commit | 59cd583e61d2e099e7a00a949b0642e64f145c50 | [log] [tgz] |
---|---|---|
author | Mike Yu <yumike@google.com> | Wed Jun 09 16:10:31 2021 +0800 |
committer | Mike Yu <yumike@google.com> | Wed Jun 16 17:01:27 2021 +0800 |
tree | 066076b4bbabc17ac5747ad0632a32d45f37464a | |
parent | b46f8fae6f93a889f24165b8735bc8c2905c7051 [diff] |
Implement DNS probe in DoT validation The purpose of this change is to avoid using DoT servers if they are much slower than DNS servers. The mechanics is flag-guarded, and it performs in DoT validation. The mechanics works as follows: 1. Make use of the original DoT query to establish the connection. 2. Use the same DNS packet to issue a DoT query in parallel with a UDP query to the same DoT server. 3. If UDP query failed or is lost, issue another one. 4. See the latencies of both queries. Decide if DoT validation can pass. DoT validation passes if dot_latency is less than (a * udp_latency + b), where a and b are configurable by dot_validation_latency_factor and dot_validation_latency_offset_ms respectively. Original change: https://android-review.googlesource.com/c/platform/packages/modules/DnsResolver/+/1733919 Bug: 188153519 Test: run resolv_integration_test twice Test: run atest with all the flags off/on dot_validation_latency_factor: -1 / 3 dot_validation_latency_offset_ms: -1 / 100 sort_nameservers: 0 / 1 dot_xport_unusable_threshold: -1 / 20 dot_query_timeout_ms: -1 / 10000 keep_listening_udp: 0 / 1 parallel_lookup_sleep_time: 2 / 2 dot_revalidation_threshold: -1 / 10 dot_async_handshake: 0 / 1 dot_maxtries: 3 / 1 dot_connect_timeout_ms: 127000 / 10000 parallel_lookup_release: UNSET / UNSET Change-Id: I8507c409b0cb6e48655d54611256917392db69ac Merged-In: I8507c409b0cb6e48655d54611256917392db69ac
This code uses LOG(X) for logging. Log levels are VERBOSE,DEBUG,INFO,WARNING and ERROR. The default setting is WARNING and logs relate to WARNING and ERROR will be shown. If you want to enable the DEBUG level logs, using following command. adb shell service call dnsresolver 10 i32 1 VERBOSE 0 DEBUG 1 INFO 2 WARNING 3 ERROR 4 Verbose resolver logs could contain PII -- do NOT enable in production builds.