1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/dns/host_resolver_manager.h"
6
7 #include <iterator>
8 #include <limits>
9 #include <string>
10 #include <tuple>
11 #include <utility>
12 #include <vector>
13
14 #include "base/auto_reset.h"
15 #include "base/containers/contains.h"
16 #include "base/functional/bind.h"
17 #include "base/functional/callback_helpers.h"
18 #include "base/location.h"
19 #include "base/memory/raw_ptr.h"
20 #include "base/memory/ref_counted.h"
21 #include "base/numerics/safe_conversions.h"
22 #include "base/rand_util.h"
23 #include "base/ranges/algorithm.h"
24 #include "base/run_loop.h"
25 #include "base/strings/string_number_conversions.h"
26 #include "base/strings/string_util.h"
27 #include "base/strings/stringprintf.h"
28 #include "base/synchronization/condition_variable.h"
29 #include "base/synchronization/lock.h"
30 #include "base/task/sequenced_task_runner.h"
31 #include "base/task/single_thread_task_runner.h"
32 #include "base/task/thread_pool/thread_pool_instance.h"
33 #include "base/test/bind.h"
34 #include "base/test/metrics/histogram_tester.h"
35 #include "base/test/mock_callback.h"
36 #include "base/test/scoped_feature_list.h"
37 #include "base/test/simple_test_clock.h"
38 #include "base/test/test_mock_time_task_runner.h"
39 #include "base/test/test_timeouts.h"
40 #include "base/test/to_vector.h"
41 #include "base/threading/thread_restrictions.h"
42 #include "base/time/time.h"
43 #include "base/timer/mock_timer.h"
44 #include "base/values.h"
45 #include "build/build_config.h"
46 #include "net/base/address_family.h"
47 #include "net/base/address_list.h"
48 #include "net/base/connection_endpoint_metadata_test_util.h"
49 #include "net/base/features.h"
50 #include "net/base/host_port_pair.h"
51 #include "net/base/ip_address.h"
52 #include "net/base/ip_endpoint.h"
53 #include "net/base/mock_network_change_notifier.h"
54 #include "net/base/net_errors.h"
55 #include "net/base/network_anonymization_key.h"
56 #include "net/base/network_change_notifier.h"
57 #include "net/base/network_interfaces.h"
58 #include "net/base/schemeful_site.h"
59 #include "net/dns/dns_client.h"
60 #include "net/dns/dns_config.h"
61 #include "net/dns/dns_test_util.h"
62 #include "net/dns/dns_util.h"
63 #include "net/dns/host_resolver.h"
64 #include "net/dns/host_resolver_results_test_util.h"
65 #include "net/dns/host_resolver_system_task.h"
66 #include "net/dns/mock_host_resolver.h"
67 #include "net/dns/mock_mdns_client.h"
68 #include "net/dns/mock_mdns_socket_factory.h"
69 #include "net/dns/public/dns_config_overrides.h"
70 #include "net/dns/public/dns_over_https_config.h"
71 #include "net/dns/public/dns_protocol.h"
72 #include "net/dns/public/dns_query_type.h"
73 #include "net/dns/public/doh_provider_entry.h"
74 #include "net/dns/public/mdns_listener_update_type.h"
75 #include "net/dns/public/resolve_error_info.h"
76 #include "net/dns/public/secure_dns_mode.h"
77 #include "net/dns/public/secure_dns_policy.h"
78 #include "net/dns/resolve_context.h"
79 #include "net/dns/test_dns_config_service.h"
80 #include "net/log/net_log_event_type.h"
81 #include "net/log/net_log_source_type.h"
82 #include "net/log/net_log_with_source.h"
83 #include "net/log/test_net_log.h"
84 #include "net/log/test_net_log_util.h"
85 #include "net/proxy_resolution/configured_proxy_resolution_service.h"
86 #include "net/socket/next_proto.h"
87 #include "net/socket/socket_test_util.h"
88 #include "net/test/gtest_util.h"
89 #include "net/test/test_with_task_environment.h"
90 #include "net/url_request/url_request_context.h"
91 #include "net/url_request/url_request_context_builder.h"
92 #include "net/url_request/url_request_test_util.h"
93 #include "testing/gmock/include/gmock/gmock.h"
94 #include "testing/gtest/include/gtest/gtest.h"
95 #include "url/gurl.h"
96 #include "url/scheme_host_port.h"
97 #include "url/url_constants.h"
98
99 #if BUILDFLAG(ENABLE_MDNS)
100 #include "net/dns/mdns_client_impl.h"
101 #endif // BUILDFLAG(ENABLE_MDNS)
102
103 using net::test::IsError;
104 using net::test::IsOk;
105 using ::testing::_;
106 using ::testing::AllOf;
107 using ::testing::AnyOf;
108 using ::testing::Between;
109 using ::testing::ByMove;
110 using ::testing::Contains;
111 using ::testing::Eq;
112 using ::testing::IsEmpty;
113 using ::testing::Not;
114 using ::testing::Optional;
115 using ::testing::Pair;
116 using ::testing::Pointee;
117 using ::testing::Property;
118 using ::testing::Return;
119 using ::testing::UnorderedElementsAre;
120
121 namespace net {
122
123 namespace {
124
125 const size_t kMaxJobs = 10u;
126 const size_t kMaxRetryAttempts = 4u;
127
DefaultParams(scoped_refptr<HostResolverProc> resolver_proc)128 HostResolverSystemTask::Params DefaultParams(
129 scoped_refptr<HostResolverProc> resolver_proc) {
130 return HostResolverSystemTask::Params(std::move(resolver_proc),
131 kMaxRetryAttempts);
132 }
133
134 // A HostResolverProc that pushes each host mapped into a list and allows
135 // waiting for a specific number of requests. Unlike RuleBasedHostResolverProc
136 // it never calls SystemHostResolverCall. By default resolves all hostnames to
137 // "127.0.0.1". After AddRule(), it resolves only names explicitly specified.
138 class MockHostResolverProc : public HostResolverProc {
139 public:
140 struct ResolveKey {
ResolveKeynet::__anon5c78f6450111::MockHostResolverProc::ResolveKey141 ResolveKey(const std::string& hostname,
142 AddressFamily address_family,
143 HostResolverFlags flags)
144 : hostname(hostname), address_family(address_family), flags(flags) {}
operator <net::__anon5c78f6450111::MockHostResolverProc::ResolveKey145 bool operator<(const ResolveKey& other) const {
146 return std::tie(address_family, hostname, flags) <
147 std::tie(other.address_family, other.hostname, other.flags);
148 }
149 std::string hostname;
150 AddressFamily address_family;
151 HostResolverFlags flags;
152 };
153
154 typedef std::vector<ResolveKey> CaptureList;
155
MockHostResolverProc()156 MockHostResolverProc()
157 : HostResolverProc(nullptr),
158 requests_waiting_(&lock_),
159 slots_available_(&lock_) {}
160
161 MockHostResolverProc(const MockHostResolverProc&) = delete;
162 MockHostResolverProc& operator=(const MockHostResolverProc&) = delete;
163
164 // Waits until |count| calls to |Resolve| are blocked. Returns false when
165 // timed out.
WaitFor(unsigned count)166 bool WaitFor(unsigned count) {
167 base::AutoLock lock(lock_);
168 base::Time start_time = base::Time::Now();
169 while (num_requests_waiting_ < count) {
170 requests_waiting_.TimedWait(TestTimeouts::action_timeout());
171 if (base::Time::Now() > start_time + TestTimeouts::action_timeout())
172 return false;
173 }
174 return true;
175 }
176
177 // Signals |count| waiting calls to |Resolve|. First come first served.
SignalMultiple(unsigned count)178 void SignalMultiple(unsigned count) {
179 base::AutoLock lock(lock_);
180 num_slots_available_ += count;
181 slots_available_.Broadcast();
182 }
183
184 // Signals all waiting calls to |Resolve|. Beware of races.
SignalAll()185 void SignalAll() {
186 base::AutoLock lock(lock_);
187 num_slots_available_ = num_requests_waiting_;
188 slots_available_.Broadcast();
189 }
190
AddRule(const std::string & hostname,AddressFamily family,const AddressList & result,HostResolverFlags flags=0)191 void AddRule(const std::string& hostname,
192 AddressFamily family,
193 const AddressList& result,
194 HostResolverFlags flags = 0) {
195 base::AutoLock lock(lock_);
196 rules_[ResolveKey(hostname, family, flags)] = result;
197 }
198
AddRule(const std::string & hostname,AddressFamily family,const std::string & ip_list,HostResolverFlags flags=0,const std::string & canonical_name="")199 void AddRule(const std::string& hostname,
200 AddressFamily family,
201 const std::string& ip_list,
202 HostResolverFlags flags = 0,
203 const std::string& canonical_name = "") {
204 AddressList result;
205 std::vector<std::string> dns_aliases;
206 if (canonical_name != "")
207 dns_aliases = {canonical_name};
208 int rv = ParseAddressList(ip_list, &result.endpoints());
209 result.SetDnsAliases(dns_aliases);
210 DCHECK_EQ(OK, rv);
211 AddRule(hostname, family, result, flags);
212 }
213
AddRuleForAllFamilies(const std::string & hostname,const std::string & ip_list,HostResolverFlags flags=0,const std::string & canonical_name="")214 void AddRuleForAllFamilies(const std::string& hostname,
215 const std::string& ip_list,
216 HostResolverFlags flags = 0,
217 const std::string& canonical_name = "") {
218 AddressList result;
219 std::vector<std::string> dns_aliases;
220 if (canonical_name != "")
221 dns_aliases = {canonical_name};
222 int rv = ParseAddressList(ip_list, &result.endpoints());
223 result.SetDnsAliases(dns_aliases);
224 DCHECK_EQ(OK, rv);
225 AddRule(hostname, ADDRESS_FAMILY_UNSPECIFIED, result, flags);
226 AddRule(hostname, ADDRESS_FAMILY_IPV4, result, flags);
227 AddRule(hostname, ADDRESS_FAMILY_IPV6, result, flags);
228 }
229
Resolve(const std::string & hostname,AddressFamily address_family,HostResolverFlags host_resolver_flags,AddressList * addrlist,int * os_error)230 int Resolve(const std::string& hostname,
231 AddressFamily address_family,
232 HostResolverFlags host_resolver_flags,
233 AddressList* addrlist,
234 int* os_error) override {
235 base::AutoLock lock(lock_);
236 capture_list_.emplace_back(hostname, address_family, host_resolver_flags);
237 ++num_requests_waiting_;
238 requests_waiting_.Broadcast();
239 {
240 base::ScopedAllowBaseSyncPrimitivesForTesting
241 scoped_allow_base_sync_primitives;
242 while (!num_slots_available_)
243 slots_available_.Wait();
244 }
245 DCHECK_GT(num_requests_waiting_, 0u);
246 --num_slots_available_;
247 --num_requests_waiting_;
248 if (rules_.empty()) {
249 int rv = ParseAddressList("127.0.0.1", &addrlist->endpoints());
250 DCHECK_EQ(OK, rv);
251 return OK;
252 }
253 ResolveKey key(hostname, address_family, host_resolver_flags);
254 if (rules_.count(key) == 0)
255 return ERR_NAME_NOT_RESOLVED;
256 *addrlist = rules_[key];
257 return OK;
258 }
259
GetCaptureList() const260 CaptureList GetCaptureList() const {
261 CaptureList copy;
262 {
263 base::AutoLock lock(lock_);
264 copy = capture_list_;
265 }
266 return copy;
267 }
268
ClearCaptureList()269 void ClearCaptureList() {
270 base::AutoLock lock(lock_);
271 capture_list_.clear();
272 }
273
HasBlockedRequests() const274 bool HasBlockedRequests() const {
275 base::AutoLock lock(lock_);
276 return num_requests_waiting_ > num_slots_available_;
277 }
278
279 protected:
280 ~MockHostResolverProc() override = default;
281
282 private:
283 mutable base::Lock lock_;
284 std::map<ResolveKey, AddressList> rules_;
285 CaptureList capture_list_;
286 unsigned num_requests_waiting_ = 0;
287 unsigned num_slots_available_ = 0;
288 base::ConditionVariable requests_waiting_;
289 base::ConditionVariable slots_available_;
290 };
291
292 class ResolveHostResponseHelper {
293 public:
294 using Callback =
295 base::OnceCallback<void(CompletionOnceCallback completion_callback,
296 int error)>;
297
298 ResolveHostResponseHelper() = default;
ResolveHostResponseHelper(std::unique_ptr<HostResolver::ResolveHostRequest> request)299 explicit ResolveHostResponseHelper(
300 std::unique_ptr<HostResolver::ResolveHostRequest> request)
301 : request_(std::move(request)) {
302 top_level_result_error_ = request_->Start(base::BindOnce(
303 &ResolveHostResponseHelper::OnComplete, base::Unretained(this)));
304 }
ResolveHostResponseHelper(std::unique_ptr<HostResolver::ResolveHostRequest> request,Callback custom_callback)305 ResolveHostResponseHelper(
306 std::unique_ptr<HostResolver::ResolveHostRequest> request,
307 Callback custom_callback)
308 : request_(std::move(request)) {
309 top_level_result_error_ = request_->Start(
310 base::BindOnce(std::move(custom_callback),
311 base::BindOnce(&ResolveHostResponseHelper::OnComplete,
312 base::Unretained(this))));
313 }
314
315 ResolveHostResponseHelper(const ResolveHostResponseHelper&) = delete;
316 ResolveHostResponseHelper& operator=(const ResolveHostResponseHelper&) =
317 delete;
318
complete() const319 bool complete() const { return top_level_result_error_ != ERR_IO_PENDING; }
320
top_level_result_error()321 int top_level_result_error() {
322 WaitForCompletion();
323 return top_level_result_error_;
324 }
325
result_error()326 int result_error() {
327 WaitForCompletion();
328 return request_->GetResolveErrorInfo().error;
329 }
330
request()331 HostResolver::ResolveHostRequest* request() { return request_.get(); }
332
CancelRequest()333 void CancelRequest() {
334 DCHECK(request_);
335 DCHECK(!complete());
336
337 request_ = nullptr;
338 }
339
OnComplete(int error)340 void OnComplete(int error) {
341 DCHECK(!complete());
342 top_level_result_error_ = error;
343
344 run_loop_.Quit();
345 }
346
347 private:
WaitForCompletion()348 void WaitForCompletion() {
349 DCHECK(request_);
350 if (complete()) {
351 return;
352 }
353 run_loop_.Run();
354 DCHECK(complete());
355 }
356
357 std::unique_ptr<HostResolver::ResolveHostRequest> request_;
358 int top_level_result_error_ = ERR_IO_PENDING;
359 base::RunLoop run_loop_;
360 };
361
362 // Using LookupAttemptHostResolverProc simulate very long lookups, and control
363 // which attempt resolves the host.
364 class LookupAttemptHostResolverProc : public HostResolverProc {
365 public:
LookupAttemptHostResolverProc(HostResolverProc * previous,int attempt_number_to_resolve,int total_attempts)366 LookupAttemptHostResolverProc(HostResolverProc* previous,
367 int attempt_number_to_resolve,
368 int total_attempts)
369 : HostResolverProc(previous),
370 attempt_number_to_resolve_(attempt_number_to_resolve),
371 total_attempts_(total_attempts),
372 all_done_(&lock_),
373 blocked_attempt_signal_(&lock_) {}
374
375 // Test harness will wait for all attempts to finish before checking the
376 // results.
WaitForAllAttemptsToFinish()377 void WaitForAllAttemptsToFinish() {
378 base::AutoLock auto_lock(lock_);
379 while (total_attempts_resolved_ != total_attempts_) {
380 all_done_.Wait();
381 }
382 }
383
WaitForNAttemptsToBeBlocked(int n)384 void WaitForNAttemptsToBeBlocked(int n) {
385 base::AutoLock auto_lock(lock_);
386 while (num_attempts_waiting_ < n) {
387 blocked_attempt_signal_.Wait();
388 }
389 }
390
391 // All attempts will wait for an attempt to resolve the host.
WaitForAnAttemptToComplete()392 void WaitForAnAttemptToComplete() {
393 {
394 base::AutoLock auto_lock(lock_);
395 base::ScopedAllowBaseSyncPrimitivesForTesting
396 scoped_allow_base_sync_primitives;
397 while (resolved_attempt_number_ == 0)
398 all_done_.Wait();
399 }
400 all_done_.Broadcast(); // Tell all waiting attempts to proceed.
401 }
402
403 // Returns the number of attempts that have finished the Resolve() method.
GetTotalAttemptsResolved()404 int GetTotalAttemptsResolved() {
405 base::AutoLock auto_lock(lock_);
406 return total_attempts_resolved_;
407 }
408
409 // Sets the resolved attempt number and unblocks waiting
410 // attempts.
SetResolvedAttemptNumber(int n)411 void SetResolvedAttemptNumber(int n) {
412 base::AutoLock auto_lock(lock_);
413 EXPECT_EQ(0, resolved_attempt_number_);
414 resolved_attempt_number_ = n;
415 all_done_.Broadcast();
416 }
417
418 // HostResolverProc methods.
Resolve(const std::string & host,AddressFamily address_family,HostResolverFlags host_resolver_flags,AddressList * addrlist,int * os_error)419 int Resolve(const std::string& host,
420 AddressFamily address_family,
421 HostResolverFlags host_resolver_flags,
422 AddressList* addrlist,
423 int* os_error) override {
424 bool wait_for_right_attempt_to_complete = true;
425 {
426 base::AutoLock auto_lock(lock_);
427 ++current_attempt_number_;
428 ++num_attempts_waiting_;
429 if (current_attempt_number_ == attempt_number_to_resolve_) {
430 resolved_attempt_number_ = current_attempt_number_;
431 wait_for_right_attempt_to_complete = false;
432 }
433 }
434
435 blocked_attempt_signal_.Broadcast();
436
437 if (wait_for_right_attempt_to_complete)
438 // Wait for the attempt_number_to_resolve_ attempt to resolve.
439 WaitForAnAttemptToComplete();
440
441 int result = ResolveUsingPrevious(host, address_family, host_resolver_flags,
442 addrlist, os_error);
443
444 {
445 base::AutoLock auto_lock(lock_);
446 ++total_attempts_resolved_;
447 --num_attempts_waiting_;
448 }
449
450 all_done_.Broadcast(); // Tell all attempts to proceed.
451
452 // Since any negative number is considered a network error, with -1 having
453 // special meaning (ERR_IO_PENDING). We could return the attempt that has
454 // resolved the host as a negative number. For example, if attempt number 3
455 // resolves the host, then this method returns -4.
456 if (result == OK)
457 return -1 - resolved_attempt_number_;
458 else
459 return result;
460 }
461
462 protected:
463 ~LookupAttemptHostResolverProc() override = default;
464
465 private:
466 int attempt_number_to_resolve_;
467 int current_attempt_number_ = 0; // Incremented whenever Resolve is called.
468 int total_attempts_;
469 int total_attempts_resolved_ = 0;
470 int resolved_attempt_number_ = 0;
471 int num_attempts_waiting_ = 0;
472
473 // All attempts wait for right attempt to be resolve.
474 base::Lock lock_;
475 base::ConditionVariable all_done_;
476 base::ConditionVariable blocked_attempt_signal_;
477 };
478
479 // TestHostResolverManager's sole purpose is to mock the IPv6 reachability test.
480 // By default, this pretends that IPv6 is globally reachable.
481 // This class is necessary so unit tests run the same on dual-stack machines as
482 // well as IPv4 only machines.
483 class TestHostResolverManager : public HostResolverManager {
484 public:
TestHostResolverManager(const HostResolver::ManagerOptions & options,SystemDnsConfigChangeNotifier * notifier,NetLog * net_log,bool ipv6_reachable=true,bool ipv4_reachable=true,bool is_async=false)485 TestHostResolverManager(const HostResolver::ManagerOptions& options,
486 SystemDnsConfigChangeNotifier* notifier,
487 NetLog* net_log,
488 bool ipv6_reachable = true,
489 bool ipv4_reachable = true,
490 bool is_async = false)
491 : HostResolverManager(options, notifier, net_log),
492 ipv6_reachable_(ipv6_reachable),
493 ipv4_reachable_(ipv4_reachable),
494 is_async_(is_async) {}
495
496 ~TestHostResolverManager() override = default;
497
498 private:
499 const bool ipv6_reachable_;
500 const bool ipv4_reachable_;
501 const bool is_async_;
502
StartGloballyReachableCheck(const IPAddress & dest,const NetLogWithSource & net_log,ClientSocketFactory * client_socket_factory,CompletionOnceCallback callback)503 int StartGloballyReachableCheck(const IPAddress& dest,
504 const NetLogWithSource& net_log,
505 ClientSocketFactory* client_socket_factory,
506 CompletionOnceCallback callback) override {
507 int rv = OK;
508 if (dest.IsIPv6()) {
509 rv = ipv6_reachable_ ? OK : ERR_FAILED;
510 } else {
511 rv = ipv4_reachable_ ? OK : ERR_FAILED;
512 }
513 if (is_async_) {
514 base::SingleThreadTaskRunner::GetCurrentDefault()->PostTask(
515 FROM_HERE, base::BindOnce(std::move(callback), rv));
516 return ERR_IO_PENDING;
517 }
518 return rv;
519 }
520 };
521
HasAddress(const IPAddress & search_address,const std::vector<IPEndPoint> & addresses)522 bool HasAddress(const IPAddress& search_address,
523 const std::vector<IPEndPoint>& addresses) {
524 for (const auto& address : addresses) {
525 if (search_address == address.address())
526 return true;
527 }
528 return false;
529 }
530
TestBothLoopbackIPs(const std::string & host)531 void TestBothLoopbackIPs(const std::string& host) {
532 std::vector<IPEndPoint> addresses;
533 EXPECT_TRUE(ResolveLocalHostname(host, &addresses));
534 EXPECT_EQ(2u, addresses.size());
535 EXPECT_TRUE(HasAddress(IPAddress::IPv4Localhost(), addresses));
536 EXPECT_TRUE(HasAddress(IPAddress::IPv6Localhost(), addresses));
537 }
538
539 // Returns the DoH provider entry in `DohProviderEntry::GetList()` that matches
540 // `provider`. Crashes if there is no matching entry.
GetDohProviderEntryForTesting(base::StringPiece provider)541 const DohProviderEntry& GetDohProviderEntryForTesting(
542 base::StringPiece provider) {
543 auto provider_list = DohProviderEntry::GetList();
544 auto it =
545 base::ranges::find(provider_list, provider, &DohProviderEntry::provider);
546 CHECK(it != provider_list.end());
547 return **it;
548 }
549
550 } // namespace
551
552 class HostResolverManagerTest : public TestWithTaskEnvironment {
553 public:
554 static const int kDefaultPort = 80;
555
HostResolverManagerTest(base::test::TaskEnvironment::TimeSource time_source=base::test::TaskEnvironment::TimeSource::SYSTEM_TIME)556 explicit HostResolverManagerTest(
557 base::test::TaskEnvironment::TimeSource time_source =
558 base::test::TaskEnvironment::TimeSource::SYSTEM_TIME)
559 : TestWithTaskEnvironment(time_source),
560 proc_(base::MakeRefCounted<MockHostResolverProc>()) {}
561
CreateResolver(bool check_ipv6_on_wifi=true)562 void CreateResolver(bool check_ipv6_on_wifi = true) {
563 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
564 true /* ipv6_reachable */,
565 check_ipv6_on_wifi);
566 }
567
DestroyResolver()568 void DestroyResolver() {
569 if (!resolver_)
570 return;
571
572 resolver_->DeregisterResolveContext(resolve_context_.get());
573 resolver_ = nullptr;
574 }
575
576 // This HostResolverManager will only allow 1 outstanding resolve at a time
577 // and perform no retries.
CreateSerialResolver(bool check_ipv6_on_wifi=true,bool ipv6_reachable=true,bool is_async=false)578 void CreateSerialResolver(bool check_ipv6_on_wifi = true,
579 bool ipv6_reachable = true,
580 bool is_async = false) {
581 HostResolverSystemTask::Params params = DefaultParams(proc_);
582 params.max_retry_attempts = 0u;
583 CreateResolverWithLimitsAndParams(1u, params, ipv6_reachable,
584 check_ipv6_on_wifi, is_async);
585 }
586
587 void StaleAllowedFromIpTest(bool is_async);
588 void LocalOnlyFromIpTest(bool is_async);
589 void ChangePriorityTest(bool is_async);
590 void AbortOnlyExistingRequestsOnIPAddressChangeTest(bool is_async);
591 void FlushCacheOnIPAddressChangeTest(bool is_async);
592 void AbortOnIPAddressChangedTest(bool is_async);
593 void NumericIPv6AddressTest(bool is_async);
594 void NumericIPv6AddressWithSchemeTest(bool is_async);
595 void LocalhostIPV4IPV6LookupTest(bool is_async);
596 void IPv4AddressLiteralInIPv6OnlyNetworkTest(bool is_async);
597 void IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(bool is_async);
598 void IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(bool is_async);
599 void IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(bool is_async);
600
601 protected:
602 // testing::Test implementation:
SetUp()603 void SetUp() override {
604 request_context_ = CreateTestURLRequestContextBuilder()->Build();
605 resolve_context_ = std::make_unique<ResolveContext>(
606 request_context_.get(), true /* enable_caching */);
607 CreateResolver();
608 }
609
TearDown()610 void TearDown() override {
611 if (resolver_) {
612 EXPECT_EQ(0u, resolver_->num_running_dispatcher_jobs_for_tests());
613 }
614 DestroyResolver();
615 EXPECT_FALSE(proc_->HasBlockedRequests());
616 }
617
CreateResolverWithLimitsAndParams(size_t max_concurrent_resolves,const HostResolverSystemTask::Params & params,bool ipv6_reachable,bool check_ipv6_on_wifi,bool is_async=false)618 void CreateResolverWithLimitsAndParams(
619 size_t max_concurrent_resolves,
620 const HostResolverSystemTask::Params& params,
621 bool ipv6_reachable,
622 bool check_ipv6_on_wifi,
623 bool is_async = false) {
624 HostResolver::ManagerOptions options = DefaultOptions();
625 options.max_concurrent_resolves = max_concurrent_resolves;
626 options.check_ipv6_on_wifi = check_ipv6_on_wifi;
627
628 CreateResolverWithOptionsAndParams(std::move(options), params,
629 ipv6_reachable, is_async);
630 }
631
DefaultOptions()632 virtual HostResolver::ManagerOptions DefaultOptions() {
633 HostResolver::ManagerOptions options;
634 options.max_concurrent_resolves = kMaxJobs;
635 options.max_system_retry_attempts = kMaxRetryAttempts;
636 return options;
637 }
638
CreateResolverWithOptionsAndParams(HostResolver::ManagerOptions options,const HostResolverSystemTask::Params & params,bool ipv6_reachable,bool is_async=false,bool ipv4_reachable=true)639 virtual void CreateResolverWithOptionsAndParams(
640 HostResolver::ManagerOptions options,
641 const HostResolverSystemTask::Params& params,
642 bool ipv6_reachable,
643 bool is_async = false,
644 bool ipv4_reachable = true) {
645 // Use HostResolverManagerDnsTest if enabling DNS client.
646 DCHECK(!options.insecure_dns_client_enabled);
647
648 DestroyResolver();
649
650 resolver_ = std::make_unique<TestHostResolverManager>(
651 options, nullptr /* notifier */, nullptr /* net_log */, ipv6_reachable,
652 ipv4_reachable, is_async);
653 resolver_->set_host_resolver_system_params_for_test(params);
654 resolver_->RegisterResolveContext(resolve_context_.get());
655 }
656
657 // Friendship is not inherited, so use proxies to access those.
num_running_dispatcher_jobs() const658 size_t num_running_dispatcher_jobs() const {
659 DCHECK(resolver_.get());
660 return resolver_->num_running_dispatcher_jobs_for_tests();
661 }
662
set_allow_fallback_to_systemtask(bool allow_fallback_to_systemtask)663 void set_allow_fallback_to_systemtask(bool allow_fallback_to_systemtask) {
664 DCHECK(resolver_.get());
665 resolver_->allow_fallback_to_systemtask_ = allow_fallback_to_systemtask;
666 }
667
maximum_insecure_dns_task_failures()668 static unsigned maximum_insecure_dns_task_failures() {
669 return DnsClient::kMaxInsecureFallbackFailures;
670 }
671
StartIPv6ReachabilityCheck(const NetLogWithSource & net_log,raw_ptr<ClientSocketFactory> client_socket_factory,CompletionOnceCallback callback)672 int StartIPv6ReachabilityCheck(
673 const NetLogWithSource& net_log,
674 raw_ptr<ClientSocketFactory> client_socket_factory,
675 CompletionOnceCallback callback) {
676 return resolver_->StartIPv6ReachabilityCheck(net_log, client_socket_factory,
677 std::move(callback));
678 }
679
GetLastIpv6ProbeResult()680 bool GetLastIpv6ProbeResult() { return resolver_->last_ipv6_probe_result_; }
681
PopulateCache(const HostCache::Key & key,IPEndPoint endpoint)682 void PopulateCache(const HostCache::Key& key, IPEndPoint endpoint) {
683 resolver_->CacheResult(resolve_context_->host_cache(), key,
684 HostCache::Entry(OK, {endpoint}, /*aliases=*/{},
685 HostCache::Entry::SOURCE_UNKNOWN),
686 base::Seconds(1));
687 }
688
GetCacheHit(const HostCache::Key & key)689 const std::pair<const HostCache::Key, HostCache::Entry>* GetCacheHit(
690 const HostCache::Key& key) {
691 DCHECK(resolve_context_->host_cache());
692 return resolve_context_->host_cache()->LookupStale(
693 key, base::TimeTicks(), nullptr, false /* ignore_secure */);
694 }
695
MakeCacheStale()696 void MakeCacheStale() {
697 DCHECK(resolve_context_->host_cache());
698 resolve_context_->host_cache()->Invalidate();
699 }
700
CreateExpected(const std::string & ip_literal,uint16_t port)701 IPEndPoint CreateExpected(const std::string& ip_literal, uint16_t port) {
702 IPAddress ip;
703 bool result = ip.AssignFromIPLiteral(ip_literal);
704 DCHECK(result);
705 return IPEndPoint(ip, port);
706 }
707
708 scoped_refptr<MockHostResolverProc> proc_;
709 std::unique_ptr<HostResolverManager> resolver_;
710 std::unique_ptr<URLRequestContext> request_context_;
711 std::unique_ptr<ResolveContext> resolve_context_;
712 };
713
TEST_F(HostResolverManagerTest,AsynchronousLookup)714 TEST_F(HostResolverManagerTest, AsynchronousLookup) {
715 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
716 proc_->SignalMultiple(1u);
717
718 ResolveHostResponseHelper response(resolver_->CreateRequest(
719 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
720 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
721 resolve_context_->host_cache()));
722
723 EXPECT_THAT(response.result_error(), IsOk());
724 EXPECT_THAT(response.top_level_result_error(), IsOk());
725 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
726 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
727 EXPECT_THAT(response.request()->GetEndpointResults(),
728 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
729 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
730 EXPECT_FALSE(response.request()->GetStaleInfo());
731
732 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
733
734 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
735 GetCacheHit(HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
736 0 /* host_resolver_flags */,
737 HostResolverSource::ANY,
738 NetworkAnonymizationKey()));
739 EXPECT_TRUE(cache_result);
740 }
741
742 // TODO(crbug.com/1206799): Confirm scheme behavior once it affects behavior.
TEST_F(HostResolverManagerTest,AsynchronousLookupWithScheme)743 TEST_F(HostResolverManagerTest, AsynchronousLookupWithScheme) {
744 proc_->AddRuleForAllFamilies("host.test", "192.168.1.42");
745 proc_->SignalMultiple(1u);
746
747 ResolveHostResponseHelper response(resolver_->CreateRequest(
748 url::SchemeHostPort(url::kHttpScheme, "host.test", 80),
749 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
750 resolve_context_.get(), resolve_context_->host_cache()));
751
752 EXPECT_THAT(response.result_error(), IsOk());
753 EXPECT_THAT(response.top_level_result_error(), IsOk());
754 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
755 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
756 EXPECT_THAT(response.request()->GetEndpointResults(),
757 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
758 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
759 EXPECT_FALSE(response.request()->GetStaleInfo());
760
761 EXPECT_EQ("host.test", proc_->GetCaptureList()[0].hostname);
762
763 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
764 GetCacheHit(
765 HostCache::Key(url::SchemeHostPort(url::kHttpScheme, "host.test", 80),
766 DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
767 HostResolverSource::ANY, NetworkAnonymizationKey()));
768 EXPECT_TRUE(cache_result);
769 }
770
TEST_F(HostResolverManagerTest,JobsClearedOnCompletion)771 TEST_F(HostResolverManagerTest, JobsClearedOnCompletion) {
772 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
773 proc_->SignalMultiple(1u);
774
775 ResolveHostResponseHelper response(resolver_->CreateRequest(
776 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
777 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
778 resolve_context_->host_cache()));
779 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
780
781 EXPECT_THAT(response.result_error(), IsOk());
782 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
783 }
784
TEST_F(HostResolverManagerTest,JobsClearedOnCompletion_MultipleRequests)785 TEST_F(HostResolverManagerTest, JobsClearedOnCompletion_MultipleRequests) {
786 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
787 proc_->SignalMultiple(1u);
788
789 ResolveHostResponseHelper response1(resolver_->CreateRequest(
790 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
791 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
792 resolve_context_->host_cache()));
793 ResolveHostResponseHelper response2(resolver_->CreateRequest(
794 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
795 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
796 resolve_context_->host_cache()));
797 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
798
799 EXPECT_THAT(response1.result_error(), IsOk());
800 EXPECT_THAT(response2.result_error(), IsOk());
801 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
802 }
803
TEST_F(HostResolverManagerTest,JobsClearedOnCompletion_Failure)804 TEST_F(HostResolverManagerTest, JobsClearedOnCompletion_Failure) {
805 proc_->AddRuleForAllFamilies(std::string(),
806 "0.0.0.1"); // Default to failures.
807 proc_->SignalMultiple(1u);
808
809 ResolveHostResponseHelper response(resolver_->CreateRequest(
810 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
811 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
812 resolve_context_->host_cache()));
813 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
814
815 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
816 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
817 }
818
TEST_F(HostResolverManagerTest,JobsClearedOnCompletion_Abort)819 TEST_F(HostResolverManagerTest, JobsClearedOnCompletion_Abort) {
820 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
821
822 ResolveHostResponseHelper response(resolver_->CreateRequest(
823 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
824 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
825 resolve_context_->host_cache()));
826 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
827
828 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
829 proc_->SignalMultiple(1u);
830
831 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
832 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
833 }
834
TEST_F(HostResolverManagerTest,DnsQueryType)835 TEST_F(HostResolverManagerTest, DnsQueryType) {
836 proc_->AddRule("host", ADDRESS_FAMILY_IPV4, "192.168.1.20");
837 proc_->AddRule("host", ADDRESS_FAMILY_IPV6, "::5");
838
839 HostResolver::ResolveHostParameters parameters;
840
841 parameters.dns_query_type = DnsQueryType::A;
842 ResolveHostResponseHelper v4_response(resolver_->CreateRequest(
843 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
844 parameters, resolve_context_.get(), resolve_context_->host_cache()));
845
846 parameters.dns_query_type = DnsQueryType::AAAA;
847 ResolveHostResponseHelper v6_response(resolver_->CreateRequest(
848 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
849 parameters, resolve_context_.get(), resolve_context_->host_cache()));
850
851 proc_->SignalMultiple(2u);
852
853 EXPECT_THAT(v4_response.result_error(), IsOk());
854 EXPECT_THAT(v4_response.request()->GetAddressResults()->endpoints(),
855 testing::ElementsAre(CreateExpected("192.168.1.20", 80)));
856 EXPECT_THAT(v4_response.request()->GetEndpointResults(),
857 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
858 testing::ElementsAre(CreateExpected("192.168.1.20", 80))))));
859
860 EXPECT_THAT(v6_response.result_error(), IsOk());
861 EXPECT_THAT(v6_response.request()->GetAddressResults()->endpoints(),
862 testing::ElementsAre(CreateExpected("::5", 80)));
863 EXPECT_THAT(v6_response.request()->GetEndpointResults(),
864 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
865 testing::ElementsAre(CreateExpected("::5", 80))))));
866 }
867
TEST_F(HostResolverManagerTest,DnsQueryWithoutAliases)868 TEST_F(HostResolverManagerTest, DnsQueryWithoutAliases) {
869 proc_->AddRule("host", ADDRESS_FAMILY_IPV4, "192.168.1.20");
870
871 HostResolver::ResolveHostParameters parameters;
872
873 parameters.dns_query_type = DnsQueryType::A;
874 ResolveHostResponseHelper response(resolver_->CreateRequest(
875 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
876 parameters, resolve_context_.get(), resolve_context_->host_cache()));
877
878 proc_->SignalMultiple(1u);
879
880 EXPECT_THAT(response.result_error(), IsOk());
881 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
882 testing::ElementsAre(CreateExpected("192.168.1.20", 80)));
883 EXPECT_THAT(response.request()->GetEndpointResults(),
884 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
885 testing::ElementsAre(CreateExpected("192.168.1.20", 80))))));
886 EXPECT_THAT(response.request()->GetDnsAliasResults(),
887 testing::Pointee(testing::IsEmpty()));
888 }
889
LocalhostIPV4IPV6LookupTest(bool is_async)890 void HostResolverManagerTest::LocalhostIPV4IPV6LookupTest(bool is_async) {
891 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
892 true /* ipv6_reachable */,
893 true /* check_ipv6_on_wifi */, is_async);
894 HostResolver::ResolveHostParameters parameters;
895
896 parameters.dns_query_type = DnsQueryType::A;
897 ResolveHostResponseHelper v4_v4_response(resolver_->CreateRequest(
898 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
899 NetLogWithSource(), parameters, resolve_context_.get(),
900 resolve_context_->host_cache()));
901 EXPECT_THAT(v4_v4_response.result_error(), IsOk());
902 EXPECT_THAT(v4_v4_response.request()->GetAddressResults()->endpoints(),
903 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
904 EXPECT_THAT(v4_v4_response.request()->GetEndpointResults(),
905 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
906 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
907
908 parameters.dns_query_type = DnsQueryType::AAAA;
909 ResolveHostResponseHelper v4_v6_response(resolver_->CreateRequest(
910 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
911 NetLogWithSource(), parameters, resolve_context_.get(),
912 resolve_context_->host_cache()));
913 EXPECT_THAT(v4_v6_response.result_error(), IsOk());
914 EXPECT_THAT(v4_v6_response.request()->GetAddressResults()->endpoints(),
915 testing::ElementsAre(CreateExpected("::1", 80)));
916 EXPECT_THAT(v4_v6_response.request()->GetEndpointResults(),
917 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
918 testing::ElementsAre(CreateExpected("::1", 80))))));
919
920 ResolveHostResponseHelper v4_unsp_response(resolver_->CreateRequest(
921 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
922 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
923 resolve_context_->host_cache()));
924 EXPECT_THAT(v4_unsp_response.result_error(), IsOk());
925 EXPECT_THAT(v4_unsp_response.request()->GetAddressResults()->endpoints(),
926 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
927 CreateExpected("::1", 80)));
928 EXPECT_THAT(
929 v4_unsp_response.request()->GetEndpointResults(),
930 testing::Pointee(testing::ElementsAre(
931 ExpectEndpointResult(testing::UnorderedElementsAre(
932 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
933 }
934
TEST_F(HostResolverManagerTest,LocalhostIPV4IPV6LookupAsync)935 TEST_F(HostResolverManagerTest, LocalhostIPV4IPV6LookupAsync) {
936 LocalhostIPV4IPV6LookupTest(true);
937 }
938
TEST_F(HostResolverManagerTest,LocalhostIPV4IPV6LookupSync)939 TEST_F(HostResolverManagerTest, LocalhostIPV4IPV6LookupSync) {
940 LocalhostIPV4IPV6LookupTest(false);
941 }
942
TEST_F(HostResolverManagerTest,ResolveIPLiteralWithHostResolverSystemOnly)943 TEST_F(HostResolverManagerTest, ResolveIPLiteralWithHostResolverSystemOnly) {
944 const char kIpLiteral[] = "178.78.32.1";
945 // Add a mapping to tell if the resolver proc was called (if it was called,
946 // then the result will be the remapped value. Otherwise it will be the IP
947 // literal).
948 proc_->AddRuleForAllFamilies(kIpLiteral, "183.45.32.1");
949
950 HostResolver::ResolveHostParameters parameters;
951 parameters.source = HostResolverSource::SYSTEM;
952 ResolveHostResponseHelper response(resolver_->CreateRequest(
953 HostPortPair(kIpLiteral, 80), NetworkAnonymizationKey(),
954 NetLogWithSource(), parameters, resolve_context_.get(),
955 resolve_context_->host_cache()));
956
957 // IP literal resolution is expected to take precedence over source, so the
958 // result is expected to be the input IP, not the result IP from the proc rule
959 EXPECT_THAT(response.result_error(), IsOk());
960 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
961 testing::ElementsAre(CreateExpected(kIpLiteral, 80)));
962 EXPECT_THAT(response.request()->GetEndpointResults(),
963 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
964 testing::ElementsAre(CreateExpected(kIpLiteral, 80))))));
965 EXPECT_FALSE(response.request()->GetStaleInfo());
966 }
967
TEST_F(HostResolverManagerTest,EmptyListMeansNameNotResolved)968 TEST_F(HostResolverManagerTest, EmptyListMeansNameNotResolved) {
969 proc_->AddRuleForAllFamilies("just.testing", "");
970 proc_->SignalMultiple(1u);
971
972 ResolveHostResponseHelper response(resolver_->CreateRequest(
973 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
974 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
975 resolve_context_->host_cache()));
976
977 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
978 EXPECT_THAT(response.request()->GetAddressResults(),
979 AnyOf(nullptr, Pointee(IsEmpty())));
980 EXPECT_THAT(response.request()->GetEndpointResults(),
981 AnyOf(nullptr, Pointee(IsEmpty())));
982 EXPECT_FALSE(response.request()->GetStaleInfo());
983
984 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
985 }
986
TEST_F(HostResolverManagerTest,FailedAsynchronousLookup)987 TEST_F(HostResolverManagerTest, FailedAsynchronousLookup) {
988 proc_->AddRuleForAllFamilies(std::string(),
989 "0.0.0.1"); // Default to failures.
990 proc_->SignalMultiple(1u);
991
992 ResolveHostResponseHelper response(resolver_->CreateRequest(
993 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
994 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
995 resolve_context_->host_cache()));
996 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
997 EXPECT_THAT(response.top_level_result_error(),
998 IsError(ERR_NAME_NOT_RESOLVED));
999 EXPECT_THAT(response.request()->GetAddressResults(),
1000 AnyOf(nullptr, Pointee(IsEmpty())));
1001 EXPECT_THAT(response.request()->GetEndpointResults(),
1002 AnyOf(nullptr, Pointee(IsEmpty())));
1003 EXPECT_FALSE(response.request()->GetStaleInfo());
1004
1005 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
1006
1007 // Also test that the error is not cached.
1008 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
1009 GetCacheHit(HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
1010 0 /* host_resolver_flags */,
1011 HostResolverSource::ANY,
1012 NetworkAnonymizationKey()));
1013 EXPECT_FALSE(cache_result);
1014 }
1015
TEST_F(HostResolverManagerTest,AbortedAsynchronousLookup)1016 TEST_F(HostResolverManagerTest, AbortedAsynchronousLookup) {
1017 ResolveHostResponseHelper response0(resolver_->CreateRequest(
1018 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
1019 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1020 resolve_context_->host_cache()));
1021 ASSERT_FALSE(response0.complete());
1022 ASSERT_TRUE(proc_->WaitFor(1u));
1023
1024 // Resolver is destroyed while job is running on WorkerPool.
1025 DestroyResolver();
1026
1027 proc_->SignalAll();
1028
1029 // To ensure there was no spurious callback, complete with a new resolver.
1030 CreateResolver();
1031 ResolveHostResponseHelper response1(resolver_->CreateRequest(
1032 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
1033 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1034 resolve_context_->host_cache()));
1035
1036 proc_->SignalMultiple(2u);
1037
1038 EXPECT_THAT(response1.result_error(), IsOk());
1039
1040 // This request was canceled.
1041 EXPECT_FALSE(response0.complete());
1042 }
1043
TEST_F(HostResolverManagerTest,NumericIPv4Address)1044 TEST_F(HostResolverManagerTest, NumericIPv4Address) {
1045 ResolveHostResponseHelper response(resolver_->CreateRequest(
1046 HostPortPair("127.1.2.3", 5555), NetworkAnonymizationKey(),
1047 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1048 resolve_context_->host_cache()));
1049
1050 EXPECT_THAT(response.result_error(), IsOk());
1051 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
1052 testing::ElementsAre(CreateExpected("127.1.2.3", 5555)));
1053 EXPECT_THAT(
1054 response.request()->GetEndpointResults(),
1055 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
1056 testing::UnorderedElementsAre(CreateExpected("127.1.2.3", 5555))))));
1057 }
1058
TEST_F(HostResolverManagerTest,NumericIPv4AddressWithScheme)1059 TEST_F(HostResolverManagerTest, NumericIPv4AddressWithScheme) {
1060 ResolveHostResponseHelper response(resolver_->CreateRequest(
1061 url::SchemeHostPort(url::kHttpsScheme, "127.1.2.3", 5555),
1062 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
1063 resolve_context_.get(), resolve_context_->host_cache()));
1064
1065 EXPECT_THAT(response.result_error(), IsOk());
1066 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
1067 testing::ElementsAre(CreateExpected("127.1.2.3", 5555)));
1068 EXPECT_THAT(
1069 response.request()->GetEndpointResults(),
1070 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
1071 testing::UnorderedElementsAre(CreateExpected("127.1.2.3", 5555))))));
1072 }
1073
NumericIPv6AddressTest(bool is_async)1074 void HostResolverManagerTest::NumericIPv6AddressTest(bool is_async) {
1075 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1076 true /* ipv6_reachable */,
1077 true /* check_ipv6_on_wifi */, is_async);
1078 // Resolve a plain IPv6 address. Don't worry about [brackets], because
1079 // the caller should have removed them.
1080 ResolveHostResponseHelper response(resolver_->CreateRequest(
1081 HostPortPair("2001:db8::1", 5555), NetworkAnonymizationKey(),
1082 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1083 resolve_context_->host_cache()));
1084
1085 EXPECT_THAT(response.result_error(), IsOk());
1086 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
1087 testing::ElementsAre(CreateExpected("2001:db8::1", 5555)));
1088 EXPECT_THAT(response.request()->GetEndpointResults(),
1089 testing::Pointee(testing::UnorderedElementsAre(
1090 ExpectEndpointResult(testing::UnorderedElementsAre(
1091 CreateExpected("2001:db8::1", 5555))))));
1092 }
1093
TEST_F(HostResolverManagerTest,NumericIPv6AddressAsync)1094 TEST_F(HostResolverManagerTest, NumericIPv6AddressAsync) {
1095 NumericIPv6AddressTest(true);
1096 }
1097
TEST_F(HostResolverManagerTest,NumericIPv6AddressSync)1098 TEST_F(HostResolverManagerTest, NumericIPv6AddressSync) {
1099 NumericIPv6AddressTest(false);
1100 }
1101
NumericIPv6AddressWithSchemeTest(bool is_async)1102 void HostResolverManagerTest::NumericIPv6AddressWithSchemeTest(bool is_async) {
1103 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1104 true /* ipv6_reachable */,
1105 true /* check_ipv6_on_wifi */, is_async);
1106 ResolveHostResponseHelper response(resolver_->CreateRequest(
1107 url::SchemeHostPort(url::kFtpScheme, "[2001:db8::1]", 5555),
1108 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
1109 resolve_context_.get(), resolve_context_->host_cache()));
1110
1111 EXPECT_THAT(response.result_error(), IsOk());
1112 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
1113 testing::ElementsAre(CreateExpected("2001:db8::1", 5555)));
1114 EXPECT_THAT(response.request()->GetEndpointResults(),
1115 testing::Pointee(testing::UnorderedElementsAre(
1116 ExpectEndpointResult(testing::UnorderedElementsAre(
1117 CreateExpected("2001:db8::1", 5555))))));
1118 }
1119
TEST_F(HostResolverManagerTest,NumericIPv6AddressWithSchemeAsync)1120 TEST_F(HostResolverManagerTest, NumericIPv6AddressWithSchemeAsync) {
1121 NumericIPv6AddressWithSchemeTest(true);
1122 }
1123
TEST_F(HostResolverManagerTest,NumericIPv6AddressWithSchemeSync)1124 TEST_F(HostResolverManagerTest, NumericIPv6AddressWithSchemeSync) {
1125 NumericIPv6AddressWithSchemeTest(false);
1126 }
1127
1128 // Regression test for https://crbug.com/1432508.
1129 //
1130 // Tests that if a new request is made while the loop within
1131 // FinishIPv6ReachabilityCheck is still running, and the new request needs to
1132 // wait on a new IPv6 probe to complete, the new request does not try to modify
1133 // the same vector that FinishIPv6ReachabilityCheck is iterating over.
TEST_F(HostResolverManagerTest,AddRequestDuringFinishIPv6ReachabilityCheck)1134 TEST_F(HostResolverManagerTest, AddRequestDuringFinishIPv6ReachabilityCheck) {
1135 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1136 true /* ipv6_reachable */,
1137 true /* check_ipv6_on_wifi */, true);
1138
1139 // Reset `last_ipv6_probe_time_` if `reset_ipv6_probe_time` true so a new
1140 // request kicks off a new reachability probe.
1141 auto custom_callback_template = base::BindLambdaForTesting(
1142 [&](bool reset_ipv6_probe_time, const HostPortPair& next_host,
1143 std::unique_ptr<ResolveHostResponseHelper>* next_response,
1144 CompletionOnceCallback completion_callback, int error) {
1145 if (reset_ipv6_probe_time) {
1146 resolver_->ResetIPv6ProbeTimeForTesting();
1147 }
1148 *next_response = std::make_unique<ResolveHostResponseHelper>(
1149 resolver_->CreateRequest(next_host, NetworkAnonymizationKey(),
1150 NetLogWithSource(), absl::nullopt,
1151 resolve_context_.get(),
1152 resolve_context_->host_cache()));
1153 std::move(completion_callback).Run(error);
1154 });
1155
1156 std::vector<std::unique_ptr<ResolveHostResponseHelper>> next_responses(3);
1157
1158 ResolveHostResponseHelper response0(
1159 resolver_->CreateRequest(HostPortPair("2001:db8::1", 5555),
1160 NetworkAnonymizationKey(), NetLogWithSource(),
1161 absl::nullopt, resolve_context_.get(),
1162 resolve_context_->host_cache()),
1163 base::BindOnce(custom_callback_template, true, HostPortPair("zzz", 80),
1164 &next_responses[0]));
1165
1166 // New requests made by response1 and response2 will wait for a new
1167 // reachability probe to complete.
1168 ResolveHostResponseHelper response1(
1169 resolver_->CreateRequest(HostPortPair("2001:db8::1", 5555),
1170 NetworkAnonymizationKey(), NetLogWithSource(),
1171 absl::nullopt, resolve_context_.get(),
1172 resolve_context_->host_cache()),
1173 base::BindOnce(custom_callback_template, false, HostPortPair("aaa", 80),
1174 &next_responses[1]));
1175
1176 ResolveHostResponseHelper response2(
1177 resolver_->CreateRequest(HostPortPair("2001:db8::1", 5555),
1178 NetworkAnonymizationKey(), NetLogWithSource(),
1179 absl::nullopt, resolve_context_.get(),
1180 resolve_context_->host_cache()),
1181 base::BindOnce(custom_callback_template, false, HostPortPair("eee", 80),
1182 &next_responses[2]));
1183
1184 // Unblock all calls to proc.
1185 proc_->SignalMultiple(6u);
1186
1187 // All requests should return OK.
1188 EXPECT_THAT(response0.result_error(), IsOk());
1189 EXPECT_THAT(response1.result_error(), IsOk());
1190 EXPECT_THAT(response2.result_error(), IsOk());
1191 EXPECT_THAT(next_responses[0]->result_error(), IsOk());
1192 EXPECT_THAT(next_responses[1]->result_error(), IsOk());
1193 EXPECT_THAT(next_responses[2]->result_error(), IsOk());
1194 }
1195
TEST_F(HostResolverManagerTest,EmptyHost)1196 TEST_F(HostResolverManagerTest, EmptyHost) {
1197 ResolveHostResponseHelper response(resolver_->CreateRequest(
1198 HostPortPair(std::string(), 5555), NetworkAnonymizationKey(),
1199 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1200 resolve_context_->host_cache()));
1201
1202 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
1203 EXPECT_THAT(response.request()->GetAddressResults(),
1204 AnyOf(nullptr, Pointee(IsEmpty())));
1205 EXPECT_THAT(response.request()->GetEndpointResults(),
1206 AnyOf(nullptr, Pointee(IsEmpty())));
1207 }
1208
TEST_F(HostResolverManagerTest,EmptyDotsHost)1209 TEST_F(HostResolverManagerTest, EmptyDotsHost) {
1210 for (int i = 0; i < 16; ++i) {
1211 ResolveHostResponseHelper response(resolver_->CreateRequest(
1212 HostPortPair(std::string(i, '.'), 5555), NetworkAnonymizationKey(),
1213 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1214 resolve_context_->host_cache()));
1215
1216 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
1217 EXPECT_THAT(response.request()->GetAddressResults(),
1218 AnyOf(nullptr, Pointee(IsEmpty())));
1219 EXPECT_THAT(response.request()->GetEndpointResults(),
1220 AnyOf(nullptr, Pointee(IsEmpty())));
1221 }
1222 }
1223
TEST_F(HostResolverManagerTest,LongHost)1224 TEST_F(HostResolverManagerTest, LongHost) {
1225 ResolveHostResponseHelper response(resolver_->CreateRequest(
1226 HostPortPair(std::string(4097, 'a'), 5555), NetworkAnonymizationKey(),
1227 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1228 resolve_context_->host_cache()));
1229
1230 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
1231 EXPECT_THAT(response.request()->GetAddressResults(),
1232 AnyOf(nullptr, Pointee(IsEmpty())));
1233 EXPECT_THAT(response.request()->GetEndpointResults(),
1234 AnyOf(nullptr, Pointee(IsEmpty())));
1235 }
1236
TEST_F(HostResolverManagerTest,DeDupeRequests)1237 TEST_F(HostResolverManagerTest, DeDupeRequests) {
1238 // Start 5 requests, duplicating hosts "a" and "b". Since the resolver_proc is
1239 // blocked, these should all pile up until we signal it.
1240 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1241 responses.emplace_back(
1242 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1243 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1244 absl::nullopt, resolve_context_.get(),
1245 resolve_context_->host_cache())));
1246 responses.emplace_back(
1247 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1248 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1249 absl::nullopt, resolve_context_.get(),
1250 resolve_context_->host_cache())));
1251 responses.emplace_back(
1252 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1253 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1254 absl::nullopt, resolve_context_.get(),
1255 resolve_context_->host_cache())));
1256 responses.emplace_back(
1257 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1258 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1259 absl::nullopt, resolve_context_.get(),
1260 resolve_context_->host_cache())));
1261 responses.emplace_back(
1262 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1263 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1264 absl::nullopt, resolve_context_.get(),
1265 resolve_context_->host_cache())));
1266
1267 for (auto& response : responses) {
1268 ASSERT_FALSE(response->complete());
1269 }
1270
1271 proc_->SignalMultiple(2u); // One for "a:80", one for "b:80".
1272
1273 for (auto& response : responses) {
1274 EXPECT_THAT(response->result_error(), IsOk());
1275 }
1276 }
1277
1278 // TODO(crbug.com/1206799): Delete/adapt once requests with different ports are
1279 // not deduped.
TEST_F(HostResolverManagerTest,DeDupeRequestsWithDifferentPorts)1280 TEST_F(HostResolverManagerTest, DeDupeRequestsWithDifferentPorts) {
1281 // Start 5 requests, duplicating hosts "a" and "b". Since the resolver_proc is
1282 // blocked, these should all pile up until we signal it.
1283 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1284 responses.emplace_back(
1285 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1286 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1287 absl::nullopt, resolve_context_.get(),
1288 resolve_context_->host_cache())));
1289 responses.emplace_back(
1290 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1291 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1292 absl::nullopt, resolve_context_.get(),
1293 resolve_context_->host_cache())));
1294 responses.emplace_back(
1295 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1296 HostPortPair("b", 81), NetworkAnonymizationKey(), NetLogWithSource(),
1297 absl::nullopt, resolve_context_.get(),
1298 resolve_context_->host_cache())));
1299 responses.emplace_back(
1300 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1301 HostPortPair("a", 82), NetworkAnonymizationKey(), NetLogWithSource(),
1302 absl::nullopt, resolve_context_.get(),
1303 resolve_context_->host_cache())));
1304 responses.emplace_back(
1305 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1306 HostPortPair("b", 83), NetworkAnonymizationKey(), NetLogWithSource(),
1307 absl::nullopt, resolve_context_.get(),
1308 resolve_context_->host_cache())));
1309
1310 for (auto& response : responses) {
1311 ASSERT_FALSE(response->complete());
1312 }
1313
1314 proc_->SignalMultiple(2u); // One for "a", one for "b".
1315
1316 for (auto& response : responses) {
1317 EXPECT_THAT(response->result_error(), IsOk());
1318 }
1319 }
1320
TEST_F(HostResolverManagerTest,CancelMultipleRequests)1321 TEST_F(HostResolverManagerTest, CancelMultipleRequests) {
1322 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1323 responses.emplace_back(
1324 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1325 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1326 absl::nullopt, resolve_context_.get(),
1327 resolve_context_->host_cache())));
1328 responses.emplace_back(
1329 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1330 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1331 absl::nullopt, resolve_context_.get(),
1332 resolve_context_->host_cache())));
1333 responses.emplace_back(
1334 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1335 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1336 absl::nullopt, resolve_context_.get(),
1337 resolve_context_->host_cache())));
1338 responses.emplace_back(
1339 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1340 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1341 absl::nullopt, resolve_context_.get(),
1342 resolve_context_->host_cache())));
1343 responses.emplace_back(
1344 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1345 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1346 absl::nullopt, resolve_context_.get(),
1347 resolve_context_->host_cache())));
1348
1349 for (auto& response : responses) {
1350 ASSERT_FALSE(response->complete());
1351 }
1352
1353 // Cancel everything except request for requests[3] ("a", 80).
1354 responses[0]->CancelRequest();
1355 responses[1]->CancelRequest();
1356 responses[2]->CancelRequest();
1357 responses[4]->CancelRequest();
1358
1359 proc_->SignalMultiple(2u); // One for "a", one for "b".
1360
1361 EXPECT_THAT(responses[3]->result_error(), IsOk());
1362
1363 EXPECT_FALSE(responses[0]->complete());
1364 EXPECT_FALSE(responses[1]->complete());
1365 EXPECT_FALSE(responses[2]->complete());
1366 EXPECT_FALSE(responses[4]->complete());
1367 }
1368
TEST_F(HostResolverManagerTest,CanceledRequestsReleaseJobSlots)1369 TEST_F(HostResolverManagerTest, CanceledRequestsReleaseJobSlots) {
1370 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1371
1372 // Fill up the dispatcher and queue.
1373 for (unsigned i = 0; i < kMaxJobs + 1; ++i) {
1374 std::string hostname = "a_";
1375 hostname[1] = 'a' + i;
1376
1377 responses.emplace_back(
1378 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1379 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
1380 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1381 resolve_context_->host_cache())));
1382 ASSERT_FALSE(responses.back()->complete());
1383
1384 responses.emplace_back(
1385 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1386 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
1387 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1388 resolve_context_->host_cache())));
1389 ASSERT_FALSE(responses.back()->complete());
1390 }
1391
1392 ASSERT_TRUE(proc_->WaitFor(kMaxJobs));
1393
1394 // Cancel all but last two.
1395 for (unsigned i = 0; i < responses.size() - 2; ++i) {
1396 responses[i]->CancelRequest();
1397 }
1398
1399 ASSERT_TRUE(proc_->WaitFor(kMaxJobs + 1));
1400
1401 proc_->SignalAll();
1402
1403 size_t num_requests = responses.size();
1404 EXPECT_THAT(responses[num_requests - 1]->result_error(), IsOk());
1405 EXPECT_THAT(responses[num_requests - 2]->result_error(), IsOk());
1406 for (unsigned i = 0; i < num_requests - 2; ++i) {
1407 EXPECT_FALSE(responses[i]->complete());
1408 }
1409 }
1410
TEST_F(HostResolverManagerTest,CancelWithinCallback)1411 TEST_F(HostResolverManagerTest, CancelWithinCallback) {
1412 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1413 auto custom_callback = base::BindLambdaForTesting(
1414 [&](CompletionOnceCallback completion_callback, int error) {
1415 for (auto& response : responses) {
1416 // Cancelling request is required to complete first, so that it can
1417 // attempt to cancel the others. This test assumes all jobs are
1418 // completed in order.
1419 DCHECK(!response->complete());
1420
1421 response->CancelRequest();
1422 }
1423 std::move(completion_callback).Run(error);
1424 });
1425
1426 ResolveHostResponseHelper cancelling_response(
1427 resolver_->CreateRequest(HostPortPair("a", 80), NetworkAnonymizationKey(),
1428 NetLogWithSource(), absl::nullopt,
1429 resolve_context_.get(),
1430 resolve_context_->host_cache()),
1431 std::move(custom_callback));
1432
1433 responses.emplace_back(
1434 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1435 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1436 absl::nullopt, resolve_context_.get(),
1437 resolve_context_->host_cache())));
1438 responses.emplace_back(
1439 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1440 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1441 absl::nullopt, resolve_context_.get(),
1442 resolve_context_->host_cache())));
1443
1444 proc_->SignalMultiple(2u); // One for "a". One for "finalrequest".
1445
1446 EXPECT_THAT(cancelling_response.result_error(), IsOk());
1447
1448 ResolveHostResponseHelper final_response(resolver_->CreateRequest(
1449 HostPortPair("finalrequest", 70), NetworkAnonymizationKey(),
1450 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1451 resolve_context_->host_cache()));
1452 EXPECT_THAT(final_response.result_error(), IsOk());
1453
1454 for (auto& response : responses) {
1455 EXPECT_FALSE(response->complete());
1456 }
1457 }
1458
TEST_F(HostResolverManagerTest,DeleteWithinCallback)1459 TEST_F(HostResolverManagerTest, DeleteWithinCallback) {
1460 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1461 auto custom_callback = base::BindLambdaForTesting(
1462 [&](CompletionOnceCallback completion_callback, int error) {
1463 for (auto& response : responses) {
1464 // Deleting request is required to be first, so the other requests
1465 // will still be running to be deleted. This test assumes that the
1466 // Jobs will be Aborted in order and the requests in order within the
1467 // jobs.
1468 DCHECK(!response->complete());
1469 }
1470
1471 DestroyResolver();
1472 std::move(completion_callback).Run(error);
1473 });
1474
1475 ResolveHostResponseHelper deleting_response(
1476 resolver_->CreateRequest(HostPortPair("a", 80), NetworkAnonymizationKey(),
1477 NetLogWithSource(), absl::nullopt,
1478 resolve_context_.get(),
1479 resolve_context_->host_cache()),
1480 std::move(custom_callback));
1481
1482 // Start additional requests to be cancelled as part of the first's deletion.
1483 // Assumes all requests for a job are handled in order so that the deleting
1484 // request will run first and cancel the rest.
1485 responses.emplace_back(
1486 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1487 HostPortPair("a", 81), NetworkAnonymizationKey(), NetLogWithSource(),
1488 absl::nullopt, resolve_context_.get(),
1489 resolve_context_->host_cache())));
1490 responses.emplace_back(
1491 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1492 HostPortPair("a", 82), NetworkAnonymizationKey(), NetLogWithSource(),
1493 absl::nullopt, resolve_context_.get(),
1494 resolve_context_->host_cache())));
1495
1496 proc_->SignalMultiple(3u);
1497
1498 EXPECT_THAT(deleting_response.result_error(), IsOk());
1499
1500 base::RunLoop().RunUntilIdle();
1501 for (auto& response : responses) {
1502 EXPECT_FALSE(response->complete());
1503 }
1504 }
1505
TEST_F(HostResolverManagerTest,DeleteWithinAbortedCallback)1506 TEST_F(HostResolverManagerTest, DeleteWithinAbortedCallback) {
1507 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1508 ResolveHostResponseHelper::Callback custom_callback =
1509 base::BindLambdaForTesting(
1510 [&](CompletionOnceCallback completion_callback, int error) {
1511 for (auto& response : responses) {
1512 // Deleting request is required to be first, so the other requests
1513 // will still be running to be deleted. This test assumes that the
1514 // Jobs will be Aborted in order and the requests in order within
1515 // the jobs.
1516 DCHECK(!response->complete());
1517 }
1518 DestroyResolver();
1519 std::move(completion_callback).Run(error);
1520 });
1521
1522 ResolveHostResponseHelper deleting_response(
1523 resolver_->CreateRequest(HostPortPair("a", 80), NetworkAnonymizationKey(),
1524 NetLogWithSource(), absl::nullopt,
1525 resolve_context_.get(),
1526 resolve_context_->host_cache()),
1527 std::move(custom_callback));
1528
1529 responses.emplace_back(
1530 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1531 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1532 absl::nullopt, resolve_context_.get(),
1533 resolve_context_->host_cache())));
1534 responses.emplace_back(
1535 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1536 HostPortPair("b", 82), NetworkAnonymizationKey(), NetLogWithSource(),
1537 absl::nullopt, resolve_context_.get(),
1538 resolve_context_->host_cache())));
1539 responses.emplace_back(
1540 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1541 HostPortPair("b", 82), NetworkAnonymizationKey(), NetLogWithSource(),
1542 absl::nullopt, resolve_context_.get(),
1543 resolve_context_->host_cache())));
1544
1545 // Wait for all calls to queue up, trigger abort via IP address change, then
1546 // signal all the queued requests to let them all try to finish.
1547 EXPECT_TRUE(proc_->WaitFor(2u));
1548 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1549 proc_->SignalAll();
1550
1551 EXPECT_THAT(deleting_response.result_error(), IsError(ERR_NETWORK_CHANGED));
1552 base::RunLoop().RunUntilIdle();
1553 for (auto& response : responses) {
1554 EXPECT_FALSE(response->complete());
1555 }
1556 }
1557
TEST_F(HostResolverManagerTest,StartWithinCallback)1558 TEST_F(HostResolverManagerTest, StartWithinCallback) {
1559 std::unique_ptr<ResolveHostResponseHelper> new_response;
1560 auto custom_callback = base::BindLambdaForTesting(
1561 [&](CompletionOnceCallback completion_callback, int error) {
1562 new_response = std::make_unique<ResolveHostResponseHelper>(
1563 resolver_->CreateRequest(
1564 HostPortPair("new", 70), NetworkAnonymizationKey(),
1565 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1566 resolve_context_->host_cache()));
1567 std::move(completion_callback).Run(error);
1568 });
1569
1570 ResolveHostResponseHelper starting_response(
1571 resolver_->CreateRequest(HostPortPair("a", 80), NetworkAnonymizationKey(),
1572 NetLogWithSource(), absl::nullopt,
1573 resolve_context_.get(),
1574 resolve_context_->host_cache()),
1575 std::move(custom_callback));
1576
1577 proc_->SignalMultiple(2u); // One for "a". One for "new".
1578
1579 EXPECT_THAT(starting_response.result_error(), IsOk());
1580 EXPECT_THAT(new_response->result_error(), IsOk());
1581 }
1582
TEST_F(HostResolverManagerTest,StartWithinEvictionCallback)1583 TEST_F(HostResolverManagerTest, StartWithinEvictionCallback) {
1584 CreateSerialResolver();
1585 resolver_->SetMaxQueuedJobsForTesting(2);
1586
1587 std::unique_ptr<ResolveHostResponseHelper> new_response;
1588 auto custom_callback = base::BindLambdaForTesting(
1589 [&](CompletionOnceCallback completion_callback, int error) {
1590 new_response = std::make_unique<ResolveHostResponseHelper>(
1591 resolver_->CreateRequest(
1592 HostPortPair("new", 70), NetworkAnonymizationKey(),
1593 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1594 resolve_context_->host_cache()));
1595 std::move(completion_callback).Run(error);
1596 });
1597
1598 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1599 HostPortPair("initial", 80), NetworkAnonymizationKey(),
1600 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1601 resolve_context_->host_cache()));
1602 ResolveHostResponseHelper evictee1_response(
1603 resolver_->CreateRequest(HostPortPair("evictee1", 80),
1604 NetworkAnonymizationKey(), NetLogWithSource(),
1605 absl::nullopt, resolve_context_.get(),
1606 resolve_context_->host_cache()),
1607 std::move(custom_callback));
1608 ResolveHostResponseHelper evictee2_response(resolver_->CreateRequest(
1609 HostPortPair("evictee2", 80), NetworkAnonymizationKey(),
1610 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1611 resolve_context_->host_cache()));
1612
1613 // Now one running request ("initial") and two queued requests ("evictee1" and
1614 // "evictee2"). Any further requests will cause evictions.
1615 ResolveHostResponseHelper evictor_response(resolver_->CreateRequest(
1616 HostPortPair("evictor", 80), NetworkAnonymizationKey(),
1617 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1618 resolve_context_->host_cache()));
1619 EXPECT_THAT(evictee1_response.result_error(),
1620 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1621
1622 // "new" should evict "evictee2"
1623 EXPECT_THAT(evictee2_response.result_error(),
1624 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1625
1626 proc_->SignalMultiple(3u);
1627
1628 EXPECT_THAT(initial_response.result_error(), IsOk());
1629 EXPECT_THAT(evictor_response.result_error(), IsOk());
1630 EXPECT_THAT(new_response->result_error(), IsOk());
1631 }
1632
1633 // Test where we start a new request within an eviction callback that itself
1634 // evicts the first evictor.
TEST_F(HostResolverManagerTest,StartWithinEvictionCallback_DoubleEviction)1635 TEST_F(HostResolverManagerTest, StartWithinEvictionCallback_DoubleEviction) {
1636 CreateSerialResolver();
1637 resolver_->SetMaxQueuedJobsForTesting(1);
1638
1639 std::unique_ptr<ResolveHostResponseHelper> new_response;
1640 auto custom_callback = base::BindLambdaForTesting(
1641 [&](CompletionOnceCallback completion_callback, int error) {
1642 new_response = std::make_unique<ResolveHostResponseHelper>(
1643 resolver_->CreateRequest(
1644 HostPortPair("new", 70), NetworkAnonymizationKey(),
1645 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1646 resolve_context_->host_cache()));
1647 std::move(completion_callback).Run(error);
1648 });
1649
1650 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1651 HostPortPair("initial", 80), NetworkAnonymizationKey(),
1652 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1653 resolve_context_->host_cache()));
1654 ResolveHostResponseHelper evictee_response(
1655 resolver_->CreateRequest(HostPortPair("evictee", 80),
1656 NetworkAnonymizationKey(), NetLogWithSource(),
1657 absl::nullopt, resolve_context_.get(),
1658 resolve_context_->host_cache()),
1659 std::move(custom_callback));
1660
1661 // Now one running request ("initial") and one queued requests ("evictee").
1662 // Any further requests will cause evictions.
1663 ResolveHostResponseHelper evictor_response(resolver_->CreateRequest(
1664 HostPortPair("evictor", 80), NetworkAnonymizationKey(),
1665 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1666 resolve_context_->host_cache()));
1667 EXPECT_THAT(evictee_response.result_error(),
1668 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1669
1670 // "new" should evict "evictor"
1671 EXPECT_THAT(evictor_response.result_error(),
1672 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1673
1674 proc_->SignalMultiple(2u);
1675
1676 EXPECT_THAT(initial_response.result_error(), IsOk());
1677 EXPECT_THAT(new_response->result_error(), IsOk());
1678 }
1679
TEST_F(HostResolverManagerTest,StartWithinEvictionCallback_SameRequest)1680 TEST_F(HostResolverManagerTest, StartWithinEvictionCallback_SameRequest) {
1681 CreateSerialResolver();
1682 resolver_->SetMaxQueuedJobsForTesting(2);
1683
1684 std::unique_ptr<ResolveHostResponseHelper> new_response;
1685 auto custom_callback = base::BindLambdaForTesting(
1686 [&](CompletionOnceCallback completion_callback, int error) {
1687 new_response = std::make_unique<ResolveHostResponseHelper>(
1688 resolver_->CreateRequest(
1689 HostPortPair("evictor", 80), NetworkAnonymizationKey(),
1690 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1691 resolve_context_->host_cache()));
1692 std::move(completion_callback).Run(error);
1693 });
1694
1695 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1696 HostPortPair("initial", 80), NetworkAnonymizationKey(),
1697 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1698 resolve_context_->host_cache()));
1699 ResolveHostResponseHelper evictee_response(
1700 resolver_->CreateRequest(HostPortPair("evictee", 80),
1701 NetworkAnonymizationKey(), NetLogWithSource(),
1702 absl::nullopt, resolve_context_.get(),
1703 resolve_context_->host_cache()),
1704 std::move(custom_callback));
1705 ResolveHostResponseHelper additional_response(resolver_->CreateRequest(
1706 HostPortPair("additional", 80), NetworkAnonymizationKey(),
1707 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1708 resolve_context_->host_cache()));
1709
1710 // Now one running request ("initial") and two queued requests ("evictee" and
1711 // "additional"). Any further requests will cause evictions.
1712 ResolveHostResponseHelper evictor_response(resolver_->CreateRequest(
1713 HostPortPair("evictor", 80), NetworkAnonymizationKey(),
1714 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
1715 resolve_context_->host_cache()));
1716 EXPECT_THAT(evictee_response.result_error(),
1717 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1718
1719 // Second "evictor" should be joined with the first and not evict "additional"
1720
1721 // Only 3 proc requests because both "evictor" requests are combined.
1722 proc_->SignalMultiple(3u);
1723
1724 EXPECT_THAT(initial_response.result_error(), IsOk());
1725 EXPECT_THAT(additional_response.result_error(), IsOk());
1726 EXPECT_THAT(evictor_response.result_error(), IsOk());
1727 EXPECT_THAT(new_response->result_error(), IsOk());
1728 }
1729
TEST_F(HostResolverManagerTest,BypassCache)1730 TEST_F(HostResolverManagerTest, BypassCache) {
1731 proc_->SignalMultiple(2u);
1732
1733 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1734 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1735 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
1736 EXPECT_THAT(initial_response.result_error(), IsOk());
1737 EXPECT_EQ(1u, proc_->GetCaptureList().size());
1738
1739 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
1740 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1741 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
1742 EXPECT_THAT(cached_response.result_error(), IsOk());
1743 // Expect no increase to calls to |proc_| because result was cached.
1744 EXPECT_EQ(1u, proc_->GetCaptureList().size());
1745
1746 HostResolver::ResolveHostParameters parameters;
1747 parameters.cache_usage =
1748 HostResolver::ResolveHostParameters::CacheUsage::DISALLOWED;
1749 ResolveHostResponseHelper cache_bypassed_response(resolver_->CreateRequest(
1750 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1751 parameters, resolve_context_.get(), resolve_context_->host_cache()));
1752 EXPECT_THAT(cache_bypassed_response.result_error(), IsOk());
1753 // Expect call to |proc_| because cache was bypassed.
1754 EXPECT_EQ(2u, proc_->GetCaptureList().size());
1755 }
1756
FlushCacheOnIPAddressChangeTest(bool is_async)1757 void HostResolverManagerTest::FlushCacheOnIPAddressChangeTest(bool is_async) {
1758 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1759 true /* ipv6_reachable */,
1760 true /* check_ipv6_on_wifi */, is_async);
1761 proc_->SignalMultiple(2u); // One before the flush, one after.
1762
1763 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1764 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
1765 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
1766 EXPECT_THAT(initial_response.result_error(), IsOk());
1767 EXPECT_EQ(1u, proc_->GetCaptureList().size());
1768
1769 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
1770 HostPortPair("host1", 75), NetworkAnonymizationKey(), NetLogWithSource(),
1771 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
1772 EXPECT_THAT(cached_response.result_error(), IsOk());
1773 EXPECT_EQ(1u, proc_->GetCaptureList().size()); // No expected increase.
1774
1775 // Flush cache by triggering an IP address change.
1776 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1777 base::RunLoop().RunUntilIdle(); // Notification happens async.
1778
1779 // Resolve "host1" again -- this time it won't be served from cache, so it
1780 // will complete asynchronously.
1781 ResolveHostResponseHelper flushed_response(resolver_->CreateRequest(
1782 HostPortPair("host1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1783 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
1784 EXPECT_THAT(flushed_response.result_error(), IsOk());
1785 EXPECT_EQ(2u, proc_->GetCaptureList().size()); // Expected increase.
1786 }
1787
1788 // Test that IP address changes flush the cache but initial DNS config reads
1789 // do not.
TEST_F(HostResolverManagerTest,FlushCacheOnIPAddressChangeAsync)1790 TEST_F(HostResolverManagerTest, FlushCacheOnIPAddressChangeAsync) {
1791 FlushCacheOnIPAddressChangeTest(true);
1792 }
TEST_F(HostResolverManagerTest,FlushCacheOnIPAddressChangeSync)1793 TEST_F(HostResolverManagerTest, FlushCacheOnIPAddressChangeSync) {
1794 FlushCacheOnIPAddressChangeTest(false);
1795 }
1796
AbortOnIPAddressChangedTest(bool is_async)1797 void HostResolverManagerTest::AbortOnIPAddressChangedTest(bool is_async) {
1798 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1799 true /* ipv6_reachable */,
1800 true /* check_ipv6_on_wifi */, is_async);
1801 ResolveHostResponseHelper response(resolver_->CreateRequest(
1802 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
1803 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
1804
1805 ASSERT_FALSE(response.complete());
1806 if (is_async) {
1807 base::RunLoop().RunUntilIdle();
1808 }
1809 ASSERT_TRUE(proc_->WaitFor(1u));
1810
1811 // Triggering an IP address change.
1812 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1813 base::RunLoop().RunUntilIdle(); // Notification happens async.
1814 proc_->SignalAll();
1815
1816 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
1817 EXPECT_THAT(response.request()->GetAddressResults(),
1818 AnyOf(nullptr, Pointee(IsEmpty())));
1819 EXPECT_THAT(response.request()->GetEndpointResults(),
1820 AnyOf(nullptr, Pointee(IsEmpty())));
1821 EXPECT_EQ(0u, resolve_context_->host_cache()->size());
1822 }
1823
1824 // Test that IP address changes send ERR_NETWORK_CHANGED to pending requests.
TEST_F(HostResolverManagerTest,AbortOnIPAddressChangedAsync)1825 TEST_F(HostResolverManagerTest, AbortOnIPAddressChangedAsync) {
1826 AbortOnIPAddressChangedTest(true);
1827 }
TEST_F(HostResolverManagerTest,AbortOnIPAddressChangedSync)1828 TEST_F(HostResolverManagerTest, AbortOnIPAddressChangedSync) {
1829 AbortOnIPAddressChangedTest(false);
1830 }
1831
1832 // Obey pool constraints after IP address has changed.
TEST_F(HostResolverManagerTest,ObeyPoolConstraintsAfterIPAddressChange)1833 TEST_F(HostResolverManagerTest, ObeyPoolConstraintsAfterIPAddressChange) {
1834 // Runs at most one job at a time.
1835 CreateSerialResolver();
1836
1837 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1838 responses.emplace_back(
1839 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1840 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1841 absl::nullopt, resolve_context_.get(),
1842 resolve_context_->host_cache())));
1843 responses.emplace_back(
1844 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1845 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1846 absl::nullopt, resolve_context_.get(),
1847 resolve_context_->host_cache())));
1848 responses.emplace_back(
1849 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1850 HostPortPair("c", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1851 absl::nullopt, resolve_context_.get(),
1852 resolve_context_->host_cache())));
1853
1854 for (auto& response : responses) {
1855 ASSERT_FALSE(response->complete());
1856 }
1857 ASSERT_TRUE(proc_->WaitFor(1u));
1858
1859 // Triggering an IP address change.
1860 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1861 base::RunLoop().RunUntilIdle(); // Notification happens async.
1862 proc_->SignalMultiple(3u); // Let the false-start go so that we can catch it.
1863
1864 // Requests should complete one at a time, with the first failing.
