Google Git
Sign in
chromium / chromium / src / refs/tags/116.0.5793.1 / . / net / dns / host_resolver.cc
blob: 869d77fb827e4ffa70b440e8b2aa6acb91f17d47 [file] [log] [blame]
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "net/dns/host_resolver.h"
#include <set>
#include <string>
#include <utility>
#include <vector>
#include "base/check.h"
#include "base/functional/bind.h"
#include "base/no_destructor.h"
#include "base/notreached.h"
#include "base/ranges/algorithm.h"
#include "base/strings/string_number_conversions.h"
#include "base/strings/string_piece.h"
#include "base/time/time_delta_from_string.h"
#include "base/values.h"
#include "net/base/address_list.h"
#include "net/base/features.h"
#include "net/base/host_port_pair.h"
#include "net/base/net_errors.h"
#include "net/base/network_change_notifier.h"
#include "net/dns/context_host_resolver.h"
#include "net/dns/dns_client.h"
#include "net/dns/dns_util.h"
#include "net/dns/host_cache.h"
#include "net/dns/host_resolver_manager.h"
#include "net/dns/mapped_host_resolver.h"
#include "net/dns/public/host_resolver_results.h"
#include "net/dns/resolve_context.h"
#include "third_party/abseil-cpp/absl/types/optional.h"
#include "third_party/abseil-cpp/absl/types/variant.h"
#include "url/scheme_host_port.h"
#if BUILDFLAG(IS_ANDROID)
#include "base/android/build_info.h"
#include "net/android/network_library.h"
#endif // BUILDFLAG(IS_ANDROID)
namespace net {
namespace {
// The experiment settings of features::kUseDnsHttpsSvcb. See the comments in
// net/base/features.h for more details.
const char kUseDnsHttpsSvcbEnable[] = "enable";
const char kUseDnsHttpsSvcbInsecureExtraTimeMax[] = "insecure_extra_time_max";
const char kUseDnsHttpsSvcbInsecureExtraTimePercent[] =
"insecure_extra_time_percent";
const char kUseDnsHttpsSvcbInsecureExtraTimeMin[] = "insecure_extra_time_min";
const char kUseDnsHttpsSvcbSecureExtraTimeMax[] = "secure_extra_time_max";
const char kUseDnsHttpsSvcbSecureExtraTimePercent[] =
"secure_extra_time_percent";
const char kUseDnsHttpsSvcbSecureExtraTimeMin[] = "secure_extra_time_min";
class FailingRequestImpl : public HostResolver::ResolveHostRequest,
public HostResolver::ProbeRequest {
public:
explicit FailingRequestImpl(int error) : error_(error) {}
FailingRequestImpl(const FailingRequestImpl&) = delete;
FailingRequestImpl& operator=(const FailingRequestImpl&) = delete;
~FailingRequestImpl() override = default;
int Start(CompletionOnceCallback callback) override { return error_; }
int Start() override { return error_; }
AddressList* GetAddressResults() const override { return nullptr; }
std::vector<HostResolverEndpointResult>* GetEndpointResults() const override {
return nullptr;
}
const std::vector<std::string>* GetTextResults() const override {
return nullptr;
}
const std::vector<HostPortPair>* GetHostnameResults() const override {
return nullptr;
}
const std::set<std::string>* GetDnsAliasResults() const override {
return nullptr;
}
ResolveErrorInfo GetResolveErrorInfo() const override {
return ResolveErrorInfo(error_);
}
const absl::optional<HostCache::EntryStaleness>& GetStaleInfo()
const override {
static const absl::optional<HostCache::EntryStaleness> nullopt_result;
return nullopt_result;
}
private:
const int error_;
};
bool EndpointResultIsNonProtocol(const HostResolverEndpointResult& result) {
return result.metadata.supported_protocol_alpns.empty();
}
void GetTimeDeltaFromDictString(const base::Value::Dict& args,
base::StringPiece key,
base::TimeDelta* out) {
