1package eu.siacs.conversations.utils;
2
3import android.content.Context;
4import android.support.annotation.NonNull;
5import android.util.Log;
6
7import java.io.IOException;
8import java.net.Inet4Address;
9import java.net.InetAddress;
10import java.util.ArrayList;
11import java.util.Collections;
12import java.util.HashSet;
13import java.util.List;
14
15import de.measite.minidns.DNSClient;
16import de.measite.minidns.DNSName;
17import de.measite.minidns.dnssec.DNSSECResultNotAuthenticException;
18import de.measite.minidns.hla.DnssecResolverApi;
19import de.measite.minidns.hla.ResolverApi;
20import de.measite.minidns.hla.ResolverResult;
21import de.measite.minidns.record.A;
22import de.measite.minidns.record.AAAA;
23import de.measite.minidns.record.CNAME;
24import de.measite.minidns.record.Data;
25import de.measite.minidns.record.InternetAddressRR;
26import de.measite.minidns.record.SRV;
27import de.measite.minidns.util.MultipleIoException;
28import eu.siacs.conversations.Config;
29import eu.siacs.conversations.R;
30import eu.siacs.conversations.services.XmppConnectionService;
31
32public class Resolver {
33
34 private static final String DIRECT_TLS_SERVICE = "_xmpps-client";
35 private static final String STARTTLS_SERICE = "_xmpp-client";
36
37 private static final String NETWORK_IS_UNREACHABLE = "Network is unreachable";
38
39 private static XmppConnectionService SERVICE = null;
40
41
42 public static void registerXmppConnectionService(XmppConnectionService service) {
43 Resolver.SERVICE = service;
44 registerLookupMechanism(service);
45 }
46
47 private static void registerLookupMechanism(Context context) {
48 DNSClient.addDnsServerLookupMechanism(new AndroidUsingLinkProperties(context));
49 }
50
51 public static List<Result> resolve(String domain) throws NetworkIsUnreachableException {
52 List<Result> results = new ArrayList<>();
53 HashSet<String> messages = new HashSet<>();
54 try {
55 results.addAll(resolveSrv(domain, true));
56 } catch (MultipleIoException e) {
57 messages.addAll(extractMessages(e));
58 } catch (Throwable throwable) {
59 Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving SRV record (direct TLS)",throwable);
60 }
61 try {
62 results.addAll(resolveSrv(domain, false));
63 } catch (MultipleIoException e) {
64 messages.addAll(extractMessages(e));
65 } catch (Throwable throwable) {
66 Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving SRV record (STARTTLS)",throwable);
67 }
68 if (results.size() == 0) {
69 if (messages.size() == 1 && messages.contains(NETWORK_IS_UNREACHABLE)) {
70 throw new NetworkIsUnreachableException();
71 }
72 results.addAll(resolveNoSrvRecords(DNSName.from(domain),true));
73 }
74 Collections.sort(results);
75 Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": "+results.toString());
76 return results;
77 }
78
79 private static HashSet<String> extractMessages(MultipleIoException e) {
80 HashSet<String> messages = new HashSet<>();
81 for(Exception inner : e.getExceptions()) {
82 if (inner instanceof MultipleIoException) {
83 messages.addAll(extractMessages((MultipleIoException) inner));
84 } else {
85 messages.add(inner.getMessage());
86 }
87 }
88 return messages;
89 }
90
91 private static List<Result> resolveSrv(String domain, final boolean directTls) throws IOException {
92 if (Thread.currentThread().isInterrupted()) {
93 return Collections.emptyList();
94 }
95 DNSName dnsName = DNSName.from((directTls ? DIRECT_TLS_SERVICE : STARTTLS_SERICE)+"._tcp."+domain);
96 ResolverResult<SRV> result = resolveWithFallback(dnsName,SRV.class);
97 List<Result> results = new ArrayList<>();
98 for(SRV record : result.getAnswersOrEmptySet()) {
99 final boolean addedIPv4 = results.addAll(resolveIp(record,A.class,result.isAuthenticData(),directTls));
100 results.addAll(resolveIp(record,AAAA.class,result.isAuthenticData(),directTls));
101 if (!addedIPv4 && !Thread.currentThread().isInterrupted()) {
102 Result resolverResult = Result.fromRecord(record, directTls);
103 resolverResult.authenticated = resolverResult.isAuthenticated();
104 results.add(resolverResult);
105 }
106 }
107 return results;
108 }
109
110 private static <D extends InternetAddressRR> List<Result> resolveIp(SRV srv, Class<D> type, boolean authenticated, boolean directTls) {
111 if (Thread.currentThread().isInterrupted()) {
112 return Collections.emptyList();
113 }
114 List<Result> list = new ArrayList<>();
115 try {
116 ResolverResult<D> results = resolveWithFallback(srv.name,type, authenticated);
117 for (D record : results.getAnswersOrEmptySet()) {
118 Result resolverResult = Result.fromRecord(srv, directTls);
119 resolverResult.authenticated = results.isAuthenticData() && authenticated;
120 resolverResult.ip = record.getInetAddress();
121 list.add(resolverResult);
122 }
123 } catch (Throwable t) {