1865 EXPECT_THAT(responses[0]->result_error(), IsError(ERR_NETWORK_CHANGED));
1866 EXPECT_EQ(1u, num_running_dispatcher_jobs());
1867 EXPECT_FALSE(responses[1]->complete());
1868 EXPECT_FALSE(responses[2]->complete());
1869
1870 EXPECT_THAT(responses[1]->result_error(), IsOk());
1871 EXPECT_EQ(1u, num_running_dispatcher_jobs());
1872 EXPECT_FALSE(responses[2]->complete());
1873
1874 EXPECT_THAT(responses[2]->result_error(), IsOk());
1875 }
1876
AbortOnlyExistingRequestsOnIPAddressChangeTest(bool is_async)1877 void HostResolverManagerTest::AbortOnlyExistingRequestsOnIPAddressChangeTest(
1878 bool is_async) {
1879 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1880 true /* ipv6_reachable */,
1881 true /* check_ipv6_on_wifi */, is_async);
1882 auto custom_callback_template = base::BindLambdaForTesting(
1883 [&](const HostPortPair& next_host,
1884 std::unique_ptr<ResolveHostResponseHelper>* next_response,
1885 CompletionOnceCallback completion_callback, int error) {
1886 *next_response = std::make_unique<ResolveHostResponseHelper>(
1887 resolver_->CreateRequest(next_host, NetworkAnonymizationKey(),
1888 NetLogWithSource(), absl::nullopt,
1889 resolve_context_.get(),
1890 resolve_context_->host_cache()));
1891 std::move(completion_callback).Run(error);
1892 });
1893
1894 std::vector<std::unique_ptr<ResolveHostResponseHelper>> next_responses(3);
1895
1896 ResolveHostResponseHelper response0(
1897 resolver_->CreateRequest(HostPortPair("bbb", 80),
1898 NetworkAnonymizationKey(), NetLogWithSource(),
1899 absl::nullopt, resolve_context_.get(),
1900 resolve_context_->host_cache()),
1901 base::BindOnce(custom_callback_template, HostPortPair("zzz", 80),
1902 &next_responses[0]));
1903
1904 ResolveHostResponseHelper response1(
1905 resolver_->CreateRequest(HostPortPair("eee", 80),
1906 NetworkAnonymizationKey(), NetLogWithSource(),
1907 absl::nullopt, resolve_context_.get(),
1908 resolve_context_->host_cache()),
1909 base::BindOnce(custom_callback_template, HostPortPair("aaa", 80),
1910 &next_responses[1]));
1911
1912 ResolveHostResponseHelper response2(
1913 resolver_->CreateRequest(HostPortPair("ccc", 80),
1914 NetworkAnonymizationKey(), NetLogWithSource(),
1915 absl::nullopt, resolve_context_.get(),
1916 resolve_context_->host_cache()),
1917 base::BindOnce(custom_callback_template, HostPortPair("eee", 80),
1918 &next_responses[2]));
1919
1920 if (is_async) {
1921 base::RunLoop().RunUntilIdle();
1922 }
1923 // Wait until all are blocked;
1924 ASSERT_TRUE(proc_->WaitFor(3u));
1925
1926 // Trigger an IP address change.
1927 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1928 // This should abort all running jobs.
1929 base::RunLoop().RunUntilIdle();
1930
1931 EXPECT_THAT(response0.result_error(), IsError(ERR_NETWORK_CHANGED));
1932 EXPECT_THAT(response1.result_error(), IsError(ERR_NETWORK_CHANGED));
1933 EXPECT_THAT(response2.result_error(), IsError(ERR_NETWORK_CHANGED));
1934
1935 EXPECT_FALSE(next_responses[0]->complete());
1936 EXPECT_FALSE(next_responses[1]->complete());
1937 EXPECT_FALSE(next_responses[2]->complete());
1938
1939 // Unblock all calls to proc.
1940 proc_->SignalMultiple(6u);
1941
1942 // Run until the re-started requests finish.
1943 EXPECT_THAT(next_responses[0]->result_error(), IsOk());
1944 EXPECT_THAT(next_responses[1]->result_error(), IsOk());
1945 EXPECT_THAT(next_responses[2]->result_error(), IsOk());
1946
1947 // Verify that results of aborted Jobs were not cached.
1948 EXPECT_EQ(6u, proc_->GetCaptureList().size());
1949 EXPECT_EQ(3u, resolve_context_->host_cache()->size());
1950 }
1951 // Tests that a new Request made from the callback of a previously aborted one
1952 // will not be aborted.
TEST_F(HostResolverManagerTest,AbortOnlyExistingRequestsOnIPAddressChangeAsync)1953 TEST_F(HostResolverManagerTest,
1954 AbortOnlyExistingRequestsOnIPAddressChangeAsync) {
1955 AbortOnlyExistingRequestsOnIPAddressChangeTest(true);
1956 }
TEST_F(HostResolverManagerTest,AbortOnlyExistingRequestsOnIPAddressChangeSync)1957 TEST_F(HostResolverManagerTest,
1958 AbortOnlyExistingRequestsOnIPAddressChangeSync) {
1959 AbortOnlyExistingRequestsOnIPAddressChangeTest(false);
1960 }
1961
1962 // Tests that when the maximum threads is set to 1, requests are dequeued
1963 // in order of priority.
TEST_F(HostResolverManagerTest,HigherPriorityRequestsStartedFirst)1964 TEST_F(HostResolverManagerTest, HigherPriorityRequestsStartedFirst) {
1965 CreateSerialResolver();
1966
1967 HostResolver::ResolveHostParameters low_priority;
1968 low_priority.initial_priority = LOW;
1969 HostResolver::ResolveHostParameters medium_priority;
1970 medium_priority.initial_priority = MEDIUM;
1971 HostResolver::ResolveHostParameters highest_priority;
1972 highest_priority.initial_priority = HIGHEST;
1973
1974 // Note that at this point the MockHostResolverProc is blocked, so any
1975 // requests we make will not complete.
1976
1977 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1978 responses.emplace_back(
1979 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1980 HostPortPair("req0", 80), NetworkAnonymizationKey(),
1981 NetLogWithSource(), low_priority, resolve_context_.get(),
1982 resolve_context_->host_cache())));
1983 responses.emplace_back(
1984 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1985 HostPortPair("req1", 80), NetworkAnonymizationKey(),
1986 NetLogWithSource(), medium_priority, resolve_context_.get(),
1987 resolve_context_->host_cache())));
1988 responses.emplace_back(
1989 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1990 HostPortPair("req2", 80), NetworkAnonymizationKey(),
1991 NetLogWithSource(), medium_priority, resolve_context_.get(),
1992 resolve_context_->host_cache())));
1993 responses.emplace_back(
1994 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1995 HostPortPair("req3", 80), NetworkAnonymizationKey(),
1996 NetLogWithSource(), low_priority, resolve_context_.get(),
1997 resolve_context_->host_cache())));
1998 responses.emplace_back(
1999 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2000 HostPortPair("req4", 80), NetworkAnonymizationKey(),
2001 NetLogWithSource(), highest_priority, resolve_context_.get(),
2002 resolve_context_->host_cache())));
2003 responses.emplace_back(
2004 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2005 HostPortPair("req5", 80), NetworkAnonymizationKey(),
2006 NetLogWithSource(), low_priority, resolve_context_.get(),
2007 resolve_context_->host_cache())));
2008 responses.emplace_back(
2009 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2010 HostPortPair("req6", 80), NetworkAnonymizationKey(),
2011 NetLogWithSource(), low_priority, resolve_context_.get(),
2012 resolve_context_->host_cache())));
2013 responses.emplace_back(
2014 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2015 HostPortPair("req5", 80), NetworkAnonymizationKey(),
2016 NetLogWithSource(), highest_priority, resolve_context_.get(),
2017 resolve_context_->host_cache())));
2018
2019 for (const auto& response : responses) {
2020 ASSERT_FALSE(response->complete());
2021 }
2022
2023 // Unblock the resolver thread so the requests can run.
2024 proc_->SignalMultiple(responses.size()); // More than needed.
2025
2026 // Wait for all the requests to complete successfully.
2027 for (auto& response : responses) {
2028 EXPECT_THAT(response->result_error(), IsOk());
2029 }
2030
2031 // Since we have restricted to a single concurrent thread in the jobpool,
2032 // the requests should complete in order of priority (with the exception
2033 // of the first request, which gets started right away, since there is
2034 // nothing outstanding).
2035 MockHostResolverProc::CaptureList capture_list = proc_->GetCaptureList();
2036 ASSERT_EQ(7u, capture_list.size());
2037
2038 EXPECT_EQ("req0", capture_list[0].hostname);
2039 EXPECT_EQ("req4", capture_list[1].hostname);
2040 EXPECT_EQ("req5", capture_list[2].hostname);
2041 EXPECT_EQ("req1", capture_list[3].hostname);
2042 EXPECT_EQ("req2", capture_list[4].hostname);
2043 EXPECT_EQ("req3", capture_list[5].hostname);
2044 EXPECT_EQ("req6", capture_list[6].hostname);
2045 }
2046
ChangePriorityTest(bool is_async)2047 void HostResolverManagerTest::ChangePriorityTest(bool is_async) {
2048 CreateSerialResolver(true /* check_ipv6_on_wifi */, true /* ipv6_reachable */,
2049 is_async);
2050
2051 HostResolver::ResolveHostParameters lowest_priority;
2052 lowest_priority.initial_priority = LOWEST;
2053 HostResolver::ResolveHostParameters low_priority;
2054 low_priority.initial_priority = LOW;
2055 HostResolver::ResolveHostParameters medium_priority;
2056 medium_priority.initial_priority = MEDIUM;
2057
2058 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
2059 responses.emplace_back(
2060 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2061 HostPortPair("req0", 80), NetworkAnonymizationKey(),
2062 NetLogWithSource(), medium_priority, resolve_context_.get(),
2063 resolve_context_->host_cache())));
2064 responses.emplace_back(
2065 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2066 HostPortPair("req1", 80), NetworkAnonymizationKey(),
2067 NetLogWithSource(), low_priority, resolve_context_.get(),
2068 resolve_context_->host_cache())));
2069 responses.emplace_back(
2070 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2071 HostPortPair("req2", 80), NetworkAnonymizationKey(),
2072 NetLogWithSource(), lowest_priority, resolve_context_.get(),
2073 resolve_context_->host_cache())));
2074
2075 // req0 starts immediately; without ChangePriority, req1 and then req2 should
2076 // run.
2077 for (const auto& response : responses) {
2078 ASSERT_FALSE(response->complete());
2079 }
2080
2081 // Changing req2 to HIGHEST should make it run before req1.
2082 // (It can't run before req0, since req0 started immediately.)
2083 responses[2]->request()->ChangeRequestPriority(HIGHEST);
2084
2085 // Let all 3 requests finish.
2086 proc_->SignalMultiple(3u);
2087
2088 for (auto& response : responses) {
2089 EXPECT_THAT(response->result_error(), IsOk());
2090 }
2091
2092 MockHostResolverProc::CaptureList capture_list = proc_->GetCaptureList();
2093 ASSERT_EQ(3u, capture_list.size());
2094
2095 EXPECT_EQ("req0", capture_list[0].hostname);
2096 EXPECT_EQ("req2", capture_list[1].hostname);
2097 EXPECT_EQ("req1", capture_list[2].hostname);
2098 }
2099
2100 // Test that changing a job's priority affects the dequeueing order.
TEST_F(HostResolverManagerTest,ChangePriorityAsync)2101 TEST_F(HostResolverManagerTest, ChangePriorityAsync) {
2102 ChangePriorityTest(true);
2103 }
2104
TEST_F(HostResolverManagerTest,ChangePrioritySync)2105 TEST_F(HostResolverManagerTest, ChangePrioritySync) {
2106 ChangePriorityTest(false);
2107 }
2108
2109 // Try cancelling a job which has not started yet.
TEST_F(HostResolverManagerTest,CancelPendingRequest)2110 TEST_F(HostResolverManagerTest, CancelPendingRequest) {
2111 CreateSerialResolver();
2112
2113 HostResolver::ResolveHostParameters lowest_priority;
2114 lowest_priority.initial_priority = LOWEST;
2115 HostResolver::ResolveHostParameters low_priority;
2116 low_priority.initial_priority = LOW;
2117 HostResolver::ResolveHostParameters medium_priority;
2118 medium_priority.initial_priority = MEDIUM;
2119 HostResolver::ResolveHostParameters highest_priority;
2120 highest_priority.initial_priority = HIGHEST;
2121
2122 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
2123 responses.emplace_back(
2124 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2125 HostPortPair("req0", 80), NetworkAnonymizationKey(),
2126 NetLogWithSource(), lowest_priority, resolve_context_.get(),
2127 resolve_context_->host_cache())));
2128 responses.emplace_back(
2129 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2130 HostPortPair("req1", 80), NetworkAnonymizationKey(),
2131 NetLogWithSource(), highest_priority, resolve_context_.get(),
2132 resolve_context_->host_cache())));
2133 responses.emplace_back(
2134 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2135 HostPortPair("req2", 80), NetworkAnonymizationKey(),
2136 NetLogWithSource(), medium_priority, resolve_context_.get(),
2137 resolve_context_->host_cache())));
2138 responses.emplace_back(
2139 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2140 HostPortPair("req3", 80), NetworkAnonymizationKey(),
2141 NetLogWithSource(), low_priority, resolve_context_.get(),
2142 resolve_context_->host_cache())));
2143 responses.emplace_back(
2144 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2145 HostPortPair("req4", 80), NetworkAnonymizationKey(),
2146 NetLogWithSource(), highest_priority, resolve_context_.get(),
2147 resolve_context_->host_cache())));
2148 responses.emplace_back(
2149 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2150 HostPortPair("req5", 80), NetworkAnonymizationKey(),
2151 NetLogWithSource(), lowest_priority, resolve_context_.get(),
2152 resolve_context_->host_cache())));
2153 responses.emplace_back(
2154 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2155 HostPortPair("req6", 80), NetworkAnonymizationKey(),
2156 NetLogWithSource(), medium_priority, resolve_context_.get(),
2157 resolve_context_->host_cache())));
2158
2159 // Cancel some requests
2160 responses[1]->CancelRequest();
2161 responses[4]->CancelRequest();
2162 responses[5]->CancelRequest();
2163
2164 // Unblock the resolver thread so the requests can run.
2165 proc_->SignalMultiple(responses.size()); // More than needed.
2166
2167 // Let everything try to finish.
2168 base::RunLoop().RunUntilIdle();
2169
2170 // Wait for all the requests to complete succesfully.
2171 EXPECT_THAT(responses[0]->result_error(), IsOk());
2172 EXPECT_THAT(responses[2]->result_error(), IsOk());
2173 EXPECT_THAT(responses[3]->result_error(), IsOk());
2174 EXPECT_THAT(responses[6]->result_error(), IsOk());
2175
2176 // Cancelled requests shouldn't complete.
2177 EXPECT_FALSE(responses[1]->complete());
2178 EXPECT_FALSE(responses[4]->complete());
2179 EXPECT_FALSE(responses[5]->complete());
2180
2181 // Verify that they called out to the resolver proc (which runs on the
2182 // resolver thread) in the expected order.
2183 MockHostResolverProc::CaptureList capture_list = proc_->GetCaptureList();
2184 ASSERT_EQ(4u, capture_list.size());
2185
2186 EXPECT_EQ("req0", capture_list[0].hostname);
2187 EXPECT_EQ("req2", capture_list[1].hostname);
2188 EXPECT_EQ("req6", capture_list[2].hostname);
2189 EXPECT_EQ("req3", capture_list[3].hostname);
2190 }
2191
2192 // Test that when too many requests are enqueued, old ones start to be aborted.
TEST_F(HostResolverManagerTest,QueueOverflow)2193 TEST_F(HostResolverManagerTest, QueueOverflow) {
2194 CreateSerialResolver();
2195
2196 // Allow only 3 queued jobs.
2197 const size_t kMaxPendingJobs = 3u;
2198 resolver_->SetMaxQueuedJobsForTesting(kMaxPendingJobs);
2199
2200 HostResolver::ResolveHostParameters lowest_priority;
2201 lowest_priority.initial_priority = LOWEST;
2202 HostResolver::ResolveHostParameters low_priority;
2203 low_priority.initial_priority = LOW;
2204 HostResolver::ResolveHostParameters medium_priority;
2205 medium_priority.initial_priority = MEDIUM;
2206 HostResolver::ResolveHostParameters highest_priority;
2207 highest_priority.initial_priority = HIGHEST;
2208
2209 // Note that at this point the MockHostResolverProc is blocked, so any
2210 // requests we make will not complete.
2211
2212 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
2213 responses.emplace_back(
2214 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2215 HostPortPair("req0", 80), NetworkAnonymizationKey(),
2216 NetLogWithSource(), lowest_priority, resolve_context_.get(),
2217 resolve_context_->host_cache())));
2218 responses.emplace_back(
2219 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2220 HostPortPair("req1", 80), NetworkAnonymizationKey(),
2221 NetLogWithSource(), highest_priority, resolve_context_.get(),
2222 resolve_context_->host_cache())));
2223 responses.emplace_back(
2224 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2225 HostPortPair("req2", 80), NetworkAnonymizationKey(),
2226 NetLogWithSource(), medium_priority, resolve_context_.get(),
2227 resolve_context_->host_cache())));
2228 responses.emplace_back(
2229 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2230 HostPortPair("req3", 80), NetworkAnonymizationKey(),
2231 NetLogWithSource(), medium_priority, resolve_context_.get(),
2232 resolve_context_->host_cache())));
2233
2234 // At this point, there are 3 enqueued jobs (and one "running" job).
2235 // Insertion of subsequent requests will cause evictions.
2236
2237 responses.emplace_back(
2238 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2239 HostPortPair("req4", 80), NetworkAnonymizationKey(),
2240 NetLogWithSource(), low_priority, resolve_context_.get(),
2241 resolve_context_->host_cache())));
2242 EXPECT_THAT(responses[4]->result_error(),
2243 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE)); // Evicts self.
2244 EXPECT_THAT(responses[4]->request()->GetAddressResults(),
2245 AnyOf(nullptr, Pointee(IsEmpty())));
2246 EXPECT_THAT(responses[4]->request()->GetEndpointResults(),
2247 AnyOf(nullptr, Pointee(IsEmpty())));
2248
2249 responses.emplace_back(
2250 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2251 HostPortPair("req5", 80), NetworkAnonymizationKey(),
2252 NetLogWithSource(), medium_priority, resolve_context_.get(),
2253 resolve_context_->host_cache())));
2254 EXPECT_THAT(responses[2]->result_error(),
2255 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
2256 EXPECT_THAT(responses[2]->request()->GetAddressResults(),
2257 AnyOf(nullptr, Pointee(IsEmpty())));
2258 EXPECT_THAT(responses[2]->request()->GetEndpointResults(),
2259 AnyOf(nullptr, Pointee(IsEmpty())));
2260
2261 responses.emplace_back(
2262 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2263 HostPortPair("req6", 80), NetworkAnonymizationKey(),
2264 NetLogWithSource(), highest_priority, resolve_context_.get(),
2265 resolve_context_->host_cache())));
2266 EXPECT_THAT(responses[3]->result_error(),
2267 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
2268 EXPECT_THAT(responses[3]->request()->GetAddressResults(),
2269 AnyOf(nullptr, Pointee(IsEmpty())));
2270 EXPECT_THAT(responses[3]->request()->GetEndpointResults(),
2271 AnyOf(nullptr, Pointee(IsEmpty())));
2272
2273 responses.emplace_back(
2274 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
2275 HostPortPair("req7", 80), NetworkAnonymizationKey(),
2276 NetLogWithSource(), medium_priority, resolve_context_.get(),
2277 resolve_context_->host_cache())));
2278 EXPECT_THAT(responses[5]->result_error(),
2279 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
2280 EXPECT_THAT(responses[5]->request()->GetAddressResults(),
2281 AnyOf(nullptr, Pointee(IsEmpty())));
2282 EXPECT_THAT(responses[5]->request()->GetEndpointResults(),
2283 AnyOf(nullptr, Pointee(IsEmpty())));
2284
2285 // Unblock the resolver thread so the requests can run.
2286 proc_->SignalMultiple(4u);
2287
2288 // The rest should succeed.
2289 EXPECT_THAT(responses[0]->result_error(), IsOk());
2290 EXPECT_TRUE(responses[0]->request()->GetAddressResults());
2291 EXPECT_TRUE(responses[0]->request()->GetEndpointResults());
2292 EXPECT_THAT(responses[1]->result_error(), IsOk());
2293 EXPECT_TRUE(responses[1]->request()->GetAddressResults());
2294 EXPECT_TRUE(responses[1]->request()->GetEndpointResults());
2295 EXPECT_THAT(responses[6]->result_error(), IsOk());
2296 EXPECT_TRUE(responses[6]->request()->GetAddressResults());
2297 EXPECT_TRUE(responses[6]->request()->GetEndpointResults());
2298 EXPECT_THAT(responses[7]->result_error(), IsOk());
2299 EXPECT_TRUE(responses[7]->request()->GetAddressResults());
2300 EXPECT_TRUE(responses[7]->request()->GetEndpointResults());
2301
2302 // Verify that they called out the the resolver proc (which runs on the
2303 // resolver thread) in the expected order.
2304 MockHostResolverProc::CaptureList capture_list = proc_->GetCaptureList();
2305 ASSERT_EQ(4u, capture_list.size());
2306
2307 EXPECT_EQ("req0", capture_list[0].hostname);
2308 EXPECT_EQ("req1", capture_list[1].hostname);
2309 EXPECT_EQ("req6", capture_list[2].hostname);
2310 EXPECT_EQ("req7", capture_list[3].hostname);
2311
2312 // Verify that the evicted (incomplete) requests were not cached.
2313 EXPECT_EQ(4u, resolve_context_->host_cache()->size());
2314
2315 for (size_t i = 0; i < responses.size(); ++i) {
2316 EXPECT_TRUE(responses[i]->complete()) << i;
2317 }
2318 }
2319
2320 // Tests that jobs can self-evict by setting the max queue to 0.
TEST_F(HostResolverManagerTest,QueueOverflow_SelfEvict)2321 TEST_F(HostResolverManagerTest, QueueOverflow_SelfEvict) {
2322 CreateSerialResolver();
2323 resolver_->SetMaxQueuedJobsForTesting(0);
2324
2325 // Note that at this point the MockHostResolverProc is blocked, so any
2326 // requests we make will not complete.
2327
2328 ResolveHostResponseHelper run_response(resolver_->CreateRequest(
2329 HostPortPair("run", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2330 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
2331
2332 ResolveHostResponseHelper evict_response(resolver_->CreateRequest(
2333 HostPortPair("req1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2334 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
2335 EXPECT_THAT(evict_response.result_error(),
2336 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
2337 EXPECT_THAT(evict_response.request()->GetAddressResults(),
2338 AnyOf(nullptr, Pointee(IsEmpty())));
2339 EXPECT_THAT(evict_response.request()->GetEndpointResults(),
2340 AnyOf(nullptr, Pointee(IsEmpty())));
2341
2342 proc_->SignalMultiple(1u);
2343
2344 EXPECT_THAT(run_response.result_error(), IsOk());
2345 EXPECT_TRUE(run_response.request()->GetAddressResults());
2346 EXPECT_TRUE(run_response.request()->GetEndpointResults());
2347 }
2348
2349 // Make sure that the dns query type parameter is respected when raw IPs are
2350 // passed in.
TEST_F(HostResolverManagerTest,AddressFamilyWithRawIPs)2351 TEST_F(HostResolverManagerTest, AddressFamilyWithRawIPs) {
2352 HostResolver::ResolveHostParameters v4_parameters;
2353 v4_parameters.dns_query_type = DnsQueryType::A;
2354
2355 HostResolver::ResolveHostParameters v6_parameters;
2356 v6_parameters.dns_query_type = DnsQueryType::AAAA;
2357
2358 ResolveHostResponseHelper v4_v4_request(resolver_->CreateRequest(
2359 HostPortPair("127.0.0.1", 80), NetworkAnonymizationKey(),
2360 NetLogWithSource(), v4_parameters, resolve_context_.get(),
2361 resolve_context_->host_cache()));
2362 EXPECT_THAT(v4_v4_request.result_error(), IsOk());
2363 EXPECT_THAT(v4_v4_request.request()->GetAddressResults()->endpoints(),
2364 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
2365 EXPECT_THAT(
2366 v4_v4_request.request()->GetEndpointResults(),
2367 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2368 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
2369
2370 ResolveHostResponseHelper v4_v6_request(resolver_->CreateRequest(
2371 HostPortPair("127.0.0.1", 80), NetworkAnonymizationKey(),
2372 NetLogWithSource(), v6_parameters, resolve_context_.get(),
2373 resolve_context_->host_cache()));
2374 EXPECT_THAT(v4_v6_request.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2375
2376 ResolveHostResponseHelper v4_unsp_request(resolver_->CreateRequest(
2377 HostPortPair("127.0.0.1", 80), NetworkAnonymizationKey(),
2378 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2379 resolve_context_->host_cache()));
2380 EXPECT_THAT(v4_unsp_request.result_error(), IsOk());
2381 EXPECT_THAT(v4_unsp_request.request()->GetAddressResults()->endpoints(),
2382 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
2383 EXPECT_THAT(
2384 v4_unsp_request.request()->GetEndpointResults(),
2385 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2386 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
2387
2388 ResolveHostResponseHelper v6_v4_request(resolver_->CreateRequest(
2389 HostPortPair("::1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2390 v4_parameters, resolve_context_.get(), resolve_context_->host_cache()));
2391 EXPECT_THAT(v6_v4_request.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2392
2393 ResolveHostResponseHelper v6_v6_request(resolver_->CreateRequest(
2394 HostPortPair("::1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2395 v6_parameters, resolve_context_.get(), resolve_context_->host_cache()));
2396 EXPECT_THAT(v6_v6_request.result_error(), IsOk());
2397 EXPECT_THAT(v6_v6_request.request()->GetAddressResults()->endpoints(),
2398 testing::ElementsAre(CreateExpected("::1", 80)));
2399 EXPECT_THAT(
2400 v6_v6_request.request()->GetEndpointResults(),
2401 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2402 testing::ElementsAre(CreateExpected("::1", 80))))));
2403
2404 ResolveHostResponseHelper v6_unsp_request(resolver_->CreateRequest(
2405 HostPortPair("::1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2406 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
2407 EXPECT_THAT(v6_unsp_request.result_error(), IsOk());
2408 EXPECT_THAT(v6_unsp_request.request()->GetAddressResults()->endpoints(),
2409 testing::ElementsAre(CreateExpected("::1", 80)));
2410 EXPECT_THAT(
2411 v6_unsp_request.request()->GetEndpointResults(),
2412 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2413 testing::ElementsAre(CreateExpected("::1", 80))))));
2414 }
2415
TEST_F(HostResolverManagerTest,LocalOnly_FromCache)2416 TEST_F(HostResolverManagerTest, LocalOnly_FromCache) {
2417 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
2418 proc_->SignalMultiple(1u); // Need only one.
2419
2420 HostResolver::ResolveHostParameters source_none_parameters;
2421 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2422
2423 // First NONE query expected to complete synchronously with a cache miss.
2424 ResolveHostResponseHelper cache_miss_request(resolver_->CreateRequest(
2425 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2426 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
2427 resolve_context_->host_cache()));
2428 EXPECT_TRUE(cache_miss_request.complete());
2429 EXPECT_THAT(cache_miss_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
2430 EXPECT_THAT(cache_miss_request.request()->GetAddressResults(),
2431 AnyOf(nullptr, Pointee(IsEmpty())));
2432 EXPECT_THAT(cache_miss_request.request()->GetEndpointResults(),
2433 AnyOf(nullptr, Pointee(IsEmpty())));
2434 EXPECT_FALSE(cache_miss_request.request()->GetStaleInfo());
2435
2436 // Normal query to populate the cache.
2437 ResolveHostResponseHelper normal_request(resolver_->CreateRequest(
2438 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2439 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2440 resolve_context_->host_cache()));
2441 EXPECT_THAT(normal_request.result_error(), IsOk());
2442 EXPECT_FALSE(normal_request.request()->GetStaleInfo());
2443
2444 // Second NONE query expected to complete synchronously with cache hit.
2445 ResolveHostResponseHelper cache_hit_request(resolver_->CreateRequest(
2446 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2447 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
2448 resolve_context_->host_cache()));
2449 EXPECT_TRUE(cache_hit_request.complete());
2450 EXPECT_THAT(cache_hit_request.result_error(), IsOk());
2451 EXPECT_THAT(cache_hit_request.request()->GetAddressResults()->endpoints(),
2452 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
2453 EXPECT_THAT(
2454 cache_hit_request.request()->GetEndpointResults(),
2455 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2456 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
2457 EXPECT_FALSE(cache_hit_request.request()->GetStaleInfo().value().is_stale());
2458 }
2459
TEST_F(HostResolverManagerTest,LocalOnly_StaleEntry)2460 TEST_F(HostResolverManagerTest, LocalOnly_StaleEntry) {
2461 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
2462 proc_->SignalMultiple(1u); // Need only one.
2463
2464 HostResolver::ResolveHostParameters source_none_parameters;
2465 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2466
2467 // First NONE query expected to complete synchronously with a cache miss.
2468 ResolveHostResponseHelper cache_miss_request(resolver_->CreateRequest(
2469 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2470 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
2471 resolve_context_->host_cache()));
2472 EXPECT_TRUE(cache_miss_request.complete());
2473 EXPECT_THAT(cache_miss_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
2474 EXPECT_THAT(cache_miss_request.request()->GetAddressResults(),
2475 AnyOf(nullptr, Pointee(IsEmpty())));
2476 EXPECT_THAT(cache_miss_request.request()->GetEndpointResults(),
2477 AnyOf(nullptr, Pointee(IsEmpty())));
2478 EXPECT_FALSE(cache_miss_request.request()->GetStaleInfo());
2479
2480 // Normal query to populate the cache.
2481 ResolveHostResponseHelper normal_request(resolver_->CreateRequest(
2482 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2483 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2484 resolve_context_->host_cache()));
2485 EXPECT_THAT(normal_request.result_error(), IsOk());
2486 EXPECT_FALSE(normal_request.request()->GetStaleInfo());
2487
2488 MakeCacheStale();
2489
2490 // Second NONE query still expected to complete synchronously with cache miss.
2491 ResolveHostResponseHelper stale_request(resolver_->CreateRequest(
2492 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2493 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
2494 resolve_context_->host_cache()));
2495 EXPECT_TRUE(stale_request.complete());
2496 EXPECT_THAT(stale_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
2497 EXPECT_THAT(stale_request.request()->GetAddressResults(),
2498 AnyOf(nullptr, Pointee(IsEmpty())));
2499 EXPECT_THAT(stale_request.request()->GetEndpointResults(),
2500 AnyOf(nullptr, Pointee(IsEmpty())));
2501 EXPECT_FALSE(stale_request.request()->GetStaleInfo());
2502 }
2503
LocalOnlyFromIpTest(bool is_async)2504 void HostResolverManagerTest::LocalOnlyFromIpTest(bool is_async) {
2505 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
2506 true /* ipv6_reachable */,
2507 true /* check_ipv6_on_wifi */, is_async);
2508 HostResolver::ResolveHostParameters source_none_parameters;
2509 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2510
2511 ResolveHostResponseHelper response(resolver_->CreateRequest(
2512 HostPortPair("1.2.3.4", 56), NetworkAnonymizationKey(),
2513 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
2514 resolve_context_->host_cache()));
2515
2516 // If IPv6 reachability is asynchronous, the first request will return
2517 // NAME_NOT_RESOLVED. Do a second request to confirm that it returns OK once
2518 // reachability check completes.
2519 if (is_async) {
2520 // Expected to resolve synchronously.
2521 EXPECT_TRUE(response.complete());
2522 EXPECT_EQ(response.result_error(), ERR_NAME_NOT_RESOLVED);
2523 EXPECT_THAT(response.request()->GetAddressResults(),
2524 AnyOf(nullptr, Pointee(IsEmpty())));
2525 EXPECT_THAT(response.request()->GetEndpointResults(),
2526 AnyOf(nullptr, Pointee(IsEmpty())));
2527 EXPECT_FALSE(response.request()->GetStaleInfo());
2528 base::RunLoop().RunUntilIdle();
2529
2530 ResolveHostResponseHelper response2(resolver_->CreateRequest(
2531 HostPortPair("1.2.3.4", 56), NetworkAnonymizationKey(),
2532 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
2533 resolve_context_->host_cache()));
2534 EXPECT_TRUE(response2.complete());
2535 EXPECT_THAT(response2.result_error(), IsOk());
2536 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
2537 testing::ElementsAre(CreateExpected("1.2.3.4", 56)));
2538 EXPECT_THAT(response2.request()->GetEndpointResults(),
2539 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
2540 testing::ElementsAre(CreateExpected("1.2.3.4", 56))))));
2541 EXPECT_FALSE(response2.request()->GetStaleInfo());
2542 } else {
2543 // Expected to resolve synchronously.
2544 EXPECT_TRUE(response.complete());
2545 EXPECT_THAT(response.result_error(), IsOk());
2546 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2547 testing::ElementsAre(CreateExpected("1.2.3.4", 56)));
2548 EXPECT_THAT(response.request()->GetEndpointResults(),
2549 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
2550 testing::ElementsAre(CreateExpected("1.2.3.4", 56))))));
2551 EXPECT_FALSE(response.request()->GetStaleInfo());
2552 }
2553 }
2554
TEST_F(HostResolverManagerTest,LocalOnly_FromIpAsync)2555 TEST_F(HostResolverManagerTest, LocalOnly_FromIpAsync) {
2556 LocalOnlyFromIpTest(true);
2557 }
2558
TEST_F(HostResolverManagerTest,LocalOnly_FromIpSync)2559 TEST_F(HostResolverManagerTest, LocalOnly_FromIpSync) {
2560 LocalOnlyFromIpTest(false);
2561 }
2562
TEST_F(HostResolverManagerTest,LocalOnly_InvalidName)2563 TEST_F(HostResolverManagerTest, LocalOnly_InvalidName) {
2564 proc_->AddRuleForAllFamilies("foo,bar.com", "192.168.1.42");
2565
2566 HostResolver::ResolveHostParameters source_none_parameters;
2567 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2568
2569 ResolveHostResponseHelper response(resolver_->CreateRequest(
2570 HostPortPair("foo,bar.com", 57), NetworkAnonymizationKey(),
2571 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
2572 resolve_context_->host_cache()));
2573
2574 // Expected to fail synchronously.
2575 EXPECT_TRUE(response.complete());
2576 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2577 EXPECT_THAT(response.request()->GetAddressResults(),
2578 AnyOf(nullptr, Pointee(IsEmpty())));
2579 EXPECT_THAT(response.request()->GetEndpointResults(),
2580 AnyOf(nullptr, Pointee(IsEmpty())));
2581 EXPECT_FALSE(response.request()->GetStaleInfo());
2582 }
2583
TEST_F(HostResolverManagerTest,LocalOnly_InvalidLocalhost)2584 TEST_F(HostResolverManagerTest, LocalOnly_InvalidLocalhost) {
2585 HostResolver::ResolveHostParameters source_none_parameters;
2586 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2587
2588 ResolveHostResponseHelper response(resolver_->CreateRequest(
2589 HostPortPair("foo,bar.localhost", 58), NetworkAnonymizationKey(),
2590 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
2591 resolve_context_->host_cache()));
2592
2593 // Expected to fail synchronously.
2594 EXPECT_TRUE(response.complete());
2595 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2596 EXPECT_THAT(response.request()->GetAddressResults(),
2597 AnyOf(nullptr, Pointee(IsEmpty())));
2598 EXPECT_THAT(response.request()->GetEndpointResults(),
2599 AnyOf(nullptr, Pointee(IsEmpty())));
2600 EXPECT_FALSE(response.request()->GetStaleInfo());
2601 }
2602
TEST_F(HostResolverManagerTest,StaleAllowed)2603 TEST_F(HostResolverManagerTest, StaleAllowed) {
2604 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
2605 proc_->SignalMultiple(1u); // Need only one.
2606
2607 HostResolver::ResolveHostParameters stale_allowed_parameters;
2608 stale_allowed_parameters.source = HostResolverSource::LOCAL_ONLY;
2609 stale_allowed_parameters.cache_usage =
2610 HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
2611
2612 // First query expected to complete synchronously as a cache miss.
2613 ResolveHostResponseHelper cache_miss_request(resolver_->CreateRequest(
2614 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2615 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get(),
2616 resolve_context_->host_cache()));
2617 EXPECT_TRUE(cache_miss_request.complete());
2618 EXPECT_THAT(cache_miss_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
2619 EXPECT_THAT(cache_miss_request.request()->GetAddressResults(),
2620 AnyOf(nullptr, Pointee(IsEmpty())));
2621 EXPECT_THAT(cache_miss_request.request()->GetEndpointResults(),
2622 AnyOf(nullptr, Pointee(IsEmpty())));
2623 EXPECT_FALSE(cache_miss_request.request()->GetStaleInfo());
2624
2625 // Normal query to populate cache
2626 ResolveHostResponseHelper normal_request(resolver_->CreateRequest(
2627 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2628 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2629 resolve_context_->host_cache()));
2630 EXPECT_THAT(normal_request.result_error(), IsOk());
2631 EXPECT_FALSE(normal_request.request()->GetStaleInfo());
2632
2633 MakeCacheStale();
2634
2635 // Second NONE query expected to get a stale cache hit.
2636 ResolveHostResponseHelper stale_request(resolver_->CreateRequest(
2637 HostPortPair("just.testing", 84), NetworkAnonymizationKey(),
2638 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get(),
2639 resolve_context_->host_cache()));
2640 EXPECT_TRUE(stale_request.complete());
2641 EXPECT_THAT(stale_request.result_error(), IsOk());
2642 EXPECT_THAT(stale_request.request()->GetAddressResults()->endpoints(),
2643 testing::ElementsAre(CreateExpected("192.168.1.42", 84)));
2644 EXPECT_THAT(
2645 stale_request.request()->GetEndpointResults(),
2646 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2647 testing::ElementsAre(CreateExpected("192.168.1.42", 84))))));
2648 EXPECT_TRUE(stale_request.request()->GetStaleInfo().value().is_stale());
2649 }
2650
TEST_F(HostResolverManagerTest,StaleAllowed_NonLocal)2651 TEST_F(HostResolverManagerTest, StaleAllowed_NonLocal) {
2652 proc_->AddRuleForAllFamilies("just.testing", "192.168.2.42");
2653 proc_->SignalMultiple(1u); // Need only one.
2654
2655 HostResolver::ResolveHostParameters stale_allowed_parameters;
2656 stale_allowed_parameters.cache_usage =
2657 HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
2658
2659 // Normal non-local resolves should still work normally with the STALE_ALLOWED
2660 // parameter, and there should be no stale info.
2661 ResolveHostResponseHelper response(resolver_->CreateRequest(
2662 HostPortPair("just.testing", 85), NetworkAnonymizationKey(),
2663 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get(),
2664 resolve_context_->host_cache()));
2665 EXPECT_THAT(response.result_error(), IsOk());
2666 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2667 testing::ElementsAre(CreateExpected("192.168.2.42", 85)));
2668 EXPECT_THAT(
2669 response.request()->GetEndpointResults(),
2670 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2671 testing::ElementsAre(CreateExpected("192.168.2.42", 85))))));
2672 EXPECT_FALSE(response.request()->GetStaleInfo());
2673 }
2674
StaleAllowedFromIpTest(bool is_async)2675 void HostResolverManagerTest::StaleAllowedFromIpTest(bool is_async) {
2676 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
2677 true /* ipv6_reachable */,
2678 true /* check_ipv6_on_wifi */, is_async);
2679 HostResolver::ResolveHostParameters stale_allowed_parameters;
2680 stale_allowed_parameters.cache_usage =
2681 HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
2682
2683 ResolveHostResponseHelper response(resolver_->CreateRequest(
2684 HostPortPair("1.2.3.4", 57), NetworkAnonymizationKey(),
2685 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get(),
2686 resolve_context_->host_cache()));
2687
2688 if (!is_async) {
2689 // Expected to resolve synchronously without stale info.
2690 EXPECT_TRUE(response.complete());
2691 }
2692 EXPECT_THAT(response.result_error(), IsOk());
2693 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2694 testing::ElementsAre(CreateExpected("1.2.3.4", 57)));
2695 EXPECT_THAT(
2696 response.request()->GetEndpointResults(),
2697 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2698 testing::ElementsAre(CreateExpected("1.2.3.4", 57))))));
2699 EXPECT_FALSE(response.request()->GetStaleInfo());
2700 }
2701
TEST_F(HostResolverManagerTest,StaleAllowed_FromIpAsync)2702 TEST_F(HostResolverManagerTest, StaleAllowed_FromIpAsync) {
2703 StaleAllowedFromIpTest(true);
2704 }
2705
TEST_F(HostResolverManagerTest,StaleAllowed_FromIpSync)2706 TEST_F(HostResolverManagerTest, StaleAllowed_FromIpSync) {
2707 StaleAllowedFromIpTest(false);
2708 }
2709
2710 // TODO(mgersh): add a test case for errors with positive TTL after
2711 // https://crbug.com/115051 is fixed.
2712
2713 // Test the retry attempts simulating host resolver proc that takes too long.
TEST_F(HostResolverManagerTest,MultipleAttempts)2714 TEST_F(HostResolverManagerTest, MultipleAttempts) {
2715 // Total number of attempts would be 3 and we want the 3rd attempt to resolve
2716 // the host. First and second attempt will be forced to wait until they get
2717 // word that a resolution has completed. The 3rd resolution attempt will try
2718 // to get done ASAP, and won't wait.
2719 int kAttemptNumberToResolve = 3;
2720 int kTotalAttempts = 3;
2721
2722 // Add a little bit of extra fudge to the delay to allow reasonable
2723 // flexibility for time > vs >= etc. We don't need to fail the test if we
2724 // retry at t=6001 instead of t=6000.
2725 base::TimeDelta kSleepFudgeFactor = base::Milliseconds(1);
2726
2727 auto resolver_proc = base::MakeRefCounted<LookupAttemptHostResolverProc>(
2728 nullptr, kAttemptNumberToResolve, kTotalAttempts);
2729
2730 HostResolverSystemTask::Params params = DefaultParams(resolver_proc);
2731 base::TimeDelta unresponsive_delay = params.unresponsive_delay;
2732 int retry_factor = params.retry_factor;
2733
2734 CreateResolverWithLimitsAndParams(kMaxJobs, params, true /* ipv6_reachable */,
2735 true /* check_ipv6_on_wifi */);
2736
2737 // Override the current thread task runner, so we can simulate the passage of
2738 // time and avoid any actual sleeps.
2739 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
2740 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
2741 task_runner_current_default_handle_override(test_task_runner);
2742
2743 // Resolve "host1".
2744 ResolveHostResponseHelper response(resolver_->CreateRequest(
2745 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
2746 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
2747 EXPECT_FALSE(response.complete());
2748
2749 resolver_proc->WaitForNAttemptsToBeBlocked(1);
2750 EXPECT_FALSE(response.complete());
2751
2752 test_task_runner->FastForwardBy(unresponsive_delay + kSleepFudgeFactor);
2753 resolver_proc->WaitForNAttemptsToBeBlocked(2);
2754 EXPECT_FALSE(response.complete());
2755
2756 test_task_runner->FastForwardBy(unresponsive_delay * retry_factor +
2757 kSleepFudgeFactor);
2758
2759 resolver_proc->WaitForAllAttemptsToFinish();
2760 test_task_runner->RunUntilIdle();
2761
2762 // Resolve returns -4 to indicate that 3rd attempt has resolved the host.
2763 // Since we're using a TestMockTimeTaskRunner, the RunLoop stuff in
2764 // result_error() will fail if it actually has to wait, but unless there's an
2765 // error, the result should be immediately ready by this point.
2766 EXPECT_EQ(-4, response.result_error());
2767
2768 // We should be done with retries, but make sure none erroneously happen.
2769 test_task_runner->FastForwardUntilNoTasksRemain();
2770
2771 EXPECT_EQ(resolver_proc->GetTotalAttemptsResolved(), kTotalAttempts);
2772 }
2773
2774 // Regression test for https://crbug.com/976948.
2775 //
2776 // Tests that when the maximum number of retries is set to
2777 // |HostResolver::ManagerOptions::kDefaultRetryAttempts| the
2778 // number of retries used is 4 rather than something higher.
TEST_F(HostResolverManagerTest,DefaultMaxRetryAttempts)2779 TEST_F(HostResolverManagerTest, DefaultMaxRetryAttempts) {
2780 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
2781 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
2782 task_runner_current_default_handle_override(test_task_runner);
2783
2784 // Instantiate a ResolverProc that will block all incoming requests.
2785 auto resolver_proc = base::MakeRefCounted<LookupAttemptHostResolverProc>(
2786 nullptr, std::numeric_limits<size_t>::max(),
2787 std::numeric_limits<size_t>::max());
2788
2789 // This corresponds to kDefaultMaxRetryAttempts in
2790 // HostResolverSystemTask::Params::HostResolverSystemTask::Params(). The
2791 // correspondence is verified below, since that symbol is not exported.
2792 const size_t expected_max_retries = 4;
2793
2794 // Use the special value |ManagerOptions::kDefaultRetryAttempts|, which is
2795 // expected to translate into |expected_num_retries|.
2796 ASSERT_NE(HostResolverSystemTask::Params::kDefaultRetryAttempts,
2797 expected_max_retries);
2798 HostResolverSystemTask::Params params(
2799 resolver_proc, HostResolverSystemTask::Params::kDefaultRetryAttempts);
2800 ASSERT_EQ(params.max_retry_attempts, expected_max_retries);
2801
2802 CreateResolverWithLimitsAndParams(kMaxJobs, params,
2803 false /* ipv6_reachable */,
2804 false /* check_ipv6_on_wifi */);
2805 // Resolve "host1". The resolver proc will hang all requests so this
2806 // resolution should remain stalled until calling SetResolvedAttemptNumber().
2807 ResolveHostResponseHelper response(resolver_->CreateRequest(
2808 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
2809 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
2810 EXPECT_FALSE(response.complete());
2811
2812 // Simulate running the main thread (network task runner) for a long
2813 // time. Because none of the attempts posted to worker pool can complete, this
2814 // should cause all of the retry attempts to get posted, according to the
2815 // exponential backoff schedule.
2816 test_task_runner->FastForwardBy(base::Minutes(20));
2817
2818 // Unblock the resolver proc, then wait for all the worker pool and main
2819 // thread tasks to complete. Note that the call to SetResolvedAttemptNumber(1)
2820 // will cause all the blocked resolver procs tasks fail with -2.
2821 resolver_proc->SetResolvedAttemptNumber(1);
2822 const int kExpectedError = -2;
2823 base::ThreadPoolInstance::Get()->FlushForTesting();
2824 test_task_runner->RunUntilIdle();
2825
2826 ASSERT_TRUE(response.complete());
2827 EXPECT_EQ(kExpectedError, response.result_error());
2828
2829 // Ensure that the original attempt was executed on the worker pool, as well
2830 // as the maximum number of allowed retries, and no more.
2831 EXPECT_EQ(static_cast<int>(expected_max_retries + 1),
2832 resolver_proc->GetTotalAttemptsResolved());
2833 }
2834
2835 // If a host resolves to a list that includes 127.0.53.53, this is treated as
2836 // an error. 127.0.53.53 is a localhost address, however it has been given a
2837 // special significance by ICANN to help surface name collision resulting from
2838 // the new gTLDs.
TEST_F(HostResolverManagerTest,NameCollisionIcann)2839 TEST_F(HostResolverManagerTest, NameCollisionIcann) {
2840 proc_->AddRuleForAllFamilies("single", "127.0.53.53");
2841 proc_->AddRuleForAllFamilies("multiple", "127.0.0.1,127.0.53.53");
2842 proc_->AddRuleForAllFamilies("ipv6", "::127.0.53.53");
2843 proc_->AddRuleForAllFamilies("not_reserved1", "53.53.0.127");
2844 proc_->AddRuleForAllFamilies("not_reserved2", "127.0.53.54");
2845 proc_->AddRuleForAllFamilies("not_reserved3", "10.0.53.53");
2846 proc_->SignalMultiple(6u);
2847
2848 ResolveHostResponseHelper single_response(resolver_->CreateRequest(
2849 HostPortPair("single", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2850 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
2851 EXPECT_THAT(single_response.result_error(),
2852 IsError(ERR_ICANN_NAME_COLLISION));
2853 EXPECT_THAT(single_response.request()->GetAddressResults(),
2854 AnyOf(nullptr, Pointee(IsEmpty())));
2855 EXPECT_THAT(single_response.request()->GetEndpointResults(),
2856 AnyOf(nullptr, Pointee(IsEmpty())));
2857
2858 // ERR_ICANN_NAME_COLLISION is cached like any other error, using a fixed TTL
2859 // for failed entries from proc-based resolver. That said, the fixed TTL is 0,
2860 // so it should never be cached.
2861 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
2862 GetCacheHit(HostCache::Key(
2863 "single", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
2864 HostResolverSource::ANY, NetworkAnonymizationKey()));
2865 EXPECT_FALSE(cache_result);
2866
2867 ResolveHostResponseHelper multiple_response(resolver_->CreateRequest(
2868 HostPortPair("multiple", 80), NetworkAnonymizationKey(),
2869 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2870 resolve_context_->host_cache()));
2871 EXPECT_THAT(multiple_response.result_error(),
2872 IsError(ERR_ICANN_NAME_COLLISION));
2873
2874 // Resolving an IP literal of 127.0.53.53 however is allowed.
2875 ResolveHostResponseHelper literal_response(resolver_->CreateRequest(
2876 HostPortPair("127.0.53.53", 80), NetworkAnonymizationKey(),
2877 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2878 resolve_context_->host_cache()));
2879 EXPECT_THAT(literal_response.result_error(), IsOk());
2880
2881 // Moreover the address should not be recognized when embedded in an IPv6
2882 // address.
2883 ResolveHostResponseHelper ipv6_response(resolver_->CreateRequest(
2884 HostPortPair("127.0.53.53", 80), NetworkAnonymizationKey(),
2885 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2886 resolve_context_->host_cache()));
2887 EXPECT_THAT(ipv6_response.result_error(), IsOk());
2888
2889 // Try some other IPs which are similar, but NOT an exact match on
2890 // 127.0.53.53.
2891 ResolveHostResponseHelper similar_response1(resolver_->CreateRequest(
2892 HostPortPair("not_reserved1", 80), NetworkAnonymizationKey(),
2893 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2894 resolve_context_->host_cache()));
2895 EXPECT_THAT(similar_response1.result_error(), IsOk());
2896
2897 ResolveHostResponseHelper similar_response2(resolver_->CreateRequest(
2898 HostPortPair("not_reserved2", 80), NetworkAnonymizationKey(),
2899 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2900 resolve_context_->host_cache()));
2901 EXPECT_THAT(similar_response2.result_error(), IsOk());
2902
2903 ResolveHostResponseHelper similar_response3(resolver_->CreateRequest(
2904 HostPortPair("not_reserved3", 80), NetworkAnonymizationKey(),
2905 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2906 resolve_context_->host_cache()));
2907 EXPECT_THAT(similar_response3.result_error(), IsOk());
2908 }
2909
TEST_F(HostResolverManagerTest,StartIPv6ReachabilityCheck)2910 TEST_F(HostResolverManagerTest, StartIPv6ReachabilityCheck) {
2911 // The real HostResolverManager is needed since TestHostResolverManager will
2912 // bypass the IPv6 reachability tests.
2913 DestroyResolver();
2914 resolver_ = std::make_unique<HostResolverManager>(
2915 DefaultOptions(), nullptr /* system_dns_config_notifier */,
2916 nullptr /* net_log */);
2917 // Verify that two consecutive calls return the same value.
2918 RecordingNetLogObserver net_log_observer;
2919 NetLogWithSource net_log =
2920 NetLogWithSource::Make(net::NetLog::Get(), NetLogSourceType::NONE);
2921 MockClientSocketFactory socket_factory;
2922 SequencedSocketData sync_connect(MockConnect(SYNCHRONOUS, OK),
2923 base::span<net::MockRead>(),
2924 base::span<net::MockWrite>());
2925 SequencedSocketData async_connect(MockConnect(ASYNC, OK),
2926 base::span<net::MockRead>(),
2927 base::span<net::MockWrite>());
2928 socket_factory.AddSocketDataProvider(&sync_connect);
2929 socket_factory.AddSocketDataProvider(&async_connect);
2930
2931 int attempt1 = StartIPv6ReachabilityCheck(net_log, &socket_factory,
2932 base::DoNothingAs<void(int)>());
2933 EXPECT_EQ(attempt1, OK);
2934 int result1 = GetLastIpv6ProbeResult();
2935
2936 int attempt2 = StartIPv6ReachabilityCheck(net_log, &socket_factory,
2937 base::DoNothingAs<void(int)>());
2938 EXPECT_EQ(attempt2, OK);
2939 int result2 = GetLastIpv6ProbeResult();
2940 EXPECT_EQ(result1, result2);
2941
2942 // Verify that async socket connections also return the same value.
2943 resolver_->ResetIPv6ProbeTimeForTesting();
2944 TestCompletionCallback callback;
2945 int attempt3 =
2946 StartIPv6ReachabilityCheck(net_log, &socket_factory, callback.callback());
2947 EXPECT_EQ(attempt3, ERR_IO_PENDING);
2948 EXPECT_THAT(callback.WaitForResult(), IsOk());
2949 int result3 = GetLastIpv6ProbeResult();
2950 EXPECT_EQ(result1, result3);
2951
2952 // Filter reachability check events and verify that there are three of them.
2953 auto probe_event_list = net_log_observer.GetEntriesWithType(
2954 NetLogEventType::HOST_RESOLVER_MANAGER_IPV6_REACHABILITY_CHECK);
2955 ASSERT_EQ(3U, probe_event_list.size());
2956 // Verify that the first and third requests were not cached and the second one
2957 // was.
2958 EXPECT_FALSE(GetBooleanValueFromParams(probe_event_list[0], "cached"));
2959 EXPECT_TRUE(GetBooleanValueFromParams(probe_event_list[1], "cached"));
2960 EXPECT_FALSE(GetBooleanValueFromParams(probe_event_list[0], "cached"));
2961 }
2962
TEST_F(HostResolverManagerTest,IncludeCanonicalName)2963 TEST_F(HostResolverManagerTest, IncludeCanonicalName) {
2964 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42",
2965 HOST_RESOLVER_CANONNAME, "canon.name");
2966 proc_->SignalMultiple(2u);
2967
2968 HostResolver::ResolveHostParameters parameters;
2969 parameters.include_canonical_name = true;
2970 ResolveHostResponseHelper response(resolver_->CreateRequest(
2971 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2972 NetLogWithSource(), parameters, resolve_context_.get(),
2973 resolve_context_->host_cache()));
2974 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
2975 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2976 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
2977 resolve_context_->host_cache()));
2978
2979 EXPECT_THAT(response.result_error(), IsOk());
2980 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2981 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
2982 EXPECT_THAT(
2983 response.request()->GetEndpointResults(),
2984 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2985 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
2986 EXPECT_THAT(response.request()->GetDnsAliasResults(),
2987 testing::Pointee(testing::UnorderedElementsAre("canon.name")));
2988
2989 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2990 }
2991
TEST_F(HostResolverManagerTest,FixupCanonicalName)2992 TEST_F(HostResolverManagerTest, FixupCanonicalName) {
2993 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42", /*flags=*/0,
2994 "CANON.name");
2995 proc_->SignalMultiple(1u);
2996
2997 ResolveHostResponseHelper response(resolver_->CreateRequest(
2998 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2999 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
3000 resolve_context_->host_cache()));
3001
3002 EXPECT_THAT(response.result_error(), IsOk());
3003 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3004 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
3005 EXPECT_THAT(
3006 response.request()->GetEndpointResults(),
3007 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
3008 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
3009 EXPECT_THAT(response.request()->GetDnsAliasResults(),
3010 testing::Pointee(testing::UnorderedElementsAre("canon.name")));
3011 }
3012
TEST_F(HostResolverManagerTest,IncludeCanonicalNameButNotReceived)3013 TEST_F(HostResolverManagerTest, IncludeCanonicalNameButNotReceived) {
3014 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42",
3015 HOST_RESOLVER_CANONNAME);
3016 proc_->SignalMultiple(2u);
3017
3018 HostResolver::ResolveHostParameters parameters;
3019 parameters.include_canonical_name = true;
3020 ResolveHostResponseHelper response(resolver_->CreateRequest(
3021 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
3022 NetLogWithSource(), parameters, resolve_context_.get(),
3023 resolve_context_->host_cache()));
3024 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
3025 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
3026 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
3027 resolve_context_->host_cache()));
3028
3029 EXPECT_THAT(response.result_error(), IsOk());
3030 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3031 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
3032 EXPECT_THAT(
3033 response.request()->GetEndpointResults(),
3034 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
3035 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
3036 EXPECT_THAT(response.request()->GetDnsAliasResults(),
3037 testing::Pointee(testing::IsEmpty()));
3038
3039 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3040 }
3041
3042 // If `ResolveHostParameters::include_canonical_name` is set, canonical name
3043 // should be returned exactly as received from the system resolver, without any
3044 // attempt to do URL hostname canonicalization on it.
TEST_F(HostResolverManagerTest,IncludeCanonicalNameSkipsUrlCanonicalization)3045 TEST_F(HostResolverManagerTest, IncludeCanonicalNameSkipsUrlCanonicalization) {
3046 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42",
3047 HOST_RESOLVER_CANONNAME, "CANON.name");
3048 proc_->SignalMultiple(2u);
3049
3050 HostResolver::ResolveHostParameters parameters;
3051 parameters.include_canonical_name = true;
3052 ResolveHostResponseHelper response(resolver_->CreateRequest(
3053 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
3054 NetLogWithSource(), parameters, resolve_context_.get(),
3055 resolve_context_->host_cache()));
3056 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
3057 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
3058 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
3059 resolve_context_->host_cache()));
3060
3061 EXPECT_THAT(response.result_error(), IsOk());
3062 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3063 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
3064 EXPECT_THAT(
3065 response.request()->GetEndpointResults(),
3066 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
3067 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
3068 EXPECT_THAT(response.request()->GetDnsAliasResults(),
3069 testing::Pointee(testing::UnorderedElementsAre("CANON.name")));
3070
3071 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3072 }
3073
TEST_F(HostResolverManagerTest,LoopbackOnly)3074 TEST_F(HostResolverManagerTest, LoopbackOnly) {
3075 proc_->AddRuleForAllFamilies("otherlocal", "127.0.0.1",
3076 HOST_RESOLVER_LOOPBACK_ONLY);
3077 proc_->SignalMultiple(2u);
3078
3079 HostResolver::ResolveHostParameters parameters;
3080 parameters.loopback_only = true;
3081 ResolveHostResponseHelper response(resolver_->CreateRequest(
3082 HostPortPair("otherlocal", 80), NetworkAnonymizationKey(),
3083 NetLogWithSource(), parameters, resolve_context_.get(),
3084 resolve_context_->host_cache()));
3085 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
3086 HostPortPair("otherlocal", 80), NetworkAnonymizationKey(),
3087 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
3088 resolve_context_->host_cache()));
3089
3090 EXPECT_THAT(response.result_error(), IsOk());
3091 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3092 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
3093 EXPECT_THAT(
3094 response.request()->GetEndpointResults(),
3095 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
3096 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
3097
3098 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3099 }
3100
TEST_F(HostResolverManagerTest,IsSpeculative)3101 TEST_F(HostResolverManagerTest, IsSpeculative) {
3102 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
3103 proc_->SignalMultiple(1u);
3104
3105 HostResolver::ResolveHostParameters parameters;
3106 parameters.is_speculative = true;
3107
3108 ResolveHostResponseHelper response(resolver_->CreateRequest(
3109 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
3110 NetLogWithSource(), parameters, resolve_context_.get(),
3111 resolve_context_->host_cache()));
3112
3113 EXPECT_THAT(response.result_error(), IsOk());
3114 EXPECT_THAT(response.request()->GetAddressResults(),
3115 AnyOf(nullptr, Pointee(IsEmpty())));
3116 EXPECT_THAT(response.request()->GetEndpointResults(),
3117 AnyOf(nullptr, Pointee(IsEmpty())));
3118
3119 ASSERT_EQ(1u, proc_->GetCaptureList().size());
3120 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
3121
3122 // Reresolve without the |is_speculative| flag should immediately return from
3123 // cache.
3124 ResolveHostResponseHelper response2(resolver_->CreateRequest(
3125 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
3126 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
3127 resolve_context_->host_cache()));
3128
3129 EXPECT_THAT(response2.result_error(), IsOk());
3130 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
3131 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
3132 EXPECT_THAT(
3133 response2.request()->GetEndpointResults(),
3134 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
3135 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
3136
3137 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
3138 EXPECT_EQ(1u, proc_->GetCaptureList().size()); // No increase.
3139 }
3140
TEST_F(HostResolverManagerTest,AvoidMulticastResolutionParameter)3141 TEST_F(HostResolverManagerTest, AvoidMulticastResolutionParameter) {
3142 proc_->AddRuleForAllFamilies("avoid.multicast.test", "123.123.123.123",
3143 HOST_RESOLVER_AVOID_MULTICAST);
3144 proc_->SignalMultiple(2u);
3145
3146 HostResolver::ResolveHostParameters parameters;
3147 parameters.avoid_multicast_resolution = true;
3148 ResolveHostResponseHelper response(resolver_->CreateRequest(
3149 HostPortPair("avoid.multicast.test", 80), NetworkAnonymizationKey(),
3150 NetLogWithSource(), parameters, resolve_context_.get(),
3151 resolve_context_->host_cache()));
3152 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
3153 HostPortPair("avoid.multicast.test", 80), NetworkAnonymizationKey(),
3154 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
3155 resolve_context_->host_cache()));
3156
3157 EXPECT_THAT(response.result_error(), IsOk());
3158 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3159 testing::ElementsAre(CreateExpected("123.123.123.123", 80)));
3160 EXPECT_THAT(
3161 response.request()->GetEndpointResults(),
3162 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
3163 testing::ElementsAre(CreateExpected("123.123.123.123", 80))))));
3164
3165 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3166 }
3167
3168 #if BUILDFLAG(ENABLE_MDNS)
3169 const uint8_t kMdnsResponseA[] = {
3170 // Header
3171 0x00, 0x00, // ID is zeroed out
3172 0x81, 0x80, // Standard query response, RA, no error
3173 0x00, 0x00, // No questions (for simplicity)
3174 0x00, 0x01, // 1 RR (answers)
3175 0x00, 0x00, // 0 authority RRs
3176 0x00, 0x00, // 0 additional RRs
3177
3178 // "myhello.local."
3179 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3180 0x00,
3181
3182 0x00, 0x01, // TYPE is A.
3183 0x00, 0x01, // CLASS is IN.
3184 0x00, 0x00, 0x00, 0x10, // TTL is 16 (seconds)
3185 0x00, 0x04, // RDLENGTH is 4 bytes.
3186 0x01, 0x02, 0x03, 0x04, // 1.2.3.4
3187 };
3188
3189 const uint8_t kMdnsResponseA2[] = {
3190 // Header
3191 0x00, 0x00, // ID is zeroed out
3192 0x81, 0x80, // Standard query response, RA, no error
3193 0x00, 0x00, // No questions (for simplicity)
3194 0x00, 0x01, // 1 RR (answers)
3195 0x00, 0x00, // 0 authority RRs
3196 0x00, 0x00, // 0 additional RRs
3197
3198 // "myhello.local."
3199 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3200 0x00,
3201
3202 0x00, 0x01, // TYPE is A.
3203 0x00, 0x01, // CLASS is IN.
3204 0x00, 0x00, 0x00, 0x10, // TTL is 16 (seconds)
3205 0x00, 0x04, // RDLENGTH is 4 bytes.
3206 0x05, 0x06, 0x07, 0x08, // 5.6.7.8
3207 };
3208
3209 const uint8_t kMdnsResponseA2Goodbye[] = {
3210 // Header
3211 0x00, 0x00, // ID is zeroed out
3212 0x81, 0x80, // Standard query response, RA, no error
3213 0x00, 0x00, // No questions (for simplicity)
3214 0x00, 0x01, // 1 RR (answers)
3215 0x00, 0x00, // 0 authority RRs
3216 0x00, 0x00, // 0 additional RRs
3217
3218 // "myhello.local."
3219 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3220 0x00,
3221
3222 0x00, 0x01, // TYPE is A.
3223 0x00, 0x01, // CLASS is IN.
3224 0x00, 0x00, 0x00, 0x00, // TTL is 0 (signaling "goodbye" removal of result)
3225 0x00, 0x04, // RDLENGTH is 4 bytes.
3226 0x05, 0x06, 0x07, 0x08, // 5.6.7.8
3227 };
3228
3229 const uint8_t kMdnsResponseAAAA[] = {
3230 // Header
3231 0x00, 0x00, // ID is zeroed out
3232 0x81, 0x80, // Standard query response, RA, no error
3233 0x00, 0x00, // No questions (for simplicity)
3234 0x00, 0x01, // 1 RR (answers)
3235 0x00, 0x00, // 0 authority RRs
3236 0x00, 0x00, // 0 additional RRs
3237
3238 // "myhello.local."
3239 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3240 0x00,
3241
3242 0x00, 0x1C, // TYPE is AAAA.
3243 0x00, 0x01, // CLASS is IN.
3244 0x00, 0x00, 0x00, 0x10, // TTL is 16 (seconds)
3245 0x00, 0x10, // RDLENGTH is 16 bytes.
3246
3247 // 000a:0000:0000:0000:0001:0002:0003:0004
3248 0x00, 0x0A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x02,
3249 0x00, 0x03, 0x00, 0x04};
3250
3251 // An MDNS response indicating that the responder owns the hostname, but the
3252 // specific requested type (AAAA) does not exist because the responder only has
3253 // A addresses.
3254 const uint8_t kMdnsResponseNsec[] = {
3255 // Header
3256 0x00, 0x00, // ID is zeroed out
3257 0x81, 0x80, // Standard query response, RA, no error
3258 0x00, 0x00, // No questions (for simplicity)
3259 0x00, 0x01, // 1 RR (answers)
3260 0x00, 0x00, // 0 authority RRs
3261 0x00, 0x00, // 0 additional RRs
3262
3263 // "myhello.local."
3264 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3265 0x00,
3266
3267 0x00, 0x2f, // TYPE is NSEC.
3268 0x00, 0x01, // CLASS is IN.
3269 0x00, 0x00, 0x00, 0x10, // TTL is 16 (seconds)
3270 0x00, 0x06, // RDLENGTH is 6 bytes.
3271 0xc0, 0x0c, // Next Domain Name (always pointer back to name in MDNS)
3272 0x00, // Bitmap block number (always 0 in MDNS)
3273 0x02, // Bitmap length is 2
3274 0x00, 0x08 // A type only
3275 };
3276
3277 const uint8_t kMdnsResponseTxt[] = {
3278 // Header
3279 0x00, 0x00, // ID is zeroed out
3280 0x81, 0x80, // Standard query response, RA, no error
3281 0x00, 0x00, // No questions (for simplicity)
3282 0x00, 0x01, // 1 RR (answers)
3283 0x00, 0x00, // 0 authority RRs
3284 0x00, 0x00, // 0 additional RRs
3285
3286 // "myhello.local."
3287 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3288 0x00,
3289
3290 0x00, 0x10, // TYPE is TXT.
3291 0x00, 0x01, // CLASS is IN.
3292 0x00, 0x00, 0x00, 0x11, // TTL is 17 (seconds)
3293 0x00, 0x08, // RDLENGTH is 8 bytes.
3294
3295 // "foo"
3296 0x03, 0x66, 0x6f, 0x6f,
3297 // "bar"
3298 0x03, 0x62, 0x61, 0x72};
3299
3300 const uint8_t kMdnsResponsePtr[] = {
3301 // Header
3302 0x00, 0x00, // ID is zeroed out
3303 0x81, 0x80, // Standard query response, RA, no error
3304 0x00, 0x00, // No questions (for simplicity)
3305 0x00, 0x01, // 1 RR (answers)
3306 0x00, 0x00, // 0 authority RRs
3307 0x00, 0x00, // 0 additional RRs
3308
3309 // "myhello.local."
3310 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3311 0x00,
3312
3313 0x00, 0x0c, // TYPE is PTR.
3314 0x00, 0x01, // CLASS is IN.
3315 0x00, 0x00, 0x00, 0x12, // TTL is 18 (seconds)
3316 0x00, 0x09, // RDLENGTH is 9 bytes.
3317
3318 // "foo.com."
3319 0x03, 'f', 'o', 'o', 0x03, 'c', 'o', 'm', 0x00};
3320
3321 const uint8_t kMdnsResponsePtrRoot[] = {
3322 // Header
3323 0x00, 0x00, // ID is zeroed out
3324 0x81, 0x80, // Standard query response, RA, no error
3325 0x00, 0x00, // No questions (for simplicity)
3326 0x00, 0x01, // 1 RR (answers)
3327 0x00, 0x00, // 0 authority RRs
3328 0x00, 0x00, // 0 additional RRs
3329
3330 // "myhello.local."
3331 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3332 0x00,
3333
3334 0x00, 0x0c, // TYPE is PTR.
3335 0x00, 0x01, // CLASS is IN.
3336 0x00, 0x00, 0x00, 0x13, // TTL is 19 (seconds)
3337 0x00, 0x01, // RDLENGTH is 1 byte.
3338
3339 // "." (the root domain)
3340 0x00};
3341
3342 const uint8_t kMdnsResponseSrv[] = {
3343 // Header
3344 0x00, 0x00, // ID is zeroed out
3345 0x81, 0x80, // Standard query response, RA, no error
3346 0x00, 0x00, // No questions (for simplicity)
3347 0x00, 0x01, // 1 RR (answers)
3348 0x00, 0x00, // 0 authority RRs
3349 0x00, 0x00, // 0 additional RRs
3350
3351 // "myhello.local."
3352 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3353 0x00,
3354
3355 0x00, 0x21, // TYPE is SRV.
3356 0x00, 0x01, // CLASS is IN.
3357 0x00, 0x00, 0x00, 0x13, // TTL is 19 (seconds)
3358 0x00, 0x0f, // RDLENGTH is 15 bytes.
3359
3360 0x00, 0x05, // Priority 5
3361 0x00, 0x01, // Weight 1
3362 0x20, 0x49, // Port 8265
3363
3364 // "foo.com."
3365 0x03, 'f', 'o', 'o', 0x03, 'c', 'o', 'm', 0x00};
3366
3367 const uint8_t kMdnsResponseSrvUnrestricted[] = {
3368 // Header
3369 0x00, 0x00, // ID is zeroed out
3370 0x81, 0x80, // Standard query response, RA, no error
3371 0x00, 0x00, // No questions (for simplicity)
3372 0x00, 0x01, // 1 RR (answers)
3373 0x00, 0x00, // 0 authority RRs
3374 0x00, 0x00, // 0 additional RRs
3375
3376 // "foo bar(A1B2)._ipps._tcp.local"
3377 0x0d, 'f', 'o', 'o', ' ', 'b', 'a', 'r', '(', 'A', '1', 'B', '2', ')', 0x05,
3378 '_', 'i', 'p', 'p', 's', 0x04, '_', 't', 'c', 'p', 0x05, 'l', 'o', 'c', 'a',
3379 'l', 0x00,
3380
3381 0x00, 0x21, // TYPE is SRV.
3382 0x00, 0x01, // CLASS is IN.
3383 0x00, 0x00, 0x00, 0x13, // TTL is 19 (seconds)
3384 0x00, 0x0f, // RDLENGTH is 15 bytes.
3385
3386 0x00, 0x05, // Priority 5
3387 0x00, 0x01, // Weight 1
3388 0x20, 0x49, // Port 8265
3389
3390 // "foo.com."
3391 0x03, 'f', 'o', 'o', 0x03, 'c', 'o', 'm', 0x00};
3392
3393 const uint8_t kMdnsResponseSrvUnrestrictedResult[] = {
3394 // Header
3395 0x00, 0x00, // ID is zeroed out
3396 0x81, 0x80, // Standard query response, RA, no error
3397 0x00, 0x00, // No questions (for simplicity)
3398 0x00, 0x01, // 1 RR (answers)
3399 0x00, 0x00, // 0 authority RRs
3400 0x00, 0x00, // 0 additional RRs
3401
3402 // "myhello.local."
3403 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3404 0x00,
3405
3406 0x00, 0x21, // TYPE is SRV.
3407 0x00, 0x01, // CLASS is IN.
3408 0x00, 0x00, 0x00, 0x13, // TTL is 19 (seconds)
3409 0x00, 0x15, // RDLENGTH is 21 bytes.
3410
3411 0x00, 0x05, // Priority 5
3412 0x00, 0x01, // Weight 1
3413 0x20, 0x49, // Port 8265
3414
3415 // "foo bar.local"
3416 0x07, 'f', 'o', 'o', ' ', 'b', 'a', 'r', 0x05, 'l', 'o', 'c', 'a', 'l',
3417 0x00};
3418
TEST_F(HostResolverManagerTest,Mdns)3419 TEST_F(HostResolverManagerTest, Mdns) {
3420 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3421 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3422 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3423 // 2 socket creations for every transaction.
3424 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(4);
3425
3426 HostResolver::ResolveHostParameters parameters;
3427 parameters.source = HostResolverSource::MULTICAST_DNS;
3428
3429 ResolveHostResponseHelper response(resolver_->CreateRequest(
3430 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3431 NetLogWithSource(), parameters, resolve_context_.get(),
3432 resolve_context_->host_cache()));
3433
3434 socket_factory_ptr->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3435 socket_factory_ptr->SimulateReceive(kMdnsResponseAAAA,
3436 sizeof(kMdnsResponseAAAA));
3437
3438 EXPECT_THAT(response.result_error(), IsOk());
3439 EXPECT_THAT(
3440 response.request()->GetAddressResults()->endpoints(),
3441 testing::UnorderedElementsAre(
3442 CreateExpected("1.2.3.4", 80),
3443 CreateExpected("000a:0000:0000:0000:0001:0002:0003:0004", 80)));
3444 EXPECT_THAT(
3445 response.request()->GetEndpointResults(),
3446 testing::Pointee(testing::UnorderedElementsAre(
3447 ExpectEndpointResult(testing::UnorderedElementsAre(
3448 CreateExpected("000a:0000:0000:0000:0001:0002:0003:0004", 80),
3449 CreateExpected("1.2.3.4", 80))))));
3450 EXPECT_THAT(response.request()->GetTextResults(),
3451 AnyOf(nullptr, Pointee(IsEmpty())));
3452 EXPECT_THAT(response.request()->GetHostnameResults(),
3453 AnyOf(nullptr, Pointee(IsEmpty())));
3454 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3455 AnyOf(nullptr, Pointee(IsEmpty())));
3456 }
3457
TEST_F(HostResolverManagerTest,Mdns_AaaaOnly)3458 TEST_F(HostResolverManagerTest, Mdns_AaaaOnly) {
3459 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3460 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3461 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3462 // 2 socket creations for every transaction.
3463 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3464
3465 HostResolver::ResolveHostParameters parameters;
3466 parameters.dns_query_type = DnsQueryType::AAAA;
3467 parameters.source = HostResolverSource::MULTICAST_DNS;
3468
3469 ResolveHostResponseHelper response(resolver_->CreateRequest(
3470 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3471 NetLogWithSource(), parameters, resolve_context_.get(),
3472 resolve_context_->host_cache()));
3473
3474 socket_factory_ptr->SimulateReceive(kMdnsResponseAAAA,
3475 sizeof(kMdnsResponseAAAA));
3476
3477 EXPECT_THAT(response.result_error(), IsOk());
3478 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3479 testing::ElementsAre(CreateExpected(
3480 "000a:0000:0000:0000:0001:0002:0003:0004", 80)));
3481 EXPECT_THAT(response.request()->GetEndpointResults(),
3482 testing::Pointee(testing::UnorderedElementsAre(
3483 ExpectEndpointResult(testing::ElementsAre(CreateExpected(
3484 "000a:0000:0000:0000:0001:0002:0003:0004", 80))))));
3485 }
3486
TEST_F(HostResolverManagerTest,Mdns_Txt)3487 TEST_F(HostResolverManagerTest, Mdns_Txt) {
3488 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3489 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3490 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3491 // 2 socket creations for every transaction.
3492 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3493
3494 HostResolver::ResolveHostParameters parameters;
3495 parameters.dns_query_type = DnsQueryType::TXT;
3496 parameters.source = HostResolverSource::MULTICAST_DNS;
3497
3498 ResolveHostResponseHelper response(resolver_->CreateRequest(
3499 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3500 NetLogWithSource(), parameters, resolve_context_.get(),
3501 resolve_context_->host_cache()));
3502
3503 socket_factory_ptr->SimulateReceive(kMdnsResponseTxt,
3504 sizeof(kMdnsResponseTxt));
3505
3506 EXPECT_THAT(response.result_error(), IsOk());
3507 EXPECT_THAT(response.request()->GetAddressResults(),
3508 AnyOf(nullptr, Pointee(IsEmpty())));
3509 EXPECT_THAT(response.request()->GetEndpointResults(),
3510 AnyOf(nullptr, Pointee(IsEmpty())));
3511 EXPECT_THAT(response.request()->GetTextResults(),
3512 testing::Pointee(testing::ElementsAre("foo", "bar")));
3513 EXPECT_THAT(response.request()->GetHostnameResults(),
3514 AnyOf(nullptr, Pointee(IsEmpty())));
3515 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3516 AnyOf(nullptr, Pointee(IsEmpty())));
3517 }
3518
TEST_F(HostResolverManagerTest,Mdns_Ptr)3519 TEST_F(HostResolverManagerTest, Mdns_Ptr) {
3520 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3521 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3522 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3523 // 2 socket creations for every transaction.
3524 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3525
3526 HostResolver::ResolveHostParameters parameters;
3527 parameters.dns_query_type = DnsQueryType::PTR;
3528 parameters.source = HostResolverSource::MULTICAST_DNS;
3529
3530 ResolveHostResponseHelper response(resolver_->CreateRequest(
3531 HostPortPair("myhello.local", 83), NetworkAnonymizationKey(),
3532 NetLogWithSource(), parameters, resolve_context_.get(),
3533 resolve_context_->host_cache()));
3534
3535 socket_factory_ptr->SimulateReceive(kMdnsResponsePtr,
3536 sizeof(kMdnsResponsePtr));
3537
3538 EXPECT_THAT(response.result_error(), IsOk());
3539 EXPECT_THAT(response.request()->GetAddressResults(),
3540 AnyOf(nullptr, Pointee(IsEmpty())));
3541 EXPECT_THAT(response.request()->GetEndpointResults(),
3542 AnyOf(nullptr, Pointee(IsEmpty())));
3543 EXPECT_THAT(response.request()->GetTextResults(),
3544 AnyOf(nullptr, Pointee(IsEmpty())));
3545 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3546 AnyOf(nullptr, Pointee(IsEmpty())));
3547 EXPECT_THAT(
3548 response.request()->GetHostnameResults(),
3549 testing::Pointee(testing::ElementsAre(HostPortPair("foo.com", 83))));
3550 }
3551
TEST_F(HostResolverManagerTest,Mdns_Srv)3552 TEST_F(HostResolverManagerTest, Mdns_Srv) {
3553 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3554 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3555 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3556 // 2 socket creations for every transaction.
3557 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3558
3559 HostResolver::ResolveHostParameters parameters;
3560 parameters.dns_query_type = DnsQueryType::SRV;
3561 parameters.source = HostResolverSource::MULTICAST_DNS;
3562
3563 ResolveHostResponseHelper response(resolver_->CreateRequest(
3564 HostPortPair("myhello.local", 83), NetworkAnonymizationKey(),
3565 NetLogWithSource(), parameters, resolve_context_.get(),
3566 resolve_context_->host_cache()));
3567
3568 socket_factory_ptr->SimulateReceive(kMdnsResponseSrv,
3569 sizeof(kMdnsResponseSrv));
3570
3571 EXPECT_THAT(response.result_error(), IsOk());
3572 EXPECT_THAT(response.request()->GetAddressResults(),
3573 AnyOf(nullptr, Pointee(IsEmpty())));
3574 EXPECT_THAT(response.request()->GetEndpointResults(),
3575 AnyOf(nullptr, Pointee(IsEmpty())));
3576 EXPECT_THAT(response.request()->GetTextResults(),
3577 AnyOf(nullptr, Pointee(IsEmpty())));
3578 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3579 AnyOf(nullptr, Pointee(IsEmpty())));
3580 EXPECT_THAT(
3581 response.request()->GetHostnameResults(),
3582 testing::Pointee(testing::ElementsAre(HostPortPair("foo.com", 8265))));
3583 }
3584
3585 // Test that we are able to create multicast DNS requests that contain
3586 // characters not permitted in the DNS spec such as spaces and parenthesis.
