Clean up Netd and libnetd_resolv for resolver related commands
1. remove all resolver related commands in netd
2. remove unused API in libnetd_resolv
Bug: 126141549
Test: built, flashed, booted
system/netd/tests/runtests.sh pass
Change-Id: I35ac8f241eebd6284a6a685ef86cd77a1fce4388
diff --git a/resolv/DnsResolver.cpp b/resolv/DnsResolver.cpp
index 822f860..4b39902 100644
--- a/resolv/DnsResolver.cpp
+++ b/resolv/DnsResolver.cpp
@@ -44,7 +44,7 @@
bool verifyCallbacks() {
return gResNetdCallbacks.check_calling_permission && gResNetdCallbacks.get_network_context &&
- gResNetdCallbacks.get_dns64_prefix;
+ gResNetdCallbacks.log;
}
} // namespace
diff --git a/resolv/include/netd_resolv/resolv.h b/resolv/include/netd_resolv/resolv.h
index b5518e4..b6348c7 100644
--- a/resolv/include/netd_resolv/resolv.h
+++ b/resolv/include/netd_resolv/resolv.h
@@ -108,47 +108,39 @@
typedef bool (*check_calling_permission_callback)(const char* permission);
// TODO: Remove the callback after moving NAT64 prefix discovery out of netd to libnetd_resolv.
-typedef bool (*get_dns64_prefix_callback)(unsigned netid, in6_addr* prefix, uint8_t* prefix_len);
+typedef void (*log_callback)(const char* msg);
struct ResolverNetdCallbacks {
check_calling_permission_callback check_calling_permission;
get_network_context_callback get_network_context;
- get_dns64_prefix_callback get_dns64_prefix;
+ log_callback log;
};
-LIBNETD_RESOLV_PUBLIC int android_gethostbyaddrfornetcontext(const void*, socklen_t, int,
- const android_net_context*, hostent**);
-LIBNETD_RESOLV_PUBLIC int android_gethostbynamefornetcontext(const char*, int,
- const android_net_context*, hostent**);
-LIBNETD_RESOLV_PUBLIC int android_getaddrinfofornetcontext(const char*, const char*,
- const addrinfo*,
- const android_net_context*, addrinfo**);
-
-LIBNETD_RESOLV_PUBLIC bool resolv_has_nameservers(unsigned netid);
-
+int android_gethostbyaddrfornetcontext(const void*, socklen_t, int, const android_net_context*,
+ hostent**);
+int android_gethostbynamefornetcontext(const char*, int, const android_net_context*, hostent**);
+int android_getaddrinfofornetcontext(const char*, const char*, const addrinfo*,
+ const android_net_context*, addrinfo**);
// Query dns with raw msg
-LIBNETD_RESOLV_PUBLIC int resolv_res_nsend(const android_net_context* netContext,
- const uint8_t* msg, int msgLen, uint8_t* ans, int ansLen,
- int* rcode, uint32_t flags);
+int resolv_res_nsend(const android_net_context* netContext, const uint8_t* msg, int msgLen,
+ uint8_t* ans, int ansLen, int* rcode, uint32_t flags);
// Set name servers for a network
-LIBNETD_RESOLV_PUBLIC int resolv_set_nameservers_for_net(unsigned netid, const char** servers,
- int numservers, const char* domains,
- const res_params* params);
+int resolv_set_nameservers_for_net(unsigned netid, const char** servers, int numservers,
+ const char* domains, const res_params* params);
-LIBNETD_RESOLV_PUBLIC int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark,
- const char** servers, int numServers,
- const char* tlsName,
- const uint8_t** fingerprints,
- int numFingerprints);
+int resolv_set_private_dns_for_net(unsigned netid, uint32_t mark, const char** servers,
+ int numServers, const char* tlsName,
+ const uint8_t** fingerprints, int numFingerprints);
-LIBNETD_RESOLV_PUBLIC void resolv_delete_private_dns_for_net(unsigned netid);
+void resolv_delete_private_dns_for_net(unsigned netid);
-LIBNETD_RESOLV_PUBLIC void resolv_get_private_dns_status_for_net(unsigned netid,
- ExternalPrivateDnsStatus* status);
+void resolv_get_private_dns_status_for_net(unsigned netid, ExternalPrivateDnsStatus* status);
// Delete the cache associated with a certain network
-LIBNETD_RESOLV_PUBLIC void resolv_delete_cache_for_net(unsigned netid);
+void resolv_delete_cache_for_net(unsigned netid);
+
+LIBNETD_RESOLV_PUBLIC bool resolv_has_nameservers(unsigned netid);
// Set callbacks and bring DnsResolver up.
LIBNETD_RESOLV_PUBLIC bool resolv_init(const ResolverNetdCallbacks& callbacks);
diff --git a/resolv/include/netd_resolv/resolv_stub.h b/resolv/include/netd_resolv/resolv_stub.h
index 5f78908..41f56fa 100644
--- a/resolv/include/netd_resolv/resolv_stub.h
+++ b/resolv/include/netd_resolv/resolv_stub.h
@@ -34,39 +34,9 @@
// Struct containing function pointers for every function exported by libnetd_resolv.
extern struct ResolvStub {
- int (*android_getaddrinfofornetcontext)(const char*, const char*, const addrinfo*,
- const android_net_context*, addrinfo**);
-
- void (*android_net_res_stats_aggregate)(res_stats* stats, int* successes, int* errors,
- int* timeouts, int* internal_errors, int* rtt_avg,
- time_t* last_sample_time);
-
- int (*android_net_res_stats_get_info_for_net)(unsigned netid, int* nscount,
- sockaddr_storage servers[MAXNS], int* dcount,
- char domains[MAXDNSRCH][MAXDNSRCHPATH],
- res_params* params, res_stats stats[MAXNS],
- int* wait_for_pending_req_timeout_count);
-
- int (*android_net_res_stats_get_usable_servers)(const res_params* params, res_stats stats[],
- int nscount, bool valid_servers[]);
-
- void (*resolv_delete_cache_for_net)(unsigned netid);
-
- void (*resolv_delete_private_dns_for_net)(unsigned netid);
-
- void (*resolv_get_private_dns_status_for_net)(unsigned netid, ExternalPrivateDnsStatus* status);
-
bool (*resolv_has_nameservers)(unsigned netid);
bool (*resolv_init)(const ResolverNetdCallbacks& callbacks);
-
- int (*resolv_set_nameservers_for_net)(unsigned netid, const char** servers, unsigned numservers,
- const char* domains, const res_params* params);
-
- int (*resolv_set_private_dns_for_net)(unsigned netid, uint32_t mark, const char** servers,
- const unsigned numServers, const char* tlsName,
- const uint8_t** fingerprints,
- const unsigned numFingerprints);
} RESOLV_STUB;
int resolv_stub_init();
diff --git a/resolv/libnetd_resolv.map.txt b/resolv/libnetd_resolv.map.txt
index bd63ca6..be193db 100644
--- a/resolv/libnetd_resolv.map.txt
+++ b/resolv/libnetd_resolv.map.txt
@@ -20,17 +20,8 @@
LIBNETD_RESOLV {
global:
- android_getaddrinfofornetcontext;
- android_net_res_stats_aggregate;
- android_net_res_stats_get_info_for_net;
- android_net_res_stats_get_usable_servers;
- resolv_delete_cache_for_net;
- resolv_delete_private_dns_for_net;
- resolv_get_private_dns_status_for_net;
resolv_has_nameservers;
resolv_init;
- resolv_set_nameservers_for_net;
- resolv_set_private_dns_for_net;
local:
*;
};
diff --git a/server/Android.bp b/server/Android.bp
index 1128252..4375467 100644
--- a/server/Android.bp
+++ b/server/Android.bp
@@ -58,7 +58,6 @@
"ClatdController.cpp",
"ClatUtils.cpp",
"Controllers.cpp",
- "Dns64Configuration.cpp",
"NetdConstants.cpp",
"FirewallController.cpp",
"IdletimerController.cpp",
@@ -115,7 +114,6 @@
"libbase",
"libbinder",
"libbpf_android",
- "libcrypto",
"libcutils",
"libdl",
"libhidlbase",
@@ -159,7 +157,6 @@
"PppController.cpp",
"Process.cpp",
"ResolvStub.cpp",
- "ResolverController.cpp",
"VirtualNetwork.cpp",
"main.cpp",
"oem_iptables_hook.cpp",
diff --git a/server/CommandListener.cpp b/server/CommandListener.cpp
index d5f93f2..d0fc875 100644
--- a/server/CommandListener.cpp
+++ b/server/CommandListener.cpp
@@ -625,7 +625,8 @@
}
} else if (!strcmp(argv[1], "clearnetdns")) { // "resolver clearnetdns <netId>"
if (argc == 3) {
- rc = gCtls->resolverCtrl.clearDnsServers(netId);
+ // TODO: add resolver command back after NDC migrating to binder ver.
