Only resolve via DoH for specific hostnames

2020-06-03 01:15:05 -07:00 · 2020-06-03 01:15:05 -07:00 · a17908f6e1
commit a17908f6e1
parent cb7148a24c
2 changed files with 26 additions and 14 deletions
--- a/app/build.gradle
+++ b/app/build.gradle
@ -54,6 +54,7 @@ android {
        exclude '/org/bouncycastle/**'
        exclude '/kotlin/**'
        exclude '/kotlinx/**'
+        exclude '/okhttp3/**'
    }

    kotlinOptions {
--- a/app/src/main/java/com/topjohnwu/magisk/di/NetworkingModule.kt
+++ b/app/src/main/java/com/topjohnwu/magisk/di/NetworkingModule.kt
@ -12,6 +12,7 @@ import io.noties.markwon.Markwon
 import io.noties.markwon.html.HtmlPlugin
 import io.noties.markwon.image.ImagesPlugin
 import io.noties.markwon.image.network.OkHttpNetworkSchemeHandler
+import okhttp3.Dns
 import okhttp3.HttpUrl
 import okhttp3.OkHttpClient
 import okhttp3.dnsoverhttps.DnsOverHttps
@ -46,7 +47,7 @@ fun createOkHttpClient(context: Context): OkHttpClient {
        builder.sslSocketFactory(NoSSLv3SocketFactory())
    }

-    builder.dns(DnsOverHttps.Builder().client(builder.build())
+    val doh = DnsOverHttps.Builder().client(builder.build())
        .url(HttpUrl.get("https://cloudflare-dns.com/dns-query"))
        .bootstrapDnsHosts(listOf(
            InetAddress.getByName("162.159.36.1"),
@ -59,7 +60,17 @@ fun createOkHttpClient(context: Context): OkHttpClient {
            InetAddress.getByName("2606:4700:4700::0064"),
            InetAddress.getByName("2606:4700:4700::6400")
        ))
-            .build())
+        .resolvePrivateAddresses(true)  /* To make PublicSuffixDatabase never used */
+        .build()
+
+    builder.dns { hostname ->
+        // Only resolve via DoH for known DNS polluted hostnames
+        if (hostname == "raw.githubusercontent.com") {
+            doh.lookup(hostname)
+        } else {
+            Dns.SYSTEM.lookup(hostname)
+        }
+    }

    return builder.build()
 }