Global cleartext restriction DoH support
The "Restrict cleartext network traffic" feature in Developer Options and Other Options does not currently support DNS-over-HTTPS (DoH). For Private DNS, attempting to use the providers cloudflare-dns.com or dns.google (hard-coded in AOSP as supporting DoH) results in failed DNS resolutions when cleartext restriction is enabled.
Logs:
root 879 936 I doh::network::driver: Sending probe to server [2001:4860:4860::8888]:443 on Network 104
root 879 936 W doh::connection: Connection driver returns some Err: Network(Os { code: 1, kind: PermissionDenied, message: "Operation not permitted" })
...and many repeated:
root 879 936 W doh::connection: Connection driver returns some Err: Network(Os { code: 1, kind: PermissionDenied, message: "Operation not permitted" })
root 879 936 I doh::network::driver: Connection died while processing request
root 879 13885 E doh::ffi: Non-successful response: Error { error: ConnectionError }
Feature references:
Blocks changes: