Merge "Add evaluate domain name callback in DnsResolver" am: c20becb3 am: 2af22b1b

    free(mHints);

}

static bool evaluate_domain_name(const android_net_context &netcontext,

                                 const char *host) {

    if (!gResNetdCallbacks.evaluate_domain_name)

        return true;

    return gResNetdCallbacks.evaluate_domain_name(netcontext, host);

}

static bool sendBE32(SocketClient* c, uint32_t data) {

    uint32_t be_data = htonl(data);

    return c->sendData(&be_data, sizeof(be_data)) == 0;

    NetworkDnsEventReported event;

    initDnsEvent(&event);

    if (queryLimiter.start(uid)) {

        rv = resolv_getaddrinfo(mHost, mService, mHints, &mNetContext, &result, &event);

        if (evaluate_domain_name(mNetContext, mHost)) {

            rv = resolv_getaddrinfo(mHost, mService, mHints, &mNetContext, &result,

                                    &event);

        } else {

            rv = EAI_SYSTEM;

        }

        queryLimiter.finish(uid);

    } else {

        // Note that this error code is currently not passed down to the client.

    NetworkDnsEventReported event;

    initDnsEvent(&event);

    if (queryLimiter.start(uid)) {

        if (evaluate_domain_name(mNetContext, rr_name.c_str())) {

            nsendAns = resolv_res_nsend(&mNetContext, msg.data(), msgLen, ansBuf.data(), MAXPACKET,

                                        &rcode, static_cast<ResNsendFlags>(mFlags), &event);

        } else {

            nsendAns = -EAI_SYSTEM;

        }

        queryLimiter.finish(uid);

    } else {

        LOG(WARNING) << "ResNSendHandler::run: resnsend: from UID " << uid

    NetworkDnsEventReported event;

    initDnsEvent(&event);

    if (queryLimiter.start(uid)) {

        if (evaluate_domain_name(mNetContext, mName)) {

            rv = resolv_gethostbyname(mName, mAf, &hbuf, tmpbuf, sizeof tmpbuf, &mNetContext, &hp,

                                      &event);

        } else {

            rv = EAI_SYSTEM;

        }

        queryLimiter.finish(uid);

    } else {

        rv = EAI_MEMORY;

    gResNetdCallbacks.log = callbacks->log;

    if (gApiLevel >= 30) {

        gResNetdCallbacks.tagSocket = callbacks->tagSocket;

        gResNetdCallbacks.evaluate_domain_name = callbacks->evaluate_domain_name;

    }

    android::net::gDnsResolv = android::net::DnsResolver::getInstance();

    return android::net::gDnsResolv->start();

typedef void (*log_callback)(const char* msg);

typedef int (*tagSocketCallback)(int sockFd, uint32_t tag, uid_t uid, pid_t pid);

// The DnsResolver module invokes this callback once before starting each DNS

// lookup. The callback receives the android_net_context associated with the

// request, and the (possibly unqualified) hostname requested by the app via

// getaddrinfo() or gethostbyname().

//

// If the callback returns false, the DnsResolver will abort the request

// returning EAI_SYSTEM. If the callback returns true, the query will proceed as

// usual.

//

// If this callback is not present (i.e. set to nullptr), the effect is the same

// of returning true.

//

// This callback *will* be invoked concurrently from multiple threads. It must

// peform its own locking when accessing shared data structures. Furthermore,

// the callback must not sleep nor perform RPC requests.

//

// Be mindful that hostnames could contain sensitive user data. Do not log them

// and do not transmit them to third parties without explicit user

// authorization.

//

typedef bool (*evaluate_domain_name_callback)(

    const android_net_context &netcontext, const char *host);

/*

 * Some functions needed by the resolver (e.g. checkCallingPermission()) live in

 * libraries with no ABI stability guarantees, such as libbinder.so.

    get_network_context_callback get_network_context;

    log_callback log;

    tagSocketCallback tagSocket;

    evaluate_domain_name_callback evaluate_domain_name;

};

#define TAG_SYSTEM_DNS 0xFFFFFF82