Loading DnsStats.cpp +3 −0 Original line number Diff line number Diff line Loading @@ -284,6 +284,9 @@ void DnsStats::dump(DumpWriter& dw) { dw.println("over UDP"); dumpStatsMap(mStats[PROTO_UDP]); dw.println("over DOH"); dumpStatsMap(mStats[PROTO_DOH]); dw.println("over TLS"); dumpStatsMap(mStats[PROTO_DOT]); Loading DnsStatsTest.cpp +13 −11 Original line number Diff line number Diff line Loading @@ -117,7 +117,8 @@ class DnsStatsTest : public ::testing::Test { void verifyDumpOutput(const std::vector<StatsData>& tcpData, const std::vector<StatsData>& udpData, const std::vector<StatsData>& dotData, const std::vector<StatsData>& mdnsData) { const std::vector<StatsData>& mdnsData, const std::vector<StatsData>& dohData) { // A pattern to capture three matches: // server address (empty allowed), the statistics, and the score. const std::regex pattern(R"(\s{4,}([0-9a-fA-F:\.]*)[ ]?([<(].*[>)])[ ]?(\S*))"); Loading Loading @@ -149,6 +150,7 @@ class DnsStatsTest : public ::testing::Test { }; check(udpData, "UDP", &dumpString); check(dohData, "DOH", &dumpString); check(dotData, "TLS", &dumpString); check(tcpData, "TCP", &dumpString); check(mdnsData, "MDNS", &dumpString); Loading @@ -173,7 +175,7 @@ class DnsStatsTest : public ::testing::Test { TEST_F(DnsStatsTest, SetAddrs) { // Check before any operation to mDnsStats. verifyDumpOutput({}, {}, {}, {}); verifyDumpOutput({}, {}, {}, {}, {}); static const struct { std::vector<std::string> servers; Loading Loading @@ -230,7 +232,7 @@ TEST_F(DnsStatsTest, SetAddrs) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, expectedStats, NO_AVERAGE_LATENCY)); } verifyDumpOutput({}, {}, {}, {}); verifyDumpOutput({}, {}, {}, {}, {}); } TEST_F(DnsStatsTest, SetServersDifferentPorts) { Loading @@ -249,7 +251,7 @@ TEST_F(DnsStatsTest, SetServersDifferentPorts) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_TCP, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, {}, NO_AVERAGE_LATENCY)); verifyDumpOutput({}, {}, {}, {}); verifyDumpOutput({}, {}, {}, {}, {}); EXPECT_TRUE(mDnsStats.setAddrs(std::vector(servers.begin() + 2, servers.end()), PROTO_TCP)); EXPECT_TRUE(mDnsStats.setAddrs(std::vector(servers.begin() + 2, servers.end()), PROTO_UDP)); Loading @@ -264,7 +266,7 @@ TEST_F(DnsStatsTest, SetServersDifferentPorts) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_TCP, expectedStats, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, expectedStats, NO_AVERAGE_LATENCY)); verifyDumpOutput(expectedStats, expectedStats, expectedStats, {}); verifyDumpOutput(expectedStats, expectedStats, expectedStats, {}, {}); } TEST_F(DnsStatsTest, AddStatsAndClear) { Loading Loading @@ -311,7 +313,7 @@ TEST_F(DnsStatsTest, AddStatsAndClear) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStatsForUdp, 10ms)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_MDNS, expectedStatsForMdns, 10ms)); verifyDumpOutput(expectedStatsForTcp, expectedStatsForUdp, {}, expectedStatsForMdns); verifyDumpOutput(expectedStatsForTcp, expectedStatsForUdp, {}, expectedStatsForMdns, {}); // Clear stats. EXPECT_TRUE(mDnsStats.setAddrs({}, PROTO_TCP)); Loading @@ -322,7 +324,7 @@ TEST_F(DnsStatsTest, AddStatsAndClear) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_MDNS, {}, NO_AVERAGE_LATENCY)); verifyDumpOutput({}, {}, {}, {}); verifyDumpOutput({}, {}, {}, {}, {}); } TEST_F(DnsStatsTest, StatsRemainsInExistentServer) { Loading