const std::string* value_string = args.FindString(key);
if (!value_string)
return;
*out = base::TimeDeltaFromString(*value_string).value_or(*out);
}
} // namespace
HostResolver::Host::Host(absl::variant<url::SchemeHostPort, HostPortPair> host)
: host_(std::move(host)) {
#if DCHECK_IS_ON()
if (absl::holds_alternative<url::SchemeHostPort>(host_)) {
DCHECK(absl::get<url::SchemeHostPort>(host_).IsValid());
} else {
DCHECK(absl::holds_alternative<HostPortPair>(host_));
DCHECK(!absl::get<HostPortPair>(host_).IsEmpty());
}
#endif // DCHECK_IS_ON()
}
HostResolver::Host::~Host() = default;
HostResolver::Host::Host(const Host&) = default;
HostResolver::Host& HostResolver::Host::operator=(const Host&) = default;
HostResolver::Host::Host(Host&&) = default;
HostResolver::Host& HostResolver::Host::operator=(Host&&) = default;
bool HostResolver::Host::HasScheme() const {
return absl::holds_alternative<url::SchemeHostPort>(host_);
}
const std::string& HostResolver::Host::GetScheme() const {
DCHECK(absl::holds_alternative<url::SchemeHostPort>(host_));
return absl::get<url::SchemeHostPort>(host_).scheme();
}
std::string HostResolver::Host::GetHostname() const {
if (absl::holds_alternative<url::SchemeHostPort>(host_)) {
return absl::get<url::SchemeHostPort>(host_).host();
} else {
DCHECK(absl::holds_alternative<HostPortPair>(host_));
return absl::get<HostPortPair>(host_).HostForURL();
}
}
base::StringPiece HostResolver::Host::GetHostnameWithoutBrackets() const {
if (absl::holds_alternative<url::SchemeHostPort>(host_)) {
base::StringPiece hostname = absl::get<url::SchemeHostPort>(host_).host();
if (hostname.size() > 2 && hostname.front() == '[' &&
hostname.back() == ']') {
return hostname.substr(1, hostname.size() - 2);
} else {
return hostname;
}
} else {
DCHECK(absl::holds_alternative<HostPortPair>(host_));
return absl::get<HostPortPair>(host_).host();
}
}
uint16_t HostResolver::Host::GetPort() const {
if (absl::holds_alternative<url::SchemeHostPort>(host_)) {
return absl::get<url::SchemeHostPort>(host_).port();
} else {
DCHECK(absl::holds_alternative<HostPortPair>(host_));
return absl::get<HostPortPair>(host_).port();
}
}
std::string HostResolver::Host::ToString() const {
if (absl::holds_alternative<url::SchemeHostPort>(host_)) {
return absl::get<url::SchemeHostPort>(host_).Serialize();
} else {
DCHECK(absl::holds_alternative<HostPortPair>(host_));
return absl::get<HostPortPair>(host_).ToString();
}
}
const url::SchemeHostPort& HostResolver::Host::AsSchemeHostPort() const {
const url::SchemeHostPort* scheme_host_port =
absl::get_if<url::SchemeHostPort>(&host_);
DCHECK(scheme_host_port);
return *scheme_host_port;
}
HostResolver::HttpsSvcbOptions::HttpsSvcbOptions() = default;
HostResolver::HttpsSvcbOptions::HttpsSvcbOptions(
const HttpsSvcbOptions& other) = default;
HostResolver::HttpsSvcbOptions::HttpsSvcbOptions(HttpsSvcbOptions&& other) =
default;
HostResolver::HttpsSvcbOptions::~HttpsSvcbOptions() = default;
// static
HostResolver::HttpsSvcbOptions HostResolver::HttpsSvcbOptions::FromDict(
const base::Value::Dict& dict) {
net::HostResolver::HttpsSvcbOptions options;
options.enable =
dict.FindBool(kUseDnsHttpsSvcbEnable).value_or(options.enable);
GetTimeDeltaFromDictString(dict, kUseDnsHttpsSvcbInsecureExtraTimeMax,
&options.insecure_extra_time_max);
options.insecure_extra_time_percent =
dict.FindInt(kUseDnsHttpsSvcbInsecureExtraTimePercent)
.value_or(options.insecure_extra_time_percent);
GetTimeDeltaFromDictString(dict, kUseDnsHttpsSvcbInsecureExtraTimeMin,
