1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/dns/host_resolver_manager_unittest.h"
6
7 #include <iterator>
8 #include <limits>
9 #include <optional>
10 #include <string>
11 #include <string_view>
12 #include <tuple>
13 #include <utility>
14 #include <vector>
15
16 #include "base/auto_reset.h"
17 #include "base/containers/contains.h"
18 #include "base/containers/to_vector.h"
19 #include "base/functional/bind.h"
20 #include "base/functional/callback_helpers.h"
21 #include "base/location.h"
22 #include "base/memory/raw_ptr.h"
23 #include "base/memory/ref_counted.h"
24 #include "base/numerics/safe_conversions.h"
25 #include "base/rand_util.h"
26 #include "base/ranges/algorithm.h"
27 #include "base/run_loop.h"
28 #include "base/strings/string_number_conversions.h"
29 #include "base/strings/string_util.h"
30 #include "base/strings/stringprintf.h"
31 #include "base/synchronization/condition_variable.h"
32 #include "base/synchronization/lock.h"
33 #include "base/task/sequenced_task_runner.h"
34 #include "base/task/single_thread_task_runner.h"
35 #include "base/task/thread_pool/thread_pool_instance.h"
36 #include "base/test/bind.h"
37 #include "base/test/metrics/histogram_tester.h"
38 #include "base/test/mock_callback.h"
39 #include "base/test/scoped_feature_list.h"
40 #include "base/test/simple_test_clock.h"
41 #include "base/test/test_mock_time_task_runner.h"
42 #include "base/test/test_timeouts.h"
43 #include "base/threading/thread_restrictions.h"
44 #include "base/time/time.h"
45 #include "base/timer/mock_timer.h"
46 #include "base/values.h"
47 #include "build/build_config.h"
48 #include "net/base/address_family.h"
49 #include "net/base/address_list.h"
50 #include "net/base/connection_endpoint_metadata_test_util.h"
51 #include "net/base/features.h"
52 #include "net/base/host_port_pair.h"
53 #include "net/base/ip_address.h"
54 #include "net/base/ip_endpoint.h"
55 #include "net/base/mock_network_change_notifier.h"
56 #include "net/base/net_errors.h"
57 #include "net/base/network_anonymization_key.h"
58 #include "net/base/network_change_notifier.h"
59 #include "net/base/network_interfaces.h"
60 #include "net/base/schemeful_site.h"
61 #include "net/dns/address_sorter.h"
62 #include "net/dns/dns_client.h"
63 #include "net/dns/dns_config.h"
64 #include "net/dns/dns_test_util.h"
65 #include "net/dns/dns_util.h"
66 #include "net/dns/host_resolver.h"
67 #include "net/dns/host_resolver_cache.h"
68 #include "net/dns/host_resolver_internal_result.h"
69 #include "net/dns/host_resolver_internal_result_test_util.h"
70 #include "net/dns/host_resolver_results_test_util.h"
71 #include "net/dns/host_resolver_system_task.h"
72 #include "net/dns/mock_host_resolver.h"
73 #include "net/dns/mock_mdns_client.h"
74 #include "net/dns/mock_mdns_socket_factory.h"
75 #include "net/dns/public/dns_config_overrides.h"
76 #include "net/dns/public/dns_over_https_config.h"
77 #include "net/dns/public/dns_protocol.h"
78 #include "net/dns/public/dns_query_type.h"
79 #include "net/dns/public/doh_provider_entry.h"
80 #include "net/dns/public/mdns_listener_update_type.h"
81 #include "net/dns/public/resolve_error_info.h"
82 #include "net/dns/public/secure_dns_mode.h"
83 #include "net/dns/public/secure_dns_policy.h"
84 #include "net/dns/resolve_context.h"
85 #include "net/dns/test_dns_config_service.h"
86 #include "net/log/net_log_event_type.h"
87 #include "net/log/net_log_source_type.h"
88 #include "net/log/net_log_with_source.h"
89 #include "net/log/test_net_log.h"
90 #include "net/log/test_net_log_util.h"
91 #include "net/proxy_resolution/configured_proxy_resolution_service.h"
92 #include "net/socket/next_proto.h"
93 #include "net/socket/socket_test_util.h"
94 #include "net/test/gtest_util.h"
95 #include "net/test/test_with_task_environment.h"
96 #include "net/url_request/url_request_context.h"
97 #include "net/url_request/url_request_context_builder.h"
98 #include "net/url_request/url_request_test_util.h"
99 #include "testing/gmock/include/gmock/gmock.h"
100 #include "testing/gtest/include/gtest/gtest.h"
101 #include "url/gurl.h"
102 #include "url/scheme_host_port.h"
103 #include "url/url_constants.h"
104
105 #if BUILDFLAG(ENABLE_MDNS)
106 #include "net/dns/mdns_client_impl.h"
107 #endif // BUILDFLAG(ENABLE_MDNS)
108
109 using net::test::IsError;
110 using net::test::IsOk;
111 using ::testing::_;
112 using ::testing::AllOf;
113 using ::testing::AnyOf;
114 using ::testing::Between;
115 using ::testing::ByMove;
116 using ::testing::Contains;
117 using ::testing::ElementsAre;
118 using ::testing::Eq;
119 using ::testing::IsEmpty;
120 using ::testing::Not;
121 using ::testing::Optional;
122 using ::testing::Pair;
123 using ::testing::Pointee;
124 using ::testing::Property;
125 using ::testing::Return;
126 using ::testing::UnorderedElementsAre;
127
128 namespace net {
129
130 namespace {
131
132 const size_t kMaxJobs = 10u;
133 const size_t kMaxRetryAttempts = 4u;
134
DefaultParams(scoped_refptr<HostResolverProc> resolver_proc)135 HostResolverSystemTask::Params DefaultParams(
136 scoped_refptr<HostResolverProc> resolver_proc) {
137 return HostResolverSystemTask::Params(std::move(resolver_proc),
138 kMaxRetryAttempts);
139 }
140
141 class ResolveHostResponseHelper {
142 public:
143 using Callback =
144 base::OnceCallback<void(CompletionOnceCallback completion_callback,
145 int error)>;
146
147 ResolveHostResponseHelper() = default;
ResolveHostResponseHelper(std::unique_ptr<HostResolver::ResolveHostRequest> request)148 explicit ResolveHostResponseHelper(
