Added uid to SNI names

2023-09-20 08:46:43 +02:00 · 2023-09-20 08:46:43 +02:00 · 0ebecc2a0c
parent ddb5ce73fa
commit 0ebecc2a0c
8 changed files with 34 additions and 8 deletions
--- a/app/src/main/java/eu/faircode/netguard/AdapterDns.java
+++ b/app/src/main/java/eu/faircode/netguard/AdapterDns.java
@ -42,6 +42,7 @@ public class AdapterDns extends CursorAdapter {
    private int colAName;
    private int colResource;
    private int colTTL;
    private int colUid;
    public AdapterDns(Context context, Cursor cursor) {
        super(context, cursor, 0);
@ -58,6 +59,7 @@ public class AdapterDns extends CursorAdapter {
        colAName = cursor.getColumnIndex("aname");
        colResource = cursor.getColumnIndex("resource");
        colTTL = cursor.getColumnIndex("ttl");
        colUid = cursor.getColumnIndex("uid");
    }
    @Override
@ -73,6 +75,7 @@ public class AdapterDns extends CursorAdapter {
        String aname = cursor.getString(colAName);
        String resource = cursor.getString(colResource);
        int ttl = cursor.getInt(colTTL);
        int uid = cursor.getInt(colUid);
        long now = new Date().getTime();
        boolean expired = (time + ttl < now);
@ -84,6 +87,7 @@ public class AdapterDns extends CursorAdapter {
        TextView tvAName = view.findViewById(R.id.tvAName);
        TextView tvResource = view.findViewById(R.id.tvResource);
        TextView tvTTL = view.findViewById(R.id.tvTTL);
        TextView tvUid = view.findViewById(R.id.tvUid);
        // Set values
        tvTime.setText(new SimpleDateFormat("dd HH:mm").format(time));
@ -91,5 +95,6 @@ public class AdapterDns extends CursorAdapter {
        tvAName.setText(aname);
        tvResource.setText(resource);
        tvTTL.setText("+" + Integer.toString(ttl / 1000));
        tvUid.setText(uid > 0 ? Integer.toString(uid) : null);
    }
 }
--- a/app/src/main/java/eu/faircode/netguard/DatabaseHelper.java
+++ b/app/src/main/java/eu/faircode/netguard/DatabaseHelper.java
@ -46,7 +46,7 @@ public class DatabaseHelper extends SQLiteOpenHelper {
    private static final String TAG = "NetGuard.Database";
    private static final String DB_NAME = "Netguard";
-    private static final int DB_VERSION = 21;
+    private static final int DB_VERSION = 22;
    private static boolean once = true;
    private static List<LogChangedListener> logChangedListeners = new ArrayList<>();
@ -190,6 +190,7 @@ public class DatabaseHelper extends SQLiteOpenHelper {
                ", aname TEXT NOT NULL" +
                ", resource TEXT NOT NULL" +
                ", ttl INTEGER" +
                ", uid INTEGER" +
                ");");
        db.execSQL("CREATE UNIQUE INDEX idx_dns ON dns(qname, aname, resource)");
        db.execSQL("CREATE INDEX idx_dns_resource ON dns(resource)");
@ -349,6 +350,12 @@ public class DatabaseHelper extends SQLiteOpenHelper {
                oldVersion = 21;
            }
            if (oldVersion < 22) {
                if (!columnExists(db, "dns", "uid"))
                    db.execSQL("ALTER TABLE dns ADD COLUMN uid INTEGER");
                oldVersion = 22;
            }
            if (oldVersion == DB_VERSION) {
                db.setVersion(oldVersion);
                db.setTransactionSuccessful();
@ -828,6 +835,7 @@ public class DatabaseHelper extends SQLiteOpenHelper {
                    cv.put("qname", rr.QName);
                    cv.put("aname", rr.AName);
                    cv.put("resource", rr.Resource);
                    cv.put("uid", rr.uid);
                    if (db.insert("dns", null, cv) == -1)
                        Log.e(TAG, "Insert dns failed");
@ -892,7 +900,7 @@ public class DatabaseHelper extends SQLiteOpenHelper {
            String query = "SELECT d.qname";
            query += " FROM dns AS d";
            query += " WHERE d.resource = '" + ip.replace("'", "''") + "'";
-            query += " ORDER BY d.qname";
+            query += " ORDER BY (d.uid = " + uid + ") DESC, d.qname";
            query += " LIMIT 1";
            // There is no way to known for sure which domain name an app used, so just pick the first one
            return db.compileStatement(query).simpleQueryForString();
--- a/app/src/main/java/eu/faircode/netguard/ResourceRecord.java
+++ b/app/src/main/java/eu/faircode/netguard/ResourceRecord.java
@ -29,6 +29,7 @@ public class ResourceRecord {
    public String AName;
    public String Resource;
    public int TTL;
    public int uid;
    private static DateFormat formatter = SimpleDateFormat.getDateTimeInstance();
