Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / packages / modules / DnsResolver / 59cd583e61d2e099e7a00a949b0642e64f145c50
commit59cd583e61d2e099e7a00a949b0642e64f145c50[log] [tgz]
authorMike Yu <yumike@google.com>Wed Jun 09 16:10:31 2021 +0800
committerMike Yu <yumike@google.com>Wed Jun 16 17:01:27 2021 +0800
tree066076b4bbabc17ac5747ad0632a32d45f37464a
parentb46f8fae6f93a889f24165b8735bc8c2905c7051 [diff]
Implement DNS probe in DoT validation

The purpose of this change is to avoid using DoT servers if they
are much slower than DNS servers. The mechanics is flag-guarded,
and it performs in DoT validation.

The mechanics works as follows:
1. Make use of the original DoT query to establish the connection.
2. Use the same DNS packet to issue a DoT query in parallel with a
   UDP query to the same DoT server.
3. If UDP query failed or is lost, issue another one.
4. See the latencies of both queries. Decide if DoT validation
   can pass.

DoT validation passes if dot_latency is less than (a * udp_latency + b),
where a and b are configurable by dot_validation_latency_factor and
dot_validation_latency_offset_ms respectively.

Original change: https://android-review.googlesource.com/c/platform/packages/modules/DnsResolver/+/1733919

Bug: 188153519
Test: run resolv_integration_test twice
Test: run atest with all the flags off/on
	dot_validation_latency_factor: -1 / 3
	dot_validation_latency_offset_ms: -1 / 100
        sort_nameservers: 0 / 1
        dot_xport_unusable_threshold: -1 / 20
        dot_query_timeout_ms: -1 / 10000
        keep_listening_udp: 0 / 1
        parallel_lookup_sleep_time: 2 / 2
        dot_revalidation_threshold: -1 / 10
        dot_async_handshake: 0 / 1
        dot_maxtries: 3 / 1
        dot_connect_timeout_ms: 127000 / 10000
        parallel_lookup_release: UNSET / UNSET

Change-Id: I8507c409b0cb6e48655d54611256917392db69ac
Merged-In: I8507c409b0cb6e48655d54611256917392db69ac
5 files changed
tree: 066076b4bbabc17ac5747ad0632a32d45f37464a
  1. aidl_api/
  2. apex/
  3. binder/
  4. include/
  5. tests/
  6. .clang-format ⇨ ../../../build/soong/scripts/system-clang-format
  7. rustfmt.toml ⇨ ../../../build/soong/scripts/rustfmt.toml
  8. .editorconfig
  9. Android.bp
  10. cbindgen.toml
  11. Dns64Configuration.cpp
  12. Dns64Configuration.h
  13. DnsProxyListener.cpp
  14. DnsProxyListener.h
  15. DnsQueryLog.cpp
  16. DnsQueryLog.h
  17. DnsQueryLogTest.cpp
  18. DnsResolver.cpp
  19. DnsResolver.h
  20. DnsResolverService.cpp
  21. DnsResolverService.h
  22. DnsStats.cpp
  23. DnsStats.h
  24. DnsStatsTest.cpp
  25. DnsTlsDispatcher.cpp
  26. DnsTlsDispatcher.h
  27. DnsTlsQueryMap.cpp
  28. DnsTlsQueryMap.h
  29. DnsTlsServer.cpp
  30. DnsTlsServer.h
  31. DnsTlsSessionCache.cpp
  32. DnsTlsSessionCache.h
  33. DnsTlsSocket.cpp
  34. DnsTlsSocket.h
  35. DnsTlsSocketFactory.h
  36. DnsTlsTransport.cpp
  37. DnsTlsTransport.h
  38. doh.h
  39. doh.rs
  40. Experiments.cpp
  41. Experiments.h
  42. ExperimentsTest.cpp
  43. getaddrinfo.cpp
  44. getaddrinfo.h
  45. gethnamaddr.cpp
  46. gethnamaddr.h
  47. hostent.h
  48. IDnsTlsSocket.h
  49. IDnsTlsSocketFactory.h
  50. IDnsTlsSocketObserver.h
  51. IPrivateDnsServer.h
  52. libnetd_resolv.map.txt
  53. LockedQueue.h
  54. NOTICE
  55. OperationLimiter.h
  56. OperationLimiterTest.cpp
  57. OWNERS
  58. params.h
  59. PREUPLOAD.cfg
  60. PrivateDnsCommon.h
  61. PrivateDnsConfiguration.cpp
  62. PrivateDnsConfiguration.h
  63. PrivateDnsConfigurationTest.cpp
  64. PrivateDnsValidationObserver.h
  65. README-DoT.md
  66. README.md
  67. res_cache.cpp
  68. res_comp.cpp
  69. res_comp.h
  70. res_debug.cpp
  71. res_debug.h
  72. res_mkquery.cpp
  73. res_query.cpp
  74. res_send.cpp
  75. res_send.h
  76. res_stats.cpp
  77. resolv_cache.h
  78. resolv_private.h
  79. resolv_rust_test_config_template.xml
  80. resolv_test_config_template.xml
  81. ResolverController.cpp
  82. ResolverController.h
  83. ResolverEventReporter.cpp
  84. ResolverEventReporter.h
  85. ResolverStats.h
  86. sethostent.cpp
  87. stats.h
  88. stats.proto
  89. TEST_MAPPING
  90. util.cpp
  91. util.h
README.md

Logging

This code uses LOG(X) for logging. Log levels are VERBOSE,DEBUG,INFO,WARNING and ERROR. The default setting is WARNING and logs relate to WARNING and ERROR will be shown. If you want to enable the DEBUG level logs, using following command. adb shell service call dnsresolver 10 i32 1 VERBOSE 0 DEBUG 1 INFO 2 WARNING 3 ERROR 4 Verbose resolver logs could contain PII -- do NOT enable in production builds.