Loading PrivateDnsConfiguration.cpp +4 −0 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ #include <android-base/format.h> #include <android-base/logging.h> #include <android-base/stringprintf.h> #include <android/binder_ibinder.h> #include <netdutils/Slice.h> #include <netdutils/ThreadUtil.h> #include <sys/socket.h> Loading Loading @@ -444,6 +445,9 @@ int PrivateDnsConfiguration::setDoh(int32_t netId, uint32_t mark, const auto& doh = entry.getDohIdentity(sortedServers, name); if (!doh.ok()) continue; // The internal tests are supposed to have root permission. if (entry.forTesting && AIBinder_getCallingUid() != AID_ROOT) continue; auto it = mDohTracker.find(netId); // Skip if the same server already exists and its status == success. if (it != mDohTracker.end() && it->second == doh.value() && Loading PrivateDnsConfiguration.h +13 −3 Original line number Diff line number Diff line Loading @@ -200,6 +200,7 @@ class PrivateDnsConfiguration { std::set<std::string> ips; std::string host; std::string httpsTemplate; bool forTesting; base::Result<DohIdentity> getDohIdentity(const std::vector<std::string>& ips, const std::string& host) const { if (!host.empty() && this->host != host) return Errorf("host {} not matched", host); Loading @@ -215,15 +216,24 @@ class PrivateDnsConfiguration { // TODO: Move below DoH relevant stuff into Rust implementation. std::map<unsigned, DohIdentity> mDohTracker GUARDED_BY(mPrivateDnsLock); std::array<DohProviderEntry, 2> mAvailableDoHProviders = {{ std::array<DohProviderEntry, 3> mAvailableDoHProviders = {{ {"Google", {"2001:4860:4860::8888", "2001:4860:4860::8844", "8.8.8.8", "8.8.4.4"}, "dns.google", "https://dns.google/dns-query"}, "https://dns.google/dns-query", false}, {"Cloudflare", {"2606:4700::6810:f8f9", "2606:4700::6810:f9f9", "104.16.248.249", "104.16.249.249"}, "cloudflare-dns.com", "https://cloudflare-dns.com/dns-query"}, "https://cloudflare-dns.com/dns-query", false}, // The DoH provider for testing. {"ResolverTestProvider", {"127.0.0.3", "::1"}, "example.com", "https://example.com/dns-query", true}, }}; struct RecordEntry { Loading res_send.cpp +3 −2 Original line number Diff line number Diff line Loading @@ -134,6 +134,7 @@ using android::net::IV_IPV6; using android::net::IV_UNKNOWN; using android::net::LinuxErrno; using android::net::NetworkDnsEventReported; using android::net::NS_T_AAAA; using android::net::NS_T_INVALID; using android::net::NsRcode; using android::net::NsType; Loading Loading @@ -472,7 +473,7 @@ int res_nsend(ResState* statp, const uint8_t* buf, int buflen, uint8_t* ans, int Stopwatch queryStopwatch; resplen = send_mdns(statp, buffer, ans, anssiz, &terrno, rcode); const IPSockAddr& receivedMdnsAddr = (getQueryType(buf, buflen) == T_AAAA) ? mdns_addrs[0] : mdns_addrs[1]; (getQueryType(buf, buflen) == NS_T_AAAA) ? mdns_addrs[0] : mdns_addrs[1]; DnsQueryEvent* mDnsQueryEvent = addDnsQueryEvent(statp->event); mDnsQueryEvent->set_cache_hit(static_cast<CacheStatus>(cache_status)); mDnsQueryEvent->set_latency_micros(saturate_cast<int32_t>(queryStopwatch.timeTakenUs())); Loading Loading @@ -1215,7 +1216,7 @@ static int send_dg(ResState* statp, res_params* params, const uint8_t* buf, int static int send_mdns(ResState* statp, std::span<const uint8_t> buf, uint8_t* ans, int anssiz, int* terrno, int* rcode) { const sockaddr_storage ss = (getQueryType(buf.data(), buf.size()) == T_AAAA) ? mdns_addrs[0] : mdns_addrs[1]; (getQueryType(buf.data(), buf.size()) == NS_T_AAAA) ? mdns_addrs[0] : mdns_addrs[1]; const sockaddr* mdnsap = reinterpret_cast<const sockaddr*>(&ss); unique_fd fd; Loading tests/Android.bp +3 −0 Original line number Diff line number Diff line Loading @@ -160,7 +160,9 @@ cc_test { srcs: [ "dns_responder/dns_responder.cpp", "dnsresolver_binder_test.cpp", "doh_frontend.cpp", "resolv_integration_test.cpp", "resolv_private_dns_test.cpp", "tun_forwarder.cpp", ], header_libs: [ Loading Loading @@ -188,6 +190,7 @@ cc_test { "netd_event_listener_interface-lateststable-ndk_platform", "libipchecksum", "resolv_unsolicited_listener", "libdoh_frontend_ffi", ], // This test talks to the DnsResolver module over a binary protocol on a socket, so keep it as // multilib setting is worth because we might be able to get some coverage for the case where Loading tests/doh/Android.bp +9 −0 Original line number Diff line number Diff line package { // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_DnsResolver_license" // to get the below license kinds: // SPDX-license-identifier-Apache-2.0 default_applicable_licenses: ["packages_modules_DnsResolver_license"], } rust_ffi_static { name: "libdoh_frontend_ffi", crate_name: "doh_frontend_ffi", Loading Loading