149 std::unique_ptr<HostResolver::ResolveHostRequest> request)
150 : request_(std::move(request)) {
151 top_level_result_error_ = request_->Start(base::BindOnce(
152 &ResolveHostResponseHelper::OnComplete, base::Unretained(this)));
153 }
ResolveHostResponseHelper(std::unique_ptr<HostResolver::ResolveHostRequest> request,Callback custom_callback)154 ResolveHostResponseHelper(
155 std::unique_ptr<HostResolver::ResolveHostRequest> request,
156 Callback custom_callback)
157 : request_(std::move(request)) {
158 top_level_result_error_ = request_->Start(
159 base::BindOnce(std::move(custom_callback),
160 base::BindOnce(&ResolveHostResponseHelper::OnComplete,
161 base::Unretained(this))));
162 }
163
164 ResolveHostResponseHelper(const ResolveHostResponseHelper&) = delete;
165 ResolveHostResponseHelper& operator=(const ResolveHostResponseHelper&) =
166 delete;
167
complete() const168 bool complete() const { return top_level_result_error_ != ERR_IO_PENDING; }
169
top_level_result_error()170 int top_level_result_error() {
171 WaitForCompletion();
172 return top_level_result_error_;
173 }
174
result_error()175 int result_error() {
176 WaitForCompletion();
177 return request_->GetResolveErrorInfo().error;
178 }
179
request()180 HostResolver::ResolveHostRequest* request() { return request_.get(); }
181
CancelRequest()182 void CancelRequest() {
183 DCHECK(request_);
184 DCHECK(!complete());
185
186 request_ = nullptr;
187 }
188
OnComplete(int error)189 void OnComplete(int error) {
190 DCHECK(!complete());
191 top_level_result_error_ = error;
192
193 run_loop_.Quit();
194 }
195
196 private:
WaitForCompletion()197 void WaitForCompletion() {
198 DCHECK(request_);
199 if (complete()) {
200 return;
201 }
202 run_loop_.Run();
203 DCHECK(complete());
204 }
205
206 std::unique_ptr<HostResolver::ResolveHostRequest> request_;
207 int top_level_result_error_ = ERR_IO_PENDING;
208 base::RunLoop run_loop_;
209 };
210
211 // Using LookupAttemptHostResolverProc simulate very long lookups, and control
212 // which attempt resolves the host.
213 class LookupAttemptHostResolverProc : public HostResolverProc {
214 public:
LookupAttemptHostResolverProc(HostResolverProc * previous,int attempt_number_to_resolve,int total_attempts)215 LookupAttemptHostResolverProc(HostResolverProc* previous,
216 int attempt_number_to_resolve,
217 int total_attempts)
218 : HostResolverProc(previous),
219 attempt_number_to_resolve_(attempt_number_to_resolve),
220 total_attempts_(total_attempts),
221 all_done_(&lock_),
222 blocked_attempt_signal_(&lock_) {}
223
224 // Test harness will wait for all attempts to finish before checking the
225 // results.
WaitForAllAttemptsToFinish()226 void WaitForAllAttemptsToFinish() {
227 base::AutoLock auto_lock(lock_);
228 while (total_attempts_resolved_ != total_attempts_) {
229 all_done_.Wait();
230 }
231 }
232
WaitForNAttemptsToBeBlocked(int n)233 void WaitForNAttemptsToBeBlocked(int n) {
234 base::AutoLock auto_lock(lock_);
235 while (num_attempts_waiting_ < n) {
236 blocked_attempt_signal_.Wait();
237 }
238 }
239
240 // All attempts will wait for an attempt to resolve the host.
WaitForAnAttemptToComplete()241 void WaitForAnAttemptToComplete() {
242 {
243 base::AutoLock auto_lock(lock_);
244 base::ScopedAllowBaseSyncPrimitivesForTesting
245 scoped_allow_base_sync_primitives;
246 while (resolved_attempt_number_ == 0)
247 all_done_.Wait();
248 }
249 all_done_.Broadcast(); // Tell all waiting attempts to proceed.
250 }
251
252 // Returns the number of attempts that have finished the Resolve() method.
GetTotalAttemptsResolved()253 int GetTotalAttemptsResolved() {
254 base::AutoLock auto_lock(lock_);
255 return total_attempts_resolved_;
256 }
257
258 // Sets the resolved attempt number and unblocks waiting
259 // attempts.
SetResolvedAttemptNumber(int n)260 void SetResolvedAttemptNumber(int n) {
261 base::AutoLock auto_lock(lock_);
262 EXPECT_EQ(0, resolved_attempt_number_);
263 resolved_attempt_number_ = n;
264 all_done_.Broadcast();
265 }
266
267 // HostResolverProc methods.
Resolve(const std::string & host,AddressFamily address_family,HostResolverFlags host_resolver_flags,AddressList * addrlist,int * os_error)268 int Resolve(const std::string& host,
269 AddressFamily address_family,
270 HostResolverFlags host_resolver_flags,
271 AddressList* addrlist,
272 int* os_error) override {
273 bool wait_for_right_attempt_to_complete = true;
274 {
275 base::AutoLock auto_lock(lock_);
276 ++current_attempt_number_;
277 ++num_attempts_waiting_;
278 if (current_attempt_number_ == attempt_number_to_resolve_) {
279 resolved_attempt_number_ = current_attempt_number_;
280 wait_for_right_attempt_to_complete = false;
281 }
282 }
283
284 blocked_attempt_signal_.Broadcast();
285
286 if (wait_for_right_attempt_to_complete)
287 // Wait for the attempt_number_to_resolve_ attempt to resolve.
288 WaitForAnAttemptToComplete();
289
290 int result = ResolveUsingPrevious(host, address_family, host_resolver_flags,
291 addrlist, os_error);
292
293 {
294 base::AutoLock auto_lock(lock_);
295 ++total_attempts_resolved_;
296 --num_attempts_waiting_;
297 }
298
299 all_done_.Broadcast(); // Tell all attempts to proceed.
300
301 // Since any negative number is considered a network error, with -1 having
302 // special meaning (ERR_IO_PENDING). We could return the attempt that has
303 // resolved the host as a negative number. For example, if attempt number 3
304 // resolves the host, then this method returns -4.