+ rc = -1;
} else {
cli->sendMsg(ResponseCode::CommandSyntaxError,
"Wrong number of arguments to resolver clearnetdns", false);
@@ -645,8 +646,10 @@
return 0;
}
-bool CommandListener::ResolverCmd::parseAndExecuteSetNetDns(int netId, int argc,
- const char** argv) {
+bool CommandListener::ResolverCmd::parseAndExecuteSetNetDns(int, int argc, const char** argv) {
+ // TODO: add resolver command back after NDC migrating to binder ver.
+ return false;
+
// "resolver setnetdns <netId> <domains> <dns1> [<dns2> ...] [--params <params>]"
// TODO: This code has to be replaced by a Binder call ASAP
if (argc < 5) {
@@ -664,7 +667,7 @@
}
paramsPtr = ¶ms;
}
- return gCtls->resolverCtrl.setDnsServers(netId, argv[3], &argv[4], end - 4, paramsPtr) == 0;
+ return false;
}
CommandListener::BandwidthControlCmd::BandwidthControlCmd() :
@@ -1341,7 +1344,7 @@
if (int ret = gCtls->netCtrl.destroyNetwork(netId)) {
return operationError(client, "destroyNetwork() failed", ret);
}
- gCtls->resolverCtrl.clearDnsServers(netId);
+ // TODO: add clearing DNS back after NDC migrating to binder ver.
return success(client);
}
diff --git a/server/CommandListener.h b/server/CommandListener.h
index c23f17a..315c791 100644
--- a/server/CommandListener.h
+++ b/server/CommandListener.h
@@ -21,18 +21,17 @@
#include <sysutils/FrameworkListener.h>
+#include "BandwidthController.h"
+#include "ClatdController.h"
+#include "FirewallController.h"
+#include "IdletimerController.h"
+#include "InterfaceController.h"
#include "NetdCommand.h"
#include "NetdConstants.h"
#include "NetworkController.h"
-#include "TetherController.h"
#include "PppController.h"
-#include "BandwidthController.h"
-#include "IdletimerController.h"
-#include "InterfaceController.h"
-#include "ResolverController.h"
-#include "FirewallController.h"
-#include "ClatdController.h"
#include "StrictController.h"
+#include "TetherController.h"
namespace android {
namespace net {
diff --git a/server/Controllers.cpp b/server/Controllers.cpp
index a5c9eba..fb5509c 100644
--- a/server/Controllers.cpp
+++ b/server/Controllers.cpp
@@ -189,8 +189,7 @@
}
Controllers::Controllers()
- : resolverCtrl(netCtrl),
- clatdCtrl(&netCtrl),
+ : clatdCtrl(&netCtrl),
wakeupCtrl(
[this](const WakeupController::ReportArgs& args) {
const auto listener = eventReporter.getNetdEventListener();
diff --git a/server/Controllers.h b/server/Controllers.h
index 52c2809..fbd9bf1 100644
--- a/server/Controllers.h
+++ b/server/Controllers.h
@@ -26,7 +26,6 @@
#include "IptablesRestoreController.h"
#include "NetworkController.h"
#include "PppController.h"
-#include "ResolverController.h"
#include "StrictController.h"
#include "TcpSocketMonitor.h"
#include "TetherController.h"
@@ -47,7 +46,6 @@
PppController pppCtrl;
BandwidthController bandwidthCtrl;
IdletimerController idletimerCtrl;
- ResolverController resolverCtrl;
FirewallController firewallCtrl;
ClatdController clatdCtrl;
StrictController strictCtrl;
diff --git a/server/NetdNativeService.cpp b/server/NetdNativeService.cpp
index 9f222bf..15df7da 100644
--- a/server/NetdNativeService.cpp
+++ b/server/NetdNativeService.cpp
@@ -35,7 +35,6 @@
#include <json/value.h>
#include <json/writer.h>
-#include <openssl/base64.h>
#include "Controllers.h"
#include "InterfaceController.h"
@@ -431,86 +430,6 @@
return binder::Status::ok();
}
-// Parse a base64 encoded string into a vector of bytes.
