Move the logic of (re)evaluation of Private DNS
Moves this out of ConnectivityService and into each NetworkMonitor
(where it's more self-contained).
Test: as follows
- builds, flashes, boots
- runtest frameworks-net passes
- manual testing with working and non-working hostnames behaves
somewhat (but not entirely) as expected, and not always quickly
Bug: 64133961
Bug: 72345192
Bug: 73872000
Bug: 77140445
Change-Id: Ic4322af3cb49149f2d975cb31f54b2ac7927f907
This commit is contained in:
Erik Kline
@@ -17,6 +17,9 @@
|
||||
package com.android.server;
|
||||
|
||||
import static android.net.ConnectivityManager.CONNECTIVITY_ACTION;
|
||||
import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_OFF;
|
||||
import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_OPPORTUNISTIC;
|
||||
import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_PROVIDER_HOSTNAME;
|
||||
import static android.net.ConnectivityManager.TYPE_ETHERNET;
|
||||
import static android.net.ConnectivityManager.TYPE_MOBILE;
|
||||
import static android.net.ConnectivityManager.TYPE_MOBILE_FOTA;
|
||||
@@ -70,6 +73,7 @@ import static org.mockito.Mockito.reset;
|
||||
import static org.mockito.Mockito.spy;
|
||||
import static org.mockito.Mockito.times;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
|
||||
@@ -181,6 +185,9 @@ public class ConnectivityServiceTest {
|
||||
private static final int TIMEOUT_MS = 500;
|
||||
private static final int TEST_LINGER_DELAY_MS = 120;
|
||||
|
||||
private static final String MOBILE_IFNAME = "test_rmnet_data0";
|
||||
private static final String WIFI_IFNAME = "test_wlan0";
|
||||
|
||||
private MockContext mServiceContext;
|
||||
private WrappedConnectivityService mService;
|
||||
private WrappedConnectivityManager mCm;
|
||||
@@ -751,7 +758,7 @@ public class ConnectivityServiceTest {
|
||||
|
||||
// NetworkMonitor implementation allowing overriding of Internet connectivity probe result.
|
||||
private class WrappedNetworkMonitor extends NetworkMonitor {
|
||||
public Handler connectivityHandler;
|
||||
public final Handler connectivityHandler;
|
||||
// HTTP response code fed back to NetworkMonitor for Internet connectivity probe.
|
||||
public int gen204ProbeResult = 500;
|
||||
public String gen204ProbeRedirectUrl = null;
|
||||
@@ -926,6 +933,7 @@ public class ConnectivityServiceTest {
|
||||
// Ensure that the default setting for Captive Portals is used for most tests
|
||||
setCaptivePortalMode(Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
|
||||
setMobileDataAlwaysOn(false);
|
||||
setPrivateDnsSettings(PRIVATE_DNS_MODE_OFF, "ignored.example.com");
|
||||
}
|
||||
|
||||
@After
|
||||
@@ -2580,6 +2588,14 @@ public class ConnectivityServiceTest {
|
||||
waitForIdle();
|
||||
}
|
||||
|
||||
private void setPrivateDnsSettings(String mode, String specifier) {
|
||||
final ContentResolver cr = mServiceContext.getContentResolver();
|
||||
Settings.Global.putString(cr, Settings.Global.PRIVATE_DNS_MODE, mode);
|
||||
Settings.Global.putString(cr, Settings.Global.PRIVATE_DNS_SPECIFIER, specifier);
|
||||
mService.updatePrivateDnsSettings();
|
||||
waitForIdle();
|
||||
}
|
||||
|
||||
private boolean isForegroundNetwork(MockNetworkAgent network) {
|
||||
NetworkCapabilities nc = mCm.getNetworkCapabilities(network.getNetwork());
|
||||
assertNotNull(nc);
|
||||
@@ -3579,7 +3595,7 @@ public class ConnectivityServiceTest {
|
||||
mCm.registerNetworkCallback(networkRequest, networkCallback);
|
||||
|
||||
LinkProperties lp = new LinkProperties();
|
||||
lp.setInterfaceName("wlan0");
|
||||
lp.setInterfaceName(WIFI_IFNAME);
|
||||
LinkAddress myIpv4Address = new LinkAddress("192.168.12.3/24");
|
||||
RouteInfo myIpv4DefaultRoute = new RouteInfo((IpPrefix) null,
|
||||
NetworkUtils.numericToInetAddress("192.168.12.1"), lp.getInterfaceName());
|
||||
@@ -3668,52 +3684,63 @@ public class ConnectivityServiceTest {
|
||||
|
||||
@Test
|
||||
public void testBasicDnsConfigurationPushed() throws Exception {
|
||||
final String IFNAME = "test_rmnet_data0";
|
||||
final String[] EMPTY_TLS_SERVERS = new String[0];
|
||||
setPrivateDnsSettings(PRIVATE_DNS_MODE_OPPORTUNISTIC, "ignored.example.com");
|
||||
ArgumentCaptor<String[]> tlsServers = ArgumentCaptor.forClass(String[].class);
|
||||
|
||||
// Clear any interactions that occur as a result of CS starting up.
