0, {}};
		gPrivateDnsConfiguration.getStatus(dns_netid, &privateDnsStatus);
		switch (static_cast<PrivateDnsMode>(privateDnsStatus.mode)) {
		bool queryingViaTls(unsigned dns_netid) {
		const auto privateDnsStatus = gPrivateDnsConfiguration.getStatus(dns_netid);
		switch (privateDnsStatus.mode) {
		case PrivateDnsMode::OPPORTUNISTIC:
		for (int i = 0; i < privateDnsStatus.numServers; i++) {
		if (privateDnsStatus.serverStatus[i].validation == Validation::success) {
		return true;
		}
		}
		return false;
		return !privateDnsStatus.validatedServers().empty();
		case PrivateDnsMode::STRICT:
		return true;
		default:

PrivateDnsConfiguration.cpp

+4 −25

Original line number	Diff line number	Diff line
		@@ -126,37 +126,13 @@ PrivateDnsStatus PrivateDnsConfiguration::getStatus(unsigned netId) {
		const auto netPair = mPrivateDnsTransports.find(netId);
		if (netPair != mPrivateDnsTransports.end()) {
		for (const auto& serverPair : netPair->second) {
		if (serverPair.second == Validation::success) {
		status.validatedServers.push_back(serverPair.first);
		}
		status.serversMap.emplace(serverPair.first, serverPair.second);
		}
		}

		return status;
		}

		void PrivateDnsConfiguration::getStatus(unsigned netId, ExternalPrivateDnsStatus* status) {
		std::lock_guard guard(mPrivateDnsLock);

		const auto mode = mPrivateDnsModes.find(netId);
		if (mode == mPrivateDnsModes.end()) return;
		status->mode = mode->second;

		const auto netPair = mPrivateDnsTransports.find(netId);
		if (netPair != mPrivateDnsTransports.end()) {
		int count = 0;
		for (const auto& serverPair : netPair->second) {
		status->serverStatus[count].ss = serverPair.first.ss;
		status->serverStatus[count].hostname =
		serverPair.first.name.empty() ? "" : serverPair.first.name.c_str();
		status->serverStatus[count].validation = serverPair.second;
		count++;
		if (count >= MAXNS) break; // Lose the rest
		}
		status->numServers = count;
		}
		}

		void PrivateDnsConfiguration::clear(unsigned netId) {
		LOG(DEBUG) << "PrivateDnsConfiguration::clear(" << netId << ")";
		std::lock_guard guard(mPrivateDnsLock);
		@@ -242,6 +218,9 @@ bool PrivateDnsConfiguration::recordPrivateDnsValidation(const DnsTlsServer& ser
		auto& tracker = netPair->second;
		auto serverPair = tracker.find(server);
		if (serverPair == tracker.end()) {
		// TODO: Consider not adding this server to the tracker since this server is not expected
		// to be one of the private DNS servers for this network now. This could prevent this
		// server from being included when dumping status.
		LOG(WARNING) << "Server " << addrToString(&server.ss)
		<< " was removed during private DNS validation";
		success = false;

PrivateDnsConfiguration.h

+16 −22

Original line number	Diff line number	Diff line
		@@ -14,8 +14,7 @@
		* limitations under the License.
		*/

		#ifndef NETD_RESOLV_PRIVATEDNSCONFIGURATION_H
		#define NETD_RESOLV_PRIVATEDNSCONFIGURATION_H
		#pragma once

		#include <list>
		#include <map>
		@@ -37,31 +36,28 @@ enum class Validation : uint8_t { in_process, success, fail, unknown_server, unk

		struct PrivateDnsStatus {
		PrivateDnsMode mode;
		std::list<DnsTlsServer> validatedServers;
		};

		// TODO: remove this C-style struct and use PrivateDnsStatus everywhere.
		struct ExternalPrivateDnsStatus {
		PrivateDnsMode mode;
		int numServers;
		struct PrivateDnsInfo {
		sockaddr_storage ss;
		const char* hostname;
		Validation validation;
		} serverStatus[MAXNS];
		std::map<DnsTlsServer, Validation, AddressComparator> serversMap;

		std::list<DnsTlsServer> validatedServers() const {
		std::list<DnsTlsServer> servers;

		for (const auto& pair : serversMap) {
		if (pair.second == Validation::success) {
		servers.push_back(pair.first);
		}
		}
		return servers;
		}
		};

		class PrivateDnsConfiguration {
		public:
		int set(int32_t netId, uint32_t mark, const std::vector<std::string>& servers,
		const std::string& name, const std::string& caCert);
		const std::string& name, const std::string& caCert) EXCLUDES(mPrivateDnsLock);

		PrivateDnsStatus getStatus(unsigned netId);
		PrivateDnsStatus getStatus(unsigned netId) EXCLUDES(mPrivateDnsLock);