305 if (result == OK)
306 return -1 - resolved_attempt_number_;
307 else
308 return result;
309 }
310
311 protected:
312 ~LookupAttemptHostResolverProc() override = default;
313
314 private:
315 int attempt_number_to_resolve_;
316 int current_attempt_number_ = 0; // Incremented whenever Resolve is called.
317 int total_attempts_;
318 int total_attempts_resolved_ = 0;
319 int resolved_attempt_number_ = 0;
320 int num_attempts_waiting_ = 0;
321
322 // All attempts wait for right attempt to be resolve.
323 base::Lock lock_;
324 base::ConditionVariable all_done_;
325 base::ConditionVariable blocked_attempt_signal_;
326 };
327
328 // TestHostResolverManager's sole purpose is to mock the IPv6 reachability test.
329 // By default, this pretends that IPv6 is globally reachable.
330 // This class is necessary so unit tests run the same on dual-stack machines as
331 // well as IPv4 only machines.
332 class TestHostResolverManager : public HostResolverManager {
333 public:
TestHostResolverManager(const HostResolver::ManagerOptions & options,SystemDnsConfigChangeNotifier * notifier,NetLog * net_log,bool ipv6_reachable=true,bool ipv4_reachable=true,bool is_async=false)334 TestHostResolverManager(const HostResolver::ManagerOptions& options,
335 SystemDnsConfigChangeNotifier* notifier,
336 NetLog* net_log,
337 bool ipv6_reachable = true,
338 bool ipv4_reachable = true,
339 bool is_async = false)
340 : HostResolverManager(options, notifier, net_log),
341 ipv6_reachable_(ipv6_reachable),
342 ipv4_reachable_(ipv4_reachable),
343 is_async_(is_async) {}
344
345 ~TestHostResolverManager() override = default;
346
347 private:
348 const bool ipv6_reachable_;
349 const bool ipv4_reachable_;
350 const bool is_async_;
351
StartGloballyReachableCheck(const IPAddress & dest,const NetLogWithSource & net_log,ClientSocketFactory * client_socket_factory,CompletionOnceCallback callback)352 int StartGloballyReachableCheck(const IPAddress& dest,
353 const NetLogWithSource& net_log,
354 ClientSocketFactory* client_socket_factory,
355 CompletionOnceCallback callback) override {
356 int rv = OK;
357 if (dest.IsIPv6()) {
358 rv = ipv6_reachable_ ? OK : ERR_FAILED;
359 } else {
360 rv = ipv4_reachable_ ? OK : ERR_FAILED;
361 }
362 if (is_async_) {
363 base::SingleThreadTaskRunner::GetCurrentDefault()->PostTask(
364 FROM_HERE, base::BindOnce(std::move(callback), rv));
365 return ERR_IO_PENDING;
366 }
367 return rv;
368 }
369 };
370
HasAddress(const IPAddress & search_address,const std::vector<IPEndPoint> & addresses)371 bool HasAddress(const IPAddress& search_address,
372 const std::vector<IPEndPoint>& addresses) {
373 for (const auto& address : addresses) {
374 if (search_address == address.address())
375 return true;
376 }
377 return false;
378 }
379
TestBothLoopbackIPs(const std::string & host)380 void TestBothLoopbackIPs(const std::string& host) {
381 std::vector<IPEndPoint> addresses;
382 EXPECT_TRUE(ResolveLocalHostname(host, &addresses));
383 EXPECT_EQ(2u, addresses.size());
384 EXPECT_TRUE(HasAddress(IPAddress::IPv4Localhost(), addresses));
385 EXPECT_TRUE(HasAddress(IPAddress::IPv6Localhost(), addresses));
386 }
387
388 // Returns the DoH provider entry in `DohProviderEntry::GetList()` that matches
389 // `provider`. Crashes if there is no matching entry.
GetDohProviderEntryForTesting(std::string_view provider)390 const DohProviderEntry& GetDohProviderEntryForTesting(
391 std::string_view provider) {
392 auto provider_list = DohProviderEntry::GetList();
393 auto it =
394 base::ranges::find(provider_list, provider, &DohProviderEntry::provider);
395 CHECK(it != provider_list.end());
396 return **it;
397 }
398
399 } // namespace
400
HostResolverManagerTest(base::test::TaskEnvironment::TimeSource time_source)401 HostResolverManagerTest::HostResolverManagerTest(
402 base::test::TaskEnvironment::TimeSource time_source)
403 : TestWithTaskEnvironment(time_source),
404 proc_(base::MakeRefCounted<MockHostResolverProc>()) {}
405
406 HostResolverManagerTest::~HostResolverManagerTest() = default;
407
CreateResolver(bool check_ipv6_on_wifi)408 void HostResolverManagerTest::CreateResolver(bool check_ipv6_on_wifi) {
409 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
410 true /* ipv6_reachable */,
411 check_ipv6_on_wifi);
412 }
413
DestroyResolver()414 void HostResolverManagerTest::DestroyResolver() {
415 if (!resolver_) {
416 return;
417 }
418
419 resolver_->DeregisterResolveContext(resolve_context_.get());
420 resolver_ = nullptr;
421 }
422
423 // This HostResolverManager will only allow 1 outstanding resolve at a time
424 // and perform no retries.
