1*6777b538SAndroid Build Coastguard Worker // Copyright 2012 The Chromium Authors
2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be
3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file.
4*6777b538SAndroid Build Coastguard Worker
5*6777b538SAndroid Build Coastguard Worker #include "net/dns/dns_client.h"
6*6777b538SAndroid Build Coastguard Worker
7*6777b538SAndroid Build Coastguard Worker #include <memory>
8*6777b538SAndroid Build Coastguard Worker #include <optional>
9*6777b538SAndroid Build Coastguard Worker #include <string>
10*6777b538SAndroid Build Coastguard Worker #include <utility>
11*6777b538SAndroid Build Coastguard Worker
12*6777b538SAndroid Build Coastguard Worker #include "base/functional/bind.h"
13*6777b538SAndroid Build Coastguard Worker #include "base/logging.h"
14*6777b538SAndroid Build Coastguard Worker #include "base/memory/raw_ptr.h"
15*6777b538SAndroid Build Coastguard Worker #include "base/metrics/histogram_macros.h"
16*6777b538SAndroid Build Coastguard Worker #include "base/rand_util.h"
17*6777b538SAndroid Build Coastguard Worker #include "base/ranges/algorithm.h"
18*6777b538SAndroid Build Coastguard Worker #include "base/values.h"
19*6777b538SAndroid Build Coastguard Worker #include "net/base/ip_address.h"
20*6777b538SAndroid Build Coastguard Worker #include "net/base/ip_endpoint.h"
21*6777b538SAndroid Build Coastguard Worker #include "net/dns/address_sorter.h"
22*6777b538SAndroid Build Coastguard Worker #include "net/dns/dns_session.h"
23*6777b538SAndroid Build Coastguard Worker #include "net/dns/dns_transaction.h"
24*6777b538SAndroid Build Coastguard Worker #include "net/dns/dns_util.h"
25*6777b538SAndroid Build Coastguard Worker #include "net/dns/public/dns_over_https_config.h"
26*6777b538SAndroid Build Coastguard Worker #include "net/dns/public/secure_dns_mode.h"
27*6777b538SAndroid Build Coastguard Worker #include "net/dns/resolve_context.h"
28*6777b538SAndroid Build Coastguard Worker #include "net/log/net_log.h"
29*6777b538SAndroid Build Coastguard Worker #include "net/log/net_log_event_type.h"
30*6777b538SAndroid Build Coastguard Worker #include "net/socket/client_socket_factory.h"
31*6777b538SAndroid Build Coastguard Worker #include "net/third_party/uri_template/uri_template.h"
32*6777b538SAndroid Build Coastguard Worker #include "url/gurl.h"
33*6777b538SAndroid Build Coastguard Worker #include "url/scheme_host_port.h"
34*6777b538SAndroid Build Coastguard Worker
35*6777b538SAndroid Build Coastguard Worker namespace net {
36*6777b538SAndroid Build Coastguard Worker
37*6777b538SAndroid Build Coastguard Worker namespace {
38*6777b538SAndroid Build Coastguard Worker
IsEqual(const std::optional<DnsConfig> & c1,const DnsConfig * c2)39*6777b538SAndroid Build Coastguard Worker bool IsEqual(const std::optional<DnsConfig>& c1, const DnsConfig* c2) {
40*6777b538SAndroid Build Coastguard Worker if (!c1.has_value() && c2 == nullptr)
41*6777b538SAndroid Build Coastguard Worker return true;
42*6777b538SAndroid Build Coastguard Worker
43*6777b538SAndroid Build Coastguard Worker if (!c1.has_value() || c2 == nullptr)
44*6777b538SAndroid Build Coastguard Worker return false;
45*6777b538SAndroid Build Coastguard Worker
46*6777b538SAndroid Build Coastguard Worker return c1.value() == *c2;
47*6777b538SAndroid Build Coastguard Worker }
48*6777b538SAndroid Build Coastguard Worker
UpdateConfigForDohUpgrade(DnsConfig * config)49*6777b538SAndroid Build Coastguard Worker void UpdateConfigForDohUpgrade(DnsConfig* config) {
50*6777b538SAndroid Build Coastguard Worker bool has_doh_servers = !config->doh_config.servers().empty();
51*6777b538SAndroid Build Coastguard Worker // Do not attempt upgrade when there are already DoH servers specified or
52*6777b538SAndroid Build Coastguard Worker // when there are aspects of the system DNS config that are unhandled.
