resolv: remove resolv_set_private_dns_for_net (efa5f901) · Commits · e / os / android_packages_modules_DnsResolver

PrivateDnsConfiguration.cpp

+2 −20

Original line number	Original line	Diff line number	Diff line
	@@ -28,24 +28,6 @@
	#include "netd_resolv/resolv.h"		#include "netd_resolv/resolv.h"
	#include "netdutils/BackoffSequence.h"		#include "netdutils/BackoffSequence.h"

	int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark, const char** servers,
	const int numServers, const char* tlsName,
	const uint8_t** fingerprints, const int numFingerprint) {
	std::vector<std::string> tlsServers;
	for (int i = 0; i < numServers; i++) {
	tlsServers.push_back(std::string(servers[i]));
	}

	std::set<std::vector<uint8_t>> tlsFingerprints;
	for (int i = 0; i < numFingerprint; i++) {
	// Each fingerprint stored are 32(SHA256_SIZE) bytes long.
	tlsFingerprints.emplace(std::vector<uint8_t>(fingerprints[i], fingerprints[i] + 32));
	}

	return android::net::gPrivateDnsConfiguration.set(netid, mark, tlsServers, std::string(tlsName),
	tlsFingerprints);
	}

	void resolv_delete_private_dns_for_net(unsigned netid) {		void resolv_delete_private_dns_for_net(unsigned netid) {
	android::net::gPrivateDnsConfiguration.clear(netid);		android::net::gPrivateDnsConfiguration.clear(netid);
	}		}
	@@ -79,8 +61,8 @@ int PrivateDnsConfiguration::set(int32_t netId, uint32_t mark,
	const std::vector<std::string>& servers, const std::string& name,		const std::vector<std::string>& servers, const std::string& name,
	const std::set<std::vector<uint8_t>>& fingerprints) {		const std::set<std::vector<uint8_t>>& fingerprints) {
	if (DBG) {		if (DBG) {
	ALOGD("PrivateDnsConfiguration::set(%u, %zu, %s, %zu)", netId, servers.size(), name.c_str(),		ALOGD("PrivateDnsConfiguration::set(%u, 0x%x, %zu, %s, %zu)", netId, mark, servers.size(),
	fingerprints.size());		name.c_str(), fingerprints.size());
	}		}

	const bool explicitlyConfigured = !name.empty() \|\| !fingerprints.empty();		const bool explicitlyConfigured = !name.empty() \|\| !fingerprints.empty();

ResolverController.cpp

+10 −23

Original line number	Original line	Diff line number	Diff line
	@@ -196,27 +196,12 @@ int ResolverController::createNetworkCache(unsigned netId) {
	}		}

	// TODO: remove below functions and call into PrivateDnsConfiguration directly.		// TODO: remove below functions and call into PrivateDnsConfiguration directly.
	// resolv_set_private_dns_for_net()
	// resolv_delete_private_dns_for_net()		// resolv_delete_private_dns_for_net()
	int ResolverController::setResolverConfiguration(		int ResolverController::setResolverConfiguration(
	const ResolverParamsParcel& resolverParams,		const ResolverParamsParcel& resolverParams,
	const std::set<std::vector<uint8_t>>& tlsFingerprints) {		const std::set<std::vector<uint8_t>>& tlsFingerprints) {
	using aidl::android::net::IDnsResolver;		using aidl::android::net::IDnsResolver;

	std::vector<const char*> server_ptrs;
	size_t count = std::min<size_t>(MAXNS, resolverParams.tlsServers.size());
	server_ptrs.reserve(count);
	for (size_t i = 0; i < count; i++) {
	server_ptrs.push_back(resolverParams.tlsServers[i].data());
	}

	std::vector<const uint8_t*> fingerprint_ptrs;
	count = tlsFingerprints.size();
	fingerprint_ptrs.reserve(count);
	for (const auto& fp : tlsFingerprints) {
	fingerprint_ptrs.push_back(fp.data());
	}

	// At private DNS validation time, we only know the netId, so we have to guess/compute the		// At private DNS validation time, we only know the netId, so we have to guess/compute the
	// corresponding socket mark.		// corresponding socket mark.
	Fwmark fwmark;		Fwmark fwmark;
	@@ -225,19 +210,21 @@ int ResolverController::setResolverConfiguration(
	fwmark.protectedFromVpn = true;		fwmark.protectedFromVpn = true;
	fwmark.permission = PERMISSION_SYSTEM;		fwmark.permission = PERMISSION_SYSTEM;

	// TODO: Change resolv_set_private_dns_for_net() to take a vector directly.		// Allow at most MAXNS private DNS servers in a network to prevent too many broken servers.
	const int err = resolv_set_private_dns_for_net(		std::vector<std::string> tlsServers = resolverParams.tlsServers;
	resolverParams.netId, fwmark.intValue, server_ptrs.data(), server_ptrs.size(),		if (tlsServers.size() > MAXNS) {
	resolverParams.tlsName.c_str(), fingerprint_ptrs.data(), fingerprint_ptrs.size());		tlsServers.resize(MAXNS);
			}
			const int err = gPrivateDnsConfiguration.set(resolverParams.netId, fwmark.intValue, tlsServers,
			resolverParams.tlsName, tlsFingerprints);
	if (err != 0) {		if (err != 0) {
	return err;		return err;
	}		}

	// Convert network-assigned server list to bionic's format.		// Convert network-assigned server list to bionic's format.
	server_ptrs.clear();		const size_t serverCount = std::min<size_t>(MAXNS, resolverParams.servers.size());
	count = std::min<size_t>(MAXNS, resolverParams.servers.size());		std::vector<const char*> server_ptrs;
	server_ptrs.reserve(count);		for (size_t i = 0; i < serverCount; ++i) {
	for (size_t i = 0; i < count; ++i) {
	server_ptrs.push_back(resolverParams.servers[i].c_str());		server_ptrs.push_back(resolverParams.servers[i].c_str());
	}		}

include/netd_resolv/resolv.h

+0 −4

Original line number	Original line	Diff line number	Diff line
	@@ -117,10 +117,6 @@ int resolv_res_nsend(const android_net_context* netContext, const uint8_t* msg,
	int resolv_set_nameservers_for_net(unsigned netid, const char** servers, int numservers,		int resolv_set_nameservers_for_net(unsigned netid, const char** servers, int numservers,
	const char* domains, const res_params* params);		const char* domains, const res_params* params);

	int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark, const char** servers,
	int numServers, const char* tlsName,
	const uint8_t** fingerprints, int numFingerprints);

	void resolv_delete_private_dns_for_net(unsigned netid);		void resolv_delete_private_dns_for_net(unsigned netid);

	// Delete the cache associated with a certain network		// Delete the cache associated with a certain network