CreateSerialResolver(bool check_ipv6_on_wifi,bool ipv6_reachable,bool is_async)425 void HostResolverManagerTest::CreateSerialResolver(bool check_ipv6_on_wifi,
426 bool ipv6_reachable,
427 bool is_async) {
428 HostResolverSystemTask::Params params = DefaultParams(proc_);
429 params.max_retry_attempts = 0u;
430 CreateResolverWithLimitsAndParams(1u, params, ipv6_reachable,
431 check_ipv6_on_wifi, is_async);
432 }
433
SetUp()434 void HostResolverManagerTest::SetUp() {
435 request_context_ = CreateTestURLRequestContextBuilder()->Build();
436 resolve_context_ = std::make_unique<ResolveContext>(
437 request_context_.get(), true /* enable_caching */);
438 CreateResolver();
439 }
440
TearDown()441 void HostResolverManagerTest::TearDown() {
442 if (resolver_) {
443 EXPECT_EQ(0u, resolver_->num_running_dispatcher_jobs_for_tests());
444 }
445 DestroyResolver();
446 EXPECT_FALSE(proc_->HasBlockedRequests());
447 }
448
CreateResolverWithLimitsAndParams(size_t max_concurrent_resolves,const HostResolverSystemTask::Params & params,bool ipv6_reachable,bool check_ipv6_on_wifi,bool is_async)449 void HostResolverManagerTest::CreateResolverWithLimitsAndParams(
450 size_t max_concurrent_resolves,
451 const HostResolverSystemTask::Params& params,
452 bool ipv6_reachable,
453 bool check_ipv6_on_wifi,
454 bool is_async) {
455 HostResolver::ManagerOptions options = DefaultOptions();
456 options.max_concurrent_resolves = max_concurrent_resolves;
457 options.check_ipv6_on_wifi = check_ipv6_on_wifi;
458
459 CreateResolverWithOptionsAndParams(std::move(options), params, ipv6_reachable,
460 is_async);
461 }
462
DefaultOptions()463 HostResolver::ManagerOptions HostResolverManagerTest::DefaultOptions() {
464 HostResolver::ManagerOptions options;
465 options.max_concurrent_resolves = kMaxJobs;
466 options.max_system_retry_attempts = kMaxRetryAttempts;
467 return options;
468 }
469
CreateResolverWithOptionsAndParams(HostResolver::ManagerOptions options,const HostResolverSystemTask::Params & params,bool ipv6_reachable,bool is_async,bool ipv4_reachable)470 void HostResolverManagerTest::CreateResolverWithOptionsAndParams(
471 HostResolver::ManagerOptions options,
472 const HostResolverSystemTask::Params& params,
473 bool ipv6_reachable,
474 bool is_async,
475 bool ipv4_reachable) {
476 // Use HostResolverManagerDnsTest if enabling DNS client.
477 DCHECK(!options.insecure_dns_client_enabled);
478
479 DestroyResolver();
480
481 resolver_ = std::make_unique<TestHostResolverManager>(
482 options, nullptr /* notifier */, nullptr /* net_log */, ipv6_reachable,
483 ipv4_reachable, is_async);
484 resolver_->set_host_resolver_system_params_for_test(params);
485 resolver_->RegisterResolveContext(resolve_context_.get());
486 }
487
num_running_dispatcher_jobs() const488 size_t HostResolverManagerTest::num_running_dispatcher_jobs() const {
489 DCHECK(resolver_.get());
490 return resolver_->num_running_dispatcher_jobs_for_tests();
491 }
492
set_allow_fallback_to_systemtask(bool allow_fallback_to_systemtask)493 void HostResolverManagerTest::set_allow_fallback_to_systemtask(
494 bool allow_fallback_to_systemtask) {
495 DCHECK(resolver_.get());
496 resolver_->allow_fallback_to_systemtask_ = allow_fallback_to_systemtask;
497 }
498
StartIPv6ReachabilityCheck(const NetLogWithSource & net_log,raw_ptr<ClientSocketFactory> client_socket_factory,CompletionOnceCallback callback)499 int HostResolverManagerTest::StartIPv6ReachabilityCheck(
500 const NetLogWithSource& net_log,
501 raw_ptr<ClientSocketFactory> client_socket_factory,
502 CompletionOnceCallback callback) {
503 return resolver_->StartIPv6ReachabilityCheck(net_log, client_socket_factory,
504 std::move(callback));
505 }
506
GetLastIpv6ProbeResult()507 bool HostResolverManagerTest::GetLastIpv6ProbeResult() {
508 return resolver_->last_ipv6_probe_result_;
509 }
510
PopulateCache(const HostCache::Key & key,IPEndPoint endpoint)511 void HostResolverManagerTest::PopulateCache(const HostCache::Key& key,
512 IPEndPoint endpoint) {
513 resolver_->CacheResult(resolve_context_->host_cache(), key,
514 HostCache::Entry(OK, {endpoint}, /*aliases=*/{},
515 HostCache::Entry::SOURCE_UNKNOWN),
516 base::Seconds(1));
517 }
518
519 const std::pair<const HostCache::Key, HostCache::Entry>*
GetCacheHit(const HostCache::Key & key)520 HostResolverManagerTest::GetCacheHit(const HostCache::Key& key) {
521 DCHECK(resolve_context_->host_cache());
522 return resolve_context_->host_cache()->LookupStale(
523 key, base::TimeTicks(), nullptr, false /* ignore_secure */);
524 }
525
MakeCacheStale()526 void HostResolverManagerTest::MakeCacheStale() {
527 DCHECK(resolve_context_->host_cache());
528 resolve_context_->host_cache()->Invalidate();
529 }
530
CreateExpected(const std::string & ip_literal,uint16_t port)531 IPEndPoint HostResolverManagerTest::CreateExpected(
532 const std::string& ip_literal,
533 uint16_t port) {
534 IPAddress ip;
535 bool result = ip.AssignFromIPLiteral(ip_literal);
536 DCHECK(result);
537 return IPEndPoint(ip, port);
538 }
539
TEST_F(HostResolverManagerTest,AsynchronousLookup)540 TEST_F(HostResolverManagerTest, AsynchronousLookup) {
541 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
542 proc_->SignalMultiple(1u);
543
544 ResolveHostResponseHelper response(resolver_->CreateRequest(
545 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
546 NetLogWithSource(), std::nullopt, resolve_context_.get()));
547
548 EXPECT_THAT(response.result_error(), IsOk());
549 EXPECT_THAT(response.top_level_result_error(), IsOk());
550 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
551 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
552 EXPECT_THAT(response.request()->GetEndpointResults(),
553 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
554 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
555 EXPECT_FALSE(response.request()->GetStaleInfo());
556
557 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
558
559 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
560 GetCacheHit(HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
561 0 /* host_resolver_flags */,
562 HostResolverSource::ANY,
563 NetworkAnonymizationKey()));
564 EXPECT_TRUE(cache_result);
565 }
566
567 // TODO(crbug.com/1206799): Confirm scheme behavior once it affects behavior.
