Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3fbd9cac authored by android-build-team Robot's avatar android-build-team Robot
Browse files

Snap for 6035658 from aa15cb27 to rvc-release 

Change-Id: Iea2a60ff56546a010ce981f03ae052dc38073d72
parents eda94efc aa15cb27

Android.bp

+1 −39
Original line number Diff line number Diff line
@@ -151,45 +151,7 @@ cc_library_static { 
    ],

}



cc_test {

    name: "resolv_integration_test",

    test_suites: ["device-tests"],

    require_root: true,

    defaults: ["netd_defaults"],

    tidy: false, // cuts test build time by > 1m30s

    srcs: [

        "tests/dns_responder/dns_responder.cpp",

        "dnsresolver_binder_test.cpp",

        "resolv_integration_test.cpp",

    ],

    header_libs: [

        "libnetd_resolv_headers",

    ],

    shared_libs: [

        "libbpf_android",

        "libbinder",

        "libcrypto",

        "liblog",

        "libnetd_client",

        "libssl",

        "libutils",

    ],

    static_libs: [

        "dnsresolver_aidl_interface-unstable-cpp",

        "libbase",

        "libgmock",

        "libnetd_test_dnsresponder",

        "libnetd_test_metrics_listener",

        "libnetd_test_resolv_utils",

        "libnetd_test_tun_interface",

        "libnetd_test_utils",

        "libnetdutils",

        "netd_aidl_interface-cpp",

        "netd_event_listener_interface-cpp",

    ],

    compile_multilib: "both",

}



// TODO: Move this test to tests/

cc_test {

    name: "resolv_unit_test",

    test_suites: ["device-tests"],

DnsResolverService.cpp

+7 −0
Original line number Diff line number Diff line
@@ -166,6 +166,13 @@ binder_status_t DnsResolverService::dump(int fd, const char**, uint32_t) { 
        const ResolverParamsParcel& resolverParams) {

    // Locking happens in PrivateDnsConfiguration and res_* functions.

    ENFORCE_INTERNAL_PERMISSIONS();



    uid_t uid = AIBinder_getCallingUid();

    if (resolverParams.caCertificate.size() != 0 && uid == AID_SYSTEM) {

        auto err = StringPrintf("UID %d is not authorized to set a non-empty CA certificate", uid);

        return ::ndk::ScopedAStatus(AStatus_fromExceptionCodeWithMessage(EX_SECURITY, err.c_str()));

    }



    // TODO: Remove this log after AIDL gen_log supporting more types, b/129732660

    auto entry =

            gDnsResolverLog.newEntry()

DnsTlsSocket.cpp

+3 −1
Original line number Diff line number Diff line
@@ -160,7 +160,9 @@ bool DnsTlsSocket::initialize() { 
    // For discussion of alternative, sustainable approaches see b/71909242.

    if (RESOLV_INJECT_CA_CERTIFICATE && !mServer.certificate.empty()) {

        // Inject test CA certs from ResolverParamsParcel.caCertificate for internal testing.

        LOG(WARNING) << "test CA certificate is valid";

        // This is only allowed by DnsResolverService if the caller is not AID_SYSTEM, and on

        // debug builds.

        LOG(WARNING) << "Setting test CA certificate. This should never happen in production code.";

        if (!setTestCaCertificate()) {

            LOG(ERROR) << "Failed to set test CA certificate";

            return false;

res_cache.cpp

+125 −173

File changed.

Preview size limit exceeded, changes collapsed.

resolv_cache_unit_test.cpp

+1 −1
Original line number Diff line number Diff line
@@ -902,7 +902,7 @@ TEST_F(ResolvCacheTest, DnsEventSubsampling) { 
    }

}



// TODO: Tests for struct resolv_cache_info, including:

// TODO: Tests for NetConfig, including:

//     - res_params

//         -- resolv_cache_get_resolver_stats()

//     - res_stats