Loading @@ -350,7 +352,7 @@ TEST_F(DnsStatsTest, StatsRemainsInExistentServer) { }; EXPECT_THAT(mDnsStats.getStats(PROTO_UDP), UnorderedElementsAreArray(expectedStats)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, 106ms)); verifyDumpOutput({}, expectedStats, {}, {}); verifyDumpOutput({}, expectedStats, {}, {}, {}); // Update the server list, the stats of 127.0.0.2 will remain. servers = { Loading @@ -366,7 +368,7 @@ TEST_F(DnsStatsTest, StatsRemainsInExistentServer) { }; EXPECT_THAT(mDnsStats.getStats(PROTO_UDP), UnorderedElementsAreArray(expectedStats)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, 130ms)); verifyDumpOutput({}, expectedStats, {}, {}); verifyDumpOutput({}, expectedStats, {}, {}, {}); // Let's add a record to 127.0.0.2 again. EXPECT_TRUE(mDnsStats.addStats(servers[0], recordNoError)); Loading @@ -377,7 +379,7 @@ TEST_F(DnsStatsTest, StatsRemainsInExistentServer) { }; EXPECT_THAT(mDnsStats.getStats(PROTO_UDP), UnorderedElementsAreArray(expectedStats)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, 106ms)); verifyDumpOutput({}, expectedStats, {}, {}); verifyDumpOutput({}, expectedStats, {}, {}, {}); } TEST_F(DnsStatsTest, AddStatsRecords_100000) { Loading Loading @@ -451,7 +453,7 @@ TEST_F(DnsStatsTest, AddStatsRecords_100000) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, 99935500us)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, expectedStats, 99935500us)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_MDNS, expectedMdnsStats, 99935500us)); verifyDumpOutput(expectedStats, expectedStats, expectedStats, expectedMdnsStats); verifyDumpOutput(expectedStats, expectedStats, expectedStats, expectedMdnsStats, {}); } TEST_F(DnsStatsTest, GetServers_SortingByLatency) { Loading PrivateDnsConfiguration.cpp +10 −0 Original line number Diff line number Diff line Loading @@ -386,6 +386,16 @@ void PrivateDnsConfiguration::setObserver(PrivateDnsValidationObserver* observer mObserver = observer; } base::Result<netdutils::IPSockAddr> PrivateDnsConfiguration::getDohServer(unsigned netId) const { std::lock_guard guard(mPrivateDnsLock); auto it = mDohTracker.find(netId); if (it != mDohTracker.end()) { return netdutils::IPSockAddr::toIPSockAddr(it->second.ipAddr, 443); } return Errorf("Failed to get DoH Server: netId {} not found", netId); } void PrivateDnsConfiguration::notifyValidationStateUpdate(const netdutils::IPSockAddr& sockaddr, Validation validation, uint32_t netId) const { Loading PrivateDnsConfiguration.h +3 −0 Original line number Diff line number Diff line Loading @@ -115,6 +115,9 @@ class PrivateDnsConfiguration { void onDohStatusUpdate(uint32_t netId, bool success, const char* ipAddr, const char* host) EXCLUDES(mPrivateDnsLock); base::Result<netdutils::IPSockAddr> getDohServer(unsigned netId) const EXCLUDES(mPrivateDnsLock); private: typedef std::map<ServerIdentity, std::unique_ptr<IPrivateDnsServer>> PrivateDnsTracker; Loading ResolverController.cpp +22 −13 Original line number Diff line number Diff line Loading @@ -208,33 +208,42 @@ int ResolverController::setResolverConfiguration(const ResolverParamsParcel& res // through a different network. For example, on a VPN with no DNS servers (Do53), if the VPN // applies to UID 0, dns_mark is assigned for default network rathan the VPN. (note that it's // possible that a VPN doesn't have any DNS servers but