TEST_F(HostResolverManagerTest,Mdns_Srv_Unrestricted)3587 TEST_F(HostResolverManagerTest, Mdns_Srv_Unrestricted) {
3588 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3589 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3590 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3591
3592 HostResolver::ResolveHostParameters parameters;
3593 parameters.dns_query_type = DnsQueryType::SRV;
3594 parameters.source = HostResolverSource::MULTICAST_DNS;
3595
3596 ResolveHostResponseHelper response(resolver_->CreateRequest(
3597 HostPortPair("foo bar(A1B2)._ipps._tcp.local", 83),
3598 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
3599 resolve_context_.get(), resolve_context_->host_cache()));
3600
3601 socket_factory_ptr->SimulateReceive(kMdnsResponseSrvUnrestricted,
3602 sizeof(kMdnsResponseSrvUnrestricted));
3603
3604 EXPECT_THAT(response.result_error(), IsOk());
3605 EXPECT_THAT(response.request()->GetAddressResults(),
3606 AnyOf(nullptr, Pointee(IsEmpty())));
3607 EXPECT_THAT(response.request()->GetEndpointResults(),
3608 AnyOf(nullptr, Pointee(IsEmpty())));
3609 EXPECT_THAT(response.request()->GetTextResults(),
3610 AnyOf(nullptr, Pointee(IsEmpty())));
3611 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3612 AnyOf(nullptr, Pointee(IsEmpty())));
3613 EXPECT_THAT(
3614 response.request()->GetHostnameResults(),
3615 testing::Pointee(testing::ElementsAre(HostPortPair("foo.com", 8265))));
3616 }
3617
3618 // Test that we are able to create multicast DNS requests that contain
3619 // characters not permitted in the DNS spec such as spaces and parenthesis.
TEST_F(HostResolverManagerTest,Mdns_Srv_Result_Unrestricted)3620 TEST_F(HostResolverManagerTest, Mdns_Srv_Result_Unrestricted) {
3621 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3622 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3623 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3624
3625 HostResolver::ResolveHostParameters parameters;
3626 parameters.dns_query_type = DnsQueryType::SRV;
3627 parameters.source = HostResolverSource::MULTICAST_DNS;
3628
3629 ResolveHostResponseHelper response(resolver_->CreateRequest(
3630 HostPortPair("myhello.local", 83), NetworkAnonymizationKey(),
3631 NetLogWithSource(), parameters, resolve_context_.get(),
3632 resolve_context_->host_cache()));
3633
3634 socket_factory_ptr->SimulateReceive(
3635 kMdnsResponseSrvUnrestrictedResult,
3636 sizeof(kMdnsResponseSrvUnrestrictedResult));
3637
3638 EXPECT_THAT(response.result_error(), IsOk());
3639 EXPECT_THAT(response.request()->GetAddressResults(),
3640 AnyOf(nullptr, Pointee(IsEmpty())));
3641 EXPECT_THAT(response.request()->GetEndpointResults(),
3642 AnyOf(nullptr, Pointee(IsEmpty())));
3643 EXPECT_THAT(response.request()->GetTextResults(),
3644 AnyOf(nullptr, Pointee(IsEmpty())));
3645 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3646 AnyOf(nullptr, Pointee(IsEmpty())));
3647 EXPECT_THAT(response.request()->GetHostnameResults(),
3648 testing::Pointee(
3649 testing::ElementsAre(HostPortPair("foo bar.local", 8265))));
3650 }
3651
3652 // Test multicast DNS handling of NSEC responses (used for explicit negative
3653 // response).
TEST_F(HostResolverManagerTest,Mdns_Nsec)3654 TEST_F(HostResolverManagerTest, Mdns_Nsec) {
3655 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3656 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3657 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3658 // 2 socket creations for every transaction.
3659 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3660
3661 HostResolver::ResolveHostParameters parameters;
3662 parameters.dns_query_type = DnsQueryType::AAAA;
3663 parameters.source = HostResolverSource::MULTICAST_DNS;
3664
3665 ResolveHostResponseHelper response(resolver_->CreateRequest(
3666 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3667 NetLogWithSource(), parameters, resolve_context_.get(),
3668 resolve_context_->host_cache()));
3669
3670 socket_factory_ptr->SimulateReceive(kMdnsResponseNsec,
3671 sizeof(kMdnsResponseNsec));
3672
3673 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3674 EXPECT_THAT(response.request()->GetAddressResults(),
3675 AnyOf(nullptr, Pointee(IsEmpty())));
3676 EXPECT_THAT(response.request()->GetEndpointResults(),
3677 AnyOf(nullptr, Pointee(IsEmpty())));
3678 }
3679
TEST_F(HostResolverManagerTest,Mdns_NoResponse)3680 TEST_F(HostResolverManagerTest, Mdns_NoResponse) {
3681 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3682 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3683 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3684 // 2 socket creations for every transaction.
3685 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(4);
3686
3687 // Add a little bit of extra fudge to the delay to allow reasonable
3688 // flexibility for time > vs >= etc. We don't need to fail the test if we
3689 // timeout at t=6001 instead of t=6000.
3690 base::TimeDelta kSleepFudgeFactor = base::Milliseconds(1);
3691
3692 // Override the current thread task runner, so we can simulate the passage of
3693 // time to trigger the timeout.
3694 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
3695 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
3696 task_runner_current_default_handle_override(test_task_runner);
3697
3698 HostResolver::ResolveHostParameters parameters;
3699 parameters.source = HostResolverSource::MULTICAST_DNS;
3700
3701 ResolveHostResponseHelper response(resolver_->CreateRequest(
3702 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3703 NetLogWithSource(), parameters, resolve_context_.get(),
3704 resolve_context_->host_cache()));
3705
3706 ASSERT_TRUE(test_task_runner->HasPendingTask());
3707 test_task_runner->FastForwardBy(MDnsTransaction::kTransactionTimeout +
3708 kSleepFudgeFactor);
3709
3710 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3711 EXPECT_THAT(response.request()->GetAddressResults(),
3712 AnyOf(nullptr, Pointee(IsEmpty())));
3713 EXPECT_THAT(response.request()->GetEndpointResults(),
3714 AnyOf(nullptr, Pointee(IsEmpty())));
3715 EXPECT_THAT(response.request()->GetTextResults(),
3716 AnyOf(nullptr, Pointee(IsEmpty())));
3717 EXPECT_THAT(response.request()->GetHostnameResults(),
3718 AnyOf(nullptr, Pointee(IsEmpty())));
3719 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3720 AnyOf(nullptr, Pointee(IsEmpty())));
3721
3722 test_task_runner->FastForwardUntilNoTasksRemain();
3723 }
3724
TEST_F(HostResolverManagerTest,Mdns_WrongType)3725 TEST_F(HostResolverManagerTest, Mdns_WrongType) {
3726 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3727 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3728 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3729 // 2 socket creations for every transaction.
3730 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3731
3732 // Add a little bit of extra fudge to the delay to allow reasonable
3733 // flexibility for time > vs >= etc. We don't need to fail the test if we
3734 // timeout at t=6001 instead of t=6000.
3735 base::TimeDelta kSleepFudgeFactor = base::Milliseconds(1);
3736
3737 // Override the current thread task runner, so we can simulate the passage of
3738 // time to trigger the timeout.
3739 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
3740 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
3741 task_runner_current_default_handle_override(test_task_runner);
3742
3743 HostResolver::ResolveHostParameters parameters;
3744 parameters.dns_query_type = DnsQueryType::A;
3745 parameters.source = HostResolverSource::MULTICAST_DNS;
3746
3747 ResolveHostResponseHelper response(resolver_->CreateRequest(
3748 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3749 NetLogWithSource(), parameters, resolve_context_.get(),
3750 resolve_context_->host_cache()));
3751
3752 // Not the requested type. Should be ignored.
3753 socket_factory_ptr->SimulateReceive(kMdnsResponseTxt,
3754 sizeof(kMdnsResponseTxt));
3755
3756 ASSERT_TRUE(test_task_runner->HasPendingTask());
3757 test_task_runner->FastForwardBy(MDnsTransaction::kTransactionTimeout +
3758 kSleepFudgeFactor);
3759
3760 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3761 EXPECT_THAT(response.request()->GetAddressResults(),
3762 AnyOf(nullptr, Pointee(IsEmpty())));
3763 EXPECT_THAT(response.request()->GetEndpointResults(),
3764 AnyOf(nullptr, Pointee(IsEmpty())));
3765 EXPECT_THAT(response.request()->GetTextResults(),
3766 AnyOf(nullptr, Pointee(IsEmpty())));
3767 EXPECT_THAT(response.request()->GetHostnameResults(),
3768 AnyOf(nullptr, Pointee(IsEmpty())));
3769 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3770 AnyOf(nullptr, Pointee(IsEmpty())));
3771
3772 test_task_runner->FastForwardUntilNoTasksRemain();
3773 }
3774
3775 // Test for a request for both A and AAAA results where results only exist for
3776 // one type.
TEST_F(HostResolverManagerTest,Mdns_PartialResults)3777 TEST_F(HostResolverManagerTest, Mdns_PartialResults) {
3778 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3779 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3780 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3781 // 2 socket creations for every transaction.
3782 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(4);
3783
3784 // Add a little bit of extra fudge to the delay to allow reasonable
3785 // flexibility for time > vs >= etc. We don't need to fail the test if we
3786 // timeout at t=6001 instead of t=6000.
3787 base::TimeDelta kSleepFudgeFactor = base::Milliseconds(1);
3788
3789 // Override the current thread task runner, so we can simulate the passage of
3790 // time to trigger the timeout.
3791 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
3792 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
3793 task_runner_current_default_handle_override(test_task_runner);
3794
3795 HostResolver::ResolveHostParameters parameters;
3796 parameters.source = HostResolverSource::MULTICAST_DNS;
3797
3798 ResolveHostResponseHelper response(resolver_->CreateRequest(
3799 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3800 NetLogWithSource(), parameters, resolve_context_.get(),
3801 resolve_context_->host_cache()));
3802
3803 ASSERT_TRUE(test_task_runner->HasPendingTask());
3804
3805 socket_factory_ptr->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3806 test_task_runner->FastForwardBy(MDnsTransaction::kTransactionTimeout +
3807 kSleepFudgeFactor);
3808
3809 EXPECT_THAT(response.result_error(), IsOk());
3810 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3811 testing::ElementsAre(CreateExpected("1.2.3.4", 80)));
3812 EXPECT_THAT(
3813 response.request()->GetEndpointResults(),
3814 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
3815 testing::ElementsAre(CreateExpected("1.2.3.4", 80))))));
3816
3817 test_task_runner->FastForwardUntilNoTasksRemain();
3818 }
3819
TEST_F(HostResolverManagerTest,Mdns_Cancel)3820 TEST_F(HostResolverManagerTest, Mdns_Cancel) {
3821 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3822 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3823 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3824 // 2 socket creations for every transaction.
3825 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(4);
3826
3827 HostResolver::ResolveHostParameters parameters;
3828 parameters.source = HostResolverSource::MULTICAST_DNS;
3829
3830 ResolveHostResponseHelper response(resolver_->CreateRequest(
3831 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3832 NetLogWithSource(), parameters, resolve_context_.get(),
3833 resolve_context_->host_cache()));
3834
3835 response.CancelRequest();
3836
3837 socket_factory_ptr->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3838 socket_factory_ptr->SimulateReceive(kMdnsResponseAAAA,
3839 sizeof(kMdnsResponseAAAA));
3840
3841 base::RunLoop().RunUntilIdle();
3842 EXPECT_FALSE(response.complete());
3843 }
3844
3845 // Test for a two-transaction query where the first fails to start. The second
3846 // should be cancelled.
TEST_F(HostResolverManagerTest,Mdns_PartialFailure)3847 TEST_F(HostResolverManagerTest, Mdns_PartialFailure) {
3848 // Setup a mock MDnsClient where the first transaction will always return
3849 // |false| immediately on Start(). Second transaction may or may not be
3850 // created, but if it is, Start() not expected to be called because the
3851 // overall request should immediately fail.
3852 auto transaction1 = std::make_unique<MockMDnsTransaction>();
3853 EXPECT_CALL(*transaction1, Start()).WillOnce(Return(false));
3854 auto transaction2 = std::make_unique<MockMDnsTransaction>();
3855 EXPECT_CALL(*transaction2, Start()).Times(0);
3856
3857 auto client = std::make_unique<MockMDnsClient>();
3858 EXPECT_CALL(*client, CreateTransaction(_, _, _, _))
3859 .Times(Between(1, 2)) // Second transaction optionally created.
3860 .WillOnce(Return(ByMove(std::move(transaction1))))
3861 .WillOnce(Return(ByMove(std::move(transaction2))));
3862 EXPECT_CALL(*client, IsListening()).WillRepeatedly(Return(true));
3863 resolver_->SetMdnsClientForTesting(std::move(client));
3864
3865 HostResolver::ResolveHostParameters parameters;
3866 parameters.source = HostResolverSource::MULTICAST_DNS;
3867
3868 ResolveHostResponseHelper response(resolver_->CreateRequest(
3869 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3870 NetLogWithSource(), parameters, resolve_context_.get(),
3871 resolve_context_->host_cache()));
3872
3873 EXPECT_THAT(response.result_error(), IsError(ERR_FAILED));
3874 EXPECT_THAT(response.request()->GetAddressResults(),
3875 AnyOf(nullptr, Pointee(IsEmpty())));
3876 EXPECT_THAT(response.request()->GetEndpointResults(),
3877 AnyOf(nullptr, Pointee(IsEmpty())));
3878 }
3879
TEST_F(HostResolverManagerTest,Mdns_ListenFailure)3880 TEST_F(HostResolverManagerTest, Mdns_ListenFailure) {
3881 // Inject an MdnsClient mock that will always fail to start listening.
3882 auto client = std::make_unique<MockMDnsClient>();
3883 EXPECT_CALL(*client, StartListening(_)).WillOnce(Return(ERR_FAILED));
3884 EXPECT_CALL(*client, IsListening()).WillRepeatedly(Return(false));
3885 resolver_->SetMdnsClientForTesting(std::move(client));
3886
3887 HostResolver::ResolveHostParameters parameters;
3888 parameters.source = HostResolverSource::MULTICAST_DNS;
3889
3890 ResolveHostResponseHelper response(resolver_->CreateRequest(
3891 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3892 NetLogWithSource(), parameters, resolve_context_.get(),
3893 resolve_context_->host_cache()));
3894
3895 EXPECT_THAT(response.result_error(), IsError(ERR_FAILED));
3896 EXPECT_THAT(response.request()->GetAddressResults(),
3897 AnyOf(nullptr, Pointee(IsEmpty())));
3898 EXPECT_THAT(response.request()->GetEndpointResults(),
3899 AnyOf(nullptr, Pointee(IsEmpty())));
3900 }
3901
3902 // Implementation of HostResolver::MdnsListenerDelegate that records all
3903 // received results in maps.
3904 class TestMdnsListenerDelegate : public HostResolver::MdnsListener::Delegate {
3905 public:
3906 using UpdateKey = std::pair<MdnsListenerUpdateType, DnsQueryType>;
3907
OnAddressResult(MdnsListenerUpdateType update_type,DnsQueryType result_type,IPEndPoint address)3908 void OnAddressResult(MdnsListenerUpdateType update_type,
3909 DnsQueryType result_type,
3910 IPEndPoint address) override {
3911 address_results_.insert({{update_type, result_type}, address});
3912 }
3913
OnTextResult(MdnsListenerUpdateType update_type,DnsQueryType result_type,std::vector<std::string> text_records)3914 void OnTextResult(MdnsListenerUpdateType update_type,
3915 DnsQueryType result_type,
3916 std::vector<std::string> text_records) override {
3917 for (auto& text_record : text_records) {
3918 text_results_.insert(
3919 {{update_type, result_type}, std::move(text_record)});
3920 }
3921 }
3922
OnHostnameResult(MdnsListenerUpdateType update_type,DnsQueryType result_type,HostPortPair host)3923 void OnHostnameResult(MdnsListenerUpdateType update_type,
3924 DnsQueryType result_type,
3925 HostPortPair host) override {
3926 hostname_results_.insert({{update_type, result_type}, std::move(host)});
3927 }
3928
OnUnhandledResult(MdnsListenerUpdateType update_type,DnsQueryType result_type)3929 void OnUnhandledResult(MdnsListenerUpdateType update_type,
3930 DnsQueryType result_type) override {
3931 unhandled_results_.insert({update_type, result_type});
3932 }
3933
address_results()3934 const std::multimap<UpdateKey, IPEndPoint>& address_results() {
3935 return address_results_;
3936 }
3937
text_results()3938 const std::multimap<UpdateKey, std::string>& text_results() {
3939 return text_results_;
3940 }
3941
hostname_results()3942 const std::multimap<UpdateKey, HostPortPair>& hostname_results() {
3943 return hostname_results_;
3944 }
3945
unhandled_results()3946 const std::multiset<UpdateKey>& unhandled_results() {
3947 return unhandled_results_;
3948 }
3949
3950 template <typename T>
CreateExpectedResult(MdnsListenerUpdateType update_type,DnsQueryType query_type,T result)3951 static std::pair<UpdateKey, T> CreateExpectedResult(
3952 MdnsListenerUpdateType update_type,
3953 DnsQueryType query_type,
3954 T result) {
3955 return std::make_pair(std::make_pair(update_type, query_type), result);
3956 }
3957
3958 private:
3959 std::multimap<UpdateKey, IPEndPoint> address_results_;
3960 std::multimap<UpdateKey, std::string> text_results_;
3961 std::multimap<UpdateKey, HostPortPair> hostname_results_;
3962 std::multiset<UpdateKey> unhandled_results_;
3963 };
3964
TEST_F(HostResolverManagerTest,MdnsListener)3965 TEST_F(HostResolverManagerTest, MdnsListener) {
3966 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3967 base::SimpleTestClock clock;
3968 clock.SetNow(base::Time::Now());
3969 auto cache_cleanup_timer = std::make_unique<base::MockOneShotTimer>();
3970 auto* cache_cleanup_timer_ptr = cache_cleanup_timer.get();
3971 auto mdns_client =
3972 std::make_unique<MDnsClientImpl>(&clock, std::move(cache_cleanup_timer));
3973 ASSERT_THAT(mdns_client->StartListening(socket_factory.get()), IsOk());
3974 resolver_->SetMdnsClientForTesting(std::move(mdns_client));
3975
3976 TestMdnsListenerDelegate delegate;
3977 std::unique_ptr<HostResolver::MdnsListener> listener =
3978 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 80),
3979 DnsQueryType::A);
3980
3981 ASSERT_THAT(listener->Start(&delegate), IsOk());
3982 ASSERT_THAT(delegate.address_results(), testing::IsEmpty());
3983
3984 socket_factory->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3985 socket_factory->SimulateReceive(kMdnsResponseA2, sizeof(kMdnsResponseA2));
3986 socket_factory->SimulateReceive(kMdnsResponseA2Goodbye,
3987 sizeof(kMdnsResponseA2Goodbye));
3988
3989 // Per RFC6762 section 10.1, removals take effect 1 second after receiving the
3990 // goodbye message.
3991 clock.Advance(base::Seconds(1));
3992 cache_cleanup_timer_ptr->Fire();
3993
3994 // Expect 1 record adding "1.2.3.4", another changing to "5.6.7.8", and a
3995 // final removing "5.6.7.8".
3996 EXPECT_THAT(delegate.address_results(),
3997 testing::ElementsAre(
3998 TestMdnsListenerDelegate::CreateExpectedResult(
3999 MdnsListenerUpdateType::kAdded, DnsQueryType::A,
4000 CreateExpected("1.2.3.4", 80)),
4001 TestMdnsListenerDelegate::CreateExpectedResult(
4002 MdnsListenerUpdateType::kChanged, DnsQueryType::A,
4003 CreateExpected("5.6.7.8", 80)),
4004 TestMdnsListenerDelegate::CreateExpectedResult(
4005 MdnsListenerUpdateType::kRemoved, DnsQueryType::A,
4006 CreateExpected("5.6.7.8", 80))));
4007
4008 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
4009 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
4010 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
4011 }
4012
TEST_F(HostResolverManagerTest,MdnsListener_StartListenFailure)4013 TEST_F(HostResolverManagerTest, MdnsListener_StartListenFailure) {
4014 // Inject an MdnsClient mock that will always fail to start listening.
4015 auto client = std::make_unique<MockMDnsClient>();
4016 EXPECT_CALL(*client, StartListening(_)).WillOnce(Return(ERR_TIMED_OUT));
4017 EXPECT_CALL(*client, IsListening()).WillRepeatedly(Return(false));
4018 resolver_->SetMdnsClientForTesting(std::move(client));
4019
4020 TestMdnsListenerDelegate delegate;
4021 std::unique_ptr<HostResolver::MdnsListener> listener =
4022 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 80),
4023 DnsQueryType::A);
4024
4025 EXPECT_THAT(listener->Start(&delegate), IsError(ERR_TIMED_OUT));
4026 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
4027 }
4028
4029 // Test that removal notifications are sent on natural expiration of MDNS
4030 // records.
TEST_F(HostResolverManagerTest,MdnsListener_Expiration)4031 TEST_F(HostResolverManagerTest, MdnsListener_Expiration) {
4032 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
4033 base::SimpleTestClock clock;
4034 clock.SetNow(base::Time::Now());
4035 auto cache_cleanup_timer = std::make_unique<base::MockOneShotTimer>();
4036 auto* cache_cleanup_timer_ptr = cache_cleanup_timer.get();
4037 auto mdns_client =
4038 std::make_unique<MDnsClientImpl>(&clock, std::move(cache_cleanup_timer));
4039 ASSERT_THAT(mdns_client->StartListening(socket_factory.get()), IsOk());
4040 resolver_->SetMdnsClientForTesting(std::move(mdns_client));
4041
4042 TestMdnsListenerDelegate delegate;
4043 std::unique_ptr<HostResolver::MdnsListener> listener =
4044 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 100),
4045 DnsQueryType::A);
4046
4047 ASSERT_THAT(listener->Start(&delegate), IsOk());
4048 ASSERT_THAT(delegate.address_results(), testing::IsEmpty());
4049
4050 socket_factory->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
4051
4052 EXPECT_THAT(
4053 delegate.address_results(),
4054 testing::ElementsAre(TestMdnsListenerDelegate::CreateExpectedResult(
4055 MdnsListenerUpdateType::kAdded, DnsQueryType::A,
4056 CreateExpected("1.2.3.4", 100))));
4057
4058 clock.Advance(base::Seconds(16));
4059 cache_cleanup_timer_ptr->Fire();
4060
4061 EXPECT_THAT(delegate.address_results(),
4062 testing::ElementsAre(
4063 TestMdnsListenerDelegate::CreateExpectedResult(
4064 MdnsListenerUpdateType::kAdded, DnsQueryType::A,
4065 CreateExpected("1.2.3.4", 100)),
4066 TestMdnsListenerDelegate::CreateExpectedResult(
4067 MdnsListenerUpdateType::kRemoved, DnsQueryType::A,
4068 CreateExpected("1.2.3.4", 100))));
4069
4070 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
4071 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
4072 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
4073 }
4074
TEST_F(HostResolverManagerTest,MdnsListener_Txt)4075 TEST_F(HostResolverManagerTest, MdnsListener_Txt) {
4076 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
4077 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
4078 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
4079
4080 TestMdnsListenerDelegate delegate;
4081 std::unique_ptr<HostResolver::MdnsListener> listener =
4082 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 12),
4083 DnsQueryType::TXT);
4084
4085 ASSERT_THAT(listener->Start(&delegate), IsOk());
4086 ASSERT_THAT(delegate.text_results(), testing::IsEmpty());
4087
4088 socket_factory_ptr->SimulateReceive(kMdnsResponseTxt,
4089 sizeof(kMdnsResponseTxt));
4090
4091 EXPECT_THAT(
4092 delegate.text_results(),
4093 testing::ElementsAre(
4094 TestMdnsListenerDelegate::CreateExpectedResult(
4095 MdnsListenerUpdateType::kAdded, DnsQueryType::TXT, "foo"),
4096 TestMdnsListenerDelegate::CreateExpectedResult(
4097 MdnsListenerUpdateType::kAdded, DnsQueryType::TXT, "bar")));
4098
4099 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
4100 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
4101 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
4102 }
4103
TEST_F(HostResolverManagerTest,MdnsListener_Ptr)4104 TEST_F(HostResolverManagerTest, MdnsListener_Ptr) {
4105 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
4106 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
4107 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
4108
4109 TestMdnsListenerDelegate delegate;
4110 std::unique_ptr<HostResolver::MdnsListener> listener =
4111 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 13),
4112 DnsQueryType::PTR);
4113
4114 ASSERT_THAT(listener->Start(&delegate), IsOk());
4115 ASSERT_THAT(delegate.text_results(), testing::IsEmpty());
4116
4117 socket_factory_ptr->SimulateReceive(kMdnsResponsePtr,
4118 sizeof(kMdnsResponsePtr));
4119
4120 EXPECT_THAT(
4121 delegate.hostname_results(),
4122 testing::ElementsAre(TestMdnsListenerDelegate::CreateExpectedResult(
4123 MdnsListenerUpdateType::kAdded, DnsQueryType::PTR,
4124 HostPortPair("foo.com", 13))));
4125
4126 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
4127 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
4128 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
4129 }
4130
TEST_F(HostResolverManagerTest,MdnsListener_Srv)4131 TEST_F(HostResolverManagerTest, MdnsListener_Srv) {
4132 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
4133 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
4134 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
4135
4136 TestMdnsListenerDelegate delegate;
4137 std::unique_ptr<HostResolver::MdnsListener> listener =
4138 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 14),
4139 DnsQueryType::SRV);
4140
4141 ASSERT_THAT(listener->Start(&delegate), IsOk());
4142 ASSERT_THAT(delegate.text_results(), testing::IsEmpty());
4143
4144 socket_factory_ptr->SimulateReceive(kMdnsResponseSrv,
4145 sizeof(kMdnsResponseSrv));
4146
4147 EXPECT_THAT(
4148 delegate.hostname_results(),
4149 testing::ElementsAre(TestMdnsListenerDelegate::CreateExpectedResult(
4150 MdnsListenerUpdateType::kAdded, DnsQueryType::SRV,
4151 HostPortPair("foo.com", 8265))));
4152
4153 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
4154 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
4155 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
4156 }
4157
4158 // Ensure query types we are not listening for do not affect MdnsListener.
TEST_F(HostResolverManagerTest,MdnsListener_NonListeningTypes)4159 TEST_F(HostResolverManagerTest, MdnsListener_NonListeningTypes) {
4160 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
4161 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
4162 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
4163
4164 TestMdnsListenerDelegate delegate;
4165 std::unique_ptr<HostResolver::MdnsListener> listener =
4166 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 41),
4167 DnsQueryType::A);
4168
4169 ASSERT_THAT(listener->Start(&delegate), IsOk());
4170
4171 socket_factory_ptr->SimulateReceive(kMdnsResponseAAAA,
4172 sizeof(kMdnsResponseAAAA));
4173
4174 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
4175 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
4176 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
4177 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
4178 }
4179
TEST_F(HostResolverManagerTest,MdnsListener_RootDomain)4180 TEST_F(HostResolverManagerTest, MdnsListener_RootDomain) {
4181 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
4182 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
4183 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
4184
4185 TestMdnsListenerDelegate delegate;
4186 std::unique_ptr<HostResolver::MdnsListener> listener =
4187 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 5),
4188 DnsQueryType::PTR);
4189
4190 ASSERT_THAT(listener->Start(&delegate), IsOk());
4191
4192 socket_factory_ptr->SimulateReceive(kMdnsResponsePtrRoot,
4193 sizeof(kMdnsResponsePtrRoot));
4194
4195 EXPECT_THAT(delegate.unhandled_results(),
4196 testing::ElementsAre(std::make_pair(
4197 MdnsListenerUpdateType::kAdded, DnsQueryType::PTR)));
4198
4199 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
4200 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
4201 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
4202 }
4203 #endif // BUILDFLAG(ENABLE_MDNS)
4204
CreateValidDnsConfig()4205 DnsConfig CreateValidDnsConfig() {
4206 IPAddress dns_ip(192, 168, 1, 0);
4207 DnsConfig config;
4208 config.nameservers.emplace_back(dns_ip, dns_protocol::kDefaultPort);
4209 config.doh_config =
4210 *DnsOverHttpsConfig::FromString("https://dns.example.com/");
4211 config.secure_dns_mode = SecureDnsMode::kOff;
4212 EXPECT_TRUE(config.IsValid());
4213 return config;
4214 }
4215
CreateUpgradableDnsConfig()4216 DnsConfig CreateUpgradableDnsConfig() {
4217 DnsConfig config;
4218 config.secure_dns_mode = SecureDnsMode::kAutomatic;
4219 config.allow_dns_over_https_upgrade = true;
4220
4221 auto ProviderHasAddr = [](base::StringPiece provider, const IPAddress& addr) {
4222 return base::Contains(GetDohProviderEntryForTesting(provider).ip_addresses,
4223 addr);
4224 };
4225
4226 // Cloudflare upgradeable IPs
4227 IPAddress dns_ip0(1, 0, 0, 1);
4228 IPAddress dns_ip1;
4229 EXPECT_TRUE(dns_ip1.AssignFromIPLiteral("2606:4700:4700::1111"));
4230 EXPECT_TRUE(ProviderHasAddr("Cloudflare", dns_ip0));
4231 EXPECT_TRUE(ProviderHasAddr("Cloudflare", dns_ip1));
4232 // CleanBrowsingFamily upgradeable IP
4233 IPAddress dns_ip2;
4234 EXPECT_TRUE(dns_ip2.AssignFromIPLiteral("2a0d:2a00:2::"));
4235 EXPECT_TRUE(ProviderHasAddr("CleanBrowsingFamily", dns_ip2));
4236 // CleanBrowsingSecure upgradeable IP
4237 IPAddress dns_ip3(185, 228, 169, 9);
4238 EXPECT_TRUE(ProviderHasAddr("CleanBrowsingSecure", dns_ip3));
4239 // Non-upgradeable IP
4240 IPAddress dns_ip4(1, 2, 3, 4);
4241
4242 config.nameservers = {
4243 IPEndPoint(dns_ip0, dns_protocol::kDefaultPort),
4244 IPEndPoint(dns_ip1, dns_protocol::kDefaultPort),
4245 IPEndPoint(dns_ip2, 54),
4246 IPEndPoint(dns_ip3, dns_protocol::kDefaultPort),
4247 IPEndPoint(dns_ip4, dns_protocol::kDefaultPort),
4248 };
4249 EXPECT_TRUE(config.IsValid());
4250 return config;
4251 }
4252
4253 // Check that entries are written to the cache with the right NIK.
TEST_F(HostResolverManagerTest,NetworkAnonymizationKeyWriteToHostCache)4254 TEST_F(HostResolverManagerTest, NetworkAnonymizationKeyWriteToHostCache) {
4255 const SchemefulSite kSite1(GURL("https://origin1.test/"));
4256 const SchemefulSite kSite2(GURL("https://origin2.test/"));
4257 auto kNetworkAnonymizationKey1 =
4258 net::NetworkAnonymizationKey::CreateSameSite(kSite1);
4259 auto kNetworkAnonymizationKey2 =
4260 net::NetworkAnonymizationKey::CreateSameSite(kSite2);
4261
4262 const char kFirstDnsResult[] = "192.168.1.42";
4263 const char kSecondDnsResult[] = "192.168.1.43";
4264
4265 for (bool split_cache_by_network_anonymization_key : {false, true}) {
4266 base::test::ScopedFeatureList feature_list;
4267 if (split_cache_by_network_anonymization_key) {
4268 feature_list.InitAndEnableFeature(
4269 features::kSplitHostCacheByNetworkIsolationKey);
4270 } else {
4271 feature_list.InitAndDisableFeature(
4272 features::kSplitHostCacheByNetworkIsolationKey);
4273 }
4274 proc_->AddRuleForAllFamilies("just.testing", kFirstDnsResult);
4275 proc_->SignalMultiple(1u);
4276
4277 // Resolve a host using kNetworkAnonymizationKey1.
4278 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4279 HostPortPair("just.testing", 80), kNetworkAnonymizationKey1,
4280 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4281 resolve_context_->host_cache()));
4282 EXPECT_THAT(response1.result_error(), IsOk());
4283 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4284 testing::ElementsAre(CreateExpected(kFirstDnsResult, 80)));
4285 EXPECT_THAT(
4286 response1.request()->GetEndpointResults(),
4287 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4288 testing::ElementsAre(CreateExpected(kFirstDnsResult, 80))))));
4289 EXPECT_FALSE(response1.request()->GetStaleInfo());
4290 EXPECT_EQ(1u, proc_->GetCaptureList().size());
4291
4292 // If the host cache is being split by NetworkAnonymizationKeys, there
4293 // should be an entry in the HostCache with kNetworkAnonymizationKey1.
4294 // Otherwise, there should be an entry with the empty NAK.
4295 if (split_cache_by_network_anonymization_key) {
4296 EXPECT_TRUE(GetCacheHit(
4297 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
4298 0 /* host_resolver_flags */, HostResolverSource::ANY,
4299 kNetworkAnonymizationKey1)));
4300
4301 EXPECT_FALSE(GetCacheHit(
4302 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
4303 0 /* host_resolver_flags */, HostResolverSource::ANY,
4304 NetworkAnonymizationKey())));
4305 } else {
4306 EXPECT_FALSE(GetCacheHit(
4307 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
4308 0 /* host_resolver_flags */, HostResolverSource::ANY,
4309 kNetworkAnonymizationKey1)));
4310
4311 EXPECT_TRUE(GetCacheHit(
4312 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
4313 0 /* host_resolver_flags */, HostResolverSource::ANY,
4314 NetworkAnonymizationKey())));
4315 }
4316
4317 // There should be no entry using kNetworkAnonymizationKey2 in either case.
4318 EXPECT_FALSE(GetCacheHit(HostCache::Key(
4319 "just.testing", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
4320 HostResolverSource::ANY, kNetworkAnonymizationKey2)));
4321
4322 // A request using kNetworkAnonymizationKey2 should only be served out of
4323 // the cache of the cache if |split_cache_by_network_anonymization_key| is
4324 // false. If it's not served over the network, it is provided a different
4325 // result.
4326 if (split_cache_by_network_anonymization_key) {
4327 proc_->AddRuleForAllFamilies("just.testing", kSecondDnsResult);
4328 proc_->SignalMultiple(1u);
4329 }
4330 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4331 HostPortPair("just.testing", 80), kNetworkAnonymizationKey2,
4332 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4333 resolve_context_->host_cache()));
4334 EXPECT_THAT(response2.result_error(), IsOk());
4335 if (split_cache_by_network_anonymization_key) {
4336 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
4337 testing::ElementsAre(CreateExpected(kSecondDnsResult, 80)));
4338 EXPECT_THAT(
4339 response2.request()->GetEndpointResults(),
4340 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4341 testing::ElementsAre(CreateExpected(kSecondDnsResult, 80))))));
4342 EXPECT_FALSE(response2.request()->GetStaleInfo());
4343 EXPECT_EQ(2u, proc_->GetCaptureList().size());
4344 EXPECT_TRUE(GetCacheHit(
4345 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
4346 0 /* host_resolver_flags */, HostResolverSource::ANY,
4347 kNetworkAnonymizationKey2)));
4348 } else {
4349 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
4350 testing::ElementsAre(CreateExpected(kFirstDnsResult, 80)));
4351 EXPECT_THAT(
4352 response2.request()->GetEndpointResults(),
4353 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4354 testing::ElementsAre(CreateExpected(kFirstDnsResult, 80))))));
4355 EXPECT_TRUE(response2.request()->GetStaleInfo());
4356 EXPECT_EQ(1u, proc_->GetCaptureList().size());
4357 EXPECT_FALSE(GetCacheHit(
4358 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
4359 0 /* host_resolver_flags */, HostResolverSource::ANY,
4360 kNetworkAnonymizationKey2)));
4361 }
4362
4363 resolve_context_->host_cache()->clear();
4364 proc_->ClearCaptureList();
4365 }
4366 }
4367
4368 // Check that entries are read to the cache with the right NIK.
TEST_F(HostResolverManagerTest,NetworkAnonymizationKeyReadFromHostCache)4369 TEST_F(HostResolverManagerTest, NetworkAnonymizationKeyReadFromHostCache) {
4370 const SchemefulSite kSite1(GURL("https://origin1.test/"));
4371 const SchemefulSite kSite2(GURL("https://origin2.test/"));
4372 auto kNetworkAnonymizationKey1 =
4373 net::NetworkAnonymizationKey::CreateSameSite(kSite1);
4374 auto kNetworkAnonymizationKey2 =
4375 net::NetworkAnonymizationKey::CreateSameSite(kSite2);
4376
4377 struct CacheEntry {
4378 NetworkAnonymizationKey network_anonymization_key;
4379 const char* cached_ip_address;
4380 };
4381
4382 const CacheEntry kCacheEntries[] = {
4383 {NetworkAnonymizationKey(), "192.168.1.42"},
4384 {kNetworkAnonymizationKey1, "192.168.1.43"},
4385 {kNetworkAnonymizationKey2, "192.168.1.44"},
4386 };
4387
4388 // Add entries to cache for the empty NIK, NIK1, and NIK2. Only the
4389 // HostResolverManager obeys network state partitioning, so this is fine to do
4390 // regardless of the feature value.
4391 for (const auto& cache_entry : kCacheEntries) {
4392 HostCache::Key key("just.testing", DnsQueryType::UNSPECIFIED, 0,
4393 HostResolverSource::ANY,
4394 cache_entry.network_anonymization_key);
4395 IPAddress address;
4396 ASSERT_TRUE(address.AssignFromIPLiteral(cache_entry.cached_ip_address));
4397 HostCache::Entry entry = HostCache::Entry(
4398 OK, {{address, 80}}, /*aliases=*/{}, HostCache::Entry::SOURCE_UNKNOWN);
4399 resolve_context_->host_cache()->Set(key, entry, base::TimeTicks::Now(),
4400 base::Days(1));
4401 }
4402
4403 for (bool split_cache_by_network_anonymization_key : {false, true}) {
4404 base::test::ScopedFeatureList feature_list;
4405 if (split_cache_by_network_anonymization_key) {
4406 feature_list.InitAndEnableFeature(
4407 features::kSplitHostCacheByNetworkIsolationKey);
4408 } else {
4409 feature_list.InitAndDisableFeature(
4410 features::kSplitHostCacheByNetworkIsolationKey);
4411 }
4412
4413 // A request that uses kNetworkAnonymizationKey1 will return cache entry 1
4414 // if the NetworkAnonymizationKeys are being used, and cache entry 0
4415 // otherwise.
4416 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4417 HostPortPair("just.testing", 80), kNetworkAnonymizationKey1,
4418 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4419 resolve_context_->host_cache()));
4420 EXPECT_THAT(response1.result_error(), IsOk());
4421 EXPECT_THAT(
4422 response1.request()->GetAddressResults()->endpoints(),
4423 testing::ElementsAre(CreateExpected(
4424 kCacheEntries[split_cache_by_network_anonymization_key ? 1 : 0]
4425 .cached_ip_address,
4426 80)));
4427 EXPECT_THAT(
4428 response1.request()->GetEndpointResults(),
4429 testing::Pointee(testing::ElementsAre(
4430 ExpectEndpointResult(testing::ElementsAre(CreateExpected(
4431 kCacheEntries[split_cache_by_network_anonymization_key ? 1 : 0]
4432 .cached_ip_address,
4433 80))))));
4434 EXPECT_TRUE(response1.request()->GetStaleInfo());
4435
4436 // A request that uses kNetworkAnonymizationKey2 will return cache entry 2
4437 // if the NetworkAnonymizationKeys are being used, and cache entry 0
4438 // otherwise.
4439 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4440 HostPortPair("just.testing", 80), kNetworkAnonymizationKey2,
4441 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4442 resolve_context_->host_cache()));
4443 EXPECT_THAT(response2.result_error(), IsOk());
4444 EXPECT_THAT(
4445 response2.request()->GetAddressResults()->endpoints(),
4446 testing::ElementsAre(CreateExpected(
4447 kCacheEntries[split_cache_by_network_anonymization_key ? 2 : 0]
4448 .cached_ip_address,
4449 80)));
4450 EXPECT_THAT(
4451 response2.request()->GetEndpointResults(),
4452 testing::Pointee(testing::ElementsAre(
4453 ExpectEndpointResult(testing::ElementsAre(CreateExpected(
4454 kCacheEntries[split_cache_by_network_anonymization_key ? 2 : 0]
4455 .cached_ip_address,
4456 80))))));
4457 EXPECT_TRUE(response2.request()->GetStaleInfo());
4458 }
4459 }
4460
4461 // Test that two requests made with different NetworkAnonymizationKeys are not
4462 // merged if network state partitioning is enabled.
TEST_F(HostResolverManagerTest,NetworkAnonymizationKeyTwoRequestsAtOnce)4463 TEST_F(HostResolverManagerTest, NetworkAnonymizationKeyTwoRequestsAtOnce) {
4464 const SchemefulSite kSite1(GURL("https://origin1.test/"));
4465 const SchemefulSite kSite2(GURL("https://origin2.test/"));
4466 auto kNetworkAnonymizationKey1 =
4467 net::NetworkAnonymizationKey::CreateSameSite(kSite1);
4468 auto kNetworkAnonymizationKey2 =
4469 net::NetworkAnonymizationKey::CreateSameSite(kSite2);
4470
4471 const char kDnsResult[] = "192.168.1.42";
4472
4473 for (bool split_cache_by_network_anonymization_key : {false, true}) {
4474 base::test::ScopedFeatureList feature_list;
4475 if (split_cache_by_network_anonymization_key) {
4476 feature_list.InitAndEnableFeature(
4477 features::kSplitHostCacheByNetworkIsolationKey);
4478 } else {
4479 feature_list.InitAndDisableFeature(
4480 features::kSplitHostCacheByNetworkIsolationKey);
4481 }
4482 proc_->AddRuleForAllFamilies("just.testing", kDnsResult);
4483
4484 // Start resolving a host using kNetworkAnonymizationKey1.
4485 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4486 HostPortPair("just.testing", 80), kNetworkAnonymizationKey1,
4487 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4488 resolve_context_->host_cache()));
4489 EXPECT_FALSE(response1.complete());
4490
4491 // Start resolving the same host using kNetworkAnonymizationKey2.
4492 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4493 HostPortPair("just.testing", 80), kNetworkAnonymizationKey2,
4494 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4495 resolve_context_->host_cache()));
4496 EXPECT_FALSE(response2.complete());
4497
4498 // Wait for and complete the expected number of over-the-wire DNS
4499 // resolutions.
4500 if (split_cache_by_network_anonymization_key) {
4501 proc_->WaitFor(2);
4502 EXPECT_EQ(2u, proc_->GetCaptureList().size());
4503 proc_->SignalMultiple(2u);
4504 } else {
4505 proc_->WaitFor(1);
4506 EXPECT_EQ(1u, proc_->GetCaptureList().size());
4507 proc_->SignalMultiple(1u);
4508 }
4509
4510 // Both requests should have completed successfully, with neither served out
4511 // of the cache.
4512
4513 EXPECT_THAT(response1.result_error(), IsOk());
4514 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4515 testing::ElementsAre(CreateExpected(kDnsResult, 80)));
4516 EXPECT_THAT(response1.request()->GetEndpointResults(),
4517 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4518 testing::ElementsAre(CreateExpected(kDnsResult, 80))))));
4519 EXPECT_FALSE(response1.request()->GetStaleInfo());
4520
4521 EXPECT_THAT(response2.result_error(), IsOk());
4522 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
4523 testing::ElementsAre(CreateExpected(kDnsResult, 80)));
4524 EXPECT_THAT(response2.request()->GetEndpointResults(),
4525 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4526 testing::ElementsAre(CreateExpected(kDnsResult, 80))))));
4527 EXPECT_FALSE(response2.request()->GetStaleInfo());
4528
4529 resolve_context_->host_cache()->clear();
4530 proc_->ClearCaptureList();
4531 }
4532 }
4533
4534 // Test that two otherwise-identical requests with different ResolveContexts are
4535 // not merged.
TEST_F(HostResolverManagerTest,ContextsNotMerged)4536 TEST_F(HostResolverManagerTest, ContextsNotMerged) {
4537 const char kDnsResult[] = "192.168.1.42";
4538
4539 proc_->AddRuleForAllFamilies("just.testing", kDnsResult);
4540
4541 // Start resolving a host using |resolve_context_|.
4542 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4543 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
4544 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4545 resolve_context_->host_cache()));
4546 EXPECT_FALSE(response1.complete());
4547
4548 // Start resolving the same host using another ResolveContext and cache.
4549 ResolveContext resolve_context2(resolve_context_->url_request_context(),
4550 true /* enable_caching */);
4551 resolver_->RegisterResolveContext(&resolve_context2);
4552 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4553 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
4554 NetLogWithSource(), absl::nullopt, &resolve_context2,
4555 resolve_context2.host_cache()));
4556 EXPECT_FALSE(response2.complete());
4557 EXPECT_EQ(2u, resolver_->num_jobs_for_testing());
4558
4559 // Wait for and complete the 2 over-the-wire DNS resolutions.
4560 proc_->WaitFor(2);
4561 EXPECT_EQ(2u, proc_->GetCaptureList().size());
4562 proc_->SignalMultiple(2u);
4563
4564 // Both requests should have completed successfully, with neither served out
4565 // of the cache.
4566
4567 EXPECT_THAT(response1.result_error(), IsOk());
4568 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4569 testing::ElementsAre(CreateExpected(kDnsResult, 80)));
4570 EXPECT_THAT(response1.request()->GetEndpointResults(),
4571 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4572 testing::ElementsAre(CreateExpected(kDnsResult, 80))))));
4573 EXPECT_FALSE(response1.request()->GetStaleInfo());
4574
4575 EXPECT_THAT(response2.result_error(), IsOk());
4576 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
4577 testing::ElementsAre(CreateExpected(kDnsResult, 80)));
4578 EXPECT_THAT(response2.request()->GetEndpointResults(),
4579 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4580 testing::ElementsAre(CreateExpected(kDnsResult, 80))))));
4581 EXPECT_FALSE(response2.request()->GetStaleInfo());
4582
4583 EXPECT_EQ(1u, resolve_context_->host_cache()->size());
4584 EXPECT_EQ(1u, resolve_context2.host_cache()->size());
4585
4586 resolver_->DeregisterResolveContext(&resolve_context2);
4587 }
4588
4589 // Specialized fixture for tests of DnsTask.
4590 class HostResolverManagerDnsTest : public HostResolverManagerTest {
4591 public:
HostResolverManagerDnsTest(base::test::TaskEnvironment::TimeSource time_source=base::test::TaskEnvironment::TimeSource::MOCK_TIME)4592 explicit HostResolverManagerDnsTest(
4593 base::test::TaskEnvironment::TimeSource time_source =
4594 base::test::TaskEnvironment::TimeSource::MOCK_TIME)
4595 : HostResolverManagerTest(time_source),
4596 notifier_task_runner_(
4597 base::MakeRefCounted<base::TestMockTimeTaskRunner>()) {
4598 auto config_service = std::make_unique<TestDnsConfigService>();
4599 config_service_ = config_service.get();
4600 notifier_ = std::make_unique<SystemDnsConfigChangeNotifier>(
4601 notifier_task_runner_, std::move(config_service));
4602 }
4603
4604 void Ipv6UnreachableTest(bool is_async);
4605 void Ipv6UnreachableInvalidConfigTest(bool is_async);
4606
4607 protected:
TearDown()4608 void TearDown() override {
4609 HostResolverManagerTest::TearDown();
4610 InvalidateDnsConfig();
4611
4612 // Ensure |notifier_| is fully cleaned up before test shutdown.
4613 notifier_.reset();
4614 notifier_task_runner_->RunUntilIdle();
4615 }
4616
4617 // HostResolverManagerTest implementation:
DefaultOptions()4618 HostResolver::ManagerOptions DefaultOptions() override {
4619 HostResolver::ManagerOptions options =
4620 HostResolverManagerTest::DefaultOptions();
4621 options.insecure_dns_client_enabled = true;
4622 options.additional_types_via_insecure_dns_enabled = true;
4623 return options;
4624 }
4625
CreateResolverWithOptionsAndParams(HostResolver::ManagerOptions options,const HostResolverSystemTask::Params & params,bool ipv6_reachable,bool is_async=false,bool ipv4_reachable=true)4626 void CreateResolverWithOptionsAndParams(
4627 HostResolver::ManagerOptions options,
4628 const HostResolverSystemTask::Params& params,
4629 bool ipv6_reachable,
4630 bool is_async = false,
4631 bool ipv4_reachable = true) override {
4632 DestroyResolver();
4633
4634 resolver_ = std::make_unique<TestHostResolverManager>(
4635 options, notifier_.get(), nullptr /* net_log */, ipv6_reachable,
4636 ipv4_reachable, is_async);
4637 auto dns_client =
4638 std::make_unique<MockDnsClient>(DnsConfig(), CreateDefaultDnsRules());
4639 dns_client_ = dns_client.get();
4640 resolver_->SetDnsClientForTesting(std::move(dns_client));
4641 resolver_->SetInsecureDnsClientEnabled(
4642 options.insecure_dns_client_enabled,
4643 options.additional_types_via_insecure_dns_enabled);
4644 resolver_->set_host_resolver_system_params_for_test(params);
4645 resolver_->RegisterResolveContext(resolve_context_.get());
4646 }
4647
4648 // Call after CreateResolver() to update the resolver with a new MockDnsClient
4649 // using |config| and |rules|.
UseMockDnsClient(const DnsConfig & config,MockDnsClientRuleList rules)4650 void UseMockDnsClient(const DnsConfig& config, MockDnsClientRuleList rules) {
4651 // HostResolver expects DnsConfig to get set after setting DnsClient, so
4652 // create first with an empty config and then update the config.
4653 auto dns_client =
4654 std::make_unique<MockDnsClient>(DnsConfig(), std::move(rules));
4655 dns_client_ = dns_client.get();
4656 resolver_->SetDnsClientForTesting(std::move(dns_client));
4657 resolver_->SetInsecureDnsClientEnabled(
4658 /*enabled=*/true,
4659 /*additional_dns_types_enabled=*/true);
4660 if (!config.Equals(DnsConfig()))
4661 ChangeDnsConfig(config);
4662 }
4663
CreateDefaultDnsRules()4664 static MockDnsClientRuleList CreateDefaultDnsRules() {
4665 MockDnsClientRuleList rules;
4666
4667 AddDnsRule(&rules, "nodomain", dns_protocol::kTypeA,
4668 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4669 AddDnsRule(&rules, "nodomain", dns_protocol::kTypeAAAA,
4670 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4671 AddDnsRule(&rules, "nx", dns_protocol::kTypeA,
4672 MockDnsClientRule::ResultType::kFail, false /* delay */);
4673 AddDnsRule(&rules, "nx", dns_protocol::kTypeAAAA,
4674 MockDnsClientRule::ResultType::kFail, false /* delay */);
4675 AddDnsRule(&rules, "ok", dns_protocol::kTypeA,
4676 MockDnsClientRule::ResultType::kOk, false /* delay */);
4677 AddDnsRule(&rules, "ok", dns_protocol::kTypeAAAA,
4678 MockDnsClientRule::ResultType::kOk, false /* delay */);
4679 AddDnsRule(&rules, "4ok", dns_protocol::kTypeA,
4680 MockDnsClientRule::ResultType::kOk, false /* delay */);
4681 AddDnsRule(&rules, "4ok", dns_protocol::kTypeAAAA,
4682 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4683 AddDnsRule(&rules, "6ok", dns_protocol::kTypeA,
4684 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4685 AddDnsRule(&rules, "6ok", dns_protocol::kTypeAAAA,
4686 MockDnsClientRule::ResultType::kOk, false /* delay */);
4687 AddDnsRule(&rules, "4nx", dns_protocol::kTypeA,
4688 MockDnsClientRule::ResultType::kOk, false /* delay */);
4689 AddDnsRule(&rules, "4nx", dns_protocol::kTypeAAAA,
4690 MockDnsClientRule::ResultType::kFail, false /* delay */);
4691 AddDnsRule(&rules, "empty", dns_protocol::kTypeA,
4692 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4693 AddDnsRule(&rules, "empty", dns_protocol::kTypeAAAA,
4694 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4695
4696 AddDnsRule(&rules, "slow_nx", dns_protocol::kTypeA,
4697 MockDnsClientRule::ResultType::kFail, true /* delay */);
4698 AddDnsRule(&rules, "slow_nx", dns_protocol::kTypeAAAA,
4699 MockDnsClientRule::ResultType::kFail, true /* delay */);
4700
4701 AddDnsRule(&rules, "4slow_ok", dns_protocol::kTypeA,
4702 MockDnsClientRule::ResultType::kOk, true /* delay */);
4703 AddDnsRule(&rules, "4slow_ok", dns_protocol::kTypeAAAA,
4704 MockDnsClientRule::ResultType::kOk, false /* delay */);
4705 AddDnsRule(&rules, "6slow_ok", dns_protocol::kTypeA,
4706 MockDnsClientRule::ResultType::kOk, false /* delay */);
4707 AddDnsRule(&rules, "6slow_ok", dns_protocol::kTypeAAAA,
4708 MockDnsClientRule::ResultType::kOk, true /* delay */);
4709 AddDnsRule(&rules, "4slow_4ok", dns_protocol::kTypeA,
4710 MockDnsClientRule::ResultType::kOk, true /* delay */);
4711 AddDnsRule(&rules, "4slow_4ok", dns_protocol::kTypeAAAA,
4712 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4713 AddDnsRule(&rules, "4slow_4timeout", dns_protocol::kTypeA,
4714 MockDnsClientRule::ResultType::kTimeout, true /* delay */);
4715 AddDnsRule(&rules, "4slow_4timeout", dns_protocol::kTypeAAAA,
4716 MockDnsClientRule::ResultType::kOk, false /* delay */);
4717 AddDnsRule(&rules, "4slow_6timeout", dns_protocol::kTypeA,
4718 MockDnsClientRule::ResultType::kOk, true /* delay */);
4719 AddDnsRule(&rules, "4slow_6timeout", dns_protocol::kTypeAAAA,
4720 MockDnsClientRule::ResultType::kTimeout, false /* delay */);
4721
4722 AddDnsRule(&rules, "4collision", dns_protocol::kTypeA,
4723 IPAddress(127, 0, 53, 53), false /* delay */);
4724 AddDnsRule(&rules, "4collision", dns_protocol::kTypeAAAA,
4725 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4726 AddDnsRule(&rules, "6collision", dns_protocol::kTypeA,
4727 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4728 // This isn't the expected IP for collisions (but looks close to it).
4729 AddDnsRule(&rules, "6collision", dns_protocol::kTypeAAAA,
4730 IPAddress(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 127, 0, 53, 53),
4731 false /* delay */);
4732
4733 AddSecureDnsRule(&rules, "automatic_nodomain", dns_protocol::kTypeA,
4734 MockDnsClientRule::ResultType::kNoDomain,
4735 false /* delay */);
4736 AddSecureDnsRule(&rules, "automatic_nodomain", dns_protocol::kTypeAAAA,
4737 MockDnsClientRule::ResultType::kNoDomain,
4738 false /* delay */);
4739 AddDnsRule(&rules, "automatic_nodomain", dns_protocol::kTypeA,
4740 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4741 AddDnsRule(&rules, "automatic_nodomain", dns_protocol::kTypeAAAA,
4742 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4743 AddSecureDnsRule(&rules, "automatic", dns_protocol::kTypeA,
4744 MockDnsClientRule::ResultType::kOk, false /* delay */);
4745 AddSecureDnsRule(&rules, "automatic", dns_protocol::kTypeAAAA,
4746 MockDnsClientRule::ResultType::kOk, false /* delay */);
4747 AddDnsRule(&rules, "automatic", dns_protocol::kTypeA,
4748 MockDnsClientRule::ResultType::kOk, false /* delay */);
4749 AddDnsRule(&rules, "automatic", dns_protocol::kTypeAAAA,
4750 MockDnsClientRule::ResultType::kOk, false /* delay */);
4751 AddDnsRule(&rules, "insecure_automatic", dns_protocol::kTypeA,
4752 MockDnsClientRule::ResultType::kOk, false /* delay */);
4753 AddDnsRule(&rules, "insecure_automatic", dns_protocol::kTypeAAAA,
4754 MockDnsClientRule::ResultType::kOk, false /* delay */);
4755
4756 AddSecureDnsRule(&rules, "secure", dns_protocol::kTypeA,
4757 MockDnsClientRule::ResultType::kOk, false /* delay */);
4758 AddSecureDnsRule(&rules, "secure", dns_protocol::kTypeAAAA,
4759 MockDnsClientRule::ResultType::kOk, false /* delay */);
4760
4761 return rules;
4762 }
4763
4764 // Adds a rule to |rules|.
AddDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,MockDnsClientRule::ResultType result_type,bool delay)4765 static void AddDnsRule(MockDnsClientRuleList* rules,
4766 const std::string& prefix,
4767 uint16_t qtype,
4768 MockDnsClientRule::ResultType result_type,
4769 bool delay) {
4770 rules->emplace_back(prefix, qtype, false /* secure */,
4771 MockDnsClientRule::Result(result_type), delay);
4772 }
4773
AddDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,const IPAddress & result_ip,bool delay)4774 static void AddDnsRule(MockDnsClientRuleList* rules,
4775 const std::string& prefix,
4776 uint16_t qtype,
4777 const IPAddress& result_ip,
4778 bool delay) {
4779 rules->emplace_back(prefix, qtype, false /* secure */,
4780 MockDnsClientRule::Result(
4781 BuildTestDnsAddressResponse(prefix, result_ip)),
4782 delay);
4783 }
4784
AddDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,IPAddress result_ip,std::string cannonname,bool delay)4785 static void AddDnsRule(MockDnsClientRuleList* rules,
4786 const std::string& prefix,
4787 uint16_t qtype,
4788 IPAddress result_ip,
4789 std::string cannonname,
4790 bool delay) {
4791 rules->emplace_back(
4792 prefix, qtype, false /* secure */,
4793 MockDnsClientRule::Result(BuildTestDnsAddressResponseWithCname(
4794 prefix, result_ip, std::move(cannonname))),
4795 delay);
4796 }
4797
AddDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,DnsResponse dns_test_response,bool delay)4798 static void AddDnsRule(MockDnsClientRuleList* rules,
4799
4800 const std::string& prefix,
4801 uint16_t qtype,
4802 DnsResponse dns_test_response,
4803 bool delay) {
4804 rules->emplace_back(prefix, qtype, false /* secure */,
4805 MockDnsClientRule::Result(std::move(dns_test_response)),
4806 delay);
4807 }
4808
AddSecureDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,MockDnsClientRule::ResultType result_type,bool delay)4809 static void AddSecureDnsRule(MockDnsClientRuleList* rules,
4810 const std::string& prefix,
4811 uint16_t qtype,
4812 MockDnsClientRule::ResultType result_type,
4813 bool delay) {
4814 rules->emplace_back(prefix, qtype, true /* secure */,
4815 MockDnsClientRule::Result(result_type), delay);
4816 }
4817
ChangeDnsConfig(const DnsConfig & config)4818 void ChangeDnsConfig(const DnsConfig& config) {
4819 DCHECK(config.IsValid());
4820 notifier_task_runner_->PostTask(
4821 FROM_HERE,
4822 base::BindOnce(&TestDnsConfigService::OnHostsRead,
4823 base::Unretained(config_service_), config.hosts));
4824 notifier_task_runner_->PostTask(
4825 FROM_HERE, base::BindOnce(&TestDnsConfigService::OnConfigRead,
4826 base::Unretained(config_service_), config));
4827
4828 notifier_task_runner_->RunUntilIdle();
4829 base::RunLoop().RunUntilIdle();
4830 }
4831
InvalidateDnsConfig()4832 void InvalidateDnsConfig() {
4833 notifier_task_runner_->PostTask(
4834 FROM_HERE,
4835 base::BindOnce(&TestDnsConfigService::OnHostsRead,
4836 base::Unretained(config_service_), DnsHosts()));
4837 notifier_task_runner_->PostTask(
4838 FROM_HERE, base::BindOnce(&TestDnsConfigService::InvalidateConfig,
4839 base::Unretained(config_service_)));
4840
4841 notifier_task_runner_->FastForwardBy(
4842 DnsConfigService::kInvalidationTimeout);
4843 base::RunLoop().RunUntilIdle();
4844 }
4845
SetInitialDnsConfig(const DnsConfig & config)4846 void SetInitialDnsConfig(const DnsConfig& config) {
4847 InvalidateDnsConfig();
4848 ChangeDnsConfig(config);
4849 }
4850
TriggerInsecureFailureCondition()4851 void TriggerInsecureFailureCondition() {
4852 proc_->AddRuleForAllFamilies(std::string(),
4853 std::string()); // Default to failures.
4854
4855 // Disable Secure DNS for these requests.
4856 HostResolver::ResolveHostParameters parameters;
4857 parameters.secure_dns_policy = SecureDnsPolicy::kDisable;
4858
4859 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
4860 for (unsigned i = 0; i < maximum_insecure_dns_task_failures(); ++i) {
4861 // Use custom names to require separate Jobs.
4862 std::string hostname = base::StringPrintf("nx_%u", i);
4863 // Ensure fallback to HostResolverSystemTask succeeds.
4864 proc_->AddRuleForAllFamilies(hostname, "192.168.1.101");
4865 responses.emplace_back(
4866 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
4867 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
4868 NetLogWithSource(), parameters, resolve_context_.get(),
4869 resolve_context_->host_cache())));
4870 }
4871
4872 proc_->SignalMultiple(responses.size());
4873
4874 for (const auto& response : responses)
4875 EXPECT_THAT(response->result_error(), IsOk());
4876
4877 ASSERT_FALSE(proc_->HasBlockedRequests());
4878 }
4879
4880 scoped_refptr<base::TestMockTimeTaskRunner> notifier_task_runner_;
4881 raw_ptr<TestDnsConfigService, DanglingUntriaged> config_service_;
4882 std::unique_ptr<SystemDnsConfigChangeNotifier> notifier_;
4883
4884 // Owned by |resolver_|.
4885 raw_ptr<MockDnsClient, DanglingUntriaged> dns_client_ = nullptr;
4886 };
4887
TEST_F(HostResolverManagerDnsTest,FlushCacheOnDnsConfigChange)4888 TEST_F(HostResolverManagerDnsTest, FlushCacheOnDnsConfigChange) {
4889 proc_->SignalMultiple(2u); // One before the flush, one after.
4890
4891 // Resolve to populate the cache.
4892 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
4893 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
4894 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
4895 EXPECT_THAT(initial_response.result_error(), IsOk());
4896 EXPECT_EQ(1u, proc_->GetCaptureList().size());
4897
4898 // Result expected to come from the cache.
4899 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
4900 HostPortPair("host1", 75), NetworkAnonymizationKey(), NetLogWithSource(),
4901 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
4902 EXPECT_THAT(cached_response.result_error(), IsOk());
4903 EXPECT_EQ(1u, proc_->GetCaptureList().size()); // No expected increase.
4904
4905 // Flush cache by triggering a DNS config change.
4906 ChangeDnsConfig(CreateValidDnsConfig());
4907
4908 // Expect flushed from cache and therefore served from |proc_|.
4909 ResolveHostResponseHelper flushed_response(resolver_->CreateRequest(
4910 HostPortPair("host1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
4911 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
4912 EXPECT_THAT(flushed_response.result_error(), IsOk());
4913 EXPECT_EQ(2u, proc_->GetCaptureList().size()); // Expected increase.
4914 }
4915
TEST_F(HostResolverManagerDnsTest,DisableAndEnableInsecureDnsClient)4916 TEST_F(HostResolverManagerDnsTest, DisableAndEnableInsecureDnsClient) {
4917 // Disable fallback to allow testing how requests are initially handled.
4918 set_allow_fallback_to_systemtask(false);
4919
4920 ChangeDnsConfig(CreateValidDnsConfig());
4921 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.2.47");
4922 proc_->SignalMultiple(1u);
4923
4924 resolver_->SetInsecureDnsClientEnabled(
4925 /*enabled=*/false,
4926 /*additional_dns_types_enabled*/ false);
4927 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
4928 HostPortPair("nx_succeed", 1212), NetworkAnonymizationKey(),
4929 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4930 resolve_context_->host_cache()));
4931 EXPECT_THAT(response_system.result_error(), IsOk());
4932 EXPECT_THAT(response_system.request()->GetAddressResults()->endpoints(),
4933 testing::ElementsAre(CreateExpected("192.168.2.47", 1212)));
4934 EXPECT_THAT(
4935 response_system.request()->GetEndpointResults(),
4936 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4937 testing::ElementsAre(CreateExpected("192.168.2.47", 1212))))));
4938
4939 resolver_->SetInsecureDnsClientEnabled(/*enabled*/ true,
4940 /*additional_dns_types_enabled=*/true);
4941 ResolveHostResponseHelper response_dns_client(resolver_->CreateRequest(
4942 HostPortPair("ok_fail", 1212), NetworkAnonymizationKey(),
4943 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4944 resolve_context_->host_cache()));
4945 EXPECT_THAT(response_dns_client.result_error(), IsOk());
4946 EXPECT_THAT(response_dns_client.request()->GetAddressResults()->endpoints(),
4947 testing::UnorderedElementsAre(CreateExpected("::1", 1212),
4948 CreateExpected("127.0.0.1", 1212)));
4949 EXPECT_THAT(
4950 response_dns_client.request()->GetEndpointResults(),
4951 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4952 testing::UnorderedElementsAre(CreateExpected("::1", 1212),
4953 CreateExpected("127.0.0.1", 1212))))));
4954 }
4955
TEST_F(HostResolverManagerDnsTest,UseHostResolverSystemTaskWhenPrivateDnsActive)4956 TEST_F(HostResolverManagerDnsTest,
4957 UseHostResolverSystemTaskWhenPrivateDnsActive) {
4958 // Disable fallback to allow testing how requests are initially handled.
4959 set_allow_fallback_to_systemtask(false);
4960 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.2.47");
4961 proc_->SignalMultiple(1u);
4962
4963 DnsConfig config = CreateValidDnsConfig();
4964 config.dns_over_tls_active = true;
4965 ChangeDnsConfig(config);
4966 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
4967 HostPortPair("nx_succeed", 1212), NetworkAnonymizationKey(),
4968 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4969 resolve_context_->host_cache()));
4970 EXPECT_THAT(response_system.result_error(), IsOk());
4971 EXPECT_THAT(response_system.request()->GetAddressResults()->endpoints(),
4972 testing::ElementsAre(CreateExpected("192.168.2.47", 1212)));
4973 EXPECT_THAT(
4974 response_system.request()->GetEndpointResults(),
4975 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4976 testing::ElementsAre(CreateExpected("192.168.2.47", 1212))))));
4977 }
4978
4979 // RFC 6761 localhost names should always resolve to loopback.
TEST_F(HostResolverManagerDnsTest,LocalhostLookup)4980 TEST_F(HostResolverManagerDnsTest, LocalhostLookup) {
4981 // Add a rule resolving localhost names to a non-loopback IP and test
4982 // that they still resolves to loopback.
4983 proc_->AddRuleForAllFamilies("foo.localhost", "192.168.1.42");
4984 proc_->AddRuleForAllFamilies("localhost", "192.168.1.42");
4985 proc_->AddRuleForAllFamilies("localhost.", "192.168.1.42");
4986
4987 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4988 HostPortPair("foo.localhost", 80), NetworkAnonymizationKey(),
4989 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
4990 resolve_context_->host_cache()));
4991 EXPECT_THAT(response0.result_error(), IsOk());
4992 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
4993 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4994 CreateExpected("::1", 80)));
4995 EXPECT_THAT(
4996 response0.request()->GetEndpointResults(),
4997 testing::Pointee(testing::ElementsAre(
4998 ExpectEndpointResult(testing::UnorderedElementsAre(
4999 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5000
5001 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5002 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
5003 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5004 resolve_context_->host_cache()));
5005 EXPECT_THAT(response1.result_error(), IsOk());
5006 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
5007 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5008 CreateExpected("::1", 80)));
5009 EXPECT_THAT(
5010 response1.request()->GetEndpointResults(),
5011 testing::Pointee(testing::ElementsAre(
5012 ExpectEndpointResult(testing::UnorderedElementsAre(
5013 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5014
5015 ResolveHostResponseHelper response2(resolver_->CreateRequest(
5016 HostPortPair("localhost.", 80), NetworkAnonymizationKey(),
5017 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5018 resolve_context_->host_cache()));
5019 EXPECT_THAT(response2.result_error(), IsOk());
5020 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
5021 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5022 CreateExpected("::1", 80)));
5023 EXPECT_THAT(
5024 response2.request()->GetEndpointResults(),
5025 testing::Pointee(testing::ElementsAre(
5026 ExpectEndpointResult(testing::UnorderedElementsAre(
5027 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5028 }
5029
5030 // RFC 6761 localhost names should always resolve to loopback, even if a HOSTS
5031 // file is active.
TEST_F(HostResolverManagerDnsTest,LocalhostLookupWithHosts)5032 TEST_F(HostResolverManagerDnsTest, LocalhostLookupWithHosts) {
5033 DnsHosts hosts;
5034 hosts[DnsHostsKey("localhost", ADDRESS_FAMILY_IPV4)] =
5035 IPAddress({192, 168, 1, 1});
5036 hosts[DnsHostsKey("foo.localhost", ADDRESS_FAMILY_IPV4)] =
5037 IPAddress({192, 168, 1, 2});
5038
5039 DnsConfig config = CreateValidDnsConfig();
5040 config.hosts = hosts;
5041 ChangeDnsConfig(config);
5042
5043 ResolveHostResponseHelper response0(resolver_->CreateRequest(
5044 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
5045 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5046 resolve_context_->host_cache()));
5047 EXPECT_THAT(response0.result_error(), IsOk());
5048 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
5049 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5050 CreateExpected("::1", 80)));
5051 EXPECT_THAT(
5052 response0.request()->GetEndpointResults(),
5053 testing::Pointee(testing::ElementsAre(
5054 ExpectEndpointResult(testing::UnorderedElementsAre(
5055 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5056
5057 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5058 HostPortPair("foo.localhost", 80), NetworkAnonymizationKey(),
5059 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5060 resolve_context_->host_cache()));
5061 EXPECT_THAT(response1.result_error(), IsOk());
5062 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
5063 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5064 CreateExpected("::1", 80)));
5065 EXPECT_THAT(
5066 response1.request()->GetEndpointResults(),
5067 testing::Pointee(testing::ElementsAre(
5068 ExpectEndpointResult(testing::UnorderedElementsAre(
5069 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5070 }
5071
5072 // Test successful and fallback resolutions in HostResolverManager::DnsTask.
TEST_F(HostResolverManagerDnsTest,DnsTask)5073 TEST_F(HostResolverManagerDnsTest, DnsTask) {
5074 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
5075 // All other hostnames will fail in proc_.
5076
5077 // Initially there is no config, so client should not be invoked.
5078 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
5079 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
5080 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5081 resolve_context_->host_cache()));
5082 EXPECT_FALSE(initial_response.complete());
5083
5084 proc_->SignalMultiple(1u);
5085
5086 EXPECT_THAT(initial_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5087
5088 ChangeDnsConfig(CreateValidDnsConfig());
5089
5090 ResolveHostResponseHelper response0(resolver_->CreateRequest(
5091 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
5092 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5093 resolve_context_->host_cache()));
5094 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5095 HostPortPair("nx_fail", 80), NetworkAnonymizationKey(),
5096 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5097 resolve_context_->host_cache()));
5098 ResolveHostResponseHelper response2(resolver_->CreateRequest(
5099 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
5100 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5101 resolve_context_->host_cache()));
5102
5103 proc_->SignalMultiple(4u);
5104
5105 // Resolved by MockDnsClient.
5106 EXPECT_THAT(response0.result_error(), IsOk());
5107 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
5108 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5109 CreateExpected("::1", 80)));
5110 EXPECT_THAT(
5111 response0.request()->GetEndpointResults(),
5112 testing::Pointee(testing::ElementsAre(
5113 ExpectEndpointResult(testing::UnorderedElementsAre(
5114 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5115
5116 // Fallback to HostResolverSystemTask.
5117 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5118 EXPECT_THAT(response2.result_error(), IsOk());
5119 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
5120 testing::ElementsAre(CreateExpected("192.168.1.102", 80)));
5121 EXPECT_THAT(response2.request()->GetEndpointResults(),
5122 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5123 testing::ElementsAre(CreateExpected("192.168.1.102", 80))))));
5124 }
5125
TEST_F(HostResolverManagerDnsTest,DnsTaskWithScheme)5126 TEST_F(HostResolverManagerDnsTest, DnsTaskWithScheme) {
5127 ChangeDnsConfig(CreateValidDnsConfig());
5128
5129 ResolveHostResponseHelper response(resolver_->CreateRequest(
5130 url::SchemeHostPort(url::kWsScheme, "ok_fail", 80),
5131 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
5132 resolve_context_.get(), resolve_context_->host_cache()));
5133
5134 // Resolved by MockDnsClient.
5135 EXPECT_THAT(response.result_error(), IsOk());
5136 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
5137 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5138 CreateExpected("::1", 80)));
5139 EXPECT_THAT(
5140 response.request()->GetEndpointResults(),
5141 testing::Pointee(testing::ElementsAre(
5142 ExpectEndpointResult(testing::UnorderedElementsAre(
5143 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5144 }
5145
5146 // Test successful and failing resolutions in HostResolverManager::DnsTask when
5147 // fallback to HostResolverSystemTask is disabled.
TEST_F(HostResolverManagerDnsTest,NoFallbackToHostResolverSystemTask)5148 TEST_F(HostResolverManagerDnsTest, NoFallbackToHostResolverSystemTask) {
5149 set_allow_fallback_to_systemtask(false);
5150
5151 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
5152 // All other hostnames will fail in proc_.
5153
5154 // Set empty DnsConfig.
5155 InvalidateDnsConfig();
5156 // Initially there is no config, so client should not be invoked.
5157 ResolveHostResponseHelper initial_response0(resolver_->CreateRequest(
5158 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
5159 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5160 resolve_context_->host_cache()));
5161 ResolveHostResponseHelper initial_response1(resolver_->CreateRequest(
5162 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
5163 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5164 resolve_context_->host_cache()));
5165 proc_->SignalMultiple(2u);
5166
5167 EXPECT_THAT(initial_response0.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5168 EXPECT_THAT(initial_response1.result_error(), IsOk());
5169 EXPECT_THAT(initial_response1.request()->GetAddressResults()->endpoints(),
5170 testing::ElementsAre(CreateExpected("192.168.1.102", 80)));
5171 EXPECT_THAT(initial_response1.request()->GetEndpointResults(),
5172 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5173 testing::ElementsAre(CreateExpected("192.168.1.102", 80))))));
5174
5175 // Switch to a valid config.
5176 ChangeDnsConfig(CreateValidDnsConfig());
5177 // First request is resolved by MockDnsClient, others should fail due to
5178 // disabled fallback to HostResolverSystemTask.
5179 ResolveHostResponseHelper response0(resolver_->CreateRequest(
5180 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
5181 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5182 resolve_context_->host_cache()));
5183 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5184 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
5185 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5186 resolve_context_->host_cache()));
5187 proc_->SignalMultiple(6u);
5188
5189 // Resolved by MockDnsClient.
5190 EXPECT_THAT(response0.result_error(), IsOk());
5191 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
5192 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5193 CreateExpected("::1", 80)));
5194 EXPECT_THAT(
5195 response0.request()->GetEndpointResults(),
5196 testing::Pointee(testing::ElementsAre(
5197 ExpectEndpointResult(testing::UnorderedElementsAre(
5198 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5199 // Fallback to HostResolverSystemTask is disabled.
5200 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5201 }
5202
5203 // Test behavior of OnDnsTaskFailure when Job is aborted.
TEST_F(HostResolverManagerDnsTest,OnDnsTaskFailureAbortedJob)5204 TEST_F(HostResolverManagerDnsTest, OnDnsTaskFailureAbortedJob) {
5205 ChangeDnsConfig(CreateValidDnsConfig());
5206 ResolveHostResponseHelper response(resolver_->CreateRequest(
5207 HostPortPair("nx_abort", 80), NetworkAnonymizationKey(),
5208 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5209 resolve_context_->host_cache()));
5210 // Abort all jobs here.
5211 CreateResolver();
5212 proc_->SignalMultiple(1u);
5213 // Run to completion.
5214 base::RunLoop().RunUntilIdle(); // Notification happens async.
5215 // It shouldn't crash during OnDnsTaskFailure callbacks.
5216 EXPECT_FALSE(response.complete());
5217
5218 // Repeat test with Fallback to HostResolverSystemTask disabled
5219 set_allow_fallback_to_systemtask(false);
5220 ChangeDnsConfig(CreateValidDnsConfig());
5221 ResolveHostResponseHelper no_fallback_response(resolver_->CreateRequest(
5222 HostPortPair("nx_abort", 80), NetworkAnonymizationKey(),
5223 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5224 resolve_context_->host_cache()));
5225 // Abort all jobs here.
5226 CreateResolver();
5227 proc_->SignalMultiple(2u);
5228 // Run to completion.
5229 base::RunLoop().RunUntilIdle(); // Notification happens async.
5230 // It shouldn't crash during OnDnsTaskFailure callbacks.
5231 EXPECT_FALSE(no_fallback_response.complete());
5232 }
5233
5234 // Fallback to proc allowed with ANY source.
TEST_F(HostResolverManagerDnsTest,FallbackBySource_Any)5235 TEST_F(HostResolverManagerDnsTest, FallbackBySource_Any) {
5236 // Ensure fallback is otherwise allowed by resolver settings.
5237 set_allow_fallback_to_systemtask(true);
5238
5239 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
5240 // All other hostnames will fail in proc_.
5241
5242 ChangeDnsConfig(CreateValidDnsConfig());
5243
5244 ResolveHostResponseHelper response0(resolver_->CreateRequest(
5245 HostPortPair("nx_fail", 80), NetworkAnonymizationKey(),
5246 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5247 resolve_context_->host_cache()));
5248 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5249 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
5250 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5251 resolve_context_->host_cache()));
5252 proc_->SignalMultiple(2u);
5253
5254 EXPECT_THAT(response0.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5255 EXPECT_THAT(response1.result_error(), IsOk());
5256 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
5257 testing::ElementsAre(CreateExpected("192.168.1.102", 80)));
5258 EXPECT_THAT(response1.request()->GetEndpointResults(),
5259 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5260 testing::ElementsAre(CreateExpected("192.168.1.102", 80))))));
5261 }
5262
5263 // Fallback to proc not allowed with DNS source.
TEST_F(HostResolverManagerDnsTest,FallbackBySource_Dns)5264 TEST_F(HostResolverManagerDnsTest, FallbackBySource_Dns) {
5265 // Ensure fallback is otherwise allowed by resolver settings.
5266 set_allow_fallback_to_systemtask(true);
5267
5268 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
5269 // All other hostnames will fail in proc_.
5270
5271 ChangeDnsConfig(CreateValidDnsConfig());
5272
5273 HostResolver::ResolveHostParameters parameters;
5274 parameters.source = HostResolverSource::DNS;
5275 ResolveHostResponseHelper response0(resolver_->CreateRequest(
5276 HostPortPair("nx_fail", 80), NetworkAnonymizationKey(),
5277 NetLogWithSource(), parameters, resolve_context_.get(),
5278 resolve_context_->host_cache()));
5279 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5280 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
5281 NetLogWithSource(), parameters, resolve_context_.get(),
5282 resolve_context_->host_cache()));
5283 // Nothing should reach |proc_| on success, but let failures through to fail
5284 // instead of hanging.
5285 proc_->SignalMultiple(2u);
5286
5287 EXPECT_THAT(response0.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5288 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5289 }
5290
5291 // Fallback to proc on DnsClient change allowed with ANY source.
TEST_F(HostResolverManagerDnsTest,FallbackOnAbortBySource_Any)5292 TEST_F(HostResolverManagerDnsTest, FallbackOnAbortBySource_Any) {
5293 // Ensure fallback is otherwise allowed by resolver settings.
5294 set_allow_fallback_to_systemtask(true);
5295
5296 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
5297 // All other hostnames will fail in proc_.
5298
5299 ChangeDnsConfig(CreateValidDnsConfig());
5300
5301 ResolveHostResponseHelper response0(resolver_->CreateRequest(
5302 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
5303 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5304 resolve_context_->host_cache()));
5305 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5306 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
5307 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5308 resolve_context_->host_cache()));
5309 proc_->SignalMultiple(2u);
5310
5311 // Simulate the case when the preference or policy has disabled the insecure
5312 // DNS client causing AbortInsecureDnsTasks.