124 Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving "+type.getSimpleName()+" "+t.getMessage());
125 }
126 return list;
127 }
128
129 private static List<Result> resolveNoSrvRecords(DNSName dnsName, boolean withCnames) {
130 List<Result> results = new ArrayList<>();
131 try {
132 for(A a : resolveWithFallback(dnsName,A.class,false).getAnswersOrEmptySet()) {
133 results.add(Result.createDefault(dnsName,a.getInetAddress()));
134 }
135 for(AAAA aaaa : resolveWithFallback(dnsName,AAAA.class,false).getAnswersOrEmptySet()) {
136 results.add(Result.createDefault(dnsName,aaaa.getInetAddress()));
137 }
138 if (results.size() == 0 && withCnames) {
139 for (CNAME cname : resolveWithFallback(dnsName, CNAME.class, false).getAnswersOrEmptySet()) {
140 results.addAll(resolveNoSrvRecords(cname.name, false));
141 }
142 }
143 } catch (Throwable throwable) {
144 Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + "error resolving fallback records",throwable);
145 }
146 results.add(Result.createDefault(dnsName));
147 return results;
148 }
149
150 private static <D extends Data> ResolverResult<D> resolveWithFallback(DNSName dnsName, Class<D> type) throws IOException {
151 return resolveWithFallback(dnsName,type,validateHostname());
152 }
153
154 private static <D extends Data> ResolverResult<D> resolveWithFallback(DNSName dnsName, Class<D> type, boolean validateHostname) throws IOException {
155 if (!validateHostname) {
156 return ResolverApi.INSTANCE.resolve(dnsName, type);
157 }
158 try {
159 final ResolverResult<D> r = DnssecResolverApi.INSTANCE.resolveDnssecReliable(dnsName, type);
160 if (r.wasSuccessful()) {
161 if (r.getAnswers().isEmpty() && type.equals(SRV.class)) {
162 Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": resolving SRV records of " + dnsName.toString() + " with DNSSEC yielded empty result");
163 }
164 return r;
165 }
166 Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": error resolving " + type.getSimpleName() + " with DNSSEC. Trying DNS instead.", r.getResolutionUnsuccessfulException());
167 } catch (DNSSECResultNotAuthenticException e) {
168 Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": error resolving " + type.getSimpleName() + " with DNSSEC. Trying DNS instead.", e);
169 } catch (IOException e) {
170 throw e;
171 } catch (Throwable throwable) {
172 Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": error resolving " + type.getSimpleName() + " with DNSSEC. Trying DNS instead.", throwable);
173 }
174 return ResolverApi.INSTANCE.resolve(dnsName, type);
175 }
176
177 private static boolean validateHostname() {
178 return SERVICE != null && SERVICE.getBooleanPreference("validate_hostname", R.bool.validate_hostname);
179 }
180
181 public static class Result implements Comparable<Result> {
182 private InetAddress ip;
183 private DNSName hostname;
184 private int port = 5222;
185 private boolean directTls = false;
186 private boolean authenticated =false;
187 private int priority;
188
189 public InetAddress getIp() {
190 return ip;
191 }
192
193 public int getPort() {
194 return port;
195 }
196
197 public DNSName getHostname() {
198 return hostname;
199 }
200
201 public boolean isDirectTls() {
202 return directTls;
203 }
204
205 public boolean isAuthenticated() {
206 return authenticated;
207 }
208
209 @Override
210 public String toString() {
211 return "Result{" +
212 "ip='" + (ip==null?null:ip.getHostAddress()) + '\'' +
213 ", hostame='" + hostname.toString() + '\'' +
214 ", port=" + port +
215 ", directTls=" + directTls +
216 ", authenticated=" + authenticated +
217 ", priority=" + priority +
218 '}';
219 }
220
221 @Override
222 public int compareTo(@NonNull Result result) {
223 if (result.priority == priority) {
224 if (directTls == result.directTls) {
225 if (ip == null && result.ip == null) {
226 return 0;
227 } else if (ip != null && result.ip != null) {
228 if (ip instanceof Inet4Address && result.ip instanceof Inet4Address) {
229 return 0;
230 } else {
231 return ip instanceof Inet4Address ? -1 : 1;
232 }
233 } else {
234 return ip != null ? -1 : 1;
235 }
236 } else {
237 return directTls ? -1 : 1;
238 }
239 } else {
240 return priority - result.priority;
241 }
242 }
243
244 public static Result fromRecord(SRV srv, boolean directTls) {
245 Result result = new Result();
246 result.port = srv.port;
247 result.hostname = srv.name;
248 result.directTls = directTls;
249 result.priority = srv.priority;
250 return result;
251 }
252
253 public static Result createDefault(DNSName hostname, InetAddress ip) {
254 Result result = new Result();
255 result.port = 5222;
256 result.hostname = hostname;
257 result.ip = ip;
258 return result;
259 }
260
261 public static Result createDefault(DNSName hostname) {
262 return createDefault(hostname,null);
263 }
264 }
265 public static class NetworkIsUnreachableException extends Exception {
266
267 }
268
269}