|
||||
reset(mNetworkManagementService);
|
||||
|
||||
final String[] EMPTY_STRING_ARRAY = new String[0];
|
||||
mCellNetworkAgent = new MockNetworkAgent(TRANSPORT_CELLULAR);
|
||||
waitForIdle();
|
||||
verify(mNetworkManagementService, never()).setDnsConfigurationForNetwork(
|
||||
anyInt(), any(), any(), any(), anyString(), eq(EMPTY_TLS_SERVERS));
|
||||
anyInt(), eq(EMPTY_STRING_ARRAY), any(), any(), eq(""), eq(EMPTY_STRING_ARRAY));
|
||||
verifyNoMoreInteractions(mNetworkManagementService);
|
||||
|
||||
final LinkProperties cellLp = new LinkProperties();
|
||||
cellLp.setInterfaceName(IFNAME);
|
||||
cellLp.setInterfaceName(MOBILE_IFNAME);
|
||||
// Add IPv4 and IPv6 default routes, because DNS-over-TLS code does
|
||||
// "is-reachable" testing in order to not program netd with unreachable
|
||||
// nameservers that it might try repeated to validate.
|
||||
cellLp.addLinkAddress(new LinkAddress("192.0.2.4/24"));
|
||||
cellLp.addRoute(new RouteInfo((IpPrefix) null, InetAddress.getByName("192.0.2.4"), IFNAME));
|
||||
cellLp.addRoute(new RouteInfo((IpPrefix) null, InetAddress.getByName("192.0.2.4"),
|
||||
MOBILE_IFNAME));
|
||||
cellLp.addLinkAddress(new LinkAddress("2001:db8:1::1/64"));
|
||||
cellLp.addRoute(
|
||||
new RouteInfo((IpPrefix) null, InetAddress.getByName("2001:db8:1::1"), IFNAME));
|
||||
cellLp.addRoute(new RouteInfo((IpPrefix) null, InetAddress.getByName("2001:db8:1::1"),
|
||||
MOBILE_IFNAME));
|
||||
mCellNetworkAgent.sendLinkProperties(cellLp);
|
||||
mCellNetworkAgent.connect(false);
|
||||
waitForIdle();
|
||||
verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(
|
||||
anyInt(), mStringArrayCaptor.capture(), any(), any(),
|
||||
anyString(), eq(EMPTY_TLS_SERVERS));
|
||||
// CS tells netd about the empty DNS config for this network.
