Add support for hostname validation to a CA This introduces a breaking change in the Netd Binder interface. Test: Integration test added to verify failure case (but not success). Change-Id: If40cb5dffa0cfcf5bf49241c17489b7f3dfbd037 Bug: 64753847

commit: 1691bc4bc11654fd14037b38a4214b76aab33de4 [log] [tgz]
author: Ben Schwartz <bemasc@google.com> Wed Aug 16 12:53:09 2017 -0400
committer: Ben Schwartz <bemasc@google.com> Fri Aug 25 12:25:37 2017 -0400
tree: 1916da058f2768b21e0ad4f04df4d8bf8983f4bd
parent: 898db0f9c4f53b2017168f99cf8d208c0c1c82a0 [diff] [blame]
diff --git a/server/ResolverController.cpp b/server/ResolverController.cpp
index 823afbf..ab69383 100644
--- a/server/ResolverController.cpp
+++ b/server/ResolverController.cpp

@@ -425,6 +425,7 @@
 }
 
 int ResolverController::addPrivateDnsServer(const std::string& server, int32_t port,
+        const std::string& name,
         const std::string& fingerprintAlgorithm,
         const std::set<std::vector<uint8_t>>& fingerprints) {
     using android::net::INetd;
@@ -453,6 +454,7 @@
     }
     DnsTlsTransport::Server privateServer(parsed);
     privateServer.fingerprints = fingerprints;
+    privateServer.name = name;
     std::lock_guard<std::mutex> guard(privateDnsLock);
     // Ensure we overwrite any previous matching server.  This is necessary because equality is
     // based only on the IP address, not the port or fingerprints.
commit	1691bc4bc11654fd14037b38a4214b76aab33de4	[log] [tgz]
author	Ben Schwartz <bemasc@google.com>	Wed Aug 16 12:53:09 2017 -0400
committer	Ben Schwartz <bemasc@google.com>	Fri Aug 25 12:25:37 2017 -0400
tree	1916da058f2768b21e0ad4f04df4d8bf8983f4bd
parent	898db0f9c4f53b2017168f99cf8d208c0c1c82a0 [diff] [blame]