diff options
author | android-build-team Robot <android-build-team-robot@google.com> | 2018-07-23 23:06:43 +0000 |
---|---|---|
committer | android-build-team Robot <android-build-team-robot@google.com> | 2018-07-23 23:06:43 +0000 |
commit | 462e0c58f297bde2fb63b93872e668c6a81a7fc9 (patch) | |
tree | 963815b1bc8912d9e67b83b121b0bd5e5b3fd9fc | |
parent | 300f909da9536e8cb1883de8ff4e15b79e0137b2 (diff) | |
parent | 83fbc4b31a1f3231df7c27b8a6205193fcb3ed5a (diff) | |
download | netd-pie-dr1-release.tar.gz |
Merge cherrypicks of [4607809, 4607810, 4609855, 4608092, 4608093, 4607931, 4607932, 4609887, 4609888, 4609907, 4609873, 4609874, 4609927, 4609928, 4609967, 4609968, 4609969, 4609970, 4609971, 4607550, 4607551, 4607552, 4607553, 4607554, 4607555, 4607556, 4607557, 4607558, 4607559, 4609929, 4608094, 4608095, 4608096, 4608097, 4608098, 4608099, 4610018, 4610019, 4610047] into pi-dr1-releaseandroid-9.0.0_r12android-9.0.0_r11pie-dr1-release
Change-Id: I60340a368244bd8f979edf01036450d2d2a26577
-rw-r--r-- | server/ResolverController.cpp | 41 |
1 files changed, 29 insertions, 12 deletions
diff --git a/server/ResolverController.cpp b/server/ResolverController.cpp index f8e1fb3e..0812e7a2 100644 --- a/server/ResolverController.cpp +++ b/server/ResolverController.cpp @@ -168,9 +168,7 @@ class PrivateDnsConfiguration { // Add any new or changed servers to the tracker, and initiate async checks for them. for (const auto& server : tlsServers) { - // Don't probe a server more than once. This means that the only way to - // re-check a failed server is to remove it and re-add it from the netId. - if (tracker.count(server) == 0) { + if (needsValidation(tracker, server)) { validatePrivateDnsProvider(server, tracker, netId); } } @@ -305,7 +303,15 @@ class PrivateDnsConfiguration { return DONT_REEVALUATE; } - bool reevaluationStatus = success ? DONT_REEVALUATE : NEEDS_REEVALUATION; + const auto mode = mPrivateDnsModes.find(netId); + if (mode == mPrivateDnsModes.end()) { + ALOGW("netId %u has no private DNS validation mode", netId); + return DONT_REEVALUATE; + } + const bool modeDoesReevaluation = (mode->second == PrivateDnsMode::STRICT); + + bool reevaluationStatus = (success || !modeDoesReevaluation) + ? DONT_REEVALUATE : NEEDS_REEVALUATION; auto& tracker = netPair->second; auto serverPair = tracker.find(server); @@ -348,9 +354,10 @@ class PrivateDnsConfiguration { } } else { // Validation failure is expected if a user is on a captive portal. - // TODO: Trigger a second validation attempt after captive portal login - // succeeds. - tracker[server] = Validation::fail; + // A second validation attempt is triggered in opportunistic mode + // by the framework after captive portal login succeeds. + tracker[server] = (reevaluationStatus == NEEDS_REEVALUATION) + ? Validation::in_process : Validation::fail; if (DBG) { ALOGD("Validation failed for %s!", addrToString(&(server.ss)).c_str()); } @@ -359,6 +366,16 @@ class PrivateDnsConfiguration { return reevaluationStatus; } + + // Start validation for newly added servers as well as any servers that have + // landed in Validation::fail state. Note that servers that have failed + // multiple validation attempts but for which there is still a validating + // thread running are marked as being Validation::in_process. + static bool needsValidation(const PrivateDnsTracker& tracker, const DnsTlsServer& server) { + const auto& iter = tracker.find(server); + return (iter == tracker.end()) || (iter->second == Validation::fail); + } + EventReporter mEventReporter; std::mutex mPrivateDnsLock; @@ -368,7 +385,7 @@ class PrivateDnsConfiguration { std::map<unsigned, PrivateDnsTracker> mPrivateDnsTransports GUARDED_BY(mPrivateDnsLock); android::sp<android::net::metrics::INetdEventListener> mNetdEventListener GUARDED_BY(mPrivateDnsLock); -} privateDnsConfiguration; +} sPrivateDnsConfiguration; } // namespace @@ -382,7 +399,7 @@ int ResolverController::setDnsServers(unsigned netId, const char* searchDomains, ResolverController::PrivateDnsStatus ResolverController::getPrivateDnsStatus(unsigned netId) const { - return privateDnsConfiguration.getStatus(netId); + return sPrivateDnsConfiguration.getStatus(netId); } int ResolverController::clearDnsServers(unsigned netId) { @@ -390,7 +407,7 @@ int ResolverController::clearDnsServers(unsigned netId) { if (DBG) { ALOGD("clearDnsServers netId = %u\n", netId); } - privateDnsConfiguration.clear(netId); + sPrivateDnsConfiguration.clear(netId); return 0; } @@ -486,7 +503,7 @@ int ResolverController::setResolverConfiguration(int32_t netId, return -EINVAL; } - const int err = privateDnsConfiguration.set(netId, tlsServers, tlsName, tlsFingerprints); + const int err = sPrivateDnsConfiguration.set(netId, tlsServers, tlsName, tlsFingerprints); if (err != 0) { return err; } @@ -590,7 +607,7 @@ void ResolverController::dump(DumpWriter& dw, unsigned netId) { static_cast<unsigned>(params.max_samples)); } - privateDnsConfiguration.dump(dw, netId); + sPrivateDnsConfiguration.dump(dw, netId); } dw.decIndent(); } |