TEST_F(HostResolverManagerTest,AsynchronousLookupWithScheme)568 TEST_F(HostResolverManagerTest, AsynchronousLookupWithScheme) {
569 proc_->AddRuleForAllFamilies("host.test", "192.168.1.42");
570 proc_->SignalMultiple(1u);
571
572 ResolveHostResponseHelper response(resolver_->CreateRequest(
573 url::SchemeHostPort(url::kHttpScheme, "host.test", 80),
574 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
575 resolve_context_.get()));
576
577 EXPECT_THAT(response.result_error(), IsOk());
578 EXPECT_THAT(response.top_level_result_error(), IsOk());
579 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
580 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
581 EXPECT_THAT(response.request()->GetEndpointResults(),
582 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
583 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
584 EXPECT_FALSE(response.request()->GetStaleInfo());
585
586 EXPECT_EQ("host.test", proc_->GetCaptureList()[0].hostname);
587
588 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
589 GetCacheHit(
590 HostCache::Key(url::SchemeHostPort(url::kHttpScheme, "host.test", 80),
591 DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
592 HostResolverSource::ANY, NetworkAnonymizationKey()));
593 EXPECT_TRUE(cache_result);
594 }
595
TEST_F(HostResolverManagerTest,JobsClearedOnCompletion)596 TEST_F(HostResolverManagerTest, JobsClearedOnCompletion) {
597 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
598 proc_->SignalMultiple(1u);
599
600 ResolveHostResponseHelper response(resolver_->CreateRequest(
601 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
602 NetLogWithSource(), std::nullopt, resolve_context_.get()));
603 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
604
605 EXPECT_THAT(response.result_error(), IsOk());
606 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
607 }
608
TEST_F(HostResolverManagerTest,JobsClearedOnCompletion_MultipleRequests)609 TEST_F(HostResolverManagerTest, JobsClearedOnCompletion_MultipleRequests) {
610 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
611 proc_->SignalMultiple(1u);
612
613 ResolveHostResponseHelper response1(resolver_->CreateRequest(
614 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
615 NetLogWithSource(), std::nullopt, resolve_context_.get()));
616 ResolveHostResponseHelper response2(resolver_->CreateRequest(
617 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
618 NetLogWithSource(), std::nullopt, resolve_context_.get()));
619 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
620
621 EXPECT_THAT(response1.result_error(), IsOk());
622 EXPECT_THAT(response2.result_error(), IsOk());
623 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
624 }
625
TEST_F(HostResolverManagerTest,JobsClearedOnCompletion_Failure)626 TEST_F(HostResolverManagerTest, JobsClearedOnCompletion_Failure) {
627 proc_->AddRuleForAllFamilies(std::string(),
628 "0.0.0.1"); // Default to failures.
629 proc_->SignalMultiple(1u);
630
631 ResolveHostResponseHelper response(resolver_->CreateRequest(
632 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
633 NetLogWithSource(), std::nullopt, resolve_context_.get()));
634 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
635
636 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
637 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
638 }
639
TEST_F(HostResolverManagerTest,JobsClearedOnCompletion_Abort)640 TEST_F(HostResolverManagerTest, JobsClearedOnCompletion_Abort) {
641 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
642
643 ResolveHostResponseHelper response(resolver_->CreateRequest(
644 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
645 NetLogWithSource(), std::nullopt, resolve_context_.get()));
646 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
647
648 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
649 proc_->SignalMultiple(1u);
650
651 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
652 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
653 }
654
TEST_F(HostResolverManagerTest,DnsQueryType)655 TEST_F(HostResolverManagerTest, DnsQueryType) {
656 proc_->AddRule("host", ADDRESS_FAMILY_IPV4, "192.168.1.20");
657 proc_->AddRule("host", ADDRESS_FAMILY_IPV6, "::5");
658
659 HostResolver::ResolveHostParameters parameters;
660
661 parameters.dns_query_type = DnsQueryType::A;
662 ResolveHostResponseHelper v4_response(resolver_->CreateRequest(
663 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
664 parameters, resolve_context_.get()));
665
666 parameters.dns_query_type = DnsQueryType::AAAA;
667 ResolveHostResponseHelper v6_response(resolver_->CreateRequest(
668 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
669 parameters, resolve_context_.get()));
670
671 proc_->SignalMultiple(2u);
672
673 EXPECT_THAT(v4_response.result_error(), IsOk());
674 EXPECT_THAT(v4_response.request()->GetAddressResults()->endpoints(),
675 testing::ElementsAre(CreateExpected("192.168.1.20", 80)));
676 EXPECT_THAT(v4_response.request()->GetEndpointResults(),
677 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
678 testing::ElementsAre(CreateExpected("192.168.1.20", 80))))));
679
680 EXPECT_THAT(v6_response.result_error(), IsOk());
681 EXPECT_THAT(v6_response.request()->GetAddressResults()->endpoints(),
682 testing::ElementsAre(CreateExpected("::5", 80)));
683 EXPECT_THAT(v6_response.request()->GetEndpointResults(),
684 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
685 testing::ElementsAre(CreateExpected("::5", 80))))));
686 }
687
TEST_F(HostResolverManagerTest,DnsQueryWithoutAliases)688 TEST_F(HostResolverManagerTest, DnsQueryWithoutAliases) {
689 proc_->AddRule("host", ADDRESS_FAMILY_IPV4, "192.168.1.20");
690
691 HostResolver::ResolveHostParameters parameters;
692
693 parameters.dns_query_type = DnsQueryType::A;
694 ResolveHostResponseHelper response(resolver_->CreateRequest(
695 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
696 parameters, resolve_context_.get()));
697
698 proc_->SignalMultiple(1u);
699
700 EXPECT_THAT(response.result_error(), IsOk());
701 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
702 testing::ElementsAre(CreateExpected("192.168.1.20", 80)));
703 EXPECT_THAT(response.request()->GetEndpointResults(),
704 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
705 testing::ElementsAre(CreateExpected("192.168.1.20", 80))))));
706 EXPECT_THAT(response.request()->GetDnsAliasResults(),
707 testing::Pointee(testing::IsEmpty()));
708 }