-// On failure, return an empty vector.
-static std::vector<uint8_t> parseBase64(const std::string& input) {
- std::vector<uint8_t> decoded;
- size_t out_len;
- if (EVP_DecodedLength(&out_len, input.size()) != 1) {
- return decoded;
- }
- // out_len is now an upper bound on the output length.
- decoded.resize(out_len);
- if (EVP_DecodeBase64(decoded.data(), &out_len, decoded.size(),
- reinterpret_cast<const uint8_t*>(input.data()), input.size()) == 1) {
- // Possibly shrink the vector if the actual output was smaller than the bound.
- decoded.resize(out_len);
- } else {
- decoded.clear();
- }
- if (out_len != SHA256_SIZE) {
- decoded.clear();
- }
- return decoded;
-}
-
-binder::Status NetdNativeService::setResolverConfiguration(int32_t netId,
- const std::vector<std::string>& servers, const std::vector<std::string>& domains,
- const std::vector<int32_t>& params, const std::string& tlsName,
- const std::vector<std::string>& tlsServers,
- const std::vector<std::string>& tlsFingerprints) {
- // This function intentionally does not lock within Netd, as Bionic is thread-safe.
- ENFORCE_INTERNAL_PERMISSIONS();
-
- std::set<std::vector<uint8_t>> decoded_fingerprints;
- for (const std::string& fingerprint : tlsFingerprints) {
- std::vector<uint8_t> decoded = parseBase64(fingerprint);
- if (decoded.empty()) {
- return binder::Status::fromServiceSpecificError(EINVAL,
- String8::format("ResolverController error: bad fingerprint"));
- }
- decoded_fingerprints.emplace(decoded);
- }
-
- int err = gCtls->resolverCtrl.setResolverConfiguration(netId, servers, domains, params,
- tlsName, tlsServers, decoded_fingerprints);
- if (err != 0) {
- return binder::Status::fromServiceSpecificError(-err,
- String8::format("ResolverController error: %s", strerror(-err)));
- }
- return binder::Status::ok();
-}
-
-binder::Status NetdNativeService::getResolverInfo(
- int32_t netId, std::vector<std::string>* servers, std::vector<std::string>* domains,
- std::vector<std::string>* tlsServers, std::vector<int32_t>* params,
- std::vector<int32_t>* stats, std::vector<int32_t>* wait_for_pending_req_timeout_count) {
- // This function intentionally does not lock within Netd, as Bionic is thread-safe.
- ENFORCE_NETWORK_STACK_PERMISSIONS();
-
- int err = gCtls->resolverCtrl.getResolverInfo(netId, servers, domains, tlsServers, params,
- stats, wait_for_pending_req_timeout_count);
- if (err != 0) {
- return binder::Status::fromServiceSpecificError(-err,
- String8::format("ResolverController error: %s", strerror(-err)));
- }
- return binder::Status::ok();
-}
-
-binder::Status NetdNativeService::resolverStartPrefix64Discovery(int32_t netId) {
- // Locking happens in Dns64Configuration.
- ENFORCE_NETWORK_STACK_PERMISSIONS();
- gCtls->resolverCtrl.startPrefix64Discovery(netId);
- return binder::Status::ok();
-}
-
-binder::Status NetdNativeService::resolverStopPrefix64Discovery(int32_t netId) {
- // Locking happens in Dns64Configuration.
