Support RFC 7858 DNS over TLS This change adds the core capability for DNS over TLS, and creates private APIs for activating it, but does not provide any way to activate the functionality in a development environment or on a real device. Based on https://android-review.googlesource.com/#/c/373776/ Test: Complete unit+integration tests. Manual tests look good. Bug: 34953048 Change-Id: Ib99ac1f631fd2c2c8fbf53bdb05f67f8be7713ac

commit: e760181ff41a5f4526e4f543f3838eb05690e2aa [log] [tgz]
author: Ben Schwartz <bemasc@google.com> Fri Apr 28 16:38:29 2017 -0400
committer: Ben Schwartz <bemasc@google.com> Thu Jul 06 17:51:19 2017 -0400
tree: 74ae729279fa6bcb0132186574ab95dd35c6ab46
parent: 54c4105adbf78a29d67a13786f0ab43203412059 [diff] [blame]
diff --git a/server/NetdConstants.cpp b/server/NetdConstants.cpp
index 0a0ca5d..58b2f64 100644
--- a/server/NetdConstants.cpp
+++ b/server/NetdConstants.cpp

@@ -20,6 +20,7 @@
 #include <netdb.h>
 #include <net/if.h>
 #include <netinet/in.h>
+#include <openssl/ssl.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/wait.h>
@@ -34,6 +35,8 @@
 #include "NetdConstants.h"
 #include "IptablesRestoreController.h"
 
+const size_t SHA256_SIZE = EVP_MD_size(EVP_sha256());
+
 const char * const OEM_SCRIPT_PATH = "/system/bin/oem-iptables-init.sh";
 const char * const IPTABLES_PATH = "/system/bin/iptables";
 const char * const IP6TABLES_PATH = "/system/bin/ip6tables";
commit	e760181ff41a5f4526e4f543f3838eb05690e2aa	[log] [tgz]
author	Ben Schwartz <bemasc@google.com>	Fri Apr 28 16:38:29 2017 -0400
committer	Ben Schwartz <bemasc@google.com>	Thu Jul 06 17:51:19 2017 -0400
tree	74ae729279fa6bcb0132186574ab95dd35c6ab46
parent	54c4105adbf78a29d67a13786f0ab43203412059 [diff] [blame]