@ -42,6 +43,7 @@ public class ResourceRecord {
                " A " + AName +
                " R " + Resource +
                " TTL " + TTL +
                " uid " + uid +
                " " + formatter.format(new Date(Time + TTL * 1000L).getTime());
    }
 }
--- a/app/src/main/jni/netguard/dns.c
+++ b/app/src/main/jni/netguard/dns.c
@ -148,7 +148,7 @@ void parse_dns_response(const struct arguments *args, const struct ng_session *s
                                return;
                        }
-                        dns_resolved(args, qname, name, rd, ttl);
+                        dns_resolved(args, qname, name, rd, ttl, -1);
                        log_android(ANDROID_LOG_DEBUG,
                                    "DNS answer %d qname %s qtype %d ttl %d data %s",
                                    a, name, qtype, ttl, rd);
--- a/app/src/main/jni/netguard/ip.c
+++ b/app/src/main/jni/netguard/ip.c
@ -281,6 +281,8 @@ void handle_ip(const struct arguments *args,
        }
    }
    jint uid = -1;
    // Get server name
    char server_name[TLS_SNI_LENGTH + 1];
    *server_name = 0;
@ -292,7 +294,8 @@ void handle_ip(const struct arguments *args,
        if (get_sni(data, datalen, server_name)) {
            log_android(ANDROID_LOG_INFO, "TLS server name: %s", server_name);
-            dns_resolved(args, server_name, server_name, dest, -1);
+            uid = get_uid(version, protocol, saddr, sport, daddr, dport);
            dns_resolved(args, server_name, server_name, dest, -1, uid);
        }
    }
@ -300,10 +303,9 @@ void handle_ip(const struct arguments *args,
        strcpy(data, "sni");
    // Get uid
    jint uid = -1;
    if (protocol == IPPROTO_ICMP || protocol == IPPROTO_ICMPV6 ||
        (protocol == IPPROTO_UDP && !has_udp_session(args, pkt, payload)) ||
-        (protocol == IPPROTO_TCP && (syn || *server_name != 0))) {
+        (protocol == IPPROTO_TCP && syn)) {
        if (args->ctx->sdk <= 28) // Android 9 Pie
            uid = get_uid(version, protocol, saddr, sport, daddr, dport);
        else
--- a/app/src/main/jni/netguard/netguard.c
+++ b/app/src/main/jni/netguard/netguard.c
@ -580,9 +580,10 @@ jfieldID fidQName = NULL;
 jfieldID fidAName = NULL;
 jfieldID fidResource = NULL;
 jfieldID fidTTL = NULL;
 jfieldID fidDnsUid = NULL;
 void dns_resolved(const struct arguments *args,
-                  const char *qname, const char *aname, const char *resource, int ttl) {
+                  const char *qname, const char *aname, const char *resource, int ttl, jint uid) {
 #ifdef PROFILE_JNI
    float mselapsed;
    struct timeval start, end;
@ -610,6 +611,7 @@ void dns_resolved(const struct arguments *args,
        fidAName = jniGetFieldID(args->env, clsRR, "AName", string);
        fidResource = jniGetFieldID(args->env, clsRR, "Resource", string);
        fidTTL = jniGetFieldID(args->env, clsRR, "TTL", "I");
        fidDnsUid = jniGetFieldID(args->env, clsRR, "uid", "I");
    }
    jlong jtime = time(NULL) * 1000LL;
@ -625,6 +627,7 @@ void dns_resolved(const struct arguments *args,
    (*args->env)->SetObjectField(args->env, jrr, fidAName, janame);
    (*args->env)->SetObjectField(args->env, jrr, fidResource, jresource);
    (*args->env)->SetIntField(args->env, jrr, fidTTL, ttl);
    (*args->env)->SetIntField(args->env, jrr, fidDnsUid, uid);
    (*args->env)->CallVoidMethod(args->env, args->instance, midDnsResolved, jrr);
    jniCheckException(args->env);
--- a/app/src/main/jni/netguard/netguard.h
+++ b/app/src/main/jni/netguard/netguard.h
@ -521,7 +521,7 @@ void log_android(int prio, const char *fmt, ...);
 void log_packet(const struct arguments *args, jobject jpacket);
 void dns_resolved(const struct arguments *args,
-                  const char *qname, const char *aname, const char *resource, int ttl);
+                  const char *qname, const char *aname, const char *resource, int ttl, jint uid);
 jboolean is_domain_blocked(const struct arguments *args, const char *name);
--- a/app/src/main/res/layout/dns.xml
+++ b/app/src/main/res/layout/dns.xml
@ -62,5 +62,11 @@
            android:layout_width="match_parent"
            android:layout_height="wrap_content"
            android:textAppearance="@style/TextSmall" />
        <TextView
            android:id="@+id/tvUid"
            android:layout_width="match_parent"
            android:layout_height="wrap_content"
            android:textAppearance="@style/TextSmall" />
    </LinearLayout>
 </LinearLayout>