- ENFORCE_NETWORK_STACK_PERMISSIONS();
- gCtls->resolverCtrl.stopPrefix64Discovery(netId);
- return binder::Status::ok();
-}
-
binder::Status NetdNativeService::tetherApplyDnsInterfaces(bool *ret) {
NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
*ret = gCtls->tetherCtrl.applyDnsInterfaces();
@@ -1265,18 +1184,6 @@
return binder::Status::ok();
}
-binder::Status NetdNativeService::getPrefix64(int netId, std::string* _aidl_return) {
- ENFORCE_NETWORK_STACK_PERMISSIONS();
- netdutils::IPPrefix prefix{};
- int err = gCtls->resolverCtrl.getPrefix64(netId, &prefix);
- if (err != 0) {
- return binder::Status::fromServiceSpecificError(
- -err, String8::format("ResolverController error: %s", strerror(-err)));
- }
- *_aidl_return = prefix.toString();
- return binder::Status::ok();
-}
-
binder::Status NetdNativeService::registerUnsolicitedEventListener(
const android::sp<android::net::INetdUnsolicitedEventListener>& listener) {
ENFORCE_NETWORK_STACK_PERMISSIONS();
diff --git a/server/NetdNativeService.h b/server/NetdNativeService.h
index 1bed73d..03888cb 100644
--- a/server/NetdNativeService.h
+++ b/server/NetdNativeService.h
@@ -103,20 +103,6 @@
binder::Status socketDestroy(const std::vector<UidRangeParcel>& uids,
const std::vector<int32_t>& skipUids) override;
- // Resolver commands.
- binder::Status setResolverConfiguration(int32_t netId, const std::vector<std::string>& servers,
- const std::vector<std::string>& domains, const std::vector<int32_t>& params,
- const std::string& tlsName,
- const std::vector<std::string>& tlsServers,
- const std::vector<std::string>& tlsFingerprints) override;
- binder::Status getResolverInfo(
- int32_t netId, std::vector<std::string>* servers, std::vector<std::string>* tlsServers,
- std::vector<std::string>* domains, std::vector<int32_t>* params,
- std::vector<int32_t>* stats,
- std::vector<int32_t>* wait_for_pending_req_timeout_count) override;
- binder::Status resolverStartPrefix64Discovery(int32_t netId);
- binder::Status resolverStopPrefix64Discovery(int32_t netId);
-
binder::Status setIPv6AddrGenMode(const std::string& ifName, int32_t mode) override;
// NFLOG-related commands
@@ -252,9 +238,6 @@
binder::Status setTcpRWmemorySize(const std::string& rmemValues,
const std::string& wmemValues) override;
- // DNS64-related commands (internal use only)
- binder::Status getPrefix64(int netId, std::string* _aidl_return);
-
binder::Status registerUnsolicitedEventListener(
const android::sp<android::net::INetdUnsolicitedEventListener>& listener) override;
diff --git a/server/NetworkController.cpp b/server/NetworkController.cpp
index 5926c68..9fc2c66 100644
--- a/server/NetworkController.cpp
+++ b/server/NetworkController.cpp
@@ -701,7 +701,6 @@
dw.println("Required permission: %s", permissionToName(permission));
dw.decIndent();
}
- android::net::gCtls->resolverCtrl.dump(dw, i.first);
dw.blankline();
}
dw.decIndent();
diff --git a/server/ResolvStub.cpp b/server/ResolvStub.cpp
index 9db9b53..d84572f 100644
--- a/server/ResolvStub.cpp
+++ b/server/ResolvStub.cpp
@@ -74,17 +74,8 @@
#define STR(x) #x
#define RESOLV_STUB_LOAD_SYMBOL(x) resolvStubInitFunction(netdResolvHandle, STR(x), &RESOLV_STUB.x)
- RESOLV_STUB_LOAD_SYMBOL(android_getaddrinfofornetcontext);
- RESOLV_STUB_LOAD_SYMBOL(android_net_res_stats_aggregate);
- RESOLV_STUB_LOAD_SYMBOL(android_net_res_stats_get_info_for_net);