5313 resolver_->SetInsecureDnsClientEnabled(
5314 /*enabled=*/false,
5315 /*additional_dns_types_enabled=*/false);
5316
5317 // All requests should fallback to system resolver.
5318 EXPECT_THAT(response0.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5319 EXPECT_THAT(response1.result_error(), IsOk());
5320 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
5321 testing::ElementsAre(CreateExpected("192.168.1.102", 80)));
5322 EXPECT_THAT(response1.request()->GetEndpointResults(),
5323 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5324 testing::ElementsAre(CreateExpected("192.168.1.102", 80))))));
5325 }
5326
5327 // Fallback to system on DnsClient change not allowed with DNS source.
TEST_F(HostResolverManagerDnsTest,FallbackOnAbortBySource_Dns)5328 TEST_F(HostResolverManagerDnsTest, FallbackOnAbortBySource_Dns) {
5329 // Ensure fallback is otherwise allowed by resolver settings.
5330 set_allow_fallback_to_systemtask(true);
5331
5332 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
5333 // All other hostnames will fail in proc_.
5334
5335 ChangeDnsConfig(CreateValidDnsConfig());
5336
5337 HostResolver::ResolveHostParameters parameters;
5338 parameters.source = HostResolverSource::DNS;
5339 ResolveHostResponseHelper response0(resolver_->CreateRequest(
5340 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
5341 NetLogWithSource(), parameters, resolve_context_.get(),
5342 resolve_context_->host_cache()));
5343 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5344 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
5345 NetLogWithSource(), parameters, resolve_context_.get(),
5346 resolve_context_->host_cache()));
5347 // Nothing should reach |proc_| on success, but let failures through to fail
5348 // instead of hanging.
5349 proc_->SignalMultiple(2u);
5350
5351 // Simulate the case when the preference or policy has disabled the insecure
5352 // DNS client causing AbortInsecureDnsTasks.
5353 resolver_->SetInsecureDnsClientEnabled(
5354 /*enabled=*/false,
5355 /*additional_dns_types_enabled=*/false);
5356
5357 // No fallback expected. All requests should fail.
5358 EXPECT_THAT(response0.result_error(), IsError(ERR_NETWORK_CHANGED));
5359 EXPECT_THAT(response1.result_error(), IsError(ERR_NETWORK_CHANGED));
5360 }
5361
5362 // Insecure DnsClient change shouldn't affect secure DnsTasks.
TEST_F(HostResolverManagerDnsTest,DisableInsecureDnsClient_SecureDnsTasksUnaffected)5363 TEST_F(HostResolverManagerDnsTest,
5364 DisableInsecureDnsClient_SecureDnsTasksUnaffected) {
5365 // Ensure fallback is otherwise allowed by resolver settings.
5366 set_allow_fallback_to_systemtask(true);
5367
5368 proc_->AddRuleForAllFamilies("automatic", "192.168.1.102");
5369 // All other hostnames will fail in proc_.
5370
5371 ChangeDnsConfig(CreateValidDnsConfig());
5372 DnsConfigOverrides overrides;
5373 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
5374 resolver_->SetDnsConfigOverrides(overrides);
5375
5376 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
5377 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
5378 NetLogWithSource(),
5379 /* optional_parameters=*/absl::nullopt, resolve_context_.get(),
5380 resolve_context_->host_cache()));
5381 EXPECT_FALSE(response_secure.complete());
5382
5383 // Simulate the case when the preference or policy has disabled the insecure
5384 // DNS client causing AbortInsecureDnsTasks.
5385 resolver_->SetInsecureDnsClientEnabled(
5386 /*enabled=*/false,
5387 /*additional_dns_types_enabled*/ false);
5388
5389 EXPECT_THAT(response_secure.result_error(), IsOk());
5390 EXPECT_THAT(response_secure.request()->GetAddressResults()->endpoints(),
5391 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5392 CreateExpected("::1", 80)));
5393 EXPECT_THAT(
5394 response_secure.request()->GetEndpointResults(),
5395 testing::Pointee(testing::ElementsAre(
5396 ExpectEndpointResult(testing::UnorderedElementsAre(
5397 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5398 }
5399
TEST_F(HostResolverManagerDnsTest,DnsTaskUnspec)5400 TEST_F(HostResolverManagerDnsTest, DnsTaskUnspec) {
5401 ChangeDnsConfig(CreateValidDnsConfig());
5402
5403 proc_->AddRuleForAllFamilies("4nx", "192.168.1.101");
5404 // All other hostnames will fail in proc_.
5405
5406 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
5407 responses.emplace_back(
5408 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5409 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5410 absl::nullopt, resolve_context_.get(),
5411 resolve_context_->host_cache())));
5412 responses.emplace_back(
5413 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5414 HostPortPair("4ok", 80), NetworkAnonymizationKey(),
5415 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5416 resolve_context_->host_cache())));
5417 responses.emplace_back(
5418 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5419 HostPortPair("6ok", 80), NetworkAnonymizationKey(),
5420 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5421 resolve_context_->host_cache())));
5422 responses.emplace_back(
5423 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5424 HostPortPair("4nx", 80), NetworkAnonymizationKey(),
5425 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5426 resolve_context_->host_cache())));
5427
5428 proc_->SignalMultiple(4u);
5429
5430 for (auto& response : responses) {
5431 EXPECT_THAT(response->result_error(), IsOk());
5432 }
5433
5434 EXPECT_THAT(responses[0]->request()->GetAddressResults()->endpoints(),
5435 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5436 CreateExpected("::1", 80)));
5437 EXPECT_THAT(
5438 responses[0]->request()->GetEndpointResults(),
5439 testing::Pointee(testing::ElementsAre(
5440 ExpectEndpointResult(testing::UnorderedElementsAre(
5441 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5442 EXPECT_THAT(responses[1]->request()->GetAddressResults()->endpoints(),
5443 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
5444 EXPECT_THAT(responses[1]->request()->GetEndpointResults(),
5445 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5446 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
5447 EXPECT_THAT(responses[2]->request()->GetAddressResults()->endpoints(),
5448 testing::ElementsAre(CreateExpected("::1", 80)));
5449 EXPECT_THAT(responses[2]->request()->GetEndpointResults(),
5450 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5451 testing::ElementsAre(CreateExpected("::1", 80))))));
5452 EXPECT_THAT(responses[3]->request()->GetAddressResults()->endpoints(),
5453 testing::ElementsAre(CreateExpected("192.168.1.101", 80)));
5454 EXPECT_THAT(responses[3]->request()->GetEndpointResults(),
5455 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5456 testing::ElementsAre(CreateExpected("192.168.1.101", 80))))));
5457 }
5458
TEST_F(HostResolverManagerDnsTest,NameCollisionIcann)5459 TEST_F(HostResolverManagerDnsTest, NameCollisionIcann) {
5460 ChangeDnsConfig(CreateValidDnsConfig());
5461
5462 // When the resolver returns an A record with 127.0.53.53 it should be
5463 // mapped to a special error.
5464 ResolveHostResponseHelper response_ipv4(resolver_->CreateRequest(
5465 HostPortPair("4collision", 80), NetworkAnonymizationKey(),
5466 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5467 resolve_context_->host_cache()));
5468 EXPECT_THAT(response_ipv4.result_error(), IsError(ERR_ICANN_NAME_COLLISION));
5469 EXPECT_THAT(response_ipv4.request()->GetAddressResults(),
5470 AnyOf(nullptr, Pointee(IsEmpty())));
5471 EXPECT_THAT(response_ipv4.request()->GetEndpointResults(),
5472 AnyOf(nullptr, Pointee(IsEmpty())));
5473
5474 // When the resolver returns an AAAA record with ::127.0.53.53 it should
5475 // work just like any other IP. (Despite having the same suffix, it is not
5476 // considered special)
5477 ResolveHostResponseHelper response_ipv6(resolver_->CreateRequest(
5478 HostPortPair("6collision", 80), NetworkAnonymizationKey(),
5479 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5480 resolve_context_->host_cache()));
5481 EXPECT_THAT(response_ipv6.result_error(), IsOk());
5482 EXPECT_THAT(response_ipv6.request()->GetAddressResults()->endpoints(),
5483 testing::ElementsAre(CreateExpected("::127.0.53.53", 80)));
5484 EXPECT_THAT(response_ipv6.request()->GetEndpointResults(),
5485 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5486 testing::ElementsAre(CreateExpected("::127.0.53.53", 80))))));
5487 }
5488
TEST_F(HostResolverManagerDnsTest,ServeFromHosts)5489 TEST_F(HostResolverManagerDnsTest, ServeFromHosts) {
5490 // Initially, use empty HOSTS file.
5491 DnsConfig config = CreateValidDnsConfig();
5492 ChangeDnsConfig(config);
5493
5494 proc_->AddRuleForAllFamilies(std::string(),
5495 std::string()); // Default to failures.
5496 proc_->SignalMultiple(1u); // For the first request which misses.
5497
5498 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
5499 HostPortPair("nx_ipv4", 80), NetworkAnonymizationKey(),
5500 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5501 resolve_context_->host_cache()));
5502 EXPECT_THAT(initial_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5503
5504 IPAddress local_ipv4 = IPAddress::IPv4Localhost();
5505 IPAddress local_ipv6 = IPAddress::IPv6Localhost();
5506
5507 DnsHosts hosts;
5508 hosts[DnsHostsKey("nx_ipv4", ADDRESS_FAMILY_IPV4)] = local_ipv4;
5509 hosts[DnsHostsKey("nx_ipv6", ADDRESS_FAMILY_IPV6)] = local_ipv6;
5510 hosts[DnsHostsKey("nx_both", ADDRESS_FAMILY_IPV4)] = local_ipv4;
5511 hosts[DnsHostsKey("nx_both", ADDRESS_FAMILY_IPV6)] = local_ipv6;
5512
5513 // Update HOSTS file.
5514 config.hosts = hosts;
5515 ChangeDnsConfig(config);
5516
5517 ResolveHostResponseHelper response_ipv4(resolver_->CreateRequest(
5518 HostPortPair("nx_ipv4", 80), NetworkAnonymizationKey(),
5519 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5520 resolve_context_->host_cache()));
5521 EXPECT_THAT(response_ipv4.result_error(), IsOk());
5522 EXPECT_THAT(response_ipv4.request()->GetAddressResults()->endpoints(),
5523 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
5524 EXPECT_THAT(response_ipv4.request()->GetEndpointResults(),
5525 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5526 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
5527 EXPECT_THAT(response_ipv4.request()->GetDnsAliasResults(),
5528 testing::Pointee(testing::IsEmpty()));
5529
5530 ResolveHostResponseHelper response_ipv6(resolver_->CreateRequest(
5531 HostPortPair("nx_ipv6", 80), NetworkAnonymizationKey(),
5532 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5533 resolve_context_->host_cache()));
5534 EXPECT_THAT(response_ipv6.result_error(), IsOk());
5535 EXPECT_THAT(response_ipv6.request()->GetAddressResults()->endpoints(),
5536 testing::ElementsAre(CreateExpected("::1", 80)));
5537 EXPECT_THAT(response_ipv6.request()->GetEndpointResults(),
5538 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5539 testing::ElementsAre(CreateExpected("::1", 80))))));
5540 EXPECT_THAT(response_ipv6.request()->GetDnsAliasResults(),
5541 testing::Pointee(testing::IsEmpty()));
5542
5543 ResolveHostResponseHelper response_both(resolver_->CreateRequest(
5544 HostPortPair("nx_both", 80), NetworkAnonymizationKey(),
5545 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5546 resolve_context_->host_cache()));
5547 EXPECT_THAT(response_both.result_error(), IsOk());
5548 EXPECT_THAT(response_both.request()->GetAddressResults()->endpoints(),
5549 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5550 CreateExpected("::1", 80)));
5551 EXPECT_THAT(
5552 response_both.request()->GetEndpointResults(),
5553 testing::Pointee(testing::ElementsAre(
5554 ExpectEndpointResult(testing::UnorderedElementsAre(
5555 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5556 EXPECT_THAT(response_both.request()->GetDnsAliasResults(),
5557 testing::Pointee(testing::IsEmpty()));
5558
5559 // Requests with specified DNS query type.
5560 HostResolver::ResolveHostParameters parameters;
5561
5562 parameters.dns_query_type = DnsQueryType::A;
5563 ResolveHostResponseHelper response_specified_ipv4(resolver_->CreateRequest(
5564 HostPortPair("nx_ipv4", 80), NetworkAnonymizationKey(),
5565 NetLogWithSource(), parameters, resolve_context_.get(),
5566 resolve_context_->host_cache()));
5567 EXPECT_THAT(response_specified_ipv4.result_error(), IsOk());
5568 EXPECT_THAT(
5569 response_specified_ipv4.request()->GetAddressResults()->endpoints(),
5570 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
5571 EXPECT_THAT(response_specified_ipv4.request()->GetEndpointResults(),
5572 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5573 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
5574 EXPECT_THAT(response_specified_ipv4.request()->GetDnsAliasResults(),
5575 testing::Pointee(testing::IsEmpty()));
5576
5577 parameters.dns_query_type = DnsQueryType::AAAA;
5578 ResolveHostResponseHelper response_specified_ipv6(resolver_->CreateRequest(
5579 HostPortPair("nx_ipv6", 80), NetworkAnonymizationKey(),
5580 NetLogWithSource(), parameters, resolve_context_.get(),
5581 resolve_context_->host_cache()));
5582 EXPECT_THAT(response_specified_ipv6.result_error(), IsOk());
5583 EXPECT_THAT(
5584 response_specified_ipv6.request()->GetAddressResults()->endpoints(),
5585 testing::ElementsAre(CreateExpected("::1", 80)));
5586 EXPECT_THAT(response_specified_ipv6.request()->GetEndpointResults(),
5587 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5588 testing::ElementsAre(CreateExpected("::1", 80))))));
5589 EXPECT_THAT(response_specified_ipv6.request()->GetDnsAliasResults(),
5590 testing::Pointee(testing::IsEmpty()));
5591 }
5592
TEST_F(HostResolverManagerDnsTest,SkipHostsWithUpcomingHostResolverSystemTask)5593 TEST_F(HostResolverManagerDnsTest,
5594 SkipHostsWithUpcomingHostResolverSystemTask) {
5595 // Disable the DnsClient.
5596 resolver_->SetInsecureDnsClientEnabled(
5597 /*enabled=*/false,
5598 /*additional_dns_types_enabled=*/false);
5599
5600 proc_->AddRuleForAllFamilies(std::string(),
5601 std::string()); // Default to failures.
5602 proc_->SignalMultiple(1u); // For the first request which misses.
5603
5604 DnsConfig config = CreateValidDnsConfig();
5605 DnsHosts hosts;
5606 hosts[DnsHostsKey("hosts", ADDRESS_FAMILY_IPV4)] = IPAddress::IPv4Localhost();
5607
5608 // Update HOSTS file.
5609 config.hosts = hosts;
5610 ChangeDnsConfig(config);
5611
5612 ResolveHostResponseHelper response(resolver_->CreateRequest(
5613 HostPortPair("hosts", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5614 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
5615 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5616 }
5617
5618 // Test that hosts ending in ".local" or ".local." are resolved using the system
5619 // resolver.
TEST_F(HostResolverManagerDnsTest,BypassDnsTask)5620 TEST_F(HostResolverManagerDnsTest, BypassDnsTask) {
5621 ChangeDnsConfig(CreateValidDnsConfig());
5622
5623 proc_->AddRuleForAllFamilies(std::string(),
5624 std::string()); // Default to failures.
5625
5626 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
5627
5628 responses.emplace_back(
5629 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5630 HostPortPair("ok.local", 80), NetworkAnonymizationKey(),
5631 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5632 resolve_context_->host_cache())));
5633 responses.emplace_back(
5634 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5635 HostPortPair("ok.local.", 80), NetworkAnonymizationKey(),
5636 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5637 resolve_context_->host_cache())));
5638 responses.emplace_back(
5639 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5640 HostPortPair("oklocal", 80), NetworkAnonymizationKey(),
5641 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5642 resolve_context_->host_cache())));
5643 responses.emplace_back(
5644 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5645 HostPortPair("oklocal.", 80), NetworkAnonymizationKey(),
5646 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5647 resolve_context_->host_cache())));
5648 responses.emplace_back(
5649 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5650 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5651 absl::nullopt, resolve_context_.get(),
5652 resolve_context_->host_cache())));
5653
5654 proc_->SignalMultiple(5u);
5655
5656 for (size_t i = 0; i < 2; ++i)
5657 EXPECT_THAT(responses[i]->result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5658
5659 for (size_t i = 2; i < responses.size(); ++i)
5660 EXPECT_THAT(responses[i]->result_error(), IsOk());
5661 }
5662
5663 #if BUILDFLAG(ENABLE_MDNS)
5664 // Test that non-address queries for hosts ending in ".local" are resolved using
5665 // the MDNS resolver.
TEST_F(HostResolverManagerDnsTest,BypassDnsToMdnsWithNonAddress)5666 TEST_F(HostResolverManagerDnsTest, BypassDnsToMdnsWithNonAddress) {
5667 // Ensure DNS task and system requests will fail.
5668 MockDnsClientRuleList rules;
5669 rules.emplace_back(
5670 "myhello.local", dns_protocol::kTypeTXT, false /* secure */,
5671 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
5672 false /* delay */);
5673 CreateResolver();
5674 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
5675 proc_->AddRuleForAllFamilies(std::string(), std::string());
5676
5677 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
5678 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
5679 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
5680 // 2 socket creations for every transaction.
5681 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
5682
5683 HostResolver::ResolveHostParameters dns_parameters;
5684 dns_parameters.dns_query_type = DnsQueryType::TXT;
5685
5686 ResolveHostResponseHelper response(resolver_->CreateRequest(
5687 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
5688 NetLogWithSource(), dns_parameters, resolve_context_.get(),
5689 resolve_context_->host_cache()));
5690
5691 socket_factory_ptr->SimulateReceive(kMdnsResponseTxt,
5692 sizeof(kMdnsResponseTxt));
5693 proc_->SignalMultiple(1u);
5694
5695 EXPECT_THAT(response.result_error(), IsOk());
5696 EXPECT_THAT(response.request()->GetTextResults(),
5697 testing::Pointee(testing::ElementsAre("foo", "bar")));
5698 }
5699 #endif // BUILDFLAG(ENABLE_MDNS)
5700
5701 // Test that DNS task is always used when explicitly requested as the source,
5702 // even with a case that would normally bypass it eg hosts ending in ".local".
TEST_F(HostResolverManagerDnsTest,DnsNotBypassedWhenDnsSource)5703 TEST_F(HostResolverManagerDnsTest, DnsNotBypassedWhenDnsSource) {
5704 // Ensure DNS task requests will succeed and system requests will fail.
5705 ChangeDnsConfig(CreateValidDnsConfig());
5706 proc_->AddRuleForAllFamilies(std::string(), std::string());
5707
5708 HostResolver::ResolveHostParameters dns_parameters;
5709 dns_parameters.source = HostResolverSource::DNS;
5710
5711 ResolveHostResponseHelper dns_response(resolver_->CreateRequest(
5712 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5713 dns_parameters, resolve_context_.get(), resolve_context_->host_cache()));
5714 ResolveHostResponseHelper dns_local_response(resolver_->CreateRequest(
5715 HostPortPair("ok.local", 80), NetworkAnonymizationKey(),
5716 NetLogWithSource(), dns_parameters, resolve_context_.get(),
5717 resolve_context_->host_cache()));
5718 ResolveHostResponseHelper normal_local_response(resolver_->CreateRequest(
5719 HostPortPair("ok.local", 80), NetworkAnonymizationKey(),
5720 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5721 resolve_context_->host_cache()));
5722
5723 proc_->SignalMultiple(3u);
5724
5725 EXPECT_THAT(dns_response.result_error(), IsOk());
5726 EXPECT_THAT(dns_local_response.result_error(), IsOk());
5727 EXPECT_THAT(normal_local_response.result_error(),
5728 IsError(ERR_NAME_NOT_RESOLVED));
5729 }
5730
TEST_F(HostResolverManagerDnsTest,SystemOnlyBypassesDnsTask)5731 TEST_F(HostResolverManagerDnsTest, SystemOnlyBypassesDnsTask) {
5732 // Ensure DNS task requests will succeed and system requests will fail.
5733 ChangeDnsConfig(CreateValidDnsConfig());
5734 proc_->AddRuleForAllFamilies(std::string(), std::string());
5735
5736 ResolveHostResponseHelper dns_response(resolver_->CreateRequest(
5737 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5738 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
5739
5740 HostResolver::ResolveHostParameters parameters;
5741 parameters.source = HostResolverSource::SYSTEM;
5742 ResolveHostResponseHelper system_response(resolver_->CreateRequest(
5743 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5744 parameters, resolve_context_.get(), resolve_context_->host_cache()));
5745
5746 proc_->SignalMultiple(2u);
5747
5748 EXPECT_THAT(dns_response.result_error(), IsOk());
5749 EXPECT_THAT(system_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5750 }
5751
TEST_F(HostResolverManagerDnsTest,DisableInsecureDnsClientOnPersistentFailure)5752 TEST_F(HostResolverManagerDnsTest,
5753 DisableInsecureDnsClientOnPersistentFailure) {
5754 ChangeDnsConfig(CreateValidDnsConfig());
5755
5756 // Check that DnsTask works.
5757 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
5758 HostPortPair("ok_1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5759 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
5760 EXPECT_THAT(initial_response.result_error(), IsOk());
5761
5762 TriggerInsecureFailureCondition();
5763
5764 // Insecure DnsTasks should be disabled by now unless explicitly requested via
5765 // |source|.
5766 ResolveHostResponseHelper fail_response(resolver_->CreateRequest(
5767 HostPortPair("ok_2", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5768 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
5769 HostResolver::ResolveHostParameters parameters;
5770 parameters.source = HostResolverSource::DNS;
5771 ResolveHostResponseHelper dns_response(resolver_->CreateRequest(
5772 HostPortPair("ok_2", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5773 parameters, resolve_context_.get(), resolve_context_->host_cache()));
5774 proc_->SignalMultiple(2u);
5775 EXPECT_THAT(fail_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5776 EXPECT_THAT(dns_response.result_error(), IsOk());
5777
5778 // Check that it is re-enabled after DNS change.
5779 ChangeDnsConfig(CreateValidDnsConfig());
5780 ResolveHostResponseHelper reenabled_response(resolver_->CreateRequest(
5781 HostPortPair("ok_3", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5782 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
5783 EXPECT_THAT(reenabled_response.result_error(), IsOk());
5784 }
5785
TEST_F(HostResolverManagerDnsTest,SecureDnsWorksAfterInsecureFailure)5786 TEST_F(HostResolverManagerDnsTest, SecureDnsWorksAfterInsecureFailure) {
5787 DnsConfig config = CreateValidDnsConfig();
5788 config.secure_dns_mode = SecureDnsMode::kSecure;
5789 ChangeDnsConfig(config);
5790
5791 TriggerInsecureFailureCondition();
5792
5793 // Secure DnsTasks should not be affected.
5794 ResolveHostResponseHelper secure_response(resolver_->CreateRequest(
5795 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5796 /* optional_parameters=*/absl::nullopt, resolve_context_.get(),
5797 resolve_context_->host_cache()));
5798 EXPECT_THAT(secure_response.result_error(), IsOk());
5799 }
5800
TEST_F(HostResolverManagerDnsTest,DontDisableDnsClientOnSporadicFailure)5801 TEST_F(HostResolverManagerDnsTest, DontDisableDnsClientOnSporadicFailure) {
5802 ChangeDnsConfig(CreateValidDnsConfig());
5803
5804 // |proc_| defaults to successes.
5805
5806 // 20 failures interleaved with 20 successes.
5807 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
5808 for (unsigned i = 0; i < 40; ++i) {
5809 // Use custom names to require separate Jobs.
5810 std::string hostname = (i % 2) == 0 ? base::StringPrintf("nx_%u", i)
5811 : base::StringPrintf("ok_%u", i);
5812 responses.emplace_back(
5813 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5814 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
5815 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5816 resolve_context_->host_cache())));
5817 }
5818
5819 proc_->SignalMultiple(40u);
5820
5821 for (const auto& response : responses)
5822 EXPECT_THAT(response->result_error(), IsOk());
5823
5824 // Make |proc_| default to failures.
5825 proc_->AddRuleForAllFamilies(std::string(), std::string());
5826
5827 // DnsTask should still be enabled.
5828 ResolveHostResponseHelper final_response(resolver_->CreateRequest(
5829 HostPortPair("ok_last", 80), NetworkAnonymizationKey(),
5830 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5831 resolve_context_->host_cache()));
5832 EXPECT_THAT(final_response.result_error(), IsOk());
5833 }
5834
Ipv6UnreachableTest(bool is_async)5835 void HostResolverManagerDnsTest::Ipv6UnreachableTest(bool is_async) {
5836 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5837 false /* ipv6_reachable */,
5838 true /* check_ipv6_on_wifi */, is_async);
5839 ChangeDnsConfig(CreateValidDnsConfig());
5840
5841 ResolveHostResponseHelper response(resolver_->CreateRequest(
5842 HostPortPair("ok", 500), NetworkAnonymizationKey(), NetLogWithSource(),
5843 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
5844 EXPECT_THAT(response.result_error(), IsOk());
5845
5846 // Only expect IPv4 results.
5847 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
5848 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 500)));
5849 EXPECT_THAT(response.request()->GetEndpointResults(),
5850 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5851 testing::ElementsAre(CreateExpected("127.0.0.1", 500))))));
5852 }
5853
TEST_F(HostResolverManagerDnsTest,Ipv6UnreachableAsync)5854 TEST_F(HostResolverManagerDnsTest, Ipv6UnreachableAsync) {
5855 Ipv6UnreachableTest(true);
5856 }
5857
TEST_F(HostResolverManagerDnsTest,Ipv6UnreachableSync)5858 TEST_F(HostResolverManagerDnsTest, Ipv6UnreachableSync) {
5859 Ipv6UnreachableTest(false);
5860 }
5861
Ipv6UnreachableInvalidConfigTest(bool is_async)5862 void HostResolverManagerDnsTest::Ipv6UnreachableInvalidConfigTest(
5863 bool is_async) {
5864 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5865 false /* ipv6_reachable */,
5866 true /* check_ipv6_on_wifi */, is_async);
5867
5868 proc_->AddRule("example.com", ADDRESS_FAMILY_UNSPECIFIED, "1.2.3.4,::5");
5869 proc_->SignalMultiple(1u);
5870
5871 ResolveHostResponseHelper response(resolver_->CreateRequest(
5872 HostPortPair("example.com", 500), NetworkAnonymizationKey(),
5873 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5874 resolve_context_->host_cache()));
5875 EXPECT_THAT(response.result_error(), IsOk());
5876 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
5877 testing::UnorderedElementsAre(CreateExpected("1.2.3.4", 500),
5878 CreateExpected("::5", 500)));
5879 EXPECT_THAT(
5880 response.request()->GetEndpointResults(),
5881 testing::Pointee(testing::ElementsAre(
5882 ExpectEndpointResult(testing::UnorderedElementsAre(
5883 CreateExpected("::5", 500), CreateExpected("1.2.3.4", 500))))));
5884 }
5885 // Without a valid DnsConfig, assume IPv6 is needed and ignore prober.
TEST_F(HostResolverManagerDnsTest,Ipv6Unreachable_InvalidConfigAsync)5886 TEST_F(HostResolverManagerDnsTest, Ipv6Unreachable_InvalidConfigAsync) {
5887 Ipv6UnreachableInvalidConfigTest(true);
5888 }
5889
TEST_F(HostResolverManagerDnsTest,Ipv6Unreachable_InvalidConfigSync)5890 TEST_F(HostResolverManagerDnsTest, Ipv6Unreachable_InvalidConfigSync) {
5891 Ipv6UnreachableInvalidConfigTest(false);
5892 }
5893
TEST_F(HostResolverManagerDnsTest,Ipv6Unreachable_UseLocalIpv6)5894 TEST_F(HostResolverManagerDnsTest, Ipv6Unreachable_UseLocalIpv6) {
5895 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5896 false /* ipv6_reachable */,
5897 true /* check_ipv6_on_wifi */);
5898
5899 DnsConfig config = CreateValidDnsConfig();
5900 config.use_local_ipv6 = true;
5901 ChangeDnsConfig(config);
5902
5903 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5904 HostPortPair("ok", 500), NetworkAnonymizationKey(), NetLogWithSource(),
5905 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
5906 EXPECT_THAT(response1.result_error(), IsOk());
5907 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
5908 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 500),
5909 CreateExpected("::1", 500)));
5910 EXPECT_THAT(
5911 response1.request()->GetEndpointResults(),
5912 testing::Pointee(testing::ElementsAre(
5913 ExpectEndpointResult(testing::UnorderedElementsAre(
5914 CreateExpected("::1", 500), CreateExpected("127.0.0.1", 500))))));
5915
5916 // Set |use_local_ipv6| to false. Expect only IPv4 results.
5917 config.use_local_ipv6 = false;
5918 ChangeDnsConfig(config);
5919
5920 ResolveHostResponseHelper response2(resolver_->CreateRequest(
5921 HostPortPair("ok", 500), NetworkAnonymizationKey(), NetLogWithSource(),
5922 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
5923 EXPECT_THAT(response2.result_error(), IsOk());
5924 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
5925 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 500)));
5926 EXPECT_THAT(response2.request()->GetEndpointResults(),
5927 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5928 testing::ElementsAre(CreateExpected("127.0.0.1", 500))))));
5929 }
5930
5931 // Confirm that resolving "localhost" is unrestricted even if there are no
5932 // global IPv6 address. See SystemHostResolverCall for rationale.
5933 // Test both the DnsClient and system host resolver paths.
TEST_F(HostResolverManagerDnsTest,Ipv6Unreachable_Localhost)5934 TEST_F(HostResolverManagerDnsTest, Ipv6Unreachable_Localhost) {
5935 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5936 false /* ipv6_reachable */,
5937 true /* check_ipv6_on_wifi */);
5938
5939 // Make request fail if we actually get to the system resolver.
5940 proc_->AddRuleForAllFamilies(std::string(), std::string());
5941
5942 // Try without DnsClient.
5943 resolver_->SetInsecureDnsClientEnabled(
5944 /*enabled=*/false,
5945 /*additional_dns_types_enabled=*/false);
5946 ResolveHostResponseHelper system_response(resolver_->CreateRequest(
5947 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
5948 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5949 resolve_context_->host_cache()));
5950 EXPECT_THAT(system_response.result_error(), IsOk());
5951 EXPECT_THAT(system_response.request()->GetAddressResults()->endpoints(),
5952 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5953 CreateExpected("::1", 80)));
5954 EXPECT_THAT(
5955 system_response.request()->GetEndpointResults(),
5956 testing::Pointee(testing::ElementsAre(
5957 ExpectEndpointResult(testing::UnorderedElementsAre(
5958 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5959
5960 // With DnsClient
5961 UseMockDnsClient(CreateValidDnsConfig(), CreateDefaultDnsRules());
5962 ResolveHostResponseHelper builtin_response(resolver_->CreateRequest(
5963 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
5964 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5965 resolve_context_->host_cache()));
5966 EXPECT_THAT(builtin_response.result_error(), IsOk());
5967 EXPECT_THAT(builtin_response.request()->GetAddressResults()->endpoints(),
5968 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5969 CreateExpected("::1", 80)));
5970 EXPECT_THAT(
5971 builtin_response.request()->GetEndpointResults(),
5972 testing::Pointee(testing::ElementsAre(
5973 ExpectEndpointResult(testing::UnorderedElementsAre(
5974 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5975
5976 // DnsClient configured without ipv6 (but ipv6 should still work for
5977 // localhost).
5978 DnsConfig config = CreateValidDnsConfig();
5979 config.use_local_ipv6 = false;
5980 ChangeDnsConfig(config);
5981 ResolveHostResponseHelper ipv6_disabled_response(resolver_->CreateRequest(
5982 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
5983 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
5984 resolve_context_->host_cache()));
5985 EXPECT_THAT(ipv6_disabled_response.result_error(), IsOk());
5986 EXPECT_THAT(
5987 ipv6_disabled_response.request()->GetAddressResults()->endpoints(),
5988 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5989 CreateExpected("::1", 80)));
5990 EXPECT_THAT(
5991 ipv6_disabled_response.request()->GetEndpointResults(),
5992 testing::Pointee(testing::ElementsAre(
5993 ExpectEndpointResult(testing::UnorderedElementsAre(
5994 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5995 }
5996
5997 // Test that IPv6 being unreachable only causes the AAAA query to be disabled,
5998 // rather than querying only for A. See https://crbug.com/1272055.
TEST_F(HostResolverManagerDnsTest,Ipv6UnreachableOnlyDisablesAAAAQuery)5999 TEST_F(HostResolverManagerDnsTest, Ipv6UnreachableOnlyDisablesAAAAQuery) {
6000 const std::string kName = "https.test";
6001
6002 base::test::ScopedFeatureList features;
6003 features.InitAndEnableFeatureWithParameters(
6004 features::kUseDnsHttpsSvcb,
6005 {// Disable timeouts.
6006 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
6007 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
6008 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
6009 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
6010 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
6011 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
6012
6013 MockDnsClientRuleList rules;
6014 std::vector<DnsResourceRecord> records = {
6015 BuildTestHttpsAliasRecord(kName, "alias.test")};
6016 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
6017 MockDnsClientRule::Result(BuildTestDnsResponse(
6018 kName, dns_protocol::kTypeHttps, records)),
6019 /*delay=*/false);
6020 rules.emplace_back(
6021 kName, dns_protocol::kTypeA, /*secure=*/false,
6022 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6023 /*delay=*/false);
6024 rules.emplace_back(
6025 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
6026 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
6027 /*delay=*/false);
6028
6029 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
6030 /*ipv6_reachable=*/false,
6031 /*check_ipv6_on_wifi=*/true);
6032 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
6033
6034 ResolveHostResponseHelper response(resolver_->CreateRequest(
6035 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
6036 NetworkAnonymizationKey(), NetLogWithSource(),
6037 /*optional_parameters=*/absl::nullopt, resolve_context_.get(),
6038 resolve_context_->host_cache()));
6039 EXPECT_THAT(response.result_error(), IsOk());
6040 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6041 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 443)));
6042 EXPECT_THAT(
6043 response.request()->GetEndpointResults(),
6044 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6045 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 443))))));
6046 EXPECT_THAT(response.request()->GetHostnameResults(),
6047 AnyOf(nullptr, Pointee(IsEmpty())));
6048 EXPECT_THAT(response.request()->GetTextResults(),
6049 AnyOf(nullptr, Pointee(IsEmpty())));
6050 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
6051 testing::Pointee(testing::ElementsAre(true)));
6052 }
6053
TEST_F(HostResolverManagerDnsTest,SeparateJobsBySecureDnsMode)6054 TEST_F(HostResolverManagerDnsTest, SeparateJobsBySecureDnsMode) {
6055 MockDnsClientRuleList rules;
6056 rules.emplace_back(
6057 "a", dns_protocol::kTypeA, true /* secure */,
6058 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6059 false /* delay */);
6060 rules.emplace_back(
6061 "a", dns_protocol::kTypeAAAA, true /* secure */,
6062 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6063 false /* delay */);
6064 rules.emplace_back(
6065 "a", dns_protocol::kTypeA, false /* secure */,
6066 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6067 true /* delay */);
6068 rules.emplace_back(
6069 "a", dns_protocol::kTypeAAAA, false /* secure */,
6070 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6071 true /* delay */);
6072 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
6073 DnsConfigOverrides overrides;
6074 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6075 resolver_->SetDnsConfigOverrides(overrides);
6076
6077 // Create three requests. One with a DISABLE policy parameter, one with no
6078 // resolution parameters at all, and one with an ALLOW policy parameter
6079 // (which is a no-op).
6080 HostResolver::ResolveHostParameters parameters_disable_secure;
6081 parameters_disable_secure.secure_dns_policy = SecureDnsPolicy::kDisable;
6082 ResolveHostResponseHelper insecure_response(resolver_->CreateRequest(
6083 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6084 parameters_disable_secure, resolve_context_.get(),
6085 resolve_context_->host_cache()));
6086 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
6087
6088 ResolveHostResponseHelper automatic_response0(resolver_->CreateRequest(
6089 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6090 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
6091 EXPECT_EQ(2u, resolver_->num_jobs_for_testing());
6092
6093 HostResolver::ResolveHostParameters parameters_allow_secure;
6094 parameters_allow_secure.secure_dns_policy = SecureDnsPolicy::kAllow;
6095 ResolveHostResponseHelper automatic_response1(resolver_->CreateRequest(
6096 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6097 parameters_allow_secure, resolve_context_.get(),
6098 resolve_context_->host_cache()));
6099 // The AUTOMATIC mode requests should be joined into the same job.
6100 EXPECT_EQ(2u, resolver_->num_jobs_for_testing());
6101
6102 // Automatic mode requests have completed. Insecure request is still blocked.
6103 base::RunLoop().RunUntilIdle();
6104 EXPECT_FALSE(insecure_response.complete());
6105 EXPECT_TRUE(automatic_response0.complete());
6106 EXPECT_TRUE(automatic_response1.complete());
6107 EXPECT_THAT(automatic_response0.result_error(), IsOk());
6108 EXPECT_THAT(automatic_response1.result_error(), IsOk());
6109
6110 // Complete insecure transaction.
6111 dns_client_->CompleteDelayedTransactions();
6112 EXPECT_TRUE(insecure_response.complete());
6113 EXPECT_THAT(insecure_response.result_error(), IsOk());
6114 }
6115
6116 // Cancel a request with a single DNS transaction active.
TEST_F(HostResolverManagerDnsTest,CancelWithOneTransactionActive)6117 TEST_F(HostResolverManagerDnsTest, CancelWithOneTransactionActive) {
6118 // Disable ipv6 to ensure we'll only try a single transaction for the host.
6119 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
6120 false /* ipv6_reachable */,
6121 true /* check_ipv6_on_wifi */);
6122 DnsConfig config = CreateValidDnsConfig();
6123 config.use_local_ipv6 = false;
6124 ChangeDnsConfig(config);
6125
6126 ResolveHostResponseHelper response(resolver_->CreateRequest(
6127 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6128 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
6129 ASSERT_FALSE(response.complete());
6130 ASSERT_EQ(1u, num_running_dispatcher_jobs());
6131
6132 response.CancelRequest();
6133 base::RunLoop().RunUntilIdle();
6134 EXPECT_FALSE(response.complete());
6135
6136 // Dispatcher state checked in TearDown.
6137 }
6138
6139 // Cancel a request with a single DNS transaction active and another pending.
TEST_F(HostResolverManagerDnsTest,CancelWithOneTransactionActiveOnePending)6140 TEST_F(HostResolverManagerDnsTest, CancelWithOneTransactionActiveOnePending) {
6141 CreateSerialResolver();
6142 ChangeDnsConfig(CreateValidDnsConfig());
6143
6144 ResolveHostResponseHelper response(resolver_->CreateRequest(
6145 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6146 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
6147 EXPECT_EQ(1u, num_running_dispatcher_jobs());
6148
6149 response.CancelRequest();
6150 base::RunLoop().RunUntilIdle();
6151 EXPECT_FALSE(response.complete());
6152
6153 // Dispatcher state checked in TearDown.
6154 }
6155
6156 // Cancel a request with two DNS transactions active.
TEST_F(HostResolverManagerDnsTest,CancelWithTwoTransactionsActive)6157 TEST_F(HostResolverManagerDnsTest, CancelWithTwoTransactionsActive) {
6158 ChangeDnsConfig(CreateValidDnsConfig());
6159
6160 ResolveHostResponseHelper response(resolver_->CreateRequest(
6161 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6162 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
6163 EXPECT_EQ(2u, num_running_dispatcher_jobs());
6164
6165 response.CancelRequest();
6166 base::RunLoop().RunUntilIdle();
6167 EXPECT_FALSE(response.complete());
6168
6169 // Dispatcher state checked in TearDown.
6170 }
6171
6172 // Delete a resolver with some active requests and some queued requests.
TEST_F(HostResolverManagerDnsTest,DeleteWithActiveTransactions)6173 TEST_F(HostResolverManagerDnsTest, DeleteWithActiveTransactions) {
6174 // At most 10 Jobs active at once.
6175 CreateResolverWithLimitsAndParams(10u, DefaultParams(proc_),
6176 true /* ipv6_reachable */,
6177 true /* check_ipv6_on_wifi */);
6178
6179 ChangeDnsConfig(CreateValidDnsConfig());
6180
6181 // Add 12 DNS lookups (creating well more than 10 transaction).
6182 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
6183 for (int i = 0; i < 12; ++i) {
6184 std::string hostname = base::StringPrintf("ok%i", i);
6185 responses.emplace_back(
6186 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
6187 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
6188 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6189 resolve_context_->host_cache())));
6190 }
6191 EXPECT_EQ(10u, num_running_dispatcher_jobs());
6192
6193 DestroyResolver();
6194
6195 base::RunLoop().RunUntilIdle();
6196 for (auto& response : responses) {
6197 EXPECT_FALSE(response->complete());
6198 }
6199 }
6200
TEST_F(HostResolverManagerDnsTest,DeleteWithSecureTransactions)6201 TEST_F(HostResolverManagerDnsTest, DeleteWithSecureTransactions) {
6202 ChangeDnsConfig(CreateValidDnsConfig());
6203 DnsConfigOverrides overrides;
6204 overrides.secure_dns_mode = SecureDnsMode::kSecure;
6205 resolver_->SetDnsConfigOverrides(overrides);
6206
6207 ResolveHostResponseHelper response(resolver_->CreateRequest(
6208 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6209 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
6210
6211 DestroyResolver();
6212
6213 base::RunLoop().RunUntilIdle();
6214 EXPECT_FALSE(response.complete());
6215 }
6216
TEST_F(HostResolverManagerDnsTest,DeleteWithCompletedRequests)6217 TEST_F(HostResolverManagerDnsTest, DeleteWithCompletedRequests) {
6218 ChangeDnsConfig(CreateValidDnsConfig());
6219
6220 ResolveHostResponseHelper response(resolver_->CreateRequest(
6221 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6222 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
6223
6224 EXPECT_THAT(response.result_error(), IsOk());
6225 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6226 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6227 CreateExpected("::1", 80)));
6228 EXPECT_THAT(
6229 response.request()->GetEndpointResults(),
6230 testing::Pointee(testing::ElementsAre(
6231 ExpectEndpointResult(testing::UnorderedElementsAre(
6232 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6233
6234 DestroyResolver();
6235
6236 // Completed requests should be unaffected by manager destruction.
6237 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6238 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6239 CreateExpected("::1", 80)));
6240 EXPECT_THAT(
6241 response.request()->GetEndpointResults(),
6242 testing::Pointee(testing::ElementsAre(
6243 ExpectEndpointResult(testing::UnorderedElementsAre(
6244 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6245 }
6246
6247 // Cancel a request with only the IPv6 transaction active.
TEST_F(HostResolverManagerDnsTest,CancelWithIPv6TransactionActive)6248 TEST_F(HostResolverManagerDnsTest, CancelWithIPv6TransactionActive) {
6249 ChangeDnsConfig(CreateValidDnsConfig());
6250
6251 ResolveHostResponseHelper response(resolver_->CreateRequest(
6252 HostPortPair("6slow_ok", 80), NetworkAnonymizationKey(),
6253 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6254 resolve_context_->host_cache()));
6255 EXPECT_EQ(2u, num_running_dispatcher_jobs());
6256
6257 // The IPv4 request should complete, the IPv6 request is still pending.
6258 base::RunLoop().RunUntilIdle();
6259 EXPECT_EQ(1u, num_running_dispatcher_jobs());
6260
6261 response.CancelRequest();
6262 base::RunLoop().RunUntilIdle();
6263 EXPECT_FALSE(response.complete());
6264
6265 // Dispatcher state checked in TearDown.
6266 }
6267
6268 // Cancel a request with only the IPv4 transaction pending.
TEST_F(HostResolverManagerDnsTest,CancelWithIPv4TransactionPending)6269 TEST_F(HostResolverManagerDnsTest, CancelWithIPv4TransactionPending) {
6270 set_allow_fallback_to_systemtask(false);
6271 ChangeDnsConfig(CreateValidDnsConfig());
6272
6273 ResolveHostResponseHelper response(resolver_->CreateRequest(
6274 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
6275 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6276 resolve_context_->host_cache()));
6277 EXPECT_EQ(2u, num_running_dispatcher_jobs());
6278
6279 // The IPv6 request should complete, the IPv4 request is still pending.
6280 base::RunLoop().RunUntilIdle();
6281 EXPECT_EQ(1u, num_running_dispatcher_jobs());
6282
6283 response.CancelRequest();
6284 base::RunLoop().RunUntilIdle();
6285 EXPECT_FALSE(response.complete());
6286 }
6287
TEST_F(HostResolverManagerDnsTest,CancelWithAutomaticModeTransactionPending)6288 TEST_F(HostResolverManagerDnsTest, CancelWithAutomaticModeTransactionPending) {
6289 MockDnsClientRuleList rules;
6290 rules.emplace_back(
6291 "secure_6slow_6nx_insecure_6slow_ok", dns_protocol::kTypeA,
6292 true /* secure */,
6293 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6294 false /* delay */);
6295 rules.emplace_back(
6296 "secure_6slow_6nx_insecure_6slow_ok", dns_protocol::kTypeAAAA,
6297 true /* secure */,
6298 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
6299 true /* delay */);
6300 rules.emplace_back(
6301 "secure_6slow_6nx_insecure_6slow_ok", dns_protocol::kTypeA,
6302 false /* secure */,
6303 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6304 false /* delay */);
6305 rules.emplace_back(
6306 "secure_6slow_6nx_insecure_6slow_ok", dns_protocol::kTypeAAAA,
6307 false /* secure */,
6308 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6309 true /* delay */);
6310 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
6311
6312 DnsConfigOverrides overrides;
6313 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6314 resolver_->SetDnsConfigOverrides(overrides);
6315
6316 ResolveHostResponseHelper response0(resolver_->CreateRequest(
6317 HostPortPair("secure_6slow_6nx_insecure_6slow_ok", 80),
6318 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
6319 resolve_context_.get(), resolve_context_->host_cache()));
6320 EXPECT_EQ(0u, num_running_dispatcher_jobs());
6321
6322 // The secure IPv4 request should complete, the secure IPv6 request is still
6323 // pending.
6324 base::RunLoop().RunUntilIdle();
6325 EXPECT_EQ(0u, num_running_dispatcher_jobs());
6326
6327 response0.CancelRequest();
6328 base::RunLoop().RunUntilIdle();
6329 EXPECT_FALSE(response0.complete());
6330 EXPECT_EQ(0u, num_running_dispatcher_jobs());
6331
6332 ResolveHostResponseHelper response1(resolver_->CreateRequest(
6333 HostPortPair("secure_6slow_6nx_insecure_6slow_ok", 80),
6334 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
6335 resolve_context_.get(), resolve_context_->host_cache()));
6336 EXPECT_EQ(0u, num_running_dispatcher_jobs());
6337
6338 // The secure IPv4 request should complete, the secure IPv6 request is still
6339 // pending.
6340 base::RunLoop().RunUntilIdle();
6341 EXPECT_EQ(0u, num_running_dispatcher_jobs());
6342
6343 // Let the secure IPv6 request complete and start the insecure requests.
6344 dns_client_->CompleteDelayedTransactions();
6345 EXPECT_EQ(2u, num_running_dispatcher_jobs());
6346
6347 // The insecure IPv4 request should complete, the insecure IPv6 request is
6348 // still pending.
6349 base::RunLoop().RunUntilIdle();
6350 EXPECT_EQ(1u, num_running_dispatcher_jobs());
6351
6352 response1.CancelRequest();
6353 base::RunLoop().RunUntilIdle();
6354 EXPECT_FALSE(response1.complete());
6355
6356 // Dispatcher state checked in TearDown.
6357 }
6358
6359 // Test cases where AAAA completes first.
TEST_F(HostResolverManagerDnsTest,AAAACompletesFirst)6360 TEST_F(HostResolverManagerDnsTest, AAAACompletesFirst) {
6361 set_allow_fallback_to_systemtask(false);
6362 ChangeDnsConfig(CreateValidDnsConfig());
6363
6364 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
6365 responses.emplace_back(
6366 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
6367 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
6368 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6369 resolve_context_->host_cache())));
6370 responses.emplace_back(
6371 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
6372 HostPortPair("4slow_4ok", 80), NetworkAnonymizationKey(),
6373 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6374 resolve_context_->host_cache())));
6375 responses.emplace_back(
6376 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
6377 HostPortPair("4slow_4timeout", 80), NetworkAnonymizationKey(),
6378 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6379 resolve_context_->host_cache())));
6380 responses.emplace_back(
6381 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
6382 HostPortPair("4slow_6timeout", 80), NetworkAnonymizationKey(),
6383 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6384 resolve_context_->host_cache())));
6385
6386 base::RunLoop().RunUntilIdle();
6387 EXPECT_FALSE(responses[0]->complete());
6388 EXPECT_FALSE(responses[1]->complete());
6389 EXPECT_FALSE(responses[2]->complete());
6390 // The IPv6 of request 3 should have failed and resulted in cancelling the
6391 // IPv4 request.
6392 EXPECT_THAT(responses[3]->result_error(), IsError(ERR_DNS_TIMED_OUT));
6393 EXPECT_EQ(3u, num_running_dispatcher_jobs());
6394
6395 dns_client_->CompleteDelayedTransactions();
6396 EXPECT_THAT(responses[0]->result_error(), IsOk());
6397 EXPECT_THAT(responses[0]->request()->GetAddressResults()->endpoints(),
6398 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6399 CreateExpected("::1", 80)));
6400 EXPECT_THAT(
6401 responses[0]->request()->GetEndpointResults(),
6402 testing::Pointee(testing::ElementsAre(
6403 ExpectEndpointResult(testing::UnorderedElementsAre(
6404 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6405
6406 EXPECT_THAT(responses[1]->result_error(), IsOk());
6407 EXPECT_THAT(responses[1]->request()->GetAddressResults()->endpoints(),
6408 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
6409 EXPECT_THAT(responses[1]->request()->GetEndpointResults(),
6410 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6411 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
6412
6413 EXPECT_THAT(responses[2]->result_error(), IsError(ERR_DNS_TIMED_OUT));
6414 }
6415
TEST_F(HostResolverManagerDnsTest,AAAACompletesFirst_AutomaticMode)6416 TEST_F(HostResolverManagerDnsTest, AAAACompletesFirst_AutomaticMode) {
6417 MockDnsClientRuleList rules;
6418 rules.emplace_back(
6419 "secure_slow_nx_insecure_4slow_ok", dns_protocol::kTypeA,
6420 true /* secure */,
6421 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
6422 true /* delay */);
6423 rules.emplace_back(
6424 "secure_slow_nx_insecure_4slow_ok", dns_protocol::kTypeAAAA,
6425 true /* secure */,
6426 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
6427 true /* delay */);
6428 rules.emplace_back(
6429 "secure_slow_nx_insecure_4slow_ok", dns_protocol::kTypeA,
6430 false /* secure */,
6431 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
6432 true /* delay */);
6433 rules.emplace_back(
6434 "secure_slow_nx_insecure_4slow_ok", dns_protocol::kTypeAAAA,
6435 false /* secure */,
6436 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
6437 false /* delay */);
6438 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
6439 DnsConfigOverrides overrides;
6440 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6441 resolver_->SetDnsConfigOverrides(overrides);
6442
6443 ResolveHostResponseHelper response(resolver_->CreateRequest(
6444 HostPortPair("secure_slow_nx_insecure_4slow_ok", 80),
6445 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
6446 resolve_context_.get(), resolve_context_->host_cache()));
6447 base::RunLoop().RunUntilIdle();
6448 EXPECT_FALSE(response.complete());
6449 // Complete the secure transactions.
6450 dns_client_->CompleteDelayedTransactions();
6451 base::RunLoop().RunUntilIdle();
6452 EXPECT_FALSE(response.complete());
6453 // Complete the insecure transactions.
6454 dns_client_->CompleteDelayedTransactions();
6455 ASSERT_THAT(response.result_error(), IsOk());
6456 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6457 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
6458 EXPECT_THAT(response.request()->GetEndpointResults(),
6459 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6460 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
6461 HostCache::Key insecure_key =
6462 HostCache::Key("secure_slow_nx_insecure_4slow_ok",
6463 DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6464 HostResolverSource::ANY, NetworkAnonymizationKey());
6465 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
6466 GetCacheHit(insecure_key);
6467 EXPECT_TRUE(!!cache_result);
6468 }
6469
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic)6470 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic) {
6471 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.100");
6472 set_allow_fallback_to_systemtask(true);
6473
6474 ChangeDnsConfig(CreateValidDnsConfig());
6475 DnsConfigOverrides overrides;
6476 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6477 resolver_->SetDnsConfigOverrides(overrides);
6478 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6479
6480 // A successful DoH request should result in a secure cache entry.
6481 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6482 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6483 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6484 resolve_context_->host_cache()));
6485 ASSERT_THAT(response_secure.result_error(), IsOk());
6486 EXPECT_FALSE(
6487 response_secure.request()->GetResolveErrorInfo().is_secure_network_error);
6488 EXPECT_THAT(response_secure.request()->GetAddressResults()->endpoints(),
6489 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6490 CreateExpected("::1", 80)));
6491 EXPECT_THAT(
6492 response_secure.request()->GetEndpointResults(),
6493 testing::Pointee(testing::ElementsAre(
6494 ExpectEndpointResult(testing::UnorderedElementsAre(
6495 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6496 HostCache::Key secure_key = HostCache::Key(
6497 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6498 HostResolverSource::ANY, NetworkAnonymizationKey());
6499 secure_key.secure = true;
6500 cache_result = GetCacheHit(secure_key);
6501 EXPECT_TRUE(!!cache_result);
6502
6503 // A successful plaintext DNS request should result in an insecure cache
6504 // entry.
6505 ResolveHostResponseHelper response_insecure(resolver_->CreateRequest(
6506 HostPortPair("insecure_automatic", 80), NetworkAnonymizationKey(),
6507 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6508 resolve_context_->host_cache()));
6509 ASSERT_THAT(response_insecure.result_error(), IsOk());
6510 EXPECT_FALSE(response_insecure.request()
6511 ->GetResolveErrorInfo()
6512 .is_secure_network_error);
6513 EXPECT_THAT(response_insecure.request()->GetAddressResults()->endpoints(),
6514 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6515 CreateExpected("::1", 80)));
6516 EXPECT_THAT(
6517 response_insecure.request()->GetEndpointResults(),
6518 testing::Pointee(testing::ElementsAre(
6519 ExpectEndpointResult(testing::UnorderedElementsAre(
6520 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6521 HostCache::Key insecure_key =
6522 HostCache::Key("insecure_automatic", DnsQueryType::UNSPECIFIED,
6523 0 /* host_resolver_flags */, HostResolverSource::ANY,
6524 NetworkAnonymizationKey());
6525 cache_result = GetCacheHit(insecure_key);
6526 EXPECT_TRUE(!!cache_result);
6527
6528 // Fallback to HostResolverSystemTask allowed in AUTOMATIC mode.
6529 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
6530 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
6531 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6532 resolve_context_->host_cache()));
6533 proc_->SignalMultiple(1u);
6534 EXPECT_THAT(response_system.result_error(), IsOk());
6535 EXPECT_THAT(response_system.request()->GetAddressResults()->endpoints(),
6536 testing::ElementsAre(CreateExpected("192.168.1.100", 80)));
6537 EXPECT_THAT(response_system.request()->GetEndpointResults(),
6538 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6539 testing::ElementsAre(CreateExpected("192.168.1.100", 80))))));
6540 }
6541
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_SecureCache)6542 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_SecureCache) {
6543 ChangeDnsConfig(CreateValidDnsConfig());
6544 DnsConfigOverrides overrides;
6545 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6546 resolver_->SetDnsConfigOverrides(overrides);
6547
6548 // Populate cache with a secure entry.
6549 HostCache::Key cached_secure_key =
6550 HostCache::Key("automatic_cached", DnsQueryType::UNSPECIFIED,
6551 0 /* host_resolver_flags */, HostResolverSource::ANY,
6552 NetworkAnonymizationKey());
6553 cached_secure_key.secure = true;
6554 IPEndPoint kExpectedSecureIP = CreateExpected("192.168.1.102", 80);
6555 PopulateCache(cached_secure_key, kExpectedSecureIP);
6556
6557 // The secure cache should be checked prior to any DoH request being sent.
6558 ResolveHostResponseHelper response_secure_cached(resolver_->CreateRequest(
6559 HostPortPair("automatic_cached", 80), NetworkAnonymizationKey(),
6560 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6561 resolve_context_->host_cache()));
6562 EXPECT_THAT(response_secure_cached.result_error(), IsOk());
6563 EXPECT_FALSE(response_secure_cached.request()
6564 ->GetResolveErrorInfo()
6565 .is_secure_network_error);
6566 EXPECT_THAT(
6567 response_secure_cached.request()->GetAddressResults()->endpoints(),
6568 testing::ElementsAre(kExpectedSecureIP));
6569 EXPECT_THAT(response_secure_cached.request()->GetEndpointResults(),
6570 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6571 testing::ElementsAre(kExpectedSecureIP)))));
6572 EXPECT_FALSE(
6573 response_secure_cached.request()->GetStaleInfo().value().is_stale());
6574 }
6575
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_InsecureCache)6576 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_InsecureCache) {
6577 ChangeDnsConfig(CreateValidDnsConfig());
6578 DnsConfigOverrides overrides;
6579 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6580 resolver_->SetDnsConfigOverrides(overrides);
6581
6582 // Populate cache with an insecure entry.
6583 HostCache::Key cached_insecure_key =
6584 HostCache::Key("insecure_automatic_cached", DnsQueryType::UNSPECIFIED,
6585 0 /* host_resolver_flags */, HostResolverSource::ANY,
6586 NetworkAnonymizationKey());
6587 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.103", 80);
6588 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6589
6590 // The insecure cache should be checked after DoH requests fail.
6591 ResolveHostResponseHelper response_insecure_cached(resolver_->CreateRequest(
6592 HostPortPair("insecure_automatic_cached", 80), NetworkAnonymizationKey(),
6593 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6594 resolve_context_->host_cache()));
6595 EXPECT_THAT(response_insecure_cached.result_error(), IsOk());
6596 EXPECT_FALSE(response_insecure_cached.request()
6597 ->GetResolveErrorInfo()
6598 .is_secure_network_error);
6599 EXPECT_THAT(
6600 response_insecure_cached.request()->GetAddressResults()->endpoints(),
6601 testing::ElementsAre(kExpectedInsecureIP));
6602 EXPECT_THAT(response_insecure_cached.request()->GetEndpointResults(),
6603 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6604 testing::ElementsAre(kExpectedInsecureIP)))));
6605 EXPECT_FALSE(
6606 response_insecure_cached.request()->GetStaleInfo().value().is_stale());
6607 }
6608
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_Downgrade)6609 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Downgrade) {
6610 ChangeDnsConfig(CreateValidDnsConfig());
6611 // There is no DoH server available.
6612 DnsConfigOverrides overrides;
6613 overrides.dns_over_https_config.emplace();
6614 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6615 resolver_->SetDnsConfigOverrides(overrides);
6616 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6617
6618 // Populate cache with both secure and insecure entries.
6619 HostCache::Key cached_secure_key =
6620 HostCache::Key("automatic_cached", DnsQueryType::UNSPECIFIED,
6621 0 /* host_resolver_flags */, HostResolverSource::ANY,
6622 NetworkAnonymizationKey());
6623 cached_secure_key.secure = true;
6624 IPEndPoint kExpectedSecureIP = CreateExpected("192.168.1.102", 80);
6625 PopulateCache(cached_secure_key, kExpectedSecureIP);
6626 HostCache::Key cached_insecure_key =
6627 HostCache::Key("insecure_automatic_cached", DnsQueryType::UNSPECIFIED,
6628 0 /* host_resolver_flags */, HostResolverSource::ANY,
6629 NetworkAnonymizationKey());
6630 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.103", 80);
6631 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6632
6633 // The secure cache should still be checked first.
6634 ResolveHostResponseHelper response_cached(resolver_->CreateRequest(
6635 HostPortPair("automatic_cached", 80), NetworkAnonymizationKey(),
6636 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6637 resolve_context_->host_cache()));
6638 EXPECT_THAT(response_cached.result_error(), IsOk());
6639 EXPECT_THAT(response_cached.request()->GetAddressResults()->endpoints(),
6640 testing::ElementsAre(kExpectedSecureIP));
6641 EXPECT_THAT(response_cached.request()->GetEndpointResults(),
6642 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6643 testing::ElementsAre(kExpectedSecureIP)))));
6644
6645 // The insecure cache should be checked before any insecure requests are sent.
6646 ResolveHostResponseHelper insecure_response_cached(resolver_->CreateRequest(
6647 HostPortPair("insecure_automatic_cached", 80), NetworkAnonymizationKey(),
6648 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6649 resolve_context_->host_cache()));
6650 EXPECT_THAT(insecure_response_cached.result_error(), IsOk());
6651 EXPECT_THAT(
6652 insecure_response_cached.request()->GetAddressResults()->endpoints(),
6653 testing::ElementsAre(kExpectedInsecureIP));
6654 EXPECT_THAT(insecure_response_cached.request()->GetEndpointResults(),
6655 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6656 testing::ElementsAre(kExpectedInsecureIP)))));
6657
6658 // The DnsConfig doesn't contain DoH servers so AUTOMATIC mode will be
6659 // downgraded to OFF. A successful plaintext DNS request should result in an
6660 // insecure cache entry.
6661 ResolveHostResponseHelper response(resolver_->CreateRequest(
6662 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6663 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6664 resolve_context_->host_cache()));
6665 ASSERT_THAT(response.result_error(), IsOk());
6666 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6667 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6668 CreateExpected("::1", 80)));
6669 EXPECT_THAT(
6670 response.request()->GetEndpointResults(),
6671 testing::Pointee(testing::ElementsAre(
6672 ExpectEndpointResult(testing::UnorderedElementsAre(
6673 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6674 HostCache::Key key = HostCache::Key(
6675 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6676 HostResolverSource::ANY, NetworkAnonymizationKey());
6677 cache_result = GetCacheHit(key);
6678 EXPECT_TRUE(!!cache_result);
6679 }
6680
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_Unavailable)6681 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Unavailable) {
6682 ChangeDnsConfig(CreateValidDnsConfig());
6683 DnsConfigOverrides overrides;
6684 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6685 resolver_->SetDnsConfigOverrides(overrides);
6686 dns_client_->SetForceDohServerAvailable(false);
6687
6688 // DoH requests should be skipped when there are no available DoH servers
6689 // in automatic mode. The cached result should be in the insecure cache.
6690 ResolveHostResponseHelper response_automatic(resolver_->CreateRequest(
6691 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6692 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6693 resolve_context_->host_cache()));
6694 ASSERT_THAT(response_automatic.result_error(), IsOk());
6695 EXPECT_FALSE(response_automatic.request()
6696 ->GetResolveErrorInfo()
6697 .is_secure_network_error);
6698 EXPECT_THAT(response_automatic.request()->GetAddressResults()->endpoints(),
6699 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6700 CreateExpected("::1", 80)));
6701 EXPECT_THAT(
6702 response_automatic.request()->GetEndpointResults(),
6703 testing::Pointee(testing::ElementsAre(
6704 ExpectEndpointResult(testing::UnorderedElementsAre(
6705 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6706 HostCache::Key secure_key = HostCache::Key(
6707 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6708 HostResolverSource::ANY, NetworkAnonymizationKey());
6709 secure_key.secure = true;
6710 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
6711 GetCacheHit(secure_key);
6712 EXPECT_FALSE(!!cache_result);
6713
6714 HostCache::Key insecure_key = HostCache::Key(
6715 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6716 HostResolverSource::ANY, NetworkAnonymizationKey());
6717 cache_result = GetCacheHit(insecure_key);
6718 EXPECT_TRUE(!!cache_result);
6719 }
6720
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_Unavailable_Fail)6721 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Unavailable_Fail) {
6722 set_allow_fallback_to_systemtask(false);
6723 ChangeDnsConfig(CreateValidDnsConfig());
6724 DnsConfigOverrides overrides;
6725 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6726 resolver_->SetDnsConfigOverrides(overrides);
6727 dns_client_->SetForceDohServerAvailable(false);
6728
6729 // Insecure requests that fail should not be cached.
6730 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6731 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6732 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
6733 ASSERT_THAT(response_secure.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6734 EXPECT_FALSE(
6735 response_secure.request()->GetResolveErrorInfo().is_secure_network_error);
6736
6737 HostCache::Key secure_key = HostCache::Key(
6738 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6739 HostResolverSource::ANY, NetworkAnonymizationKey());
6740 secure_key.secure = true;
6741 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
6742 GetCacheHit(secure_key);
6743 EXPECT_FALSE(!!cache_result);
6744
6745 HostCache::Key insecure_key = HostCache::Key(
6746 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6747 HostResolverSource::ANY, NetworkAnonymizationKey());
6748 cache_result = GetCacheHit(insecure_key);
6749 EXPECT_FALSE(!!cache_result);
6750 }
6751
6752 // Test that DoH server availability is respected per-context.
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_UnavailableByContext)6753 TEST_F(HostResolverManagerDnsTest,
6754 SecureDnsMode_Automatic_UnavailableByContext) {
6755 // Create and register two separate contexts.
6756 auto request_context1 = CreateTestURLRequestContextBuilder()->Build();
6757 auto request_context2 = CreateTestURLRequestContextBuilder()->Build();
6758 ResolveContext resolve_context1(request_context1.get(),
6759 false /* enable_caching */);
6760 ResolveContext resolve_context2(request_context2.get(),
6761 false /* enable_caching */);
6762 resolver_->RegisterResolveContext(&resolve_context1);
6763 resolver_->RegisterResolveContext(&resolve_context2);
6764
6765 // Configure the resolver and underlying mock to attempt a secure query iff
6766 // the context has marked a DoH server available and otherwise attempt a
6767 // non-secure query.
6768 set_allow_fallback_to_systemtask(false);
6769 ChangeDnsConfig(CreateValidDnsConfig());
6770 DnsConfigOverrides overrides;
6771 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6772 resolver_->SetDnsConfigOverrides(overrides);
6773 dns_client_->SetForceDohServerAvailable(false);
6774
6775 // Mark a DoH server successful only for |resolve_context2|. Note that this
6776 // must come after the resolver's configuration is set because this relies on
6777 // the specific configuration containing a DoH server.
6778 resolve_context2.RecordServerSuccess(0u /* server_index */,
6779 true /* is_doh_server */,
6780 dns_client_->GetCurrentSession());
6781
6782 // No available DoH servers for |resolve_context1|, so expect a non-secure
6783 // request. Non-secure requests for "secure" will fail with
6784 // ERR_NAME_NOT_RESOLVED.
6785 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6786 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6787 absl::nullopt, &resolve_context1, resolve_context_->host_cache()));
6788 ASSERT_THAT(response_secure.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6789
6790 // One available DoH server for |resolve_context2|, so expect a secure
6791 // request. Secure requests for "secure" will succeed.
6792 ResolveHostResponseHelper response_secure2(resolver_->CreateRequest(
6793 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6794 absl::nullopt, &resolve_context2, nullptr /* host_cache */));
6795 ASSERT_THAT(response_secure2.result_error(), IsOk());
6796
6797 resolver_->DeregisterResolveContext(&resolve_context1);
6798 resolver_->DeregisterResolveContext(&resolve_context2);
6799 }
6800
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_Stale)6801 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Stale) {
6802 ChangeDnsConfig(CreateValidDnsConfig());
6803 DnsConfigOverrides overrides;
6804 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6805 resolver_->SetDnsConfigOverrides(overrides);
6806
6807 // Populate cache with insecure entry.
6808 HostCache::Key cached_stale_key = HostCache::Key(
6809 "automatic_stale", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6810 HostResolverSource::ANY, NetworkAnonymizationKey());
6811 IPEndPoint kExpectedStaleIP = CreateExpected("192.168.1.102", 80);
6812 PopulateCache(cached_stale_key, kExpectedStaleIP);
6813 MakeCacheStale();
6814
6815 HostResolver::ResolveHostParameters stale_allowed_parameters;
6816 stale_allowed_parameters.cache_usage =
6817 HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
6818
6819 // The insecure cache should be checked before secure requests are made since
6820 // stale results are allowed.
6821 ResolveHostResponseHelper response_stale(resolver_->CreateRequest(
6822 HostPortPair("automatic_stale", 80), NetworkAnonymizationKey(),
6823 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get(),
6824 resolve_context_->host_cache()));
6825 EXPECT_THAT(response_stale.result_error(), IsOk());
6826 EXPECT_FALSE(
6827 response_stale.request()->GetResolveErrorInfo().is_secure_network_error);
6828 EXPECT_THAT(response_stale.request()->GetAddressResults()->endpoints(),
6829 testing::ElementsAre(kExpectedStaleIP));
6830 EXPECT_THAT(response_stale.request()->GetEndpointResults(),
6831 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6832 testing::ElementsAre(kExpectedStaleIP)))));
6833 EXPECT_TRUE(response_stale.request()->GetStaleInfo()->is_stale());
6834 }
6835
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_InsecureAsyncDisabled)6836 TEST_F(HostResolverManagerDnsTest,
6837 SecureDnsMode_Automatic_InsecureAsyncDisabled) {
6838 proc_->AddRuleForAllFamilies("insecure_automatic", "192.168.1.100");
6839 ChangeDnsConfig(CreateValidDnsConfig());
6840 resolver_->SetInsecureDnsClientEnabled(
6841 /*enabled=*/false,
6842 /*additional_dns_types_enabled=*/false);
6843 DnsConfigOverrides overrides;
6844 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6845 resolver_->SetDnsConfigOverrides(overrides);
6846
6847 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6848
6849 // The secure part of the dns client should be enabled.
6850 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6851 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6852 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6853 resolve_context_->host_cache()));
6854 ASSERT_THAT(response_secure.result_error(), IsOk());
6855 EXPECT_THAT(response_secure.request()->GetAddressResults()->endpoints(),
6856 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6857 CreateExpected("::1", 80)));
6858 EXPECT_THAT(
6859 response_secure.request()->GetEndpointResults(),
6860 testing::Pointee(testing::ElementsAre(
6861 ExpectEndpointResult(testing::UnorderedElementsAre(
6862 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6863 HostCache::Key secure_key = HostCache::Key(
6864 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6865 HostResolverSource::ANY, NetworkAnonymizationKey());
6866 secure_key.secure = true;
6867 cache_result = GetCacheHit(secure_key);
6868 EXPECT_TRUE(!!cache_result);
6869
6870 // The insecure part of the dns client is disabled so insecure requests
6871 // should be skipped.
6872 ResolveHostResponseHelper response_insecure(resolver_->CreateRequest(
6873 HostPortPair("insecure_automatic", 80), NetworkAnonymizationKey(),
6874 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6875 resolve_context_->host_cache()));
6876 proc_->SignalMultiple(1u);
6877 ASSERT_THAT(response_insecure.result_error(), IsOk());
6878 EXPECT_THAT(response_insecure.request()->GetAddressResults()->endpoints(),
6879 testing::ElementsAre(CreateExpected("192.168.1.100", 80)));
6880 EXPECT_THAT(response_insecure.request()->GetEndpointResults(),
6881 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6882 testing::ElementsAre(CreateExpected("192.168.1.100", 80))))));
6883 HostCache::Key insecure_key =
6884 HostCache::Key("insecure_automatic", DnsQueryType::UNSPECIFIED,
6885 0 /* host_resolver_flags */, HostResolverSource::ANY,
6886 NetworkAnonymizationKey());
6887 cache_result = GetCacheHit(insecure_key);
6888 EXPECT_TRUE(!!cache_result);
6889
6890 HostCache::Key cached_insecure_key =
6891 HostCache::Key("insecure_automatic_cached", DnsQueryType::UNSPECIFIED,
6892 0 /* host_resolver_flags */, HostResolverSource::ANY,
6893 NetworkAnonymizationKey());
6894 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.101", 80);
6895 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6896
6897 // The insecure cache should still be checked even if the insecure part of
6898 // the dns client is disabled.
6899 ResolveHostResponseHelper response_insecure_cached(resolver_->CreateRequest(
6900 HostPortPair("insecure_automatic_cached", 80), NetworkAnonymizationKey(),
6901 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6902 resolve_context_->host_cache()));
6903 EXPECT_THAT(response_insecure_cached.result_error(), IsOk());
6904 EXPECT_THAT(
6905 response_insecure_cached.request()->GetAddressResults()->endpoints(),
6906 testing::ElementsAre(kExpectedInsecureIP));
6907 EXPECT_THAT(response_insecure_cached.request()->GetEndpointResults(),
6908 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6909 testing::ElementsAre(kExpectedInsecureIP)))));
6910 }
6911
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_DotActive)6912 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_DotActive) {
6913 proc_->AddRuleForAllFamilies("insecure_automatic", "192.168.1.100");
6914 DnsConfig config = CreateValidDnsConfig();
6915 config.dns_over_tls_active = true;
6916 ChangeDnsConfig(config);
6917 DnsConfigOverrides overrides;
6918 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6919 resolver_->SetDnsConfigOverrides(overrides);
6920
6921 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6922
6923 // The secure part of the dns client should be enabled.
6924 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6925 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6926 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6927 resolve_context_->host_cache()));
6928 ASSERT_THAT(response_secure.result_error(), IsOk());
6929 EXPECT_THAT(response_secure.request()->GetAddressResults()->endpoints(),
6930 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6931 CreateExpected("::1", 80)));
6932 EXPECT_THAT(
6933 response_secure.request()->GetEndpointResults(),
6934 testing::Pointee(testing::ElementsAre(
6935 ExpectEndpointResult(testing::UnorderedElementsAre(
6936 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6937 HostCache::Key secure_key = HostCache::Key(
6938 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6939 HostResolverSource::ANY, NetworkAnonymizationKey());
6940 secure_key.secure = true;
6941 cache_result = GetCacheHit(secure_key);
6942 EXPECT_TRUE(!!cache_result);
6943
6944 // Insecure async requests should be skipped since the system resolver
6945 // requests will be secure.
6946 ResolveHostResponseHelper response_insecure(resolver_->CreateRequest(
6947 HostPortPair("insecure_automatic", 80), NetworkAnonymizationKey(),
6948 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6949 resolve_context_->host_cache()));
6950 proc_->SignalMultiple(1u);
6951 ASSERT_THAT(response_insecure.result_error(), IsOk());
6952 EXPECT_FALSE(response_insecure.request()
6953 ->GetResolveErrorInfo()
6954 .is_secure_network_error);
6955 EXPECT_THAT(response_insecure.request()->GetAddressResults()->endpoints(),
6956 testing::ElementsAre(CreateExpected("192.168.1.100", 80)));
6957 EXPECT_THAT(response_insecure.request()->GetEndpointResults(),
6958 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6959 testing::ElementsAre(CreateExpected("192.168.1.100", 80))))));
6960 HostCache::Key insecure_key =
6961 HostCache::Key("insecure_automatic", DnsQueryType::UNSPECIFIED,
6962 0 /* host_resolver_flags */, HostResolverSource::ANY,
6963 NetworkAnonymizationKey());
6964 cache_result = GetCacheHit(insecure_key);
6965 EXPECT_TRUE(!!cache_result);
6966
6967 HostCache::Key cached_insecure_key =
6968 HostCache::Key("insecure_automatic_cached", DnsQueryType::UNSPECIFIED,
6969 0 /* host_resolver_flags */, HostResolverSource::ANY,
6970 NetworkAnonymizationKey());
6971 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.101", 80);
6972 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6973
6974 // The insecure cache should still be checked.
6975 ResolveHostResponseHelper response_insecure_cached(resolver_->CreateRequest(
6976 HostPortPair("insecure_automatic_cached", 80), NetworkAnonymizationKey(),
6977 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
6978 resolve_context_->host_cache()));
6979 EXPECT_THAT(response_insecure_cached.result_error(), IsOk());
6980 EXPECT_FALSE(response_insecure_cached.request()
6981 ->GetResolveErrorInfo()
6982 .is_secure_network_error);
6983 EXPECT_THAT(
6984 response_insecure_cached.request()->GetAddressResults()->endpoints(),
6985 testing::ElementsAre(kExpectedInsecureIP));
6986 EXPECT_THAT(response_insecure_cached.request()->GetEndpointResults(),
6987 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6988 testing::ElementsAre(kExpectedInsecureIP)))));
6989 }
6990
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Secure)6991 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure) {
6992 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.100");
6993 set_allow_fallback_to_systemtask(true);
6994
6995 ChangeDnsConfig(CreateValidDnsConfig());
6996 DnsConfigOverrides overrides;
6997 overrides.secure_dns_mode = SecureDnsMode::kSecure;
6998 resolver_->SetDnsConfigOverrides(overrides);
6999 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
7000
7001 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
7002 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7003 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7004 ASSERT_THAT(response_secure.result_error(), IsOk());
7005 EXPECT_FALSE(
7006 response_secure.request()->GetResolveErrorInfo().is_secure_network_error);
7007 HostCache::Key secure_key = HostCache::Key(
7008 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
7009 HostResolverSource::ANY, NetworkAnonymizationKey());
7010 secure_key.secure = true;
7011 cache_result = GetCacheHit(secure_key);
7012 EXPECT_TRUE(!!cache_result);
7013
7014 ResolveHostResponseHelper response_insecure(resolver_->CreateRequest(
7015 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7016 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7017 ASSERT_THAT(response_insecure.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7018 EXPECT_TRUE(response_insecure.request()
7019 ->GetResolveErrorInfo()
7020 .is_secure_network_error);
7021 HostCache::Key insecure_key = HostCache::Key(
7022 "ok", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
7023 HostResolverSource::ANY, NetworkAnonymizationKey());
7024 cache_result = GetCacheHit(insecure_key);
7025 EXPECT_FALSE(!!cache_result);
7026
7027 // Fallback to HostResolverSystemTask not allowed in SECURE mode.
7028 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
7029 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
7030 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7031 resolve_context_->host_cache()));
7032 proc_->SignalMultiple(1u);
7033 EXPECT_THAT(response_system.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7034 EXPECT_TRUE(
7035 response_system.request()->GetResolveErrorInfo().is_secure_network_error);
7036 }
7037
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Secure_InsecureAsyncDisabled)7038 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure_InsecureAsyncDisabled) {
7039 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.100");
7040 set_allow_fallback_to_systemtask(true);
7041 resolver_->SetInsecureDnsClientEnabled(
7042 /*enabled=*/false,
7043 /*additional_dns_types_enabled=*/false);
7044
7045 ChangeDnsConfig(CreateValidDnsConfig());
7046 DnsConfigOverrides overrides;
7047 overrides.secure_dns_mode = SecureDnsMode::kSecure;
7048 resolver_->SetDnsConfigOverrides(overrides);
7049 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
7050
7051 // The secure part of the dns client should be enabled.
7052 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
7053 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7054 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7055 ASSERT_THAT(response_secure.result_error(), IsOk());
7056 HostCache::Key secure_key = HostCache::Key(
7057 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
7058 HostResolverSource::ANY, NetworkAnonymizationKey());
7059 secure_key.secure = true;
7060 cache_result = GetCacheHit(secure_key);
7061 EXPECT_TRUE(!!cache_result);
7062 }
7063
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Secure_Local_CacheMiss)7064 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure_Local_CacheMiss) {
7065 ChangeDnsConfig(CreateValidDnsConfig());
7066 DnsConfigOverrides overrides;
7067 overrides.secure_dns_mode = SecureDnsMode::kSecure;
7068 resolver_->SetDnsConfigOverrides(overrides);
7069
7070 HostResolver::ResolveHostParameters source_none_parameters;
7071 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
7072
7073 // Populate cache with an insecure entry.
7074 HostCache::Key cached_insecure_key = HostCache::Key(
7075 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
7076 HostResolverSource::ANY, NetworkAnonymizationKey());
7077 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.102", 80);
7078 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
7079
7080 // NONE query expected to complete synchronously with a cache miss since
7081 // the insecure cache should not be checked.
7082 ResolveHostResponseHelper cache_miss_request(resolver_->CreateRequest(
7083 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
7084 NetLogWithSource(), source_none_parameters, resolve_context_.get(),
7085 resolve_context_->host_cache()));
7086 EXPECT_TRUE(cache_miss_request.complete());
7087 EXPECT_THAT(cache_miss_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
7088 EXPECT_FALSE(cache_miss_request.request()
7089 ->GetResolveErrorInfo()
7090 .is_secure_network_error);
7091 EXPECT_THAT(cache_miss_request.request()->GetAddressResults(),
7092 AnyOf(nullptr, Pointee(IsEmpty())));
7093 EXPECT_THAT(cache_miss_request.request()->GetEndpointResults(),
7094 AnyOf(nullptr, Pointee(IsEmpty())));
7095 EXPECT_FALSE(cache_miss_request.request()->GetStaleInfo());
7096 }
7097
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Secure_Local_CacheHit)7098 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure_Local_CacheHit) {
7099 ChangeDnsConfig(CreateValidDnsConfig());
7100 DnsConfigOverrides overrides;
7101 overrides.secure_dns_mode = SecureDnsMode::kSecure;
7102 resolver_->SetDnsConfigOverrides(overrides);
7103
7104 HostResolver::ResolveHostParameters source_none_parameters;
7105 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
7106
7107 // Populate cache with a secure entry.