&options.insecure_extra_time_min);
GetTimeDeltaFromDictString(dict, kUseDnsHttpsSvcbSecureExtraTimeMax,
&options.secure_extra_time_max);
options.secure_extra_time_percent =
dict.FindInt(kUseDnsHttpsSvcbSecureExtraTimePercent)
.value_or(options.secure_extra_time_percent);
GetTimeDeltaFromDictString(dict, kUseDnsHttpsSvcbSecureExtraTimeMin,
&options.secure_extra_time_min);
return options;
}
// static
HostResolver::HttpsSvcbOptions HostResolver::HttpsSvcbOptions::FromFeatures() {
net::HostResolver::HttpsSvcbOptions options;
options.enable = base::FeatureList::IsEnabled(features::kUseDnsHttpsSvcb);
options.insecure_extra_time_max =
features::kUseDnsHttpsSvcbInsecureExtraTimeMax.Get();
options.insecure_extra_time_percent =
features::kUseDnsHttpsSvcbInsecureExtraTimePercent.Get();
options.insecure_extra_time_min =
features::kUseDnsHttpsSvcbInsecureExtraTimeMin.Get();
options.secure_extra_time_max =
features::kUseDnsHttpsSvcbSecureExtraTimeMax.Get();
options.secure_extra_time_percent =
features::kUseDnsHttpsSvcbSecureExtraTimePercent.Get();
options.secure_extra_time_min =
features::kUseDnsHttpsSvcbSecureExtraTimeMin.Get();
return options;
}
HostResolver::ManagerOptions::ManagerOptions() = default;
HostResolver::ManagerOptions::ManagerOptions(const ManagerOptions& other) =
default;
HostResolver::ManagerOptions::ManagerOptions(ManagerOptions&& other) = default;
HostResolver::ManagerOptions::~ManagerOptions() = default;
const std::vector<bool>*
HostResolver::ResolveHostRequest::GetExperimentalResultsForTesting() const {
NOTREACHED();
return nullptr;
}
std::unique_ptr<HostResolver> HostResolver::Factory::CreateResolver(
HostResolverManager* manager,
base::StringPiece host_mapping_rules,
bool enable_caching) {
return HostResolver::CreateResolver(manager, host_mapping_rules,
enable_caching);
}
std::unique_ptr<HostResolver> HostResolver::Factory::CreateStandaloneResolver(
NetLog* net_log,
const ManagerOptions& options,
base::StringPiece host_mapping_rules,
bool enable_caching) {
return HostResolver::CreateStandaloneResolver(
net_log, options, host_mapping_rules, enable_caching);
}
HostResolver::ResolveHostParameters::ResolveHostParameters() = default;
HostResolver::ResolveHostParameters::ResolveHostParameters(
const ResolveHostParameters& other) = default;
HostResolver::~HostResolver() = default;
std::unique_ptr<HostResolver::ProbeRequest>
HostResolver::CreateDohProbeRequest() {
// Should be overridden in any HostResolver implementation where this method
// may be called.
NOTREACHED();
return nullptr;
}
std::unique_ptr<HostResolver::MdnsListener> HostResolver::CreateMdnsListener(
const HostPortPair& host,
DnsQueryType query_type) {
// Should be overridden in any HostResolver implementation where this method
// may be called.
NOTREACHED();
return nullptr;
}
HostCache* HostResolver::GetHostCache() {
return nullptr;
}
base::Value::Dict HostResolver::GetDnsConfigAsValue() const {
return base::Value::Dict();
}
void HostResolver::SetRequestContext(URLRequestContext* request_context) {
// Should be overridden in any HostResolver implementation where this method
// may be called.
NOTREACHED();
}
HostResolverManager* HostResolver::GetManagerForTesting() {
// Should be overridden in any HostResolver implementation where this method
// may be called.
NOTREACHED();
return nullptr;
}
const URLRequestContext* HostResolver::GetContextForTesting() const {
// Should be overridden in any HostResolver implementation where this method
// may be called.
