From 0ebecc2a0cceb791d170d5c63fccddaa4c21faa2 Mon Sep 17 00:00:00 2001 From: M66B Date: Wed, 20 Sep 2023 08:46:43 +0200 Subject: [PATCH] Added uid to SNI names --- .../main/java/eu/faircode/netguard/AdapterDns.java | 5 +++++ .../java/eu/faircode/netguard/DatabaseHelper.java | 12 ++++++++++-- .../java/eu/faircode/netguard/ResourceRecord.java | 2 ++ app/src/main/jni/netguard/dns.c | 2 +- app/src/main/jni/netguard/ip.c | 8 +++++--- app/src/main/jni/netguard/netguard.c | 5 ++++- app/src/main/jni/netguard/netguard.h | 2 +- app/src/main/res/layout/dns.xml | 6 ++++++ 8 files changed, 34 insertions(+), 8 deletions(-) diff --git a/app/src/main/java/eu/faircode/netguard/AdapterDns.java b/app/src/main/java/eu/faircode/netguard/AdapterDns.java index 6ddd7e6c..49e4b18d 100644 --- a/app/src/main/java/eu/faircode/netguard/AdapterDns.java +++ b/app/src/main/java/eu/faircode/netguard/AdapterDns.java @@ -42,6 +42,7 @@ public class AdapterDns extends CursorAdapter { private int colAName; private int colResource; private int colTTL; + private int colUid; public AdapterDns(Context context, Cursor cursor) { super(context, cursor, 0); @@ -58,6 +59,7 @@ public class AdapterDns extends CursorAdapter { colAName = cursor.getColumnIndex("aname"); colResource = cursor.getColumnIndex("resource"); colTTL = cursor.getColumnIndex("ttl"); + colUid = cursor.getColumnIndex("uid"); } @Override @@ -73,6 +75,7 @@ public class AdapterDns extends CursorAdapter { String aname = cursor.getString(colAName); String resource = cursor.getString(colResource); int ttl = cursor.getInt(colTTL); + int uid = cursor.getInt(colUid); long now = new Date().getTime(); boolean expired = (time + ttl < now); @@ -84,6 +87,7 @@ public class AdapterDns extends CursorAdapter { TextView tvAName = view.findViewById(R.id.tvAName); TextView tvResource = view.findViewById(R.id.tvResource); TextView tvTTL = view.findViewById(R.id.tvTTL); + TextView tvUid = view.findViewById(R.id.tvUid); // Set values tvTime.setText(new SimpleDateFormat("dd HH:mm").format(time)); @@ -91,5 +95,6 @@ public class AdapterDns extends CursorAdapter { tvAName.setText(aname); tvResource.setText(resource); tvTTL.setText("+" + Integer.toString(ttl / 1000)); + tvUid.setText(uid > 0 ? Integer.toString(uid) : null); } } diff --git a/app/src/main/java/eu/faircode/netguard/DatabaseHelper.java b/app/src/main/java/eu/faircode/netguard/DatabaseHelper.java index 40ee7b3c..80423210 100644 --- a/app/src/main/java/eu/faircode/netguard/DatabaseHelper.java +++ b/app/src/main/java/eu/faircode/netguard/DatabaseHelper.java @@ -46,7 +46,7 @@ public class DatabaseHelper extends SQLiteOpenHelper { private static final String TAG = "NetGuard.Database"; private static final String DB_NAME = "Netguard"; - private static final int DB_VERSION = 21; + private static final int DB_VERSION = 22; private static boolean once = true; private static List logChangedListeners = new ArrayList<>(); @@ -190,6 +190,7 @@ public class DatabaseHelper extends SQLiteOpenHelper { ", aname TEXT NOT NULL" + ", resource TEXT NOT NULL" + ", ttl INTEGER" + + ", uid INTEGER" + ");"); db.execSQL("CREATE UNIQUE INDEX idx_dns ON dns(qname, aname, resource)"); db.execSQL("CREATE INDEX idx_dns_resource ON dns(resource)"); @@ -349,6 +350,12 @@ public class DatabaseHelper extends SQLiteOpenHelper { oldVersion = 21; } + if (oldVersion < 22) { + if (!columnExists(db, "dns", "uid")) + db.execSQL("ALTER TABLE dns ADD COLUMN uid INTEGER"); + oldVersion = 22; + } + if (oldVersion == DB_VERSION) { db.setVersion(oldVersion); db.setTransactionSuccessful(); @@ -828,6 +835,7 @@ public class DatabaseHelper extends SQLiteOpenHelper { cv.put("qname", rr.QName); cv.put("aname", rr.AName); cv.put("resource", rr.Resource); + cv.put("uid", rr.uid); if (db.insert("dns", null, cv) == -1) Log.e(TAG, "Insert dns failed"); @@ -892,7 +900,7 @@ public class DatabaseHelper extends SQLiteOpenHelper { String query = "SELECT d.qname"; query += " FROM dns AS d"; query += " WHERE d.resource = '" + ip.replace("'", "''") + "'"; - query += " ORDER BY d.qname"; + query += " ORDER BY (d.uid = " + uid + ") DESC, d.qname"; query += " LIMIT 1"; // There is no way to known for sure which domain name an app used, so just pick the first one return db.compileStatement(query).simpleQueryForString(); diff --git a/app/src/main/java/eu/faircode/netguard/ResourceRecord.java b/app/src/main/java/eu/faircode/netguard/ResourceRecord.java index 0d689d1f..ea4f74af 100644 --- a/app/src/main/java/eu/faircode/netguard/ResourceRecord.java +++ b/app/src/main/java/eu/faircode/netguard/ResourceRecord.java @@ -29,6 +29,7 @@ public class ResourceRecord { public String AName; public String Resource; public int TTL; + public int uid; private static DateFormat formatter = SimpleDateFormat.getDateTimeInstance(); @@ -42,6 +43,7 @@ public class ResourceRecord { " A " + AName + " R " + Resource + " TTL " + TTL + + " uid " + uid + " " + formatter.format(new Date(Time + TTL * 1000L).getTime()); } } diff --git a/app/src/main/jni/netguard/dns.c b/app/src/main/jni/netguard/dns.c index b61927de..b089b4b3 100644 --- a/app/src/main/jni/netguard/dns.c +++ b/app/src/main/jni/netguard/dns.c @@ -148,7 +148,7 @@ void parse_dns_response(const struct arguments *args, const struct ng_session *s return; } - dns_resolved(args, qname, name, rd, ttl); + dns_resolved(args, qname, name, rd, ttl, -1); log_android(ANDROID_LOG_DEBUG, "DNS answer %d qname %s qtype %d ttl %d data %s", a, name, qtype, ttl, rd); diff --git a/app/src/main/jni/netguard/ip.c b/app/src/main/jni/netguard/ip.c index 3d4a2bc8..d76ad69d 100644 --- a/app/src/main/jni/netguard/ip.c +++ b/app/src/main/jni/netguard/ip.c @@ -281,6 +281,8 @@ void handle_ip(const struct arguments *args, } } + jint uid = -1; + // Get server name char server_name[TLS_SNI_LENGTH + 1]; *server_name = 0; @@ -292,7 +294,8 @@ void handle_ip(const struct arguments *args, if (get_sni(data, datalen, server_name)) { log_android(ANDROID_LOG_INFO, "TLS server name: %s", server_name); - dns_resolved(args, server_name, server_name, dest, -1); + uid = get_uid(version, protocol, saddr, sport, daddr, dport); + dns_resolved(args, server_name, server_name, dest, -1, uid); } } @@ -300,10 +303,9 @@ void handle_ip(const struct arguments *args, strcpy(data, "sni"); // Get uid - jint uid = -1; if (protocol == IPPROTO_ICMP || protocol == IPPROTO_ICMPV6 || (protocol == IPPROTO_UDP && !has_udp_session(args, pkt, payload)) || - (protocol == IPPROTO_TCP && (syn || *server_name != 0))) { + (protocol == IPPROTO_TCP && syn)) { if (args->ctx->sdk <= 28) // Android 9 Pie uid = get_uid(version, protocol, saddr, sport, daddr, dport); else diff --git a/app/src/main/jni/netguard/netguard.c b/app/src/main/jni/netguard/netguard.c index 51add913..22d34f93 100644 --- a/app/src/main/jni/netguard/netguard.c +++ b/app/src/main/jni/netguard/netguard.c @@ -580,9 +580,10 @@ jfieldID fidQName = NULL; jfieldID fidAName = NULL; jfieldID fidResource = NULL; jfieldID fidTTL = NULL; +jfieldID fidDnsUid = NULL; void dns_resolved(const struct arguments *args, - const char *qname, const char *aname, const char *resource, int ttl) { + const char *qname, const char *aname, const char *resource, int ttl, jint uid) { #ifdef PROFILE_JNI float mselapsed; struct timeval start, end; @@ -610,6 +611,7 @@ void dns_resolved(const struct arguments *args, fidAName = jniGetFieldID(args->env, clsRR, "AName", string); fidResource = jniGetFieldID(args->env, clsRR, "Resource", string); fidTTL = jniGetFieldID(args->env, clsRR, "TTL", "I"); + fidDnsUid = jniGetFieldID(args->env, clsRR, "uid", "I"); } jlong jtime = time(NULL) * 1000LL; @@ -625,6 +627,7 @@ void dns_resolved(const struct arguments *args, (*args->env)->SetObjectField(args->env, jrr, fidAName, janame); (*args->env)->SetObjectField(args->env, jrr, fidResource, jresource); (*args->env)->SetIntField(args->env, jrr, fidTTL, ttl); + (*args->env)->SetIntField(args->env, jrr, fidDnsUid, uid); (*args->env)->CallVoidMethod(args->env, args->instance, midDnsResolved, jrr); jniCheckException(args->env); diff --git a/app/src/main/jni/netguard/netguard.h b/app/src/main/jni/netguard/netguard.h index 47c6336b..214ddfb3 100644 --- a/app/src/main/jni/netguard/netguard.h +++ b/app/src/main/jni/netguard/netguard.h @@ -521,7 +521,7 @@ void log_android(int prio, const char *fmt, ...); void log_packet(const struct arguments *args, jobject jpacket); void dns_resolved(const struct arguments *args, - const char *qname, const char *aname, const char *resource, int ttl); + const char *qname, const char *aname, const char *resource, int ttl, jint uid); jboolean is_domain_blocked(const struct arguments *args, const char *name); diff --git a/app/src/main/res/layout/dns.xml b/app/src/main/res/layout/dns.xml index 643cfa39..dffbed67 100644 --- a/app/src/main/res/layout/dns.xml +++ b/app/src/main/res/layout/dns.xml @@ -62,5 +62,11 @@ android:layout_width="match_parent" android:layout_height="wrap_content" android:textAppearance="@style/TextSmall" /> + +