7108 HostCache::Key cached_secure_key = HostCache::Key(
7109 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
7110 HostResolverSource::ANY, NetworkAnonymizationKey());
7111 cached_secure_key.secure = true;
7112 IPEndPoint kExpectedSecureIP = CreateExpected("192.168.1.103", 80);
7113 PopulateCache(cached_secure_key, kExpectedSecureIP);
7114
7115 // NONE query expected to complete synchronously with a cache hit from the
7116 // secure cache.
7117 ResolveHostResponseHelper response_cached(resolver_->CreateRequest(
7118 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7119 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7120 EXPECT_TRUE(response_cached.complete());
7121 EXPECT_THAT(response_cached.result_error(), IsOk());
7122 EXPECT_FALSE(
7123 response_cached.request()->GetResolveErrorInfo().is_secure_network_error);
7124 EXPECT_THAT(response_cached.request()->GetAddressResults()->endpoints(),
7125 testing::ElementsAre(kExpectedSecureIP));
7126 EXPECT_THAT(response_cached.request()->GetEndpointResults(),
7127 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7128 testing::ElementsAre(kExpectedSecureIP)))));
7129 }
7130
7131 // On an IPv6 network, if we get A results and the AAAA response is SERVFAIL, we
7132 // fail the whole DnsTask rather than proceeding with just the A results. In
7133 // SECURE mode, fallback to the system resolver is disabled. See
7134 // https://crbug.com/1292324.
TEST_F(HostResolverManagerDnsTest,SecureDnsModeIsSecureAndAAAAServfailCausesFailDespiteAResults)7135 TEST_F(HostResolverManagerDnsTest,
7136 SecureDnsModeIsSecureAndAAAAServfailCausesFailDespiteAResults) {
7137 constexpr char kName[] = "name.test";
7138
7139 MockDnsClientRuleList rules;
7140 rules.emplace_back(
7141 kName, dns_protocol::kTypeA, /*secure=*/true,
7142 MockDnsClientRule::Result(
7143 MockDnsClientRule::ResultType::kOk,
7144 BuildTestDnsAddressResponse(kName, IPAddress(192, 168, 1, 103))),
7145 /*delay=*/false);
7146 rules.emplace_back(
7147 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
7148 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
7149 /*delay=*/false);
7150
7151 DnsConfig config = CreateValidDnsConfig();
7152 config.use_local_ipv6 = true;
7153
7154 CreateResolver();
7155 UseMockDnsClient(config, std::move(rules));
7156 DnsConfigOverrides overrides;
7157 overrides.secure_dns_mode = SecureDnsMode::kSecure;
7158 resolver_->SetDnsConfigOverrides(overrides);
7159
7160 ResolveHostResponseHelper response(resolver_->CreateRequest(
7161 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
7162 NetworkAnonymizationKey(), NetLogWithSource(),
7163 /*optional_parameters=*/absl::nullopt, resolve_context_.get(),
7164 resolve_context_->host_cache()));
7165 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7166 EXPECT_THAT(response.request()->GetEndpointResults(),
7167 AnyOf(nullptr, Pointee(IsEmpty())));
7168 EXPECT_THAT(response.request()->GetTextResults(),
7169 AnyOf(nullptr, Pointee(IsEmpty())));
7170 EXPECT_THAT(response.request()->GetHostnameResults(),
7171 AnyOf(nullptr, Pointee(IsEmpty())));
7172 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
7173 AnyOf(nullptr, Pointee(IsEmpty())));
7174
7175 // Expect result not cached.
7176 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
7177 }
7178
7179 // Test for a resolve with a transaction that takes longer than usual to
7180 // complete. With the typical behavior of using fast timeouts, this is expected
7181 // to timeout and fallback to the system resolver.
TEST_F(HostResolverManagerDnsTest,SlowResolve)7182 TEST_F(HostResolverManagerDnsTest, SlowResolve) {
7183 // Add a successful fallback result.
7184 proc_->AddRuleForAllFamilies("slow_succeed", "192.168.1.211");
7185
7186 MockDnsClientRuleList rules = CreateDefaultDnsRules();
7187 AddDnsRule(&rules, "slow_fail", dns_protocol::kTypeA,
7188 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7189 AddDnsRule(&rules, "slow_fail", dns_protocol::kTypeAAAA,
7190 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7191 AddDnsRule(&rules, "slow_succeed", dns_protocol::kTypeA,
7192 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7193 AddDnsRule(&rules, "slow_succeed", dns_protocol::kTypeAAAA,
7194 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7195 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7196
7197 ResolveHostResponseHelper response0(resolver_->CreateRequest(
7198 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7199 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7200 ResolveHostResponseHelper response1(resolver_->CreateRequest(
7201 HostPortPair("slow_fail", 80), NetworkAnonymizationKey(),
7202 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7203 resolve_context_->host_cache()));
7204 ResolveHostResponseHelper response2(resolver_->CreateRequest(
7205 HostPortPair("slow_succeed", 80), NetworkAnonymizationKey(),
7206 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7207 resolve_context_->host_cache()));
7208 proc_->SignalMultiple(3u);
7209
7210 EXPECT_THAT(response0.result_error(), IsOk());
7211 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
7212 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
7213 CreateExpected("::1", 80)));
7214 EXPECT_THAT(
7215 response0.request()->GetEndpointResults(),
7216 testing::Pointee(testing::ElementsAre(
7217 ExpectEndpointResult(testing::UnorderedElementsAre(
7218 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
7219 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7220 EXPECT_THAT(response2.result_error(), IsOk());
7221 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
7222 testing::ElementsAre(CreateExpected("192.168.1.211", 80)));
7223 EXPECT_THAT(response2.request()->GetEndpointResults(),
7224 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7225 testing::ElementsAre(CreateExpected("192.168.1.211", 80))))));
7226 }
7227
7228 // Test for a resolve with a secure transaction that takes longer than usual to
7229 // complete. In automatic mode, because fallback to insecure is available, the
7230 // secure transaction is expected to quickly timeout and fallback to insecure.
TEST_F(HostResolverManagerDnsTest,SlowSecureResolve_AutomaticMode)7231 TEST_F(HostResolverManagerDnsTest, SlowSecureResolve_AutomaticMode) {
7232 set_allow_fallback_to_systemtask(false);
7233
7234 MockDnsClientRuleList rules = CreateDefaultDnsRules();
7235 AddSecureDnsRule(&rules, "slow_fail", dns_protocol::kTypeA,
7236 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7237 AddSecureDnsRule(&rules, "slow_fail", dns_protocol::kTypeAAAA,
7238 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7239 AddSecureDnsRule(&rules, "slow_succeed", dns_protocol::kTypeA,
7240 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7241 AddSecureDnsRule(&rules, "slow_succeed", dns_protocol::kTypeAAAA,
7242 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7243 AddDnsRule(&rules, "slow_succeed", dns_protocol::kTypeA,
7244 IPAddress(111, 222, 112, 223), false /* delay */);
7245 AddDnsRule(&rules, "slow_succeed", dns_protocol::kTypeAAAA,
7246 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
7247 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7248
7249 DnsConfigOverrides overrides;
7250 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
7251 resolver_->SetDnsConfigOverrides(overrides);
7252
7253 ResolveHostResponseHelper response0(resolver_->CreateRequest(
7254 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7255 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7256 ResolveHostResponseHelper response1(resolver_->CreateRequest(
7257 HostPortPair("slow_fail", 80), NetworkAnonymizationKey(),
7258 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7259 resolve_context_->host_cache()));
7260 ResolveHostResponseHelper response2(resolver_->CreateRequest(
7261 HostPortPair("slow_succeed", 80), NetworkAnonymizationKey(),
7262 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7263 resolve_context_->host_cache()));
7264
7265 EXPECT_THAT(response0.result_error(), IsOk());
7266 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
7267 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
7268 CreateExpected("::1", 80)));
7269 EXPECT_THAT(
7270 response0.request()->GetEndpointResults(),
7271 testing::Pointee(testing::ElementsAre(
7272 ExpectEndpointResult(testing::UnorderedElementsAre(
7273 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
7274 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7275 EXPECT_THAT(response2.result_error(), IsOk());
7276 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
7277 testing::ElementsAre(CreateExpected("111.222.112.223", 80)));
7278 EXPECT_THAT(
7279 response2.request()->GetEndpointResults(),
7280 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7281 testing::ElementsAre(CreateExpected("111.222.112.223", 80))))));
7282 }
7283
7284 // Test for a resolve with a secure transaction that takes longer than usual to
7285 // complete. In secure mode, because no fallback is available, this is expected
7286 // to wait longer before timeout and complete successfully.
TEST_F(HostResolverManagerDnsTest,SlowSecureResolve_SecureMode)7287 TEST_F(HostResolverManagerDnsTest, SlowSecureResolve_SecureMode) {
7288 MockDnsClientRuleList rules = CreateDefaultDnsRules();
7289 AddSecureDnsRule(&rules, "slow", dns_protocol::kTypeA,
7290 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7291 AddSecureDnsRule(&rules, "slow", dns_protocol::kTypeAAAA,
7292 MockDnsClientRule::ResultType::kSlow, false /* delay */);
7293 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7294
7295 DnsConfigOverrides overrides;
7296 overrides.secure_dns_mode = SecureDnsMode::kSecure;
7297 resolver_->SetDnsConfigOverrides(overrides);
7298
7299 ResolveHostResponseHelper response0(resolver_->CreateRequest(
7300 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7301 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7302 ResolveHostResponseHelper response1(resolver_->CreateRequest(
7303 HostPortPair("slow", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7304 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7305
7306 EXPECT_THAT(response0.result_error(), IsOk());
7307 EXPECT_THAT(response1.result_error(), IsOk());
7308 }
7309
7310 // Test the case where only a single transaction slot is available.
TEST_F(HostResolverManagerDnsTest,SerialResolver)7311 TEST_F(HostResolverManagerDnsTest, SerialResolver) {
7312 CreateSerialResolver();
7313 set_allow_fallback_to_systemtask(false);
7314 ChangeDnsConfig(CreateValidDnsConfig());
7315
7316 ResolveHostResponseHelper response(resolver_->CreateRequest(
7317 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7318 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7319 EXPECT_FALSE(response.complete());
7320 EXPECT_EQ(1u, num_running_dispatcher_jobs());
7321
7322 base::RunLoop().RunUntilIdle();
7323 EXPECT_TRUE(response.complete());
7324 EXPECT_THAT(response.result_error(), IsOk());
7325 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
7326 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
7327 CreateExpected("::1", 80)));
7328 EXPECT_THAT(
7329 response.request()->GetEndpointResults(),
7330 testing::Pointee(testing::ElementsAre(
7331 ExpectEndpointResult(testing::UnorderedElementsAre(
7332 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
7333 }
7334
7335 // Test the case where subsequent transactions are handled on transaction
7336 // completion when only part of a multi-transaction request could be initially
7337 // started.
TEST_F(HostResolverManagerDnsTest,AAAAStartsAfterOtherJobFinishes)7338 TEST_F(HostResolverManagerDnsTest, AAAAStartsAfterOtherJobFinishes) {
7339 CreateResolverWithLimitsAndParams(3u, DefaultParams(proc_),
7340 true /* ipv6_reachable */,
7341 true /* check_ipv6_on_wifi */);
7342 set_allow_fallback_to_systemtask(false);
7343 ChangeDnsConfig(CreateValidDnsConfig());
7344
7345 ResolveHostResponseHelper response0(resolver_->CreateRequest(
7346 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7347 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7348 EXPECT_EQ(2u, num_running_dispatcher_jobs());
7349 ResolveHostResponseHelper response1(resolver_->CreateRequest(
7350 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
7351 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7352 resolve_context_->host_cache()));
7353 EXPECT_EQ(3u, num_running_dispatcher_jobs());
7354
7355 // Request 0's transactions should complete, starting Request 1's second
7356 // transaction, which should also complete.
7357 base::RunLoop().RunUntilIdle();
7358 EXPECT_EQ(1u, num_running_dispatcher_jobs());
7359 EXPECT_TRUE(response0.complete());
7360 EXPECT_FALSE(response1.complete());
7361
7362 dns_client_->CompleteDelayedTransactions();
7363 EXPECT_THAT(response1.result_error(), IsOk());
7364 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
7365 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
7366 CreateExpected("::1", 80)));
7367 EXPECT_THAT(
7368 response1.request()->GetEndpointResults(),
7369 testing::Pointee(testing::ElementsAre(
7370 ExpectEndpointResult(testing::UnorderedElementsAre(
7371 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
7372 }
7373
7374 // Tests the case that a Job with a single transaction receives an empty address
7375 // list, triggering fallback to HostResolverSystemTask.
TEST_F(HostResolverManagerDnsTest,IPv4EmptyFallback)7376 TEST_F(HostResolverManagerDnsTest, IPv4EmptyFallback) {
7377 // Disable ipv6 to ensure we'll only try a single transaction for the host.
7378 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
7379 false /* ipv6_reachable */,
7380 true /* check_ipv6_on_wifi */);
7381 DnsConfig config = CreateValidDnsConfig();
7382 config.use_local_ipv6 = false;
7383 ChangeDnsConfig(config);
7384
7385 proc_->AddRuleForAllFamilies("empty_fallback", "192.168.0.1",
7386 HOST_RESOLVER_DEFAULT_FAMILY_SET_DUE_TO_NO_IPV6);
7387 proc_->SignalMultiple(1u);
7388
7389 ResolveHostResponseHelper response(resolver_->CreateRequest(
7390 HostPortPair("empty_fallback", 80), NetworkAnonymizationKey(),
7391 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7392 resolve_context_->host_cache()));
7393 EXPECT_THAT(response.result_error(), IsOk());
7394 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
7395 testing::ElementsAre(CreateExpected("192.168.0.1", 80)));
7396 EXPECT_THAT(response.request()->GetEndpointResults(),
7397 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7398 testing::ElementsAre(CreateExpected("192.168.0.1", 80))))));
7399 }
7400
7401 // Tests the case that a Job with two transactions receives two empty address
7402 // lists, triggering fallback to HostResolverSystemTask.
TEST_F(HostResolverManagerDnsTest,UnspecEmptyFallback)7403 TEST_F(HostResolverManagerDnsTest, UnspecEmptyFallback) {
7404 ChangeDnsConfig(CreateValidDnsConfig());
7405 proc_->AddRuleForAllFamilies("empty_fallback", "192.168.0.1");
7406 proc_->SignalMultiple(1u);
7407
7408 ResolveHostResponseHelper response(resolver_->CreateRequest(
7409 HostPortPair("empty_fallback", 80), NetworkAnonymizationKey(),
7410 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7411 resolve_context_->host_cache()));
7412
7413 EXPECT_THAT(response.result_error(), IsOk());
7414 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
7415 testing::ElementsAre(CreateExpected("192.168.0.1", 80)));
7416 EXPECT_THAT(response.request()->GetEndpointResults(),
7417 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7418 testing::ElementsAre(CreateExpected("192.168.0.1", 80))))));
7419 }
7420
7421 // Tests getting a new invalid DnsConfig while there are active DnsTasks.
TEST_F(HostResolverManagerDnsTest,InvalidDnsConfigWithPendingRequests)7422 TEST_F(HostResolverManagerDnsTest, InvalidDnsConfigWithPendingRequests) {
7423 // At most 3 jobs active at once. This number is important, since we want
7424 // to make sure that aborting the first HostResolverManager::Job does not
7425 // trigger another DnsTransaction on the second Job when it releases its
7426 // second prioritized dispatcher slot.
7427 CreateResolverWithLimitsAndParams(3u, DefaultParams(proc_),
7428 true /* ipv6_reachable */,
7429 true /* check_ipv6_on_wifi */);
7430
7431 ChangeDnsConfig(CreateValidDnsConfig());
7432
7433 proc_->AddRuleForAllFamilies("slow_nx1", "192.168.0.1");
7434 proc_->AddRuleForAllFamilies("slow_nx2", "192.168.0.2");
7435 proc_->AddRuleForAllFamilies("ok", "192.168.0.3");
7436
7437 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
7438 // First active job gets two slots.
7439 responses.emplace_back(
7440 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7441 HostPortPair("slow_nx1", 80), NetworkAnonymizationKey(),
7442 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7443 resolve_context_->host_cache())));
7444 // Next job gets one slot, and waits on another.
7445 responses.emplace_back(
7446 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7447 HostPortPair("slow_nx2", 80), NetworkAnonymizationKey(),
7448 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7449 resolve_context_->host_cache())));
7450 responses.emplace_back(
7451 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7452 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7453 absl::nullopt, resolve_context_.get(),
7454 resolve_context_->host_cache())));
7455
7456 EXPECT_EQ(3u, num_running_dispatcher_jobs());
7457 for (auto& response : responses) {
7458 EXPECT_FALSE(response->complete());
7459 }
7460
7461 // Clear DNS config. Fully in-progress, partially in-progress, and queued
7462 // requests should all be aborted.
7463 InvalidateDnsConfig();
7464 for (auto& response : responses) {
7465 EXPECT_THAT(response->result_error(), IsError(ERR_NETWORK_CHANGED));
7466 }
7467 }
7468
7469 // Test that initial DNS config read signals do not abort pending requests
7470 // when using DnsClient.
TEST_F(HostResolverManagerDnsTest,DontAbortOnInitialDNSConfigRead)7471 TEST_F(HostResolverManagerDnsTest, DontAbortOnInitialDNSConfigRead) {
7472 // DnsClient is enabled, but there's no DnsConfig, so the request should start
7473 // using HostResolverSystemTask.
7474 ResolveHostResponseHelper response(resolver_->CreateRequest(
7475 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
7476 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7477 EXPECT_FALSE(response.complete());
7478
7479 EXPECT_TRUE(proc_->WaitFor(1u));
7480 // Send the initial config read signal, with a valid config.
7481 SetInitialDnsConfig(CreateValidDnsConfig());
7482 proc_->SignalAll();
7483
7484 EXPECT_THAT(response.result_error(), IsOk());
7485 }
7486
7487 // Tests the case that the insecure part of the DnsClient is automatically
7488 // disabled due to failures while there are active DnsTasks.
TEST_F(HostResolverManagerDnsTest,AutomaticallyDisableInsecureDnsClientWithPendingRequests)7489 TEST_F(HostResolverManagerDnsTest,
7490 AutomaticallyDisableInsecureDnsClientWithPendingRequests) {
7491 // Trying different limits is important for this test: Different limits
7492 // result in different behavior when aborting in-progress DnsTasks. Having
7493 // a DnsTask that has one job active and one in the queue when another job
7494 // occupying two slots has its DnsTask aborted is the case most likely to run
7495 // into problems. Try limits between [1, 2 * # of non failure requests].
7496 for (size_t limit = 1u; limit < 10u; ++limit) {
7497 CreateResolverWithLimitsAndParams(limit, DefaultParams(proc_),
7498 true /* ipv6_reachable */,
7499 true /* check_ipv6_on_wifi */);
7500
7501 // Set the resolver in automatic-secure mode.
7502 net::DnsConfig config = CreateValidDnsConfig();
7503 config.secure_dns_mode = SecureDnsMode::kAutomatic;
7504 ChangeDnsConfig(config);
7505
7506 // Start with request parameters that disable Secure DNS.
7507 HostResolver::ResolveHostParameters parameters;
7508 parameters.secure_dns_policy = SecureDnsPolicy::kDisable;
7509
7510 // Queue up enough failures to disable insecure DnsTasks. These will all
7511 // fall back to HostResolverSystemTasks, and succeed there.
7512 std::vector<std::unique_ptr<ResolveHostResponseHelper>> failure_responses;
7513 for (unsigned i = 0u; i < maximum_insecure_dns_task_failures(); ++i) {
7514 std::string host = base::StringPrintf("nx%u", i);
7515 proc_->AddRuleForAllFamilies(host, "192.168.0.1");
7516 failure_responses.emplace_back(
7517 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7518 HostPortPair(host, 80), NetworkAnonymizationKey(),
7519 NetLogWithSource(), parameters, resolve_context_.get(),
7520 resolve_context_->host_cache())));
7521 EXPECT_FALSE(failure_responses[i]->complete());
7522 }
7523
7524 // These requests should all bypass insecure DnsTasks, due to the above
7525 // failures, so should end up using HostResolverSystemTasks.
7526 proc_->AddRuleForAllFamilies("slow_ok1", "192.168.0.2");
7527 ResolveHostResponseHelper response0(resolver_->CreateRequest(
7528 HostPortPair("slow_ok1", 80), NetworkAnonymizationKey(),
7529 NetLogWithSource(), parameters, resolve_context_.get(),
7530 resolve_context_->host_cache()));
7531 EXPECT_FALSE(response0.complete());
7532 proc_->AddRuleForAllFamilies("slow_ok2", "192.168.0.3");
7533 ResolveHostResponseHelper response1(resolver_->CreateRequest(
7534 HostPortPair("slow_ok2", 80), NetworkAnonymizationKey(),
7535 NetLogWithSource(), parameters, resolve_context_.get(),
7536 resolve_context_->host_cache()));
7537 EXPECT_FALSE(response1.complete());
7538 proc_->AddRuleForAllFamilies("slow_ok3", "192.168.0.4");
7539 ResolveHostResponseHelper response2(resolver_->CreateRequest(
7540 HostPortPair("slow_ok3", 80), NetworkAnonymizationKey(),
7541 NetLogWithSource(), parameters, resolve_context_.get(),
7542 resolve_context_->host_cache()));
7543 EXPECT_FALSE(response2.complete());
7544
7545 // Requests specifying DNS source cannot fallback to HostResolverSystemTask,
7546 // so they should be unaffected.
7547 parameters.source = HostResolverSource::DNS;
7548 ResolveHostResponseHelper response_dns(resolver_->CreateRequest(
7549 HostPortPair("6slow_ok", 80), NetworkAnonymizationKey(),
7550 NetLogWithSource(), parameters, resolve_context_.get(),
7551 resolve_context_->host_cache()));
7552 EXPECT_FALSE(response_dns.complete());
7553
7554 // Requests specifying SYSTEM source should be unaffected by disabling
7555 // DnsClient.
7556 proc_->AddRuleForAllFamilies("nx_ok", "192.168.0.5");
7557 parameters.source = HostResolverSource::SYSTEM;
7558 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
7559 HostPortPair("nx_ok", 80), NetworkAnonymizationKey(),
7560 NetLogWithSource(), parameters, resolve_context_.get(),
7561 resolve_context_->host_cache()));
7562 EXPECT_FALSE(response_system.complete());
7563
7564 // Secure DnsTasks should not be affected.
7565 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
7566 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
7567 NetLogWithSource(), /* optional_parameters=*/absl::nullopt,
7568 resolve_context_.get(), resolve_context_->host_cache()));
7569 EXPECT_FALSE(response_secure.complete());
7570
7571 proc_->SignalMultiple(maximum_insecure_dns_task_failures() + 4);
7572
7573 for (size_t i = 0u; i < maximum_insecure_dns_task_failures(); ++i) {
7574 EXPECT_THAT(failure_responses[i]->result_error(), IsOk());
7575 EXPECT_THAT(
7576 failure_responses[i]->request()->GetAddressResults()->endpoints(),
7577 testing::ElementsAre(CreateExpected("192.168.0.1", 80)));
7578 EXPECT_THAT(
7579 failure_responses[i]->request()->GetEndpointResults(),
7580 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7581 testing::ElementsAre(CreateExpected("192.168.0.1", 80))))));
7582 }
7583
7584 EXPECT_THAT(response0.result_error(), IsOk());
7585 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
7586 testing::ElementsAre(CreateExpected("192.168.0.2", 80)));
7587 EXPECT_THAT(response0.request()->GetEndpointResults(),
7588 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7589 testing::ElementsAre(CreateExpected("192.168.0.2", 80))))));
7590 EXPECT_THAT(response1.result_error(), IsOk());
7591 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
7592 testing::ElementsAre(CreateExpected("192.168.0.3", 80)));
7593 EXPECT_THAT(response1.request()->GetEndpointResults(),
7594 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7595 testing::ElementsAre(CreateExpected("192.168.0.3", 80))))));
7596 EXPECT_THAT(response2.result_error(), IsOk());
7597 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
7598 testing::ElementsAre(CreateExpected("192.168.0.4", 80)));
7599 EXPECT_THAT(response2.request()->GetEndpointResults(),
7600 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7601 testing::ElementsAre(CreateExpected("192.168.0.4", 80))))));
7602
7603 dns_client_->CompleteDelayedTransactions();
7604 EXPECT_THAT(response_dns.result_error(), IsOk());
7605
7606 EXPECT_THAT(response_system.result_error(), IsOk());
7607 EXPECT_THAT(response_system.request()->GetAddressResults()->endpoints(),
7608 testing::ElementsAre(CreateExpected("192.168.0.5", 80)));
7609 EXPECT_THAT(response_system.request()->GetEndpointResults(),
7610 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7611 testing::ElementsAre(CreateExpected("192.168.0.5", 80))))));
7612
7613 EXPECT_THAT(response_secure.result_error(), IsOk());
7614 }
7615 }
7616
7617 // Tests a call to SetDnsClient while there are active DnsTasks.
TEST_F(HostResolverManagerDnsTest,ManuallyDisableDnsClientWithPendingRequests)7618 TEST_F(HostResolverManagerDnsTest,
7619 ManuallyDisableDnsClientWithPendingRequests) {
7620 // At most 3 jobs active at once. This number is important, since we want to
7621 // make sure that aborting the first HostResolverManager::Job does not trigger
7622 // another DnsTransaction on the second Job when it releases its second
7623 // prioritized dispatcher slot.
7624 CreateResolverWithLimitsAndParams(3u, DefaultParams(proc_),
7625 true /* ipv6_reachable */,
7626 true /* check_ipv6_on_wifi */);
7627
7628 ChangeDnsConfig(CreateValidDnsConfig());
7629
7630 proc_->AddRuleForAllFamilies("slow_ok1", "192.168.0.1");
7631 proc_->AddRuleForAllFamilies("slow_ok2", "192.168.0.2");
7632 proc_->AddRuleForAllFamilies("ok", "192.168.0.3");
7633
7634 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
7635 // First active job gets two slots.
7636 responses.emplace_back(
7637 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7638 HostPortPair("slow_ok1", 80), NetworkAnonymizationKey(),
7639 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7640 resolve_context_->host_cache())));
7641 EXPECT_FALSE(responses[0]->complete());
7642 // Next job gets one slot, and waits on another.
7643 responses.emplace_back(
7644 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7645 HostPortPair("slow_ok2", 80), NetworkAnonymizationKey(),
7646 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7647 resolve_context_->host_cache())));
7648 EXPECT_FALSE(responses[1]->complete());
7649 // Next one is queued.
7650 responses.emplace_back(
7651 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7652 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7653 absl::nullopt, resolve_context_.get(),
7654 resolve_context_->host_cache())));
7655 EXPECT_FALSE(responses[2]->complete());
7656
7657 EXPECT_EQ(3u, num_running_dispatcher_jobs());
7658
7659 // Clear DnsClient. The two in-progress jobs should fall back to a
7660 // HostResolverSystemTask, and the next one should be started with a
7661 // HostResolverSystemTask.
7662 resolver_->SetInsecureDnsClientEnabled(
7663 /*enabled=*/false,
7664 /*additional_dns_types_enabled=*/false);
7665
7666 // All three in-progress requests should now be running a
7667 // HostResolverSystemTask.
7668 EXPECT_EQ(3u, num_running_dispatcher_jobs());
7669 proc_->SignalMultiple(3u);
7670
7671 for (auto& response : responses) {
7672 EXPECT_THAT(response->result_error(), IsOk());
7673 }
7674 EXPECT_THAT(responses[0]->request()->GetAddressResults()->endpoints(),
7675 testing::ElementsAre(CreateExpected("192.168.0.1", 80)));
7676 EXPECT_THAT(responses[0]->request()->GetEndpointResults(),
7677 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7678 testing::ElementsAre(CreateExpected("192.168.0.1", 80))))));
7679 EXPECT_THAT(responses[1]->request()->GetAddressResults()->endpoints(),
7680 testing::ElementsAre(CreateExpected("192.168.0.2", 80)));
7681 EXPECT_THAT(responses[1]->request()->GetEndpointResults(),
7682 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7683 testing::ElementsAre(CreateExpected("192.168.0.2", 80))))));
7684 EXPECT_THAT(responses[2]->request()->GetAddressResults()->endpoints(),
7685 testing::ElementsAre(CreateExpected("192.168.0.3", 80)));
7686 EXPECT_THAT(responses[2]->request()->GetEndpointResults(),
7687 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7688 testing::ElementsAre(CreateExpected("192.168.0.3", 80))))));
7689 }
7690
7691 // When explicitly requesting source=DNS, no fallback allowed, so doing so with
7692 // DnsClient disabled should result in an error.
TEST_F(HostResolverManagerDnsTest,DnsCallsWithDisabledDnsClient)7693 TEST_F(HostResolverManagerDnsTest, DnsCallsWithDisabledDnsClient) {
7694 ChangeDnsConfig(CreateValidDnsConfig());
7695 resolver_->SetInsecureDnsClientEnabled(
7696 /*enabled=*/false,
7697 /*additional_dns_types_enabled=*/false);
7698
7699 HostResolver::ResolveHostParameters params;
7700 params.source = HostResolverSource::DNS;
7701 ResolveHostResponseHelper response(resolver_->CreateRequest(
7702 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7703 params, resolve_context_.get(), resolve_context_->host_cache()));
7704
7705 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
7706 }
7707
TEST_F(HostResolverManagerDnsTest,DnsCallsWithDisabledDnsClient_DisabledAtConstruction)7708 TEST_F(HostResolverManagerDnsTest,
7709 DnsCallsWithDisabledDnsClient_DisabledAtConstruction) {
7710 HostResolver::ManagerOptions options = DefaultOptions();
7711 options.insecure_dns_client_enabled = false;
7712 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
7713 true /* ipv6_reachable */);
7714 ChangeDnsConfig(CreateValidDnsConfig());
7715
7716 HostResolver::ResolveHostParameters params;
7717 params.source = HostResolverSource::DNS;
7718 ResolveHostResponseHelper response(resolver_->CreateRequest(
7719 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7720 params, resolve_context_.get(), resolve_context_->host_cache()));
7721
7722 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
7723 }
7724
7725 // Same as DnsClient disabled, requests with source=DNS and no usable DnsConfig
7726 // should result in an error.
TEST_F(HostResolverManagerDnsTest,DnsCallsWithNoDnsConfig)7727 TEST_F(HostResolverManagerDnsTest, DnsCallsWithNoDnsConfig) {
7728 InvalidateDnsConfig();
7729
7730 HostResolver::ResolveHostParameters params;
7731 params.source = HostResolverSource::DNS;
7732 ResolveHostResponseHelper response(resolver_->CreateRequest(
7733 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7734 params, resolve_context_.get(), resolve_context_->host_cache()));
7735
7736 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
7737 }
7738
TEST_F(HostResolverManagerDnsTest,NoCheckIpv6OnWifi)7739 TEST_F(HostResolverManagerDnsTest, NoCheckIpv6OnWifi) {
7740 // CreateSerialResolver will destroy the current resolver_ which will attempt
7741 // to remove itself from the NetworkChangeNotifier. If this happens after a
7742 // new NetworkChangeNotifier is active, then it will not remove itself from
7743 // the old NetworkChangeNotifier which is a potential use-after-free.
7744 DestroyResolver();
7745 test::ScopedMockNetworkChangeNotifier notifier;
7746 // Serial resolver to guarantee order of resolutions.
7747 CreateSerialResolver(false /* check_ipv6_on_wifi */);
7748
7749 notifier.mock_network_change_notifier()->SetConnectionType(
7750 NetworkChangeNotifier::CONNECTION_WIFI);
7751 // Needed so IPv6 availability check isn't skipped.
7752 ChangeDnsConfig(CreateValidDnsConfig());
7753
7754 proc_->AddRule("h1", ADDRESS_FAMILY_UNSPECIFIED, "::3");
7755 proc_->AddRule("h1", ADDRESS_FAMILY_IPV4, "1.0.0.1");
7756 proc_->AddRule("h1", ADDRESS_FAMILY_IPV4, "1.0.0.1",
7757 HOST_RESOLVER_DEFAULT_FAMILY_SET_DUE_TO_NO_IPV6);
7758 proc_->AddRule("h1", ADDRESS_FAMILY_IPV6, "::2");
7759
7760 ResolveHostResponseHelper response(resolver_->CreateRequest(
7761 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7762 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7763 HostResolver::ResolveHostParameters parameters;
7764 parameters.dns_query_type = DnsQueryType::A;
7765 ResolveHostResponseHelper v4_response(resolver_->CreateRequest(
7766 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7767 parameters, resolve_context_.get(), resolve_context_->host_cache()));
7768 parameters.dns_query_type = DnsQueryType::AAAA;
7769 ResolveHostResponseHelper v6_response(resolver_->CreateRequest(
7770 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7771 parameters, resolve_context_.get(), resolve_context_->host_cache()));
7772
7773 proc_->SignalMultiple(3u);
7774
7775 // Should revert to only IPV4 request.
7776 EXPECT_THAT(response.result_error(), IsOk());
7777 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
7778 testing::ElementsAre(CreateExpected("1.0.0.1", 80)));
7779 EXPECT_THAT(response.request()->GetEndpointResults(),
7780 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7781 testing::ElementsAre(CreateExpected("1.0.0.1", 80))))));
7782
7783 EXPECT_THAT(v4_response.result_error(), IsOk());
7784 EXPECT_THAT(v4_response.request()->GetAddressResults()->endpoints(),
7785 testing::ElementsAre(CreateExpected("1.0.0.1", 80)));
7786 EXPECT_THAT(v4_response.request()->GetEndpointResults(),
7787 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7788 testing::ElementsAre(CreateExpected("1.0.0.1", 80))))));
7789 EXPECT_THAT(v6_response.result_error(), IsOk());
7790 EXPECT_THAT(v6_response.request()->GetAddressResults()->endpoints(),
7791 testing::ElementsAre(CreateExpected("::2", 80)));
7792 EXPECT_THAT(v6_response.request()->GetEndpointResults(),
7793 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7794 testing::ElementsAre(CreateExpected("::2", 80))))));
7795
7796 // Now repeat the test on non-wifi to check that IPv6 is used as normal
7797 // after the network changes.
7798 notifier.mock_network_change_notifier()->SetConnectionType(
7799 NetworkChangeNotifier::CONNECTION_4G);
7800 base::RunLoop().RunUntilIdle(); // Wait for NetworkChangeNotifier.
7801
7802 ResolveHostResponseHelper no_wifi_response(resolver_->CreateRequest(
7803 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7804 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7805 parameters.dns_query_type = DnsQueryType::A;
7806 ResolveHostResponseHelper no_wifi_v4_response(resolver_->CreateRequest(
7807 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7808 parameters, resolve_context_.get(), resolve_context_->host_cache()));
7809 parameters.dns_query_type = DnsQueryType::AAAA;
7810 ResolveHostResponseHelper no_wifi_v6_response(resolver_->CreateRequest(
7811 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7812 parameters, resolve_context_.get(), resolve_context_->host_cache()));
7813
7814 proc_->SignalMultiple(3u);
7815
7816 // IPV6 should be available.
7817 EXPECT_THAT(no_wifi_response.result_error(), IsOk());
7818 EXPECT_THAT(no_wifi_response.request()->GetAddressResults()->endpoints(),
7819 testing::ElementsAre(CreateExpected("::3", 80)));
7820 EXPECT_THAT(no_wifi_response.request()->GetEndpointResults(),
7821 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7822 testing::ElementsAre(CreateExpected("::3", 80))))));
7823
7824 EXPECT_THAT(no_wifi_v4_response.result_error(), IsOk());
7825 EXPECT_THAT(no_wifi_v4_response.request()->GetAddressResults()->endpoints(),
7826 testing::ElementsAre(CreateExpected("1.0.0.1", 80)));
7827 EXPECT_THAT(no_wifi_v4_response.request()->GetEndpointResults(),
7828 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7829 testing::ElementsAre(CreateExpected("1.0.0.1", 80))))));
7830 EXPECT_THAT(no_wifi_v6_response.result_error(), IsOk());
7831 EXPECT_THAT(no_wifi_v6_response.request()->GetAddressResults()->endpoints(),
7832 testing::ElementsAre(CreateExpected("::2", 80)));
7833 EXPECT_THAT(no_wifi_v6_response.request()->GetEndpointResults(),
7834 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7835 testing::ElementsAre(CreateExpected("::2", 80))))));
7836 }
7837
TEST_F(HostResolverManagerDnsTest,NotFoundTTL)7838 TEST_F(HostResolverManagerDnsTest, NotFoundTTL) {
7839 CreateResolver();
7840 set_allow_fallback_to_systemtask(false);
7841 ChangeDnsConfig(CreateValidDnsConfig());
7842
7843 // NODATA
7844 ResolveHostResponseHelper no_data_response(resolver_->CreateRequest(
7845 HostPortPair("empty", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7846 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
7847 EXPECT_THAT(no_data_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7848 EXPECT_THAT(no_data_response.request()->GetAddressResults(),
7849 AnyOf(nullptr, Pointee(IsEmpty())));
7850 EXPECT_THAT(no_data_response.request()->GetEndpointResults(),
7851 AnyOf(nullptr, Pointee(IsEmpty())));
7852 HostCache::Key key("empty", DnsQueryType::UNSPECIFIED, 0,
7853 HostResolverSource::ANY, NetworkAnonymizationKey());
7854 HostCache::EntryStaleness staleness;
7855 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
7856 resolve_context_->host_cache()->Lookup(key, base::TimeTicks::Now(),
7857 false /* ignore_secure */);
7858 EXPECT_TRUE(!!cache_result);
7859 EXPECT_TRUE(cache_result->second.has_ttl());
7860 EXPECT_THAT(cache_result->second.ttl(), base::Seconds(86400));
7861
7862 // NXDOMAIN
7863 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
7864 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7865 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7866 resolve_context_->host_cache()));
7867 EXPECT_THAT(no_domain_response.result_error(),
7868 IsError(ERR_NAME_NOT_RESOLVED));
7869 EXPECT_THAT(no_domain_response.request()->GetAddressResults(),
7870 AnyOf(nullptr, Pointee(IsEmpty())));
7871 EXPECT_THAT(no_domain_response.request()->GetEndpointResults(),
7872 AnyOf(nullptr, Pointee(IsEmpty())));
7873 HostCache::Key nxkey("nodomain", DnsQueryType::UNSPECIFIED, 0,
7874 HostResolverSource::ANY, NetworkAnonymizationKey());
7875 cache_result = resolve_context_->host_cache()->Lookup(
7876 nxkey, base::TimeTicks::Now(), false /* ignore_secure */);
7877 EXPECT_TRUE(!!cache_result);
7878 EXPECT_TRUE(cache_result->second.has_ttl());
7879 EXPECT_THAT(cache_result->second.ttl(), base::Seconds(86400));
7880 }
7881
TEST_F(HostResolverManagerDnsTest,CachedError)7882 TEST_F(HostResolverManagerDnsTest, CachedError) {
7883 proc_->AddRuleForAllFamilies(std::string(),
7884 "0.0.0.1"); // Default to failures.
7885 proc_->SignalMultiple(1u);
7886
7887 CreateResolver();
7888 set_allow_fallback_to_systemtask(true);
7889 ChangeDnsConfig(CreateValidDnsConfig());
7890
7891 HostResolver::ResolveHostParameters cache_only_parameters;
7892 cache_only_parameters.source = HostResolverSource::LOCAL_ONLY;
7893
7894 // Expect cache initially empty.
7895 ResolveHostResponseHelper cache_miss_response0(resolver_->CreateRequest(
7896 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7897 NetLogWithSource(), cache_only_parameters, resolve_context_.get(),
7898 resolve_context_->host_cache()));
7899 EXPECT_THAT(cache_miss_response0.result_error(), IsError(ERR_DNS_CACHE_MISS));
7900 EXPECT_FALSE(cache_miss_response0.request()->GetStaleInfo());
7901
7902 // The cache should not be populate with an error because fallback to
7903 // HostResolverSystemTask was available.
7904 ResolveHostResponseHelper no_domain_response_with_fallback(
7905 resolver_->CreateRequest(HostPortPair("nodomain", 80),
7906 NetworkAnonymizationKey(), NetLogWithSource(),
7907 absl::nullopt, resolve_context_.get(),
7908 resolve_context_->host_cache()));
7909 EXPECT_THAT(no_domain_response_with_fallback.result_error(),
7910 IsError(ERR_NAME_NOT_RESOLVED));
7911
7912 // Expect cache still empty.
7913 ResolveHostResponseHelper cache_miss_response1(resolver_->CreateRequest(
7914 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7915 NetLogWithSource(), cache_only_parameters, resolve_context_.get(),
7916 resolve_context_->host_cache()));
7917 EXPECT_THAT(cache_miss_response1.result_error(), IsError(ERR_DNS_CACHE_MISS));
7918 EXPECT_FALSE(cache_miss_response1.request()->GetStaleInfo());
7919
7920 // Disable fallback to systemtask
7921 set_allow_fallback_to_systemtask(false);
7922
7923 // Populate cache with an error.
7924 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
7925 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7926 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7927 resolve_context_->host_cache()));
7928 EXPECT_THAT(no_domain_response.result_error(),
7929 IsError(ERR_NAME_NOT_RESOLVED));
7930
7931 // Expect the error result can be resolved from the cache.
7932 ResolveHostResponseHelper cache_hit_response(resolver_->CreateRequest(
7933 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7934 NetLogWithSource(), cache_only_parameters, resolve_context_.get(),
7935 resolve_context_->host_cache()));
7936 EXPECT_THAT(cache_hit_response.result_error(),
7937 IsError(ERR_NAME_NOT_RESOLVED));
7938 EXPECT_FALSE(cache_hit_response.request()->GetStaleInfo().value().is_stale());
7939 }
7940
TEST_F(HostResolverManagerDnsTest,CachedError_AutomaticMode)7941 TEST_F(HostResolverManagerDnsTest, CachedError_AutomaticMode) {
7942 CreateResolver();
7943 set_allow_fallback_to_systemtask(false);
7944 ChangeDnsConfig(CreateValidDnsConfig());
7945
7946 // Switch to automatic mode.
7947 DnsConfigOverrides overrides;
7948 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
7949 resolver_->SetDnsConfigOverrides(overrides);
7950
7951 HostCache::Key insecure_key =
7952 HostCache::Key("automatic_nodomain", DnsQueryType::UNSPECIFIED,
7953 0 /* host_resolver_flags */, HostResolverSource::ANY,
7954 NetworkAnonymizationKey());
7955 HostCache::Key secure_key =
7956 HostCache::Key("automatic_nodomain", DnsQueryType::UNSPECIFIED,
7957 0 /* host_resolver_flags */, HostResolverSource::ANY,
7958 NetworkAnonymizationKey());
7959 secure_key.secure = true;
7960
7961 // Expect cache initially empty.
7962 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
7963 cache_result = GetCacheHit(secure_key);
7964 EXPECT_FALSE(!!cache_result);
7965 cache_result = GetCacheHit(insecure_key);
7966 EXPECT_FALSE(!!cache_result);
7967
7968 // Populate both secure and insecure caches with an error.
7969 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
7970 HostPortPair("automatic_nodomain", 80), NetworkAnonymizationKey(),
7971 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
7972 resolve_context_->host_cache()));
7973 EXPECT_THAT(no_domain_response.result_error(),
7974 IsError(ERR_NAME_NOT_RESOLVED));
7975
7976 // Expect both secure and insecure caches to have the error result.
7977 cache_result = GetCacheHit(secure_key);
7978 EXPECT_TRUE(!!cache_result);
7979 cache_result = GetCacheHit(insecure_key);
7980 EXPECT_TRUE(!!cache_result);
7981 }
7982
TEST_F(HostResolverManagerDnsTest,CachedError_SecureMode)7983 TEST_F(HostResolverManagerDnsTest, CachedError_SecureMode) {
7984 CreateResolver();
7985 set_allow_fallback_to_systemtask(false);
7986 ChangeDnsConfig(CreateValidDnsConfig());
7987
7988 // Switch to secure mode.
7989 DnsConfigOverrides overrides;
7990 overrides.secure_dns_mode = SecureDnsMode::kSecure;
7991 resolver_->SetDnsConfigOverrides(overrides);
7992
7993 HostCache::Key insecure_key =
7994 HostCache::Key("automatic_nodomain", DnsQueryType::UNSPECIFIED,
7995 0 /* host_resolver_flags */, HostResolverSource::ANY,
7996 NetworkAnonymizationKey());
7997 HostCache::Key secure_key =
7998 HostCache::Key("automatic_nodomain", DnsQueryType::UNSPECIFIED,
7999 0 /* host_resolver_flags */, HostResolverSource::ANY,
8000 NetworkAnonymizationKey());
8001 secure_key.secure = true;
8002
8003 // Expect cache initially empty.
8004 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
8005 cache_result = GetCacheHit(secure_key);
8006 EXPECT_FALSE(!!cache_result);
8007 cache_result = GetCacheHit(insecure_key);
8008 EXPECT_FALSE(!!cache_result);
8009
8010 // Populate secure cache with an error.
8011 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
8012 HostPortPair("automatic_nodomain", 80), NetworkAnonymizationKey(),
8013 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
8014 resolve_context_->host_cache()));
8015 EXPECT_THAT(no_domain_response.result_error(),
8016 IsError(ERR_NAME_NOT_RESOLVED));
8017
8018 // Expect only the secure cache to have the error result.
8019 cache_result = GetCacheHit(secure_key);
8020 EXPECT_TRUE(!!cache_result);
8021 cache_result = GetCacheHit(insecure_key);
8022 EXPECT_FALSE(!!cache_result);
8023 }
8024
8025 // Test that if one of A and AAAA completes successfully and the other fails,
8026 // the failure is not cached.
TEST_F(HostResolverManagerDnsTest,TtlNotSharedBetweenQtypes)8027 TEST_F(HostResolverManagerDnsTest, TtlNotSharedBetweenQtypes) {
8028 CreateResolver();
8029 set_allow_fallback_to_systemtask(false);
8030 ChangeDnsConfig(CreateValidDnsConfig());
8031
8032 ResolveHostResponseHelper response(resolver_->CreateRequest(
8033 HostPortPair("4slow_4timeout", 80), NetworkAnonymizationKey(),
8034 NetLogWithSource(), absl::nullopt /* optional_parameters */,
8035 resolve_context_.get(), resolve_context_->host_cache()));
8036
8037 // Ensure success completes before the timeout result.
8038 base::RunLoop().RunUntilIdle();
8039 EXPECT_FALSE(response.complete());
8040
8041 dns_client_->CompleteDelayedTransactions();
8042 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
8043
8044 // Expect failure not cached.
8045 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
8046 }
8047
TEST_F(HostResolverManagerDnsTest,CanonicalName)8048 TEST_F(HostResolverManagerDnsTest, CanonicalName) {
8049 MockDnsClientRuleList rules;
8050 AddDnsRule(&rules, "alias", dns_protocol::kTypeA, IPAddress::IPv4Localhost(),
8051 "canonical", false /* delay */);
8052 AddDnsRule(&rules, "alias", dns_protocol::kTypeAAAA,
8053 IPAddress::IPv6Localhost(), "canonical", false /* delay */);
8054
8055 CreateResolver();
8056 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8057 set_allow_fallback_to_systemtask(false);
8058
8059 HostResolver::ResolveHostParameters params;
8060 params.source = HostResolverSource::DNS;
8061 ResolveHostResponseHelper response(resolver_->CreateRequest(
8062 HostPortPair("alias", 80), NetworkAnonymizationKey(), NetLogWithSource(),
8063 params, resolve_context_.get(), resolve_context_->host_cache()));
8064 ASSERT_THAT(response.result_error(), IsOk());
8065
8066 EXPECT_THAT(
8067 response.request()->GetDnsAliasResults(),
8068 testing::Pointee(testing::UnorderedElementsAre("canonical", "alias")));
8069 }
8070
TEST_F(HostResolverManagerDnsTest,CanonicalName_PreferV6)8071 TEST_F(HostResolverManagerDnsTest, CanonicalName_PreferV6) {
8072 MockDnsClientRuleList rules;
8073 AddDnsRule(&rules, "alias", dns_protocol::kTypeA, IPAddress::IPv4Localhost(),
8074 "wrong", false /* delay */);
8075 AddDnsRule(&rules, "alias", dns_protocol::kTypeAAAA,
8076 IPAddress::IPv6Localhost(), "correct", true /* delay */);
8077
8078 CreateResolver();
8079 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8080 set_allow_fallback_to_systemtask(false);
8081
8082 HostResolver::ResolveHostParameters params;
8083 params.source = HostResolverSource::DNS;
8084 ResolveHostResponseHelper response(resolver_->CreateRequest(
8085 HostPortPair("alias", 80), NetworkAnonymizationKey(), NetLogWithSource(),
8086 params, resolve_context_.get(), resolve_context_->host_cache()));
8087 ASSERT_FALSE(response.complete());
8088 base::RunLoop().RunUntilIdle();
8089 dns_client_->CompleteDelayedTransactions();
8090 ASSERT_THAT(response.result_error(), IsOk());
8091
8092 // GetDnsAliasResults() includes all aliases from all families.
8093 EXPECT_THAT(response.request()->GetDnsAliasResults(),
8094 testing::Pointee(
8095 testing::UnorderedElementsAre("correct", "alias", "wrong")));
8096 }
8097
TEST_F(HostResolverManagerDnsTest,CanonicalName_V4Only)8098 TEST_F(HostResolverManagerDnsTest, CanonicalName_V4Only) {
8099 MockDnsClientRuleList rules;
8100 AddDnsRule(&rules, "alias", dns_protocol::kTypeA, IPAddress::IPv4Localhost(),
8101 "correct", false /* delay */);
8102 CreateResolver();
8103 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8104 set_allow_fallback_to_systemtask(false);
8105
8106 HostResolver::ResolveHostParameters params;
8107 params.dns_query_type = DnsQueryType::A;
8108 params.source = HostResolverSource::DNS;
8109 ResolveHostResponseHelper response(resolver_->CreateRequest(
8110 HostPortPair("alias", 80), NetworkAnonymizationKey(), NetLogWithSource(),
8111 params, resolve_context_.get(), resolve_context_->host_cache()));
8112 ASSERT_THAT(response.result_error(), IsOk());
8113 EXPECT_THAT(
8114 response.request()->GetDnsAliasResults(),
8115 testing::Pointee(testing::UnorderedElementsAre("correct", "alias")));
8116 }
8117
8118 // Test that responses containing CNAME records but no address results are fine
8119 // and treated as normal NODATA responses.
TEST_F(HostResolverManagerDnsTest,CanonicalNameWithoutResults)8120 TEST_F(HostResolverManagerDnsTest, CanonicalNameWithoutResults) {
8121 MockDnsClientRuleList rules;
8122
8123 DnsResponse a_response =
8124 BuildTestDnsResponse("a.test", dns_protocol::kTypeA,
8125 {BuildTestCnameRecord("c.test", "d.test"),
8126 BuildTestCnameRecord("b.test", "c.test"),
8127 BuildTestCnameRecord("a.test", "b.test")});
8128 AddDnsRule(&rules, "a.test", dns_protocol::kTypeA, std::move(a_response),
8129 /*delay=*/false);
8130
8131 DnsResponse aaaa_response =
8132 BuildTestDnsResponse("a.test", dns_protocol::kTypeAAAA,
8133 {BuildTestCnameRecord("c.test", "d.test"),
8134 BuildTestCnameRecord("b.test", "c.test"),
8135 BuildTestCnameRecord("a.test", "b.test")});
8136 AddDnsRule(&rules, "a.test", dns_protocol::kTypeAAAA,
8137 std::move(aaaa_response), /*delay=*/false);
8138
8139 CreateResolver();
8140 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8141 set_allow_fallback_to_systemtask(false);
8142
8143 ResolveHostResponseHelper response(resolver_->CreateRequest(
8144 HostPortPair("a.test", 80), NetworkAnonymizationKey(), NetLogWithSource(),
8145 /*optional_parameters=*/absl::nullopt, resolve_context_.get(),
8146 resolve_context_->host_cache()));
8147
8148 ASSERT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
8149 EXPECT_FALSE(response.request()->GetDnsAliasResults());
8150
8151 // Underlying error should be the typical no-results error
8152 // (ERR_NAME_NOT_RESOLVED), not anything more exotic like
8153 // ERR_DNS_MALFORMED_RESPONSE.
8154 EXPECT_EQ(response.request()->GetResolveErrorInfo().error,
8155 ERR_NAME_NOT_RESOLVED);
8156 }
8157
8158 // Test that if the response for one address family contains CNAME records but
8159 // no address results, it doesn't interfere with the other address family
8160 // receiving address results (as would happen if such a response were
8161 // incorrectly treated as a malformed response error).
TEST_F(HostResolverManagerDnsTest,CanonicalNameWithResultsForOnlyOneFamily)8162 TEST_F(HostResolverManagerDnsTest, CanonicalNameWithResultsForOnlyOneFamily) {
8163 MockDnsClientRuleList rules;
8164
8165 DnsResponse a_response =
8166 BuildTestDnsResponse("a.test", dns_protocol::kTypeA,
8167 {BuildTestCnameRecord("c.test", "d.test"),
8168 BuildTestCnameRecord("b.test", "c.test"),
8169 BuildTestCnameRecord("a.test", "b.test")});
8170 AddDnsRule(&rules, "a.test", dns_protocol::kTypeA, std::move(a_response),
8171 /*delay=*/false);
8172
8173 DnsResponse aaaa_response = BuildTestDnsResponse(
8174 "a.test", dns_protocol::kTypeAAAA,
8175 {BuildTestAddressRecord("d.test", IPAddress::IPv6Localhost()),
8176 BuildTestCnameRecord("c.test", "d.test"),
8177 BuildTestCnameRecord("b.test", "c.test"),
8178 BuildTestCnameRecord("a.test", "b.test")});
8179 AddDnsRule(&rules, "a.test", dns_protocol::kTypeAAAA,
8180 std::move(aaaa_response), /*delay=*/false);
8181
8182 CreateResolver();
8183 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8184
8185 ResolveHostResponseHelper response(resolver_->CreateRequest(
8186 HostPortPair("a.test", 80), NetworkAnonymizationKey(), NetLogWithSource(),
8187 /*optional_parameters=*/absl::nullopt, resolve_context_.get(),
8188 resolve_context_->host_cache()));
8189
8190 ASSERT_THAT(response.result_error(), IsOk());
8191
8192 ASSERT_TRUE(response.request()->GetAddressResults());
8193 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
8194 testing::ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 80)));
8195 EXPECT_THAT(
8196 response.request()->GetEndpointResults(),
8197 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
8198 testing::ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 80))))));
8199 }
8200
8201 // Test that without specifying source, a request that would otherwise be
8202 // handled by DNS is sent to the system resolver if cannonname is requested.
TEST_F(HostResolverManagerDnsTest,CanonicalNameForcesProc)8203 TEST_F(HostResolverManagerDnsTest, CanonicalNameForcesProc) {
8204 // Disable fallback to ensure system resolver is used directly, not via
8205 // fallback.
8206 set_allow_fallback_to_systemtask(false);
8207
8208 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102",
8209 HOST_RESOLVER_CANONNAME, "canonical");
8210 proc_->SignalMultiple(1u);
8211
8212 ChangeDnsConfig(CreateValidDnsConfig());
8213
8214 HostResolver::ResolveHostParameters params;
8215 params.include_canonical_name = true;
8216 ResolveHostResponseHelper response(resolver_->CreateRequest(
8217 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
8218 NetLogWithSource(), params, resolve_context_.get(),
8219 resolve_context_->host_cache()));
8220 ASSERT_THAT(response.result_error(), IsOk());
8221
8222 EXPECT_THAT(response.request()->GetDnsAliasResults(),
8223 testing::Pointee(testing::UnorderedElementsAre("canonical")));
8224 }
8225
TEST_F(HostResolverManagerDnsTest,DnsAliases)8226 TEST_F(HostResolverManagerDnsTest, DnsAliases) {
8227 MockDnsClientRuleList rules;
8228
8229 DnsResponse expected_A_response = BuildTestDnsResponse(
8230 "first.test", dns_protocol::kTypeA,
8231 {BuildTestAddressRecord("fourth.test", IPAddress::IPv4Localhost()),
8232 BuildTestCnameRecord("third.test", "fourth.test"),
8233 BuildTestCnameRecord("second.test", "third.test"),
8234 BuildTestCnameRecord("first.test", "second.test")});
8235
8236 AddDnsRule(&rules, "first.test", dns_protocol::kTypeA,
8237 std::move(expected_A_response), false /* delay */);
8238
8239 DnsResponse expected_AAAA_response = BuildTestDnsResponse(
8240 "first.test", dns_protocol::kTypeAAAA,
8241 {BuildTestAddressRecord("fourth.test", IPAddress::IPv6Localhost()),
8242 BuildTestCnameRecord("third.test", "fourth.test"),
8243 BuildTestCnameRecord("second.test", "third.test"),
8244 BuildTestCnameRecord("first.test", "second.test")});
8245
8246 AddDnsRule(&rules, "first.test", dns_protocol::kTypeAAAA,
8247 std::move(expected_AAAA_response), false /* delay */);
8248
8249 CreateResolver();
8250 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8251 set_allow_fallback_to_systemtask(false);
8252 HostResolver::ResolveHostParameters params;
8253 params.source = HostResolverSource::DNS;
8254
8255 ResolveHostResponseHelper response(resolver_->CreateRequest(
8256 HostPortPair("first.test", 80), NetworkAnonymizationKey(),
8257 NetLogWithSource(), params, resolve_context_.get(),
8258 resolve_context_->host_cache()));
8259
8260 ASSERT_THAT(response.result_error(), IsOk());
8261 ASSERT_TRUE(response.request()->GetAddressResults());
8262 EXPECT_THAT(response.request()->GetAddressResults()->dns_aliases(),
8263 testing::UnorderedElementsAre("fourth.test", "third.test",
8264 "second.test", "first.test"));
8265
8266 EXPECT_THAT(response.request()->GetDnsAliasResults(),
8267 testing::Pointee(testing::UnorderedElementsAre(
8268 "fourth.test", "third.test", "second.test", "first.test")));
8269 }
8270
TEST_F(HostResolverManagerDnsTest,DnsAliasesAreFixedUp)8271 TEST_F(HostResolverManagerDnsTest, DnsAliasesAreFixedUp) {
8272 MockDnsClientRuleList rules;
8273
8274 // Need to manually encode non-URL-canonical names because DNSDomainFromDot()
8275 // requires URL-canonical names.
8276 constexpr char kNonCanonicalName[] = "\005HOST2\004test\000";
8277
8278 DnsResponse expected_A_response = BuildTestDnsResponse(
8279 "host.test", dns_protocol::kTypeA,
8280 {BuildTestAddressRecord("host2.test", IPAddress::IPv4Localhost()),
8281 BuildTestDnsRecord(
8282 "host.test", dns_protocol::kTypeCNAME,
8283 std::string(kNonCanonicalName, sizeof(kNonCanonicalName) - 1))});
8284
8285 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA,
8286 std::move(expected_A_response), false /* delay */);
8287
8288 DnsResponse expected_AAAA_response = BuildTestDnsResponse(
8289 "host.test", dns_protocol::kTypeAAAA,
8290 {BuildTestAddressRecord("host2.test", IPAddress::IPv6Localhost()),
8291 BuildTestDnsRecord(
8292 "host.test", dns_protocol::kTypeCNAME,
8293 std::string(kNonCanonicalName, sizeof(kNonCanonicalName) - 1))});
8294
8295 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
8296 std::move(expected_AAAA_response), false /* delay */);
8297
8298 CreateResolver();
8299 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8300 set_allow_fallback_to_systemtask(false);
8301 HostResolver::ResolveHostParameters params;
8302 params.source = HostResolverSource::DNS;
8303
8304 ResolveHostResponseHelper response(resolver_->CreateRequest(
8305 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
8306 NetLogWithSource(), params, resolve_context_.get(),
8307 resolve_context_->host_cache()));
8308
8309 ASSERT_THAT(response.result_error(), IsOk());
8310 ASSERT_TRUE(response.request()->GetAddressResults());
8311 EXPECT_THAT(response.request()->GetAddressResults()->dns_aliases(),
8312 testing::UnorderedElementsAre("host2.test", "host.test"));
8313 EXPECT_THAT(response.request()->GetDnsAliasResults(),
8314 testing::Pointee(
8315 testing::UnorderedElementsAre("host2.test", "host.test")));
8316 }
8317
TEST_F(HostResolverManagerDnsTest,RejectsLocalhostAlias)8318 TEST_F(HostResolverManagerDnsTest, RejectsLocalhostAlias) {
8319 MockDnsClientRuleList rules;
8320
8321 DnsResponse expected_A_response = BuildTestDnsResponse(
8322 "host.test", dns_protocol::kTypeA,
8323 {BuildTestAddressRecord("localhost", IPAddress::IPv4Localhost()),
8324 BuildTestCnameRecord("host.test", "localhost")});
8325
8326 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA,
8327 std::move(expected_A_response), false /* delay */);
8328
8329 DnsResponse expected_AAAA_response = BuildTestDnsResponse(
8330 "host.test", dns_protocol::kTypeAAAA,
8331 {BuildTestAddressRecord("localhost", IPAddress::IPv6Localhost()),
8332 BuildTestCnameRecord("host.test", "localhost")});
8333
8334 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
8335 std::move(expected_AAAA_response), false /* delay */);
8336
8337 CreateResolver();
8338 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8339 set_allow_fallback_to_systemtask(false);
8340 HostResolver::ResolveHostParameters params;
8341 params.source = HostResolverSource::DNS;
8342
8343 ResolveHostResponseHelper response(resolver_->CreateRequest(
8344 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
8345 NetLogWithSource(), params, resolve_context_.get(),
8346 resolve_context_->host_cache()));
8347
8348 ASSERT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
8349 }
8350
TEST_F(HostResolverManagerDnsTest,NoAdditionalDnsAliases)8351 TEST_F(HostResolverManagerDnsTest, NoAdditionalDnsAliases) {
8352 MockDnsClientRuleList rules;
8353
8354 AddDnsRule(&rules, "first.test", dns_protocol::kTypeA,
8355 IPAddress::IPv4Localhost(), false /* delay */);
8356
8357 AddDnsRule(&rules, "first.test", dns_protocol::kTypeAAAA,
8358 IPAddress::IPv6Localhost(), false /* delay */);
8359
8360 CreateResolver();
8361 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8362 set_allow_fallback_to_systemtask(false);
8363 HostResolver::ResolveHostParameters params;
8364 params.source = HostResolverSource::DNS;
8365
8366 ResolveHostResponseHelper response(resolver_->CreateRequest(
8367 HostPortPair("first.test", 80), NetworkAnonymizationKey(),
8368 NetLogWithSource(), params, resolve_context_.get(),
8369 resolve_context_->host_cache()));
8370
8371 ASSERT_THAT(response.result_error(), IsOk());
8372 ASSERT_TRUE(response.request()->GetAddressResults());
8373 EXPECT_THAT(response.request()->GetAddressResults()->dns_aliases(),
8374 testing::ElementsAre("first.test"));
8375 EXPECT_THAT(response.request()->GetDnsAliasResults(),
8376 testing::Pointee(testing::UnorderedElementsAre("first.test")));
8377 }
8378
TEST_F(HostResolverManagerTest,ResolveLocalHostname)8379 TEST_F(HostResolverManagerTest, ResolveLocalHostname) {
8380 std::vector<IPEndPoint> addresses;
8381
8382 TestBothLoopbackIPs("localhost");
8383 TestBothLoopbackIPs("localhoST");
8384 TestBothLoopbackIPs("localhost.");
8385 TestBothLoopbackIPs("localhoST.");
8386 TestBothLoopbackIPs("foo.localhost");
8387 TestBothLoopbackIPs("foo.localhOSt");
8388 TestBothLoopbackIPs("foo.localhost.");
8389 TestBothLoopbackIPs("foo.localhOSt.");
8390
8391 // Legacy localhost names.
8392 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomain", &addresses));
8393 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomAIn", &addresses));
8394 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomain.", &addresses));
8395 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomAIn.", &addresses));
8396 EXPECT_FALSE(ResolveLocalHostname("localhost6", &addresses));
8397 EXPECT_FALSE(ResolveLocalHostname("localhoST6", &addresses));
8398 EXPECT_FALSE(ResolveLocalHostname("localhost6.", &addresses));
8399 EXPECT_FALSE(ResolveLocalHostname("localhost6.localdomain6", &addresses));
8400 EXPECT_FALSE(ResolveLocalHostname("localhost6.localdomain6.", &addresses));
8401
8402 EXPECT_FALSE(ResolveLocalHostname("127.0.0.1", &addresses));
8403 EXPECT_FALSE(ResolveLocalHostname("::1", &addresses));
8404 EXPECT_FALSE(ResolveLocalHostname("0:0:0:0:0:0:0:1", &addresses));
8405 EXPECT_FALSE(ResolveLocalHostname("localhostx", &addresses));
8406 EXPECT_FALSE(ResolveLocalHostname("localhost.x", &addresses));
8407 EXPECT_FALSE(ResolveLocalHostname("foo.localdomain", &addresses));
8408 EXPECT_FALSE(ResolveLocalHostname("foo.localdomain.x", &addresses));
8409 EXPECT_FALSE(ResolveLocalHostname("localhost6x", &addresses));
8410 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomain6", &addresses));
8411 EXPECT_FALSE(ResolveLocalHostname("localhost6.localdomain", &addresses));
8412 EXPECT_FALSE(ResolveLocalHostname("127.0.0.1.1", &addresses));
8413 EXPECT_FALSE(ResolveLocalHostname(".127.0.0.255", &addresses));
8414 EXPECT_FALSE(ResolveLocalHostname("::2", &addresses));
8415 EXPECT_FALSE(ResolveLocalHostname("::1:1", &addresses));
8416 EXPECT_FALSE(ResolveLocalHostname("0:0:0:0:1:0:0:1", &addresses));
8417 EXPECT_FALSE(ResolveLocalHostname("::1:1", &addresses));
8418 EXPECT_FALSE(ResolveLocalHostname("0:0:0:0:0:0:0:0:1", &addresses));
8419 EXPECT_FALSE(ResolveLocalHostname("foo.localhost.com", &addresses));
8420 EXPECT_FALSE(ResolveLocalHostname("foo.localhoste", &addresses));
8421 }
8422
TEST_F(HostResolverManagerDnsTest,AddDnsOverHttpsServerAfterConfig)8423 TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerAfterConfig) {
8424 DestroyResolver();
8425 test::ScopedMockNetworkChangeNotifier notifier;
8426 CreateSerialResolver(); // To guarantee order of resolutions.
8427 notifier.mock_network_change_notifier()->SetConnectionType(
8428 NetworkChangeNotifier::CONNECTION_WIFI);
8429 ChangeDnsConfig(CreateValidDnsConfig());
8430
8431 std::string server("https://dnsserver.example.net/dns-query{?dns}");
8432 DnsConfigOverrides overrides;
8433 overrides.dns_over_https_config = *DnsOverHttpsConfig::FromString(server);
8434 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
8435 resolver_->SetDnsConfigOverrides(overrides);
8436 const auto* config = dns_client_->GetEffectiveConfig();
8437 ASSERT_TRUE(config);
8438 EXPECT_EQ(overrides.dns_over_https_config, config->doh_config);
8439 EXPECT_EQ(SecureDnsMode::kAutomatic, config->secure_dns_mode);
8440 }
8441
TEST_F(HostResolverManagerDnsTest,AddDnsOverHttpsServerBeforeConfig)8442 TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerBeforeConfig) {
8443 DestroyResolver();
8444 test::ScopedMockNetworkChangeNotifier notifier;
8445 CreateSerialResolver(); // To guarantee order of resolutions.
8446 std::string server("https://dnsserver.example.net/dns-query{?dns}");
8447 DnsConfigOverrides overrides;
8448 overrides.dns_over_https_config = *DnsOverHttpsConfig::FromString(server);
8449 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
8450 resolver_->SetDnsConfigOverrides(overrides);
8451
8452 notifier.mock_network_change_notifier()->SetConnectionType(
8453 NetworkChangeNotifier::CONNECTION_WIFI);
8454 ChangeDnsConfig(CreateValidDnsConfig());
8455
8456 const auto* config = dns_client_->GetEffectiveConfig();
8457 ASSERT_TRUE(config);
8458 EXPECT_EQ(overrides.dns_over_https_config, config->doh_config);
8459 EXPECT_EQ(SecureDnsMode::kAutomatic, config->secure_dns_mode);
8460 }
8461
TEST_F(HostResolverManagerDnsTest,AddDnsOverHttpsServerBeforeClient)8462 TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerBeforeClient) {
8463 DestroyResolver();
8464 test::ScopedMockNetworkChangeNotifier notifier;
8465 CreateSerialResolver(); // To guarantee order of resolutions.
8466 std::string server("https://dnsserver.example.net/dns-query{?dns}");
8467 DnsConfigOverrides overrides;
8468 overrides.dns_over_https_config = *DnsOverHttpsConfig::FromString(server);
8469 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
8470 resolver_->SetDnsConfigOverrides(overrides);
8471
8472 notifier.mock_network_change_notifier()->SetConnectionType(
8473 NetworkChangeNotifier::CONNECTION_WIFI);
8474 ChangeDnsConfig(CreateValidDnsConfig());
8475
8476 const auto* config = dns_client_->GetEffectiveConfig();
8477 ASSERT_TRUE(config);
8478 EXPECT_EQ(overrides.dns_over_https_config, config->doh_config);
8479 EXPECT_EQ(SecureDnsMode::kAutomatic, config->secure_dns_mode);
8480 }
8481
TEST_F(HostResolverManagerDnsTest,AddDnsOverHttpsServerAndThenRemove)8482 TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerAndThenRemove) {
8483 DestroyResolver();
8484 test::ScopedMockNetworkChangeNotifier notifier;
8485 CreateSerialResolver(); // To guarantee order of resolutions.
8486 std::string server("https://dns.example.com/");
8487 DnsConfigOverrides overrides;
8488 overrides.dns_over_https_config = *DnsOverHttpsConfig::FromString(server);
8489 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
8490 resolver_->SetDnsConfigOverrides(overrides);
8491
8492 notifier.mock_network_change_notifier()->SetConnectionType(
8493 NetworkChangeNotifier::CONNECTION_WIFI);
8494 DnsConfig network_dns_config = CreateValidDnsConfig();
8495 network_dns_config.doh_config = {};
8496 ChangeDnsConfig(network_dns_config);
8497
8498 const auto* config = dns_client_->GetEffectiveConfig();
8499 ASSERT_TRUE(config);
8500 EXPECT_EQ(overrides.dns_over_https_config, config->doh_config);
8501 EXPECT_EQ(SecureDnsMode::kAutomatic, config->secure_dns_mode);
8502
8503 resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
8504 config = dns_client_->GetEffectiveConfig();
8505 ASSERT_TRUE(config);
8506 EXPECT_EQ(0u, config->doh_config.servers().size());
8507 EXPECT_EQ(SecureDnsMode::kOff, config->secure_dns_mode);
8508 }
8509
8510 // Basic test socket factory that allows creation of UDP sockets, but those
8511 // sockets are mocks with no data and are not expected to be usable.
8512 class AlwaysFailSocketFactory : public MockClientSocketFactory {
8513 public:
CreateDatagramClientSocket(DatagramSocket::BindType bind_type,NetLog * net_log,const NetLogSource & source)8514 std::unique_ptr<DatagramClientSocket> CreateDatagramClientSocket(
8515 DatagramSocket::BindType bind_type,
8516 NetLog* net_log,
8517 const NetLogSource& source) override {
8518 return std::make_unique<MockUDPClientSocket>();
8519 }
8520 };
8521
8522 class TestDnsObserver : public NetworkChangeNotifier::DNSObserver {
8523 public:
OnDNSChanged()8524 void OnDNSChanged() override { ++dns_changed_calls_; }
8525
dns_changed_calls() const8526 int dns_changed_calls() const { return dns_changed_calls_; }
8527
8528 private:
8529 int dns_changed_calls_ = 0;
8530 };
8531
8532 // Built-in client and config overrides not available on iOS.
8533 #if !BUILDFLAG(IS_IOS)
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides)8534 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides) {
8535 test::ScopedMockNetworkChangeNotifier mock_network_change_notifier;
8536 TestDnsObserver config_observer;
8537 NetworkChangeNotifier::AddDNSObserver(&config_observer);
8538
8539 // Use a real DnsClient to test config-handling behavior.
8540 AlwaysFailSocketFactory socket_factory;
8541 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8542 DnsClient* client_ptr = client.get();
8543 resolver_->SetDnsClientForTesting(std::move(client));
8544
8545 DnsConfig original_config = CreateValidDnsConfig();
8546 original_config.hosts = {
8547 {DnsHostsKey("host", ADDRESS_FAMILY_IPV4), IPAddress(192, 168, 1, 1)}};
8548 ChangeDnsConfig(original_config);
8549
8550 // Confirm pre-override state.
8551 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8552
8553 DnsConfigOverrides overrides;
8554 const std::vector<IPEndPoint> nameservers = {
8555 CreateExpected("192.168.0.1", 92)};
8556 overrides.nameservers = nameservers;
8557 overrides.dns_over_tls_active = true;
8558 const std::string dns_over_tls_hostname = "dns.example.com";
8559 overrides.dns_over_tls_hostname = dns_over_tls_hostname;
8560 const std::vector<std::string> search = {"str"};
8561 overrides.search = search;
8562 overrides.append_to_multi_label_name = false;
8563 const int ndots = 5;
8564 overrides.ndots = ndots;
8565 const base::TimeDelta fallback_period = base::Seconds(10);
8566 overrides.fallback_period = fallback_period;
8567 const int attempts = 20;
8568 overrides.attempts = attempts;
8569 const int doh_attempts = 19;
8570 overrides.doh_attempts = doh_attempts;
8571 overrides.rotate = true;
8572 overrides.use_local_ipv6 = true;
8573 auto doh_config = *DnsOverHttpsConfig::FromString("https://dns.example.com/");
8574 overrides.dns_over_https_config = doh_config;
8575 const SecureDnsMode secure_dns_mode = SecureDnsMode::kSecure;
8576 overrides.secure_dns_mode = secure_dns_mode;
8577 overrides.allow_dns_over_https_upgrade = true;
8578 overrides.clear_hosts = true;
8579
8580 // This test is expected to test overriding all fields.
8581 EXPECT_TRUE(overrides.OverridesEverything());
8582
8583 EXPECT_EQ(0, config_observer.dns_changed_calls());
8584
8585 resolver_->SetDnsConfigOverrides(overrides);
8586
8587 const DnsConfig* overridden_config = client_ptr->GetEffectiveConfig();
8588 ASSERT_TRUE(overridden_config);
8589 EXPECT_EQ(nameservers, overridden_config->nameservers);
8590 EXPECT_TRUE(overridden_config->dns_over_tls_active);
8591 EXPECT_EQ(dns_over_tls_hostname, overridden_config->dns_over_tls_hostname);
8592 EXPECT_EQ(search, overridden_config->search);
8593 EXPECT_FALSE(overridden_config->append_to_multi_label_name);
8594 EXPECT_EQ(ndots, overridden_config->ndots);
8595 EXPECT_EQ(fallback_period, overridden_config->fallback_period);
8596 EXPECT_EQ(attempts, overridden_config->attempts);
8597 EXPECT_EQ(doh_attempts, overridden_config->doh_attempts);
8598 EXPECT_TRUE(overridden_config->rotate);
8599 EXPECT_TRUE(overridden_config->use_local_ipv6);
8600 EXPECT_EQ(doh_config, overridden_config->doh_config);
8601 EXPECT_EQ(secure_dns_mode, overridden_config->secure_dns_mode);
8602 EXPECT_TRUE(overridden_config->allow_dns_over_https_upgrade);
8603 EXPECT_THAT(overridden_config->hosts, testing::IsEmpty());
8604
8605 base::RunLoop().RunUntilIdle(); // Notifications are async.
8606 EXPECT_EQ(1, config_observer.dns_changed_calls());
8607
8608 NetworkChangeNotifier::RemoveDNSObserver(&config_observer);
8609 }
8610
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_OverrideEverythingCreation)8611 TEST_F(HostResolverManagerDnsTest,
8612 SetDnsConfigOverrides_OverrideEverythingCreation) {
8613 // Use a real DnsClient to test config-handling behavior.
8614 AlwaysFailSocketFactory socket_factory;
8615 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8616 DnsClient* client_ptr = client.get();
8617 resolver_->SetDnsClientForTesting(std::move(client));
8618
8619 DnsConfig original_config = CreateValidDnsConfig();
8620 ChangeDnsConfig(original_config);
8621
8622 // Confirm pre-override state.
8623 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8624 ASSERT_FALSE(original_config.Equals(DnsConfig()));
8625
8626 DnsConfigOverrides overrides =
8627 DnsConfigOverrides::CreateOverridingEverythingWithDefaults();
8628 EXPECT_TRUE(overrides.OverridesEverything());
8629
8630 // Ensure config is valid by setting a nameserver.
8631 std::vector<IPEndPoint> nameservers = {CreateExpected("1.2.3.4", 50)};
8632 overrides.nameservers = nameservers;
8633 EXPECT_TRUE(overrides.OverridesEverything());
8634
8635 resolver_->SetDnsConfigOverrides(overrides);
8636
8637 DnsConfig expected;
8638 expected.nameservers = nameservers;
8639 EXPECT_THAT(client_ptr->GetEffectiveConfig(), testing::Pointee(expected));
8640 }
8641
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_PartialOverride)8642 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides_PartialOverride) {
8643 // Use a real DnsClient to test config-handling behavior.
8644 AlwaysFailSocketFactory socket_factory;
8645 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8646 DnsClient* client_ptr = client.get();
8647 resolver_->SetDnsClientForTesting(std::move(client));
8648
8649 DnsConfig original_config = CreateValidDnsConfig();
8650 ChangeDnsConfig(original_config);
8651
8652 // Confirm pre-override state.
8653 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8654
8655 DnsConfigOverrides overrides;
8656 const std::vector<IPEndPoint> nameservers = {
8657 CreateExpected("192.168.0.2", 192)};
8658 overrides.nameservers = nameservers;
8659 overrides.rotate = true;
8660 EXPECT_FALSE(overrides.OverridesEverything());
8661
8662 resolver_->SetDnsConfigOverrides(overrides);
8663
8664 const DnsConfig* overridden_config = client_ptr->GetEffectiveConfig();
8665 ASSERT_TRUE(overridden_config);
8666 EXPECT_EQ(nameservers, overridden_config->nameservers);
8667 EXPECT_EQ(original_config.search, overridden_config->search);
8668 EXPECT_EQ(original_config.hosts, overridden_config->hosts);
8669 EXPECT_TRUE(overridden_config->append_to_multi_label_name);
8670 EXPECT_EQ(original_config.ndots, overridden_config->ndots);
8671 EXPECT_EQ(original_config.fallback_period,
8672 overridden_config->fallback_period);
8673 EXPECT_EQ(original_config.attempts, overridden_config->attempts);
8674 EXPECT_TRUE(overridden_config->rotate);
8675 EXPECT_FALSE(overridden_config->use_local_ipv6);
8676 EXPECT_EQ(original_config.doh_config, overridden_config->doh_config);
8677 EXPECT_EQ(original_config.secure_dns_mode,
8678 overridden_config->secure_dns_mode);
8679 }
8680
8681 // Test that overridden configs are reapplied over a changed underlying system
8682 // config.
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_NewConfig)8683 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides_NewConfig) {
8684 // Use a real DnsClient to test config-handling behavior.
8685 AlwaysFailSocketFactory socket_factory;
8686 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8687 DnsClient* client_ptr = client.get();
8688 resolver_->SetDnsClientForTesting(std::move(client));
8689
8690 DnsConfig original_config = CreateValidDnsConfig();
8691 ChangeDnsConfig(original_config);
8692
8693 // Confirm pre-override state.
