Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 615036f4 authored by Lingfeng Yang's avatar Lingfeng Yang Committed by Joshua Duong
Browse files

adbd: only register dnsservices via explicit API 

For privacy/security reasons, let's not broadcast the adb secure
services on startup automatically, and instead leave that up to
the rest of the adbd code somehow.

Instead, this CL adds an API in daemon/mdns.h that lets the user
control when registration happens, potentially only doing so if
the developer option is enabled or something.

Bug: 111434128, 119490749

Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: Idc994a59ef9e5d48f08796c21989883497e19ef8
parent cef4ade8

adb/daemon/mdns.cpp

+67 −21
Original line number Diff line number Diff line
@@ -14,6 +14,7 @@ 
 * limitations under the License.

 */



#include "mdns.h"

#include "adb_mdns.h"

#include "sysdeps.h"
@@ -60,43 +61,58 @@ static void mdns_callback(DNSServiceRef /*ref*/, 
    }

}



static void setup_mdns_thread() {

    start_mdns();

static void register_mdns_service(int index, int port) {

    std::lock_guard<std::mutex> lock(mdns_lock);



    std::string hostname = "adb-";

    hostname += android::base::GetProperty("ro.serialno", "unidentified");



    for (int i = 0; i < kNumADBDNSServices; i++) {

        auto error = DNSServiceRegister(&mdns_refs[i], 0, 0, hostname.c_str(), kADBDNSServices[i],

                                        nullptr, nullptr, htobe16((uint16_t)port), 0, nullptr,

                                        mdns_callback, nullptr);

    auto error = DNSServiceRegister(&mdns_refs[index], 0, 0, hostname.c_str(),

                                    kADBDNSServices[index], nullptr, nullptr,

                                    htobe16((uint16_t)port), 0, nullptr, mdns_callback, nullptr);



    if (error != kDNSServiceErr_NoError) {

            LOG(ERROR) << "Could not register mDNS service " << kADBDNSServices[i] << ", error ("

        LOG(ERROR) << "Could not register mDNS service " << kADBDNSServices[index] << ", error ("

                   << error << ").";

            mdns_registered[i] = false;

        mdns_registered[index] = false;

    }



        mdns_registered[i] = true;

    mdns_registered[index] = true;



    LOG(INFO) << "adbd mDNS service " << kADBDNSServices[index]

              << " registered: " << mdns_registered[index];

}



    for (int i = 0; i < kNumADBDNSServices; i++) {

        LOG(INFO) << "adbd mDNS service " << kADBDNSServices[i]

                  << " registered: " << mdns_registered[i];

static void unregister_mdns_service(int index) {

    std::lock_guard<std::mutex> lock(mdns_lock);



    if (mdns_registered[index]) {

        DNSServiceRefDeallocate(mdns_refs[index]);

    }

}



static void teardown_mdns() {

    std::lock_guard<std::mutex> lock(mdns_lock);

static void register_base_mdns_transport() {

    register_mdns_service(kADBTransportServiceRefIndex, port);

}



    for (int i = 0; i < kNumADBDNSServices; ++i) {

        if (mdns_registered[i]) {

            DNSServiceRefDeallocate(mdns_refs[i]);

static void setup_mdns_thread() {

    start_mdns();



    // We will now only set up the normal transport mDNS service

    // instead of registering all the adb secure mDNS services

    // in the beginning. This is to provide more privacy/security.

    register_base_mdns_transport();

}



// This also tears down any adb secure mDNS services, if they exist.

static void teardown_mdns() {

    for (int i = 0; i < kNumADBDNSServices; ++i) {

        unregister_mdns_service(i);

    }

}



// Public interface/////////////////////////////////////////////////////////////



void setup_mdns(int port_in) {

    port = port_in;

    std::thread(setup_mdns_thread).detach();
@@ -104,3 +120,33 @@ void setup_mdns(int port_in) { 
    // TODO: Make this more robust against a hard kill.

    atexit(teardown_mdns);

}



void register_adb_secure_pairing_service(int port) {

    std::thread([port]() {

        register_mdns_service(kADBSecurePairingServiceRefIndex, port);

    }).detach();

}



void unregister_adb_secure_pairing_service() {

    std::thread([]() { unregister_mdns_service(kADBSecurePairingServiceRefIndex); }).detach();

}



bool is_adb_secure_pairing_service_registered() {

    std::lock_guard<std::mutex> lock(mdns_lock);

    return mdns_registered[kADBSecurePairingServiceRefIndex];

}



void register_adb_secure_connect_service(int port) {

    std::thread([port]() {

        register_mdns_service(kADBSecureConnectServiceRefIndex, port);

    }).detach();

}



void unregister_adb_secure_connect_service() {

    std::thread([]() { unregister_mdns_service(kADBSecureConnectServiceRefIndex); }).detach();

}



bool is_adb_secure_connect_service_registered() {

    std::lock_guard<std::mutex> lock(mdns_lock);

    return mdns_registered[kADBSecureConnectServiceRefIndex];

}

adb/daemon/mdns.h

+8 −0
Original line number Diff line number Diff line
@@ -19,4 +19,12 @@ 


void setup_mdns(int port);



void register_adb_secure_pairing_service(int port);

void unregister_adb_secure_pairing_service(int port);

bool is_adb_secure_pairing_service_registered();



void register_adb_secure_connect_service(int port);

void unregister_adb_secure_connect_service(int port);

bool is_adb_secure_connect_service_registered();



#endif  // _DAEMON_MDNS_H_