709
LocalhostIPV4IPV6LookupTest(bool is_async)710 void HostResolverManagerTest::LocalhostIPV4IPV6LookupTest(bool is_async) {
711 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
712 true /* ipv6_reachable */,
713 true /* check_ipv6_on_wifi */, is_async);
714 HostResolver::ResolveHostParameters parameters;
715
716 parameters.dns_query_type = DnsQueryType::A;
717 ResolveHostResponseHelper v4_v4_response(resolver_->CreateRequest(
718 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
719 NetLogWithSource(), parameters, resolve_context_.get()));
720 EXPECT_THAT(v4_v4_response.result_error(), IsOk());
721 EXPECT_THAT(v4_v4_response.request()->GetAddressResults()->endpoints(),
722 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
723 EXPECT_THAT(v4_v4_response.request()->GetEndpointResults(),
724 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
725 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
726
727 parameters.dns_query_type = DnsQueryType::AAAA;
728 ResolveHostResponseHelper v4_v6_response(resolver_->CreateRequest(
729 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
730 NetLogWithSource(), parameters, resolve_context_.get()));
731 EXPECT_THAT(v4_v6_response.result_error(), IsOk());
732 EXPECT_THAT(v4_v6_response.request()->GetAddressResults()->endpoints(),
733 testing::ElementsAre(CreateExpected("::1", 80)));
734 EXPECT_THAT(v4_v6_response.request()->GetEndpointResults(),
735 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
736 testing::ElementsAre(CreateExpected("::1", 80))))));
737
738 ResolveHostResponseHelper v4_unsp_response(resolver_->CreateRequest(
739 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
740 NetLogWithSource(), std::nullopt, resolve_context_.get()));
741 EXPECT_THAT(v4_unsp_response.result_error(), IsOk());
742 EXPECT_THAT(v4_unsp_response.request()->GetAddressResults()->endpoints(),
743 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
744 CreateExpected("::1", 80)));
745 EXPECT_THAT(
746 v4_unsp_response.request()->GetEndpointResults(),
747 testing::Pointee(testing::ElementsAre(
748 ExpectEndpointResult(testing::UnorderedElementsAre(
749 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
750 }
751
TEST_F(HostResolverManagerTest,LocalhostIPV4IPV6LookupAsync)752 TEST_F(HostResolverManagerTest, LocalhostIPV4IPV6LookupAsync) {
753 LocalhostIPV4IPV6LookupTest(true);
754 }
755
TEST_F(HostResolverManagerTest,LocalhostIPV4IPV6LookupSync)756 TEST_F(HostResolverManagerTest, LocalhostIPV4IPV6LookupSync) {
757 LocalhostIPV4IPV6LookupTest(false);
758 }
759
TEST_F(HostResolverManagerTest,ResolveIPLiteralWithHostResolverSystemOnly)760 TEST_F(HostResolverManagerTest, ResolveIPLiteralWithHostResolverSystemOnly) {
761 const char kIpLiteral[] = "178.78.32.1";
762 // Add a mapping to tell if the resolver proc was called (if it was called,
763 // then the result will be the remapped value. Otherwise it will be the IP
764 // literal).
765 proc_->AddRuleForAllFamilies(kIpLiteral, "183.45.32.1");
766
767 HostResolver::ResolveHostParameters parameters;
768 parameters.source = HostResolverSource::SYSTEM;
769 ResolveHostResponseHelper response(resolver_->CreateRequest(
770 HostPortPair(kIpLiteral, 80), NetworkAnonymizationKey(),
771 NetLogWithSource(), parameters, resolve_context_.get()));
772
773 // IP literal resolution is expected to take precedence over source, so the
774 // result is expected to be the input IP, not the result IP from the proc rule
775 EXPECT_THAT(response.result_error(), IsOk());
776 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
777 testing::ElementsAre(CreateExpected(kIpLiteral, 80)));
778 EXPECT_THAT(response.request()->GetEndpointResults(),
779 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
780 testing::ElementsAre(CreateExpected(kIpLiteral, 80))))));
781 EXPECT_FALSE(response.request()->GetStaleInfo());
782 }
783
TEST_F(HostResolverManagerTest,EmptyListMeansNameNotResolved)784 TEST_F(HostResolverManagerTest, EmptyListMeansNameNotResolved) {
785 proc_->AddRuleForAllFamilies("just.testing", "");
786 proc_->SignalMultiple(1u);
787
788 ResolveHostResponseHelper response(resolver_->CreateRequest(
789 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
790 NetLogWithSource(), std::nullopt, resolve_context_.get()));
791
792 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
793 EXPECT_THAT(response.request()->GetAddressResults(),
794 AnyOf(nullptr, Pointee(IsEmpty())));
795 EXPECT_THAT(response.request()->GetEndpointResults(),
796 AnyOf(nullptr, Pointee(IsEmpty())));
797 EXPECT_FALSE(response.request()->GetStaleInfo());
798
799 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
800 }
801
TEST_F(HostResolverManagerTest,FailedAsynchronousLookup)802 TEST_F(HostResolverManagerTest, FailedAsynchronousLookup) {
803 proc_->AddRuleForAllFamilies(std::string(),
804 "0.0.0.1"); // Default to failures.
805 proc_->SignalMultiple(1u);
806
807 ResolveHostResponseHelper response(resolver_->CreateRequest(
808 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
809 NetLogWithSource(), std::nullopt, resolve_context_.get()));
810 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
811 EXPECT_THAT(response.top_level_result_error(),
812 IsError(ERR_NAME_NOT_RESOLVED));
813 EXPECT_THAT(response.request()->GetAddressResults(),
814 AnyOf(nullptr, Pointee(IsEmpty())));
815 EXPECT_THAT(response.request()->GetEndpointResults(),
816 AnyOf(nullptr, Pointee(IsEmpty())));
817 EXPECT_FALSE(response.request()->GetStaleInfo());
818
819 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
820
821 // Also test that the error is not cached.
822 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
823 GetCacheHit(HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
824 0 /* host_resolver_flags */,
825 HostResolverSource::ANY,
826 NetworkAnonymizationKey()));
827 EXPECT_FALSE(cache_result);
828 }
829
TEST_F(HostResolverManagerTest,AbortedAsynchronousLookup)830 TEST_F(HostResolverManagerTest, AbortedAsynchronousLookup) {
831 ResolveHostResponseHelper response0(resolver_->CreateRequest(
832 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
833 NetLogWithSource(), std::nullopt, resolve_context_.get()));
834 ASSERT_FALSE(response0.complete());
835 ASSERT_TRUE(proc_->WaitFor(1u));
836
837 // Resolver is destroyed while job is running on WorkerPool.
838 DestroyResolver();
839
840 proc_->SignalAll();
841
842 // To ensure there was no spurious callback, complete with a new resolver.
