Loading PrivateDnsConfiguration.cpp +2 −20 Original line number Diff line number Diff line Loading @@ -28,24 +28,6 @@ #include "netd_resolv/resolv.h" #include "netdutils/BackoffSequence.h" int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark, const char** servers, const int numServers, const char* tlsName, const uint8_t** fingerprints, const int numFingerprint) { std::vector<std::string> tlsServers; for (int i = 0; i < numServers; i++) { tlsServers.push_back(std::string(servers[i])); } std::set<std::vector<uint8_t>> tlsFingerprints; for (int i = 0; i < numFingerprint; i++) { // Each fingerprint stored are 32(SHA256_SIZE) bytes long. tlsFingerprints.emplace(std::vector<uint8_t>(fingerprints[i], fingerprints[i] + 32)); } return android::net::gPrivateDnsConfiguration.set(netid, mark, tlsServers, std::string(tlsName), tlsFingerprints); } void resolv_delete_private_dns_for_net(unsigned netid) { android::net::gPrivateDnsConfiguration.clear(netid); } Loading Loading @@ -79,8 +61,8 @@ int PrivateDnsConfiguration::set(int32_t netId, uint32_t mark, const std::vector<std::string>& servers, const std::string& name, const std::set<std::vector<uint8_t>>& fingerprints) { if (DBG) { ALOGD("PrivateDnsConfiguration::set(%u, %zu, %s, %zu)", netId, servers.size(), name.c_str(), fingerprints.size()); ALOGD("PrivateDnsConfiguration::set(%u, 0x%x, %zu, %s, %zu)", netId, mark, servers.size(), name.c_str(), fingerprints.size()); } const bool explicitlyConfigured = !name.empty() || !fingerprints.empty(); Loading ResolverController.cpp +10 −23 Original line number Diff line number Diff line Loading @@ -196,27 +196,12 @@ int ResolverController::createNetworkCache(unsigned netId) { } // TODO: remove below functions and call into PrivateDnsConfiguration directly. // resolv_set_private_dns_for_net() // resolv_delete_private_dns_for_net() int ResolverController::setResolverConfiguration( const ResolverParamsParcel& resolverParams, const std::set<std::vector<uint8_t>>& tlsFingerprints) { using aidl::android::net::IDnsResolver; std::vector<const char*> server_ptrs; size_t count = std::min<size_t>(MAXNS, resolverParams.tlsServers.size()); server_ptrs.reserve(count); for (size_t i = 0; i < count; i++) { server_ptrs.push_back(resolverParams.tlsServers[i].data()); } std::vector<const uint8_t*> fingerprint_ptrs; count = tlsFingerprints.size(); fingerprint_ptrs.reserve(count); for (const auto& fp : tlsFingerprints) { fingerprint_ptrs.push_back(fp.data()); } // At private DNS validation time, we only know the netId, so we have to guess/compute the // corresponding socket mark. Fwmark fwmark; Loading @@ -225,19 +210,21 @@ int ResolverController::setResolverConfiguration( fwmark.protectedFromVpn = true; fwmark.permission = PERMISSION_SYSTEM; // TODO: Change resolv_set_private_dns_for_net() to take a vector directly. const int err = resolv_set_private_dns_for_net( resolverParams.netId, fwmark.intValue, server_ptrs.data(), server_ptrs.size(), resolverParams.tlsName.c_str(), fingerprint_ptrs.data(), fingerprint_ptrs.size()); // Allow at most MAXNS private DNS servers in a network to prevent too many broken servers. std::vector<std::string> tlsServers = resolverParams.tlsServers; if (tlsServers.size() > MAXNS) { tlsServers.resize(MAXNS); } const int err = gPrivateDnsConfiguration.set(resolverParams.netId, fwmark.intValue, tlsServers, resolverParams.tlsName, tlsFingerprints); if (err != 0) { return err; } // Convert network-assigned server list to bionic's format. server_ptrs.clear(); count = std::min<size_t>(MAXNS, resolverParams.servers.size()); server_ptrs.reserve(count); for (size_t i = 0; i < count; ++i) { const size_t serverCount = std::min<size_t>(MAXNS, resolverParams.servers.size()); std::vector<const char*> server_ptrs; for (size_t i = 0; i < serverCount; ++i) { server_ptrs.push_back(resolverParams.servers[i].c_str()); } Loading include/netd_resolv/resolv.h +0 −4 Original line number Diff line number Diff line Loading @@ -117,10 +117,6 @@ int resolv_res_nsend(const android_net_context* netContext, const uint8_t* msg, int resolv_set_nameservers_for_net(unsigned netid, const char** servers, int numservers, const char* domains, const res_params* params); int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark, const char** servers, int numServers, const char* tlsName, const uint8_t** fingerprints, int numFingerprints); void resolv_delete_private_dns_for_net(unsigned netid); // Delete the cache associated with a certain network Loading Loading
