Use DoH for Nebulos own internal HTTP calls

Ch4t4r · Aug 20, 2021 · b384aee · b384aee · ignoramous · Aug 27, 2021
1 parent c10783e
commit b384aee
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 2 deletions.
diff --git a/app/build.gradle b/app/build.gradle
@@ -182,6 +182,7 @@ dependencies {
     leakCanaryImplementation 'com.squareup.leakcanary:leakcanary-android:2.7'
 
     implementation "com.squareup.okhttp3:okhttp:4.9.1"
+    implementation 'com.squareup.okhttp3:okhttp-dnsoverhttps:4.9.1'
     implementation 'com.github.AppIntro:AppIntro:6.0.0'
 
     storeImplementation 'com.google.android.play:core:1.10.0'

diff --git a/app/src/main/java/com/frostnerd/smokescreen/Globals.kt b/app/src/main/java/com/frostnerd/smokescreen/Globals.kt
@@ -21,7 +21,11 @@ import com.frostnerd.encrypteddnstunnelproxy.quic.AbstractQuicDnsHandle
 import com.frostnerd.encrypteddnstunnelproxy.quic.QuicUpstreamAddress
 import com.frostnerd.encrypteddnstunnelproxy.tls.AbstractTLSDnsHandle
 import kotlinx.android.synthetic.main.dialog_privacypolicy.view.*
+import okhttp3.HttpUrl.Companion.toHttpUrl
+import okhttp3.OkHttpClient
+import okhttp3.dnsoverhttps.DnsOverHttps
 import okhttp3.internal.toHexString
+import java.net.InetAddress
 import java.util.*
 
 
@@ -138,4 +142,11 @@ fun createQuicEngineIfInstalled(context: Context, quicOnly:Boolean, vararg addre
     return if (QuicEngineImpl.providerInstalled) {
         QuicEngineImpl(context, quicOnly, *addresses)
     } else null
+}
+
+fun okhttpClientWithDoh(): OkHttpClient {
+    val clientForDoh = OkHttpClient()
+    val dns = DnsOverHttps.Builder().client(clientForDoh).url("https://1.1.1.1/dns-query".toHttpUrl())
+        .bootstrapDnsHosts(InetAddress.getByName("1.1.1.1"), InetAddress.getByName("1.0.0.1")).build()
+    return OkHttpClient.Builder().dns(dns).build()
 }
diff --git a/app/src/main/java/com/frostnerd/smokescreen/SmokeScreen.kt b/app/src/main/java/com/frostnerd/smokescreen/SmokeScreen.kt
@@ -269,7 +269,7 @@ class SmokeScreen : Application() {
             if(configServer.isNotBlank() && configServer.startsWith("http") && !configServer.contains("@")) {
                 log("Dynamically retrieving Sentry DSN from $configServer")
                 val request = Request.Builder().url(configServer).build()
-                OkHttpClient.Builder().build().newCall(request).enqueue(object : Callback {
+                okhttpClientWithDoh().newCall(request).enqueue(object : Callback {
                     override fun onFailure(call: Call, e: IOException) {
                         log("Sentry DSN retrieval failed with error: ${e.message}")
                     }

diff --git a/app/src/main/java/com/frostnerd/smokescreen/service/RuleImportService.kt b/app/src/main/java/com/frostnerd/smokescreen/service/RuleImportService.kt
@@ -68,7 +68,7 @@ class RuleImportService : IntentService("RuleImportService") {
     }
 
     private val httpClient by lazy(LazyThreadSafetyMode.NONE) {
-        OkHttpClient()
+        okhttpClientWithDoh()
     }
 
     override fun attachBaseContext(newBase: Context) {