• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <set>
20 #include <string>
21 #include <vector>
22 
23 #include <netdutils/InternetAddresses.h>
24 #include <netinet/in.h>
25 #include <params.h>
26 
27 #include "PrivateDnsCommon.h"
28 
29 namespace android {
30 namespace net {
31 
32 // DnsTlsServer represents a recursive resolver that supports, or may support, a
33 // secure protocol.
34 struct DnsTlsServer {
35     // Default constructor.
DnsTlsServerDnsTlsServer36     DnsTlsServer() {}
37 
DnsTlsServerDnsTlsServer38     explicit DnsTlsServer(const netdutils::IPAddress& ip)
39         : DnsTlsServer(netdutils::IPSockAddr(ip, kDotPort)) {}
DnsTlsServerDnsTlsServer40     explicit DnsTlsServer(const netdutils::IPSockAddr& addr) : ss(addr) {}
41 
42     // The server location, including IP and port.
43     // TODO: make it const.
44     sockaddr_storage ss = {};
45 
46     // The server's hostname.  If this string is nonempty, the server must present a
47     // certificate that indicates this name and has a valid chain to a trusted root CA.
48     // TODO: make it const.
49     std::string name;
50 
51     // The certificate of the CA that signed the server's certificate.
52     // It is used to store temporary test CA certificate for internal tests.
53     // TODO: make it const.
54     std::string certificate;
55 
56     // Placeholder.  More protocols might be defined in the future.
57     // TODO: make it const.
58     int protocol = IPPROTO_TCP;
59 
60     // Exact comparison of DnsTlsServer objects
61     bool operator<(const DnsTlsServer& other) const;
62     bool operator==(const DnsTlsServer& other) const;
63 
64     bool wasExplicitlyConfigured() const;
65     std::string toIpString() const;
66 
providerDnsTlsServer67     std::string provider() const { return name; }
addrDnsTlsServer68     netdutils::IPSockAddr addr() const { return netdutils::IPSockAddr::toIPSockAddr(ss); }
validationMarkDnsTlsServer69     uint32_t validationMark() const { return mark; }
70 
validationStateDnsTlsServer71     Validation validationState() const { return mValidation; }
setValidationStateDnsTlsServer72     void setValidationState(Validation val) { mValidation = val; }
73 
74     // The socket mark used for validation.
75     // Note that the mark of a connection to which the DnsResolver sends app's DNS requests can
76     // be different.
77     // TODO: make it const.
78     uint32_t mark = 0;
79 
80     // Return whether or not the server can be used for a network. It depends on
81     // the resolver configuration.
activeDnsTlsServer82     bool active() const { return mActive; }
setActiveDnsTlsServer83     void setActive(bool val) { mActive = val; }
84 
85   private:
86     // State, unrelated to the comparison of DnsTlsServer objects.
87     Validation mValidation = Validation::unknown_server;
88     bool mActive = false;
89 };
90 
91 // This comparison only checks the IP address.  It ignores ports, names, and fingerprints.
92 struct AddressComparator {
93     bool operator()(const DnsTlsServer& x, const DnsTlsServer& y) const;
94 };
95 
96 }  // namespace net
97 }  // namespace android
98