8694 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8695
8696 DnsConfigOverrides overrides;
8697 const std::vector<IPEndPoint> nameservers = {
8698 CreateExpected("192.168.0.2", 192)};
8699 overrides.nameservers = nameservers;
8700
8701 resolver_->SetDnsConfigOverrides(overrides);
8702 ASSERT_TRUE(client_ptr->GetEffectiveConfig());
8703 ASSERT_EQ(nameservers, client_ptr->GetEffectiveConfig()->nameservers);
8704
8705 DnsConfig new_config = original_config;
8706 new_config.attempts = 103;
8707 ASSERT_NE(nameservers, new_config.nameservers);
8708 ChangeDnsConfig(new_config);
8709
8710 const DnsConfig* overridden_config = client_ptr->GetEffectiveConfig();
8711 ASSERT_TRUE(overridden_config);
8712 EXPECT_EQ(nameservers, overridden_config->nameservers);
8713 EXPECT_EQ(new_config.attempts, overridden_config->attempts);
8714 }
8715
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_ClearOverrides)8716 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides_ClearOverrides) {
8717 // Use a real DnsClient to test config-handling behavior.
8718 AlwaysFailSocketFactory socket_factory;
8719 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8720 DnsClient* client_ptr = client.get();
8721 resolver_->SetDnsClientForTesting(std::move(client));
8722
8723 DnsConfig original_config = CreateValidDnsConfig();
8724 ChangeDnsConfig(original_config);
8725
8726 DnsConfigOverrides overrides;
8727 overrides.attempts = 245;
8728 resolver_->SetDnsConfigOverrides(overrides);
8729
8730 ASSERT_THAT(client_ptr->GetEffectiveConfig(),
8731 testing::Not(testing::Pointee(original_config)));
8732
8733 resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
8734 EXPECT_THAT(client_ptr->GetEffectiveConfig(),
8735 testing::Pointee(original_config));
8736 }
8737
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_NoChange)8738 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides_NoChange) {
8739 test::ScopedMockNetworkChangeNotifier mock_network_change_notifier;
8740 TestDnsObserver config_observer;
8741 NetworkChangeNotifier::AddDNSObserver(&config_observer);
8742
8743 // Use a real DnsClient to test config-handling behavior.
8744 AlwaysFailSocketFactory socket_factory;
8745 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8746 DnsClient* client_ptr = client.get();
8747 resolver_->SetDnsClientForTesting(std::move(client));
8748
8749 DnsConfig original_config = CreateValidDnsConfig();
8750 ChangeDnsConfig(original_config);
8751
8752 // Confirm pre-override state.
8753 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8754
8755 DnsConfigOverrides overrides;
8756 overrides.nameservers = original_config.nameservers;
8757
8758 EXPECT_EQ(0, config_observer.dns_changed_calls());
8759
8760 resolver_->SetDnsConfigOverrides(overrides);
8761 EXPECT_THAT(client_ptr->GetEffectiveConfig(),
8762 testing::Pointee(original_config));
8763
8764 base::RunLoop().RunUntilIdle(); // Notifications are async.
8765 EXPECT_EQ(0,
8766 config_observer.dns_changed_calls()); // No expected notification
8767
8768 NetworkChangeNotifier::RemoveDNSObserver(&config_observer);
8769 }
8770
8771 // No effect or notifications expected using partial overrides without a base
8772 // system config.
TEST_F(HostResolverManagerDnsTest,NoBaseConfig_PartialOverrides)8773 TEST_F(HostResolverManagerDnsTest, NoBaseConfig_PartialOverrides) {
8774 test::ScopedMockNetworkChangeNotifier mock_network_change_notifier;
8775 TestDnsObserver config_observer;
8776 NetworkChangeNotifier::AddDNSObserver(&config_observer);
8777
8778 // Use a real DnsClient to test config-handling behavior.
8779 AlwaysFailSocketFactory socket_factory;
8780 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8781 DnsClient* client_ptr = client.get();
8782 resolver_->SetDnsClientForTesting(std::move(client));
8783
8784 client_ptr->SetSystemConfig(absl::nullopt);
8785
8786 DnsConfigOverrides overrides;
8787 overrides.nameservers.emplace({CreateExpected("192.168.0.3", 193)});
8788 resolver_->SetDnsConfigOverrides(overrides);
8789 base::RunLoop().RunUntilIdle(); // Potential notifications are async.
8790
8791 EXPECT_FALSE(client_ptr->GetEffectiveConfig());
8792 EXPECT_EQ(0, config_observer.dns_changed_calls());
8793
8794 NetworkChangeNotifier::RemoveDNSObserver(&config_observer);
8795 }
8796
TEST_F(HostResolverManagerDnsTest,NoBaseConfig_OverridesEverything)8797 TEST_F(HostResolverManagerDnsTest, NoBaseConfig_OverridesEverything) {
8798 test::ScopedMockNetworkChangeNotifier mock_network_change_notifier;
8799 TestDnsObserver config_observer;
8800 NetworkChangeNotifier::AddDNSObserver(&config_observer);
8801
8802 // Use a real DnsClient to test config-handling behavior.
8803 AlwaysFailSocketFactory socket_factory;
8804 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8805 DnsClient* client_ptr = client.get();
8806 resolver_->SetDnsClientForTesting(std::move(client));
8807
8808 client_ptr->SetSystemConfig(absl::nullopt);
8809
8810 DnsConfigOverrides overrides =
8811 DnsConfigOverrides::CreateOverridingEverythingWithDefaults();
8812 const std::vector<IPEndPoint> nameservers = {
8813 CreateExpected("192.168.0.4", 194)};
8814 overrides.nameservers = nameservers;
8815 resolver_->SetDnsConfigOverrides(overrides);
8816 base::RunLoop().RunUntilIdle(); // Notifications are async.
8817
8818 DnsConfig expected;
8819 expected.nameservers = nameservers;
8820
8821 EXPECT_THAT(client_ptr->GetEffectiveConfig(), testing::Pointee(expected));
8822 EXPECT_EQ(1, config_observer.dns_changed_calls());
8823
8824 NetworkChangeNotifier::RemoveDNSObserver(&config_observer);
8825 }
8826
TEST_F(HostResolverManagerDnsTest,DohMapping)8827 TEST_F(HostResolverManagerDnsTest, DohMapping) {
8828 // Use a real DnsClient to test config-handling behavior.
8829 AlwaysFailSocketFactory socket_factory;
8830 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8831 DnsClient* client_ptr = client.get();
8832 resolver_->SetDnsClientForTesting(std::move(client));
8833
8834 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8835 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8836 // not associated with hardcoded DoH services.
8837 DnsConfig original_config = CreateUpgradableDnsConfig();
8838 ChangeDnsConfig(original_config);
8839
8840 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8841 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8842 auto expected_doh_config = *DnsOverHttpsConfig::FromTemplatesForTesting(
8843 {"https://chrome.cloudflare-dns.com/dns-query",
8844 "https://doh.cleanbrowsing.org/doh/family-filter{?dns}",
8845 "https://doh.cleanbrowsing.org/doh/security-filter{?dns}"});
8846 EXPECT_EQ(expected_doh_config, fetched_config->doh_config);
8847 }
8848
TEST_F(HostResolverManagerDnsTest,DohMappingDisabled)8849 TEST_F(HostResolverManagerDnsTest, DohMappingDisabled) {
8850 // Use a real DnsClient to test config-handling behavior.
8851 AlwaysFailSocketFactory socket_factory;
8852 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8853 DnsClient* client_ptr = client.get();
8854 resolver_->SetDnsClientForTesting(std::move(client));
8855
8856 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8857 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8858 // not associated with hardcoded DoH services.
8859 DnsConfig original_config = CreateUpgradableDnsConfig();
8860 original_config.allow_dns_over_https_upgrade = false;
8861 ChangeDnsConfig(original_config);
8862
8863 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8864 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8865 EXPECT_THAT(fetched_config->doh_config.servers(), IsEmpty());
8866 }
8867
TEST_F(HostResolverManagerDnsTest,DohMappingModeIneligibleForUpgrade)8868 TEST_F(HostResolverManagerDnsTest, DohMappingModeIneligibleForUpgrade) {
8869 // Use a real DnsClient to test config-handling behavior.
8870 AlwaysFailSocketFactory socket_factory;
8871 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8872 DnsClient* client_ptr = client.get();
8873 resolver_->SetDnsClientForTesting(std::move(client));
8874
8875 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8876 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8877 // not associated with hardcoded DoH services.
8878 DnsConfig original_config = CreateUpgradableDnsConfig();
8879 original_config.secure_dns_mode = SecureDnsMode::kSecure;
8880 ChangeDnsConfig(original_config);
8881
8882 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8883 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8884 EXPECT_THAT(fetched_config->doh_config.servers(), IsEmpty());
8885 }
8886
TEST_F(HostResolverManagerDnsTest,DohMappingUnhandledOptionsIneligibleForUpgrade)8887 TEST_F(HostResolverManagerDnsTest,
8888 DohMappingUnhandledOptionsIneligibleForUpgrade) {
8889 // Use a real DnsClient to test config-handling behavior.
8890 AlwaysFailSocketFactory socket_factory;
8891 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8892 DnsClient* client_ptr = client.get();
8893 resolver_->SetDnsClientForTesting(std::move(client));
8894
8895 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8896 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8897 // not associated with hardcoded DoH services.
8898 DnsConfig original_config = CreateUpgradableDnsConfig();
8899 original_config.unhandled_options = true;
8900 ChangeDnsConfig(original_config);
8901
8902 EXPECT_FALSE(client_ptr->GetEffectiveConfig());
8903 }
8904
TEST_F(HostResolverManagerDnsTest,DohMappingWithExclusion)8905 TEST_F(HostResolverManagerDnsTest, DohMappingWithExclusion) {
8906 // Use a real DnsClient to test config-handling behavior.
8907 AlwaysFailSocketFactory socket_factory;
8908 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8909 DnsClient* client_ptr = client.get();
8910 resolver_->SetDnsClientForTesting(std::move(client));
8911
8912 base::test::ScopedFeatureList feature_list;
8913 feature_list.InitWithFeatures(
8914 /*enabled_features=*/{}, /*disabled_features=*/{
8915 GetDohProviderEntryForTesting("CleanBrowsingSecure").feature,
8916 GetDohProviderEntryForTesting("Cloudflare").feature});
8917
8918 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8919 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8920 // not associated with hardcoded DoH services.
8921 DnsConfig original_config = CreateUpgradableDnsConfig();
8922 ChangeDnsConfig(original_config);
8923
8924 // A DoH upgrade should be attempted on the DNS servers in the config, but
8925 // only for permitted providers.
8926 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8927 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8928 auto expected_doh_config = *DnsOverHttpsConfig::FromString(
8929 "https://doh.cleanbrowsing.org/doh/family-filter{?dns}");
8930 EXPECT_EQ(expected_doh_config, fetched_config->doh_config);
8931 }
8932
TEST_F(HostResolverManagerDnsTest,DohMappingIgnoredIfTemplateSpecified)8933 TEST_F(HostResolverManagerDnsTest, DohMappingIgnoredIfTemplateSpecified) {
8934 // Use a real DnsClient to test config-handling behavior.
8935 AlwaysFailSocketFactory socket_factory;
8936 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8937 DnsClient* client_ptr = client.get();
8938 resolver_->SetDnsClientForTesting(std::move(client));
8939
8940 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8941 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8942 // not associated with hardcoded DoH services.
8943 DnsConfig original_config = CreateUpgradableDnsConfig();
8944 ChangeDnsConfig(original_config);
8945
8946 // If the overrides contains DoH servers, no DoH upgrade should be attempted.
8947 DnsConfigOverrides overrides;
8948 const auto dns_over_https_config_override =
8949 *DnsOverHttpsConfig::FromString("https://doh.server.override.com/");
8950 overrides.dns_over_https_config = dns_over_https_config_override;
8951 resolver_->SetDnsConfigOverrides(overrides);
8952 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8953 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8954 EXPECT_EQ(dns_over_https_config_override, fetched_config->doh_config);
8955 }
8956
TEST_F(HostResolverManagerDnsTest,DohMappingUnhandledOptionsAndTemplateSpecified)8957 TEST_F(HostResolverManagerDnsTest,
8958 DohMappingUnhandledOptionsAndTemplateSpecified) {
8959 // Use a real DnsClient to test config-handling behavior.
8960 AlwaysFailSocketFactory socket_factory;
8961 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8962 DnsClient* client_ptr = client.get();
8963 resolver_->SetDnsClientForTesting(std::move(client));
8964
8965 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8966 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8967 // not associated with hardcoded DoH services.
8968 DnsConfig original_config = CreateUpgradableDnsConfig();
8969 original_config.unhandled_options = true;
8970 ChangeDnsConfig(original_config);
8971
8972 // If the overrides contains DoH servers, no DoH upgrade should be attempted.
8973 DnsConfigOverrides overrides;
8974 const auto dns_over_https_config_override =
8975 *DnsOverHttpsConfig::FromString("https://doh.server.override.com/");
8976 overrides.dns_over_https_config = dns_over_https_config_override;
8977 resolver_->SetDnsConfigOverrides(overrides);
8978 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8979 EXPECT_TRUE(fetched_config->nameservers.empty());
8980 EXPECT_FALSE(client_ptr->CanUseInsecureDnsTransactions());
8981 EXPECT_EQ(dns_over_https_config_override, fetched_config->doh_config);
8982 EXPECT_TRUE(client_ptr->CanUseSecureDnsTransactions());
8983 }
8984
TEST_F(HostResolverManagerDnsTest,DohMappingWithAutomaticDot)8985 TEST_F(HostResolverManagerDnsTest, DohMappingWithAutomaticDot) {
8986 // Use a real DnsClient to test config-handling behavior.
8987 AlwaysFailSocketFactory socket_factory;
8988 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8989 DnsClient* client_ptr = client.get();
8990 resolver_->SetDnsClientForTesting(std::move(client));
8991
8992 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8993 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8994 // not associated with hardcoded DoH services.
8995 DnsConfig original_config = CreateUpgradableDnsConfig();
8996 original_config.dns_over_tls_active = true;
8997 ChangeDnsConfig(original_config);
8998
8999 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
9000 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
9001 auto expected_doh_config = *DnsOverHttpsConfig::FromTemplatesForTesting(
9002 {"https://chrome.cloudflare-dns.com/dns-query",
9003 "https://doh.cleanbrowsing.org/doh/family-filter{?dns}",
9004 "https://doh.cleanbrowsing.org/doh/security-filter{?dns}"});
9005 EXPECT_EQ(expected_doh_config, fetched_config->doh_config);
9006 }
9007
TEST_F(HostResolverManagerDnsTest,DohMappingWithStrictDot)9008 TEST_F(HostResolverManagerDnsTest, DohMappingWithStrictDot) {
9009 // Use a real DnsClient to test config-handling behavior.
9010 AlwaysFailSocketFactory socket_factory;
9011 auto client = DnsClient::CreateClient(nullptr /* net_log */);
9012 DnsClient* client_ptr = client.get();
9013 resolver_->SetDnsClientForTesting(std::move(client));
9014
9015 // Create a DnsConfig containing IP addresses associated with Cloudflare,
9016 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
9017 // not associated with hardcoded DoH services.
9018 DnsConfig original_config = CreateUpgradableDnsConfig();
9019 original_config.secure_dns_mode = SecureDnsMode::kAutomatic;
9020 original_config.dns_over_tls_active = true;
9021
9022 // Google DoT hostname
9023 original_config.dns_over_tls_hostname = "dns.google";
9024 ChangeDnsConfig(original_config);
9025 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
9026 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
9027 auto expected_doh_config =
9028 *DnsOverHttpsConfig::FromString("https://dns.google/dns-query{?dns}");
9029 EXPECT_EQ(expected_doh_config, fetched_config->doh_config);
9030 }
9031
9032 #endif // !BUILDFLAG(IS_IOS)
9033
TEST_F(HostResolverManagerDnsTest,FlushCacheOnDnsConfigOverridesChange)9034 TEST_F(HostResolverManagerDnsTest, FlushCacheOnDnsConfigOverridesChange) {
9035 ChangeDnsConfig(CreateValidDnsConfig());
9036
9037 HostResolver::ResolveHostParameters local_source_parameters;
9038 local_source_parameters.source = HostResolverSource::LOCAL_ONLY;
9039
9040 // Populate cache.
9041 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
9042 HostPortPair("ok", 70), NetworkAnonymizationKey(), NetLogWithSource(),
9043 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
9044 EXPECT_THAT(initial_response.result_error(), IsOk());
9045
9046 // Confirm result now cached.
9047 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
9048 HostPortPair("ok", 75), NetworkAnonymizationKey(), NetLogWithSource(),
9049 local_source_parameters, resolve_context_.get(),
9050 resolve_context_->host_cache()));
9051 ASSERT_THAT(cached_response.result_error(), IsOk());
9052 ASSERT_TRUE(cached_response.request()->GetStaleInfo());
9053
9054 // Flush cache by triggering a DnsConfigOverrides change.
9055 DnsConfigOverrides overrides;
9056 overrides.attempts = 4;
9057 resolver_->SetDnsConfigOverrides(overrides);
9058
9059 // Expect no longer cached
9060 ResolveHostResponseHelper flushed_response(resolver_->CreateRequest(
9061 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
9062 local_source_parameters, resolve_context_.get(),
9063 resolve_context_->host_cache()));
9064 EXPECT_THAT(flushed_response.result_error(), IsError(ERR_DNS_CACHE_MISS));
9065 }
9066
TEST_F(HostResolverManagerDnsTest,FlushContextSessionDataOnDnsConfigOverridesChange)9067 TEST_F(HostResolverManagerDnsTest,
9068 FlushContextSessionDataOnDnsConfigOverridesChange) {
9069 ChangeDnsConfig(CreateValidDnsConfig());
9070
9071 DnsSession* session_before = dns_client_->GetCurrentSession();
9072 resolve_context_->RecordServerSuccess(
9073 0u /* server_index */, true /* is_doh_server */, session_before);
9074 ASSERT_TRUE(resolve_context_->GetDohServerAvailability(0u, session_before));
9075
9076 // Flush data by triggering a DnsConfigOverrides change.
9077 DnsConfigOverrides overrides;
9078 overrides.attempts = 4;
9079 resolver_->SetDnsConfigOverrides(overrides);
9080
9081 DnsSession* session_after = dns_client_->GetCurrentSession();
9082 EXPECT_NE(session_before, session_after);
9083
9084 EXPECT_FALSE(resolve_context_->GetDohServerAvailability(0u, session_after));
9085
9086 // Confirm new session is in use.
9087 resolve_context_->RecordServerSuccess(
9088 0u /* server_index */, true /* is_doh_server */, session_after);
9089 EXPECT_TRUE(resolve_context_->GetDohServerAvailability(0u, session_after));
9090 }
9091
9092 // Test that even when using config overrides, a change to the base system
9093 // config cancels pending requests.
TEST_F(HostResolverManagerDnsTest,CancellationOnBaseConfigChange)9094 TEST_F(HostResolverManagerDnsTest, CancellationOnBaseConfigChange) {
9095 DnsConfig original_config = CreateValidDnsConfig();
9096 ChangeDnsConfig(original_config);
9097
9098 DnsConfigOverrides overrides;
9099 overrides.nameservers.emplace({CreateExpected("123.123.123.123", 80)});
9100 ASSERT_FALSE(overrides.OverridesEverything());
9101 resolver_->SetDnsConfigOverrides(overrides);
9102
9103 ResolveHostResponseHelper response(resolver_->CreateRequest(
9104 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
9105 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
9106 resolve_context_->host_cache()));
9107 ASSERT_FALSE(response.complete());
9108
9109 DnsConfig new_config = original_config;
9110 new_config.attempts = 103;
9111 ChangeDnsConfig(new_config);
9112
9113 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
9114 }
9115
9116 // Test that when all configuration is overridden, system configuration changes
9117 // do not cancel requests.
TEST_F(HostResolverManagerDnsTest,CancellationOnBaseConfigChange_OverridesEverything)9118 TEST_F(HostResolverManagerDnsTest,
9119 CancellationOnBaseConfigChange_OverridesEverything) {
9120 DnsConfig original_config = CreateValidDnsConfig();
9121 ChangeDnsConfig(original_config);
9122
9123 DnsConfigOverrides overrides =
9124 DnsConfigOverrides::CreateOverridingEverythingWithDefaults();
9125 overrides.nameservers.emplace({CreateExpected("123.123.123.123", 80)});
9126 ASSERT_TRUE(overrides.OverridesEverything());
9127 resolver_->SetDnsConfigOverrides(overrides);
9128
9129 ResolveHostResponseHelper response(resolver_->CreateRequest(
9130 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
9131 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
9132 resolve_context_->host_cache()));
9133 ASSERT_FALSE(response.complete());
9134
9135 DnsConfig new_config = original_config;
9136 new_config.attempts = 103;
9137 ChangeDnsConfig(new_config);
9138
9139 dns_client_->CompleteDelayedTransactions();
9140 EXPECT_THAT(response.result_error(), IsOk());
9141 }
9142
9143 // Test that in-progress queries are cancelled on applying new DNS config
9144 // overrides, same as receiving a new DnsConfig from the system.
TEST_F(HostResolverManagerDnsTest,CancelQueriesOnSettingOverrides)9145 TEST_F(HostResolverManagerDnsTest, CancelQueriesOnSettingOverrides) {
9146 ChangeDnsConfig(CreateValidDnsConfig());
9147 ResolveHostResponseHelper response(resolver_->CreateRequest(
9148 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
9149 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
9150 resolve_context_->host_cache()));
9151 ASSERT_FALSE(response.complete());
9152
9153 DnsConfigOverrides overrides;
9154 overrides.attempts = 123;
9155 resolver_->SetDnsConfigOverrides(overrides);
9156
9157 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
9158 }
9159
9160 // Queries should not be cancelled if equal overrides are set.
TEST_F(HostResolverManagerDnsTest,CancelQueriesOnSettingOverrides_SameOverrides)9161 TEST_F(HostResolverManagerDnsTest,
9162 CancelQueriesOnSettingOverrides_SameOverrides) {
9163 ChangeDnsConfig(CreateValidDnsConfig());
9164 DnsConfigOverrides overrides;
9165 overrides.attempts = 123;
9166 resolver_->SetDnsConfigOverrides(overrides);
9167
9168 ResolveHostResponseHelper response(resolver_->CreateRequest(
9169 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
9170 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
9171 resolve_context_->host_cache()));
9172 ASSERT_FALSE(response.complete());
9173
9174 resolver_->SetDnsConfigOverrides(overrides);
9175
9176 dns_client_->CompleteDelayedTransactions();
9177 EXPECT_THAT(response.result_error(), IsOk());
9178 }
9179
9180 // Test that in-progress queries are cancelled on clearing DNS config overrides,
9181 // same as receiving a new DnsConfig from the system.
TEST_F(HostResolverManagerDnsTest,CancelQueriesOnClearingOverrides)9182 TEST_F(HostResolverManagerDnsTest, CancelQueriesOnClearingOverrides) {
9183 ChangeDnsConfig(CreateValidDnsConfig());
9184 DnsConfigOverrides overrides;
9185 overrides.attempts = 123;
9186 resolver_->SetDnsConfigOverrides(overrides);
9187
9188 ResolveHostResponseHelper response(resolver_->CreateRequest(
9189 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
9190 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
9191 resolve_context_->host_cache()));
9192 ASSERT_FALSE(response.complete());
9193
9194 resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
9195
9196 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
9197 }
9198
9199 // Queries should not be cancelled on clearing overrides if there were not any
9200 // overrides.
TEST_F(HostResolverManagerDnsTest,CancelQueriesOnClearingOverrides_NoOverrides)9201 TEST_F(HostResolverManagerDnsTest,
9202 CancelQueriesOnClearingOverrides_NoOverrides) {
9203 ChangeDnsConfig(CreateValidDnsConfig());
9204 ResolveHostResponseHelper response(resolver_->CreateRequest(
9205 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
9206 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
9207 resolve_context_->host_cache()));
9208 ASSERT_FALSE(response.complete());
9209
9210 resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
9211
9212 dns_client_->CompleteDelayedTransactions();
9213 EXPECT_THAT(response.result_error(), IsOk());
9214 }
9215
TEST_F(HostResolverManagerDnsTest,FlushContextSessionDataOnSystemConfigChange)9216 TEST_F(HostResolverManagerDnsTest,
9217 FlushContextSessionDataOnSystemConfigChange) {
9218 DnsConfig original_config = CreateValidDnsConfig();
9219 ChangeDnsConfig(original_config);
9220
9221 DnsSession* session_before = dns_client_->GetCurrentSession();
9222 resolve_context_->RecordServerSuccess(
9223 0u /* server_index */, true /* is_doh_server */, session_before);
9224 ASSERT_TRUE(resolve_context_->GetDohServerAvailability(0u, session_before));
9225
9226 // Flush data by triggering a config change.
9227 DnsConfig new_config = original_config;
9228 new_config.attempts = 103;
9229 ChangeDnsConfig(new_config);
9230
9231 DnsSession* session_after = dns_client_->GetCurrentSession();
9232 EXPECT_NE(session_before, session_after);
9233
9234 EXPECT_FALSE(resolve_context_->GetDohServerAvailability(0u, session_after));
9235
9236 // Confirm new session is in use.
9237 resolve_context_->RecordServerSuccess(
9238 0u /* server_index */, true /* is_doh_server */, session_after);
9239 EXPECT_TRUE(resolve_context_->GetDohServerAvailability(0u, session_after));
9240 }
9241
TEST_F(HostResolverManagerDnsTest,TxtQuery)9242 TEST_F(HostResolverManagerDnsTest, TxtQuery) {
9243 // Simulate two separate DNS records, each with multiple strings.
9244 std::vector<std::string> foo_records = {"foo1", "foo2", "foo3"};
9245 std::vector<std::string> bar_records = {"bar1", "bar2"};
9246 std::vector<std::vector<std::string>> text_records = {foo_records,
9247 bar_records};
9248
9249 MockDnsClientRuleList rules;
9250 rules.emplace_back("host", dns_protocol::kTypeTXT, false /* secure */,
9251 MockDnsClientRule::Result(BuildTestDnsTextResponse(
9252 "host", std::move(text_records))),
9253 false /* delay */);
9254
9255 CreateResolver();
9256 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9257
9258 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9259
9260 HostResolver::ResolveHostParameters parameters;
9261 parameters.dns_query_type = DnsQueryType::TXT;
9262
9263 ResolveHostResponseHelper response(resolver_->CreateRequest(
9264 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9265 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9266 EXPECT_THAT(response.result_error(), IsOk());
9267 EXPECT_THAT(response.request()->GetAddressResults(),
9268 AnyOf(nullptr, Pointee(IsEmpty())));
9269 EXPECT_THAT(response.request()->GetEndpointResults(),
9270 AnyOf(nullptr, Pointee(IsEmpty())));
9271 EXPECT_THAT(response.request()->GetHostnameResults(),
9272 AnyOf(nullptr, Pointee(IsEmpty())));
9273 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9274 AnyOf(nullptr, Pointee(IsEmpty())));
9275
9276 // Order between separate DNS records is undefined, but each record should
9277 // stay in order as that order may be meaningful.
9278 ASSERT_THAT(response.request()->GetTextResults(),
9279 testing::Pointee(testing::UnorderedElementsAre(
9280 "foo1", "foo2", "foo3", "bar1", "bar2")));
9281 const std::vector<std::string>* results =
9282 response.request()->GetTextResults();
9283 EXPECT_NE(results->end(), base::ranges::search(*results, foo_records));
9284 EXPECT_NE(results->end(), base::ranges::search(*results, bar_records));
9285
9286 // Expect result to be cached.
9287 EXPECT_EQ(resolve_context_->host_cache()->size(), 1u);
9288 parameters.source = HostResolverSource::LOCAL_ONLY;
9289 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
9290 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9291 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9292 EXPECT_THAT(cached_response.result_error(), IsOk());
9293 ASSERT_THAT(cached_response.request()->GetTextResults(),
9294 testing::Pointee(testing::UnorderedElementsAre(
9295 "foo1", "foo2", "foo3", "bar1", "bar2")));
9296 results = cached_response.request()->GetTextResults();
9297 EXPECT_NE(results->end(), base::ranges::search(*results, foo_records));
9298 EXPECT_NE(results->end(), base::ranges::search(*results, bar_records));
9299 }
9300
TEST_F(HostResolverManagerDnsTest,TxtQueryRejectsIpLiteral)9301 TEST_F(HostResolverManagerDnsTest, TxtQueryRejectsIpLiteral) {
9302 MockDnsClientRuleList rules;
9303
9304 // Entry that would resolve if DNS is mistakenly queried to ensure that does
9305 // not happen.
9306 rules.emplace_back("8.8.8.8", dns_protocol::kTypeTXT, /*secure=*/false,
9307 MockDnsClientRule::Result(
9308 BuildTestDnsTextResponse("8.8.8.8", {{"text"}})),
9309 /*delay=*/false);
9310
9311 CreateResolver();
9312 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9313
9314 HostResolver::ResolveHostParameters parameters;
9315 parameters.dns_query_type = DnsQueryType::TXT;
9316
9317 ResolveHostResponseHelper response(resolver_->CreateRequest(
9318 HostPortPair("8.8.8.8", 108), NetworkAnonymizationKey(),
9319 NetLogWithSource(), parameters, resolve_context_.get(),
9320 resolve_context_->host_cache()));
9321 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9322 EXPECT_THAT(response.request()->GetAddressResults(),
9323 AnyOf(nullptr, Pointee(IsEmpty())));
9324 EXPECT_THAT(response.request()->GetEndpointResults(),
9325 AnyOf(nullptr, Pointee(IsEmpty())));
9326 EXPECT_THAT(response.request()->GetTextResults(),
9327 AnyOf(nullptr, Pointee(IsEmpty())));
9328 EXPECT_THAT(response.request()->GetHostnameResults(),
9329 AnyOf(nullptr, Pointee(IsEmpty())));
9330 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9331 AnyOf(nullptr, Pointee(IsEmpty())));
9332 }
9333
9334 // Test that TXT records can be extracted from a response that also contains
9335 // unrecognized record types.
TEST_F(HostResolverManagerDnsTest,TxtQuery_MixedWithUnrecognizedType)9336 TEST_F(HostResolverManagerDnsTest, TxtQuery_MixedWithUnrecognizedType) {
9337 std::vector<std::string> text_strings = {"foo"};
9338
9339 MockDnsClientRuleList rules;
9340 rules.emplace_back(
9341 "host", dns_protocol::kTypeTXT, false /* secure */,
9342 MockDnsClientRule::Result(BuildTestDnsResponse(
9343 "host", dns_protocol::kTypeTXT,
9344 {BuildTestDnsRecord("host", 3u /* type */, "fake rdata 1"),
9345 BuildTestTextRecord("host", std::move(text_strings)),
9346 BuildTestDnsRecord("host", 3u /* type */, "fake rdata 2")})),
9347 false /* delay */);
9348
9349 CreateResolver();
9350 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9351
9352 HostResolver::ResolveHostParameters parameters;
9353 parameters.dns_query_type = DnsQueryType::TXT;
9354
9355 ResolveHostResponseHelper response(resolver_->CreateRequest(
9356 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9357 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9358 EXPECT_THAT(response.result_error(), IsOk());
9359 EXPECT_THAT(response.request()->GetAddressResults(),
9360 AnyOf(nullptr, Pointee(IsEmpty())));
9361 EXPECT_THAT(response.request()->GetEndpointResults(),
9362 AnyOf(nullptr, Pointee(IsEmpty())));
9363 EXPECT_THAT(response.request()->GetHostnameResults(),
9364 AnyOf(nullptr, Pointee(IsEmpty())));
9365 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9366 AnyOf(nullptr, Pointee(IsEmpty())));
9367
9368 EXPECT_THAT(response.request()->GetTextResults(),
9369 testing::Pointee(testing::ElementsAre("foo")));
9370 }
9371
TEST_F(HostResolverManagerDnsTest,TxtQuery_InvalidConfig)9372 TEST_F(HostResolverManagerDnsTest, TxtQuery_InvalidConfig) {
9373 set_allow_fallback_to_systemtask(false);
9374 // Set empty DnsConfig.
9375 InvalidateDnsConfig();
9376
9377 HostResolver::ResolveHostParameters parameters;
9378 parameters.dns_query_type = DnsQueryType::TXT;
9379
9380 ResolveHostResponseHelper response(resolver_->CreateRequest(
9381 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9382 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9383 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
9384 }
9385
TEST_F(HostResolverManagerDnsTest,TxtQuery_NonexistentDomain)9386 TEST_F(HostResolverManagerDnsTest, TxtQuery_NonexistentDomain) {
9387 // Setup fallback to confirm it is not used for non-address results.
9388 set_allow_fallback_to_systemtask(true);
9389 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9390 proc_->SignalMultiple(1u);
9391
9392 MockDnsClientRuleList rules;
9393 rules.emplace_back(
9394 "host", dns_protocol::kTypeTXT, false /* secure */,
9395 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kNoDomain),
9396 false /* delay */);
9397
9398 CreateResolver();
9399 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9400
9401 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9402
9403 HostResolver::ResolveHostParameters parameters;
9404 parameters.dns_query_type = DnsQueryType::TXT;
9405
9406 ResolveHostResponseHelper response(resolver_->CreateRequest(
9407 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9408 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9409 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9410 EXPECT_THAT(response.request()->GetAddressResults(),
9411 AnyOf(nullptr, Pointee(IsEmpty())));
9412 EXPECT_THAT(response.request()->GetEndpointResults(),
9413 AnyOf(nullptr, Pointee(IsEmpty())));
9414 EXPECT_THAT(response.request()->GetTextResults(),
9415 AnyOf(nullptr, Pointee(IsEmpty())));
9416 EXPECT_THAT(response.request()->GetHostnameResults(),
9417 AnyOf(nullptr, Pointee(IsEmpty())));
9418 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9419 AnyOf(nullptr, Pointee(IsEmpty())));
9420
9421 // Expect result to be cached.
9422 EXPECT_EQ(resolve_context_->host_cache()->size(), 1u);
9423 parameters.source = HostResolverSource::LOCAL_ONLY;
9424 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
9425 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9426 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9427 EXPECT_THAT(cached_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9428 EXPECT_THAT(cached_response.request()->GetAddressResults(),
9429 AnyOf(nullptr, Pointee(IsEmpty())));
9430 EXPECT_THAT(cached_response.request()->GetEndpointResults(),
9431 AnyOf(nullptr, Pointee(IsEmpty())));
9432 EXPECT_THAT(cached_response.request()->GetTextResults(),
9433 AnyOf(nullptr, Pointee(IsEmpty())));
9434 EXPECT_THAT(cached_response.request()->GetHostnameResults(),
9435 AnyOf(nullptr, Pointee(IsEmpty())));
9436 EXPECT_THAT(cached_response.request()->GetExperimentalResultsForTesting(),
9437 AnyOf(nullptr, Pointee(IsEmpty())));
9438 }
9439
TEST_F(HostResolverManagerDnsTest,TxtQuery_Failure)9440 TEST_F(HostResolverManagerDnsTest, TxtQuery_Failure) {
9441 // Setup fallback to confirm it is not used for non-address results.
9442 set_allow_fallback_to_systemtask(true);
9443 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9444 proc_->SignalMultiple(1u);
9445
9446 MockDnsClientRuleList rules;
9447 rules.emplace_back(
9448 "host", dns_protocol::kTypeTXT, false /* secure */,
9449 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
9450 false /* delay */);
9451
9452 CreateResolver();
9453 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9454
9455 HostResolver::ResolveHostParameters parameters;
9456 parameters.dns_query_type = DnsQueryType::TXT;
9457
9458 ResolveHostResponseHelper response(resolver_->CreateRequest(
9459 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9460 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9461 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9462 EXPECT_THAT(response.request()->GetAddressResults(),
9463 AnyOf(nullptr, Pointee(IsEmpty())));
9464 EXPECT_THAT(response.request()->GetEndpointResults(),
9465 AnyOf(nullptr, Pointee(IsEmpty())));
9466 EXPECT_THAT(response.request()->GetTextResults(),
9467 AnyOf(nullptr, Pointee(IsEmpty())));
9468 EXPECT_THAT(response.request()->GetHostnameResults(),
9469 AnyOf(nullptr, Pointee(IsEmpty())));
9470 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9471 AnyOf(nullptr, Pointee(IsEmpty())));
9472
9473 // Expect result not cached.
9474 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9475 }
9476
TEST_F(HostResolverManagerDnsTest,TxtQuery_Timeout)9477 TEST_F(HostResolverManagerDnsTest, TxtQuery_Timeout) {
9478 // Setup fallback to confirm it is not used for non-address results.
9479 set_allow_fallback_to_systemtask(true);
9480 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9481 proc_->SignalMultiple(1u);
9482
9483 MockDnsClientRuleList rules;
9484 rules.emplace_back(
9485 "host", dns_protocol::kTypeTXT, false /* secure */,
9486 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
9487 false /* delay */);
9488
9489 CreateResolver();
9490 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9491
9492 HostResolver::ResolveHostParameters parameters;
9493 parameters.dns_query_type = DnsQueryType::TXT;
9494
9495 ResolveHostResponseHelper response(resolver_->CreateRequest(
9496 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9497 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9498 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
9499 EXPECT_THAT(response.request()->GetAddressResults(),
9500 AnyOf(nullptr, Pointee(IsEmpty())));
9501 EXPECT_THAT(response.request()->GetEndpointResults(),
9502 AnyOf(nullptr, Pointee(IsEmpty())));
9503 EXPECT_THAT(response.request()->GetTextResults(),
9504 AnyOf(nullptr, Pointee(IsEmpty())));
9505 EXPECT_THAT(response.request()->GetHostnameResults(),
9506 AnyOf(nullptr, Pointee(IsEmpty())));
9507 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9508 AnyOf(nullptr, Pointee(IsEmpty())));
9509
9510 // Expect result not cached.
9511 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9512 }
9513
TEST_F(HostResolverManagerDnsTest,TxtQuery_Empty)9514 TEST_F(HostResolverManagerDnsTest, TxtQuery_Empty) {
9515 // Setup fallback to confirm it is not used for non-address results.
9516 set_allow_fallback_to_systemtask(true);
9517 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9518 proc_->SignalMultiple(1u);
9519
9520 MockDnsClientRuleList rules;
9521 rules.emplace_back(
9522 "host", dns_protocol::kTypeTXT, false /* secure */,
9523 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
9524 false /* delay */);
9525
9526 CreateResolver();
9527 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9528
9529 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9530
9531 HostResolver::ResolveHostParameters parameters;
9532 parameters.dns_query_type = DnsQueryType::TXT;
9533
9534 ResolveHostResponseHelper response(resolver_->CreateRequest(
9535 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9536 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9537 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9538 EXPECT_THAT(response.request()->GetAddressResults(),
9539 AnyOf(nullptr, Pointee(IsEmpty())));
9540 EXPECT_THAT(response.request()->GetEndpointResults(),
9541 AnyOf(nullptr, Pointee(IsEmpty())));
9542 EXPECT_THAT(response.request()->GetTextResults(),
9543 AnyOf(nullptr, Pointee(IsEmpty())));
9544 EXPECT_THAT(response.request()->GetHostnameResults(),
9545 AnyOf(nullptr, Pointee(IsEmpty())));
9546 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9547 AnyOf(nullptr, Pointee(IsEmpty())));
9548
9549 // Expect result to be cached.
9550 EXPECT_EQ(resolve_context_->host_cache()->size(), 1u);
9551 parameters.source = HostResolverSource::LOCAL_ONLY;
9552 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
9553 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9554 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9555 EXPECT_THAT(cached_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9556 EXPECT_THAT(cached_response.request()->GetAddressResults(),
9557 AnyOf(nullptr, Pointee(IsEmpty())));
9558 EXPECT_THAT(cached_response.request()->GetEndpointResults(),
9559 AnyOf(nullptr, Pointee(IsEmpty())));
9560 EXPECT_THAT(cached_response.request()->GetTextResults(),
9561 AnyOf(nullptr, Pointee(IsEmpty())));
9562 EXPECT_THAT(cached_response.request()->GetHostnameResults(),
9563 AnyOf(nullptr, Pointee(IsEmpty())));
9564 EXPECT_THAT(cached_response.request()->GetExperimentalResultsForTesting(),
9565 AnyOf(nullptr, Pointee(IsEmpty())));
9566 }
9567
TEST_F(HostResolverManagerDnsTest,TxtQuery_Malformed)9568 TEST_F(HostResolverManagerDnsTest, TxtQuery_Malformed) {
9569 // Setup fallback to confirm it is not used for non-address results.
9570 set_allow_fallback_to_systemtask(true);
9571 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9572 proc_->SignalMultiple(1u);
9573
9574 MockDnsClientRuleList rules;
9575 rules.emplace_back(
9576 "host", dns_protocol::kTypeTXT, false /* secure */,
9577 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
9578 false /* delay */);
9579
9580 CreateResolver();
9581 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9582
9583 HostResolver::ResolveHostParameters parameters;
9584 parameters.dns_query_type = DnsQueryType::TXT;
9585
9586 ResolveHostResponseHelper response(resolver_->CreateRequest(
9587 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9588 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9589 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
9590 EXPECT_THAT(response.request()->GetAddressResults(),
9591 AnyOf(nullptr, Pointee(IsEmpty())));
9592 EXPECT_THAT(response.request()->GetEndpointResults(),
9593 AnyOf(nullptr, Pointee(IsEmpty())));
9594 EXPECT_THAT(response.request()->GetTextResults(),
9595 AnyOf(nullptr, Pointee(IsEmpty())));
9596 EXPECT_THAT(response.request()->GetHostnameResults(),
9597 AnyOf(nullptr, Pointee(IsEmpty())));
9598 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9599 AnyOf(nullptr, Pointee(IsEmpty())));
9600
9601 // Expect result not cached.
9602 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9603 }
9604
TEST_F(HostResolverManagerDnsTest,TxtQuery_MismatchedName)9605 TEST_F(HostResolverManagerDnsTest, TxtQuery_MismatchedName) {
9606 std::vector<std::vector<std::string>> text_records = {{"text"}};
9607 MockDnsClientRuleList rules;
9608 rules.emplace_back("host", dns_protocol::kTypeTXT, false /* secure */,
9609 MockDnsClientRule::Result(BuildTestDnsTextResponse(
9610 "host", std::move(text_records), "not.host")),
9611 false /* delay */);
9612
9613 CreateResolver();
9614 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9615
9616 HostResolver::ResolveHostParameters parameters;
9617 parameters.dns_query_type = DnsQueryType::TXT;
9618
9619 ResolveHostResponseHelper response(resolver_->CreateRequest(
9620 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9621 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9622 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
9623 EXPECT_THAT(response.request()->GetAddressResults(),
9624 AnyOf(nullptr, Pointee(IsEmpty())));
9625 EXPECT_THAT(response.request()->GetEndpointResults(),
9626 AnyOf(nullptr, Pointee(IsEmpty())));
9627 EXPECT_THAT(response.request()->GetTextResults(),
9628 AnyOf(nullptr, Pointee(IsEmpty())));
9629 EXPECT_THAT(response.request()->GetHostnameResults(),
9630 AnyOf(nullptr, Pointee(IsEmpty())));
9631 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9632 AnyOf(nullptr, Pointee(IsEmpty())));
9633
9634 // Expect result not cached.
9635 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9636 }
9637
TEST_F(HostResolverManagerDnsTest,TxtQuery_WrongType)9638 TEST_F(HostResolverManagerDnsTest, TxtQuery_WrongType) {
9639 // Respond to a TXT query with an A response.
9640 MockDnsClientRuleList rules;
9641 rules.emplace_back(
9642 "host", dns_protocol::kTypeTXT, false /* secure */,
9643 MockDnsClientRule::Result(BuildTestDnsResponse(
9644 "host", dns_protocol::kTypeTXT,
9645 {BuildTestAddressRecord("host", IPAddress(1, 2, 3, 4))})),
9646 false /* delay */);
9647
9648 CreateResolver();
9649 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9650
9651 HostResolver::ResolveHostParameters parameters;
9652 parameters.dns_query_type = DnsQueryType::TXT;
9653
9654 // Responses for the wrong type should be ignored.
9655 ResolveHostResponseHelper response(resolver_->CreateRequest(
9656 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9657 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9658 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9659 EXPECT_THAT(response.request()->GetAddressResults(),
9660 AnyOf(nullptr, Pointee(IsEmpty())));
9661 EXPECT_THAT(response.request()->GetEndpointResults(),
9662 AnyOf(nullptr, Pointee(IsEmpty())));
9663 EXPECT_THAT(response.request()->GetTextResults(),
9664 AnyOf(nullptr, Pointee(IsEmpty())));
9665 EXPECT_THAT(response.request()->GetHostnameResults(),
9666 AnyOf(nullptr, Pointee(IsEmpty())));
9667 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9668 AnyOf(nullptr, Pointee(IsEmpty())));
9669
9670 // Expect result not cached.
9671 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9672 }
9673
TEST_F(HostResolverManagerDnsTest,TxtInsecureQueryDisallowedWhenAdditionalTypesDisallowed)9674 TEST_F(HostResolverManagerDnsTest,
9675 TxtInsecureQueryDisallowedWhenAdditionalTypesDisallowed) {
9676 const std::string kName = "txt.test";
9677
9678 ChangeDnsConfig(CreateValidDnsConfig());
9679 DnsConfigOverrides overrides;
9680 overrides.secure_dns_mode = SecureDnsMode::kOff;
9681 resolver_->SetDnsConfigOverrides(overrides);
9682 resolver_->SetInsecureDnsClientEnabled(
9683 /*enabled=*/true,
9684 /*additional_dns_types_enabled=*/false);
9685
9686 HostResolver::ResolveHostParameters parameters;
9687 parameters.dns_query_type = DnsQueryType::TXT;
9688
9689 ResolveHostResponseHelper response(resolver_->CreateRequest(
9690 HostPortPair(kName, 108), NetworkAnonymizationKey(), NetLogWithSource(),
9691 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9692 // No non-local work is done, so ERR_DNS_CACHE_MISS is the result.
9693 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
9694 EXPECT_THAT(response.request()->GetAddressResults(),
9695 AnyOf(nullptr, Pointee(IsEmpty())));
9696 EXPECT_THAT(response.request()->GetEndpointResults(),
9697 AnyOf(nullptr, Pointee(IsEmpty())));
9698 EXPECT_THAT(response.request()->GetHostnameResults(),
9699 AnyOf(nullptr, Pointee(IsEmpty())));
9700 EXPECT_THAT(response.request()->GetTextResults(),
9701 AnyOf(nullptr, Pointee(IsEmpty())));
9702 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9703 AnyOf(nullptr, Pointee(IsEmpty())));
9704 }
9705
9706 // Same as TxtQuery except we specify DNS HostResolverSource instead of relying
9707 // on automatic determination. Expect same results since DNS should be what we
9708 // automatically determine, but some slightly different logic paths are
9709 // involved.
TEST_F(HostResolverManagerDnsTest,TxtDnsQuery)9710 TEST_F(HostResolverManagerDnsTest, TxtDnsQuery) {
9711 // Simulate two separate DNS records, each with multiple strings.
9712 std::vector<std::string> foo_records = {"foo1", "foo2", "foo3"};
9713 std::vector<std::string> bar_records = {"bar1", "bar2"};
9714 std::vector<std::vector<std::string>> text_records = {foo_records,
9715 bar_records};
9716
9717 MockDnsClientRuleList rules;
9718 rules.emplace_back("host", dns_protocol::kTypeTXT, false /* secure */,
9719 MockDnsClientRule::Result(BuildTestDnsTextResponse(
9720 "host", std::move(text_records))),
9721 false /* delay */);
9722
9723 CreateResolver();
9724 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9725
9726 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9727
9728 HostResolver::ResolveHostParameters parameters;
9729 parameters.source = HostResolverSource::DNS;
9730 parameters.dns_query_type = DnsQueryType::TXT;
9731
9732 ResolveHostResponseHelper response(resolver_->CreateRequest(
9733 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9734 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9735 EXPECT_THAT(response.result_error(), IsOk());
9736 EXPECT_THAT(response.request()->GetAddressResults(),
9737 AnyOf(nullptr, Pointee(IsEmpty())));
9738 EXPECT_THAT(response.request()->GetEndpointResults(),
9739 AnyOf(nullptr, Pointee(IsEmpty())));
9740 EXPECT_THAT(response.request()->GetHostnameResults(),
9741 AnyOf(nullptr, Pointee(IsEmpty())));
9742 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9743 AnyOf(nullptr, Pointee(IsEmpty())));
9744
9745 // Order between separate DNS records is undefined, but each record should
9746 // stay in order as that order may be meaningful.
9747 ASSERT_THAT(response.request()->GetTextResults(),
9748 testing::Pointee(testing::UnorderedElementsAre(
9749 "foo1", "foo2", "foo3", "bar1", "bar2")));
9750 const std::vector<std::string>* results =
9751 response.request()->GetTextResults();
9752 EXPECT_NE(results->end(), base::ranges::search(*results, foo_records));
9753 EXPECT_NE(results->end(), base::ranges::search(*results, bar_records));
9754
9755 // Expect result to be cached.
9756 EXPECT_EQ(resolve_context_->host_cache()->size(), 1u);
9757 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
9758 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9759 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9760 EXPECT_THAT(cached_response.result_error(), IsOk());
9761 EXPECT_TRUE(cached_response.request()->GetStaleInfo());
9762 ASSERT_THAT(cached_response.request()->GetTextResults(),
9763 testing::Pointee(testing::UnorderedElementsAre(
9764 "foo1", "foo2", "foo3", "bar1", "bar2")));
9765 results = cached_response.request()->GetTextResults();
9766 EXPECT_NE(results->end(), base::ranges::search(*results, foo_records));
9767 EXPECT_NE(results->end(), base::ranges::search(*results, bar_records));
9768 }
9769
TEST_F(HostResolverManagerDnsTest,PtrQuery)9770 TEST_F(HostResolverManagerDnsTest, PtrQuery) {
9771 MockDnsClientRuleList rules;
9772 rules.emplace_back("host", dns_protocol::kTypePTR, false /* secure */,
9773 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
9774 "host", {"foo.com", "bar.com"})),
9775 false /* delay */);
9776
9777 CreateResolver();
9778 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9779
9780 HostResolver::ResolveHostParameters parameters;
9781 parameters.dns_query_type = DnsQueryType::PTR;
9782
9783 ResolveHostResponseHelper response(resolver_->CreateRequest(
9784 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9785 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9786 EXPECT_THAT(response.result_error(), IsOk());
9787 EXPECT_THAT(response.request()->GetAddressResults(),
9788 AnyOf(nullptr, Pointee(IsEmpty())));
9789 EXPECT_THAT(response.request()->GetEndpointResults(),
9790 AnyOf(nullptr, Pointee(IsEmpty())));
9791 EXPECT_THAT(response.request()->GetTextResults(),
9792 AnyOf(nullptr, Pointee(IsEmpty())));
9793 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9794 AnyOf(nullptr, Pointee(IsEmpty())));
9795
9796 // Order between separate records is undefined.
9797 EXPECT_THAT(response.request()->GetHostnameResults(),
9798 testing::Pointee(testing::UnorderedElementsAre(
9799 HostPortPair("foo.com", 108), HostPortPair("bar.com", 108))));
9800 }
9801
TEST_F(HostResolverManagerDnsTest,PtrQueryRejectsIpLiteral)9802 TEST_F(HostResolverManagerDnsTest, PtrQueryRejectsIpLiteral) {
9803 MockDnsClientRuleList rules;
9804
9805 // Entry that would resolve if DNS is mistakenly queried to ensure that does
9806 // not happen.
9807 rules.emplace_back("8.8.8.8", dns_protocol::kTypePTR, /*secure=*/false,
9808 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
9809 "8.8.8.8", {"foo.com", "bar.com"})),
9810 /*delay=*/false);
9811
9812 CreateResolver();
9813 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9814
9815 HostResolver::ResolveHostParameters parameters;
9816 parameters.dns_query_type = DnsQueryType::PTR;
9817
9818 ResolveHostResponseHelper response(resolver_->CreateRequest(
9819 HostPortPair("8.8.8.8", 108), NetworkAnonymizationKey(),
9820 NetLogWithSource(), parameters, resolve_context_.get(),
9821 resolve_context_->host_cache()));
9822 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9823 EXPECT_THAT(response.request()->GetAddressResults(),
9824 AnyOf(nullptr, Pointee(IsEmpty())));
9825 EXPECT_THAT(response.request()->GetEndpointResults(),
9826 AnyOf(nullptr, Pointee(IsEmpty())));
9827 EXPECT_THAT(response.request()->GetTextResults(),
9828 AnyOf(nullptr, Pointee(IsEmpty())));
9829 EXPECT_THAT(response.request()->GetHostnameResults(),
9830 AnyOf(nullptr, Pointee(IsEmpty())));
9831 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9832 AnyOf(nullptr, Pointee(IsEmpty())));
9833 }
9834
TEST_F(HostResolverManagerDnsTest,PtrQueryHandlesReverseIpLookup)9835 TEST_F(HostResolverManagerDnsTest, PtrQueryHandlesReverseIpLookup) {
9836 const char kHostname[] = "8.8.8.8.in-addr.arpa";
9837
9838 MockDnsClientRuleList rules;
9839 rules.emplace_back(kHostname, dns_protocol::kTypePTR, /*secure=*/false,
9840 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
9841 kHostname, {"dns.google.test", "foo.test"})),
9842 /*delay=*/false);
9843
9844 CreateResolver();
9845 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9846
9847 HostResolver::ResolveHostParameters parameters;
9848 parameters.dns_query_type = DnsQueryType::PTR;
9849
9850 ResolveHostResponseHelper response(resolver_->CreateRequest(
9851 HostPortPair(kHostname, 108), NetworkAnonymizationKey(),
9852 NetLogWithSource(), parameters, resolve_context_.get(),
9853 resolve_context_->host_cache()));
9854 EXPECT_THAT(response.result_error(), IsOk());
9855 EXPECT_THAT(response.request()->GetAddressResults(),
9856 AnyOf(nullptr, Pointee(IsEmpty())));
9857 EXPECT_THAT(response.request()->GetEndpointResults(),
9858 AnyOf(nullptr, Pointee(IsEmpty())));
9859 EXPECT_THAT(response.request()->GetTextResults(),
9860 AnyOf(nullptr, Pointee(IsEmpty())));
9861 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9862 AnyOf(nullptr, Pointee(IsEmpty())));
9863
9864 // Order between separate records is undefined.
9865 EXPECT_THAT(response.request()->GetHostnameResults(),
9866 testing::Pointee(testing::UnorderedElementsAre(
9867 HostPortPair("dns.google.test", 108),
9868 HostPortPair("foo.test", 108))));
9869 }
9870
TEST_F(HostResolverManagerDnsTest,PtrQuery_NonexistentDomain)9871 TEST_F(HostResolverManagerDnsTest, PtrQuery_NonexistentDomain) {
9872 // Setup fallback to confirm it is not used for non-address results.
9873 set_allow_fallback_to_systemtask(true);
9874 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9875 proc_->SignalMultiple(1u);
9876
9877 MockDnsClientRuleList rules;
9878 rules.emplace_back(
9879 "host", dns_protocol::kTypePTR, false /* secure */,
9880 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kNoDomain),
9881 false /* delay */);
9882
9883 CreateResolver();
9884 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9885
9886 HostResolver::ResolveHostParameters parameters;
9887 parameters.dns_query_type = DnsQueryType::PTR;
9888
9889 ResolveHostResponseHelper response(resolver_->CreateRequest(
9890 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9891 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9892 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9893 EXPECT_THAT(response.request()->GetAddressResults(),
9894 AnyOf(nullptr, Pointee(IsEmpty())));
9895 EXPECT_THAT(response.request()->GetEndpointResults(),
9896 AnyOf(nullptr, Pointee(IsEmpty())));
9897 EXPECT_THAT(response.request()->GetTextResults(),
9898 AnyOf(nullptr, Pointee(IsEmpty())));
9899 EXPECT_THAT(response.request()->GetHostnameResults(),
9900 AnyOf(nullptr, Pointee(IsEmpty())));
9901 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9902 AnyOf(nullptr, Pointee(IsEmpty())));
9903 }
9904
TEST_F(HostResolverManagerDnsTest,PtrQuery_Failure)9905 TEST_F(HostResolverManagerDnsTest, PtrQuery_Failure) {
9906 // Setup fallback to confirm it is not used for non-address results.
9907 set_allow_fallback_to_systemtask(true);
9908 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9909 proc_->SignalMultiple(1u);
9910
9911 MockDnsClientRuleList rules;
9912 rules.emplace_back(
9913 "host", dns_protocol::kTypePTR, false /* secure */,
9914 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
9915 false /* delay */);
9916
9917 CreateResolver();
9918 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9919
9920 HostResolver::ResolveHostParameters parameters;
9921 parameters.dns_query_type = DnsQueryType::PTR;
9922
9923 ResolveHostResponseHelper response(resolver_->CreateRequest(
9924 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9925 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9926 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9927 EXPECT_THAT(response.request()->GetAddressResults(),
9928 AnyOf(nullptr, Pointee(IsEmpty())));
9929 EXPECT_THAT(response.request()->GetEndpointResults(),
9930 AnyOf(nullptr, Pointee(IsEmpty())));
9931 EXPECT_THAT(response.request()->GetTextResults(),
9932 AnyOf(nullptr, Pointee(IsEmpty())));
9933 EXPECT_THAT(response.request()->GetHostnameResults(),
9934 AnyOf(nullptr, Pointee(IsEmpty())));
9935 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9936 AnyOf(nullptr, Pointee(IsEmpty())));
9937 }
9938
TEST_F(HostResolverManagerDnsTest,PtrQuery_Timeout)9939 TEST_F(HostResolverManagerDnsTest, PtrQuery_Timeout) {
9940 // Setup fallback to confirm it is not used for non-address results.
9941 set_allow_fallback_to_systemtask(true);
9942 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9943 proc_->SignalMultiple(1u);
9944
9945 MockDnsClientRuleList rules;
9946 rules.emplace_back(
9947 "host", dns_protocol::kTypePTR, false /* secure */,
9948 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
9949 false /* delay */);
9950
9951 CreateResolver();
9952 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9953
9954 HostResolver::ResolveHostParameters parameters;
9955 parameters.dns_query_type = DnsQueryType::PTR;
9956
9957 ResolveHostResponseHelper response(resolver_->CreateRequest(
9958 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9959 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9960 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
9961 EXPECT_THAT(response.request()->GetAddressResults(),
9962 AnyOf(nullptr, Pointee(IsEmpty())));
9963 EXPECT_THAT(response.request()->GetEndpointResults(),
9964 AnyOf(nullptr, Pointee(IsEmpty())));
9965 EXPECT_THAT(response.request()->GetTextResults(),
9966 AnyOf(nullptr, Pointee(IsEmpty())));
9967 EXPECT_THAT(response.request()->GetHostnameResults(),
9968 AnyOf(nullptr, Pointee(IsEmpty())));
9969 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9970 AnyOf(nullptr, Pointee(IsEmpty())));
9971 }
9972
TEST_F(HostResolverManagerDnsTest,PtrQuery_Empty)9973 TEST_F(HostResolverManagerDnsTest, PtrQuery_Empty) {
9974 // Setup fallback to confirm it is not used for non-address results.
9975 set_allow_fallback_to_systemtask(true);
9976 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9977 proc_->SignalMultiple(1u);
9978
9979 MockDnsClientRuleList rules;
9980 rules.emplace_back(
9981 "host", dns_protocol::kTypePTR, false /* secure */,
9982 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
9983 false /* delay */);
9984
9985 CreateResolver();
9986 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9987
9988 HostResolver::ResolveHostParameters parameters;
9989 parameters.dns_query_type = DnsQueryType::PTR;
9990
9991 ResolveHostResponseHelper response(resolver_->CreateRequest(
9992 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9993 parameters, resolve_context_.get(), resolve_context_->host_cache()));
9994 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9995 EXPECT_THAT(response.request()->GetAddressResults(),
9996 AnyOf(nullptr, Pointee(IsEmpty())));
9997 EXPECT_THAT(response.request()->GetEndpointResults(),
9998 AnyOf(nullptr, Pointee(IsEmpty())));
9999 EXPECT_THAT(response.request()->GetTextResults(),
10000 AnyOf(nullptr, Pointee(IsEmpty())));
10001 EXPECT_THAT(response.request()->GetHostnameResults(),
10002 AnyOf(nullptr, Pointee(IsEmpty())));
10003 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10004 AnyOf(nullptr, Pointee(IsEmpty())));
10005 }
10006
TEST_F(HostResolverManagerDnsTest,PtrQuery_Malformed)10007 TEST_F(HostResolverManagerDnsTest, PtrQuery_Malformed) {
10008 // Setup fallback to confirm it is not used for non-address results.
10009 set_allow_fallback_to_systemtask(true);
10010 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
10011 proc_->SignalMultiple(1u);
10012
10013 MockDnsClientRuleList rules;
10014 rules.emplace_back(
10015 "host", dns_protocol::kTypePTR, false /* secure */,
10016 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
10017 false /* delay */);
10018
10019 CreateResolver();
10020 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10021
10022 HostResolver::ResolveHostParameters parameters;
10023 parameters.dns_query_type = DnsQueryType::PTR;
10024
10025 ResolveHostResponseHelper response(resolver_->CreateRequest(
10026 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10027 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10028 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
10029 EXPECT_THAT(response.request()->GetAddressResults(),
10030 AnyOf(nullptr, Pointee(IsEmpty())));
10031 EXPECT_THAT(response.request()->GetEndpointResults(),
10032 AnyOf(nullptr, Pointee(IsEmpty())));
10033 EXPECT_THAT(response.request()->GetTextResults(),
10034 AnyOf(nullptr, Pointee(IsEmpty())));
10035 EXPECT_THAT(response.request()->GetHostnameResults(),
10036 AnyOf(nullptr, Pointee(IsEmpty())));
10037 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10038 AnyOf(nullptr, Pointee(IsEmpty())));
10039 }
10040
TEST_F(HostResolverManagerDnsTest,PtrQuery_MismatchedName)10041 TEST_F(HostResolverManagerDnsTest, PtrQuery_MismatchedName) {
10042 std::vector<std::string> ptr_records = {{"foo.com"}};
10043 MockDnsClientRuleList rules;
10044 rules.emplace_back("host", dns_protocol::kTypePTR, false /* secure */,
10045 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
10046 "host", std::move(ptr_records), "not.host")),
10047 false /* delay */);
10048
10049 CreateResolver();
10050 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10051
10052 HostResolver::ResolveHostParameters parameters;
10053 parameters.dns_query_type = DnsQueryType::PTR;
10054
10055 ResolveHostResponseHelper response(resolver_->CreateRequest(
10056 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10057 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10058 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
10059 EXPECT_THAT(response.request()->GetAddressResults(),
10060 AnyOf(nullptr, Pointee(IsEmpty())));
10061 EXPECT_THAT(response.request()->GetEndpointResults(),
10062 AnyOf(nullptr, Pointee(IsEmpty())));
10063 EXPECT_THAT(response.request()->GetTextResults(),
10064 AnyOf(nullptr, Pointee(IsEmpty())));
10065 EXPECT_THAT(response.request()->GetHostnameResults(),
10066 AnyOf(nullptr, Pointee(IsEmpty())));
10067 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10068 AnyOf(nullptr, Pointee(IsEmpty())));
10069 }
10070
TEST_F(HostResolverManagerDnsTest,PtrQuery_WrongType)10071 TEST_F(HostResolverManagerDnsTest, PtrQuery_WrongType) {
10072 // Respond to a TXT query with an A response.
10073 MockDnsClientRuleList rules;
10074 rules.emplace_back(
10075 "host", dns_protocol::kTypePTR, false /* secure */,
10076 MockDnsClientRule::Result(BuildTestDnsResponse(
10077 "host", dns_protocol::kTypePTR,
10078 {BuildTestAddressRecord("host", IPAddress(1, 2, 3, 4))})),
10079 false /* delay */);
10080
10081 CreateResolver();
10082 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10083
10084 HostResolver::ResolveHostParameters parameters;
10085 parameters.dns_query_type = DnsQueryType::PTR;
10086
10087 // Responses for the wrong type should be ignored.
10088 ResolveHostResponseHelper response(resolver_->CreateRequest(
10089 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10090 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10091 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10092 EXPECT_THAT(response.request()->GetAddressResults(),
10093 AnyOf(nullptr, Pointee(IsEmpty())));
10094 EXPECT_THAT(response.request()->GetEndpointResults(),
10095 AnyOf(nullptr, Pointee(IsEmpty())));
10096 EXPECT_THAT(response.request()->GetTextResults(),
10097 AnyOf(nullptr, Pointee(IsEmpty())));
10098 EXPECT_THAT(response.request()->GetHostnameResults(),
10099 AnyOf(nullptr, Pointee(IsEmpty())));
10100 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10101 AnyOf(nullptr, Pointee(IsEmpty())));
10102 }
10103
TEST_F(HostResolverManagerDnsTest,PtrInsecureQueryDisallowedWhenAdditionalTypesDisallowed)10104 TEST_F(HostResolverManagerDnsTest,
10105 PtrInsecureQueryDisallowedWhenAdditionalTypesDisallowed) {
10106 const std::string kName = "ptr.test";
10107
10108 ChangeDnsConfig(CreateValidDnsConfig());
10109 DnsConfigOverrides overrides;
10110 overrides.secure_dns_mode = SecureDnsMode::kOff;
10111 resolver_->SetDnsConfigOverrides(overrides);
10112 resolver_->SetInsecureDnsClientEnabled(
10113 /*enabled=*/true,
10114 /*additional_dns_types_enabled=*/false);
10115
10116 HostResolver::ResolveHostParameters parameters;
10117 parameters.dns_query_type = DnsQueryType::PTR;
10118
10119 ResolveHostResponseHelper response(resolver_->CreateRequest(
10120 HostPortPair(kName, 108), NetworkAnonymizationKey(), NetLogWithSource(),
10121 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10122 // No non-local work is done, so ERR_DNS_CACHE_MISS is the result.
10123 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
10124 EXPECT_THAT(response.request()->GetAddressResults(),
10125 AnyOf(nullptr, Pointee(IsEmpty())));
10126 EXPECT_THAT(response.request()->GetEndpointResults(),
10127 AnyOf(nullptr, Pointee(IsEmpty())));
10128 EXPECT_THAT(response.request()->GetHostnameResults(),
10129 AnyOf(nullptr, Pointee(IsEmpty())));
10130 EXPECT_THAT(response.request()->GetTextResults(),
10131 AnyOf(nullptr, Pointee(IsEmpty())));
10132 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10133 AnyOf(nullptr, Pointee(IsEmpty())));
10134 }
10135
10136 // Same as PtrQuery except we specify DNS HostResolverSource instead of relying
10137 // on automatic determination. Expect same results since DNS should be what we
10138 // automatically determine, but some slightly different logic paths are
10139 // involved.
TEST_F(HostResolverManagerDnsTest,PtrDnsQuery)10140 TEST_F(HostResolverManagerDnsTest, PtrDnsQuery) {
10141 MockDnsClientRuleList rules;
10142 rules.emplace_back("host", dns_protocol::kTypePTR, false /* secure */,
10143 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
10144 "host", {"foo.com", "bar.com"})),
10145 false /* delay */);
10146
10147 CreateResolver();
10148 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10149
10150 HostResolver::ResolveHostParameters parameters;
10151 parameters.source = HostResolverSource::DNS;
10152 parameters.dns_query_type = DnsQueryType::PTR;
10153
10154 ResolveHostResponseHelper response(resolver_->CreateRequest(
10155 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10156 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10157 EXPECT_THAT(response.result_error(), IsOk());
10158 EXPECT_THAT(response.request()->GetAddressResults(),
10159 AnyOf(nullptr, Pointee(IsEmpty())));
10160 EXPECT_THAT(response.request()->GetEndpointResults(),
10161 AnyOf(nullptr, Pointee(IsEmpty())));
10162 EXPECT_THAT(response.request()->GetTextResults(),
10163 AnyOf(nullptr, Pointee(IsEmpty())));
10164 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10165 AnyOf(nullptr, Pointee(IsEmpty())));
10166
10167 // Order between separate records is undefined.
10168 EXPECT_THAT(response.request()->GetHostnameResults(),
10169 testing::Pointee(testing::UnorderedElementsAre(
10170 HostPortPair("foo.com", 108), HostPortPair("bar.com", 108))));
10171 }
10172
TEST_F(HostResolverManagerDnsTest,SrvQuery)10173 TEST_F(HostResolverManagerDnsTest, SrvQuery) {
10174 const TestServiceRecord kRecord1 = {2, 3, 1223, "foo.com"};
10175 const TestServiceRecord kRecord2 = {5, 10, 80, "bar.com"};
10176 const TestServiceRecord kRecord3 = {5, 1, 5, "google.com"};
10177 const TestServiceRecord kRecord4 = {2, 100, 12345, "chromium.org"};
10178 MockDnsClientRuleList rules;
10179 rules.emplace_back("host", dns_protocol::kTypeSRV, false /* secure */,
10180 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
10181 "host", {kRecord1, kRecord2, kRecord3, kRecord4})),
10182 false /* delay */);
10183
10184 CreateResolver();
10185 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10186
10187 HostResolver::ResolveHostParameters parameters;
10188 parameters.dns_query_type = DnsQueryType::SRV;
10189
10190 ResolveHostResponseHelper response(resolver_->CreateRequest(
10191 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10192 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10193 EXPECT_THAT(response.result_error(), IsOk());
10194 EXPECT_THAT(response.request()->GetAddressResults(),
10195 AnyOf(nullptr, Pointee(IsEmpty())));
10196 EXPECT_THAT(response.request()->GetEndpointResults(),
10197 AnyOf(nullptr, Pointee(IsEmpty())));
10198 EXPECT_THAT(response.request()->GetTextResults(),
10199 AnyOf(nullptr, Pointee(IsEmpty())));
10200 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10201 AnyOf(nullptr, Pointee(IsEmpty())));
10202
10203 // Expect ordered by priority, and random within a priority.
10204 const std::vector<HostPortPair>* results =
10205 response.request()->GetHostnameResults();
10206 ASSERT_THAT(
10207 results,
10208 testing::Pointee(testing::UnorderedElementsAre(
10209 HostPortPair("foo.com", 1223), HostPortPair("bar.com", 80),
10210 HostPortPair("google.com", 5), HostPortPair("chromium.org", 12345))));
10211 auto priority2 =
10212 std::vector<HostPortPair>(results->begin(), results->begin() + 2);
10213 EXPECT_THAT(priority2, testing::UnorderedElementsAre(
10214 HostPortPair("foo.com", 1223),
10215 HostPortPair("chromium.org", 12345)));
10216 auto priority5 =
10217 std::vector<HostPortPair>(results->begin() + 2, results->end());
10218 EXPECT_THAT(priority5,
10219 testing::UnorderedElementsAre(HostPortPair("bar.com", 80),
10220 HostPortPair("google.com", 5)));
10221 }
10222
TEST_F(HostResolverManagerDnsTest,SrvQueryRejectsIpLiteral)10223 TEST_F(HostResolverManagerDnsTest, SrvQueryRejectsIpLiteral) {
10224 MockDnsClientRuleList rules;
10225
10226 // Entry that would resolve if DNS is mistakenly queried to ensure that does
10227 // not happen.
10228 rules.emplace_back("8.8.8.8", dns_protocol::kTypeSRV, /*secure=*/false,
10229 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
10230 "8.8.8.8", {{/*priority=*/4, /*weight=*/0, /*port=*/90,
10231 /*target=*/"google.test"}})),
10232 /*delay=*/false);
10233
10234 CreateResolver();
10235 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10236
10237 HostResolver::ResolveHostParameters parameters;
10238 parameters.dns_query_type = DnsQueryType::SRV;
10239
10240 ResolveHostResponseHelper response(resolver_->CreateRequest(
10241 HostPortPair("8.8.8.8", 108), NetworkAnonymizationKey(),
10242 NetLogWithSource(), parameters, resolve_context_.get(),
10243 resolve_context_->host_cache()));
10244 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10245 EXPECT_THAT(response.request()->GetAddressResults(),
10246 AnyOf(nullptr, Pointee(IsEmpty())));
10247 EXPECT_THAT(response.request()->GetEndpointResults(),
10248 AnyOf(nullptr, Pointee(IsEmpty())));
10249 EXPECT_THAT(response.request()->GetTextResults(),
10250 AnyOf(nullptr, Pointee(IsEmpty())));
10251 EXPECT_THAT(response.request()->GetHostnameResults(),
10252 AnyOf(nullptr, Pointee(IsEmpty())));
10253 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10254 AnyOf(nullptr, Pointee(IsEmpty())));
10255 }
10256
10257 // 0-weight services are allowed. Ensure that we can handle such records,
10258 // especially the case where all entries have weight 0.
TEST_F(HostResolverManagerDnsTest,SrvQuery_ZeroWeight)10259 TEST_F(HostResolverManagerDnsTest, SrvQuery_ZeroWeight) {
10260 const TestServiceRecord kRecord1 = {5, 0, 80, "bar.com"};
10261 const TestServiceRecord kRecord2 = {5, 0, 5, "google.com"};
10262 MockDnsClientRuleList rules;
10263 rules.emplace_back("host", dns_protocol::kTypeSRV, false /* secure */,
10264 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
10265 "host", {kRecord1, kRecord2})),
10266 false /* delay */);
10267
10268 CreateResolver();
10269 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10270
10271 HostResolver::ResolveHostParameters parameters;
10272 parameters.dns_query_type = DnsQueryType::SRV;
10273
10274 ResolveHostResponseHelper response(resolver_->CreateRequest(
10275 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10276 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10277 EXPECT_THAT(response.result_error(), IsOk());
10278 EXPECT_THAT(response.request()->GetAddressResults(),
10279 AnyOf(nullptr, Pointee(IsEmpty())));
10280 EXPECT_THAT(response.request()->GetEndpointResults(),
10281 AnyOf(nullptr, Pointee(IsEmpty())));
10282 EXPECT_THAT(response.request()->GetTextResults(),
10283 AnyOf(nullptr, Pointee(IsEmpty())));
10284 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10285 AnyOf(nullptr, Pointee(IsEmpty())));
10286
10287 // Expect ordered by priority, and random within a priority.
10288 EXPECT_THAT(response.request()->GetHostnameResults(),
10289 testing::Pointee(testing::UnorderedElementsAre(
10290 HostPortPair("bar.com", 80), HostPortPair("google.com", 5))));
10291 }
10292
TEST_F(HostResolverManagerDnsTest,SrvQuery_NonexistentDomain)10293 TEST_F(HostResolverManagerDnsTest, SrvQuery_NonexistentDomain) {
10294 // Setup fallback to confirm it is not used for non-address results.
10295 set_allow_fallback_to_systemtask(true);
10296 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
10297 proc_->SignalMultiple(1u);
10298
10299 MockDnsClientRuleList rules;
10300 rules.emplace_back(
10301 "host", dns_protocol::kTypeSRV, false /* secure */,
10302 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kNoDomain),
10303 false /* delay */);
10304
10305 CreateResolver();
10306 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10307
10308 HostResolver::ResolveHostParameters parameters;
10309 parameters.dns_query_type = DnsQueryType::SRV;
10310
10311 ResolveHostResponseHelper response(resolver_->CreateRequest(
10312 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10313 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10314 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10315 EXPECT_THAT(response.request()->GetAddressResults(),
10316 AnyOf(nullptr, Pointee(IsEmpty())));
10317 EXPECT_THAT(response.request()->GetEndpointResults(),
10318 AnyOf(nullptr, Pointee(IsEmpty())));
10319 EXPECT_THAT(response.request()->GetTextResults(),
10320 AnyOf(nullptr, Pointee(IsEmpty())));
10321 EXPECT_THAT(response.request()->GetHostnameResults(),
10322 AnyOf(nullptr, Pointee(IsEmpty())));
10323 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10324 AnyOf(nullptr, Pointee(IsEmpty())));
10325 }
10326
TEST_F(HostResolverManagerDnsTest,SrvQuery_Failure)10327 TEST_F(HostResolverManagerDnsTest, SrvQuery_Failure) {
10328 // Setup fallback to confirm it is not used for non-address results.
10329 set_allow_fallback_to_systemtask(true);
10330 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
10331 proc_->SignalMultiple(1u);
10332
10333 MockDnsClientRuleList rules;
10334 rules.emplace_back(
10335 "host", dns_protocol::kTypeSRV, false /* secure */,
10336 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
10337 false /* delay */);
10338
10339 CreateResolver();
10340 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10341
10342 HostResolver::ResolveHostParameters parameters;
10343 parameters.dns_query_type = DnsQueryType::SRV;
10344
10345 ResolveHostResponseHelper response(resolver_->CreateRequest(
10346 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10347 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10348 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10349 EXPECT_THAT(response.request()->GetAddressResults(),
10350 AnyOf(nullptr, Pointee(IsEmpty())));
10351 EXPECT_THAT(response.request()->GetEndpointResults(),
10352 AnyOf(nullptr, Pointee(IsEmpty())));
10353 EXPECT_THAT(response.request()->GetTextResults(),
10354 AnyOf(nullptr, Pointee(IsEmpty())));
10355 EXPECT_THAT(response.request()->GetHostnameResults(),
10356 AnyOf(nullptr, Pointee(IsEmpty())));
10357 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10358 AnyOf(nullptr, Pointee(IsEmpty())));
10359 }
10360
TEST_F(HostResolverManagerDnsTest,SrvQuery_Timeout)10361 TEST_F(HostResolverManagerDnsTest, SrvQuery_Timeout) {
10362 // Setup fallback to confirm it is not used for non-address results.
10363 set_allow_fallback_to_systemtask(true);
10364 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
10365 proc_->SignalMultiple(1u);
10366
10367 MockDnsClientRuleList rules;
10368 rules.emplace_back(
10369 "host", dns_protocol::kTypeSRV, false /* secure */,
10370 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
10371 false /* delay */);
10372
10373 CreateResolver();
10374 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10375
10376 HostResolver::ResolveHostParameters parameters;
10377 parameters.dns_query_type = DnsQueryType::SRV;
10378
10379 ResolveHostResponseHelper response(resolver_->CreateRequest(
10380 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10381 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10382 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
10383 EXPECT_THAT(response.request()->GetAddressResults(),
10384 AnyOf(nullptr, Pointee(IsEmpty())));
10385 EXPECT_THAT(response.request()->GetEndpointResults(),
10386 AnyOf(nullptr, Pointee(IsEmpty())));
10387 EXPECT_THAT(response.request()->GetTextResults(),
10388 AnyOf(nullptr, Pointee(IsEmpty())));
10389 EXPECT_THAT(response.request()->GetHostnameResults(),
10390 AnyOf(nullptr, Pointee(IsEmpty())));
10391 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10392 AnyOf(nullptr, Pointee(IsEmpty())));
10393 }
10394
TEST_F(HostResolverManagerDnsTest,SrvQuery_Empty)10395 TEST_F(HostResolverManagerDnsTest, SrvQuery_Empty) {
10396 // Setup fallback to confirm it is not used for non-address results.
10397 set_allow_fallback_to_systemtask(true);
10398 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
10399 proc_->SignalMultiple(1u);
10400
10401 MockDnsClientRuleList rules;
10402 rules.emplace_back(
10403 "host", dns_protocol::kTypeSRV, false /* secure */,
10404 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
10405 false /* delay */);
10406
10407 CreateResolver();
10408 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10409
10410 HostResolver::ResolveHostParameters parameters;
10411 parameters.dns_query_type = DnsQueryType::SRV;
10412
10413 ResolveHostResponseHelper response(resolver_->CreateRequest(
10414 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10415 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10416 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10417 EXPECT_THAT(response.request()->GetAddressResults(),
10418 AnyOf(nullptr, Pointee(IsEmpty())));
10419 EXPECT_THAT(response.request()->GetEndpointResults(),
10420 AnyOf(nullptr, Pointee(IsEmpty())));
10421 EXPECT_THAT(response.request()->GetTextResults(),
10422 AnyOf(nullptr, Pointee(IsEmpty())));
10423 EXPECT_THAT(response.request()->GetHostnameResults(),
10424 AnyOf(nullptr, Pointee(IsEmpty())));
10425 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10426 AnyOf(nullptr, Pointee(IsEmpty())));
10427 }
10428
TEST_F(HostResolverManagerDnsTest,SrvQuery_Malformed)10429 TEST_F(HostResolverManagerDnsTest, SrvQuery_Malformed) {
10430 // Setup fallback to confirm it is not used for non-address results.
