Gitiles
Code Review Sign In
review.blissroms.org / platform_packages_modules_DnsResolver / 82ae84b9490e898eb839d0b807de23da27437c5b
commit82ae84b9490e898eb839d0b807de23da27437c5b[log] [tgz]
authorMike Yu <yumike@google.com>Wed Dec 02 21:04:40 2020 +0800
committerMike Yu <yumike@google.com>Mon Apr 26 03:10:44 2021 +0000
treef356d3612e202044d1c5fb7d0080978e9f770c2c
parent9310ca2278d55dc53b7173ed21b85d1b523057da [diff]
Implement DoT revalidation

The revalidation starts from DnsTlsDispatcher which uses a counter
for counting the number of continuous network_error failures of a
DoT server. The mechanics works for private DNS opportunistic mode.

- Once the counter reaches dot_revalidation_threshold, DnsTlsDispatcher
  sends a revalidation request to PrivateDnsConfiguration to validate
  the DoT server.
- Once the counter reaches dot_xport_unusable_threshold, DnsTlsDispatcher
  marks the transport of the DoT server as unusable. The DoT server
  won't be used for at least 5 minutes.

DoT revalidation runs when the followings are met:
  [1] the private DNS setting is opportunistic mode
  [2] the requested DoT server is valid to be used on the network
  [3] the requested DoT server is currently marked as Validation::success

The above mechanics runs when the feature flag "dot_revalidation_threshold"
is a positive and zon-zero value, and is -1 when the mechanics is
disabled.

Bug: 79727473
Test: atest when all the flags off
        dot_revalidation_threshold: -1
        dot_async_handshake: 0
        dot_xport_unusable_threshold: -1
        dot_maxtries: 3
        parallel_lookup_sleep_time: 2
        dot_connect_timeout_ms: 127000
        parallel_lookup_release: 0
        sort_nameservers: 0
        keep_listening_udp: 0

Test: atest when all the flags on
        dot_revalidation_threshold: 10
        dot_async_handshake: 1
        dot_xport_unusable_threshold: 20
        dot_maxtries: 1
        parallel_lookup_sleep_time: 2
        dot_connect_timeout_ms: 10000
        parallel_lookup_release: 1
        sort_nameservers: 1
        keep_listening_udp: 1

Change-Id: Id442529468d63156a9aebf30ea5f142dfa689a97
7 files changed
tree: f356d3612e202044d1c5fb7d0080978e9f770c2c
  1. aidl_api/
  2. apex/
  3. binder/
  4. include/
  5. tests/
  6. .clang-format ⇨ ../../../build/soong/scripts/system-clang-format
  7. rustfmt.toml ⇨ ../../../build/soong/scripts/rustfmt.toml
  8. .editorconfig
  9. Android.bp
  10. cbindgen.toml
  11. Dns64Configuration.cpp
  12. Dns64Configuration.h
  13. DnsProxyListener.cpp
  14. DnsProxyListener.h
  15. DnsQueryLog.cpp
  16. DnsQueryLog.h
  17. DnsQueryLogTest.cpp
  18. DnsResolver.cpp
  19. DnsResolver.h
  20. DnsResolverService.cpp
  21. DnsResolverService.h
  22. DnsStats.cpp
  23. DnsStats.h
  24. DnsStatsTest.cpp
  25. DnsTlsDispatcher.cpp
  26. DnsTlsDispatcher.h
  27. DnsTlsQueryMap.cpp
  28. DnsTlsQueryMap.h
  29. DnsTlsServer.cpp
  30. DnsTlsServer.h
  31. DnsTlsSessionCache.cpp
  32. DnsTlsSessionCache.h
  33. DnsTlsSocket.cpp
  34. DnsTlsSocket.h
  35. DnsTlsSocketFactory.h
  36. DnsTlsTransport.cpp
  37. DnsTlsTransport.h
  38. doh.h
  39. doh.rs
  40. doh_ffi_test.cpp
  41. Experiments.cpp
  42. Experiments.h
  43. ExperimentsTest.cpp
  44. getaddrinfo.cpp
  45. getaddrinfo.h
  46. gethnamaddr.cpp
  47. gethnamaddr.h
  48. hostent.h
  49. IDnsTlsSocket.h
  50. IDnsTlsSocketFactory.h
  51. IDnsTlsSocketObserver.h
  52. libnetd_resolv.map.txt
  53. LockedQueue.h
  54. NOTICE
  55. OperationLimiter.h
  56. OperationLimiterTest.cpp
  57. OWNERS
  58. params.h
  59. PREUPLOAD.cfg
  60. PrivateDnsCommon.h
  61. PrivateDnsConfiguration.cpp
  62. PrivateDnsConfiguration.h
  63. PrivateDnsConfigurationTest.cpp
  64. PrivateDnsValidationObserver.h
  65. README-DoT.md
  66. README.md
  67. res_cache.cpp
  68. res_comp.cpp
  69. res_comp.h
  70. res_debug.cpp
  71. res_debug.h
  72. res_mkquery.cpp
  73. res_query.cpp
  74. res_send.cpp
  75. res_send.h
  76. res_stats.cpp
  77. resolv_cache.h
  78. resolv_private.h
  79. resolv_rust_test_config_template.xml
  80. resolv_test_config_template.xml
  81. ResolverController.cpp
  82. ResolverController.h
  83. ResolverEventReporter.cpp
  84. ResolverEventReporter.h
  85. ResolverStats.h
  86. sethostent.cpp
  87. stats.h
  88. stats.proto
  89. TEST_MAPPING
  90. util.cpp
  91. util.h
README.md

Logging

This code uses LOG(X) for logging. Log levels are VERBOSE,DEBUG,INFO,WARNING and ERROR. The default setting is WARNING and logs relate to WARNING and ERROR will be shown. If you want to enable the DEBUG level logs, using following command. adb shell service call dnsresolver 10 i32 1 VERBOSE 0 DEBUG 1 INFO 2 WARNING 3 ERROR 4 Verbose resolver logs could contain PII -- do NOT enable in production builds.