1/* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#ifndef _RESOLVER_CONTROLLER_H_ 18#define _RESOLVER_CONTROLLER_H_ 19 20#include <vector> 21#include <netinet/in.h> 22#include <linux/in.h> 23 24struct __res_params; 25 26namespace android { 27namespace net { 28 29class DumpWriter; 30struct ResolverStats; 31 32class ResolverController { 33public: 34 ResolverController() {}; 35 36 virtual ~ResolverController() {}; 37 38 // TODO: delete this function 39 int setDnsServers(unsigned netId, const char* searchDomains, const char** servers, 40 int numservers, const __res_params* params); 41 42 // Given a netId and the address of an insecure (i.e. normal) DNS server, this method checks 43 // if there is a known secure DNS server with the same IP address that has been validated as 44 // accessible on this netId. If so, it returns true, providing the server's address 45 // (including port) and pin fingerprints (possibly empty) in the output parameters. 46 // TODO: Add support for optional stronger security, by returning true even if the secure 47 // server is not accessible. 48 bool shouldUseTls(unsigned netId, const sockaddr_storage& insecureServer, 49 sockaddr_storage* secureServer, std::set<std::vector<uint8_t>>* fingerprints); 50 51 int clearDnsServers(unsigned netid); 52 53 int flushDnsCache(unsigned netid); 54 55 int getDnsInfo(unsigned netId, std::vector<std::string>* servers, 56 std::vector<std::string>* domains, __res_params* params, 57 std::vector<android::net::ResolverStats>* stats); 58 59 // Binder specific functions, which convert between the binder int/string arrays and the 60 // actual data structures, and call setDnsServer() / getDnsInfo() for the actual processing. 61 int setResolverConfiguration(int32_t netId, const std::vector<std::string>& servers, 62 const std::vector<std::string>& domains, const std::vector<int32_t>& params); 63 64 int getResolverInfo(int32_t netId, std::vector<std::string>* servers, 65 std::vector<std::string>* domains, std::vector<int32_t>* params, 66 std::vector<int32_t>* stats); 67 void dump(DumpWriter& dw, unsigned netId); 68 69 int addPrivateDnsServer(const std::string& server, int32_t port, 70 const std::string& fingerprintAlgorithm, 71 const std::set<std::vector<uint8_t>>& fingerprints); 72 int removePrivateDnsServer(const std::string& server); 73}; 74 75} // namespace net 76} // namespace android 77 78#endif /* _RESOLVER_CONTROLLER_H_ */ 79