PrivateDnsConfiguration.cpp +2 −20 Original line number Diff line number Diff line Loading @@ -28,24 +28,6 @@ #include "netd_resolv/resolv.h" #include "netdutils/BackoffSequence.h" int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark, const char** servers, const int numServers, const char* tlsName, const uint8_t** fingerprints, const int numFingerprint) { std::vector<std::string> tlsServers; for (int i = 0; i < numServers; i++) { tlsServers.push_back(std::string(servers[i])); } std::set<std::vector<uint8_t>> tlsFingerprints; for (int i = 0; i < numFingerprint; i++) { // Each fingerprint stored are 32(SHA256_SIZE) bytes long. tlsFingerprints.emplace(std::vector<uint8_t>(fingerprints[i], fingerprints[i] + 32)); } return android::net::gPrivateDnsConfiguration.set(netid, mark, tlsServers, std::string(tlsName), tlsFingerprints); } void resolv_delete_private_dns_for_net(unsigned netid) { android::net::gPrivateDnsConfiguration.clear(netid); } Loading Loading @@ -79,8 +61,8 @@ int PrivateDnsConfiguration::set(int32_t netId, uint32_t mark, const std::vector<std::string>& servers, const std::string& name, const std::set<std::vector<uint8_t>>& fingerprints) { if (DBG) { ALOGD("PrivateDnsConfiguration::set(%u, %zu, %s, %zu)", netId, servers.size(), name.c_str(), fingerprints.size()); ALOGD("PrivateDnsConfiguration::set(%u, 0x%x, %zu, %s, %zu)", netId, mark, servers.size(), name.c_str(), fingerprints.size()); } const bool explicitlyConfigured = !name.empty() || !fingerprints.empty(); Loading
ResolverController.cpp +10 −23 Original line number Diff line number Diff line Loading @@ -196,27 +196,12 @@ int ResolverController::createNetworkCache(unsigned netId) { } // TODO: remove below functions and call into PrivateDnsConfiguration directly. // resolv_set_private_dns_for_net() // resolv_delete_private_dns_for_net() int ResolverController::setResolverConfiguration( const ResolverParamsParcel& resolverParams, const std::set<std::vector<uint8_t>>& tlsFingerprints) { using aidl::android::net::IDnsResolver; std::vector<const char*> server_ptrs; size_t count = std::min<size_t>(MAXNS, resolverParams.tlsServers.size()); server_ptrs.reserve(count); for (size_t i = 0; i < count; i++) { server_ptrs.push_back(resolverParams.tlsServers[i].data()); } std::vector<const uint8_t*> fingerprint_ptrs; count = tlsFingerprints.size(); fingerprint_ptrs.reserve(count); for (const auto& fp : tlsFingerprints) { fingerprint_ptrs.push_back(fp.data()); } // At private DNS validation time, we only know the netId, so we have to guess/compute the // corresponding socket mark. Fwmark fwmark; Loading @@ -225,19 +210,21 @@ int ResolverController::setResolverConfiguration( fwmark.protectedFromVpn = true; fwmark.permission = PERMISSION_SYSTEM; // TODO: Change resolv_set_private_dns_for_net() to take a vector directly. const int err = resolv_set_private_dns_for_net( resolverParams.netId, fwmark.intValue, server_ptrs.data(), server_ptrs.size(), resolverParams.tlsName.c_str(), fingerprint_ptrs.data(), fingerprint_ptrs.size()); // Allow at most MAXNS private DNS servers in a network to prevent too many broken servers. std::vector<std::string> tlsServers = resolverParams.tlsServers; if (tlsServers.size() > MAXNS) { tlsServers.resize(MAXNS); } const int err = gPrivateDnsConfiguration.set(resolverParams.netId, fwmark.intValue, tlsServers, resolverParams.tlsName, tlsFingerprints); if (err != 0) { return err; } // Convert network-assigned server list to bionic's format. server_ptrs.clear(); count = std::min<size_t>(MAXNS, resolverParams.servers.size()); server_ptrs.reserve(count); for (size_t i = 0; i < count; ++i) { const size_t serverCount = std::min<size_t>(MAXNS, resolverParams.servers.size()); std::vector<const char*> server_ptrs; for (size_t i = 0; i < serverCount; ++i) { server_ptrs.push_back(resolverParams.servers[i].c_str()); } Loading
include/netd_resolv/resolv.h +0 −4 Original line number Diff line number Diff line Loading @@ -117,10 +117,6 @@ int resolv_res_nsend(const android_net_context* netContext, const uint8_t* msg, int resolv_set_nameservers_for_net(unsigned netid, const char** servers, int numservers, const char* domains, const res_params* params); int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark, const char** servers, int numServers, const char* tlsName, const uint8_t** fingerprints, int numFingerprints); void resolv_delete_private_dns_for_net(unsigned netid); // Delete the cache associated with a certain network Loading