PrivateDnsConfiguration.cpp +4 −0 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ #include <android-base/format.h> #include <android-base/logging.h> #include <android-base/stringprintf.h> #include <android/binder_ibinder.h> #include <netdutils/Slice.h> #include <netdutils/ThreadUtil.h> #include <sys/socket.h> Loading Loading @@ -444,6 +445,9 @@ int PrivateDnsConfiguration::setDoh(int32_t netId, uint32_t mark, const auto& doh = entry.getDohIdentity(sortedServers, name); if (!doh.ok()) continue; // The internal tests are supposed to have root permission. if (entry.forTesting && AIBinder_getCallingUid() != AID_ROOT) continue; auto it = mDohTracker.find(netId); // Skip if the same server already exists and its status == success. if (it != mDohTracker.end() && it->second == doh.value() && Loading
PrivateDnsConfiguration.h +13 −3 Original line number Diff line number Diff line Loading @@ -200,6 +200,7 @@ class PrivateDnsConfiguration { std::set<std::string> ips; std::string host; std::string httpsTemplate; bool forTesting; base::Result<DohIdentity> getDohIdentity(const std::vector<std::string>& ips, const std::string& host) const { if (!host.empty() && this->host != host) return Errorf("host {} not matched", host); Loading @@ -215,15 +216,24 @@ class PrivateDnsConfiguration { // TODO: Move below DoH relevant stuff into Rust implementation. std::map<unsigned, DohIdentity> mDohTracker GUARDED_BY(mPrivateDnsLock); std::array<DohProviderEntry, 2> mAvailableDoHProviders = {{ std::array<DohProviderEntry, 3> mAvailableDoHProviders = {{ {"Google", {"2001:4860:4860::8888", "2001:4860:4860::8844", "8.8.8.8", "8.8.4.4"}, "dns.google", "https://dns.google/dns-query"}, "https://dns.google/dns-query", false}, {"Cloudflare", {"2606:4700::6810:f8f9", "2606:4700::6810:f9f9", "104.16.248.249", "104.16.249.249"}, "cloudflare-dns.com", "https://cloudflare-dns.com/dns-query"}, "https://cloudflare-dns.com/dns-query", false}, // The DoH provider for testing. {"ResolverTestProvider", {"127.0.0.3", "::1"}, "example.com", "https://example.com/dns-query", true}, }}; struct RecordEntry { Loading
res_send.cpp +3 −2 Original line number Diff line number Diff line Loading @@ -134,6 +134,7 @@ using android::net::IV_IPV6; using android::net::IV_UNKNOWN; using android::net::LinuxErrno; using android::net::NetworkDnsEventReported; using android::net::NS_T_AAAA; using android::net::NS_T_INVALID; using android::net::NsRcode; using android::net::NsType; Loading Loading @@ -472,7 +473,7 @@ int res_nsend(ResState* statp, const uint8_t* buf, int buflen, uint8_t* ans, int Stopwatch queryStopwatch; resplen = send_mdns(statp, buffer, ans, anssiz, &terrno, rcode); const IPSockAddr& receivedMdnsAddr = (getQueryType(buf, buflen) == T_AAAA) ? mdns_addrs[0] : mdns_addrs[1]; (getQueryType(buf, buflen) == NS_T_AAAA) ? mdns_addrs[0] : mdns_addrs[1]; DnsQueryEvent* mDnsQueryEvent = addDnsQueryEvent(statp->event); mDnsQueryEvent->set_cache_hit(static_cast<CacheStatus>(cache_status)); mDnsQueryEvent->set_latency_micros(saturate_cast<int32_t>(queryStopwatch.timeTakenUs())); Loading Loading @@ -1215,7 +1216,7 @@ static int send_dg(ResState* statp, res_params* params, const uint8_t* buf, int static int send_mdns(ResState* statp, std::span<const uint8_t> buf, uint8_t* ans, int anssiz, int* terrno, int* rcode) { const sockaddr_storage ss = (getQueryType(buf.data(), buf.size()) == T_AAAA) ? mdns_addrs[0] : mdns_addrs[1]; (getQueryType(buf.data(), buf.size()) == NS_T_AAAA) ? mdns_addrs[0] : mdns_addrs[1]; const sockaddr* mdnsap = reinterpret_cast<const sockaddr*>(&ss); unique_fd fd; Loading
tests/Android.bp +3 −0 Original line number Diff line number Diff line Loading @@ -160,7 +160,9 @@ cc_test { srcs: [ "dns_responder/dns_responder.cpp", "dnsresolver_binder_test.cpp", "doh_frontend.cpp", "resolv_integration_test.cpp", "resolv_private_dns_test.cpp", "tun_forwarder.cpp", ], header_libs: [ Loading Loading @@ -188,6 +190,7 @@ cc_test { "netd_event_listener_interface-lateststable-ndk_platform", "libipchecksum", "resolv_unsolicited_listener", "libdoh_frontend_ffi", ], // This test talks to the DnsResolver module over a binary protocol on a socket, so keep it as // multilib setting is worth because we might be able to get some coverage for the case where Loading
tests/doh/Android.bp +9 −0 Original line number Diff line number Diff line package { // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_DnsResolver_license" // to get the below license kinds: // SPDX-license-identifier-Apache-2.0 default_applicable_licenses: ["packages_modules_DnsResolver_license"], } rust_ffi_static { name: "libdoh_frontend_ffi", crate_name: "doh_frontend_ffi", Loading
