Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cb9c8f03 authored by Mike Yu's avatar Mike Yu Committed by Automerger Merge Worker
Browse files

Stop checking IP address with the DoH list if the hostname is known am:... 

Stop checking IP address with the DoH list if the hostname is known am: 3aea8db3 am: ea589bc7 am: 7a013f50 am: 2e604d3e am: b2889112

Original change: https://android-review.googlesource.com/c/platform/packages/modules/DnsResolver/+/2598287



Change-Id: I0068bcc576af58e86f5fec1b47bbe7533ac88920
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 625e0a76 b2889112

PrivateDnsConfiguration.h

+16 −5
Original line number Diff line number Diff line
@@ -232,13 +232,24 @@ class PrivateDnsConfiguration { 
        std::string host;

        std::string httpsTemplate;

        bool requireRootPermission;

        base::Result<DohIdentity> getDohIdentity(const std::vector<std::string>& ips,



        base::Result<DohIdentity> getDohIdentity(const std::vector<std::string>& sortedValidIps,

                                                 const std::string& host) const {

            if (!host.empty() && this->host != host) return Errorf("host {} not matched", host);

            for (const auto& ip : ips) {

                if (this->ips.find(ip) == this->ips.end()) continue;

            // If the private DNS hostname is known, `sortedValidIps` are the IP addresses

            // resolved from the hostname, and hostname verification will be performed during

            // TLS handshake to ensure the validity of the server, so it's not necessary to

            // check the IP address.

            if (!host.empty()) {

                if (this->host != host) return Errorf("host {} not matched", host);

                if (!sortedValidIps.empty()) {

                    const auto& ip = sortedValidIps[0];

                    LOG(INFO) << fmt::format("getDohIdentity: {} {}", ip, host);

                    return DohIdentity{httpsTemplate, ip, host, Validation::in_process};

                }

            }

            for (const auto& ip : sortedValidIps) {

                if (ips.find(ip) == ips.end()) continue;

                LOG(INFO) << fmt::format("getDohIdentity: {} {}", ip, host);

                // Only pick the first one for now.

                return DohIdentity{httpsTemplate, ip, host, Validation::in_process};

            }

            return Errorf("server not matched");