|
||||
assertEmpty(mStringArrayCaptor.getValue());
|
||||
verify(mNetworkManagementService, atLeastOnce()).setDnsConfigurationForNetwork(
|
||||
anyInt(), eq(EMPTY_STRING_ARRAY), any(), any(), eq(""), eq(EMPTY_STRING_ARRAY));
|
||||
reset(mNetworkManagementService);
|
||||
|
||||
cellLp.addDnsServer(InetAddress.getByName("2001:db8::1"));
|
||||
mCellNetworkAgent.sendLinkProperties(cellLp);
|
||||
waitForIdle();
|
||||
verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(
|
||||
verify(mNetworkManagementService, atLeastOnce()).setDnsConfigurationForNetwork(
|
||||
anyInt(), mStringArrayCaptor.capture(), any(), any(),
|
||||
anyString(), eq(EMPTY_TLS_SERVERS));
|
||||
eq(""), tlsServers.capture());
|
||||
assertEquals(1, mStringArrayCaptor.getValue().length);
|
||||
assertTrue(ArrayUtils.contains(mStringArrayCaptor.getValue(), "2001:db8::1"));
|
||||
// Opportunistic mode.
|
||||
assertTrue(ArrayUtils.contains(tlsServers.getValue(), "2001:db8::1"));
|
||||
reset(mNetworkManagementService);
|
||||
|
||||
cellLp.addDnsServer(InetAddress.getByName("192.0.2.1"));
|
||||
mCellNetworkAgent.sendLinkProperties(cellLp);
|
||||
waitForIdle();
|
||||
verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(
|
||||
verify(mNetworkManagementService, atLeastOnce()).setDnsConfigurationForNetwork(
|
||||
anyInt(), mStringArrayCaptor.capture(), any(), any(),
|
||||
anyString(), eq(EMPTY_TLS_SERVERS));
|
||||
eq(""), tlsServers.capture());
|
||||
assertEquals(2, mStringArrayCaptor.getValue().length);
|
||||
assertTrue(ArrayUtils.containsAll(mStringArrayCaptor.getValue(),
|
||||
new String[]{"2001:db8::1", "192.0.2.1"}));
|
||||
// Opportunistic mode.
|
||||
assertEquals(2, tlsServers.getValue().length);
|
||||
assertTrue(ArrayUtils.containsAll(tlsServers.getValue(),
|
||||
new String[]{"2001:db8::1", "192.0.2.1"}));
|
||||
reset(mNetworkManagementService);
|
||||
|
||||
final String TLS_SPECIFIER = "tls.example.com";
|
||||
@@ -3726,7 +3753,7 @@ public class ConnectivityServiceTest {
|
||||
mCellNetworkAgent.getNetwork().netId,
|
||||
new DnsManager.PrivateDnsConfig(TLS_SPECIFIER, TLS_IPS)));
|
||||
waitForIdle();
|
||||
verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(
|
||||
verify(mNetworkManagementService, atLeastOnce()).setDnsConfigurationForNetwork(
|
||||
anyInt(), mStringArrayCaptor.capture(), any(), any(),
|
||||
eq(TLS_SPECIFIER), eq(TLS_SERVERS));
|
||||
assertEquals(2, mStringArrayCaptor.getValue().length);
|
||||
@@ -3735,6 +3762,77 @@ public class ConnectivityServiceTest {
|
||||
reset(mNetworkManagementService);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPrivateDnsSettingsChange() throws Exception {
|
||||
final String[] EMPTY_STRING_ARRAY = new String[0];
|
||||
ArgumentCaptor<String[]> tlsServers = ArgumentCaptor.forClass(String[].class);
|
||||
|
||||
// Clear any interactions that occur as a result of CS starting up.
|
||||
reset(mNetworkManagementService);
|
||||
|
||||
// The default on Android is opportunistic mode ("Automatic").
|
||||
setPrivateDnsSettings(PRIVATE_DNS_MODE_OPPORTUNISTIC, "ignored.example.com");
|
||||
|
||||
mCellNetworkAgent = new MockNetworkAgent(TRANSPORT_CELLULAR);
|
||||
waitForIdle();
|
||||
// CS tells netd about the empty DNS config for this network.
|
||||
verify(mNetworkManagementService, never()).setDnsConfigurationForNetwork(
|
||||
anyInt(), eq(EMPTY_STRING_ARRAY), any(), any(), eq(""), eq(EMPTY_STRING_ARRAY));
|
||||
verifyNoMoreInteractions(mNetworkManagementService);
|
||||
|
||||
final LinkProperties cellLp = new LinkProperties();
|
||||
cellLp.setInterfaceName(MOBILE_IFNAME);
|
||||
// Add IPv4 and IPv6 default routes, because DNS-over-TLS code does
|
||||
// "is-reachable" testing in order to not program netd with unreachable
|
||||
// nameservers that it might try repeated to validate.