- RESOLV_STUB_LOAD_SYMBOL(android_net_res_stats_get_usable_servers);
- RESOLV_STUB_LOAD_SYMBOL(resolv_delete_cache_for_net);
- RESOLV_STUB_LOAD_SYMBOL(resolv_delete_private_dns_for_net);
- RESOLV_STUB_LOAD_SYMBOL(resolv_get_private_dns_status_for_net);
RESOLV_STUB_LOAD_SYMBOL(resolv_has_nameservers);
RESOLV_STUB_LOAD_SYMBOL(resolv_init);
- RESOLV_STUB_LOAD_SYMBOL(resolv_set_nameservers_for_net);
- RESOLV_STUB_LOAD_SYMBOL(resolv_set_private_dns_for_net);
#undef RESOLV_STUB_LOAD_SYMBOL
#undef STR
diff --git a/server/binder/android/net/INetd.aidl b/server/binder/android/net/INetd.aidl
index 4dfa722..81f371e 100644
--- a/server/binder/android/net/INetd.aidl
+++ b/server/binder/android/net/INetd.aidl
@@ -174,94 +174,6 @@
*/
void socketDestroy(in UidRangeParcel[] uidRanges, in int[] exemptUids);
- // Array indices for resolver parameters.
- const int RESOLVER_PARAMS_SAMPLE_VALIDITY = 0;
- const int RESOLVER_PARAMS_SUCCESS_THRESHOLD = 1;
- const int RESOLVER_PARAMS_MIN_SAMPLES = 2;
- const int RESOLVER_PARAMS_MAX_SAMPLES = 3;
- const int RESOLVER_PARAMS_BASE_TIMEOUT_MSEC = 4;
- const int RESOLVER_PARAMS_RETRY_COUNT = 5;
- const int RESOLVER_PARAMS_COUNT = 6;
-
- /**
- * Sets the name servers, search domains and resolver params for the given network. Flushes the
- * cache as needed (i.e. when the servers or the number of samples to store changes).
- *
- * @param netId the network ID of the network for which information should be configured.
- * @param servers the DNS servers to configure for the network.
- * @param domains the search domains to configure.
- * @param params the params to set. This array contains RESOLVER_PARAMS_COUNT integers that
- * encode the contents of the res_params struct, i.e. sample_validity is stored at position
- * RESOLVER_PARAMS_SAMPLE_VALIDITY, etc.
- * @param tlsName The TLS subject name to require for all servers, or empty if there is none.
- * @param tlsServers the DNS servers to configure for strict mode Private DNS.
- * @param tlsFingerprints An array containing TLS public key fingerprints (pins) of which each
- * server must match at least one, or empty if there are no pinned keys.
- * @throws ServiceSpecificException in case of failure, with an error code corresponding to the
- * unix errno.
- */
- void setResolverConfiguration(int netId, in @utf8InCpp String[] servers,
- in @utf8InCpp String[] domains, in int[] params,
- in @utf8InCpp String tlsName, in @utf8InCpp String[] tlsServers,
- in @utf8InCpp String[] tlsFingerprints);
-
- // Array indices for resolver stats.
- const int RESOLVER_STATS_SUCCESSES = 0;
- const int RESOLVER_STATS_ERRORS = 1;
- const int RESOLVER_STATS_TIMEOUTS = 2;
- const int RESOLVER_STATS_INTERNAL_ERRORS = 3;
- const int RESOLVER_STATS_RTT_AVG = 4;
- const int RESOLVER_STATS_LAST_SAMPLE_TIME = 5;
- const int RESOLVER_STATS_USABLE = 6;
- const int RESOLVER_STATS_COUNT = 7;
-
- /**
- * Retrieves the name servers, search domains and resolver stats associated with the given
- * network ID.
- *
- * @param netId the network ID of the network for which information should be retrieved.
- * @param servers the DNS servers that are currently configured for the network.
- * @param domains the search domains currently configured.
- * @param tlsServers the DNS-over-TLS servers that are currently configured for the network.
- * @param params the resolver parameters configured, i.e. the contents of res_params in order.