DoT servers in DNS strict mode) int err = PrivateDnsConfiguration::getInstance().set(resolverParams.netId, netcontext.app_mark, tlsServers, resolverParams.tlsName, resolverParams.caCertificate); auto& privateDnsConfiguration = PrivateDnsConfiguration::getInstance(); int err = privateDnsConfiguration.set(resolverParams.netId, netcontext.app_mark, tlsServers, resolverParams.tlsName, resolverParams.caCertificate); if (err != 0) { return err; } if (int err = resolv_stats_set_addrs(resolverParams.netId, PROTO_DOT, tlsServers, 853); if (err = resolv_stats_set_addrs(resolverParams.netId, PROTO_DOT, tlsServers, 853); err != 0) { return err; } if (int err = resolv_stats_set_addrs(resolverParams.netId, PROTO_MDNS, {"ff02::fb", "224.0.0.251"}, 5353); if (err = resolv_stats_set_addrs(resolverParams.netId, PROTO_MDNS, {"ff02::fb", "224.0.0.251"}, 5353); err != 0) { return err; } if (isDoHEnabled()) err = PrivateDnsConfiguration::getInstance().setDoh( resolverParams.netId, netcontext.app_mark, tlsServers, resolverParams.tlsName, if (isDoHEnabled()) { if (err = privateDnsConfiguration.setDoh(resolverParams.netId, netcontext.app_mark, tlsServers, resolverParams.tlsName, resolverParams.caCertificate); if (err != 0) { err != 0) { return err; } auto result = privateDnsConfiguration.getDohServer(resolverParams.netId); if (result.ok()) { const netdutils::IPSockAddr sockAddr = result.value(); if (err = resolv_stats_set_addrs(resolverParams.netId, PROTO_DOH, {sockAddr.ip().toString()}, sockAddr.port()); err != 0) { return err; } } } res_params res_params = {}; res_params.sample_validity = resolverParams.sampleValiditySeconds; Loading Loading
DnsStats.cpp +3 −0 Original line number Diff line number Diff line Loading @@ -284,6 +284,9 @@ void DnsStats::dump(DumpWriter& dw) { dw.println("over UDP"); dumpStatsMap(mStats[PROTO_UDP]); dw.println("over DOH"); dumpStatsMap(mStats[PROTO_DOH]); dw.println("over TLS"); dumpStatsMap(mStats[PROTO_DOT]); Loading
DnsStatsTest.cpp +13 −11 Original line number Diff line number Diff line Loading @@ -117,7 +117,8 @@ class DnsStatsTest : public ::testing::Test { void verifyDumpOutput(const std::vector<StatsData>& tcpData, const std::vector<StatsData>& udpData, const std::vector<StatsData>& dotData, const std::vector<StatsData>& mdnsData) { const std::vector<StatsData>& mdnsData, const std::vector<StatsData>& dohData) { // A pattern to capture three matches: // server address (empty allowed), the statistics, and the score. const std::regex pattern(R"(\s{4,}([0-9a-fA-F:\.]*)[ ]?([<(].*[>)])[ ]?(\S*))"); Loading Loading @@ -149,6 +150,7 @@ class DnsStatsTest : public ::testing::Test { }; check(udpData, "UDP", &dumpString); check(dohData, "DOH", &dumpString); check(dotData, "TLS", &dumpString); check(tcpData, "TCP", &dumpString); check(mdnsData, "MDNS", &dumpString); Loading @@ -173,7 +175,7 @@ class DnsStatsTest : public ::testing::Test { TEST_F(DnsStatsTest, SetAddrs) { // Check before any operation to mDnsStats. verifyDumpOutput({}, {}, {}, {}); verifyDumpOutput({}, {}, {}, {}, {}); static const struct { std::vector<std::string> servers; Loading Loading @@ -230,7 +232,7 @@ TEST_F(DnsStatsTest, SetAddrs) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, expectedStats, NO_AVERAGE_LATENCY)); } verifyDumpOutput({}, {}, {}, {}); verifyDumpOutput({}, {}, {}, {}, {}); } TEST_F(DnsStatsTest, SetServersDifferentPorts) { Loading @@ -249,7 +251,7 @@ TEST_F(DnsStatsTest, SetServersDifferentPorts) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_TCP, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, {}, NO_AVERAGE_LATENCY)); verifyDumpOutput({}, {}, {}, {}); verifyDumpOutput({}, {}, {}, {}, {}); EXPECT_TRUE(mDnsStats.setAddrs(std::vector(servers.begin() + 2, servers.end()), PROTO_TCP)); EXPECT_TRUE(mDnsStats.setAddrs(std::vector(servers.begin() + 2, servers.end()), PROTO_UDP)); Loading @@ -264,7 +266,7 @@ TEST_F(DnsStatsTest, SetServersDifferentPorts) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_TCP, expectedStats, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, expectedStats, NO_AVERAGE_LATENCY)); verifyDumpOutput(expectedStats, expectedStats, expectedStats, {}); verifyDumpOutput(expectedStats, expectedStats, expectedStats, {}, {}); } TEST_F(DnsStatsTest, AddStatsAndClear) { Loading Loading @@ -311,7 +313,7 @@ TEST_F(DnsStatsTest, AddStatsAndClear) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStatsForUdp, 10ms)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_MDNS, expectedStatsForMdns, 10ms)); verifyDumpOutput(expectedStatsForTcp, expectedStatsForUdp, {}, expectedStatsForMdns); verifyDumpOutput(expectedStatsForTcp, expectedStatsForUdp, {}, expectedStatsForMdns, {}); // Clear stats. EXPECT_TRUE(mDnsStats.setAddrs({}, PROTO_TCP)); Loading @@ -322,7 +324,7 @@ TEST_F(DnsStatsTest, AddStatsAndClear) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, {}, NO_AVERAGE_LATENCY)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_MDNS, {}, NO_AVERAGE_LATENCY)); verifyDumpOutput({}, {}, {}, {}); verifyDumpOutput({}, {}, {}, {}, {}); } TEST_F(DnsStatsTest, StatsRemainsInExistentServer) { Loading Loading @@ -350,7 +352,7 @@ TEST_F(DnsStatsTest, StatsRemainsInExistentServer) { }; EXPECT_THAT(mDnsStats.getStats(PROTO_UDP), UnorderedElementsAreArray(expectedStats)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, 106ms)); verifyDumpOutput({}, expectedStats, {}, {}); verifyDumpOutput({}, expectedStats, {}, {}, {}); // Update the server list, the stats of 127.0.0.2 will remain. servers = { Loading @@ -366,7 +368,7 @@ TEST_F(DnsStatsTest, StatsRemainsInExistentServer) { }; EXPECT_THAT(mDnsStats.getStats(PROTO_UDP), UnorderedElementsAreArray(expectedStats)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, 130ms)); verifyDumpOutput({}, expectedStats, {}, {}); verifyDumpOutput({}, expectedStats, {}, {}, {}); // Let's add a record to 127.0.0.2 again. EXPECT_TRUE(mDnsStats.addStats(servers[0], recordNoError)); Loading @@ -377,7 +379,7 @@ TEST_F(DnsStatsTest, StatsRemainsInExistentServer) { }; EXPECT_THAT(mDnsStats.getStats(PROTO_UDP), UnorderedElementsAreArray(expectedStats)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, 106ms)); verifyDumpOutput({}, expectedStats, {}, {}); verifyDumpOutput({}, expectedStats, {}, {}, {}); } TEST_F(DnsStatsTest, AddStatsRecords_100000) { Loading Loading @@ -451,7 +453,7 @@ TEST_F(DnsStatsTest, AddStatsRecords_100000) { EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_UDP, expectedStats, 99935500us)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_DOT, expectedStats, 99935500us)); EXPECT_NO_FAILURE(verifyDnsStatsContent(PROTO_MDNS, expectedMdnsStats, 99935500us)); verifyDumpOutput(expectedStats, expectedStats, expectedStats, expectedMdnsStats); verifyDumpOutput(expectedStats, expectedStats, expectedStats, expectedMdnsStats, {}); } TEST_F(DnsStatsTest, GetServers_SortingByLatency) { Loading