53*6777b538SAndroid Build Coastguard Worker if (!config->unhandled_options && config->allow_dns_over_https_upgrade &&
54*6777b538SAndroid Build Coastguard Worker !has_doh_servers &&
55*6777b538SAndroid Build Coastguard Worker config->secure_dns_mode == SecureDnsMode::kAutomatic) {
56*6777b538SAndroid Build Coastguard Worker // If we're in strict mode on Android, only attempt to upgrade the
57*6777b538SAndroid Build Coastguard Worker // specified DoT hostname.
58*6777b538SAndroid Build Coastguard Worker if (!config->dns_over_tls_hostname.empty()) {
59*6777b538SAndroid Build Coastguard Worker config->doh_config = DnsOverHttpsConfig(
60*6777b538SAndroid Build Coastguard Worker GetDohUpgradeServersFromDotHostname(config->dns_over_tls_hostname));
61*6777b538SAndroid Build Coastguard Worker has_doh_servers = !config->doh_config.servers().empty();
62*6777b538SAndroid Build Coastguard Worker UMA_HISTOGRAM_BOOLEAN("Net.DNS.UpgradeConfig.DotUpgradeSucceeded",
63*6777b538SAndroid Build Coastguard Worker has_doh_servers);
64*6777b538SAndroid Build Coastguard Worker } else {
65*6777b538SAndroid Build Coastguard Worker bool all_local = true;
66*6777b538SAndroid Build Coastguard Worker for (const auto& server : config->nameservers) {
67*6777b538SAndroid Build Coastguard Worker if (server.address().IsPubliclyRoutable()) {
68*6777b538SAndroid Build Coastguard Worker all_local = false;
69*6777b538SAndroid Build Coastguard Worker break;
70*6777b538SAndroid Build Coastguard Worker }
71*6777b538SAndroid Build Coastguard Worker }
72*6777b538SAndroid Build Coastguard Worker UMA_HISTOGRAM_BOOLEAN("Net.DNS.UpgradeConfig.HasPublicInsecureNameserver",
73*6777b538SAndroid Build Coastguard Worker !all_local);
74*6777b538SAndroid Build Coastguard Worker
75*6777b538SAndroid Build Coastguard Worker config->doh_config = DnsOverHttpsConfig(
76*6777b538SAndroid Build Coastguard Worker GetDohUpgradeServersFromNameservers(config->nameservers));
77*6777b538SAndroid Build Coastguard Worker has_doh_servers = !config->doh_config.servers().empty();
78*6777b538SAndroid Build Coastguard Worker UMA_HISTOGRAM_BOOLEAN("Net.DNS.UpgradeConfig.InsecureUpgradeSucceeded",
79*6777b538SAndroid Build Coastguard Worker has_doh_servers);
80*6777b538SAndroid Build Coastguard Worker }
81*6777b538SAndroid Build Coastguard Worker } else {
82*6777b538SAndroid Build Coastguard Worker UMA_HISTOGRAM_BOOLEAN("Net.DNS.UpgradeConfig.Ineligible.DohSpecified",
83*6777b538SAndroid Build Coastguard Worker has_doh_servers);
84*6777b538SAndroid Build Coastguard Worker UMA_HISTOGRAM_BOOLEAN("Net.DNS.UpgradeConfig.Ineligible.UnhandledOptions",
85*6777b538SAndroid Build Coastguard Worker config->unhandled_options);
86*6777b538SAndroid Build Coastguard Worker }
87*6777b538SAndroid Build Coastguard Worker }
88*6777b538SAndroid Build Coastguard Worker
89*6777b538SAndroid Build Coastguard Worker class DnsClientImpl : public DnsClient {
90*6777b538SAndroid Build Coastguard Worker public:
DnsClientImpl(NetLog * net_log,const RandIntCallback & rand_int_callback)91*6777b538SAndroid Build Coastguard Worker DnsClientImpl(NetLog* net_log, const RandIntCallback& rand_int_callback)
