Support DDR in NetworkMonitor
This is the initial implementation of DDR that discovers the
encrypted DNS configuration of DNS servers on a network. The
implementation is guarded by a flag "dns_ddr_version" that is
flagged off.
In this implementation, NetworkMonitor does SVCB lookup if
any of the following events occurs:
- Private DNS settings changed.
- The list of DNS servers changed.
- Network validation
After receiving an SVCB response, only the servers that
satisfy the following criteria are selected as candidate
DoH servers (depending on private DNS mode)
- Opportunistic mode: the server's IP address
must match unencrypted resolver's IP address.
- Strict mode: the TargetName of the DoH servers must be
identical to the strict mode hostname.
Bug: 240259333
Test: Verified DDR is enabled when the flag is set to 1
Verified DDR is disabled when the flag is set to 0 and 999999999
Test: Manually test. Verified SVCB answers are parsed correctly
with these private DNS hostnames:
8888.google/one.one.one.one
Test: atest NetworkStackIntegrationTests with the flag enabled/disabled
Test: atest CtsNetTestCasesLatestSdk
Change-Id: I7703ebc6ce1a3ff57fd15373a8d7073187c255c9
4 files changed