10431 set_allow_fallback_to_systemtask(true);
10432 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
10433 proc_->SignalMultiple(1u);
10434
10435 MockDnsClientRuleList rules;
10436 rules.emplace_back(
10437 "host", dns_protocol::kTypeSRV, false /* secure */,
10438 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
10439 false /* delay */);
10440
10441 CreateResolver();
10442 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10443
10444 HostResolver::ResolveHostParameters parameters;
10445 parameters.dns_query_type = DnsQueryType::SRV;
10446
10447 ResolveHostResponseHelper response(resolver_->CreateRequest(
10448 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10449 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10450 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
10451 EXPECT_THAT(response.request()->GetAddressResults(),
10452 AnyOf(nullptr, Pointee(IsEmpty())));
10453 EXPECT_THAT(response.request()->GetEndpointResults(),
10454 AnyOf(nullptr, Pointee(IsEmpty())));
10455 EXPECT_THAT(response.request()->GetTextResults(),
10456 AnyOf(nullptr, Pointee(IsEmpty())));
10457 EXPECT_THAT(response.request()->GetHostnameResults(),
10458 AnyOf(nullptr, Pointee(IsEmpty())));
10459 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10460 AnyOf(nullptr, Pointee(IsEmpty())));
10461 }
10462
TEST_F(HostResolverManagerDnsTest,SrvQuery_MismatchedName)10463 TEST_F(HostResolverManagerDnsTest, SrvQuery_MismatchedName) {
10464 std::vector<TestServiceRecord> srv_records = {{1, 2, 3, "foo.com"}};
10465 MockDnsClientRuleList rules;
10466 rules.emplace_back("host", dns_protocol::kTypeSRV, false /* secure */,
10467 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
10468 "host", std::move(srv_records), "not.host")),
10469 false /* delay */);
10470
10471 CreateResolver();
10472 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10473
10474 HostResolver::ResolveHostParameters parameters;
10475 parameters.dns_query_type = DnsQueryType::SRV;
10476
10477 ResolveHostResponseHelper response(resolver_->CreateRequest(
10478 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10479 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10480 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
10481 EXPECT_THAT(response.request()->GetAddressResults(),
10482 AnyOf(nullptr, Pointee(IsEmpty())));
10483 EXPECT_THAT(response.request()->GetEndpointResults(),
10484 AnyOf(nullptr, Pointee(IsEmpty())));
10485 EXPECT_THAT(response.request()->GetTextResults(),
10486 AnyOf(nullptr, Pointee(IsEmpty())));
10487 EXPECT_THAT(response.request()->GetHostnameResults(),
10488 AnyOf(nullptr, Pointee(IsEmpty())));
10489 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10490 AnyOf(nullptr, Pointee(IsEmpty())));
10491 }
10492
TEST_F(HostResolverManagerDnsTest,SrvQuery_WrongType)10493 TEST_F(HostResolverManagerDnsTest, SrvQuery_WrongType) {
10494 // Respond to a SRV query with an A response.
10495 MockDnsClientRuleList rules;
10496 rules.emplace_back(
10497 "host", dns_protocol::kTypeSRV, false /* secure */,
10498 MockDnsClientRule::Result(BuildTestDnsResponse(
10499 "host", dns_protocol::kTypeSRV,
10500 {BuildTestAddressRecord("host", IPAddress(1, 2, 3, 4))})),
10501 false /* delay */);
10502
10503 CreateResolver();
10504 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10505
10506 HostResolver::ResolveHostParameters parameters;
10507 parameters.dns_query_type = DnsQueryType::SRV;
10508
10509 // Responses for the wrong type should be ignored.
10510 ResolveHostResponseHelper response(resolver_->CreateRequest(
10511 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10512 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10513 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10514 EXPECT_THAT(response.request()->GetAddressResults(),
10515 AnyOf(nullptr, Pointee(IsEmpty())));
10516 EXPECT_THAT(response.request()->GetEndpointResults(),
10517 AnyOf(nullptr, Pointee(IsEmpty())));
10518 EXPECT_THAT(response.request()->GetTextResults(),
10519 AnyOf(nullptr, Pointee(IsEmpty())));
10520 EXPECT_THAT(response.request()->GetHostnameResults(),
10521 AnyOf(nullptr, Pointee(IsEmpty())));
10522 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10523 AnyOf(nullptr, Pointee(IsEmpty())));
10524 }
10525
TEST_F(HostResolverManagerDnsTest,SrvInsecureQueryDisallowedWhenAdditionalTypesDisallowed)10526 TEST_F(HostResolverManagerDnsTest,
10527 SrvInsecureQueryDisallowedWhenAdditionalTypesDisallowed) {
10528 const std::string kName = "srv.test";
10529
10530 ChangeDnsConfig(CreateValidDnsConfig());
10531 DnsConfigOverrides overrides;
10532 overrides.secure_dns_mode = SecureDnsMode::kOff;
10533 resolver_->SetDnsConfigOverrides(overrides);
10534 resolver_->SetInsecureDnsClientEnabled(
10535 /*enabled=*/true,
10536 /*additional_dns_types_enabled=*/false);
10537
10538 HostResolver::ResolveHostParameters parameters;
10539 parameters.dns_query_type = DnsQueryType::SRV;
10540
10541 ResolveHostResponseHelper response(resolver_->CreateRequest(
10542 HostPortPair(kName, 108), NetworkAnonymizationKey(), NetLogWithSource(),
10543 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10544 // No non-local work is done, so ERR_DNS_CACHE_MISS is the result.
10545 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
10546 EXPECT_THAT(response.request()->GetAddressResults(),
10547 AnyOf(nullptr, Pointee(IsEmpty())));
10548 EXPECT_THAT(response.request()->GetEndpointResults(),
10549 AnyOf(nullptr, Pointee(IsEmpty())));
10550 EXPECT_THAT(response.request()->GetHostnameResults(),
10551 AnyOf(nullptr, Pointee(IsEmpty())));
10552 EXPECT_THAT(response.request()->GetTextResults(),
10553 AnyOf(nullptr, Pointee(IsEmpty())));
10554 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10555 AnyOf(nullptr, Pointee(IsEmpty())));
10556 }
10557
10558 // Same as SrvQuery except we specify DNS HostResolverSource instead of relying
10559 // on automatic determination. Expect same results since DNS should be what we
10560 // automatically determine, but some slightly different logic paths are
10561 // involved.
TEST_F(HostResolverManagerDnsTest,SrvDnsQuery)10562 TEST_F(HostResolverManagerDnsTest, SrvDnsQuery) {
10563 const TestServiceRecord kRecord1 = {2, 3, 1223, "foo.com"};
10564 const TestServiceRecord kRecord2 = {5, 10, 80, "bar.com"};
10565 const TestServiceRecord kRecord3 = {5, 1, 5, "google.com"};
10566 const TestServiceRecord kRecord4 = {2, 100, 12345, "chromium.org"};
10567 MockDnsClientRuleList rules;
10568 rules.emplace_back("host", dns_protocol::kTypeSRV, false /* secure */,
10569 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
10570 "host", {kRecord1, kRecord2, kRecord3, kRecord4})),
10571 false /* delay */);
10572
10573 CreateResolver();
10574 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10575
10576 HostResolver::ResolveHostParameters parameters;
10577 parameters.source = HostResolverSource::DNS;
10578 parameters.dns_query_type = DnsQueryType::SRV;
10579
10580 ResolveHostResponseHelper response(resolver_->CreateRequest(
10581 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10582 parameters, resolve_context_.get(), resolve_context_->host_cache()));
10583 EXPECT_THAT(response.result_error(), IsOk());
10584 EXPECT_THAT(response.request()->GetAddressResults(),
10585 AnyOf(nullptr, Pointee(IsEmpty())));
10586 EXPECT_THAT(response.request()->GetEndpointResults(),
10587 AnyOf(nullptr, Pointee(IsEmpty())));
10588 EXPECT_THAT(response.request()->GetTextResults(),
10589 AnyOf(nullptr, Pointee(IsEmpty())));
10590 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10591 AnyOf(nullptr, Pointee(IsEmpty())));
10592
10593 // Expect ordered by priority, and random within a priority.
10594 const std::vector<HostPortPair>* results =
10595 response.request()->GetHostnameResults();
10596 ASSERT_THAT(
10597 results,
10598 testing::Pointee(testing::UnorderedElementsAre(
10599 HostPortPair("foo.com", 1223), HostPortPair("bar.com", 80),
10600 HostPortPair("google.com", 5), HostPortPair("chromium.org", 12345))));
10601 auto priority2 =
10602 std::vector<HostPortPair>(results->begin(), results->begin() + 2);
10603 EXPECT_THAT(priority2, testing::UnorderedElementsAre(
10604 HostPortPair("foo.com", 1223),
10605 HostPortPair("chromium.org", 12345)));
10606 auto priority5 =
10607 std::vector<HostPortPair>(results->begin() + 2, results->end());
10608 EXPECT_THAT(priority5,
10609 testing::UnorderedElementsAre(HostPortPair("bar.com", 80),
10610 HostPortPair("google.com", 5)));
10611 }
10612
TEST_F(HostResolverManagerDnsTest,HttpsQuery)10613 TEST_F(HostResolverManagerDnsTest, HttpsQuery) {
10614 const std::string kName = "https.test";
10615
10616 MockDnsClientRuleList rules;
10617 std::vector<DnsResourceRecord> records = {
10618 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10619 /*params=*/{})};
10620 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
10621 MockDnsClientRule::Result(BuildTestDnsResponse(
10622 kName, dns_protocol::kTypeHttps, records)),
10623 /*delay=*/false);
10624
10625 CreateResolver();
10626 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10627
10628 HostResolver::ResolveHostParameters parameters;
10629 parameters.dns_query_type = DnsQueryType::HTTPS;
10630
10631 ResolveHostResponseHelper response(resolver_->CreateRequest(
10632 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10633 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10634 resolve_context_.get(), resolve_context_->host_cache()));
10635 EXPECT_THAT(response.result_error(), IsOk());
10636 EXPECT_THAT(response.request()->GetAddressResults(),
10637 AnyOf(nullptr, Pointee(IsEmpty())));
10638 EXPECT_THAT(response.request()->GetEndpointResults(),
10639 AnyOf(nullptr, Pointee(IsEmpty())));
10640 EXPECT_THAT(response.request()->GetHostnameResults(),
10641 AnyOf(nullptr, Pointee(IsEmpty())));
10642 EXPECT_THAT(response.request()->GetTextResults(),
10643 AnyOf(nullptr, Pointee(IsEmpty())));
10644 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10645 testing::Pointee(testing::ElementsAre(true)));
10646 }
10647
TEST_F(HostResolverManagerDnsTest,HttpsQueryForNonStandardPort)10648 TEST_F(HostResolverManagerDnsTest, HttpsQueryForNonStandardPort) {
10649 const std::string kName = "https.test";
10650 const std::string kExpectedQueryName = "_1111._https." + kName;
10651
10652 MockDnsClientRuleList rules;
10653 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10654 kExpectedQueryName, /*priority=*/1, /*service_name=*/kName,
10655 /*params=*/{})};
10656 rules.emplace_back(
10657 kExpectedQueryName, dns_protocol::kTypeHttps,
10658 /*secure=*/false,
10659 MockDnsClientRule::Result(BuildTestDnsResponse(
10660 kExpectedQueryName, dns_protocol::kTypeHttps, records)),
10661 /*delay=*/false);
10662
10663 CreateResolver();
10664 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10665
10666 HostResolver::ResolveHostParameters parameters;
10667 parameters.dns_query_type = DnsQueryType::HTTPS;
10668
10669 ResolveHostResponseHelper response(resolver_->CreateRequest(
10670 url::SchemeHostPort(url::kHttpsScheme, kName, 1111),
10671 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10672 resolve_context_.get(), resolve_context_->host_cache()));
10673 EXPECT_THAT(response.result_error(), IsOk());
10674 EXPECT_THAT(response.request()->GetAddressResults(),
10675 AnyOf(nullptr, Pointee(IsEmpty())));
10676 EXPECT_THAT(response.request()->GetEndpointResults(),
10677 AnyOf(nullptr, Pointee(IsEmpty())));
10678 EXPECT_THAT(response.request()->GetHostnameResults(),
10679 AnyOf(nullptr, Pointee(IsEmpty())));
10680 EXPECT_THAT(response.request()->GetTextResults(),
10681 AnyOf(nullptr, Pointee(IsEmpty())));
10682 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10683 testing::Pointee(testing::ElementsAre(true)));
10684 }
10685
TEST_F(HostResolverManagerDnsTest,HttpsQueryForHttpUpgrade)10686 TEST_F(HostResolverManagerDnsTest, HttpsQueryForHttpUpgrade) {
10687 const std::string kName = "https.test";
10688
10689 MockDnsClientRuleList rules;
10690 std::vector<DnsResourceRecord> records = {
10691 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10692 /*params=*/{})};
10693 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
10694 MockDnsClientRule::Result(BuildTestDnsResponse(
10695 kName, dns_protocol::kTypeHttps, records)),
10696 /*delay=*/false);
10697
10698 CreateResolver();
10699 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10700
10701 HostResolver::ResolveHostParameters parameters;
10702 parameters.dns_query_type = DnsQueryType::HTTPS;
10703
10704 ResolveHostResponseHelper response(resolver_->CreateRequest(
10705 url::SchemeHostPort(url::kHttpScheme, kName, 80),
10706 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10707 resolve_context_.get(), resolve_context_->host_cache()));
10708 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
10709 EXPECT_THAT(response.request()->GetAddressResults(),
10710 AnyOf(nullptr, Pointee(IsEmpty())));
10711 EXPECT_THAT(response.request()->GetEndpointResults(),
10712 AnyOf(nullptr, Pointee(IsEmpty())));
10713 EXPECT_THAT(response.request()->GetHostnameResults(),
10714 AnyOf(nullptr, Pointee(IsEmpty())));
10715 EXPECT_THAT(response.request()->GetTextResults(),
10716 AnyOf(nullptr, Pointee(IsEmpty())));
10717 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10718 AnyOf(nullptr, Pointee(IsEmpty())));
10719 }
10720
10721 // Test that HTTPS requests for an http host with port 443 will result in a
10722 // transaction hostname without prepending port and scheme, despite not having
10723 // the default port for an http host. The request host ("http://https.test:443")
10724 // will be mapped to the equivalent https upgrade host
10725 // ("https://https.test:443") at port 443, which is the default port for an
10726 // https host, so port and scheme are not prefixed.
TEST_F(HostResolverManagerDnsTest,HttpsQueryForHttpUpgradeFromHttpsPort)10727 TEST_F(HostResolverManagerDnsTest, HttpsQueryForHttpUpgradeFromHttpsPort) {
10728 const std::string kName = "https.test";
10729
10730 MockDnsClientRuleList rules;
10731 std::vector<DnsResourceRecord> records = {
10732 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10733 /*params=*/{})};
10734 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
10735 MockDnsClientRule::Result(BuildTestDnsResponse(
10736 kName, dns_protocol::kTypeHttps, records)),
10737 /*delay=*/false);
10738
10739 CreateResolver();
10740 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10741
10742 HostResolver::ResolveHostParameters parameters;
10743 parameters.dns_query_type = DnsQueryType::HTTPS;
10744
10745 ResolveHostResponseHelper response(resolver_->CreateRequest(
10746 url::SchemeHostPort(url::kHttpScheme, kName, 443),
10747 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10748 resolve_context_.get(), resolve_context_->host_cache()));
10749 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
10750 EXPECT_THAT(response.request()->GetAddressResults(),
10751 AnyOf(nullptr, Pointee(IsEmpty())));
10752 EXPECT_THAT(response.request()->GetEndpointResults(),
10753 AnyOf(nullptr, Pointee(IsEmpty())));
10754 EXPECT_THAT(response.request()->GetHostnameResults(),
10755 AnyOf(nullptr, Pointee(IsEmpty())));
10756 EXPECT_THAT(response.request()->GetTextResults(),
10757 AnyOf(nullptr, Pointee(IsEmpty())));
10758 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10759 AnyOf(nullptr, Pointee(IsEmpty())));
10760 }
10761
TEST_F(HostResolverManagerDnsTest,HttpsQueryForHttpUpgradeWithNonStandardPort)10762 TEST_F(HostResolverManagerDnsTest,
10763 HttpsQueryForHttpUpgradeWithNonStandardPort) {
10764 const std::string kName = "https.test";
10765 const std::string kExpectedQueryName = "_1111._https." + kName;
10766
10767 MockDnsClientRuleList rules;
10768 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10769 kExpectedQueryName, /*priority=*/1, /*service_name=*/kName,
10770 /*params=*/{})};
10771 rules.emplace_back(
10772 kExpectedQueryName, dns_protocol::kTypeHttps,
10773 /*secure=*/false,
10774 MockDnsClientRule::Result(BuildTestDnsResponse(
10775 kExpectedQueryName, dns_protocol::kTypeHttps, records)),
10776 /*delay=*/false);
10777
10778 CreateResolver();
10779 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10780
10781 HostResolver::ResolveHostParameters parameters;
10782 parameters.dns_query_type = DnsQueryType::HTTPS;
10783
10784 ResolveHostResponseHelper response(resolver_->CreateRequest(
10785 url::SchemeHostPort(url::kHttpScheme, kName, 1111),
10786 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10787 resolve_context_.get(), resolve_context_->host_cache()));
10788 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
10789 EXPECT_THAT(response.request()->GetAddressResults(),
10790 AnyOf(nullptr, Pointee(IsEmpty())));
10791 EXPECT_THAT(response.request()->GetEndpointResults(),
10792 AnyOf(nullptr, Pointee(IsEmpty())));
10793 EXPECT_THAT(response.request()->GetHostnameResults(),
10794 AnyOf(nullptr, Pointee(IsEmpty())));
10795 EXPECT_THAT(response.request()->GetTextResults(),
10796 AnyOf(nullptr, Pointee(IsEmpty())));
10797 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10798 AnyOf(nullptr, Pointee(IsEmpty())));
10799 }
10800
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQuery)10801 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQuery) {
10802 const char kName[] = "name.test";
10803
10804 base::test::ScopedFeatureList features(features::kUseDnsHttpsSvcb);
10805
10806 MockDnsClientRuleList rules;
10807 std::vector<DnsResourceRecord> records = {
10808 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10809 /*params=*/{})};
10810 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
10811 MockDnsClientRule::Result(BuildTestDnsResponse(
10812 kName, dns_protocol::kTypeHttps, records)),
10813 /*delay=*/false);
10814 rules.emplace_back(
10815 kName, dns_protocol::kTypeA, /*secure=*/true,
10816 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10817 /*delay=*/false);
10818 rules.emplace_back(
10819 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10820 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10821 /*delay=*/false);
10822
10823 CreateResolver();
10824 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10825 DnsConfigOverrides overrides;
10826 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10827 resolver_->SetDnsConfigOverrides(overrides);
10828
10829 ResolveHostResponseHelper response(resolver_->CreateRequest(
10830 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10831 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
10832 resolve_context_.get(), resolve_context_->host_cache()));
10833 EXPECT_THAT(response.result_error(), IsOk());
10834 EXPECT_TRUE(response.request()->GetAddressResults());
10835 EXPECT_THAT(
10836 response.request()->GetEndpointResults(),
10837 testing::Pointee(testing::ElementsAre(
10838 ExpectEndpointResult(
10839 testing::SizeIs(2),
10840 ExpectConnectionEndpointMetadata(
10841 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
10842 testing::IsEmpty(), kName)),
10843 ExpectEndpointResult(testing::SizeIs(2)))));
10844 EXPECT_THAT(response.request()->GetTextResults(),
10845 AnyOf(nullptr, Pointee(IsEmpty())));
10846 EXPECT_THAT(response.request()->GetHostnameResults(),
10847 AnyOf(nullptr, Pointee(IsEmpty())));
10848 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10849 testing::Pointee(testing::ElementsAre(true)));
10850 }
10851
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithNonstandardPort)10852 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithNonstandardPort) {
10853 const char kName[] = "name.test";
10854 const char kExpectedHttpsQueryName[] = "_108._https.name.test";
10855
10856 base::test::ScopedFeatureList features;
10857 features.InitAndEnableFeatureWithParameters(
10858 features::kUseDnsHttpsSvcb,
10859 {// Disable timeouts.
10860 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10861 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10862 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10863 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10864 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10865 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10866
10867 MockDnsClientRuleList rules;
10868 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10869 kExpectedHttpsQueryName, /*priority=*/1, /*service_name=*/kName,
10870 /*params=*/{})};
10871 rules.emplace_back(
10872 kExpectedHttpsQueryName, dns_protocol::kTypeHttps,
10873 /*secure=*/true,
10874 MockDnsClientRule::Result(BuildTestDnsResponse(
10875 kExpectedHttpsQueryName, dns_protocol::kTypeHttps, records)),
10876 /*delay=*/false);
10877 rules.emplace_back(
10878 kName, dns_protocol::kTypeA, /*secure=*/true,
10879 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10880 /*delay=*/false);
10881 rules.emplace_back(
10882 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10883 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10884 /*delay=*/false);
10885
10886 CreateResolver();
10887 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10888 DnsConfigOverrides overrides;
10889 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10890 resolver_->SetDnsConfigOverrides(overrides);
10891
10892 ResolveHostResponseHelper response(resolver_->CreateRequest(
10893 url::SchemeHostPort(url::kHttpsScheme, kName, 108),
10894 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
10895 resolve_context_.get(), resolve_context_->host_cache()));
10896 EXPECT_THAT(response.result_error(), IsOk());
10897 EXPECT_TRUE(response.request()->GetAddressResults());
10898 EXPECT_THAT(
10899 response.request()->GetEndpointResults(),
10900 testing::Pointee(testing::ElementsAre(
10901 ExpectEndpointResult(
10902 testing::SizeIs(2),
10903 ExpectConnectionEndpointMetadata(
10904 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
10905 testing::IsEmpty(), kName)),
10906 ExpectEndpointResult(testing::SizeIs(2)))));
10907 EXPECT_THAT(response.request()->GetTextResults(),
10908 AnyOf(nullptr, Pointee(IsEmpty())));
10909 EXPECT_THAT(response.request()->GetHostnameResults(),
10910 AnyOf(nullptr, Pointee(IsEmpty())));
10911 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10912 testing::Pointee(testing::ElementsAre(true)));
10913 }
10914
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithNonstandardPortAndDefaultServiceName)10915 TEST_F(HostResolverManagerDnsTest,
10916 HttpsInAddressQueryWithNonstandardPortAndDefaultServiceName) {
10917 const char kName[] = "name.test";
10918 const char kExpectedHttpsQueryName[] = "_108._https.name.test";
10919
10920 base::test::ScopedFeatureList features;
10921 features.InitAndEnableFeatureWithParameters(
10922 features::kUseDnsHttpsSvcb,
10923 {// Disable timeouts.
10924 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10925 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10926 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10927 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10928 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10929 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10930
10931 MockDnsClientRuleList rules;
10932 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10933 kExpectedHttpsQueryName, /*priority=*/1, /*service_name=*/".",
10934 /*params=*/{})};
10935 rules.emplace_back(
10936 kExpectedHttpsQueryName, dns_protocol::kTypeHttps,
10937 /*secure=*/true,
10938 MockDnsClientRule::Result(BuildTestDnsResponse(
10939 kExpectedHttpsQueryName, dns_protocol::kTypeHttps, records)),
10940 /*delay=*/false);
10941 rules.emplace_back(
10942 kName, dns_protocol::kTypeA, /*secure=*/true,
10943 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10944 /*delay=*/false);
10945 rules.emplace_back(
10946 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10947 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10948 /*delay=*/false);
10949
10950 CreateResolver();
10951 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10952 DnsConfigOverrides overrides;
10953 overrides.secure_dns_mode = SecureDnsMode::kSecure;
10954 resolver_->SetDnsConfigOverrides(overrides);
10955
10956 ResolveHostResponseHelper response(resolver_->CreateRequest(
10957 url::SchemeHostPort(url::kHttpsScheme, kName, 108),
10958 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
10959 resolve_context_.get(), resolve_context_->host_cache()));
10960 EXPECT_THAT(response.result_error(), IsOk());
10961 EXPECT_TRUE(response.request()->GetAddressResults());
10962 // Expect only A/AAAA results without metadata because the HTTPS service
10963 // target name matches the port-prefixed name which does not match the A/AAAA
10964 // name and is thus not supported due to requiring followup queries.
10965 EXPECT_THAT(response.request()->GetEndpointResults(),
10966 testing::Pointee(testing::ElementsAre(
10967 ExpectEndpointResult(testing::SizeIs(2)))));
10968 EXPECT_THAT(response.request()->GetTextResults(),
10969 AnyOf(nullptr, Pointee(IsEmpty())));
10970 EXPECT_THAT(response.request()->GetHostnameResults(),
10971 AnyOf(nullptr, Pointee(IsEmpty())));
10972 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10973 testing::Pointee(testing::ElementsAre(true)));
10974 }
10975
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithAlpnAndEch)10976 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithAlpnAndEch) {
10977 const char kName[] = "name.test";
10978 const uint8_t kEch[] = "ECH is neato!";
10979
10980 base::test::ScopedFeatureList features;
10981 features.InitAndEnableFeatureWithParameters(
10982 features::kUseDnsHttpsSvcb,
10983 {// Disable timeouts.
10984 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10985 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10986 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10987 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10988 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10989 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10990
10991 MockDnsClientRuleList rules;
10992 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10993 kName, /*priority=*/8, /*service_name=*/".",
10994 /*params=*/
10995 {BuildTestHttpsServiceAlpnParam({"foo1", "foo2"}),
10996 BuildTestHttpsServiceEchConfigParam(kEch)})};
10997 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
10998 MockDnsClientRule::Result(BuildTestDnsResponse(
10999 kName, dns_protocol::kTypeHttps, records)),
11000 /*delay=*/false);
11001 rules.emplace_back(
11002 kName, dns_protocol::kTypeA, /*secure=*/true,
11003 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11004 /*delay=*/false);
11005 rules.emplace_back(
11006 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11007 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11008 /*delay=*/false);
11009
11010 CreateResolver();
11011 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11012 DnsConfigOverrides overrides;
11013 overrides.secure_dns_mode = SecureDnsMode::kSecure;
11014 resolver_->SetDnsConfigOverrides(overrides);
11015
11016 ResolveHostResponseHelper response(resolver_->CreateRequest(
11017 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11018 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11019 resolve_context_.get(), resolve_context_->host_cache()));
11020 EXPECT_THAT(response.result_error(), IsOk());
11021 EXPECT_TRUE(response.request()->GetAddressResults());
11022 EXPECT_THAT(
11023 response.request()->GetEndpointResults(),
11024 testing::Pointee(testing::ElementsAre(
11025 ExpectEndpointResult(
11026 testing::SizeIs(2),
11027 ExpectConnectionEndpointMetadata(
11028 testing::UnorderedElementsAre(
11029 "foo1", "foo2", dns_protocol::kHttpsServiceDefaultAlpn),
11030 testing::ElementsAreArray(kEch), kName)),
11031 ExpectEndpointResult(testing::SizeIs(2)))));
11032 EXPECT_THAT(response.request()->GetTextResults(),
11033 AnyOf(nullptr, Pointee(IsEmpty())));
11034 EXPECT_THAT(response.request()->GetHostnameResults(),
11035 AnyOf(nullptr, Pointee(IsEmpty())));
11036 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11037 testing::Pointee(testing::ElementsAre(true)));
11038 }
11039
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithNonMatchingPort)11040 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithNonMatchingPort) {
11041 const char kName[] = "name.test";
11042
11043 base::test::ScopedFeatureList features;
11044 features.InitAndEnableFeatureWithParameters(
11045 features::kUseDnsHttpsSvcb,
11046 {// Disable timeouts.
11047 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11048 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11049 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11050 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11051 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11052 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11053
11054 MockDnsClientRuleList rules;
11055 std::vector<DnsResourceRecord> records = {
11056 BuildTestHttpsServiceRecord(kName, /*priority=*/8, /*service_name=*/".",
11057 /*params=*/
11058 {BuildTestHttpsServicePortParam(3000)})};
11059 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11060 MockDnsClientRule::Result(BuildTestDnsResponse(
11061 kName, dns_protocol::kTypeHttps, records)),
11062 /*delay=*/false);
11063 rules.emplace_back(
11064 kName, dns_protocol::kTypeA, /*secure=*/true,
11065 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11066 /*delay=*/false);
11067 rules.emplace_back(
11068 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11069 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11070 /*delay=*/false);
11071
11072 CreateResolver();
11073 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11074 DnsConfigOverrides overrides;
11075 overrides.secure_dns_mode = SecureDnsMode::kSecure;
11076 resolver_->SetDnsConfigOverrides(overrides);
11077
11078 ResolveHostResponseHelper response(resolver_->CreateRequest(
11079 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11080 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11081 resolve_context_.get(), resolve_context_->host_cache()));
11082 EXPECT_THAT(response.result_error(), IsOk());
11083 EXPECT_TRUE(response.request()->GetAddressResults());
11084 EXPECT_THAT(response.request()->GetEndpointResults(),
11085 testing::Pointee(testing::ElementsAre(
11086 ExpectEndpointResult(testing::SizeIs(2)))));
11087 EXPECT_THAT(response.request()->GetTextResults(),
11088 AnyOf(nullptr, Pointee(IsEmpty())));
11089 EXPECT_THAT(response.request()->GetHostnameResults(),
11090 AnyOf(nullptr, Pointee(IsEmpty())));
11091 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11092 testing::Pointee(testing::ElementsAre(true)));
11093 }
11094
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithMatchingPort)11095 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithMatchingPort) {
11096 const char kName[] = "name.test";
11097
11098 base::test::ScopedFeatureList features;
11099 features.InitAndEnableFeatureWithParameters(
11100 features::kUseDnsHttpsSvcb,
11101 {// Disable timeouts.
11102 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11103 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11104 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11105 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11106 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11107 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11108
11109 MockDnsClientRuleList rules;
11110 std::vector<DnsResourceRecord> records = {
11111 BuildTestHttpsServiceRecord(kName, /*priority=*/8, /*service_name=*/".",
11112 /*params=*/
11113 {BuildTestHttpsServicePortParam(443)})};
11114 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11115 MockDnsClientRule::Result(BuildTestDnsResponse(
11116 kName, dns_protocol::kTypeHttps, records)),
11117 /*delay=*/false);
11118 rules.emplace_back(
11119 kName, dns_protocol::kTypeA, /*secure=*/true,
11120 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11121 /*delay=*/false);
11122 rules.emplace_back(
11123 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11124 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11125 /*delay=*/false);
11126
11127 CreateResolver();
11128 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11129 DnsConfigOverrides overrides;
11130 overrides.secure_dns_mode = SecureDnsMode::kSecure;
11131 resolver_->SetDnsConfigOverrides(overrides);
11132
11133 ResolveHostResponseHelper response(resolver_->CreateRequest(
11134 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11135 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11136 resolve_context_.get(), resolve_context_->host_cache()));
11137 EXPECT_THAT(response.result_error(), IsOk());
11138 EXPECT_TRUE(response.request()->GetAddressResults());
11139 EXPECT_THAT(
11140 response.request()->GetEndpointResults(),
11141 testing::Pointee(testing::ElementsAre(
11142 ExpectEndpointResult(
11143 testing::SizeIs(2),
11144 ExpectConnectionEndpointMetadata(
11145 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
11146 testing::IsEmpty(), kName)),
11147 ExpectEndpointResult(testing::SizeIs(2)))));
11148 EXPECT_THAT(response.request()->GetTextResults(),
11149 AnyOf(nullptr, Pointee(IsEmpty())));
11150 EXPECT_THAT(response.request()->GetHostnameResults(),
11151 AnyOf(nullptr, Pointee(IsEmpty())));
11152 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11153 testing::Pointee(testing::ElementsAre(true)));
11154 }
11155
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithoutAddresses)11156 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithoutAddresses) {
11157 const char kName[] = "name.test";
11158
11159 base::test::ScopedFeatureList features;
11160 features.InitAndEnableFeatureWithParameters(
11161 features::kUseDnsHttpsSvcb,
11162 {// Disable timeouts.
11163 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11164 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11165 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11166 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11167 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11168 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11169
11170 MockDnsClientRuleList rules;
11171 std::vector<DnsResourceRecord> records = {
11172 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
11173 /*params=*/{})};
11174 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11175 MockDnsClientRule::Result(BuildTestDnsResponse(
11176 kName, dns_protocol::kTypeHttps, records)),
11177 /*delay=*/false);
11178 rules.emplace_back(
11179 kName, dns_protocol::kTypeA, /*secure=*/true,
11180 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11181 /*delay=*/false);
11182 rules.emplace_back(
11183 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11184 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11185 /*delay=*/false);
11186
11187 // Will fall back to insecure due to lack of addresses.
11188 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
11189 MockDnsClientRule::Result(BuildTestDnsResponse(
11190 kName, dns_protocol::kTypeHttps, records)),
11191 /*delay=*/false);
11192 rules.emplace_back(
11193 kName, dns_protocol::kTypeA, /*secure=*/false,
11194 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11195 /*delay=*/false);
11196 rules.emplace_back(
11197 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
11198 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11199 /*delay=*/false);
11200
11201 // Will fall back to system resolver due to lack of addresses.
11202 proc_->AddRuleForAllFamilies("just.testing", "");
11203 proc_->SignalMultiple(1u);
11204
11205 CreateResolver();
11206 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11207 DnsConfigOverrides overrides;
11208 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11209 resolver_->SetDnsConfigOverrides(overrides);
11210
11211 ResolveHostResponseHelper response(resolver_->CreateRequest(
11212 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11213 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11214 resolve_context_.get(), resolve_context_->host_cache()));
11215 // No address results overrides overall result.
11216 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
11217 EXPECT_THAT(response.request()->GetAddressResults(),
11218 AnyOf(nullptr, Pointee(IsEmpty())));
11219 EXPECT_THAT(response.request()->GetEndpointResults(),
11220 AnyOf(nullptr, Pointee(IsEmpty())));
11221 EXPECT_THAT(response.request()->GetTextResults(),
11222 AnyOf(nullptr, Pointee(IsEmpty())));
11223 EXPECT_THAT(response.request()->GetHostnameResults(),
11224 AnyOf(nullptr, Pointee(IsEmpty())));
11225 // No results maintained when overall error is ERR_NAME_NOT_RESOLVED (and also
11226 // because of the fallback to system resolver).
11227 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11228 AnyOf(nullptr, Pointee(IsEmpty())));
11229 }
11230
TEST_F(HostResolverManagerDnsTest,HttpsQueriedInAddressQueryButNoResults)11231 TEST_F(HostResolverManagerDnsTest, HttpsQueriedInAddressQueryButNoResults) {
11232 const char kName[] = "name.test";
11233
11234 base::test::ScopedFeatureList features;
11235 features.InitAndEnableFeatureWithParameters(
11236 features::kUseDnsHttpsSvcb,
11237 {// Disable timeouts.
11238 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11239 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11240 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11241 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11242 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11243 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11244
11245 MockDnsClientRuleList rules;
11246 rules.emplace_back(
11247 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11248 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11249 /*delay=*/false);
11250 rules.emplace_back(
11251 kName, dns_protocol::kTypeA, /*secure=*/true,
11252 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11253 /*delay=*/false);
11254 rules.emplace_back(
11255 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11256 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11257 /*delay=*/false);
11258
11259 CreateResolver();
11260 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11261 DnsConfigOverrides overrides;
11262 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11263 resolver_->SetDnsConfigOverrides(overrides);
11264
11265 ResolveHostResponseHelper response(resolver_->CreateRequest(
11266 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11267 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11268 resolve_context_.get(), resolve_context_->host_cache()));
11269 EXPECT_THAT(response.result_error(), IsOk());
11270 EXPECT_TRUE(response.request()->GetAddressResults());
11271 EXPECT_THAT(response.request()->GetEndpointResults(),
11272 testing::Pointee(testing::ElementsAre(
11273 ExpectEndpointResult(testing::SizeIs(2)))));
11274 EXPECT_THAT(response.request()->GetTextResults(),
11275 AnyOf(nullptr, Pointee(IsEmpty())));
11276 EXPECT_THAT(response.request()->GetHostnameResults(),
11277 AnyOf(nullptr, Pointee(IsEmpty())));
11278 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11279 testing::Pointee(testing::IsEmpty()));
11280 }
11281
11282 // For a response where DnsTransaction can at least do its basic parsing and
11283 // return a DnsResponse object to HostResolverManager. See
11284 // `UnparsableHttpsInAddressRequestIsFatal` for a response so unparsable that
11285 // DnsTransaction couldn't do that.
TEST_F(HostResolverManagerDnsTest,MalformedHttpsInResponseInAddressRequestIsIgnored)11286 TEST_F(HostResolverManagerDnsTest,
11287 MalformedHttpsInResponseInAddressRequestIsIgnored) {
11288 const char kName[] = "name.test";
11289
11290 base::test::ScopedFeatureList features;
11291 features.InitAndEnableFeatureWithParameters(
11292 features::kUseDnsHttpsSvcb,
11293 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11294 // Disable timeouts.
11295 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11296 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11297 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11298 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11299 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11300 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11301
11302 MockDnsClientRuleList rules;
11303 rules.emplace_back(
11304 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11305 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
11306 /*delay=*/false);
11307 rules.emplace_back(
11308 kName, dns_protocol::kTypeA, /*secure=*/true,
11309 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11310 /*delay=*/false);
11311 rules.emplace_back(
11312 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11313 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11314 /*delay=*/false);
11315
11316 CreateResolver();
11317 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11318 DnsConfigOverrides overrides;
11319 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11320 resolver_->SetDnsConfigOverrides(overrides);
11321
11322 ResolveHostResponseHelper response(resolver_->CreateRequest(
11323 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11324 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11325 resolve_context_.get(), resolve_context_->host_cache()));
11326 EXPECT_THAT(response.result_error(), IsOk());
11327 EXPECT_TRUE(response.request()->GetAddressResults());
11328 EXPECT_THAT(response.request()->GetEndpointResults(),
11329 testing::Pointee(testing::ElementsAre(
11330 ExpectEndpointResult(testing::SizeIs(2)))));
11331 EXPECT_THAT(response.request()->GetTextResults(),
11332 AnyOf(nullptr, Pointee(IsEmpty())));
11333 EXPECT_THAT(response.request()->GetHostnameResults(),
11334 AnyOf(nullptr, Pointee(IsEmpty())));
11335 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11336 testing::Pointee(testing::IsEmpty()));
11337 }
11338
TEST_F(HostResolverManagerDnsTest,MalformedHttpsRdataInAddressRequestIsIgnored)11339 TEST_F(HostResolverManagerDnsTest,
11340 MalformedHttpsRdataInAddressRequestIsIgnored) {
11341 const char kName[] = "name.test";
11342
11343 base::test::ScopedFeatureList features;
11344 features.InitAndEnableFeatureWithParameters(
11345 features::kUseDnsHttpsSvcb,
11346 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11347 // Disable timeouts.
11348 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11349 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11350 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11351 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11352 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11353 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11354
11355 MockDnsClientRuleList rules;
11356 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11357 MockDnsClientRule::Result(BuildTestDnsResponse(
11358 kName, dns_protocol::kTypeHttps, /*answers=*/
11359 {BuildTestDnsRecord(kName, dns_protocol::kTypeHttps,
11360 /*rdata=*/"malformed rdata")})),
11361 /*delay=*/false);
11362 rules.emplace_back(
11363 kName, dns_protocol::kTypeA, /*secure=*/true,
11364 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11365 /*delay=*/false);
11366 rules.emplace_back(
11367 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11368 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11369 /*delay=*/false);
11370
11371 CreateResolver();
11372 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11373 DnsConfigOverrides overrides;
11374 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11375 resolver_->SetDnsConfigOverrides(overrides);
11376
11377 ResolveHostResponseHelper response(resolver_->CreateRequest(
11378 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11379 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11380 resolve_context_.get(), resolve_context_->host_cache()));
11381 EXPECT_THAT(response.result_error(), IsOk());
11382 EXPECT_TRUE(response.request()->GetAddressResults());
11383 EXPECT_THAT(response.request()->GetEndpointResults(),
11384 testing::Pointee(testing::ElementsAre(
11385 ExpectEndpointResult(testing::SizeIs(2)))));
11386 EXPECT_THAT(response.request()->GetTextResults(),
11387 AnyOf(nullptr, Pointee(IsEmpty())));
11388 EXPECT_THAT(response.request()->GetHostnameResults(),
11389 AnyOf(nullptr, Pointee(IsEmpty())));
11390 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11391 testing::Pointee(testing::IsEmpty()));
11392 }
11393
TEST_F(HostResolverManagerDnsTest,FailedHttpsInAddressRequestIsFatalWhenFeatureEnabled)11394 TEST_F(HostResolverManagerDnsTest,
11395 FailedHttpsInAddressRequestIsFatalWhenFeatureEnabled) {
11396 const char kName[] = "name.test";
11397
11398 base::test::ScopedFeatureList features;
11399 features.InitAndEnableFeatureWithParameters(
11400 features::kUseDnsHttpsSvcb,
11401 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11402 // Disable timeouts.
11403 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11404 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11405 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11406 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11407 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11408 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11409
11410 MockDnsClientRuleList rules;
11411 rules.emplace_back(
11412 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11413 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11414 /*delay=*/false);
11415 rules.emplace_back(
11416 kName, dns_protocol::kTypeA, /*secure=*/true,
11417 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11418 /*delay=*/false);
11419 rules.emplace_back(
11420 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11421 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11422 /*delay=*/false);
11423
11424 CreateResolver();
11425 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11426 DnsConfigOverrides overrides;
11427 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11428 resolver_->SetDnsConfigOverrides(overrides);
11429
11430 ResolveHostResponseHelper response(resolver_->CreateRequest(
11431 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11432 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11433 resolve_context_.get(), resolve_context_->host_cache()));
11434 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
11435 EXPECT_THAT(response.request()->GetAddressResults(),
11436 AnyOf(nullptr, Pointee(IsEmpty())));
11437 EXPECT_THAT(response.request()->GetEndpointResults(),
11438 AnyOf(nullptr, Pointee(IsEmpty())));
11439 EXPECT_THAT(response.request()->GetTextResults(),
11440 AnyOf(nullptr, Pointee(IsEmpty())));
11441 EXPECT_THAT(response.request()->GetHostnameResults(),
11442 AnyOf(nullptr, Pointee(IsEmpty())));
11443 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11444 AnyOf(nullptr, Pointee(IsEmpty())));
11445
11446 // Expect result not cached.
11447 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11448 }
11449
TEST_F(HostResolverManagerDnsTest,FailedHttpsInAddressRequestIgnoredWhenFeatureDisabled)11450 TEST_F(HostResolverManagerDnsTest,
11451 FailedHttpsInAddressRequestIgnoredWhenFeatureDisabled) {
11452 const char kName[] = "name.test";
11453
11454 base::test::ScopedFeatureList features;
11455 features.InitAndEnableFeatureWithParameters(
11456 features::kUseDnsHttpsSvcb,
11457 {{"UseDnsHttpsSvcbEnforceSecureResponse", "false"},
11458 // Disable timeouts.
11459 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11460 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11461 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11462 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11463 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11464 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11465
11466 MockDnsClientRuleList rules;
11467 rules.emplace_back(
11468 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11469 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11470 /*delay=*/false);
11471 rules.emplace_back(
11472 kName, dns_protocol::kTypeA, /*secure=*/true,
11473 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11474 /*delay=*/false);
11475 rules.emplace_back(
11476 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11477 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11478 /*delay=*/false);
11479
11480 CreateResolver();
11481 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11482 DnsConfigOverrides overrides;
11483 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11484 resolver_->SetDnsConfigOverrides(overrides);
11485
11486 ResolveHostResponseHelper response(resolver_->CreateRequest(
11487 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11488 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11489 resolve_context_.get(), resolve_context_->host_cache()));
11490 EXPECT_THAT(response.result_error(), IsOk());
11491 EXPECT_TRUE(response.request()->GetAddressResults());
11492 EXPECT_THAT(response.request()->GetEndpointResults(),
11493 testing::Pointee(testing::ElementsAre(
11494 ExpectEndpointResult(testing::SizeIs(2)))));
11495 EXPECT_THAT(response.request()->GetTextResults(),
11496 AnyOf(nullptr, Pointee(IsEmpty())));
11497 EXPECT_THAT(response.request()->GetHostnameResults(),
11498 AnyOf(nullptr, Pointee(IsEmpty())));
11499 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11500 testing::Pointee(testing::IsEmpty()));
11501 }
11502
TEST_F(HostResolverManagerDnsTest,FailedHttpsInAddressRequestAfterAddressFailureIsFatalWhenFeatureEnabled)11503 TEST_F(
11504 HostResolverManagerDnsTest,
11505 FailedHttpsInAddressRequestAfterAddressFailureIsFatalWhenFeatureEnabled) {
11506 const char kName[] = "name.test";
11507
11508 base::test::ScopedFeatureList features;
11509 features.InitAndEnableFeatureWithParameters(
11510 features::kUseDnsHttpsSvcb,
11511 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11512 // Disable timeouts.
11513 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11514 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11515 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11516 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11517 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11518 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11519
11520 MockDnsClientRuleList rules;
11521 // Delay HTTPS result to ensure it comes after A failure.
11522 rules.emplace_back(
11523 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11524 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11525 /*delay=*/true);
11526 rules.emplace_back(
11527 kName, dns_protocol::kTypeA, /*secure=*/true,
11528 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11529 /*delay=*/false);
11530 // Delay AAAA result to ensure it is cancelled after A failure.
11531 rules.emplace_back(
11532 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11533 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11534 /*delay=*/true);
11535
11536 CreateResolver();
11537 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11538 DnsConfigOverrides overrides;
11539 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11540 resolver_->SetDnsConfigOverrides(overrides);
11541
11542 ResolveHostResponseHelper response(resolver_->CreateRequest(
11543 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11544 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11545 resolve_context_.get(), resolve_context_->host_cache()));
11546
11547 base::RunLoop().RunUntilIdle();
11548 EXPECT_FALSE(response.complete());
11549 dns_client_->CompleteDelayedTransactions();
11550
11551 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
11552 EXPECT_THAT(response.request()->GetAddressResults(),
11553 AnyOf(nullptr, Pointee(IsEmpty())));
11554 EXPECT_THAT(response.request()->GetEndpointResults(),
11555 AnyOf(nullptr, Pointee(IsEmpty())));
11556 EXPECT_THAT(response.request()->GetTextResults(),
11557 AnyOf(nullptr, Pointee(IsEmpty())));
11558 EXPECT_THAT(response.request()->GetHostnameResults(),
11559 AnyOf(nullptr, Pointee(IsEmpty())));
11560 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11561 AnyOf(nullptr, Pointee(IsEmpty())));
11562
11563 // Expect result not cached.
11564 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11565 }
11566
TEST_F(HostResolverManagerDnsTest,FailedHttpsInAddressRequestAfterAddressFailureIgnoredWhenFeatureDisabled)11567 TEST_F(
11568 HostResolverManagerDnsTest,
11569 FailedHttpsInAddressRequestAfterAddressFailureIgnoredWhenFeatureDisabled) {
11570 const char kName[] = "name.test";
11571
11572 base::test::ScopedFeatureList features;
11573 features.InitAndEnableFeatureWithParameters(
11574 features::kUseDnsHttpsSvcb,
11575 {{"UseDnsHttpsSvcbEnforceSecureResponse", "false"},
11576 // Disable timeouts.
11577 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11578 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11579 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11580 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11581 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11582 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11583
11584 MockDnsClientRuleList rules;
11585 // Delay HTTPS result to ensure it is cancelled after AAAA failure.
11586 rules.emplace_back(
11587 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11588 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11589 /*delay=*/true);
11590 // Delay A result to ensure it is cancelled after AAAA failure.
11591 rules.emplace_back(
11592 kName, dns_protocol::kTypeA, /*secure=*/true,
11593 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11594 /*delay=*/true);
11595 rules.emplace_back(
11596 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11597 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11598 /*delay=*/false);
11599
11600 // Expect fall back to insecure due to AAAA failure.
11601 rules.emplace_back(
11602 kName, dns_protocol::kTypeHttps, /*secure=*/false,
11603 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11604 /*delay=*/false);
11605 rules.emplace_back(
11606 kName, dns_protocol::kTypeA, /*secure=*/false,
11607 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11608 /*delay=*/false);
11609 rules.emplace_back(
11610 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
11611 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11612 /*delay=*/false);
11613
11614 CreateResolver();
11615 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11616 DnsConfigOverrides overrides;
11617 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11618 resolver_->SetDnsConfigOverrides(overrides);
11619
11620 ResolveHostResponseHelper response(resolver_->CreateRequest(
11621 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11622 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11623 resolve_context_.get(), resolve_context_->host_cache()));
11624
11625 base::RunLoop().RunUntilIdle();
11626 // Unnecessary to complete delayed transactions because they should be
11627 // cancelled after first failure (AAAA).
11628 EXPECT_TRUE(response.complete());
11629
11630 EXPECT_THAT(response.result_error(), IsOk());
11631 EXPECT_TRUE(response.request()->GetAddressResults());
11632 EXPECT_TRUE(response.request()->GetEndpointResults());
11633 EXPECT_THAT(response.request()->GetTextResults(),
11634 AnyOf(nullptr, Pointee(IsEmpty())));
11635 EXPECT_THAT(response.request()->GetHostnameResults(),
11636 AnyOf(nullptr, Pointee(IsEmpty())));
11637 EXPECT_TRUE(response.request()->GetExperimentalResultsForTesting());
11638 }
11639
TEST_F(HostResolverManagerDnsTest,TimeoutHttpsInAddressRequestIsFatal)11640 TEST_F(HostResolverManagerDnsTest, TimeoutHttpsInAddressRequestIsFatal) {
11641 const char kName[] = "name.test";
11642
11643 base::test::ScopedFeatureList features;
11644 features.InitAndEnableFeatureWithParameters(
11645 features::kUseDnsHttpsSvcb,
11646 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11647 // Disable timeouts.
11648 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11649 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11650 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11651 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11652 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11653 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11654
11655 MockDnsClientRuleList rules;
11656 rules.emplace_back(
11657 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11658 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
11659 /*delay=*/false);
11660 rules.emplace_back(
11661 kName, dns_protocol::kTypeA, /*secure=*/true,
11662 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11663 /*delay=*/false);
11664 rules.emplace_back(
11665 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11666 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11667 /*delay=*/false);
11668
11669 CreateResolver();
11670 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11671 DnsConfigOverrides overrides;
11672 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11673 resolver_->SetDnsConfigOverrides(overrides);
11674
11675 ResolveHostResponseHelper response(resolver_->CreateRequest(
11676 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11677 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11678 resolve_context_.get(), resolve_context_->host_cache()));
11679 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
11680 EXPECT_THAT(response.request()->GetAddressResults(),
11681 AnyOf(nullptr, Pointee(IsEmpty())));
11682 EXPECT_THAT(response.request()->GetEndpointResults(),
11683 AnyOf(nullptr, Pointee(IsEmpty())));
11684 EXPECT_THAT(response.request()->GetTextResults(),
11685 AnyOf(nullptr, Pointee(IsEmpty())));
11686 EXPECT_THAT(response.request()->GetHostnameResults(),
11687 AnyOf(nullptr, Pointee(IsEmpty())));
11688 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11689 AnyOf(nullptr, Pointee(IsEmpty())));
11690
11691 // Expect result not cached.
11692 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11693 }
11694
TEST_F(HostResolverManagerDnsTest,ServfailHttpsInAddressRequestIsFatal)11695 TEST_F(HostResolverManagerDnsTest, ServfailHttpsInAddressRequestIsFatal) {
11696 const char kName[] = "name.test";
11697
11698 base::test::ScopedFeatureList features;
11699 features.InitAndEnableFeatureWithParameters(
11700 features::kUseDnsHttpsSvcb,
11701 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11702 // Disable timeouts.
11703 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11704 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11705 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11706 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11707 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11708 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11709
11710 MockDnsClientRuleList rules;
11711 rules.emplace_back(
11712 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11713 MockDnsClientRule::Result(
11714 MockDnsClientRule::ResultType::kFail,
11715 BuildTestDnsResponse(kName, dns_protocol::kTypeHttps, /*answers=*/{},
11716 /*authority=*/{}, /*additional=*/{},
11717 dns_protocol::kRcodeSERVFAIL),
11718 ERR_DNS_SERVER_FAILED),
11719 /*delay=*/false);
11720 rules.emplace_back(
11721 kName, dns_protocol::kTypeA, /*secure=*/true,
11722 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11723 /*delay=*/false);
11724 rules.emplace_back(
11725 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11726 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11727 /*delay=*/false);
11728
11729 CreateResolver();
11730 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11731 DnsConfigOverrides overrides;
11732 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11733 resolver_->SetDnsConfigOverrides(overrides);
11734
11735 ResolveHostResponseHelper response(resolver_->CreateRequest(
11736 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11737 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11738 resolve_context_.get(), resolve_context_->host_cache()));
11739 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_SERVER_FAILED));
11740 EXPECT_THAT(response.request()->GetAddressResults(),
11741 AnyOf(nullptr, Pointee(IsEmpty())));
11742 EXPECT_THAT(response.request()->GetEndpointResults(),
11743 AnyOf(nullptr, Pointee(IsEmpty())));
11744 EXPECT_THAT(response.request()->GetTextResults(),
11745 AnyOf(nullptr, Pointee(IsEmpty())));
11746 EXPECT_THAT(response.request()->GetHostnameResults(),
11747 AnyOf(nullptr, Pointee(IsEmpty())));
11748 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11749 AnyOf(nullptr, Pointee(IsEmpty())));
11750
11751 // Expect result not cached.
11752 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11753 }
11754
11755 // For a response so malformed that DnsTransaction can't do its basic parsing to
11756 // determine an RCODE and return a DnsResponse object to HostResolverManager.
11757 // Essentially equivalent to a network error. See
11758 // `MalformedHttpsInResponseInAddressRequestIsFatal` for a malformed response
11759 // that can at least send a DnsResponse to HostResolverManager.
TEST_F(HostResolverManagerDnsTest,UnparsableHttpsInAddressRequestIsFatal)11760 TEST_F(HostResolverManagerDnsTest, UnparsableHttpsInAddressRequestIsFatal) {
11761 const char kName[] = "name.test";
11762
11763 base::test::ScopedFeatureList features;
11764 features.InitAndEnableFeatureWithParameters(
11765 features::kUseDnsHttpsSvcb,
11766 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11767 // Disable timeouts.
11768 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11769 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11770 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11771 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11772 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11773 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11774
11775 MockDnsClientRuleList rules;
11776 rules.emplace_back(
11777 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11778 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail,
11779 /*response=*/absl::nullopt,
11780 ERR_DNS_MALFORMED_RESPONSE),
11781 /*delay=*/false);
11782 rules.emplace_back(
11783 kName, dns_protocol::kTypeA, /*secure=*/true,
11784 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11785 /*delay=*/false);
11786 rules.emplace_back(
11787 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11788 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11789 /*delay=*/false);
11790
11791 CreateResolver();
11792 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11793 DnsConfigOverrides overrides;
11794 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11795 resolver_->SetDnsConfigOverrides(overrides);
11796
11797 ResolveHostResponseHelper response(resolver_->CreateRequest(
11798 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11799 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11800 resolve_context_.get(), resolve_context_->host_cache()));
11801 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
11802 EXPECT_THAT(response.request()->GetAddressResults(),
11803 AnyOf(nullptr, Pointee(IsEmpty())));
11804 EXPECT_THAT(response.request()->GetEndpointResults(),
11805 AnyOf(nullptr, Pointee(IsEmpty())));
11806 EXPECT_THAT(response.request()->GetTextResults(),
11807 AnyOf(nullptr, Pointee(IsEmpty())));
11808 EXPECT_THAT(response.request()->GetHostnameResults(),
11809 AnyOf(nullptr, Pointee(IsEmpty())));
11810 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11811 AnyOf(nullptr, Pointee(IsEmpty())));
11812
11813 // Expect result not cached.
11814 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11815 }
11816
TEST_F(HostResolverManagerDnsTest,RefusedHttpsInAddressRequestIsIgnored)11817 TEST_F(HostResolverManagerDnsTest, RefusedHttpsInAddressRequestIsIgnored) {
11818 const char kName[] = "name.test";
11819
11820 base::test::ScopedFeatureList features;
11821 features.InitAndEnableFeatureWithParameters(
11822 features::kUseDnsHttpsSvcb,
11823 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11824 // Disable timeouts.
11825 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11826 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11827 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11828 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11829 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11830 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11831
11832 MockDnsClientRuleList rules;
11833 rules.emplace_back(
11834 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11835 MockDnsClientRule::Result(
11836 MockDnsClientRule::ResultType::kFail,
11837 BuildTestDnsResponse(kName, dns_protocol::kTypeHttps, /*answers=*/{},
11838 /*authority=*/{}, /*additional=*/{},
11839 dns_protocol::kRcodeREFUSED),
11840 ERR_DNS_SERVER_FAILED),
11841 /*delay=*/false);
11842 rules.emplace_back(
11843 kName, dns_protocol::kTypeA, /*secure=*/true,
11844 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11845 /*delay=*/false);
11846 rules.emplace_back(
11847 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11848 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11849 /*delay=*/false);
11850
11851 CreateResolver();
11852 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11853 DnsConfigOverrides overrides;
11854 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11855 resolver_->SetDnsConfigOverrides(overrides);
11856
11857 ResolveHostResponseHelper response(resolver_->CreateRequest(
11858 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11859 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11860 resolve_context_.get(), resolve_context_->host_cache()));
11861 EXPECT_THAT(response.result_error(), IsOk());
11862 EXPECT_TRUE(response.request()->GetAddressResults());
11863 EXPECT_THAT(response.request()->GetEndpointResults(),
11864 testing::Pointee(testing::ElementsAre(
11865 ExpectEndpointResult(testing::SizeIs(2)))));
11866 EXPECT_THAT(response.request()->GetTextResults(),
11867 AnyOf(nullptr, Pointee(IsEmpty())));
11868 EXPECT_THAT(response.request()->GetHostnameResults(),
11869 AnyOf(nullptr, Pointee(IsEmpty())));
11870 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11871 testing::Pointee(testing::IsEmpty()));
11872 }
11873
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForWssScheme)11874 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryForWssScheme) {
11875 const char kName[] = "name.test";
11876
11877 base::test::ScopedFeatureList features;
11878 features.InitAndEnableFeatureWithParameters(
11879 features::kUseDnsHttpsSvcb,
11880 {// Disable timeouts.
11881 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11882 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11883 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11884 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11885 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11886 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11887
11888 MockDnsClientRuleList rules;
11889 std::vector<DnsResourceRecord> records = {
11890 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
11891 /*params=*/{})};
11892 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11893 MockDnsClientRule::Result(BuildTestDnsResponse(
11894 kName, dns_protocol::kTypeHttps, records)),
11895 /*delay=*/false);
11896 rules.emplace_back(
11897 kName, dns_protocol::kTypeA, /*secure=*/true,
11898 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11899 /*delay=*/false);
11900 rules.emplace_back(
11901 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11902 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11903 /*delay=*/false);
11904
11905 CreateResolver();
11906 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11907 DnsConfigOverrides overrides;
11908 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11909 resolver_->SetDnsConfigOverrides(overrides);
11910
11911 ResolveHostResponseHelper response(resolver_->CreateRequest(
11912 url::SchemeHostPort(url::kWssScheme, kName, 443),
11913 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
11914 resolve_context_.get(), resolve_context_->host_cache()));
11915 EXPECT_THAT(response.result_error(), IsOk());
11916 EXPECT_TRUE(response.request()->GetAddressResults());
11917 EXPECT_THAT(
11918 response.request()->GetEndpointResults(),
11919 testing::Pointee(testing::ElementsAre(
11920 ExpectEndpointResult(
11921 testing::SizeIs(2),
11922 ExpectConnectionEndpointMetadata(
11923 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
11924 testing::IsEmpty(), kName)),
11925 ExpectEndpointResult(testing::SizeIs(2)))));
11926 EXPECT_THAT(response.request()->GetTextResults(),
11927 AnyOf(nullptr, Pointee(IsEmpty())));
11928 EXPECT_THAT(response.request()->GetHostnameResults(),
11929 AnyOf(nullptr, Pointee(IsEmpty())));
11930 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11931 testing::Pointee(testing::ElementsAre(true)));
11932 }
11933
TEST_F(HostResolverManagerDnsTest,NoHttpsInAddressQueryWithoutScheme)11934 TEST_F(HostResolverManagerDnsTest, NoHttpsInAddressQueryWithoutScheme) {
11935 const char kName[] = "name.test";
11936
11937 base::test::ScopedFeatureList features;
11938 features.InitAndEnableFeatureWithParameters(
11939 features::kUseDnsHttpsSvcb,
11940 {// Disable timeouts.
11941 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11942 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11943 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11944 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11945 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11946 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11947
11948 MockDnsClientRuleList rules;
11949 rules.emplace_back(
11950 kName, dns_protocol::kTypeA, /*secure=*/true,
11951 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11952 /*delay=*/false);
11953 rules.emplace_back(
11954 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11955 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11956 /*delay=*/false);
11957 // Should not be queried.
11958 rules.emplace_back(
11959 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11960 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11961 /*delay=*/false);
11962
11963 CreateResolver();
11964 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11965 DnsConfigOverrides overrides;
11966 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11967 resolver_->SetDnsConfigOverrides(overrides);
11968
11969 ResolveHostResponseHelper response(resolver_->CreateRequest(
11970 HostPortPair(kName, 443), NetworkAnonymizationKey(), NetLogWithSource(),
11971 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
11972 EXPECT_THAT(response.result_error(), IsOk());
11973 EXPECT_TRUE(response.request()->GetAddressResults());
11974 EXPECT_THAT(response.request()->GetEndpointResults(),
11975 testing::Pointee(testing::ElementsAre(
11976 ExpectEndpointResult(testing::SizeIs(2)))));
11977 EXPECT_THAT(response.request()->GetTextResults(),
11978 AnyOf(nullptr, Pointee(IsEmpty())));
11979 EXPECT_THAT(response.request()->GetHostnameResults(),
11980 AnyOf(nullptr, Pointee(IsEmpty())));
11981 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11982 AnyOf(nullptr, Pointee(IsEmpty())));
11983 }
11984
TEST_F(HostResolverManagerDnsTest,NoHttpsInAddressQueryForNonHttpScheme)11985 TEST_F(HostResolverManagerDnsTest, NoHttpsInAddressQueryForNonHttpScheme) {
11986 const char kName[] = "name.test";
11987
11988 base::test::ScopedFeatureList features;
11989 features.InitAndEnableFeatureWithParameters(
11990 features::kUseDnsHttpsSvcb,
11991 {// Disable timeouts.
11992 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11993 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11994 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11995 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11996 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11997 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11998
11999 MockDnsClientRuleList rules;
12000 rules.emplace_back(
12001 kName, dns_protocol::kTypeA, /*secure=*/true,
12002 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12003 /*delay=*/false);
12004 rules.emplace_back(
12005 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12006 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12007 /*delay=*/false);
12008 // Should not be queried.
12009 rules.emplace_back(
12010 kName, dns_protocol::kTypeHttps, /*secure=*/true,
12011 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
12012 /*delay=*/false);
12013
12014 CreateResolver();
12015 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12016 DnsConfigOverrides overrides;
12017 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12018 resolver_->SetDnsConfigOverrides(overrides);
12019
12020 ResolveHostResponseHelper response(resolver_->CreateRequest(
12021 url::SchemeHostPort(url::kFtpScheme, kName, 443),
12022 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12023 resolve_context_.get(), resolve_context_->host_cache()));
12024 EXPECT_THAT(response.result_error(), IsOk());
12025 EXPECT_TRUE(response.request()->GetAddressResults());
12026 EXPECT_THAT(response.request()->GetEndpointResults(),
12027 testing::Pointee(testing::ElementsAre(
12028 ExpectEndpointResult(testing::SizeIs(2)))));
12029 EXPECT_THAT(response.request()->GetTextResults(),
12030 AnyOf(nullptr, Pointee(IsEmpty())));
12031 EXPECT_THAT(response.request()->GetHostnameResults(),
12032 AnyOf(nullptr, Pointee(IsEmpty())));
12033 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12034 AnyOf(nullptr, Pointee(IsEmpty())));
12035 }
12036
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabled)12037 TEST_F(HostResolverManagerDnsTest,
12038 HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabled) {
12039 const char kName[] = "name.test";
12040
12041 base::test::ScopedFeatureList features;
12042 features.InitAndEnableFeatureWithParameters(
12043 features::kUseDnsHttpsSvcb,
12044 {// Disable timeouts.
12045 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12046 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12047 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12048 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12049 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12050 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12051
12052 MockDnsClientRuleList rules;
12053 std::vector<DnsResourceRecord> records = {
12054 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12055 /*params=*/{})};
12056 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12057 MockDnsClientRule::Result(BuildTestDnsResponse(
12058 kName, dns_protocol::kTypeHttps, records)),
12059 /*delay=*/false);
12060 rules.emplace_back(
12061 kName, dns_protocol::kTypeA, /*secure=*/true,
12062 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12063 /*delay=*/false);
12064 rules.emplace_back(
12065 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12066 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12067 /*delay=*/false);
12068
12069 CreateResolver();
12070 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12071 DnsConfigOverrides overrides;
12072 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12073 resolver_->SetDnsConfigOverrides(overrides);
12074
12075 ResolveHostResponseHelper response(resolver_->CreateRequest(
12076 url::SchemeHostPort(url::kHttpScheme, kName, 80),
12077 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12078 resolve_context_.get(), resolve_context_->host_cache()));
12079
12080 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
12081 EXPECT_THAT(response.request()->GetAddressResults(),
12082 AnyOf(nullptr, Pointee(IsEmpty())));
12083 EXPECT_THAT(response.request()->GetEndpointResults(),
12084 AnyOf(nullptr, Pointee(IsEmpty())));
12085 EXPECT_THAT(response.request()->GetTextResults(),
12086 AnyOf(nullptr, Pointee(IsEmpty())));
12087 EXPECT_THAT(response.request()->GetHostnameResults(),
12088 AnyOf(nullptr, Pointee(IsEmpty())));
12089 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12090 AnyOf(nullptr, Pointee(IsEmpty())));
12091 }
12092
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithAliasRecord)12093 TEST_F(HostResolverManagerDnsTest,
12094 HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithAliasRecord) {
12095 const char kName[] = "name.test";
12096
12097 base::test::ScopedFeatureList features;
12098 features.InitAndEnableFeatureWithParameters(
12099 features::kUseDnsHttpsSvcb,
12100 {// Disable timeouts.
12101 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12102 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12103 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12104 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12105 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12106 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12107
12108 MockDnsClientRuleList rules;
12109 std::vector<DnsResourceRecord> records = {
12110 BuildTestHttpsAliasRecord(kName, "alias.test")};
12111 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12112 MockDnsClientRule::Result(BuildTestDnsResponse(
12113 kName, dns_protocol::kTypeHttps, records)),
12114 /*delay=*/false);
12115 rules.emplace_back(
12116 kName, dns_protocol::kTypeA, /*secure=*/true,
12117 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12118 /*delay=*/false);
12119 rules.emplace_back(
12120 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12121 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12122 /*delay=*/false);
12123
12124 CreateResolver();
12125 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12126 DnsConfigOverrides overrides;
12127 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12128 resolver_->SetDnsConfigOverrides(overrides);
12129
12130 ResolveHostResponseHelper response(resolver_->CreateRequest(
12131 url::SchemeHostPort(url::kHttpScheme, kName, 80),
12132 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12133 resolve_context_.get(), resolve_context_->host_cache()));
12134
12135 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
12136 EXPECT_THAT(response.request()->GetAddressResults(),
12137 AnyOf(nullptr, Pointee(IsEmpty())));
12138 EXPECT_THAT(response.request()->GetEndpointResults(),
12139 AnyOf(nullptr, Pointee(IsEmpty())));
12140 EXPECT_THAT(response.request()->GetTextResults(),
12141 AnyOf(nullptr, Pointee(IsEmpty())));
12142 EXPECT_THAT(response.request()->GetHostnameResults(),
12143 AnyOf(nullptr, Pointee(IsEmpty())));
12144 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12145 AnyOf(nullptr, Pointee(IsEmpty())));
12146 }
12147
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithIncompatibleServiceRecord)12148 TEST_F(
12149 HostResolverManagerDnsTest,
12150 HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithIncompatibleServiceRecord) {
12151 const char kName[] = "name.test";
12152 const uint16_t kMadeUpParam = 65300; // From the private-use block.
12153
12154 base::test::ScopedFeatureList features;
12155 features.InitAndEnableFeatureWithParameters(
12156 features::kUseDnsHttpsSvcb,
12157 {// Disable timeouts.
12158 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12159 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12160 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12161 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12162 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12163 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12164
12165 MockDnsClientRuleList rules;
12166 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
12167 kName, /*priority=*/1, /*service_name=*/".",
12168 /*params=*/
12169 {BuildTestHttpsServiceMandatoryParam({kMadeUpParam}),
12170 {kMadeUpParam, "foo"}})};
12171 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12172 MockDnsClientRule::Result(BuildTestDnsResponse(
12173 kName, dns_protocol::kTypeHttps, records)),
12174 /*delay=*/false);
12175 rules.emplace_back(
12176 kName, dns_protocol::kTypeA, /*secure=*/true,
12177 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12178 /*delay=*/false);
12179 rules.emplace_back(
12180 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12181 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12182 /*delay=*/false);
12183
12184 CreateResolver();
12185 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12186 DnsConfigOverrides overrides;
12187 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12188 resolver_->SetDnsConfigOverrides(overrides);
12189
12190 ResolveHostResponseHelper response(resolver_->CreateRequest(
12191 url::SchemeHostPort(url::kHttpScheme, kName, 80),
12192 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12193 resolve_context_.get(), resolve_context_->host_cache()));
12194
12195 // Expect incompatible HTTPS record to have no effect on results (except
12196 // `GetExperimentalResultsForTesting()` which returns the record
12197 // compatibility).
12198 EXPECT_THAT(response.result_error(), IsOk());
12199 EXPECT_TRUE(response.request()->GetAddressResults());
12200 EXPECT_TRUE(response.request()->GetEndpointResults());
12201 EXPECT_THAT(response.request()->GetTextResults(),
12202 AnyOf(nullptr, Pointee(IsEmpty())));
12203 EXPECT_THAT(response.request()->GetHostnameResults(),
12204 AnyOf(nullptr, Pointee(IsEmpty())));
12205 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12206 Pointee(Not(Contains(true))));
12207 }
12208
12209 // Even if no addresses are received for a request, finding an HTTPS record
12210 // should still force an HTTP->HTTPS upgrade.
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithoutAddresses)12211 TEST_F(HostResolverManagerDnsTest,
12212 HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithoutAddresses) {
12213 const char kName[] = "name.test";
12214
12215 base::test::ScopedFeatureList features;
12216 features.InitAndEnableFeatureWithParameters(
12217 features::kUseDnsHttpsSvcb,
12218 {// Disable timeouts.
12219 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12220 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12221 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12222 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12223 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12224 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12225
12226 MockDnsClientRuleList rules;
12227 std::vector<DnsResourceRecord> records = {
12228 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12229 /*params=*/{})};
12230 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12231 MockDnsClientRule::Result(BuildTestDnsResponse(
12232 kName, dns_protocol::kTypeHttps, records)),
12233 /*delay=*/false);
12234 rules.emplace_back(
12235 kName, dns_protocol::kTypeA, /*secure=*/true,
12236 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
12237 /*delay=*/false);
12238 rules.emplace_back(
12239 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12240 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
12241 /*delay=*/false);
12242
12243 CreateResolver();
12244 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12245 DnsConfigOverrides overrides;
12246 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12247 resolver_->SetDnsConfigOverrides(overrides);
12248
12249 ResolveHostResponseHelper response(resolver_->CreateRequest(
12250 url::SchemeHostPort(url::kHttpScheme, kName, 80),
12251 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12252 resolve_context_.get(), resolve_context_->host_cache()));
12253
12254 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
12255 EXPECT_THAT(response.request()->GetAddressResults(),
12256 AnyOf(nullptr, Pointee(IsEmpty())));
12257 EXPECT_THAT(response.request()->GetEndpointResults(),
12258 AnyOf(nullptr, Pointee(IsEmpty())));
12259 EXPECT_THAT(response.request()->GetTextResults(),
12260 AnyOf(nullptr, Pointee(IsEmpty())));
12261 EXPECT_THAT(response.request()->GetHostnameResults(),
12262 AnyOf(nullptr, Pointee(IsEmpty())));
12263 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12264 AnyOf(nullptr, Pointee(IsEmpty())));
12265 }
12266
TEST_F(HostResolverManagerDnsTest,HttpsInSecureModeAddressQuery)12267 TEST_F(HostResolverManagerDnsTest, HttpsInSecureModeAddressQuery) {
12268 const char kName[] = "name.test";
12269
12270 base::test::ScopedFeatureList features;
12271 features.InitAndEnableFeatureWithParameters(
12272 features::kUseDnsHttpsSvcb,
12273 {// Disable timeouts.
12274 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12275 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12276 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12277 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12278 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12279 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12280
12281 MockDnsClientRuleList rules;
12282 std::vector<DnsResourceRecord> records = {
12283 BuildTestHttpsAliasRecord(kName, "alias.test")};
12284 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12285 MockDnsClientRule::Result(BuildTestDnsResponse(
12286 kName, dns_protocol::kTypeHttps, records)),
12287 /*delay=*/false);
12288 rules.emplace_back(
12289 kName, dns_protocol::kTypeA, /*secure=*/true,
12290 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12291 /*delay=*/false);
12292 rules.emplace_back(
12293 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12294 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12295 /*delay=*/false);
12296
12297 CreateResolver();
12298 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12299 DnsConfigOverrides overrides;
12300 overrides.secure_dns_mode = SecureDnsMode::kSecure;
12301 resolver_->SetDnsConfigOverrides(overrides);
12302
12303 ResolveHostResponseHelper response(resolver_->CreateRequest(
12304 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12305 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12306 resolve_context_.get(), resolve_context_->host_cache()));
12307
12308 EXPECT_THAT(response.result_error(), IsOk());
12309 EXPECT_TRUE(response.request()->GetAddressResults());
12310 EXPECT_TRUE(response.request()->GetEndpointResults());
12311 EXPECT_THAT(response.request()->GetTextResults(),
12312 AnyOf(nullptr, Pointee(IsEmpty())));
12313 EXPECT_THAT(response.request()->GetHostnameResults(),
12314 AnyOf(nullptr, Pointee(IsEmpty())));
12315 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12316 testing::Pointee(testing::ElementsAre(true)));
12317 }
12318
TEST_F(HostResolverManagerDnsTest,HttpsInSecureModeAddressQueryForHttpScheme)12319 TEST_F(HostResolverManagerDnsTest, HttpsInSecureModeAddressQueryForHttpScheme) {
12320 const char kName[] = "name.test";
12321
12322 base::test::ScopedFeatureList features;
12323 features.InitAndEnableFeatureWithParameters(
12324 features::kUseDnsHttpsSvcb,
12325 {// Disable timeouts.
12326 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12327 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12328 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12329 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12330 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12331 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12332
12333 MockDnsClientRuleList rules;
12334 std::vector<DnsResourceRecord> records = {
12335 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12336 /*params=*/{})};
12337 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12338 MockDnsClientRule::Result(BuildTestDnsResponse(
12339 kName, dns_protocol::kTypeHttps, records)),
12340 /*delay=*/false);
12341 rules.emplace_back(
12342 kName, dns_protocol::kTypeA, /*secure=*/true,
12343 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12344 /*delay=*/false);
12345 rules.emplace_back(
12346 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12347 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12348 /*delay=*/false);
12349
12350 CreateResolver();
12351 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12352 DnsConfigOverrides overrides;
12353 overrides.secure_dns_mode = SecureDnsMode::kSecure;
12354 resolver_->SetDnsConfigOverrides(overrides);
12355
12356 ResolveHostResponseHelper response(resolver_->CreateRequest(
12357 url::SchemeHostPort(url::kHttpScheme, kName, 80),
12358 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12359 resolve_context_.get(), resolve_context_->host_cache()));
12360
12361 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
12362 EXPECT_THAT(response.request()->GetAddressResults(),
12363 AnyOf(nullptr, Pointee(IsEmpty())));
12364 EXPECT_THAT(response.request()->GetEndpointResults(),
12365 AnyOf(nullptr, Pointee(IsEmpty())));
12366 EXPECT_THAT(response.request()->GetTextResults(),
12367 AnyOf(nullptr, Pointee(IsEmpty())));
12368 EXPECT_THAT(response.request()->GetHostnameResults(),
12369 AnyOf(nullptr, Pointee(IsEmpty())));
12370 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12371 AnyOf(nullptr, Pointee(IsEmpty())));
12372 }
12373
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQuery)12374 TEST_F(HostResolverManagerDnsTest, HttpsInInsecureAddressQuery) {
12375 const char kName[] = "name.test";
12376
12377 base::test::ScopedFeatureList features;
12378 features.InitAndEnableFeatureWithParameters(
12379 features::kUseDnsHttpsSvcb,
12380 {// Disable timeouts.
12381 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12382 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12383 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12384 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12385 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12386 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12387
12388 MockDnsClientRuleList rules;
12389 std::vector<DnsResourceRecord> records = {
12390 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12391 /*params=*/{})};
12392 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
12393 MockDnsClientRule::Result(BuildTestDnsResponse(
12394 kName, dns_protocol::kTypeHttps, records)),
12395 /*delay=*/false);
12396 rules.emplace_back(
12397 kName, dns_protocol::kTypeA, /*secure=*/false,
12398 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12399 /*delay=*/false);
12400 rules.emplace_back(
12401 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12402 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12403 /*delay=*/false);
12404
12405 CreateResolver();
12406 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12407
12408 ResolveHostResponseHelper response(resolver_->CreateRequest(
12409 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12410 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12411 resolve_context_.get(), resolve_context_->host_cache()));
12412
12413 EXPECT_THAT(response.result_error(), IsOk());
12414 EXPECT_TRUE(response.request()->GetAddressResults());
12415 EXPECT_THAT(
12416 response.request()->GetEndpointResults(),
12417 testing::Pointee(testing::ElementsAre(
12418 ExpectEndpointResult(
12419 testing::SizeIs(2),
12420 ExpectConnectionEndpointMetadata(
12421 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
12422 testing::IsEmpty(), kName)),
12423 ExpectEndpointResult(testing::SizeIs(2)))));
12424 EXPECT_THAT(response.request()->GetTextResults(),
12425 AnyOf(nullptr, Pointee(IsEmpty())));
12426 EXPECT_THAT(response.request()->GetHostnameResults(),
12427 AnyOf(nullptr, Pointee(IsEmpty())));
12428 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12429 testing::Pointee(testing::ElementsAre(true)));
12430 }
12431
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQueryForHttpScheme)12432 TEST_F(HostResolverManagerDnsTest, HttpsInInsecureAddressQueryForHttpScheme) {
12433 const char kName[] = "name.test";
12434
12435 base::test::ScopedFeatureList features;
12436 features.InitAndEnableFeatureWithParameters(
12437 features::kUseDnsHttpsSvcb,
12438 {// Disable timeouts.
12439 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12440 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12441 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12442 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12443 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12444 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12445
12446 MockDnsClientRuleList rules;
12447 std::vector<DnsResourceRecord> records = {
12448 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12449 /*params=*/{})};
12450 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
12451 MockDnsClientRule::Result(BuildTestDnsResponse(
12452 kName, dns_protocol::kTypeHttps, records)),
12453 /*delay=*/false);
12454 rules.emplace_back(
12455 kName, dns_protocol::kTypeA, /*secure=*/false,
12456 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12457 /*delay=*/false);
12458 rules.emplace_back(
12459 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12460 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12461 /*delay=*/false);
12462
12463 CreateResolver();
12464 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12465
12466 ResolveHostResponseHelper response(resolver_->CreateRequest(
12467 url::SchemeHostPort(url::kHttpScheme, kName, 80),
12468 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12469 resolve_context_.get(), resolve_context_->host_cache()));
12470
12471 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
12472 EXPECT_THAT(response.request()->GetAddressResults(),
12473 AnyOf(nullptr, Pointee(IsEmpty())));
12474 EXPECT_THAT(response.request()->GetEndpointResults(),
12475 AnyOf(nullptr, Pointee(IsEmpty())));
12476 EXPECT_THAT(response.request()->GetTextResults(),
12477 AnyOf(nullptr, Pointee(IsEmpty())));
12478 EXPECT_THAT(response.request()->GetHostnameResults(),
12479 AnyOf(nullptr, Pointee(IsEmpty())));
12480 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12481 AnyOf(nullptr, Pointee(IsEmpty())));
12482 }
12483
TEST_F(HostResolverManagerDnsTest,FailedHttpsInInsecureAddressRequestIgnored)12484 TEST_F(HostResolverManagerDnsTest, FailedHttpsInInsecureAddressRequestIgnored) {
12485 const char kName[] = "name.test";
12486
12487 base::test::ScopedFeatureList features;
12488 features.InitAndEnableFeatureWithParameters(
12489 features::kUseDnsHttpsSvcb,
12490 {// Disable timeouts.