843 CreateResolver();
844 ResolveHostResponseHelper response1(resolver_->CreateRequest(
845 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
846 NetLogWithSource(), std::nullopt, resolve_context_.get()));
847
848 proc_->SignalMultiple(2u);
849
850 EXPECT_THAT(response1.result_error(), IsOk());
851
852 // This request was canceled.
853 EXPECT_FALSE(response0.complete());
854 }
855
TEST_F(HostResolverManagerTest,NumericIPv4Address)856 TEST_F(HostResolverManagerTest, NumericIPv4Address) {
857 ResolveHostResponseHelper response(resolver_->CreateRequest(
858 HostPortPair("127.1.2.3", 5555), NetworkAnonymizationKey(),
859 NetLogWithSource(), std::nullopt, resolve_context_.get()));
860
861 EXPECT_THAT(response.result_error(), IsOk());
862 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
863 testing::ElementsAre(CreateExpected("127.1.2.3", 5555)));
864 EXPECT_THAT(
865 response.request()->GetEndpointResults(),
866 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
867 testing::UnorderedElementsAre(CreateExpected("127.1.2.3", 5555))))));
868 }
869
TEST_F(HostResolverManagerTest,NumericIPv4AddressWithScheme)870 TEST_F(HostResolverManagerTest, NumericIPv4AddressWithScheme) {
871 ResolveHostResponseHelper response(resolver_->CreateRequest(
872 url::SchemeHostPort(url::kHttpsScheme, "127.1.2.3", 5555),
873 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
874 resolve_context_.get()));
875
876 EXPECT_THAT(response.result_error(), IsOk());
877 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
878 testing::ElementsAre(CreateExpected("127.1.2.3", 5555)));
879 EXPECT_THAT(
880 response.request()->GetEndpointResults(),
881 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
882 testing::UnorderedElementsAre(CreateExpected("127.1.2.3", 5555))))));
883 }
884
NumericIPv6AddressTest(bool is_async)885 void HostResolverManagerTest::NumericIPv6AddressTest(bool is_async) {
886 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
887 true /* ipv6_reachable */,
888 true /* check_ipv6_on_wifi */, is_async);
889 // Resolve a plain IPv6 address. Don't worry about [brackets], because
890 // the caller should have removed them.
891 ResolveHostResponseHelper response(resolver_->CreateRequest(
892 HostPortPair("2001:db8::1", 5555), NetworkAnonymizationKey(),
893 NetLogWithSource(), std::nullopt, resolve_context_.get()));
894
895 EXPECT_THAT(response.result_error(), IsOk());
896 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
897 testing::ElementsAre(CreateExpected("2001:db8::1", 5555)));
898 EXPECT_THAT(response.request()->GetEndpointResults(),
899 testing::Pointee(testing::UnorderedElementsAre(
900 ExpectEndpointResult(testing::UnorderedElementsAre(
901 CreateExpected("2001:db8::1", 5555))))));
902 }
903
TEST_F(HostResolverManagerTest,NumericIPv6AddressAsync)904 TEST_F(HostResolverManagerTest, NumericIPv6AddressAsync) {
905 NumericIPv6AddressTest(true);
906 }
907
TEST_F(HostResolverManagerTest,NumericIPv6AddressSync)908 TEST_F(HostResolverManagerTest, NumericIPv6AddressSync) {
909 NumericIPv6AddressTest(false);
910 }
911
NumericIPv6AddressWithSchemeTest(bool is_async)912 void HostResolverManagerTest::NumericIPv6AddressWithSchemeTest(bool is_async) {
913 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
914 true /* ipv6_reachable */,
915 true /* check_ipv6_on_wifi */, is_async);
916 ResolveHostResponseHelper response(resolver_->CreateRequest(
917 url::SchemeHostPort(url::kFtpScheme, "[2001:db8::1]", 5555),
918 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
919 resolve_context_.get()));
920
921 EXPECT_THAT(response.result_error(), IsOk());
922 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
923 testing::ElementsAre(CreateExpected("2001:db8::1", 5555)));
924 EXPECT_THAT(response.request()->GetEndpointResults(),
925 testing::Pointee(testing::UnorderedElementsAre(
926 ExpectEndpointResult(testing::UnorderedElementsAre(
927 CreateExpected("2001:db8::1", 5555))))));
928 }
929
TEST_F(HostResolverManagerTest,NumericIPv6AddressWithSchemeAsync)930 TEST_F(HostResolverManagerTest, NumericIPv6AddressWithSchemeAsync) {
931 NumericIPv6AddressWithSchemeTest(true);
932 }
933
TEST_F(HostResolverManagerTest,NumericIPv6AddressWithSchemeSync)934 TEST_F(HostResolverManagerTest, NumericIPv6AddressWithSchemeSync) {
935 NumericIPv6AddressWithSchemeTest(false);
936 }
937
938 // Regression test for https://crbug.com/1432508.
939 //
940 // Tests that if a new request is made while the loop within
941 // FinishIPv6ReachabilityCheck is still running, and the new request needs to
942 // wait on a new IPv6 probe to complete, the new request does not try to modify
943 // the same vector that FinishIPv6ReachabilityCheck is iterating over.
TEST_F(HostResolverManagerTest,AddRequestDuringFinishIPv6ReachabilityCheck)944 TEST_F(HostResolverManagerTest, AddRequestDuringFinishIPv6ReachabilityCheck) {
945 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
946 true /* ipv6_reachable */,
947 true /* check_ipv6_on_wifi */, true);
948
949 // Reset `last_ipv6_probe_time_` if `reset_ipv6_probe_time` true so a new
950 // request kicks off a new reachability probe.
951 auto custom_callback_template = base::BindLambdaForTesting(
952 [&](bool reset_ipv6_probe_time, const HostPortPair& next_host,
953 std::unique_ptr<ResolveHostResponseHelper>* next_response,
954 CompletionOnceCallback completion_callback, int error) {
955 if (reset_ipv6_probe_time) {
956 resolver_->ResetIPv6ProbeTimeForTesting();
957 }
958 *next_response = std::make_unique<ResolveHostResponseHelper>(
959 resolver_->CreateRequest(next_host, NetworkAnonymizationKey(),
960 NetLogWithSource(), std::nullopt,
961 resolve_context_.get()));
962 std::move(completion_callback).Run(error);
963 });
964
965 std::vector<std::unique_ptr<ResolveHostResponseHelper>> next_responses(3);
966
967 ResolveHostResponseHelper response0(
968 resolver_->CreateRequest(HostPortPair("2001:db8::1", 5555),
969 NetworkAnonymizationKey(), NetLogWithSource(),
970 std::nullopt, resolve_context_.get()),
971 base::BindOnce(custom_callback_template, true, HostPortPair("zzz", 80),
972 &next_responses[0]));
973
974 // New requests made by response1 and response2 will wait for a new
975 // reachability probe to complete.
