From 0162dba80d464b3a530da4e187192d22c7619868 Mon Sep 17 00:00:00 2001 From: Erik Kline Date: Wed, 21 Mar 2018 07:18:33 -0700 Subject: [PATCH] Support bypassing TLS in the framework This change comprises the following parts: [1] android.net.dns.ResolvUtil, containing methods that encapsulate the use of the high bit in netids used in DNS resolution contexts. [2] Updates to captive portal apps to call the ResolvUtil method that enables DNS-over-TLS bypass for the captive portal app process. Test: as follows - builds - flashes - boots - runtest frameworks-net passes Bug: 64133961 Bug: 72345192 Change-Id: I2072c1f68d6978fa0d7e9d8693135a2c51bb0f87 --- .../server/connectivity/DnsManager.java | 36 +++++++------------ 1 file changed, 12 insertions(+), 24 deletions(-) diff --git a/services/core/java/com/android/server/connectivity/DnsManager.java b/services/core/java/com/android/server/connectivity/DnsManager.java index 36f5a6c354..55798491cd 100644 --- a/services/core/java/com/android/server/connectivity/DnsManager.java +++ b/services/core/java/com/android/server/connectivity/DnsManager.java @@ -34,22 +34,19 @@ import android.net.LinkProperties; import android.net.Network; import android.net.NetworkUtils; import android.net.Uri; +import android.net.dns.ResolvUtil; import android.os.Binder; import android.os.INetworkManagementService; import android.os.Handler; import android.os.UserHandle; import android.provider.Settings; -import android.system.GaiException; -import android.system.OsConstants; -import android.system.StructAddrinfo; import android.text.TextUtils; import android.util.Slog; import com.android.server.connectivity.MockableSystemProperties; -import libcore.io.Libcore; - import java.net.InetAddress; +import java.net.UnknownHostException; import java.util.Arrays; import java.util.Collection; import java.util.HashMap; @@ -126,28 +123,19 @@ public class DnsManager { } public static PrivateDnsConfig tryBlockingResolveOf(Network network, String name) { - final StructAddrinfo hints = new StructAddrinfo(); - // Unnecessary, but expressly no AI_ADDRCONFIG. - hints.ai_flags = 0; - // Fetch all IP addresses at once to minimize re-resolution. - hints.ai_family = OsConstants.AF_UNSPEC; - hints.ai_socktype = OsConstants.SOCK_DGRAM; - try { - final InetAddress[] ips = Libcore.os.android_getaddrinfo(name, hints, network.netId); - if (ips != null && ips.length > 0) { - return new PrivateDnsConfig(name, ips); - } - } catch (GaiException ignored) {} - - return null; + final InetAddress[] ips = ResolvUtil.blockingResolveAllLocally(network, name); + return new PrivateDnsConfig(name, ips); + } catch (UnknownHostException uhe) { + return new PrivateDnsConfig(name, null); + } } public static Uri[] getPrivateDnsSettingsUris() { - final Uri[] uris = new Uri[2]; - uris[0] = Settings.Global.getUriFor(PRIVATE_DNS_MODE); - uris[1] = Settings.Global.getUriFor(PRIVATE_DNS_SPECIFIER); - return uris; + return new Uri[]{ + Settings.Global.getUriFor(PRIVATE_DNS_MODE), + Settings.Global.getUriFor(PRIVATE_DNS_SPECIFIER), + }; } private final Context mContext; @@ -203,7 +191,7 @@ public class DnsManager { // NetworkMonitor to decide which networks need validation and runs the // blocking calls to resolve Private DNS strict mode hostnames. // - // At this time we do attempt to enable Private DNS on non-Internet + // At this time we do not attempt to enable Private DNS on non-Internet // networks like IMS. final PrivateDnsConfig privateDnsCfg = mPrivateDnsMap.get(netId);