NOTREACHED();
return nullptr;
}
handles::NetworkHandle HostResolver::GetTargetNetworkForTesting() const {
return handles::kInvalidNetworkHandle;
}
// static
std::unique_ptr<HostResolver> HostResolver::CreateResolver(
HostResolverManager* manager,
base::StringPiece host_mapping_rules,
bool enable_caching) {
DCHECK(manager);
auto resolve_context = std::make_unique<ResolveContext>(
nullptr /* url_request_context */, enable_caching);
auto resolver = std::make_unique<ContextHostResolver>(
manager, std::move(resolve_context));
if (host_mapping_rules.empty())
return resolver;
auto remapped_resolver =
std::make_unique<MappedHostResolver>(std::move(resolver));
remapped_resolver->SetRulesFromString(host_mapping_rules);
return remapped_resolver;
}
// static
std::unique_ptr<HostResolver> HostResolver::CreateStandaloneResolver(
NetLog* net_log,
absl::optional<ManagerOptions> options,
base::StringPiece host_mapping_rules,
bool enable_caching) {
std::unique_ptr<ContextHostResolver> resolver =
CreateStandaloneContextResolver(net_log, std::move(options),
enable_caching);
if (host_mapping_rules.empty())
return resolver;
auto remapped_resolver =
std::make_unique<MappedHostResolver>(std::move(resolver));
remapped_resolver->SetRulesFromString(host_mapping_rules);
return remapped_resolver;
}
// static
std::unique_ptr<ContextHostResolver>
HostResolver::CreateStandaloneContextResolver(
NetLog* net_log,
absl::optional<ManagerOptions> options,
bool enable_caching) {
auto resolve_context = std::make_unique<ResolveContext>(
nullptr /* url_request_context */, enable_caching);
return std::make_unique<ContextHostResolver>(
std::make_unique<HostResolverManager>(
std::move(options).value_or(ManagerOptions()),
NetworkChangeNotifier::GetSystemDnsConfigNotifier(), net_log),
std::move(resolve_context));
}
// static
std::unique_ptr<HostResolver>
HostResolver::CreateStandaloneNetworkBoundResolver(
NetLog* net_log,
handles::NetworkHandle target_network,
absl::optional<ManagerOptions> options,
base::StringPiece host_mapping_rules,
bool enable_caching) {
#if BUILDFLAG(IS_ANDROID)
// Note that the logic below uses Android APIs that don't work on a sandboxed
// process: This is not problematic because this function is used only by
// Cronet which doesn't enable sandboxing.
auto resolve_context = std::make_unique<ResolveContext>(
nullptr /*url_request_context */, enable_caching);
auto manager_options = std::move(options).value_or(ManagerOptions());
// Support the use of the built-in resolver when possible.
bool is_builtin_resolver_supported =
manager_options.insecure_dns_client_enabled &&
base::android::BuildInfo::GetInstance()->sdk_int() >=
base::android::SDK_VERSION_P;
if (is_builtin_resolver_supported) {
// Pre-existing DnsConfigOverrides is currently ignored, consider extending
// if a use case arises.
DCHECK(manager_options.dns_config_overrides == DnsConfigOverrides());
std::vector<IPEndPoint> dns_servers;
bool dns_over_tls_active;
std::string dns_over_tls_hostname;
std::vector<std::string> search_suffixes;
if (android::GetDnsServersForNetwork(&dns_servers, &dns_over_tls_active,
&dns_over_tls_hostname,
&search_suffixes, target_network)) {
DnsConfigOverrides dns_config_overrides =
DnsConfigOverrides::CreateOverridingEverythingWithDefaults();
dns_config_overrides.nameservers = dns_servers;
// Android APIs don't specify whether to use DoT or DoH. So, leave the
// decision to `DnsConfig::allow_dns_over_https_upgrade` default value.
dns_config_overrides.dns_over_tls_active = dns_over_tls_active;
dns_config_overrides.dns_over_tls_hostname = dns_over_tls_hostname;
dns_config_overrides.search = search_suffixes;
manager_options.dns_config_overrides = dns_config_overrides;
// Regardless of DoH vs DoT, the important contract to respect is not to
// perform insecure DNS lookups if `dns_over_tls_active` == true.