92*6777b538SAndroid Build Coastguard Worker : net_log_(net_log), rand_int_callback_(rand_int_callback) {}
93*6777b538SAndroid Build Coastguard Worker
94*6777b538SAndroid Build Coastguard Worker DnsClientImpl(const DnsClientImpl&) = delete;
95*6777b538SAndroid Build Coastguard Worker DnsClientImpl& operator=(const DnsClientImpl&) = delete;
96*6777b538SAndroid Build Coastguard Worker
97*6777b538SAndroid Build Coastguard Worker ~DnsClientImpl() override = default;
98*6777b538SAndroid Build Coastguard Worker
CanUseSecureDnsTransactions() const99*6777b538SAndroid Build Coastguard Worker bool CanUseSecureDnsTransactions() const override {
100*6777b538SAndroid Build Coastguard Worker const DnsConfig* config = GetEffectiveConfig();
101*6777b538SAndroid Build Coastguard Worker return config && !config->doh_config.servers().empty();
102*6777b538SAndroid Build Coastguard Worker }
103*6777b538SAndroid Build Coastguard Worker
CanUseInsecureDnsTransactions() const104*6777b538SAndroid Build Coastguard Worker bool CanUseInsecureDnsTransactions() const override {
105*6777b538SAndroid Build Coastguard Worker const DnsConfig* config = GetEffectiveConfig();
106*6777b538SAndroid Build Coastguard Worker return config && config->nameservers.size() > 0 && insecure_enabled_ &&
107*6777b538SAndroid Build Coastguard Worker !config->unhandled_options && !config->dns_over_tls_active;
108*6777b538SAndroid Build Coastguard Worker }
109*6777b538SAndroid Build Coastguard Worker
CanQueryAdditionalTypesViaInsecureDns() const110*6777b538SAndroid Build Coastguard Worker bool CanQueryAdditionalTypesViaInsecureDns() const override {
111*6777b538SAndroid Build Coastguard Worker // Only useful information if insecure DNS is usable, so expect this to
112*6777b538SAndroid Build Coastguard Worker // never be called if that is not the case.
113*6777b538SAndroid Build Coastguard Worker DCHECK(CanUseInsecureDnsTransactions());
114*6777b538SAndroid Build Coastguard Worker
115*6777b538SAndroid Build Coastguard Worker return can_query_additional_types_via_insecure_;
116*6777b538SAndroid Build Coastguard Worker }
117*6777b538SAndroid Build Coastguard Worker
SetInsecureEnabled(bool enabled,bool additional_types_enabled)118*6777b538SAndroid Build Coastguard Worker void SetInsecureEnabled(bool enabled,
119*6777b538SAndroid Build Coastguard Worker bool additional_types_enabled) override {
120*6777b538SAndroid Build Coastguard Worker insecure_enabled_ = enabled;
121*6777b538SAndroid Build Coastguard Worker can_query_additional_types_via_insecure_ = additional_types_enabled;
122*6777b538SAndroid Build Coastguard Worker }
123*6777b538SAndroid Build Coastguard Worker
FallbackFromSecureTransactionPreferred(ResolveContext * context) const124*6777b538SAndroid Build Coastguard Worker bool FallbackFromSecureTransactionPreferred(
125*6777b538SAndroid Build Coastguard Worker ResolveContext* context) const override {
126*6777b538SAndroid Build Coastguard Worker if (!CanUseSecureDnsTransactions())
127*6777b538SAndroid Build Coastguard Worker return true;
128*6777b538SAndroid Build Coastguard Worker
129*6777b538SAndroid Build Coastguard Worker DCHECK(session_); // Should be true if CanUseSecureDnsTransactions() true.