12491 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12492 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12493 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12494 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12495 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12496 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12497
12498 MockDnsClientRuleList rules;
12499 rules.emplace_back(
12500 kName, dns_protocol::kTypeHttps, /*secure=*/false,
12501 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
12502 /*delay=*/false);
12503 rules.emplace_back(
12504 kName, dns_protocol::kTypeA, /*secure=*/false,
12505 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12506 /*delay=*/false);
12507 rules.emplace_back(
12508 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12509 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12510 /*delay=*/false);
12511
12512 CreateResolver();
12513 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12514
12515 ResolveHostResponseHelper response(resolver_->CreateRequest(
12516 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12517 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12518 resolve_context_.get(), resolve_context_->host_cache()));
12519 EXPECT_THAT(response.result_error(), IsOk());
12520 EXPECT_TRUE(response.request()->GetAddressResults());
12521 EXPECT_THAT(response.request()->GetEndpointResults(),
12522 testing::Pointee(testing::ElementsAre(
12523 ExpectEndpointResult(testing::SizeIs(2)))));
12524 EXPECT_THAT(response.request()->GetTextResults(),
12525 AnyOf(nullptr, Pointee(IsEmpty())));
12526 EXPECT_THAT(response.request()->GetHostnameResults(),
12527 AnyOf(nullptr, Pointee(IsEmpty())));
12528 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12529 testing::Pointee(testing::IsEmpty()));
12530 }
12531
TEST_F(HostResolverManagerDnsTest,TimeoutHttpsInInsecureAddressRequestIgnored)12532 TEST_F(HostResolverManagerDnsTest,
12533 TimeoutHttpsInInsecureAddressRequestIgnored) {
12534 const char kName[] = "name.test";
12535
12536 base::test::ScopedFeatureList features;
12537 features.InitAndEnableFeatureWithParameters(
12538 features::kUseDnsHttpsSvcb,
12539 {// Disable timeouts.
12540 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12541 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12542 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12543 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12544 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12545 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12546
12547 MockDnsClientRuleList rules;
12548 rules.emplace_back(
12549 kName, dns_protocol::kTypeHttps, /*secure=*/false,
12550 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
12551 /*delay=*/false);
12552 rules.emplace_back(
12553 kName, dns_protocol::kTypeA, /*secure=*/false,
12554 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12555 /*delay=*/false);
12556 rules.emplace_back(
12557 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12558 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12559 /*delay=*/false);
12560
12561 CreateResolver();
12562 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12563
12564 ResolveHostResponseHelper response(resolver_->CreateRequest(
12565 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12566 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12567 resolve_context_.get(), resolve_context_->host_cache()));
12568 EXPECT_THAT(response.result_error(), IsOk());
12569 EXPECT_TRUE(response.request()->GetAddressResults());
12570 EXPECT_THAT(response.request()->GetEndpointResults(),
12571 testing::Pointee(testing::ElementsAre(
12572 ExpectEndpointResult(testing::SizeIs(2)))));
12573 EXPECT_THAT(response.request()->GetTextResults(),
12574 AnyOf(nullptr, Pointee(IsEmpty())));
12575 EXPECT_THAT(response.request()->GetHostnameResults(),
12576 AnyOf(nullptr, Pointee(IsEmpty())));
12577 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12578 testing::Pointee(testing::IsEmpty()));
12579 }
12580
TEST_F(HostResolverManagerDnsTest,ServfailHttpsInInsecureAddressRequestIgnored)12581 TEST_F(HostResolverManagerDnsTest,
12582 ServfailHttpsInInsecureAddressRequestIgnored) {
12583 const char kName[] = "name.test";
12584
12585 base::test::ScopedFeatureList features;
12586 features.InitAndEnableFeatureWithParameters(
12587 features::kUseDnsHttpsSvcb,
12588 {// Disable timeouts.
12589 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12590 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12591 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12592 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12593 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12594 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12595
12596 MockDnsClientRuleList rules;
12597 rules.emplace_back(
12598 kName, dns_protocol::kTypeHttps, /*secure=*/false,
12599 MockDnsClientRule::Result(
12600 MockDnsClientRule::ResultType::kFail,
12601 BuildTestDnsResponse(kName, dns_protocol::kTypeHttps, /*answers=*/{},
12602 /*authority=*/{}, /*additional=*/{},
12603 dns_protocol::kRcodeSERVFAIL),
12604 ERR_DNS_SERVER_FAILED),
12605 /*delay=*/false);
12606 rules.emplace_back(
12607 kName, dns_protocol::kTypeA, /*secure=*/false,
12608 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12609 /*delay=*/false);
12610 rules.emplace_back(
12611 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12612 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12613 /*delay=*/false);
12614
12615 CreateResolver();
12616 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12617
12618 ResolveHostResponseHelper response(resolver_->CreateRequest(
12619 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12620 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12621 resolve_context_.get(), resolve_context_->host_cache()));
12622 EXPECT_THAT(response.result_error(), IsOk());
12623 EXPECT_TRUE(response.request()->GetAddressResults());
12624 EXPECT_THAT(response.request()->GetEndpointResults(),
12625 testing::Pointee(testing::ElementsAre(
12626 ExpectEndpointResult(testing::SizeIs(2)))));
12627 EXPECT_THAT(response.request()->GetTextResults(),
12628 AnyOf(nullptr, Pointee(IsEmpty())));
12629 EXPECT_THAT(response.request()->GetHostnameResults(),
12630 AnyOf(nullptr, Pointee(IsEmpty())));
12631 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12632 testing::Pointee(testing::IsEmpty()));
12633 }
12634
TEST_F(HostResolverManagerDnsTest,UnparsableHttpsInInsecureAddressRequestIgnored)12635 TEST_F(HostResolverManagerDnsTest,
12636 UnparsableHttpsInInsecureAddressRequestIgnored) {
12637 const char kName[] = "name.test";
12638
12639 base::test::ScopedFeatureList features;
12640 features.InitAndEnableFeatureWithParameters(
12641 features::kUseDnsHttpsSvcb,
12642 {// Disable timeouts.
12643 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12644 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12645 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12646 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12647 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12648 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12649
12650 MockDnsClientRuleList rules;
12651 rules.emplace_back(
12652 kName, dns_protocol::kTypeHttps, /*secure=*/false,
12653 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail,
12654 /*response=*/absl::nullopt,
12655 ERR_DNS_MALFORMED_RESPONSE),
12656 /*delay=*/false);
12657 rules.emplace_back(
12658 kName, dns_protocol::kTypeA, /*secure=*/false,
12659 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12660 /*delay=*/false);
12661 rules.emplace_back(
12662 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12663 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12664 /*delay=*/false);
12665
12666 CreateResolver();
12667 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12668
12669 ResolveHostResponseHelper response(resolver_->CreateRequest(
12670 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12671 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12672 resolve_context_.get(), resolve_context_->host_cache()));
12673 EXPECT_THAT(response.result_error(), IsOk());
12674 EXPECT_TRUE(response.request()->GetAddressResults());
12675 EXPECT_THAT(response.request()->GetEndpointResults(),
12676 testing::Pointee(testing::ElementsAre(
12677 ExpectEndpointResult(testing::SizeIs(2)))));
12678 EXPECT_THAT(response.request()->GetTextResults(),
12679 AnyOf(nullptr, Pointee(IsEmpty())));
12680 EXPECT_THAT(response.request()->GetHostnameResults(),
12681 AnyOf(nullptr, Pointee(IsEmpty())));
12682 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12683 testing::Pointee(testing::IsEmpty()));
12684 }
12685
12686 // Test that when additional HTTPS timeout Feature params are disabled, the task
12687 // does not timeout until the transactions themselves timeout.
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWaitsWithoutAdditionalTimeout)12688 TEST_F(HostResolverManagerDnsTest,
12689 HttpsInAddressQueryWaitsWithoutAdditionalTimeout) {
12690 const char kName[] = "name.test";
12691
12692 base::test::ScopedFeatureList features;
12693 features.InitAndEnableFeatureWithParameters(
12694 features::kUseDnsHttpsSvcb,
12695 {// Disable timeouts.
12696 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12697 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12698 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12699 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12700 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12701 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12702
12703 MockDnsClientRuleList rules;
12704 rules.emplace_back(
12705 kName, dns_protocol::kTypeHttps, /*secure=*/true,
12706 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
12707 /*delay=*/true);
12708 rules.emplace_back(
12709 kName, dns_protocol::kTypeA, /*secure=*/true,
12710 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12711 /*delay=*/false);
12712 rules.emplace_back(
12713 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12714 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12715 /*delay=*/false);
12716
12717 CreateResolver();
12718 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12719 DnsConfigOverrides overrides;
12720 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12721 resolver_->SetDnsConfigOverrides(overrides);
12722
12723 ResolveHostResponseHelper response(resolver_->CreateRequest(
12724 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12725 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12726 resolve_context_.get(), resolve_context_->host_cache()));
12727 RunUntilIdle();
12728 EXPECT_FALSE(response.complete());
12729
12730 // Wait an absurd amount of time (1 hour) and expect the request to not
12731 // complete because it is waiting on the transaction, where the mock is
12732 // delaying completion.
12733 FastForwardBy(base::Hours(1));
12734 RunUntilIdle();
12735 EXPECT_FALSE(response.complete());
12736
12737 dns_client_->CompleteDelayedTransactions();
12738 EXPECT_THAT(response.result_error(), IsOk());
12739 EXPECT_TRUE(response.request()->GetAddressResults());
12740 EXPECT_THAT(response.request()->GetEndpointResults(),
12741 testing::Pointee(testing::ElementsAre(
12742 ExpectEndpointResult(testing::SizeIs(2)))));
12743 EXPECT_THAT(response.request()->GetTextResults(),
12744 AnyOf(nullptr, Pointee(IsEmpty())));
12745 EXPECT_THAT(response.request()->GetHostnameResults(),
12746 AnyOf(nullptr, Pointee(IsEmpty())));
12747 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12748 testing::Pointee(testing::IsEmpty()));
12749 }
12750
TEST_F(HostResolverManagerDnsTest,HttpsInSecureAddressQueryWithOnlyMinTimeout)12751 TEST_F(HostResolverManagerDnsTest,
12752 HttpsInSecureAddressQueryWithOnlyMinTimeout) {
12753 const char kName[] = "name.test";
12754
12755 base::test::ScopedFeatureList features;
12756 features.InitAndEnableFeatureWithParameters(
12757 features::kUseDnsHttpsSvcb,
12758 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12759 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12760 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "30m"},
12761 // Set a Secure absolute timeout of 10 minutes via the "min" param.
12762 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12763 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12764 {"UseDnsHttpsSvcbSecureExtraTimeMin", "10m"}});
12765
12766 MockDnsClientRuleList rules;
12767 std::vector<DnsResourceRecord> records = {
12768 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12769 /*params=*/{})};
12770 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12771 MockDnsClientRule::Result(BuildTestDnsResponse(
12772 kName, dns_protocol::kTypeHttps, records)),
12773 /*delay=*/true);
12774 rules.emplace_back(
12775 kName, dns_protocol::kTypeA, /*secure=*/true,
12776 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12777 /*delay=*/false);
12778 rules.emplace_back(
12779 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12780 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12781 /*delay=*/false);
12782
12783 CreateResolver();
12784 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12785 DnsConfigOverrides overrides;
12786 overrides.secure_dns_mode = SecureDnsMode::kSecure;
12787 resolver_->SetDnsConfigOverrides(overrides);
12788
12789 ResolveHostResponseHelper response(resolver_->CreateRequest(
12790 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12791 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12792 resolve_context_.get(), resolve_context_->host_cache()));
12793 RunUntilIdle();
12794 EXPECT_FALSE(response.complete());
12795
12796 // Wait until 1 second before expected timeout.
12797 FastForwardBy(base::Minutes(10) - base::Seconds(1));
12798 RunUntilIdle();
12799 EXPECT_FALSE(response.complete());
12800
12801 // Exceed expected timeout.
12802 FastForwardBy(base::Seconds(2));
12803
12804 EXPECT_THAT(response.result_error(), IsOk());
12805 EXPECT_TRUE(response.request()->GetAddressResults());
12806 EXPECT_THAT(response.request()->GetEndpointResults(),
12807 testing::Pointee(testing::ElementsAre(
12808 ExpectEndpointResult(testing::SizeIs(2)))));
12809 EXPECT_THAT(response.request()->GetTextResults(),
12810 AnyOf(nullptr, Pointee(IsEmpty())));
12811 EXPECT_THAT(response.request()->GetHostnameResults(),
12812 AnyOf(nullptr, Pointee(IsEmpty())));
12813 // No experimental results if transaction did not complete.
12814 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12815 AnyOf(nullptr, Pointee(IsEmpty())));
12816 }
12817
TEST_F(HostResolverManagerDnsTest,HttpsInSecureAddressQueryWithOnlyMaxTimeout)12818 TEST_F(HostResolverManagerDnsTest,
12819 HttpsInSecureAddressQueryWithOnlyMaxTimeout) {
12820 const char kName[] = "name.test";
12821
12822 base::test::ScopedFeatureList features;
12823 features.InitAndEnableFeatureWithParameters(
12824 features::kUseDnsHttpsSvcb,
12825 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12826 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12827 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "30m"},
12828 // Set a Secure absolute timeout of 10 minutes via the "max" param.
12829 {"UseDnsHttpsSvcbSecureExtraTimeMax", "10m"},
12830 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12831 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12832
12833 MockDnsClientRuleList rules;
12834 std::vector<DnsResourceRecord> records = {
12835 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12836 /*params=*/{})};
12837 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12838 MockDnsClientRule::Result(BuildTestDnsResponse(
12839 kName, dns_protocol::kTypeHttps, records)),
12840 /*delay=*/true);
12841 rules.emplace_back(
12842 kName, dns_protocol::kTypeA, /*secure=*/true,
12843 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12844 /*delay=*/false);
12845 rules.emplace_back(
12846 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12847 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12848 /*delay=*/false);
12849
12850 CreateResolver();
12851 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12852 DnsConfigOverrides overrides;
12853 overrides.secure_dns_mode = SecureDnsMode::kSecure;
12854 resolver_->SetDnsConfigOverrides(overrides);
12855
12856 ResolveHostResponseHelper response(resolver_->CreateRequest(
12857 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12858 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12859 resolve_context_.get(), resolve_context_->host_cache()));
12860 RunUntilIdle();
12861 EXPECT_FALSE(response.complete());
12862
12863 // Wait until 1 second before expected timeout.
12864 FastForwardBy(base::Minutes(10) - base::Seconds(1));
12865 RunUntilIdle();
12866 EXPECT_FALSE(response.complete());
12867
12868 // Exceed expected timeout.
12869 FastForwardBy(base::Seconds(2));
12870
12871 EXPECT_THAT(response.result_error(), IsOk());
12872 EXPECT_TRUE(response.request()->GetAddressResults());
12873 EXPECT_THAT(response.request()->GetEndpointResults(),
12874 testing::Pointee(testing::ElementsAre(
12875 ExpectEndpointResult(testing::SizeIs(2)))));
12876 EXPECT_THAT(response.request()->GetTextResults(),
12877 AnyOf(nullptr, Pointee(IsEmpty())));
12878 EXPECT_THAT(response.request()->GetHostnameResults(),
12879 AnyOf(nullptr, Pointee(IsEmpty())));
12880 // No experimental results if transaction did not complete.
12881 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12882 AnyOf(nullptr, Pointee(IsEmpty())));
12883 }
12884
TEST_F(HostResolverManagerDnsTest,HttpsInSecureAddressQueryWithRelativeTimeout)12885 TEST_F(HostResolverManagerDnsTest,
12886 HttpsInSecureAddressQueryWithRelativeTimeout) {
12887 const char kName[] = "name.test";
12888
12889 base::test::ScopedFeatureList features;
12890 features.InitAndEnableFeatureWithParameters(
12891 features::kUseDnsHttpsSvcb,
12892 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12893 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12894 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "30m"},
12895 // Set a Secure relative timeout of 10%.
12896 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12897 {"UseDnsHttpsSvcbSecureExtraTimePercent", "10"},
12898 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12899
12900 MockDnsClientRuleList rules;
12901 std::vector<DnsResourceRecord> records = {
12902 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12903 /*params=*/{})};
12904 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12905 MockDnsClientRule::Result(BuildTestDnsResponse(
12906 kName, dns_protocol::kTypeHttps, records)),
12907 /*delay=*/true);
12908 rules.emplace_back(
12909 kName, dns_protocol::kTypeA, /*secure=*/true,
12910 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12911 /*delay=*/true);
12912 rules.emplace_back(
12913 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12914 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12915 /*delay=*/true);
12916
12917 CreateResolver();
12918 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12919 DnsConfigOverrides overrides;
12920 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12921 resolver_->SetDnsConfigOverrides(overrides);
12922
12923 ResolveHostResponseHelper response(resolver_->CreateRequest(
12924 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12925 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
12926 resolve_context_.get(), resolve_context_->host_cache()));
12927 RunUntilIdle();
12928 EXPECT_FALSE(response.complete());
12929
12930 // Complete final address transaction after 100 seconds total.
12931 FastForwardBy(base::Seconds(50));
12932 ASSERT_TRUE(
12933 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
12934 FastForwardBy(base::Seconds(50));
12935 ASSERT_TRUE(
12936 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::AAAA));
12937 RunUntilIdle();
12938 EXPECT_FALSE(response.complete());
12939
12940 // Expect timeout at additional 10 seconds.
12941 FastForwardBy(base::Seconds(9));
12942 RunUntilIdle();
12943 EXPECT_FALSE(response.complete());
12944
12945 FastForwardBy(base::Seconds(2));
12946 EXPECT_THAT(response.result_error(), IsOk());
12947 EXPECT_TRUE(response.request()->GetAddressResults());
12948 EXPECT_THAT(response.request()->GetEndpointResults(),
12949 testing::Pointee(testing::ElementsAre(
12950 ExpectEndpointResult(testing::SizeIs(2)))));
12951 EXPECT_THAT(response.request()->GetTextResults(),
12952 AnyOf(nullptr, Pointee(IsEmpty())));
12953 EXPECT_THAT(response.request()->GetHostnameResults(),
12954 AnyOf(nullptr, Pointee(IsEmpty())));
12955 // No experimental results if transaction did not complete.
12956 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12957 AnyOf(nullptr, Pointee(IsEmpty())));
12958 }
12959
TEST_F(HostResolverManagerDnsTest,HttpsInSecureAddressQueryWithMaxTimeoutFirst)12960 TEST_F(HostResolverManagerDnsTest,
12961 HttpsInSecureAddressQueryWithMaxTimeoutFirst) {
12962 const char kName[] = "name.test";
12963
12964 base::test::ScopedFeatureList features;
12965 features.InitAndEnableFeatureWithParameters(
12966 features::kUseDnsHttpsSvcb,
12967 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12968 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12969 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12970 // Set a Secure max timeout of 30s and a relative timeout of 100%.
12971 {"UseDnsHttpsSvcbSecureExtraTimeMax", "30s"},
12972 {"UseDnsHttpsSvcbSecureExtraTimePercent", "100"},
12973 {"UseDnsHttpsSvcbSecureExtraTimeMin", "10s"}});
12974
12975 MockDnsClientRuleList rules;
12976 std::vector<DnsResourceRecord> records = {
12977 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12978 /*params=*/{})};
12979 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12980 MockDnsClientRule::Result(BuildTestDnsResponse(
12981 kName, dns_protocol::kTypeHttps, records)),
12982 /*delay=*/true);
12983 rules.emplace_back(
12984 kName, dns_protocol::kTypeA, /*secure=*/true,
12985 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12986 /*delay=*/true);
12987 rules.emplace_back(
12988 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12989 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12990 /*delay=*/true);
12991
12992 CreateResolver();
12993 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12994 DnsConfigOverrides overrides;
12995 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12996 resolver_->SetDnsConfigOverrides(overrides);
12997
12998 ResolveHostResponseHelper response(resolver_->CreateRequest(
12999 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13000 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
13001 resolve_context_.get(), resolve_context_->host_cache()));
13002 RunUntilIdle();
13003 EXPECT_FALSE(response.complete());
13004
13005 // Complete final address transaction after 4 minutes total.
13006 FastForwardBy(base::Minutes(2));
13007 ASSERT_TRUE(
13008 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
13009 FastForwardBy(base::Minutes(2));
13010 ASSERT_TRUE(
13011 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::AAAA));
13012 RunUntilIdle();
13013 EXPECT_FALSE(response.complete());
13014
13015 // Wait until 1 second before expected timeout (from the max timeout).
13016 FastForwardBy(base::Seconds(29));
13017 RunUntilIdle();
13018 EXPECT_FALSE(response.complete());
13019
13020 // Exceed expected timeout.
13021 FastForwardBy(base::Seconds(2));
13022
13023 EXPECT_THAT(response.result_error(), IsOk());
13024 EXPECT_TRUE(response.request()->GetAddressResults());
13025 EXPECT_THAT(response.request()->GetEndpointResults(),
13026 testing::Pointee(testing::ElementsAre(
13027 ExpectEndpointResult(testing::SizeIs(2)))));
13028 EXPECT_THAT(response.request()->GetTextResults(),
13029 AnyOf(nullptr, Pointee(IsEmpty())));
13030 EXPECT_THAT(response.request()->GetHostnameResults(),
13031 AnyOf(nullptr, Pointee(IsEmpty())));
13032 // No experimental results if transaction did not complete.
13033 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13034 AnyOf(nullptr, Pointee(IsEmpty())));
13035 }
13036
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithRelativeTimeoutFirst)13037 TEST_F(HostResolverManagerDnsTest,
13038 HttpsInAddressQueryWithRelativeTimeoutFirst) {
13039 const char kName[] = "name.test";
13040
13041 base::test::ScopedFeatureList features;
13042 features.InitAndEnableFeatureWithParameters(
13043 features::kUseDnsHttpsSvcb,
13044 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
13045 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
13046 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
13047 // Set a Secure max timeout of 20 minutes and a relative timeout of 10%.
13048 {"UseDnsHttpsSvcbSecureExtraTimeMax", "20m"},
13049 {"UseDnsHttpsSvcbSecureExtraTimePercent", "10"},
13050 {"UseDnsHttpsSvcbSecureExtraTimeMin", "1s"}});
13051
13052 MockDnsClientRuleList rules;
13053 std::vector<DnsResourceRecord> records = {
13054 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
13055 /*params=*/{})};
13056 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
13057 MockDnsClientRule::Result(BuildTestDnsResponse(
13058 kName, dns_protocol::kTypeHttps, records)),
13059 /*delay=*/true);
13060 rules.emplace_back(
13061 kName, dns_protocol::kTypeA, /*secure=*/true,
13062 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13063 /*delay=*/true);
13064 rules.emplace_back(
13065 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
13066 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13067 /*delay=*/true);
13068
13069 CreateResolver();
13070 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13071 DnsConfigOverrides overrides;
13072 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
13073 resolver_->SetDnsConfigOverrides(overrides);
13074
13075 ResolveHostResponseHelper response(resolver_->CreateRequest(
13076 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13077 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
13078 resolve_context_.get(), resolve_context_->host_cache()));
13079 RunUntilIdle();
13080 EXPECT_FALSE(response.complete());
13081
13082 // Complete final address transaction after 100 seconds total.
13083 FastForwardBy(base::Seconds(50));
13084 ASSERT_TRUE(
13085 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
13086 FastForwardBy(base::Seconds(50));
13087 ASSERT_TRUE(
13088 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::AAAA));
13089 RunUntilIdle();
13090 EXPECT_FALSE(response.complete());
13091
13092 // Expect timeout at additional 10 seconds (from the relative timeout).
13093 FastForwardBy(base::Seconds(9));
13094 RunUntilIdle();
13095 EXPECT_FALSE(response.complete());
13096
13097 FastForwardBy(base::Seconds(2));
13098 EXPECT_THAT(response.result_error(), IsOk());
13099 EXPECT_TRUE(response.request()->GetAddressResults());
13100 EXPECT_THAT(response.request()->GetEndpointResults(),
13101 testing::Pointee(testing::ElementsAre(
13102 ExpectEndpointResult(testing::SizeIs(2)))));
13103 EXPECT_THAT(response.request()->GetTextResults(),
13104 AnyOf(nullptr, Pointee(IsEmpty())));
13105 EXPECT_THAT(response.request()->GetHostnameResults(),
13106 AnyOf(nullptr, Pointee(IsEmpty())));
13107 // No experimental results if transaction did not complete.
13108 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13109 AnyOf(nullptr, Pointee(IsEmpty())));
13110 }
13111
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithRelativeTimeoutShorterThanMinTimeout)13112 TEST_F(HostResolverManagerDnsTest,
13113 HttpsInAddressQueryWithRelativeTimeoutShorterThanMinTimeout) {
13114 const char kName[] = "name.test";
13115
13116 base::test::ScopedFeatureList features;
13117 features.InitAndEnableFeatureWithParameters(
13118 features::kUseDnsHttpsSvcb,
13119 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
13120 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
13121 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
13122 // Set a Secure min timeout of 1 minute and a relative timeout of 10%.
13123 {"UseDnsHttpsSvcbSecureExtraTimeMax", "20m"},
13124 {"UseDnsHttpsSvcbSecureExtraTimePercent", "10"},
13125 {"UseDnsHttpsSvcbSecureExtraTimeMin", "1m"}});
13126
13127 MockDnsClientRuleList rules;
13128 std::vector<DnsResourceRecord> records = {
13129 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
13130 /*params=*/{})};
13131 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
13132 MockDnsClientRule::Result(BuildTestDnsResponse(
13133 kName, dns_protocol::kTypeHttps, records)),
13134 /*delay=*/true);
13135 rules.emplace_back(
13136 kName, dns_protocol::kTypeA, /*secure=*/true,
13137 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13138 /*delay=*/true);
13139 rules.emplace_back(
13140 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
13141 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13142 /*delay=*/true);
13143
13144 CreateResolver();
13145 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13146 DnsConfigOverrides overrides;
13147 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
13148 resolver_->SetDnsConfigOverrides(overrides);
13149
13150 ResolveHostResponseHelper response(resolver_->CreateRequest(
13151 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13152 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
13153 resolve_context_.get(), resolve_context_->host_cache()));
13154 RunUntilIdle();
13155 EXPECT_FALSE(response.complete());
13156
13157 // Complete final address transaction after 100 seconds total.
13158 FastForwardBy(base::Seconds(50));
13159 ASSERT_TRUE(
13160 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
13161 FastForwardBy(base::Seconds(50));
13162 ASSERT_TRUE(
13163 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::AAAA));
13164 RunUntilIdle();
13165 EXPECT_FALSE(response.complete());
13166
13167 // Expect timeout at additional 1 minute (from the min timeout).
13168 FastForwardBy(base::Minutes(1) - base::Seconds(1));
13169 RunUntilIdle();
13170 EXPECT_FALSE(response.complete());
13171
13172 FastForwardBy(base::Seconds(2));
13173 EXPECT_THAT(response.result_error(), IsOk());
13174 EXPECT_TRUE(response.request()->GetAddressResults());
13175 EXPECT_THAT(response.request()->GetEndpointResults(),
13176 testing::Pointee(testing::ElementsAre(
13177 ExpectEndpointResult(testing::SizeIs(2)))));
13178 EXPECT_THAT(response.request()->GetTextResults(),
13179 AnyOf(nullptr, Pointee(IsEmpty())));
13180 EXPECT_THAT(response.request()->GetHostnameResults(),
13181 AnyOf(nullptr, Pointee(IsEmpty())));
13182 // No experimental results if transaction did not complete.
13183 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13184 AnyOf(nullptr, Pointee(IsEmpty())));
13185 }
13186
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQueryWithOnlyMinTimeout)13187 TEST_F(HostResolverManagerDnsTest,
13188 HttpsInInsecureAddressQueryWithOnlyMinTimeout) {
13189 const char kName[] = "name.test";
13190
13191 base::test::ScopedFeatureList features;
13192 features.InitAndEnableFeatureWithParameters(
13193 features::kUseDnsHttpsSvcb,
13194 {// Set an Insecure absolute timeout of 10 minutes via the "min" param.
13195 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
13196 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
13197 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "10m"},
13198 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
13199 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
13200 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
13201
13202 MockDnsClientRuleList rules;
13203 std::vector<DnsResourceRecord> records = {
13204 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
13205 /*params=*/{})};
13206 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
13207 MockDnsClientRule::Result(BuildTestDnsResponse(
13208 kName, dns_protocol::kTypeHttps, records)),
13209 /*delay=*/true);
13210 rules.emplace_back(
13211 kName, dns_protocol::kTypeA, /*secure=*/false,
13212 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13213 /*delay=*/false);
13214 rules.emplace_back(
13215 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
13216 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13217 /*delay=*/false);
13218
13219 CreateResolver();
13220 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13221
13222 ResolveHostResponseHelper response(resolver_->CreateRequest(
13223 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13224 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
13225 resolve_context_.get(), resolve_context_->host_cache()));
13226 RunUntilIdle();
13227 EXPECT_FALSE(response.complete());
13228
13229 // Wait until 1 second before expected timeout.
13230 FastForwardBy(base::Minutes(10) - base::Seconds(1));
13231 RunUntilIdle();
13232 EXPECT_FALSE(response.complete());
13233
13234 // Exceed expected timeout.
13235 FastForwardBy(base::Seconds(2));
13236
13237 EXPECT_THAT(response.result_error(), IsOk());
13238 EXPECT_TRUE(response.request()->GetAddressResults());
13239 EXPECT_THAT(response.request()->GetEndpointResults(),
13240 testing::Pointee(testing::ElementsAre(
13241 ExpectEndpointResult(testing::SizeIs(2)))));
13242 EXPECT_THAT(response.request()->GetTextResults(),
13243 AnyOf(nullptr, Pointee(IsEmpty())));
13244 EXPECT_THAT(response.request()->GetHostnameResults(),
13245 AnyOf(nullptr, Pointee(IsEmpty())));
13246 // No experimental results if transaction did not complete.
13247 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13248 AnyOf(nullptr, Pointee(IsEmpty())));
13249 }
13250
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQueryWithOnlyMaxTimeout)13251 TEST_F(HostResolverManagerDnsTest,
13252 HttpsInInsecureAddressQueryWithOnlyMaxTimeout) {
13253 const char kName[] = "name.test";
13254
13255 base::test::ScopedFeatureList features;
13256 features.InitAndEnableFeatureWithParameters(
13257 features::kUseDnsHttpsSvcb,
13258 {// Set an Insecure absolute timeout of 10 minutes via the "max" param.
13259 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "10m"},
13260 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
13261 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
13262 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
13263 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
13264 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
13265
13266 MockDnsClientRuleList rules;
13267 std::vector<DnsResourceRecord> records = {
13268 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
13269 /*params=*/{})};
13270 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
13271 MockDnsClientRule::Result(BuildTestDnsResponse(
13272 kName, dns_protocol::kTypeHttps, records)),
13273 /*delay=*/true);
13274 rules.emplace_back(
13275 kName, dns_protocol::kTypeA, /*secure=*/false,
13276 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13277 /*delay=*/false);
13278 rules.emplace_back(
13279 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
13280 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13281 /*delay=*/false);
13282
13283 CreateResolver();
13284 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13285
13286 ResolveHostResponseHelper response(resolver_->CreateRequest(
13287 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13288 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
13289 resolve_context_.get(), resolve_context_->host_cache()));
13290 RunUntilIdle();
13291 EXPECT_FALSE(response.complete());
13292
13293 // Wait until 1 second before expected timeout.
13294 FastForwardBy(base::Minutes(10) - base::Seconds(1));
13295 RunUntilIdle();
13296 EXPECT_FALSE(response.complete());
13297
13298 // Exceed expected timeout.
13299 FastForwardBy(base::Seconds(2));
13300
13301 EXPECT_THAT(response.result_error(), IsOk());
13302 EXPECT_TRUE(response.request()->GetAddressResults());
13303 EXPECT_THAT(response.request()->GetEndpointResults(),
13304 testing::Pointee(testing::ElementsAre(
13305 ExpectEndpointResult(testing::SizeIs(2)))));
13306 EXPECT_THAT(response.request()->GetTextResults(),
13307 AnyOf(nullptr, Pointee(IsEmpty())));
13308 EXPECT_THAT(response.request()->GetHostnameResults(),
13309 AnyOf(nullptr, Pointee(IsEmpty())));
13310 // No experimental results if transaction did not complete.
13311 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13312 AnyOf(nullptr, Pointee(IsEmpty())));
13313 }
13314
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQueryWithRelativeTimeout)13315 TEST_F(HostResolverManagerDnsTest,
13316 HttpsInInsecureAddressQueryWithRelativeTimeout) {
13317 const char kName[] = "name.test";
13318
13319 base::test::ScopedFeatureList features;
13320 features.InitAndEnableFeatureWithParameters(
13321 features::kUseDnsHttpsSvcb,
13322 {// Set an Insecure relative timeout of 10%.
13323 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
13324 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "10"},
13325 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
13326 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
13327 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
13328 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
13329
13330 MockDnsClientRuleList rules;
13331 std::vector<DnsResourceRecord> records = {
13332 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
13333 /*params=*/{})};
13334 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
13335 MockDnsClientRule::Result(BuildTestDnsResponse(
13336 kName, dns_protocol::kTypeHttps, records)),
13337 /*delay=*/true);
13338 rules.emplace_back(
13339 kName, dns_protocol::kTypeA, /*secure=*/false,
13340 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13341 /*delay=*/true);
13342 rules.emplace_back(
13343 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
13344 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13345 /*delay=*/true);
13346
13347 CreateResolver();
13348 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13349
13350 ResolveHostResponseHelper response(resolver_->CreateRequest(
13351 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13352 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
13353 resolve_context_.get(), resolve_context_->host_cache()));
13354 RunUntilIdle();
13355 EXPECT_FALSE(response.complete());
13356
13357 // Complete final address transaction after 100 seconds total.
13358 FastForwardBy(base::Seconds(50));
13359 ASSERT_TRUE(
13360 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
13361 FastForwardBy(base::Seconds(50));
13362 ASSERT_TRUE(
13363 dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::AAAA));
13364 RunUntilIdle();
13365 EXPECT_FALSE(response.complete());
13366
13367 // Expect timeout at additional 10 seconds.
13368 FastForwardBy(base::Seconds(9));
13369 RunUntilIdle();
13370 EXPECT_FALSE(response.complete());
13371
13372 FastForwardBy(base::Seconds(2));
13373 EXPECT_THAT(response.result_error(), IsOk());
13374 EXPECT_TRUE(response.request()->GetAddressResults());
13375 EXPECT_THAT(response.request()->GetEndpointResults(),
13376 testing::Pointee(testing::ElementsAre(
13377 ExpectEndpointResult(testing::SizeIs(2)))));
13378 EXPECT_THAT(response.request()->GetTextResults(),
13379 AnyOf(nullptr, Pointee(IsEmpty())));
13380 EXPECT_THAT(response.request()->GetHostnameResults(),
13381 AnyOf(nullptr, Pointee(IsEmpty())));
13382 // No experimental results if transaction did not complete.
13383 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13384 AnyOf(nullptr, Pointee(IsEmpty())));
13385 }
13386
13387 // Test that HTTPS timeouts are not used when fatal for the request.
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWaitsWithoutTimeoutIfFatal)13388 TEST_F(HostResolverManagerDnsTest,
13389 HttpsInAddressQueryWaitsWithoutTimeoutIfFatal) {
13390 const char kName[] = "name.test";
13391
13392 base::test::ScopedFeatureList features;
13393 features.InitAndEnableFeatureWithParameters(
13394 features::kUseDnsHttpsSvcb,
13395 {// Set timeouts but also enforce secure responses.
13396 {"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
13397 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
13398 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
13399 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
13400 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
13401 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
13402 {"UseDnsHttpsSvcbSecureExtraTimeMin", "20m"}});
13403
13404 MockDnsClientRuleList rules;
13405 std::vector<DnsResourceRecord> records = {
13406 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
13407 /*params=*/{})};
13408 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
13409 MockDnsClientRule::Result(BuildTestDnsResponse(
13410 kName, dns_protocol::kTypeHttps, records)),
13411 /*delay=*/true);
13412 rules.emplace_back(
13413 kName, dns_protocol::kTypeA, /*secure=*/true,
13414 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13415 /*delay=*/false);
13416 rules.emplace_back(
13417 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
13418 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13419 /*delay=*/false);
13420
13421 CreateResolver();
13422 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13423 DnsConfigOverrides overrides;
13424 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
13425 resolver_->SetDnsConfigOverrides(overrides);
13426
13427 ResolveHostResponseHelper response(resolver_->CreateRequest(
13428 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13429 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
13430 resolve_context_.get(), resolve_context_->host_cache()));
13431 RunUntilIdle();
13432 EXPECT_FALSE(response.complete());
13433
13434 // Wait an absurd amount of time (1 hour) and expect the request to not
13435 // complete because it is waiting on the transaction, where the mock is
13436 // delaying completion.
13437 FastForwardBy(base::Hours(1));
13438 RunUntilIdle();
13439 EXPECT_FALSE(response.complete());
13440
13441 dns_client_->CompleteDelayedTransactions();
13442 EXPECT_THAT(response.result_error(), IsOk());
13443 EXPECT_TRUE(response.request()->GetAddressResults());
13444 EXPECT_THAT(
13445 response.request()->GetEndpointResults(),
13446 testing::Pointee(testing::ElementsAre(
13447 ExpectEndpointResult(
13448 testing::SizeIs(2),
13449 ExpectConnectionEndpointMetadata(
13450 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
13451 testing::IsEmpty(), kName)),
13452 ExpectEndpointResult(testing::SizeIs(2)))));
13453 EXPECT_THAT(response.request()->GetTextResults(),
13454 AnyOf(nullptr, Pointee(IsEmpty())));
13455 EXPECT_THAT(response.request()->GetHostnameResults(),
13456 AnyOf(nullptr, Pointee(IsEmpty())));
13457 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13458 testing::Pointee(testing::ElementsAre(true)));
13459 }
13460
13461 // Test that HTTPS timeouts are always respected for insecure requests.
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryAlwaysRespectsTimeoutsForInsecure)13462 TEST_F(HostResolverManagerDnsTest,
13463 HttpsInAddressQueryAlwaysRespectsTimeoutsForInsecure) {
13464 const char kName[] = "name.test";
13465
13466 base::test::ScopedFeatureList features;
13467 features.InitAndEnableFeatureWithParameters(
13468 features::kUseDnsHttpsSvcb,
13469 {// Set timeouts but also enforce secure responses.
13470 {"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
13471 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
13472 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
13473 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "20m"},
13474 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
13475 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
13476 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
13477
13478 MockDnsClientRuleList rules;
13479 std::vector<DnsResourceRecord> records = {
13480 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
13481 /*params=*/{})};
13482 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
13483 MockDnsClientRule::Result(BuildTestDnsResponse(
13484 kName, dns_protocol::kTypeHttps, records)),
13485 /*delay=*/true);
13486 rules.emplace_back(
13487 kName, dns_protocol::kTypeA, /*secure=*/false,
13488 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13489 /*delay=*/false);
13490 rules.emplace_back(
13491 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
13492 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13493 /*delay=*/false);
13494
13495 CreateResolver();
13496 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13497
13498 ResolveHostResponseHelper response(resolver_->CreateRequest(
13499 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13500 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
13501 resolve_context_.get(), resolve_context_->host_cache()));
13502 RunUntilIdle();
13503 EXPECT_FALSE(response.complete());
13504
13505 // Wait until 1s before expected timeout.
13506 FastForwardBy(base::Minutes(20) - base::Seconds(1));
13507 RunUntilIdle();
13508 EXPECT_FALSE(response.complete());
13509
13510 FastForwardBy(base::Seconds(2));
13511 EXPECT_THAT(response.result_error(), IsOk());
13512 EXPECT_TRUE(response.request()->GetAddressResults());
13513 EXPECT_THAT(response.request()->GetEndpointResults(),
13514 testing::Pointee(testing::ElementsAre(
13515 ExpectEndpointResult(testing::SizeIs(2)))));
13516 EXPECT_THAT(response.request()->GetTextResults(),
13517 AnyOf(nullptr, Pointee(IsEmpty())));
13518 EXPECT_THAT(response.request()->GetHostnameResults(),
13519 AnyOf(nullptr, Pointee(IsEmpty())));
13520 // No experimental results if transaction did not complete.
13521 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13522 AnyOf(nullptr, Pointee(IsEmpty())));
13523 }
13524
TEST_F(HostResolverManagerDnsTest,UnsolicitedHttps)13525 TEST_F(HostResolverManagerDnsTest, UnsolicitedHttps) {
13526 const char kName[] = "unsolicited.test";
13527
13528 MockDnsClientRuleList rules;
13529 std::vector<DnsResourceRecord> records = {
13530 BuildTestAddressRecord(kName, IPAddress(1, 2, 3, 4))};
13531 std::vector<DnsResourceRecord> additional = {BuildTestHttpsServiceRecord(
13532 kName, /*priority=*/1, /*service_name=*/".", /*params=*/{})};
13533 rules.emplace_back(kName, dns_protocol::kTypeA, true /* secure */,
13534 MockDnsClientRule::Result(BuildTestDnsResponse(
13535 kName, dns_protocol::kTypeA, records,
13536 {} /* authority */, additional)),
13537 false /* delay */);
13538 rules.emplace_back(
13539 kName, dns_protocol::kTypeAAAA, true /* secure */,
13540 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13541 false /* delay */);
13542
13543 CreateResolver();
13544 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13545 DnsConfigOverrides overrides;
13546 overrides.secure_dns_mode = SecureDnsMode::kSecure;
13547 resolver_->SetDnsConfigOverrides(overrides);
13548
13549 ResolveHostResponseHelper response(resolver_->CreateRequest(
13550 HostPortPair(kName, 108), NetworkAnonymizationKey(), NetLogWithSource(),
13551 absl::nullopt, resolve_context_.get(), resolve_context_->host_cache()));
13552 EXPECT_THAT(response.result_error(), IsOk());
13553 EXPECT_TRUE(response.request()->GetAddressResults());
13554 EXPECT_THAT(response.request()->GetEndpointResults(),
13555 testing::Pointee(testing::ElementsAre(
13556 ExpectEndpointResult(testing::SizeIs(2)))));
13557 EXPECT_THAT(response.request()->GetTextResults(),
13558 AnyOf(nullptr, Pointee(IsEmpty())));
13559 EXPECT_THAT(response.request()->GetHostnameResults(),
13560 AnyOf(nullptr, Pointee(IsEmpty())));
13561 // Unsolicited records not included in results.
13562 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13563 AnyOf(nullptr, Pointee(IsEmpty())));
13564 }
13565
TEST_F(HostResolverManagerDnsTest,DohProbeRequest)13566 TEST_F(HostResolverManagerDnsTest, DohProbeRequest) {
13567 ChangeDnsConfig(CreateValidDnsConfig());
13568
13569 EXPECT_FALSE(dns_client_->factory()->doh_probes_running());
13570
13571 std::unique_ptr<HostResolver::ProbeRequest> request =
13572 resolver_->CreateDohProbeRequest(resolve_context_.get());
13573 EXPECT_THAT(request->Start(), IsError(ERR_IO_PENDING));
13574
13575 EXPECT_TRUE(dns_client_->factory()->doh_probes_running());
13576
13577 request.reset();
13578
13579 EXPECT_FALSE(dns_client_->factory()->doh_probes_running());
13580 }
13581
TEST_F(HostResolverManagerDnsTest,DohProbeRequest_BeforeConfig)13582 TEST_F(HostResolverManagerDnsTest, DohProbeRequest_BeforeConfig) {
13583 InvalidateDnsConfig();
13584
13585 std::unique_ptr<HostResolver::ProbeRequest> request =
13586 resolver_->CreateDohProbeRequest(resolve_context_.get());
13587 EXPECT_THAT(request->Start(), IsError(ERR_IO_PENDING));
13588 EXPECT_FALSE(dns_client_->factory()->doh_probes_running());
13589
13590 ChangeDnsConfig(CreateValidDnsConfig());
13591 EXPECT_TRUE(dns_client_->factory()->doh_probes_running());
13592 }
13593
TEST_F(HostResolverManagerDnsTest,DohProbeRequest_InvalidateConfig)13594 TEST_F(HostResolverManagerDnsTest, DohProbeRequest_InvalidateConfig) {
13595 ChangeDnsConfig(CreateValidDnsConfig());
13596
13597 std::unique_ptr<HostResolver::ProbeRequest> request =
13598 resolver_->CreateDohProbeRequest(resolve_context_.get());
13599 EXPECT_THAT(request->Start(), IsError(ERR_IO_PENDING));
13600 ASSERT_TRUE(dns_client_->factory()->doh_probes_running());
13601
13602 InvalidateDnsConfig();
13603
13604 EXPECT_FALSE(dns_client_->factory()->doh_probes_running());
13605 }
13606
TEST_F(HostResolverManagerDnsTest,DohProbeRequest_RestartOnConnectionChange)13607 TEST_F(HostResolverManagerDnsTest, DohProbeRequest_RestartOnConnectionChange) {
13608 DestroyResolver();
13609 test::ScopedMockNetworkChangeNotifier notifier;
13610 CreateSerialResolver();
13611 notifier.mock_network_change_notifier()->SetConnectionType(
13612 NetworkChangeNotifier::CONNECTION_NONE);
13613 ChangeDnsConfig(CreateValidDnsConfig());
13614
13615 std::unique_ptr<HostResolver::ProbeRequest> request =
13616 resolver_->CreateDohProbeRequest(resolve_context_.get());
13617 EXPECT_THAT(request->Start(), IsError(ERR_IO_PENDING));
13618 EXPECT_TRUE(dns_client_->factory()->doh_probes_running());
13619 dns_client_->factory()->CompleteDohProbeRuners();
13620 ASSERT_FALSE(dns_client_->factory()->doh_probes_running());
13621
13622 notifier.mock_network_change_notifier()->SetConnectionTypeAndNotifyObservers(
13623 NetworkChangeNotifier::CONNECTION_NONE);
13624
13625 EXPECT_TRUE(dns_client_->factory()->doh_probes_running());
13626 }
13627
TEST_F(HostResolverManagerDnsTest,MultipleDohProbeRequests)13628 TEST_F(HostResolverManagerDnsTest, MultipleDohProbeRequests) {
13629 ChangeDnsConfig(CreateValidDnsConfig());
13630
13631 EXPECT_FALSE(dns_client_->factory()->doh_probes_running());
13632
13633 std::unique_ptr<HostResolver::ProbeRequest> request1 =
13634 resolver_->CreateDohProbeRequest(resolve_context_.get());
13635 EXPECT_THAT(request1->Start(), IsError(ERR_IO_PENDING));
13636 std::unique_ptr<HostResolver::ProbeRequest> request2 =
13637 resolver_->CreateDohProbeRequest(resolve_context_.get());
13638 EXPECT_THAT(request2->Start(), IsError(ERR_IO_PENDING));
13639
13640 EXPECT_TRUE(dns_client_->factory()->doh_probes_running());
13641
13642 request1.reset();
13643 EXPECT_TRUE(dns_client_->factory()->doh_probes_running());
13644
13645 request2.reset();
13646 EXPECT_FALSE(dns_client_->factory()->doh_probes_running());
13647 }
13648
13649 // Test that a newly-registered ResolveContext is immediately usable with a DNS
13650 // configuration loaded before the context registration.
TEST_F(HostResolverManagerDnsTest,NewlyRegisteredContext_ConfigBeforeRegistration)13651 TEST_F(HostResolverManagerDnsTest,
13652 NewlyRegisteredContext_ConfigBeforeRegistration) {
13653 ResolveContext context(nullptr /* url_request_context */,
13654 true /* enable_caching */);
13655 set_allow_fallback_to_systemtask(false);
13656 ChangeDnsConfig(CreateValidDnsConfig());
13657 DnsConfigOverrides overrides;
13658 overrides.secure_dns_mode = SecureDnsMode::kSecure;
13659 resolver_->SetDnsConfigOverrides(overrides);
13660
13661 ASSERT_TRUE(dns_client_->GetCurrentSession());
13662
13663 resolver_->RegisterResolveContext(&context);
13664 EXPECT_EQ(context.current_session_for_testing(),
13665 dns_client_->GetCurrentSession());
13666
13667 // Test a SECURE-mode DoH request with SetForceDohServerAvailable(false).
13668 // Should only succeed if a DoH server is marked available in the
13669 // ResolveContext. MockDnsClient skips most other interaction with
13670 // ResolveContext.
13671 dns_client_->SetForceDohServerAvailable(false);
13672 context.RecordServerSuccess(0u /* server_index */, true /* is_doh_server */,
13673 dns_client_->GetCurrentSession());
13674 ResolveHostResponseHelper response(resolver_->CreateRequest(
13675 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
13676 absl::nullopt, &context, context.host_cache()));
13677 EXPECT_THAT(response.result_error(), IsOk());
13678
13679 resolver_->DeregisterResolveContext(&context);
13680 }
13681
13682 // Test interaction with a ResolveContext registered before a DNS config is
13683 // ready.
TEST_F(HostResolverManagerDnsTest,NewlyRegisteredContext_NoConfigAtRegistration)13684 TEST_F(HostResolverManagerDnsTest,
13685 NewlyRegisteredContext_NoConfigAtRegistration) {
13686 ResolveContext context(nullptr /* url_request_context */,
13687 true /* enable_caching */);
13688 set_allow_fallback_to_systemtask(false);
13689 InvalidateDnsConfig();
13690 DnsConfigOverrides overrides;
13691 overrides.secure_dns_mode = SecureDnsMode::kSecure;
13692 resolver_->SetDnsConfigOverrides(overrides);
13693
13694 ASSERT_FALSE(dns_client_->GetCurrentSession());
13695
13696 // Register context before loading a DNS config.
13697 resolver_->RegisterResolveContext(&context);
13698 EXPECT_FALSE(context.current_session_for_testing());
13699
13700 // Load DNS config and expect the session to be loaded into the ResolveContext
13701 ChangeDnsConfig(CreateValidDnsConfig());
13702 ASSERT_TRUE(dns_client_->GetCurrentSession());
13703 EXPECT_EQ(context.current_session_for_testing(),
13704 dns_client_->GetCurrentSession());
13705
13706 // Test a SECURE-mode DoH request with SetForceDohServerAvailable(false).
13707 // Should only succeed if a DoH server is marked available in the
13708 // ResolveContext. MockDnsClient skips most other interaction with
13709 // ResolveContext.
13710 dns_client_->SetForceDohServerAvailable(false);
13711 context.RecordServerSuccess(0u /* server_index */, true /* is_doh_server */,
13712 dns_client_->GetCurrentSession());
13713 ResolveHostResponseHelper response(resolver_->CreateRequest(
13714 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
13715 absl::nullopt, &context, context.host_cache()));
13716 EXPECT_THAT(response.result_error(), IsOk());
13717
13718 resolver_->DeregisterResolveContext(&context);
13719 }
13720
13721 // `HostResolver::ResolveHostParameters::avoid_multicast_resolution` not
13722 // currently supported to do anything except with the system resolver. So with
13723 // DnsTask, expect it to be ignored.
TEST_F(HostResolverManagerDnsTest,AvoidMulticastIgnoredWithDnsTask)13724 TEST_F(HostResolverManagerDnsTest, AvoidMulticastIgnoredWithDnsTask) {
13725 ChangeDnsConfig(CreateValidDnsConfig());
13726
13727 HostResolver::ResolveHostParameters parameters;
13728 parameters.avoid_multicast_resolution = true;
13729
13730 ResolveHostResponseHelper response(resolver_->CreateRequest(
13731 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
13732 parameters, resolve_context_.get(), resolve_context_->host_cache()));
13733 EXPECT_THAT(response.result_error(), IsOk());
13734 }
13735
13736 class HostResolverManagerBootstrapTest : public HostResolverManagerDnsTest {
13737 protected:
13738 using MockResult = MockDnsClientRule::ResultType;
13739
SetUp()13740 void SetUp() override {
13741 // The request host scheme and port are only preserved if the SVCB feature
13742 // is enabled.
13743 features.InitAndEnableFeatureWithParameters(
13744 features::kUseDnsHttpsSvcb,
13745 {// Disable timeouts.
13746 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
13747 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
13748 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
13749 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
13750 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
13751 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
13752
13753 HostResolverManagerDnsTest::SetUp();
13754
13755 // MockHostResolverProc only returns failure if there is at least one
13756 // non-matching rule.
13757 proc_->AddRuleForAllFamilies("other_name", {});
13758 proc_->SignalMultiple(1u); // Allow up to one proc query.
13759 }
13760
13761 const NetworkAnonymizationKey kAnonymizationKey;
13762 const url::SchemeHostPort kEndpoint =
13763 url::SchemeHostPort(url::kHttpsScheme, "bootstrap", 443);
13764 const std::vector<IPEndPoint> kCacheAddrs = {
13765 {{0x20, 0x01, 0x0d, 0xb1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}, 0},
13766 {{192, 0, 2, 1}, 0}};
13767 const std::vector<IPEndPoint> kBootstrapAddrs = {
13768 {{0x20, 0x01, 0x0d, 0xb1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2}, 0},
13769 {{192, 0, 2, 2}, 0}};
13770 // The mock DNS client always returns localhost.
13771 const std::vector<IPEndPoint> kRemoteAddrs = {
13772 {IPAddress::IPv6Localhost(), 0},
13773 {IPAddress::IPv4Localhost(), 0}};
13774
bootstrap_params()13775 static HostResolver::ResolveHostParameters bootstrap_params() {
13776 HostResolver::ResolveHostParameters params;
13777 params.secure_dns_policy = SecureDnsPolicy::kBootstrap;
13778 return params;
13779 }
13780
ConfigureMockDns(MockResult insecure_result,MockResult secure_result)13781 void ConfigureMockDns(MockResult insecure_result, MockResult secure_result) {
13782 MockDnsClientRuleList rules;
13783 AddDnsRule(&rules, kEndpoint.host(), dns_protocol::kTypeA, insecure_result,
13784 /*delay=*/false);
13785 AddDnsRule(&rules, kEndpoint.host(), dns_protocol::kTypeAAAA,
13786 insecure_result, /*delay=*/false);
13787 AddSecureDnsRule(&rules, kEndpoint.host(), dns_protocol::kTypeA,
13788 secure_result, /*delay=*/false);
13789 AddSecureDnsRule(&rules, kEndpoint.host(), dns_protocol::kTypeAAAA,
13790 secure_result, /*delay=*/false);
13791 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13792 dns_client_->set_preset_endpoint(kEndpoint);
13793 }
13794
MakeCacheKey(bool secure)13795 HostCache::Key MakeCacheKey(bool secure) {
13796 HostCache::Key cache_key(kEndpoint, DnsQueryType::UNSPECIFIED, 0,
13797 HostResolverSource::ANY, kAnonymizationKey);
13798 cache_key.secure = secure;
13799 return cache_key;
13800 }
13801
PopulateCache(bool secure)13802 void PopulateCache(bool secure) {
13803 constexpr base::TimeDelta kTtl = base::Seconds(3600);
13804 HostCache::Entry entry(OK, kCacheAddrs, /*aliases=*/{},
13805 HostCache::Entry::SOURCE_DNS, kTtl);
13806 resolve_context_->host_cache()->Set(MakeCacheKey(secure), std::move(entry),
13807 GetMockTickClock()->NowTicks(), kTtl);
13808 }
13809
13810 base::test::ScopedFeatureList features;
13811 };
13812
IPAddresses(const std::vector<IPEndPoint> & endpoints)13813 std::vector<IPAddress> IPAddresses(const std::vector<IPEndPoint>& endpoints) {
13814 return base::test::ToVector(endpoints, &IPEndPoint::address);
13815 }
13816
IPAddresses(const AddressList & addresses)13817 std::vector<IPAddress> IPAddresses(const AddressList& addresses) {
13818 return IPAddresses(addresses.endpoints());
13819 }
13820
13821 MATCHER_P(AddressesMatch, expected, "Matches addresses between AddressLists") {
13822 return testing::Matches(testing::UnorderedElementsAreArray(
13823 IPAddresses(expected)))(IPAddresses(arg));
13824 }
13825
TEST_F(HostResolverManagerBootstrapTest,BlankSlate)13826 TEST_F(HostResolverManagerBootstrapTest, BlankSlate) {
13827 ConfigureMockDns(/*insecure_result=*/MockResult::kOk,
13828 /*secure_result=*/MockResult::kUnexpected);
13829
13830 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
13831 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
13832 resolve_context_.get(), resolve_context_->host_cache()));
13833
13834 EXPECT_FALSE(bootstrap_response.complete());
13835 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
13836 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
13837 testing::Pointee(AddressesMatch(kRemoteAddrs)));
13838 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
13839 testing::Pointee(testing::ElementsAre(
13840 ExpectEndpointResult(AddressesMatch(kRemoteAddrs)))));
13841 }
13842
TEST_F(HostResolverManagerBootstrapTest,InsecureCacheEntry)13843 TEST_F(HostResolverManagerBootstrapTest, InsecureCacheEntry) {
13844 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
13845 /*secure_result=*/MockResult::kUnexpected);
13846 PopulateCache(/*secure=*/false);
13847
13848 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
13849 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
13850 resolve_context_.get(), resolve_context_->host_cache()));
13851
13852 EXPECT_TRUE(bootstrap_response.complete());
13853 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
13854 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
13855 testing::Pointee(AddressesMatch(kCacheAddrs)));
13856 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
13857 testing::Pointee(testing::ElementsAre(
13858 ExpectEndpointResult(AddressesMatch(kCacheAddrs)))));
13859 }
13860
TEST_F(HostResolverManagerBootstrapTest,SecureCacheEntry)13861 TEST_F(HostResolverManagerBootstrapTest, SecureCacheEntry) {
13862 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
13863 /*secure_result=*/MockResult::kUnexpected);
13864 PopulateCache(/*secure=*/true);
13865
13866 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
13867 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
13868 resolve_context_.get(), resolve_context_->host_cache()));
13869
13870 EXPECT_TRUE(bootstrap_response.complete());
13871 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
13872 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
13873 testing::Pointee(AddressesMatch(kCacheAddrs)));
13874 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
13875 testing::Pointee(testing::ElementsAre(
13876 ExpectEndpointResult(AddressesMatch(kCacheAddrs)))));
13877 }
13878
TEST_F(HostResolverManagerBootstrapTest,OnlyBootstrap)13879 TEST_F(HostResolverManagerBootstrapTest, OnlyBootstrap) {
13880 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
13881 /*secure_result=*/MockResult::kOk);
13882 dns_client_->set_preset_addrs(kBootstrapAddrs);
13883
13884 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
13885 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
13886 resolve_context_.get(), resolve_context_->host_cache()));
13887
13888 EXPECT_TRUE(bootstrap_response.complete());
13889 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
13890 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
13891 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
13892 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
13893 testing::Pointee(testing::ElementsAre(
13894 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
13895
13896 // Run the followup query.
13897 RunUntilIdle();
13898
13899 // Confirm that the remote addresses are now in the secure cache.
13900 const auto* secure_result = resolve_context_->host_cache()->Lookup(
13901 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
13902 ASSERT_THAT(secure_result, testing::NotNull());
13903 EXPECT_THAT(
13904 secure_result->second.GetEndpoints(),
13905 testing::ElementsAre(ExpectEndpointResult(AddressesMatch(kRemoteAddrs))));
13906 }
13907
13908 // The insecure cache is ignored, so the results are identical to
13909 // OnlyBootstrap.
TEST_F(HostResolverManagerBootstrapTest,BootstrapAndInsecureCache)13910 TEST_F(HostResolverManagerBootstrapTest, BootstrapAndInsecureCache) {
13911 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
13912 /*secure_result=*/MockResult::kOk);
13913 dns_client_->set_preset_addrs(kBootstrapAddrs);
13914 PopulateCache(/*secure=*/false);
13915
13916 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
13917 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
13918 resolve_context_.get(), resolve_context_->host_cache()));
13919
13920 EXPECT_TRUE(bootstrap_response.complete());
13921 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
13922 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
13923 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
13924 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
13925 testing::Pointee(testing::ElementsAre(
13926 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
13927
13928 // Run the followup query.
13929 RunUntilIdle();
13930
13931 // Confirm that the remote addresses are now in the secure cache.
13932 const auto* secure_result = resolve_context_->host_cache()->Lookup(
13933 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
13934 ASSERT_THAT(secure_result, testing::NotNull());
13935 EXPECT_THAT(
13936 secure_result->second.GetEndpoints(),
13937 testing::ElementsAre(ExpectEndpointResult(AddressesMatch(kRemoteAddrs))));
13938 }
13939
13940 // The bootstrap addrs are ignored, so the results are identical to
13941 // SecureCacheEntry.
TEST_F(HostResolverManagerBootstrapTest,BootstrapAndSecureCacheEntry)13942 TEST_F(HostResolverManagerBootstrapTest, BootstrapAndSecureCacheEntry) {
13943 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
13944 /*secure_result=*/MockResult::kUnexpected);
13945 dns_client_->set_preset_addrs(kBootstrapAddrs);
13946 PopulateCache(/*secure=*/true);
13947
13948 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
13949 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
13950 resolve_context_.get(), resolve_context_->host_cache()));
13951
13952 EXPECT_TRUE(bootstrap_response.complete());
13953 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
13954 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
13955 testing::Pointee(AddressesMatch(kCacheAddrs)));
13956 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
13957 testing::Pointee(testing::ElementsAre(
13958 ExpectEndpointResult(AddressesMatch(kCacheAddrs)))));
13959 }
13960
TEST_F(HostResolverManagerBootstrapTest,BlankSlateFailure)13961 TEST_F(HostResolverManagerBootstrapTest, BlankSlateFailure) {
13962 ConfigureMockDns(/*insecure_result=*/MockResult::kFail,
13963 /*secure_result=*/MockResult::kUnexpected);
13964
13965 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
13966 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
13967 resolve_context_.get(), resolve_context_->host_cache()));
13968
13969 EXPECT_FALSE(bootstrap_response.complete());
13970 EXPECT_THAT(bootstrap_response.result_error(),
13971 IsError(ERR_NAME_NOT_RESOLVED));
13972 EXPECT_FALSE(bootstrap_response.request()
13973 ->GetResolveErrorInfo()
13974 .is_secure_network_error);
13975 }
13976
TEST_F(HostResolverManagerBootstrapTest,BootstrapFollowupFailure)13977 TEST_F(HostResolverManagerBootstrapTest, BootstrapFollowupFailure) {
13978 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
13979 /*secure_result=*/MockResult::kFail);
13980 dns_client_->set_preset_addrs(kBootstrapAddrs);
13981
13982 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
13983 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
13984 resolve_context_.get(), resolve_context_->host_cache()));
13985
13986 EXPECT_TRUE(bootstrap_response.complete());
13987 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
13988 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
13989 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
13990 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
13991 testing::Pointee(testing::ElementsAre(
13992 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
13993
13994 // Run the followup query.
13995 RunUntilIdle();
13996
13997 // Confirm that the secure cache remains empty.
13998 const auto* secure_result = resolve_context_->host_cache()->Lookup(
13999 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
14000 EXPECT_THAT(secure_result, testing::IsNull());
14001 }
14002
TEST_F(HostResolverManagerBootstrapTest,ContextClose)14003 TEST_F(HostResolverManagerBootstrapTest, ContextClose) {
14004 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14005 /*secure_result=*/MockResult::kOk);
14006 dns_client_->set_preset_addrs(kBootstrapAddrs);
14007
14008 // Trigger a followup request.
14009 ResolveHostResponseHelper bootstrap_response(resolver_->CreateRequest(
14010 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
14011 resolve_context_.get(), resolve_context_->host_cache()));
14012
14013 // Deregistering the resolve context should clean up the pending followup job.
14014 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
14015 resolver_->DeregisterResolveContext(resolve_context_.get());
14016 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
14017
14018 resolver_ = nullptr; // Avoid duplicate Deregister in TearDown.
14019 }
14020
14021 // Equivalent to OnlyBootstrap + BootstrapAndSecureCacheEntry
TEST_F(HostResolverManagerBootstrapTest,BootstrapAfterFollowup)14022 TEST_F(HostResolverManagerBootstrapTest, BootstrapAfterFollowup) {
14023 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14024 /*secure_result=*/MockResult::kOk);
14025 dns_client_->set_preset_addrs(kBootstrapAddrs);
14026
14027 // Run bootstrap and its followup query.
14028 ResolveHostResponseHelper bootstrap_response1(resolver_->CreateRequest(
14029 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
14030 resolve_context_.get(), resolve_context_->host_cache()));
14031 RunUntilIdle();
14032
14033 // The remote addresses are now in the secure cache.
14034 // Rerun bootstrap, which reads the secure cache results.
14035 ResolveHostResponseHelper bootstrap_response2(resolver_->CreateRequest(
14036 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
14037 resolve_context_.get(), resolve_context_->host_cache()));
14038
14039 EXPECT_TRUE(bootstrap_response2.complete());
14040 EXPECT_THAT(bootstrap_response2.result_error(), IsOk());
14041 EXPECT_THAT(bootstrap_response2.request()->GetAddressResults(),
14042 testing::Pointee(AddressesMatch(kRemoteAddrs)));
14043 EXPECT_THAT(bootstrap_response2.request()->GetEndpointResults(),
14044 testing::Pointee(testing::ElementsAre(
14045 ExpectEndpointResult(AddressesMatch(kRemoteAddrs)))));
14046 }
14047
TEST_F(HostResolverManagerBootstrapTest,BootstrapFollowupFailureTwice)14048 TEST_F(HostResolverManagerBootstrapTest, BootstrapFollowupFailureTwice) {
14049 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14050 /*secure_result=*/MockResult::kFail);
14051 dns_client_->set_preset_addrs(kBootstrapAddrs);
14052
14053 // Run the bootstrap query and the followup, which will fail.
14054 ResolveHostResponseHelper bootstrap_response1(resolver_->CreateRequest(
14055 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
14056 resolve_context_.get(), resolve_context_->host_cache()));
14057 RunUntilIdle();
14058
14059 // Reissue the bootstrap query.
14060 ResolveHostResponseHelper bootstrap_response2(resolver_->CreateRequest(
14061 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
14062 resolve_context_.get(), resolve_context_->host_cache()));
14063
14064 EXPECT_TRUE(bootstrap_response2.complete());
14065 EXPECT_THAT(bootstrap_response2.result_error(), IsOk());
14066 EXPECT_THAT(bootstrap_response2.request()->GetAddressResults(),
14067 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14068 EXPECT_THAT(bootstrap_response2.request()->GetEndpointResults(),
14069 testing::Pointee(testing::ElementsAre(
14070 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14071
14072 // Run the followup query again.
14073 RunUntilIdle();
14074
14075 // Confirm that the secure cache remains empty.
14076 const auto* secure_result = resolve_context_->host_cache()->Lookup(
14077 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
14078 EXPECT_THAT(secure_result, testing::IsNull());
14079 }
14080
TEST_F(HostResolverManagerBootstrapTest,OnlyBootstrapTwice)14081 TEST_F(HostResolverManagerBootstrapTest, OnlyBootstrapTwice) {
14082 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14083 /*secure_result=*/MockResult::kOk);
14084 dns_client_->set_preset_addrs(kBootstrapAddrs);
14085
14086 ResolveHostResponseHelper bootstrap_response1(resolver_->CreateRequest(
14087 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
14088 resolve_context_.get(), resolve_context_->host_cache()));
14089
14090 EXPECT_TRUE(bootstrap_response1.complete());
14091 EXPECT_THAT(bootstrap_response1.result_error(), IsOk());
14092 EXPECT_THAT(bootstrap_response1.request()->GetAddressResults(),
14093 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14094 EXPECT_THAT(bootstrap_response1.request()->GetEndpointResults(),
14095 testing::Pointee(testing::ElementsAre(
14096 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14097
14098 ResolveHostResponseHelper bootstrap_response2(resolver_->CreateRequest(
14099 kEndpoint, kAnonymizationKey, NetLogWithSource(), bootstrap_params(),
14100 resolve_context_.get(), resolve_context_->host_cache()));
14101
14102 EXPECT_TRUE(bootstrap_response2.complete());
14103 EXPECT_THAT(bootstrap_response2.result_error(), IsOk());
14104 EXPECT_THAT(bootstrap_response2.request()->GetAddressResults(),
14105 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14106 EXPECT_THAT(bootstrap_response2.request()->GetEndpointResults(),
14107 testing::Pointee(testing::ElementsAre(
14108 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14109
14110 // Run the followup query.
14111 RunUntilIdle();
14112
14113 // Confirm that the remote addresses are now in the secure cache.
14114 const auto* secure_result = resolve_context_->host_cache()->Lookup(
14115 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
14116 ASSERT_THAT(secure_result, testing::NotNull());
14117 EXPECT_THAT(
14118 secure_result->second.GetEndpoints(),
14119 testing::ElementsAre(ExpectEndpointResult(AddressesMatch(kRemoteAddrs))));
14120 }
14121
IPv4AddressLiteralInIPv6OnlyNetworkTest(bool is_async)14122 void HostResolverManagerTest::IPv4AddressLiteralInIPv6OnlyNetworkTest(
14123 bool is_async) {
14124 base::test::ScopedFeatureList feature_list;
14125 feature_list.InitWithFeatures(
14126 /*enabled_features=*/{features::kUseNAT64ForIPv4Literal},
14127 /*disabled_features=*/{});
14128
14129 HostResolver::ManagerOptions options = DefaultOptions();
14130 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
14131 true /* ipv6_reachable */, is_async,
14132 false /* ipv4_reachable */);
14133 proc_->AddRule("ipv4only.arpa", ADDRESS_FAMILY_IPV6,
14134 "64:ff9b::c000:aa,64:ff9b::c000:ab,2001:db8:43::c000:aa,"
14135 "2001:db8:43::c000:ab");
14136 proc_->SignalMultiple(1u);
14137
14138 ResolveHostResponseHelper response(resolver_->CreateRequest(
14139 HostPortPair("192.168.1.42", 80), NetworkAnonymizationKey(),
14140 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
14141 resolve_context_->host_cache()));
14142
14143 EXPECT_THAT(response.result_error(), IsOk());
14144 EXPECT_THAT(response.top_level_result_error(), IsOk());
14145 EXPECT_THAT(
14146 response.request()->GetAddressResults()->endpoints(),
14147 testing::ElementsAre(CreateExpected("64:ff9b::c0a8:12a", 80),
14148 CreateExpected("2001:db8:43::c0a8:12a", 80)));
14149 EXPECT_THAT(
14150 response.request()->GetEndpointResults(),
14151 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
14152 testing::ElementsAre(CreateExpected("64:ff9b::c0a8:12a", 80),
14153 CreateExpected("2001:db8:43::c0a8:12a", 80))))));
14154 EXPECT_FALSE(response.request()->GetStaleInfo());
14155
14156 ASSERT_TRUE(!proc_->GetCaptureList().empty());
14157 EXPECT_EQ("ipv4only.arpa", proc_->GetCaptureList()[0].hostname);
14158
14159 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
14160 GetCacheHit(HostCache::Key(
14161 "ipv4only.arpa", DnsQueryType::AAAA, 0 /* host_resolver_flags */,
14162 HostResolverSource::ANY, NetworkAnonymizationKey()));
14163 EXPECT_TRUE(cache_result);
14164 }
14165
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkAsync)14166 TEST_F(HostResolverManagerTest, IPv4AddressLiteralInIPv6OnlyNetworkAsync) {
14167 IPv4AddressLiteralInIPv6OnlyNetworkTest(true);
14168 }
14169
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkSync)14170 TEST_F(HostResolverManagerTest, IPv4AddressLiteralInIPv6OnlyNetworkSync) {
14171 IPv4AddressLiteralInIPv6OnlyNetworkTest(false);
14172 }
14173
IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(bool is_async)14174 void HostResolverManagerTest::IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(
14175 bool is_async) {
14176 base::test::ScopedFeatureList feature_list;
14177 feature_list.InitWithFeatures(
14178 /*enabled_features=*/{features::kUseNAT64ForIPv4Literal},
14179 /*disabled_features=*/{});
14180
14181 HostResolver::ManagerOptions options = DefaultOptions();
14182 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
14183 true /* ipv6_reachable */, is_async,
14184 false /* ipv4_reachable */);
14185 proc_->AddRule("ipv4only.arpa", ADDRESS_FAMILY_IPV6,
14186 "64:ff9b::c000:aa,64:ff9b::c000:ab,2001:db8:43::c000:aa,"
14187 "2001:db8:43::c000:ab");
14188 proc_->SignalMultiple(1u);
14189
14190 ResolveHostResponseHelper response(resolver_->CreateRequest(
14191 HostPortPair("192.168.1.42", 443), NetworkAnonymizationKey(),
14192 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
14193 resolve_context_->host_cache()));
14194
14195 EXPECT_THAT(response.result_error(), IsOk());
14196 EXPECT_THAT(response.top_level_result_error(), IsOk());
14197 EXPECT_THAT(
14198 response.request()->GetAddressResults()->endpoints(),
14199 testing::ElementsAre(CreateExpected("64:ff9b::c0a8:12a", 443),
14200 CreateExpected("2001:db8:43::c0a8:12a", 443)));
14201 EXPECT_THAT(response.request()->GetEndpointResults(),
14202 testing::Pointee(testing::ElementsAre(
14203 ExpectEndpointResult(testing::ElementsAre(
14204 CreateExpected("64:ff9b::c0a8:12a", 443),
14205 CreateExpected("2001:db8:43::c0a8:12a", 443))))));
14206 EXPECT_FALSE(response.request()->GetStaleInfo());
14207
14208 ASSERT_TRUE(!proc_->GetCaptureList().empty());
14209 EXPECT_EQ("ipv4only.arpa", proc_->GetCaptureList()[0].hostname);
14210
14211 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
14212 GetCacheHit(HostCache::Key(
14213 "ipv4only.arpa", DnsQueryType::AAAA, 0 /* host_resolver_flags */,
14214 HostResolverSource::ANY, NetworkAnonymizationKey()));
14215 EXPECT_TRUE(cache_result);
14216 }
14217
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkPort443Async)14218 TEST_F(HostResolverManagerTest,
14219 IPv4AddressLiteralInIPv6OnlyNetworkPort443Async) {
14220 IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(true);
14221 }
14222
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkPort443Sync)14223 TEST_F(HostResolverManagerTest,
14224 IPv4AddressLiteralInIPv6OnlyNetworkPort443Sync) {
14225 IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(false);
14226 }
14227
IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(bool is_async)14228 void HostResolverManagerTest::IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(
14229 bool is_async) {
14230 base::test::ScopedFeatureList feature_list;
14231 feature_list.InitWithFeatures(
14232 /*enabled_features=*/{features::kUseNAT64ForIPv4Literal},
14233 /*disabled_features=*/{});
14234
14235 HostResolver::ManagerOptions options = DefaultOptions();
14236 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
14237 true /* ipv6_reachable */, is_async,
14238 false /* ipv4_reachable */);
14239 proc_->AddRule("ipv4only.arpa", ADDRESS_FAMILY_IPV6, std::string());
14240 proc_->SignalMultiple(1u);
14241
14242 ResolveHostResponseHelper response(resolver_->CreateRequest(
14243 HostPortPair("192.168.1.42", 80), NetworkAnonymizationKey(),
14244 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
14245 resolve_context_->host_cache()));
14246
14247 EXPECT_THAT(response.result_error(), IsOk());
14248 EXPECT_THAT(response.top_level_result_error(), IsOk());
14249 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
14250 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
14251 EXPECT_THAT(response.request()->GetEndpointResults(),
14252 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
14253 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
14254 EXPECT_FALSE(response.request()->GetStaleInfo());
14255 }
14256
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Async)14257 TEST_F(HostResolverManagerTest,
14258 IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Async) {
14259 IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(true);
14260 }
14261
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Sync)14262 TEST_F(HostResolverManagerTest,
14263 IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Sync) {
14264 IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(false);
14265 }
14266
IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(bool is_async)14267 void HostResolverManagerTest::IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(
14268 bool is_async) {
14269 base::test::ScopedFeatureList feature_list;
14270 feature_list.InitWithFeatures(
14271 /*enabled_features=*/{features::kUseNAT64ForIPv4Literal},
14272 /*disabled_features=*/{});
14273
14274 HostResolver::ManagerOptions options = DefaultOptions();
14275 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
14276 true /* ipv6_reachable */, is_async,
14277 false /* ipv4_reachable */);
14278 proc_->AddRule("ipv4only.arpa", ADDRESS_FAMILY_IPV6, "2001:db8::1");
14279 proc_->SignalMultiple(1u);
14280
14281 ResolveHostResponseHelper response(resolver_->CreateRequest(
14282 HostPortPair("192.168.1.42", 80), NetworkAnonymizationKey(),
14283 NetLogWithSource(), absl::nullopt, resolve_context_.get(),
14284 resolve_context_->host_cache()));
14285
14286 EXPECT_THAT(response.result_error(), IsOk());
14287 EXPECT_THAT(response.top_level_result_error(), IsOk());
14288 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
14289 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
14290 EXPECT_THAT(response.request()->GetEndpointResults(),
14291 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
14292 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
14293 EXPECT_FALSE(response.request()->GetStaleInfo());
14294 }
14295 // Test when DNS returns bad IPv6 address of ipv4only.arpa., and the
14296 // IPv4 address of ipv4only.arpa is not contained in the IPv6 address.
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkBadAddressAsync)14297 TEST_F(HostResolverManagerTest,
14298 IPv4AddressLiteralInIPv6OnlyNetworkBadAddressAsync) {
14299 IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(true);
14300 }
14301
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkBadAddressSync)14302 TEST_F(HostResolverManagerTest,
14303 IPv4AddressLiteralInIPv6OnlyNetworkBadAddressSync) {
14304 IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(false);
14305 }
14306
14307 class HostResolverManagerIPv6ReachabilityOverrideTest
14308 : public HostResolverManagerDnsTest,
14309 public testing::WithParamInterface<bool> {
14310 public:
14311 static constexpr const char kTargetHost[] = "host.test";
14312
HostResolverManagerIPv6ReachabilityOverrideTest()14313 HostResolverManagerIPv6ReachabilityOverrideTest() {
14314 std::map<std::string, std::string> field_trial_params;
14315 if (GetParam()) {
14316 feature_list_.InitAndEnableFeature(
14317 features::kEnableIPv6ReachabilityOverride);
14318 } else {
14319 feature_list_.InitAndDisableFeature(
14320 features::kEnableIPv6ReachabilityOverride);
14321 }
14322 }
14323
14324 protected:
SetUp()14325 void SetUp() override {
14326 HostResolverManagerDnsTest::SetUp();
14327 // Make the global reachiability probe failed.
14328 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
14329 /*ipv6_reachable=*/false,
14330 /*check_ipv6_on_wifi=*/true);
14331 ChangeDnsConfig(CreateValidDnsConfig());
14332 // Wait until ongoing probe tasks finish.
14333 RunUntilIdle();
14334
14335 // This rule is used when only A record is queried.
14336 proc_->AddRule(kTargetHost, ADDRESS_FAMILY_IPV4, "192.0.2.1",
14337 HOST_RESOLVER_DEFAULT_FAMILY_SET_DUE_TO_NO_IPV6);
14338 // This rule is used when A and AAAA records are queried.
14339 proc_->AddRule(kTargetHost, ADDRESS_FAMILY_UNSPECIFIED,
14340 "192.0.2.1,2001:db8::1");
14341 }
14342
14343 private:
14344 base::test::ScopedFeatureList feature_list_;
14345 };
14346
14347 INSTANTIATE_TEST_SUITE_P(All,
14348 HostResolverManagerIPv6ReachabilityOverrideTest,
14349 testing::Bool());
14350
TEST_P(HostResolverManagerIPv6ReachabilityOverrideTest,Request)14351 TEST_P(HostResolverManagerIPv6ReachabilityOverrideTest, Request) {
14352 proc_->SignalMultiple(1u);
14353 ResolveHostResponseHelper response(resolver_->CreateRequest(
14354 url::SchemeHostPort(url::kHttpScheme, kTargetHost, 80),
14355 NetworkAnonymizationKey(), NetLogWithSource(), absl::nullopt,
14356 resolve_context_.get(), resolve_context_->host_cache()));
14357 EXPECT_THAT(response.result_error(), IsOk());
14358
14359 if (GetParam()) {
14360 EXPECT_THAT(
14361 response.request()->GetAddressResults()->endpoints(),
14362 testing::UnorderedElementsAre(CreateExpected("192.0.2.1", 80),
14363 CreateExpected("2001:db8::1", 80)));
14364 } else {
14365 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
14366 testing::UnorderedElementsAre(CreateExpected("192.0.2.1", 80)));
14367 }
14368 }
14369
14370 } // namespace net
14371