You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
99 lines
3.2 KiB
99 lines
3.2 KiB
/*
|
|
* Copyright (C) 2017 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#ifndef _DNS_DNSTLSTRANSPORT_H
|
|
#define _DNS_DNSTLSTRANSPORT_H
|
|
|
|
#include <future>
|
|
#include <map>
|
|
#include <mutex>
|
|
#include <vector>
|
|
|
|
#include <android-base/thread_annotations.h>
|
|
#include <android-base/unique_fd.h>
|
|
#include <netdutils/Slice.h>
|
|
|
|
#include "DnsTlsQueryMap.h"
|
|
#include "DnsTlsServer.h"
|
|
#include "DnsTlsSessionCache.h"
|
|
#include "IDnsTlsSocket.h"
|
|
#include "IDnsTlsSocketObserver.h"
|
|
|
|
namespace android {
|
|
namespace net {
|
|
|
|
class IDnsTlsSocketFactory;
|
|
|
|
// Manages at most one DnsTlsSocket at a time. This class handles socket lifetime issues,
|
|
// such as reopening the socket and reissuing pending queries.
|
|
class DnsTlsTransport : public IDnsTlsSocketObserver {
|
|
public:
|
|
DnsTlsTransport(const DnsTlsServer& server, unsigned mark,
|
|
IDnsTlsSocketFactory* _Nonnull factory)
|
|
: mMark(mark), mServer(server), mFactory(factory) {}
|
|
~DnsTlsTransport();
|
|
|
|
using Response = DnsTlsQueryMap::Response;
|
|
using Result = DnsTlsQueryMap::Result;
|
|
|
|
// Given a |query|, this method sends it to the server and returns the result asynchronously.
|
|
std::future<Result> query(const netdutils::Slice query) EXCLUDES(mLock);
|
|
|
|
// Check that a given TLS server is fully working with a specified mark.
|
|
// This function is used in ResolverController to ensure that we don't enable DNS over TLS
|
|
// on networks where it doesn't actually work.
|
|
static bool validate(const DnsTlsServer& server, uint32_t mark);
|
|
|
|
int getConnectCounter() const EXCLUDES(mLock);
|
|
|
|
// Implement IDnsTlsSocketObserver
|
|
void onResponse(std::vector<uint8_t> response) override;
|
|
void onClosed() override EXCLUDES(mLock);
|
|
|
|
private:
|
|
mutable std::mutex mLock;
|
|
|
|
DnsTlsSessionCache mCache;
|
|
DnsTlsQueryMap mQueries;
|
|
|
|
const unsigned mMark; // Socket mark
|
|
const DnsTlsServer mServer;
|
|
IDnsTlsSocketFactory* _Nonnull const mFactory;
|
|
|
|
void doConnect() REQUIRES(mLock);
|
|
|
|
// doReconnect is used by onClosed. It runs on the reconnect thread.
|
|
void doReconnect() EXCLUDES(mLock);
|
|
std::unique_ptr<std::thread> mReconnectThread GUARDED_BY(mLock);
|
|
|
|
// Used to prevent onClosed from starting a reconnect during the destructor.
|
|
bool mClosing GUARDED_BY(mLock) = false;
|
|
|
|
// Sending queries on the socket is thread-safe, but construction/destruction is not.
|
|
std::unique_ptr<IDnsTlsSocket> mSocket GUARDED_BY(mLock);
|
|
|
|
// Send a query to the socket.
|
|
bool sendQuery(const DnsTlsQueryMap::Query& q) REQUIRES(mLock);
|
|
|
|
// The number of times an attempt to connect the nameserver.
|
|
int mConnectCounter GUARDED_BY(mLock) = 0;
|
|
};
|
|
|
|
} // end of namespace net
|
|
} // end of namespace android
|
|
|
|
#endif // _DNS_DNSTLSTRANSPORT_H
|