130*6777b538SAndroid Build Coastguard Worker return context->NumAvailableDohServers(session_.get()) == 0;
131*6777b538SAndroid Build Coastguard Worker }
132*6777b538SAndroid Build Coastguard Worker
FallbackFromInsecureTransactionPreferred() const133*6777b538SAndroid Build Coastguard Worker bool FallbackFromInsecureTransactionPreferred() const override {
134*6777b538SAndroid Build Coastguard Worker return !CanUseInsecureDnsTransactions() ||
135*6777b538SAndroid Build Coastguard Worker insecure_fallback_failures_ >= kMaxInsecureFallbackFailures;
136*6777b538SAndroid Build Coastguard Worker }
137*6777b538SAndroid Build Coastguard Worker
SetSystemConfig(std::optional<DnsConfig> system_config)138*6777b538SAndroid Build Coastguard Worker bool SetSystemConfig(std::optional<DnsConfig> system_config) override {
139*6777b538SAndroid Build Coastguard Worker if (system_config == system_config_)
140*6777b538SAndroid Build Coastguard Worker return false;
141*6777b538SAndroid Build Coastguard Worker
142*6777b538SAndroid Build Coastguard Worker system_config_ = std::move(system_config);
143*6777b538SAndroid Build Coastguard Worker
144*6777b538SAndroid Build Coastguard Worker return UpdateDnsConfig();
145*6777b538SAndroid Build Coastguard Worker }
146*6777b538SAndroid Build Coastguard Worker
SetConfigOverrides(DnsConfigOverrides config_overrides)147*6777b538SAndroid Build Coastguard Worker bool SetConfigOverrides(DnsConfigOverrides config_overrides) override {
148*6777b538SAndroid Build Coastguard Worker if (config_overrides == config_overrides_)
149*6777b538SAndroid Build Coastguard Worker return false;
150*6777b538SAndroid Build Coastguard Worker
151*6777b538SAndroid Build Coastguard Worker config_overrides_ = std::move(config_overrides);
152*6777b538SAndroid Build Coastguard Worker
153*6777b538SAndroid Build Coastguard Worker return UpdateDnsConfig();
154*6777b538SAndroid Build Coastguard Worker }
155*6777b538SAndroid Build Coastguard Worker
ReplaceCurrentSession()156*6777b538SAndroid Build Coastguard Worker void ReplaceCurrentSession() override {
157*6777b538SAndroid Build Coastguard Worker if (!session_)
158*6777b538SAndroid Build Coastguard Worker return;
159*6777b538SAndroid Build Coastguard Worker
160*6777b538SAndroid Build Coastguard Worker UpdateSession(session_->config());
161*6777b538SAndroid Build Coastguard Worker }
162*6777b538SAndroid Build Coastguard Worker
GetCurrentSession()163*6777b538SAndroid Build Coastguard Worker DnsSession* GetCurrentSession() override { return session_.get(); }
164*6777b538SAndroid Build Coastguard Worker
GetEffectiveConfig() const165*6777b538SAndroid Build Coastguard Worker const DnsConfig* GetEffectiveConfig() const override {
166*6777b538SAndroid Build Coastguard Worker if (!session_)
167*6777b538SAndroid Build Coastguard Worker return nullptr;
168*6777b538SAndroid Build Coastguard Worker
169*6777b538SAndroid Build Coastguard Worker DCHECK(session_->config().IsValid());
170*6777b538SAndroid Build Coastguard Worker return &session_->config();
171*6777b538SAndroid Build Coastguard Worker }
172*6777b538SAndroid Build Coastguard Worker
GetHosts() const173*6777b538SAndroid Build Coastguard Worker const DnsHosts* GetHosts() const override {
174*6777b538SAndroid Build Coastguard Worker const DnsConfig* config = GetEffectiveConfig();
175*6777b538SAndroid Build Coastguard Worker if (!config)
176*6777b538SAndroid Build Coastguard Worker return nullptr;
177*6777b538SAndroid Build Coastguard Worker
178*6777b538SAndroid Build Coastguard Worker return &config->hosts;
179*6777b538SAndroid Build Coastguard Worker }
180*6777b538SAndroid Build Coastguard Worker
GetPresetAddrs(const url::SchemeHostPort & endpoint) const181*6777b538SAndroid Build Coastguard Worker std::optional<std::vector<IPEndPoint>> GetPresetAddrs(
182*6777b538SAndroid Build Coastguard Worker const url::SchemeHostPort& endpoint) const override {
183*6777b538SAndroid Build Coastguard Worker DCHECK(endpoint.IsValid());
184*6777b538SAndroid Build Coastguard Worker if (!session_)
185*6777b538SAndroid Build Coastguard Worker return std::nullopt;
186*6777b538SAndroid Build Coastguard Worker const auto& servers = session_->config().doh_config.servers();
187*6777b538SAndroid Build Coastguard Worker auto it = base::ranges::find_if(servers, [&](const auto& server) {
188*6777b538SAndroid Build Coastguard Worker std::string uri;
189*6777b538SAndroid Build Coastguard Worker bool valid = uri_template::Expand(server.server_template(), {}, &uri);
190*6777b538SAndroid Build Coastguard Worker // Server templates are validated before being allowed into the config.