manager_options.additional_types_via_insecure_dns_enabled =
!dns_over_tls_active;
} else {
// Disable when android::GetDnsServersForNetwork fails.
is_builtin_resolver_supported = false;
}
}
manager_options.insecure_dns_client_enabled = is_builtin_resolver_supported;
return std::make_unique<ContextHostResolver>(
HostResolverManager::CreateNetworkBoundHostResolverManager(
manager_options, target_network, net_log),
std::move(resolve_context));
#else // !BUILDFLAG(IS_ANDROID)
NOTIMPLEMENTED();
return nullptr;
#endif // BUILDFLAG(IS_ANDROID)
}
// static
AddressFamily HostResolver::DnsQueryTypeSetToAddressFamily(
DnsQueryTypeSet dns_query_types) {
DCHECK(HasAddressType(dns_query_types));
// If the set of query types contains A and AAAA, defer the choice of address
// family. Otherwise, pick the corresponding address family.
if (dns_query_types.HasAll({DnsQueryType::A, DnsQueryType::AAAA}))
return ADDRESS_FAMILY_UNSPECIFIED;
if (dns_query_types.Has(DnsQueryType::AAAA))
return ADDRESS_FAMILY_IPV6;
DCHECK(dns_query_types.Has(DnsQueryType::A));
return ADDRESS_FAMILY_IPV4;
}
// static
HostResolverFlags HostResolver::ParametersToHostResolverFlags(
const ResolveHostParameters& parameters) {
HostResolverFlags flags = 0;
if (parameters.include_canonical_name)
flags |= HOST_RESOLVER_CANONNAME;
if (parameters.loopback_only)
flags |= HOST_RESOLVER_LOOPBACK_ONLY;
if (parameters.avoid_multicast_resolution)
flags |= HOST_RESOLVER_AVOID_MULTICAST;
return flags;
}
// static
int HostResolver::SquashErrorCode(int error) {
// TODO(crbug.com/1043281): Consider squashing ERR_INTERNET_DISCONNECTED.
if (error == OK || error == ERR_IO_PENDING ||
error == ERR_INTERNET_DISCONNECTED || error == ERR_NAME_NOT_RESOLVED ||
error == ERR_DNS_NAME_HTTPS_ONLY) {
return error;
} else {
return ERR_NAME_NOT_RESOLVED;
}
}
// static
AddressList HostResolver::EndpointResultToAddressList(
base::span<const HostResolverEndpointResult> endpoints,
const std::set<std::string>& aliases) {
AddressList list;
auto non_protocol_endpoint =
base::ranges::find_if(endpoints, &EndpointResultIsNonProtocol);
if (non_protocol_endpoint == endpoints.end())
return list;
list.endpoints() = non_protocol_endpoint->ip_endpoints;
std::vector<std::string> aliases_vector(aliases.begin(), aliases.end());
list.SetDnsAliases(std::move(aliases_vector));
return list;
}
// static
bool HostResolver::AllProtocolEndpointsHaveEch(
base::span<const HostResolverEndpointResult> endpoints) {
bool has_svcb = false;
for (const auto& endpoint : endpoints) {
if (!endpoint.metadata.supported_protocol_alpns.empty()) {
has_svcb = true;
if (endpoint.metadata.ech_config_list.empty()) {
return false; // There is a non-ECH SVCB/HTTPS route.
}
}
}
// Either there were no SVCB/HTTPS records (should be SVCB-optional), or there
// were and all supported ECH (should be SVCB-reliant).
return has_svcb;
}
HostResolver::HostResolver() = default;
// static
std::unique_ptr<HostResolver::ResolveHostRequest>
HostResolver::CreateFailingRequest(int error) {
return std::make_unique<FailingRequestImpl>(error);
}
// static
std::unique_ptr<HostResolver::ProbeRequest>
HostResolver::CreateFailingProbeRequest(int error) {
return std::make_unique<FailingRequestImpl>(error);
}
} // namespace net