- * @param stats the stats for each server in the order specified by RESOLVER_STATS_XXX
- * constants, serialized as an int array. The contents of this array are the number of
- * <ul>
- * <li> successes,
- * <li> errors,
- * <li> timeouts,
- * <li> internal errors,
- * <li> the RTT average,
- * <li> the time of the last recorded sample,
- * <li> and an integer indicating whether the server is usable (1) or broken (0).
- * </ul>
- * in this order. For example, the timeout counter for server N is stored at position
- * RESOLVER_STATS_COUNT*N + RESOLVER_STATS_TIMEOUTS
- * @param wait_for_pending_req_timeout_count an internal counter used to count the number of
- * timeouts while resolver is handling concurrent DNS queries on the same hostname.
- * @throws ServiceSpecificException in case of failure, with an error code corresponding to the
- * unix errno.
- *
- * TODO: Consider replacing stats and params with parcelables.
- */
- void getResolverInfo(int netId, out @utf8InCpp String[] servers,
- out @utf8InCpp String[] domains, out @utf8InCpp String[] tlsServers, out int[] params,
- out int[] stats, out int[] wait_for_pending_req_timeout_count);
-
- /**
- * Starts NAT64 prefix discovery on the given network.
- *
- * @param netId the netId to start prefix discovery on.
- */
- void resolverStartPrefix64Discovery(int netId);
-
- /**
- * Stops NAT64 prefix discovery on the given network.
- *
- * @param netId the netId to stop prefix discovery on.
- */
- void resolverStopPrefix64Discovery(int netId);
-
/**
* Instruct the tethering DNS server to reevaluated serving interfaces.
* This is needed to for the DNS server to observe changes in the set
@@ -1219,20 +1131,6 @@
*/
void setTcpRWmemorySize(in @utf8InCpp String rmemValues, in @utf8InCpp String wmemValues);
- /**
- * Get NAT64 prefix in format Pref64::/n which is described in RFC6147 section 2. This
- * interface is used for internal test only. Don't use it for other purposes because doing so
- * would cause race conditions with the NAT64 prefix notifications.
- *
- * @param netId the network ID of the network to get the prefix
- * @return the NAT64 prefix if the query operation was successful
- * @throws ServiceSpecificException in case of failure, with an error code indicating the
- * cause of the the failure.
- *
- * TODO: Remove this once the tests have been updated to listen for onNat64PrefixEvent.
- */
- @utf8InCpp String getPrefix64(int netId);
-
/**
* Register unsolicited event listener
* Netd supports multiple unsolicited event listeners, but only one per pid
diff --git a/server/main.cpp b/server/main.cpp
index fc58547..a60622b 100644
--- a/server/main.cpp
+++ b/server/main.cpp
@@ -48,12 +48,16 @@
#include "Process.h"
#include "Stopwatch.h"
+#include "netd_resolv/resolv.h"
#include "netd_resolv/resolv_stub.h"
using android::IPCThreadState;
using android::status_t;
+using android::String16;
using android::net::CommandListener;
using android::net::FwmarkServer;
+using android::net::gCtls;
+using android::net::gLog;
using android::net::makeNFLogListener;
using android::net::NetdHwService;
using android::net::NetdNativeService;
@@ -65,9 +69,32 @@
std::mutex android::net::gBigNetdLock;
+namespace {
+
+void getNetworkContextCallback(uint32_t netId, uint32_t uid, android_net_context* netcontext) {
+ gCtls->netCtrl.getNetworkContext(netId, uid, netcontext);
+}
+
+bool checkCallingPermissionCallback(const char* permission) {
+ return checkCallingPermission(String16(permission));
+}
+
+void logCallback(const char* msg) {
+ gLog.info(std::string(msg));
+}
+
+bool initDnsResolver() {
+ ResolverNetdCallbacks callbacks = {
+ .get_network_context = &getNetworkContextCallback,
+ .log = &logCallback,
+ .check_calling_permission = &checkCallingPermissionCallback,
+ };
+ return RESOLV_STUB.resolv_init(callbacks);
+}
+
+} // namespace
+
int main() {
- using android::net::gCtls;
- using android::net::gLog;
Stopwatch s;
gLog.info("netd 1.0 starting");
@@ -130,7 +157,8 @@
// TODO: Check if we could remove it since resolver cache no loger
// checks this environment variable after aosp/838050.
setenv("ANDROID_DNS_MODE", "local", 1);
- if (!gCtls->resolverCtrl.initResolver()) {
+ // Note that only call initDnsResolver after gCtls initializing.
