Skip to content
GitLab
Switch branch/tag
This project is mirrored from https://github.com/LineageOS/android_packages_modules_DnsResolver.git. Pull mirroring updated .
  1. 23 May, 2022 1 commit
  3. 19 May, 2022 1 commit
    • Rohit's avatar
      shouldBlockRequest: Don't block if socket connect fails · 4f4501dc
      Rohit authored 
      * On (re)boot:

  05-19 13:27:49.303   605   987 I netd    : DnsResolverService::setResolverConfiguration(100, [192.168.1.1], [], 1800, 25, 8, 64, 0, 0, [], []) -> (-22) (0.6ms)
  05-19 13:27:49.303   605   987 I netd    : setResolverConfiguration() -> ServiceSpecificException(22, "Invalid argument") <1.35ms>
  05-19 13:27:49.304  1574  1698 E DnsManager: Error setting DNS configuration: android.os.ServiceSpecificException: Invalid argument (code 22)

  ..which subsequently leads to connectivity check probes failing.

* Thanks to Alexandre for the hint
      4f4501dc
  5. 27 Apr, 2022 2 commits
  7. 04 Apr, 2022 3 commits
  9. 02 Mar, 2022 1 commit
  11. 03 Nov, 2021 1 commit
  13. 01 Oct, 2021 2 commits
    • Tom Marshall's avatar
      DnsResolver: Support wildcards in cached hosts file · cb250fea
      Tom Marshall authored 
      If an exact name is not found in the hosts file and the host name
contains at least one dot, search for entries of the form "*.domain",
where domain is the portion of the host name after the first dot.  If
that is not found, repeat using the domain.

Example: a.b.c.example.com would search for the following in turn:
	a.b.c.example.com
	*.b.c.example.com
	*.c.example.com
	*.example.com
	*.com

Note: this change is the analogue of the bionic change of the same name.
Both should be kept in sync.

Change-Id: I4b0bb81699151d5b371850daebf785e35ec9b170
      cb250fea
    • Tom Marshall's avatar
      DnsResolver: Sort and cache hosts file data for fast lookup · b0042566
      Tom Marshall authored 
      The hosts file is normally searched linearly.  This is very slow when
the file is large.  To mitigate this, read the hosts file and sort the
entries in an in-memory cache.  When an address is requested via
gethostbyname or getaddrinfo, binary search the cache.

In case where the cache is not available, return a suitable error code
and fall back to the existing lookup code.

This has been written to behave as much like the existing lookup code as
possible.  But note bionic and glibc differ in behavior for some corner
cases.  Choose the most standard compliant behavior for these where
possible.  Otherwise choose the behavior that seems most reasonable.

Note: this change is the analogue of the bionic change of the same name.
Both should be kept in sync.

Change-Id: I5926493864d4b1291ae83f8b601bf5dcc54085cd
      b0042566
  15. 28 Dec, 2020 1 commit
    • Mike Yu's avatar
      Fix ResolverTest.ConnectTlsServerTimeout broken · 4a35e679
      Mike Yu authored 
      The test is not compatible with a newer DnsResolver which gets
the flag from an Experiments class rather than from system properties.

Bug: 175900450
Test: ResolverTest.ConnectTlsServerTimeout
Ignore-AOSP-First: This test in internal master has the fix already
Change-Id: Ie856b1fdbd7069cae1c78989813e96073b69cd01
Merged-In: Iabfc14ad6b525e4cdc26f9fee83742acaee881e0
      4a35e679
  17. 16 Sep, 2020 1 commit
    • Ken Chen's avatar
      Fix OOB read in DNS resolver · 8c222de9
      Ken Chen authored 
      The remote server specifies resplen, the length of the response it
intends to send. anssiz represents the size of the destination buffer.
If the reported resplen is larger than the anssiz, the code correctly
only reads up to anssiz bytes, but returns resplen. so later functions
will access far out of bounds.

The fix ensures that the length of send_vc return does not exceed the
buffer size.

Bug: 161362564
Test: atest pass on HWAddressSanitizer build.
Merged-In: Id4b5df1be4652e4623847b0b0bad0af65b80fdd5
Change-Id: Id4b5df1be4652e4623847b0b0bad0af65b80fdd5
(cherry picked from commit cf6ee247)
(cherry picked from commit 5214c6be)
      8c222de9
  19. 30 Aug, 2020 2 commits
  21. 06 Aug, 2020 1 commit
    • Ken Chen's avatar
      Fix OOB read in DNS resolver · 5214c6be
      Ken Chen authored 
      The remote server specifies resplen, the length of the response it
intends to send. anssiz represents the size of the destination buffer.
If the reported resplen is larger than the anssiz, the code correctly
only reads up to anssiz bytes, but returns resplen. so later functions
will access far out of bounds.

The fix ensures that the length of send_vc return does not exceed the
buffer size.

Bug: 161362564
Test: atest pass on HWAddressSanitizer build.
Merged-In: Id4b5df1be4652e4623847b0b0bad0af65b80fdd5
Change-Id: Id4b5df1be4652e4623847b0b0bad0af65b80fdd5
(cherry picked from commit cf6ee247)
      5214c6be
  23. 16 Jul, 2020 1 commit
  25. 15 Jul, 2020 2 commits
  27. 10 Jul, 2020 1 commit
  29. 08 Jul, 2020 1 commit
  31. 07 Jul, 2020 3 commits
  33. 04 Jul, 2020 1 commit
  35. 03 Jul, 2020 2 commits
  37. 02 Jul, 2020 1 commit
    • Mike Yu's avatar
      Fix private DNS not working due to getConnectCounter() stuck · 3c07ec67
      Mike Yu authored 
      This call is not necessary to be protected by DnsTlsDispatcher::sLock.
The lock aims at protecting the creation/deletion of DnsTlsTransport.
Since the call is used only for the metrics, this change doesn't impact
on the functionality of private DNS.

Bug description:
When a thread gets stuck in TLS handshake, it might lead to another
thread blocking in the call getConnectCounter(). This results in
other DNS requests get stuck in the call getOrderedServerList()
because they are awaiting a lock hold by the second thread which
is also awaiting another lock hold by the first thread.

An example scenario is: In DNS strict mode, a private DNS server
used to be available in mobile data but becomes unresponsive.
Then, a new DNS request triggers the DnsResolver to do handshaking.
Before the handshake finishes, wifi can't work.

How to reproduce the bug:
  1) Set DNS strict mode, turn on mobile data
  2) Wait 20s for TLS connection disconnected. It can be check by:
       - ps -AT $(pidof netd) | grep "TlsListen"
  3) Drop DoT traffic by the command:
       - iptables -A OUTPUT -p tcp --dport 853 -o rmnet_data1 -j DROP
  4) Turn on wifi. Wifi shows no internet

Bug: 160027328
Test: not reproducible by the above steps
Test: cd packages/modules/DnsResolver && atest

Change-Id: I050ce8f13c19f706d58bac44c0e5a269481cb0c0
      3c07ec67
  39. 23 Jun, 2020 1 commit
  41. 22 Jun, 2020 9 commits
  43. 19 Jun, 2020 1 commit
  45. 18 Jun, 2020 1 commit