|
||||
cellLp.addLinkAddress(new LinkAddress("192.0.2.4/24"));
|
||||
cellLp.addRoute(new RouteInfo((IpPrefix) null, InetAddress.getByName("192.0.2.4"),
|
||||
MOBILE_IFNAME));
|
||||
cellLp.addLinkAddress(new LinkAddress("2001:db8:1::1/64"));
|
||||
cellLp.addRoute(new RouteInfo((IpPrefix) null, InetAddress.getByName("2001:db8:1::1"),
|
||||
MOBILE_IFNAME));
|
||||
cellLp.addDnsServer(InetAddress.getByName("2001:db8::1"));
|
||||
cellLp.addDnsServer(InetAddress.getByName("192.0.2.1"));
|
||||
|
||||
mCellNetworkAgent.sendLinkProperties(cellLp);
|
||||
mCellNetworkAgent.connect(false);
|
||||
waitForIdle();
|
||||
verify(mNetworkManagementService, atLeastOnce()).setDnsConfigurationForNetwork(
|
||||
anyInt(), mStringArrayCaptor.capture(), any(), any(),
|
||||
eq(""), tlsServers.capture());
|
||||
assertEquals(2, mStringArrayCaptor.getValue().length);
|
||||
assertTrue(ArrayUtils.containsAll(mStringArrayCaptor.getValue(),
|
||||
new String[]{"2001:db8::1", "192.0.2.1"}));
|
||||
// Opportunistic mode.
|
||||
assertEquals(2, tlsServers.getValue().length);
|
||||
assertTrue(ArrayUtils.containsAll(tlsServers.getValue(),
|
||||
new String[]{"2001:db8::1", "192.0.2.1"}));
|
||||
reset(mNetworkManagementService);
|
||||
|
||||
setPrivateDnsSettings(PRIVATE_DNS_MODE_OFF, "ignored.example.com");
|
||||
verify(mNetworkManagementService, times(1)).setDnsConfigurationForNetwork(
|
||||
anyInt(), mStringArrayCaptor.capture(), any(), any(),
|
||||
eq(""), eq(EMPTY_STRING_ARRAY));
|
||||
assertEquals(2, mStringArrayCaptor.getValue().length);
|
||||
assertTrue(ArrayUtils.containsAll(mStringArrayCaptor.getValue(),
|
||||
new String[]{"2001:db8::1", "192.0.2.1"}));
|
||||
reset(mNetworkManagementService);
|
||||
|
||||
setPrivateDnsSettings(PRIVATE_DNS_MODE_OPPORTUNISTIC, "ignored.example.com");
|
||||
verify(mNetworkManagementService, atLeastOnce()).setDnsConfigurationForNetwork(
|
||||
anyInt(), mStringArrayCaptor.capture(), any(), any(),
|
||||
eq(""), tlsServers.capture());
|
||||
assertEquals(2, mStringArrayCaptor.getValue().length);
|
||||
assertTrue(ArrayUtils.containsAll(mStringArrayCaptor.getValue(),
|
||||
new String[]{"2001:db8::1", "192.0.2.1"}));
|
||||
assertEquals(2, tlsServers.getValue().length);
|
||||
assertTrue(ArrayUtils.containsAll(tlsServers.getValue(),
|
||||
new String[]{"2001:db8::1", "192.0.2.1"}));
|
||||
reset(mNetworkManagementService);
|
||||
|
||||
// Can't test strict mode without properly mocking out the DNS lookups.
|
||||
}
|
||||
|
||||
private void checkDirectlyConnectedRoutes(Object callbackObj,
|
||||
Collection<LinkAddress> linkAddresses, Collection<RouteInfo> otherRoutes) {
|
||||
assertTrue(callbackObj instanceof LinkProperties);
|
||||
|
||||
Reference in New Issue
Block a user