From ee6788df1eda96a4de0e92804d1ee4d0cc6158ba Mon Sep 17 00:00:00 2001 From: Tad Date: Thu, 3 May 2018 07:38:32 -0400 Subject: [PATCH] Switch from OpenNIC to Cloudflare DNS --- ...06-OpenNIC.patch => 0006-Cloudflare.patch} | 52 ++++++++----- .../0004-Cloudflare.patch | 75 +++++++++++++++++++ .../0004-OpenNIC.patch | 43 ----------- Scripts/LineageOS-14.1/Defaults.sh | 2 +- Scripts/LineageOS-14.1/Patch.sh | 2 +- Scripts/LineageOS-15.1/Defaults.sh | 2 +- Scripts/LineageOS-15.1/Patch.sh | 2 +- TODO | 8 +- 8 files changed, 119 insertions(+), 67 deletions(-) rename Patches/LineageOS-14.1/android_frameworks_base/{0006-OpenNIC.patch => 0006-Cloudflare.patch} (51%) create mode 100644 Patches/LineageOS-15.1/android_frameworks_base/0004-Cloudflare.patch delete mode 100644 Patches/LineageOS-15.1/android_frameworks_base/0004-OpenNIC.patch diff --git a/Patches/LineageOS-14.1/android_frameworks_base/0006-OpenNIC.patch b/Patches/LineageOS-14.1/android_frameworks_base/0006-Cloudflare.patch similarity index 51% rename from Patches/LineageOS-14.1/android_frameworks_base/0006-OpenNIC.patch rename to Patches/LineageOS-14.1/android_frameworks_base/0006-Cloudflare.patch index 444079ad..a1d1e12a 100644 --- a/Patches/LineageOS-14.1/android_frameworks_base/0006-OpenNIC.patch +++ b/Patches/LineageOS-14.1/android_frameworks_base/0006-Cloudflare.patch @@ -1,17 +1,19 @@ -From 3bf0b445f16aa7daa4981e70a7d5dc6c6ea530ea Mon Sep 17 00:00:00 2001 +From 511b38c6a2807417893d5c21cbc27335bf6bead7 Mon Sep 17 00:00:00 2001 From: Tad -Date: Tue, 19 Dec 2017 17:00:40 -0500 -Subject: [PATCH] Change fallback and tethering DNS servers to OpenNIC AnyCast +Date: Thu, 3 May 2018 07:35:30 -0400 +Subject: [PATCH] Change fallback, tethering, and test DNS servers to + Cloudflare -Change-Id: Ib550fad74bb95272c067a02a5da18a80e6ec1e87 +Change-Id: I8031cce58003a45d9b6947ecdcc4d642ef192f52 --- - core/res/res/values/config.xml | 2 +- - packages/SettingsLib/res/values/strings.xml | 4 ++-- - services/core/java/com/android/server/connectivity/Tethering.java | 4 ++-- - 3 files changed, 5 insertions(+), 5 deletions(-) + core/res/res/values/config.xml | 2 +- + packages/SettingsLib/res/values/strings.xml | 4 ++-- + .../com/android/server/connectivity/NetworkDiagnostics.java | 4 ++-- + .../core/java/com/android/server/connectivity/Tethering.java | 4 ++-- + 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml -index c29ff3c90a9..f7cbb5780ff 100755 +index c29ff3c90a9..49f6c04a5e7 100755 --- a/core/res/res/values/config.xml +++ b/core/res/res/values/config.xml @@ -1608,7 +1608,7 @@ @@ -19,12 +21,12 @@ index c29ff3c90a9..f7cbb5780ff 100755 - 8.8.8.8 -+ 185.121.177.177 ++ 1.0.0.1 diff --git a/packages/SettingsLib/res/values/strings.xml b/packages/SettingsLib/res/values/strings.xml -index f9bd24ba69f..12b6f7cb700 100644 +index f9bd24ba69f..67ef212f795 100644 --- a/packages/SettingsLib/res/values/strings.xml +++ b/packages/SettingsLib/res/values/strings.xml @@ -837,9 +837,9 @@ @@ -32,15 +34,31 @@ index f9bd24ba69f..12b6f7cb700 100644 192.168.1.128 - 8.8.8.8 -+ 185.121.177.177 ++ 1.0.0.1 - 8.8.4.4 -+ 169.239.202.202 ++ 1.1.1.1 192.168.1.1 +diff --git a/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java b/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java +index 5f9efe704f7..ea308ca231b 100644 +--- a/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java ++++ b/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java +@@ -84,9 +84,9 @@ import libcore.io.IoUtils; + public class NetworkDiagnostics { + private static final String TAG = "NetworkDiagnostics"; + +- private static final InetAddress TEST_DNS4 = NetworkUtils.numericToInetAddress("8.8.8.8"); ++ private static final InetAddress TEST_DNS4 = NetworkUtils.numericToInetAddress("1.0.0.1"); + private static