This project is mirrored from https://github.com/LineageOS/android_packages_modules_DnsResolver.git. Pull mirroring updated .
  1. 23 May, 2022 1 commit
  2. 19 May, 2022 1 commit
    • Rohit's avatar
      shouldBlockRequest: Don't block if socket connect fails · 4f4501dc
      Rohit authored
      * On (re)boot:
      
        05-19 13:27:49.303   605   987 I netd    : DnsResolverService::setResolverConfiguration(100, [192.168.1.1], [], 1800, 25, 8, 64, 0, 0, [], []) -> (-22) (0.6ms)
        05-19 13:27:49.303   605   987 I netd    : setResolverConfiguration() -> ServiceSpecificException(22, "Invalid argument") <1.35ms>
        05-19 13:27:49.304  1574  1698 E DnsManager: Error setting DNS configuration: android.os.ServiceSpecificException: Invalid argument (code 22)
      
        ..which subsequently leads to connectivity check probes failing.
      
      * Thanks to Alexandre for the hint
      4f4501dc
  3. 27 Apr, 2022 2 commits
  4. 04 Apr, 2022 3 commits
  5. 02 Mar, 2022 1 commit
  6. 03 Nov, 2021 1 commit
  7. 01 Oct, 2021 2 commits
    • Tom Marshall's avatar
      DnsResolver: Support wildcards in cached hosts file · cb250fea
      Tom Marshall authored
      If an exact name is not found in the hosts file and the host name
      contains at least one dot, search for entries of the form "*.domain",
      where domain is the portion of the host name after the first dot.  If
      that is not found, repeat using the domain.
      
      Example: a.b.c.example.com would search for the following in turn:
      	a.b.c.example.com
      	*.b.c.example.com
      	*.c.example.com
      	*.example.com
      	*.com
      
      Note: this change is the analogue of the bionic change of the same name.
      Both should be kept in sync.
      
      Change-Id: I4b0bb81699151d5b371850daebf785e35ec9b170
      cb250fea
    • Tom Marshall's avatar
      DnsResolver: Sort and cache hosts file data for fast lookup · b0042566
      Tom Marshall authored
      The hosts file is normally searched linearly.  This is very slow when
      the file is large.  To mitigate this, read the hosts file and sort the
      entries in an in-memory cache.  When an address is requested via
      gethostbyname or getaddrinfo, binary search the cache.
      
      In case where the cache is not available, return a suitable error code
      and fall back to the existing lookup code.
      
      This has been written to behave as much like the existing lookup code as
      possible.  But note bionic and glibc differ in behavior for some corner
      cases.  Choose the most standard compliant behavior for these where
      possible.  Otherwise choose the behavior that seems most reasonable.
      
      Note: this change is the analogue of the bionic change of the same name.
      Both should be kept in sync.
      
      Change-Id: I5926493864d4b1291ae83f8b601bf5dcc54085cd
      b0042566
  8. 28 Dec, 2020 1 commit
    • Mike Yu's avatar
      Fix ResolverTest.ConnectTlsServerTimeout broken · 4a35e679
      Mike Yu authored
      The test is not compatible with a newer DnsResolver which gets
      the flag from an Experiments class rather than from system properties.
      
      Bug: 175900450
      Test: ResolverTest.ConnectTlsServerTimeout
      Ignore-AOSP-First: This test in internal master has the fix already
      Change-Id: Ie856b1fdbd7069cae1c78989813e96073b69cd01
      Merged-In: Iabfc14ad6b525e4cdc26f9fee83742acaee881e0
      4a35e679
  9. 16 Sep, 2020 1 commit
    • Ken Chen's avatar
      Fix OOB read in DNS resolver · 8c222de9
      Ken Chen authored
      The remote server specifies resplen, the length of the response it
      intends to send. anssiz represents the size of the destination buffer.
      If the reported resplen is larger than the anssiz, the code correctly
      only reads up to anssiz bytes, but returns resplen. so later functions
      will access far out of bounds.
      
      The fix ensures that the length of send_vc return does not exceed the
      buffer size.
      
      Bug: 161362564
      Test: atest pass on HWAddressSanitizer build.
      Merged-In: Id4b5df1be4652e4623847b0b0bad0af65b80fdd5
      Change-Id: Id4b5df1be4652e4623847b0b0bad0af65b80fdd5
      (cherry picked from commit cf6ee247)
      (cherry picked from commit 5214c6be)
      8c222de9
  10. 30 Aug, 2020 2 commits
  11. 06 Aug, 2020 1 commit
    • Ken Chen's avatar
      Fix OOB read in DNS resolver · 5214c6be
      Ken Chen authored
      The remote server specifies resplen, the length of the response it
      intends to send. anssiz represents the size of the destination buffer.
      If the reported resplen is larger than the anssiz, the code correctly
      only reads up to anssiz bytes, but returns resplen. so later functions
      will access far out of bounds.
      
      The fix ensures that the length of send_vc return does not exceed the
      buffer size.
      
      Bug: 161362564
      Test: atest pass on HWAddressSanitizer build.
      Merged-In: Id4b5df1be4652e4623847b0b0bad0af65b80fdd5
      Change-Id: Id4b5df1be4652e4623847b0b0bad0af65b80fdd5
      (cherry picked from commit cf6ee247)
      5214c6be
  12. 16 Jul, 2020 1 commit
  13. 15 Jul, 2020 2 commits
  14. 10 Jul, 2020 1 commit
  15. 08 Jul, 2020 1 commit
  16. 07 Jul, 2020 3 commits
  17. 04 Jul, 2020 1 commit
  18. 03 Jul, 2020 2 commits
  19. 02 Jul, 2020 1 commit
    • Mike Yu's avatar
      Fix private DNS not working due to getConnectCounter() stuck · 3c07ec67
      Mike Yu authored
      This call is not necessary to be protected by DnsTlsDispatcher::sLock.
      The lock aims at protecting the creation/deletion of DnsTlsTransport.
      Since the call is used only for the metrics, this change doesn't impact
      on the functionality of private DNS.
      
      Bug description:
      When a thread gets stuck in TLS handshake, it might lead to another
      thread blocking in the call getConnectCounter(). This results in
      other DNS requests get stuck in the call getOrderedServerList()
      because they are awaiting a lock hold by the second thread which
      is also awaiting another lock hold by the first thread.
      
      An example scenario is: In DNS strict mode, a private DNS server
      used to be available in mobile data but becomes unresponsive.
      Then, a new DNS request triggers the DnsResolver to do handshaking.
      Before the handshake finishes, wifi can't work.
      
      How to reproduce the bug:
        1) Set DNS strict mode, turn on mobile data
        2) Wait 20s for TLS connection disconnected. It can be check by:
             - ps -AT $(pidof netd) | grep "TlsListen"
        3) Drop DoT traffic by the command:
             - iptables -A OUTPUT -p tcp --dport 853 -o rmnet_data1 -j DROP
        4) Turn on wifi. Wifi shows no internet
      
      Bug: 160027328
      Test: not reproducible by the above steps
      Test: cd packages/modules/DnsResolver && atest
      
      Change-Id: I050ce8f13c19f706d58bac44c0e5a269481cb0c0
      3c07ec67
  20. 23 Jun, 2020 1 commit
  21. 22 Jun, 2020 9 commits
  22. 19 Jun, 2020 1 commit
  23. 18 Jun, 2020 1 commit