191*6777b538SAndroid Build Coastguard Worker DCHECK(valid);
192*6777b538SAndroid Build Coastguard Worker GURL gurl(uri);
193*6777b538SAndroid Build Coastguard Worker return url::SchemeHostPort(gurl) == endpoint;
194*6777b538SAndroid Build Coastguard Worker });
195*6777b538SAndroid Build Coastguard Worker if (it == servers.end())
196*6777b538SAndroid Build Coastguard Worker return std::nullopt;
197*6777b538SAndroid Build Coastguard Worker std::vector<IPEndPoint> combined;
198*6777b538SAndroid Build Coastguard Worker for (const IPAddressList& ips : it->endpoints()) {
199*6777b538SAndroid Build Coastguard Worker for (const IPAddress& ip : ips) {
200*6777b538SAndroid Build Coastguard Worker combined.emplace_back(ip, endpoint.port());
201*6777b538SAndroid Build Coastguard Worker }
202*6777b538SAndroid Build Coastguard Worker }
203*6777b538SAndroid Build Coastguard Worker return combined;
204*6777b538SAndroid Build Coastguard Worker }
205*6777b538SAndroid Build Coastguard Worker
GetTransactionFactory()206*6777b538SAndroid Build Coastguard Worker DnsTransactionFactory* GetTransactionFactory() override {
207*6777b538SAndroid Build Coastguard Worker return session_.get() ? factory_.get() : nullptr;
208*6777b538SAndroid Build Coastguard Worker }
209*6777b538SAndroid Build Coastguard Worker
GetAddressSorter()210*6777b538SAndroid Build Coastguard Worker AddressSorter* GetAddressSorter() override { return address_sorter_.get(); }
211*6777b538SAndroid Build Coastguard Worker
IncrementInsecureFallbackFailures()212*6777b538SAndroid Build Coastguard Worker void IncrementInsecureFallbackFailures() override {
213*6777b538SAndroid Build Coastguard Worker ++insecure_fallback_failures_;
214*6777b538SAndroid Build Coastguard Worker }
215*6777b538SAndroid Build Coastguard Worker
ClearInsecureFallbackFailures()216*6777b538SAndroid Build Coastguard Worker void ClearInsecureFallbackFailures() override {
217*6777b538SAndroid Build Coastguard Worker insecure_fallback_failures_ = 0;
218*6777b538SAndroid Build Coastguard Worker }
219*6777b538SAndroid Build Coastguard Worker
GetDnsConfigAsValueForNetLog() const220*6777b538SAndroid Build Coastguard Worker base::Value::Dict GetDnsConfigAsValueForNetLog() const override {
221*6777b538SAndroid Build Coastguard Worker const DnsConfig* config = GetEffectiveConfig();
222*6777b538SAndroid Build Coastguard Worker if (config == nullptr)
223*6777b538SAndroid Build Coastguard Worker return base::Value::Dict();
224*6777b538SAndroid Build Coastguard Worker base::Value::Dict dict = config->ToDict();
225*6777b538SAndroid Build Coastguard Worker dict.Set("can_use_secure_dns_transactions", CanUseSecureDnsTransactions());
226*6777b538SAndroid Build Coastguard Worker dict.Set("can_use_insecure_dns_transactions",
227*6777b538SAndroid Build Coastguard Worker CanUseInsecureDnsTransactions());
228*6777b538SAndroid Build Coastguard Worker return dict;
229*6777b538SAndroid Build Coastguard Worker }
230*6777b538SAndroid Build Coastguard Worker
GetSystemConfigForTesting() const231*6777b538SAndroid Build Coastguard Worker std::optional<DnsConfig> GetSystemConfigForTesting() const override {
232*6777b538SAndroid Build Coastguard Worker return system_config_;
233*6777b538SAndroid Build Coastguard Worker }
234*6777b538SAndroid Build Coastguard Worker
GetConfigOverridesForTesting() const235*6777b538SAndroid Build Coastguard Worker DnsConfigOverrides GetConfigOverridesForTesting() const override {
236*6777b538SAndroid Build Coastguard Worker return config_overrides_;
237*6777b538SAndroid Build Coastguard Worker }
238*6777b538SAndroid Build Coastguard Worker
SetTransactionFactoryForTesting(std::unique_ptr<DnsTransactionFactory> factory)239*6777b538SAndroid Build Coastguard Worker void SetTransactionFactoryForTesting(
