commit 4204ecf2986a44603b4b3546edca144448d6ebd7
author Ben Schwartz <bemasc@google.com> Mon Oct 02 12:35:48 2017 -0400
committer Ben Schwartz <bemasc@google.com> Mon Oct 02 13:04:57 2017 -0400
tree 98a4cc4193d7607e086d0ea27238e9ee3f027b25
parent 6ad3988c447c489692a7cd9cdd119d24b3c65040

Switch to a new way of activating DNS-over-TLS

This change removes the global database of potential DNS-over-TLS
servers from Netd, and makes pinned or named servers mandatory-TLS,
not opportunistic.

Bug: 64753847
Change-Id: I226ffec3f59593bc40cd9019095c5261aae55fa0
Test: Tests pass.  Normal browsing continues to work normally.

server/NetdNativeService.h

diff --git a/server/NetdNativeService.h b/server/NetdNativeService.h
index d4b7ed7..2f23d8e 100644
--- a/server/NetdNativeService.h
+++ b/server/NetdNativeService.h
@@ -43,15 +43,12 @@
     binder::Status socketDestroy(const std::vector<UidRange>& uids,
             const std::vector<int32_t>& skipUids) override;
     binder::Status setResolverConfiguration(int32_t netId, const std::vector<std::string>& servers,
-            const std::vector<std::string>& domains, const std::vector<int32_t>& params) override;
+            const std::vector<std::string>& domains, const std::vector<int32_t>& params,
+            bool useTls, const std::string& tlsName,
+            const std::vector<std::string>& tlsFingerprints) override;
     binder::Status getResolverInfo(int32_t netId, std::vector<std::string>* servers,
             std::vector<std::string>* domains, std::vector<int32_t>* params,
             std::vector<int32_t>* stats) override;
-    binder::Status addPrivateDnsServer(const std::string& server, int32_t port,
-            const std::string& name,
-            const std::string& fingerprintAlgorithm,
-            const std::vector<std::string>& fingerprints) override;
-    binder::Status removePrivateDnsServer(const std::string& server) override;
 
     binder::Status setIPv6AddrGenMode(const std::string& ifName, int32_t mode) override;