		// DEPRECATED, use getStatus() above.
		void getStatus(unsigned netId, ExternalPrivateDnsStatus* status);

		void clear(unsigned netId);
		void clear(unsigned netId) EXCLUDES(mPrivateDnsLock);

		private:
		typedef std::map<DnsTlsServer, Validation, AddressComparator> PrivateDnsTracker;
		@@ -88,5 +84,3 @@ extern PrivateDnsConfiguration gPrivateDnsConfiguration;

		} // namespace net
		} // namespace android

		#endif /* NETD_RESOLV_PRIVATEDNSCONFIGURATION_H */

ResolverController.cpp

+10 −15

Original line number	Diff line number	Diff line
		@@ -249,11 +249,9 @@ int ResolverController::getResolverInfo(int32_t netId, std::vector<std::string>*
		// Serialize the information for binder.
		ResolverStats::encodeAll(res_stats, stats);

		ExternalPrivateDnsStatus privateDnsStatus = {PrivateDnsMode::OFF, 0, {}};
		gPrivateDnsConfiguration.getStatus(netId, &privateDnsStatus);
		for (int i = 0; i < privateDnsStatus.numServers; i++) {
		std::string tlsServer_str = addrToString(&(privateDnsStatus.serverStatus[i].ss));
		tlsServers->push_back(std::move(tlsServer_str));
		const auto privateDnsStatus = gPrivateDnsConfiguration.getStatus(netId);
		for (const auto& pair : privateDnsStatus.serversMap) {
		tlsServers->push_back(addrToString(&pair.first.ss));
		}

		params->resize(IDnsResolver::RESOLVER_PARAMS_COUNT);
		@@ -344,20 +342,17 @@ void ResolverController::dump(DumpWriter& dw, unsigned netId) {
		}

		mDns64Configuration.dump(dw, netId);
		ExternalPrivateDnsStatus privateDnsStatus = {PrivateDnsMode::OFF, 0, {}};
		gPrivateDnsConfiguration.getStatus(netId, &privateDnsStatus);
		const auto privateDnsStatus = gPrivateDnsConfiguration.getStatus(netId);
		dw.println("Private DNS mode: %s", getPrivateDnsModeString(privateDnsStatus.mode));
		if (!privateDnsStatus.numServers) {
		if (privateDnsStatus.serversMap.size() == 0) {
		dw.println("No Private DNS servers configured");
		} else {
		dw.println("Private DNS configuration (%u entries)", privateDnsStatus.numServers);
		dw.println("Private DNS configuration (%u entries)",
		static_cast<uint32_t>(privateDnsStatus.serversMap.size()));
		dw.incIndent();
		for (int i = 0; i < privateDnsStatus.numServers; i++) {
		dw.println("%s name{%s} status{%s}",
		addrToString(&(privateDnsStatus.serverStatus[i].ss)).c_str(),
		privateDnsStatus.serverStatus[i].hostname,
		validationStatusToString(static_cast<Validation>(
		privateDnsStatus.serverStatus[i].validation)));
		for (const auto& pair : privateDnsStatus.serversMap) {
		dw.println("%s name{%s} status{%s}", addrToString(&pair.first.ss).c_str(),
		pair.first.name.c_str(), validationStatusToString(pair.second));
		}
		dw.decIndent();
		}

res_send.cpp

+6 −4

Original line number	Diff line number	Diff line
		@@ -1223,7 +1223,7 @@ static int res_tls_send(res_state statp, const Slice query, const Slice answer,
		return -1;
		}

		if (privateDnsStatus.validatedServers.empty()) {
		if (privateDnsStatus.validatedServers().empty()) {
		if (privateDnsStatus.mode == PrivateDnsMode::OPPORTUNISTIC) {
		*fallback = true;
		return -1;
		@@ -1242,12 +1242,14 @@ static int res_tls_send(res_state statp, const Slice query, const Slice answer,
		// network change.
		for (int i = 0; i < 42; i++) {
		std::this_thread::sleep_for(std::chrono::milliseconds(100));
		if (!gPrivateDnsConfiguration.getStatus(netId).validatedServers.empty()) {
		// Calling getStatus() to merely check if there's any validated server seems
		// wasteful. Consider adding a new method in PrivateDnsConfiguration for speed ups.
		if (!gPrivateDnsConfiguration.getStatus(netId).validatedServers().empty()) {
		privateDnsStatus = gPrivateDnsConfiguration.getStatus(netId);
		break;
		}
		}
		if (privateDnsStatus.validatedServers.empty()) {
		if (privateDnsStatus.validatedServers().empty()) {
		return -1;
		}
		}
		@@ -1255,7 +1257,7 @@ static int res_tls_send(res_state statp, const Slice query, const Slice answer,

		LOG(INFO) << __func__ << ": performing query over TLS";

		const auto response = sDnsTlsDispatcher.query(privateDnsStatus.validatedServers, statp, query,
		const auto response = sDnsTlsDispatcher.query(privateDnsStatus.validatedServers(), statp, query,
		answer, &resplen);

		LOG(INFO) << __func__ << ": TLS query result: " << static_cast<int>(response);