240*6777b538SAndroid Build Coastguard Worker std::unique_ptr<DnsTransactionFactory> factory) override {
241*6777b538SAndroid Build Coastguard Worker factory_ = std::move(factory);
242*6777b538SAndroid Build Coastguard Worker }
243*6777b538SAndroid Build Coastguard Worker
SetAddressSorterForTesting(std::unique_ptr<AddressSorter> address_sorter)244*6777b538SAndroid Build Coastguard Worker void SetAddressSorterForTesting(
245*6777b538SAndroid Build Coastguard Worker std::unique_ptr<AddressSorter> address_sorter) override {
246*6777b538SAndroid Build Coastguard Worker NOTIMPLEMENTED();
247*6777b538SAndroid Build Coastguard Worker }
248*6777b538SAndroid Build Coastguard Worker
249*6777b538SAndroid Build Coastguard Worker private:
BuildEffectiveConfig() const250*6777b538SAndroid Build Coastguard Worker std::optional<DnsConfig> BuildEffectiveConfig() const {
251*6777b538SAndroid Build Coastguard Worker DnsConfig config;
252*6777b538SAndroid Build Coastguard Worker if (config_overrides_.OverridesEverything()) {
253*6777b538SAndroid Build Coastguard Worker config = config_overrides_.ApplyOverrides(DnsConfig());
254*6777b538SAndroid Build Coastguard Worker } else {
255*6777b538SAndroid Build Coastguard Worker if (!system_config_)
256*6777b538SAndroid Build Coastguard Worker return std::nullopt;
257*6777b538SAndroid Build Coastguard Worker
258*6777b538SAndroid Build Coastguard Worker config = config_overrides_.ApplyOverrides(system_config_.value());
259*6777b538SAndroid Build Coastguard Worker }
260*6777b538SAndroid Build Coastguard Worker
261*6777b538SAndroid Build Coastguard Worker UpdateConfigForDohUpgrade(&config);
262*6777b538SAndroid Build Coastguard Worker
263*6777b538SAndroid Build Coastguard Worker // TODO(ericorth): Consider keeping a separate DnsConfig for pure Chrome-
264*6777b538SAndroid Build Coastguard Worker // produced configs to allow respecting all fields like |unhandled_options|
265*6777b538SAndroid Build Coastguard Worker // while still being able to fallback to system config for DoH.
266*6777b538SAndroid Build Coastguard Worker // For now, clear the nameservers for extra security if parts of the system
267*6777b538SAndroid Build Coastguard Worker // config are unhandled.
268*6777b538SAndroid Build Coastguard Worker if (config.unhandled_options)
269*6777b538SAndroid Build Coastguard Worker config.nameservers.clear();
270*6777b538SAndroid Build Coastguard Worker
271*6777b538SAndroid Build Coastguard Worker if (!config.IsValid())
272*6777b538SAndroid Build Coastguard Worker return std::nullopt;
273*6777b538SAndroid Build Coastguard Worker
274*6777b538SAndroid Build Coastguard Worker return config;
275*6777b538SAndroid Build Coastguard Worker }
276*6777b538SAndroid Build Coastguard Worker
UpdateDnsConfig()277*6777b538SAndroid Build Coastguard Worker bool UpdateDnsConfig() {
278*6777b538SAndroid Build Coastguard Worker std::optional<DnsConfig> new_effective_config = BuildEffectiveConfig();
279*6777b538SAndroid Build Coastguard Worker
280*6777b538SAndroid Build Coastguard Worker if (IsEqual(new_effective_config, GetEffectiveConfig()))
281*6777b538SAndroid Build Coastguard Worker return false;
282*6777b538SAndroid Build Coastguard Worker
283*6777b538SAndroid Build Coastguard Worker insecure_fallback_failures_ = 0;
284*6777b538SAndroid Build Coastguard Worker UpdateSession(std::move(new_effective_config));
285*6777b538SAndroid Build Coastguard Worker
286*6777b538SAndroid Build Coastguard Worker if (net_log_) {
287*6777b538SAndroid Build Coastguard Worker net_log_->AddGlobalEntry(NetLogEventType::DNS_CONFIG_CHANGED, [this] {
288*6777b538SAndroid Build Coastguard Worker return GetDnsConfigAsValueForNetLog();
289*6777b538SAndroid Build Coastguard Worker });