PrivateDnsConfiguration.cpp +10 −0 Original line number Diff line number Diff line Loading @@ -386,6 +386,16 @@ void PrivateDnsConfiguration::setObserver(PrivateDnsValidationObserver* observer mObserver = observer; } base::Result<netdutils::IPSockAddr> PrivateDnsConfiguration::getDohServer(unsigned netId) const { std::lock_guard guard(mPrivateDnsLock); auto it = mDohTracker.find(netId); if (it != mDohTracker.end()) { return netdutils::IPSockAddr::toIPSockAddr(it->second.ipAddr, 443); } return Errorf("Failed to get DoH Server: netId {} not found", netId); } void PrivateDnsConfiguration::notifyValidationStateUpdate(const netdutils::IPSockAddr& sockaddr, Validation validation, uint32_t netId) const { Loading
PrivateDnsConfiguration.h +3 −0 Original line number Diff line number Diff line Loading @@ -115,6 +115,9 @@ class PrivateDnsConfiguration { void onDohStatusUpdate(uint32_t netId, bool success, const char* ipAddr, const char* host) EXCLUDES(mPrivateDnsLock); base::Result<netdutils::IPSockAddr> getDohServer(unsigned netId) const EXCLUDES(mPrivateDnsLock); private: typedef std::map<ServerIdentity, std::unique_ptr<IPrivateDnsServer>> PrivateDnsTracker; Loading
ResolverController.cpp +22 −13 Original line number Diff line number Diff line Loading @@ -208,33 +208,42 @@ int ResolverController::setResolverConfiguration(const ResolverParamsParcel& res // through a different network. For example, on a VPN with no DNS servers (Do53), if the VPN // applies to UID 0, dns_mark is assigned for default network rathan the VPN. (note that it's // possible that a VPN doesn't have any DNS servers but DoT servers in DNS strict mode) int err = PrivateDnsConfiguration::getInstance().set(resolverParams.netId, netcontext.app_mark, tlsServers, resolverParams.tlsName, resolverParams.caCertificate); auto& privateDnsConfiguration = PrivateDnsConfiguration::getInstance(); int err = privateDnsConfiguration.set(resolverParams.netId, netcontext.app_mark, tlsServers, resolverParams.tlsName, resolverParams.caCertificate); if (err != 0) { return err; } if (int err = resolv_stats_set_addrs(resolverParams.netId, PROTO_DOT, tlsServers, 853); if (err = resolv_stats_set_addrs(resolverParams.netId, PROTO_DOT, tlsServers, 853); err != 0) { return err; } if (int err = resolv_stats_set_addrs(resolverParams.netId, PROTO_MDNS, {"ff02::fb", "224.0.0.251"}, 5353); if (err = resolv_stats_set_addrs(resolverParams.netId, PROTO_MDNS, {"ff02::fb", "224.0.0.251"}, 5353); err != 0) { return err; } if (isDoHEnabled()) err = PrivateDnsConfiguration::getInstance().setDoh( resolverParams.netId, netcontext.app_mark, tlsServers, resolverParams.tlsName, if (isDoHEnabled()) { if (err = privateDnsConfiguration.setDoh(resolverParams.netId, netcontext.app_mark, tlsServers, resolverParams.tlsName, resolverParams.caCertificate); if (err != 0) { err != 0) { return err; } auto result = privateDnsConfiguration.getDohServer(resolverParams.netId); if (result.ok()) { const netdutils::IPSockAddr sockAddr = result.value(); if (err = resolv_stats_set_addrs(resolverParams.netId, PROTO_DOH, {sockAddr.ip().toString()}, sockAddr.port()); err != 0) { return err; } } } res_params res_params = {}; res_params.sample_validity = resolverParams.sampleValiditySeconds; Loading