+ if (!initDnsResolver()) {
ALOGE("Unable to init resolver");
exit(1);
}
diff --git a/tests/binder_test.cpp b/tests/binder_test.cpp
index ad0dfef..6d2cb81 100644
--- a/tests/binder_test.cpp
+++ b/tests/binder_test.cpp
@@ -985,70 +985,6 @@
EXPECT_EQ(ival, std::stoi(value));
}
-static std::string base64Encode(const std::vector<uint8_t>& input) {
- size_t out_len;
- EXPECT_EQ(1, EVP_EncodedLength(&out_len, input.size()));
- // out_len includes the trailing NULL.
- uint8_t output_bytes[out_len];
- EXPECT_EQ(out_len - 1, EVP_EncodeBlock(output_bytes, input.data(), input.size()));
- return std::string(reinterpret_cast<char*>(output_bytes));
-}
-
-TEST_F(BinderTest, SetResolverConfiguration_Tls) {
- const std::vector<std::string> LOCALLY_ASSIGNED_DNS{"8.8.8.8", "2001:4860:4860::8888"};
- std::vector<uint8_t> fp(SHA256_SIZE);
- std::vector<uint8_t> short_fp(1);
- std::vector<uint8_t> long_fp(SHA256_SIZE + 1);
- std::vector<std::string> test_domains;
- std::vector<int> test_params = { 300, 25, 8, 8 };
- unsigned test_netid = 0;
- static const struct TestData {
- const std::vector<std::string> servers;
- const std::string tlsName;
- const std::vector<std::vector<uint8_t>> tlsFingerprints;
- const int expectedReturnCode;
- } kTlsTestData[] = {
- { {"192.0.2.1"}, "", {}, 0 },
- { {"2001:db8::2"}, "host.name", {}, 0 },
- { {"192.0.2.3"}, "@@@@", { fp }, 0 },
- { {"2001:db8::4"}, "", { fp }, 0 },
- { {}, "", {}, 0 },
- { {""}, "", {}, EINVAL },
- { {"192.0.*.5"}, "", {}, EINVAL },
- { {"2001:dg8::6"}, "", {}, EINVAL },
- { {"2001:db8::c"}, "", { short_fp }, EINVAL },
- { {"192.0.2.12"}, "", { long_fp }, EINVAL },
- { {"2001:db8::e"}, "", { fp, fp, fp }, 0 },
- { {"192.0.2.14"}, "", { fp, short_fp }, EINVAL },
- };
-
- for (size_t i = 0; i < std::size(kTlsTestData); i++) {
- const auto &td = kTlsTestData[i];
-
- std::vector<std::string> fingerprints;
- for (const auto& fingerprint : td.tlsFingerprints) {
- fingerprints.push_back(base64Encode(fingerprint));
- }
- binder::Status status = mNetd->setResolverConfiguration(
- test_netid, LOCALLY_ASSIGNED_DNS, test_domains, test_params,
- td.tlsName, td.servers, fingerprints);
-
- if (td.expectedReturnCode == 0) {
- SCOPED_TRACE(String8::format("test case %zu should have passed", i));
- SCOPED_TRACE(status.toString8());
- EXPECT_EQ(0, status.exceptionCode());
- } else {
- SCOPED_TRACE(String8::format("test case %zu should have failed", i));
- EXPECT_EQ(binder::Status::EX_SERVICE_SPECIFIC, status.exceptionCode());
- EXPECT_EQ(td.expectedReturnCode, status.serviceSpecificErrorCode());
- }
- }
- // Ensure TLS is disabled before the start of the next test.
- mNetd->setResolverConfiguration(
- test_netid, kTlsTestData[0].servers, test_domains, test_params,
- "", {}, {});
-}
-
namespace {
void expectNoTestCounterRules() {