290*6777b538SAndroid Build Coastguard Worker }
291*6777b538SAndroid Build Coastguard Worker
292*6777b538SAndroid Build Coastguard Worker return true;
293*6777b538SAndroid Build Coastguard Worker }
294*6777b538SAndroid Build Coastguard Worker
UpdateSession(std::optional<DnsConfig> new_effective_config)295*6777b538SAndroid Build Coastguard Worker void UpdateSession(std::optional<DnsConfig> new_effective_config) {
296*6777b538SAndroid Build Coastguard Worker factory_.reset();
297*6777b538SAndroid Build Coastguard Worker session_ = nullptr;
298*6777b538SAndroid Build Coastguard Worker
299*6777b538SAndroid Build Coastguard Worker if (new_effective_config) {
300*6777b538SAndroid Build Coastguard Worker DCHECK(new_effective_config.value().IsValid());
301*6777b538SAndroid Build Coastguard Worker
302*6777b538SAndroid Build Coastguard Worker session_ = base::MakeRefCounted<DnsSession>(
303*6777b538SAndroid Build Coastguard Worker std::move(new_effective_config).value(), rand_int_callback_,
304*6777b538SAndroid Build Coastguard Worker net_log_);
305*6777b538SAndroid Build Coastguard Worker factory_ = DnsTransactionFactory::CreateFactory(session_.get());
306*6777b538SAndroid Build Coastguard Worker }
307*6777b538SAndroid Build Coastguard Worker }
308*6777b538SAndroid Build Coastguard Worker
309*6777b538SAndroid Build Coastguard Worker bool insecure_enabled_ = false;
310*6777b538SAndroid Build Coastguard Worker bool can_query_additional_types_via_insecure_ = false;
311*6777b538SAndroid Build Coastguard Worker int insecure_fallback_failures_ = 0;
312*6777b538SAndroid Build Coastguard Worker
313*6777b538SAndroid Build Coastguard Worker std::optional<DnsConfig> system_config_;
314*6777b538SAndroid Build Coastguard Worker DnsConfigOverrides config_overrides_;
315*6777b538SAndroid Build Coastguard Worker
316*6777b538SAndroid Build Coastguard Worker scoped_refptr<DnsSession> session_;
317*6777b538SAndroid Build Coastguard Worker std::unique_ptr<DnsTransactionFactory> factory_;
318*6777b538SAndroid Build Coastguard Worker std::unique_ptr<AddressSorter> address_sorter_ =
319*6777b538SAndroid Build Coastguard Worker AddressSorter::CreateAddressSorter();
320*6777b538SAndroid Build Coastguard Worker
321*6777b538SAndroid Build Coastguard Worker raw_ptr<NetLog> net_log_;
322*6777b538SAndroid Build Coastguard Worker
323*6777b538SAndroid Build Coastguard Worker const RandIntCallback rand_int_callback_;
324*6777b538SAndroid Build Coastguard Worker };
325*6777b538SAndroid Build Coastguard Worker
326*6777b538SAndroid Build Coastguard Worker } // namespace
327*6777b538SAndroid Build Coastguard Worker
328*6777b538SAndroid Build Coastguard Worker // static
CreateClient(NetLog * net_log)329*6777b538SAndroid Build Coastguard Worker std::unique_ptr<DnsClient> DnsClient::CreateClient(NetLog* net_log) {
330*6777b538SAndroid Build Coastguard Worker return std::make_unique<DnsClientImpl>(net_log,
331*6777b538SAndroid Build Coastguard Worker base::BindRepeating(&base::RandInt));
332*6777b538SAndroid Build Coastguard Worker }
333*6777b538SAndroid Build Coastguard Worker
334*6777b538SAndroid Build Coastguard Worker // static
CreateClientForTesting(NetLog * net_log,const RandIntCallback & rand_int_callback)335*6777b538SAndroid Build Coastguard Worker std::unique_ptr<DnsClient> DnsClient::CreateClientForTesting(
336*6777b538SAndroid Build Coastguard Worker NetLog* net_log,
337*6777b538SAndroid Build Coastguard Worker const RandIntCallback& rand_int_callback) {
338*6777b538SAndroid Build Coastguard Worker return std::make_unique<DnsClientImpl>(net_log, rand_int_callback);
339*6777b538SAndroid Build Coastguard Worker }
340*6777b538SAndroid Build Coastguard Worker
341*6777b538SAndroid Build Coastguard Worker } // namespace net
342