final InetAddress TEST_DNS6 = NetworkUtils.numericToInetAddress( +- "2001:4860:4860::8888"); ++ "2606:4700:4700::1111"); + + // For brevity elsewhere. + private static final long now() { diff --git a/services/core/java/com/android/server/connectivity/Tethering.java b/services/core/java/com/android/server/connectivity/Tethering.java -index f0cf0d98882..07157873169 100644 +index f0cf0d98882..9240f5ffdfd 100644 --- a/services/core/java/com/android/server/connectivity/Tethering.java +++ b/services/core/java/com/android/server/connectivity/Tethering.java @@ -181,8 +181,8 @@ public class Tethering extends BaseNetworkObserver implements IControlsTethering @@ -49,11 +67,11 @@ index f0cf0d98882..07157873169 100644 private String[] mDefaultDnsServers; - private static final String DNS_DEFAULT_SERVER1 = "8.8.8.8"; - private static final String DNS_DEFAULT_SERVER2 = "8.8.4.4"; -+ private static final String DNS_DEFAULT_SERVER1 = "185.121.177.177"; -+ private static final String DNS_DEFAULT_SERVER2 = "169.239.202.202"; ++ private static final String DNS_DEFAULT_SERVER1 = "1.0.0.1"; ++ private static final String DNS_DEFAULT_SERVER2 = "1.1.1.1"; private final StateMachine mTetherMasterSM; private final UpstreamNetworkMonitor mUpstreamNetworkMonitor; -- -2.15.1 +2.17.0 diff --git a/Patches/LineageOS-15.1/android_frameworks_base/0004-Cloudflare.patch b/Patches/LineageOS-15.1/android_frameworks_base/0004-Cloudflare.patch new file mode 100644 index 00000000..ccab7c27 --- /dev/null +++ b/Patches/LineageOS-15.1/android_frameworks_base/0004-Cloudflare.patch @@ -0,0 +1,75 @@ +From e22081347f0878d93ef0f7ddc21df8ef15ebdec3 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Thu, 3 May 2018 07:28:57 -0400 +Subject: [PATCH] Change fallback, tethering, and test DNS servers to + Cloudflare + +Change-Id: I698295711c3409f01394dce7268461518dfa0064 +--- + core/res/res/values/config.xml | 2 +- + packages/SettingsLib/res/values/strings.xml | 4 ++-- + .../com/android/server/connectivity/NetworkDiagnostics.java | 4 ++-- + .../server/connectivity/tethering/TetheringConfiguration.java | 2 +- + 4 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml +index 3ce8959a983..3b1ae251fad 100644 +--- a/core/res/res/values/config.xml ++++ b/core/res/res/values/config.xml +@@ -1651,7 +1651,7 @@ + true + + +- 8.8.8.8 ++ 1.0.0.1 + + +diff --git a/packages/SettingsLib/res/values/strings.xml b/packages/SettingsLib/res/values/strings.xml +index bd884a3c972..c8fe7e54d9b 100644 +--- a/packages/SettingsLib/res/values/strings.xml ++++ b/packages/SettingsLib/res/values/strings.xml +@@ -921,9 +921,9 @@ + + 192.168.1.128 + +- 8.8.8.8 ++ 1.0.0.1 + +- 8.8.4.4 ++ 1.1.1.1 + + 192.168.1.1 + +diff --git a/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java b/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java +index 85d1d1ef1d7..6681109ea4a 100644 +--- a/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java ++++ b/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java +@@ -85,9 +85,9 @@ import libcore.io.IoUtils; + public class NetworkDiagnostics { + private static final String TAG = "NetworkDiagnostics"; + +- private static final InetAddress TEST_DNS4 = NetworkUtils.numericToInetAddress("8.8.8.8"); ++ private static final InetAddress TEST_DNS4 = NetworkUtils.numericToInetAddress("1.0.0.1"); + private static final InetAddress TEST_DNS6 = NetworkUtils.numericToInetAddress( +- "2001:4860:4860::8888"); ++ "2606:4700:4700::1111"); + + // For brevity elsewhere. + private static final long now() { +diff --git a/services/core/java/com/android/server/connectivity/tethering/TetheringConfiguration.java b/services/core/java/com/android/server/connectivity/tethering/TetheringConfiguration.java +index acbc10b9dc4..6dd661bfdb8 100644 +--- a/services/core/java/com/android/server/connectivity/tethering/TetheringConfiguration.java ++++ b/services/core/java/com/android/server/connectivity/tethering/TetheringConfiguration.java +@@ -65,7 +65,7 @@ public class TetheringConfiguration { + "192.168.48.2", "192.168.48.254", "192.168.49.2", "192.168.49.254", + }; + +- private final String[] DEFAULT_IPV4_DNS = {"8.8.4.4", "8.8.8.8"}; ++ private final String[] DEFAULT_IPV4_DNS = {"1.0.0.1", "1.1.1.1"}; + + public final String[] tetherableUsbRegexs; + public final String[] tetherableWifiRegexs; +-- +2.17.0 + diff --git a/Patches/LineageOS-15.1/android_frameworks_base/0004-OpenNIC.patch b/Patches/LineageOS-15.1/android_frameworks_base/0004-OpenNIC.patch deleted file mode 100644 index 8f4fdea3..00000000 --- a/Patches/LineageOS-15.1/android_frameworks_base/0004-OpenNIC.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 050ab097e1cc3253af8926342371b6025d1ea162 Mon Sep 17 00:00:00 2001 -From: Tad -Date: Mon, 12 Feb 2018 02:52:08 -0500 -Subject: [PATCH] Change fallback DNS servers to OpenNIC AnyCast - -Change-Id: Ib0e3f665be73e5b87d6e4da24f73190a17e334d9 ---- - core/res/res/values/config.xml | 2 +- - packages/SettingsLib/res/values/strings.xml | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml -index 3ce8959a983..00548fbc2f6 100644 ---- a/core/res/res/values/config.xml -+++ b/core/res/res/values/config.xml -@@ -1651,7 +1651,7 @@ - true - - -- 8.8.8.8 -+ 185.121.177.177 - - -diff --git a/packages/SettingsLib/res/values/strings.xml b/packages/SettingsLib/res/values/strings.xml -index bd884a3c972..ee4db8723a4 100644 ---- a/packages/SettingsLib/res/values/strings.xml -+++ b/packages/SettingsLib/res/values/strings.xml -@@ -921,9 +921,9 @@ - - 192.168.1.128 - -- 8.8.8.8 -+ 185.121.177.177 - -- 8.8.4.4 -+ 169.239.202.202 - - 192.168.1.1 - --- -2.16.1 - diff --git a/Scripts/LineageOS-14.1/Defaults.sh b/Scripts/LineageOS-14.1/Defaults.sh index 4e1e5aec..088ab9bf 100644 --- a/Scripts/LineageOS-14.1/Defaults.sh +++ b/Scripts/LineageOS-14.1/Defaults.sh @@ -71,7 +71,7 @@ sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.o awk -i inplace '!/def_backup_transport/' overlay/common/frameworks/base/packages/SettingsProvider/res/values/defaults.xml; sed -i 's|config_mms_user_agent">LineageOS|config_mms_user_agent">Android-Mms/2.0|' overlay/common/frameworks/base/core/res/res/values/config.xml; sed -i 's/config_storage_manager_settings_enabled">true/config_storage_manager_settings_enabled">false/' overlay/common/packages/apps/Settings/res/values/config.xml; -sed -i 's/config_enableRecoveryUpdater">false/config_enableRecoveryUpdater">true/' overlay/common/packages/apps/Settings/res/values/config.xml; +#sed -i 's/config_enableRecoveryUpdater">false/config_enableRecoveryUpdater">true/' overlay/common/packages/apps/Settings/res/values/config.xml; enter "vendor/cmsdk"; sed -i 's/config_enableAppSuggestOverlay" translatable="false">true/config_enableAppSuggestOverlay" translatable="false">false/' cm/res/res/values/config.xml; diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh index 0c545408..6821fe39 100755 --- a/Scripts/LineageOS-14.1/Patch.sh +++ b/Scripts/LineageOS-14.1/Patch.sh @@ -82,7 +82,7 @@ sed -i 's|config_permissionReviewRequired">false|config_permissionReviewRequired patch -p1 < $patches"android_frameworks_base/0001-Reduced_Resolution.patch"; #Allow reducing resolution to save power TODO: Add 800x480 patch -p1 < $patches"android_frameworks_base/0003-Signature_Spoofing.patch"; #Allow packages to spoof their signature (MicroG) patch -p1 < $patches"android_frameworks_base/0005-Harden_Sig_Spoofing.patch"; #Restrict signature spoofing to system apps signed with the platform key -patch -p1 < $patches"android_frameworks_base/0006-OpenNIC.patch"; #Change fallback and tethering DNS servers to OpenNIC AnyCast +patch -p1 < $patches"android_frameworks_base/0006-Cloudflare.patch"; #Switch to Cloudflare DNS rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps rm core/res/res/values/config.xml.orig core/res/res/values/strings.xml.orig; diff --git a/Scripts/LineageOS-15.1/Defaults.sh b/Scripts/LineageOS-15.1/Defaults.sh index ef71e0b5..95c8da6b 100644 --- a/Scripts/LineageOS-15.1/Defaults.sh +++ b/Scripts/LineageOS-15.1/Defaults.sh @@ -79,7 +79,7 @@ awk -i inplace '!/def_backup_transport/' overlay/common/frameworks/base/packages sed -i 's|config_mms_user_agent">LineageOS|config_mms_user_agent">Android-Mms/2.0|' overlay/common/frameworks/base/core/res/res/values/config.xml; sed -i 's/def_stats_collection">true/def_stats_collection">false/' overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; sed -i 's/config_storage_manager_settings_enabled">true/config_storage_manager_settings_enabled">false/' overlay/common/packages/apps/Settings/res/values/config.xml; -sed -i 's/config_enableRecoveryUpdater">false/config_enableRecoveryUpdater">true/' overlay/common/packages/apps/Settings/res/values/config.xml; +#sed -i 's/config_enableRecoveryUpdater">false/config_enableRecoveryUpdater">true/' overlay/common/packages/apps/Settings/res/values/config.xml; cd $base; echo "Default settings changed!"; diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh index 6e9a68aa..1c392932 100755 --- a/Scripts/LineageOS-15.1/Patch.sh +++ b/Scripts/LineageOS-15.1/Patch.sh @@ -79,7 +79,7 @@ sed -i 's/com.android.messaging/org.smssecure.smssecure/' core/res/res/values/co sed -i 's|config_permissionReviewRequired">false|config_permissionReviewRequired">true|' core/res/res/values/config.xml; patch -p1 < $patches"android_frameworks_base/0002-Signature_Spoofing.patch"; #Allow packages to spoof their signature (microG) patch -p1 < $patches"android_frameworks_base/0003-Harden_Sig_Spoofing.patch"; #Restrict signature spoofing to system apps signed with the platform key -patch -p1 < $patches"android_frameworks_base/0004-OpenNIC.patch"; #Change fallback and tethering DNS servers to OpenNIC AnyCast +patch -p1 < $patches"android_frameworks_base/0004-Cloudflare.patch"; #Switch to Cloudflare DNS if [ "$NON_COMMERCIAL_USE_PATCHES" = true ]; then patch -p1 < $patches"android_frameworks_base/Copperhead/0005-Deny_USB.patch"; fi; #Deny USB support (Copperhead CC BY-NC-SA) rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps rm core/res/res/values/config.xml.orig core/res/res/values/strings.xml.orig; diff --git a/TODO b/TODO index d2137400..5e4f7f50 100644 --- a/TODO +++ b/TODO @@ -3,7 +3,7 @@ Last updated: 2018-04-29 High Priority (Release blockers) Build - Automate incremental update generation - - Replace HOSTS file with DNS66 + - Replace HOSTS file with a minimal one, and ship DNS66 Project - Create cryptocurrency addresses - Setup Stripe @@ -49,12 +49,12 @@ Low Priority - Documentation - Expose more options -Longterm - These are in no particular order and aren't necessarily going to happen +Longterm Build - Add automated testing/verification of edits - Replace all the bash scripts with Python - Replace the deblobber with a program in Golang - - Switch to AOSP and create clean trees for all of the major/popular devices + - Switch to AOSP and create clean trees for all of the major devices Linux Patches - Automate pulling of CVE patches from Android and Qualcomm bulletins - Get more CVE patches, especially for 3.4 @@ -65,6 +65,8 @@ Longterm - These are in no particular order and aren't necessarily going to happ - Create an Mobile Device Manager solution - Create our own device - General auditing of everything + - Partner with various projects + - Purchase one of each supported device Website - Create a 'Video Tutorials' page