976 ResolveHostResponseHelper response1(
977 resolver_->CreateRequest(HostPortPair("2001:db8::1", 5555),
978 NetworkAnonymizationKey(), NetLogWithSource(),
979 std::nullopt, resolve_context_.get()),
980 base::BindOnce(custom_callback_template, false, HostPortPair("aaa", 80),
981 &next_responses[1]));
982
983 ResolveHostResponseHelper response2(
984 resolver_->CreateRequest(HostPortPair("2001:db8::1", 5555),
985 NetworkAnonymizationKey(), NetLogWithSource(),
986 std::nullopt, resolve_context_.get()),
987 base::BindOnce(custom_callback_template, false, HostPortPair("eee", 80),
988 &next_responses[2]));
989
990 // Unblock all calls to proc.
991 proc_->SignalMultiple(6u);
992
993 // All requests should return OK.
994 EXPECT_THAT(response0.result_error(), IsOk());
995 EXPECT_THAT(response1.result_error(), IsOk());
996 EXPECT_THAT(response2.result_error(), IsOk());
997 EXPECT_THAT(next_responses[0]->result_error(), IsOk());
998 EXPECT_THAT(next_responses[1]->result_error(), IsOk());
999 EXPECT_THAT(next_responses[2]->result_error(), IsOk());
1000 }
1001
TEST_F(HostResolverManagerTest,EmptyHost)1002 TEST_F(HostResolverManagerTest, EmptyHost) {
1003 ResolveHostResponseHelper response(resolver_->CreateRequest(
1004 HostPortPair(std::string(), 5555), NetworkAnonymizationKey(),
1005 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1006
1007 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
1008 EXPECT_THAT(response.request()->GetAddressResults(),
1009 AnyOf(nullptr, Pointee(IsEmpty())));
1010 EXPECT_THAT(response.request()->GetEndpointResults(),
1011 AnyOf(nullptr, Pointee(IsEmpty())));
1012 }
1013
TEST_F(HostResolverManagerTest,EmptyDotsHost)1014 TEST_F(HostResolverManagerTest, EmptyDotsHost) {
1015 for (int i = 0; i < 16; ++i) {
1016 ResolveHostResponseHelper response(resolver_->CreateRequest(
1017 HostPortPair(std::string(i, '.'), 5555), NetworkAnonymizationKey(),
1018 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1019
1020 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
1021 EXPECT_THAT(response.request()->GetAddressResults(),
1022 AnyOf(nullptr, Pointee(IsEmpty())));
1023 EXPECT_THAT(response.request()->GetEndpointResults(),
1024 AnyOf(nullptr, Pointee(IsEmpty())));
1025 }
1026 }
1027
TEST_F(HostResolverManagerTest,LongHost)1028 TEST_F(HostResolverManagerTest, LongHost) {
1029 ResolveHostResponseHelper response(resolver_->CreateRequest(
1030 HostPortPair(std::string(4097, 'a'), 5555), NetworkAnonymizationKey(),
1031 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1032
1033 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
1034 EXPECT_THAT(response.request()->GetAddressResults(),
1035 AnyOf(nullptr, Pointee(IsEmpty())));
1036 EXPECT_THAT(response.request()->GetEndpointResults(),
1037 AnyOf(nullptr, Pointee(IsEmpty())));
1038 }
1039
TEST_F(HostResolverManagerTest,DeDupeRequests)1040 TEST_F(HostResolverManagerTest, DeDupeRequests) {
1041 // Start 5 requests, duplicating hosts "a" and "b". Since the resolver_proc is
1042 // blocked, these should all pile up until we signal it.
1043 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1044 responses.emplace_back(
1045 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1046 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1047 std::nullopt, resolve_context_.get())));
1048 responses.emplace_back(
1049 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1050 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1051 std::nullopt, resolve_context_.get())));
1052 responses.emplace_back(
1053 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1054 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1055 std::nullopt, resolve_context_.get())));
1056 responses.emplace_back(
1057 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1058 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1059 std::nullopt, resolve_context_.get())));
1060 responses.emplace_back(
1061 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1062 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1063 std::nullopt, resolve_context_.get())));
1064
1065 for (auto& response : responses) {
1066 ASSERT_FALSE(response->complete());
1067 }
1068
1069 proc_->SignalMultiple(2u); // One for "a:80", one for "b:80".
1070
1071 for (auto& response : responses) {
1072 EXPECT_THAT(response->result_error(), IsOk());
1073 }
1074 }
1075
TEST_F(HostResolverManagerTest,CancelMultipleRequests)1076 TEST_F(HostResolverManagerTest, CancelMultipleRequests) {
1077 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1078 responses.emplace_back(
1079 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1080 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1081 std::nullopt, resolve_context_.get())));
1082 responses.emplace_back(
1083 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1084 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1085 std::nullopt, resolve_context_.get())));
1086 responses.emplace_back(
1087 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1088 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1089 std::nullopt, resolve_context_.get())));
1090 responses.emplace_back(
1091 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1092 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1093 std::nullopt, resolve_context_.get())));
1094 responses.emplace_back(
1095 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1096 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1097 std::nullopt, resolve_context_.get())));
1098
1099 for (auto& response : responses) {
1100 ASSERT_FALSE(response->complete());
1101 }
1102
1103 // Cancel everything except request for requests[3] ("a", 80).
1104 responses[0]->CancelRequest();
1105 responses[1]->CancelRequest();
1106 responses[2]->CancelRequest();
1107 responses[4]->CancelRequest();
1108
1109 proc_->SignalMultiple(2u); // One for "a", one for "b".
1110
1111 EXPECT_THAT(responses[3]->result_error(), IsOk());
1112
1113 EXPECT_FALSE(responses[0]->complete());
1114 EXPECT_FALSE(responses[1]->complete());
1115 EXPECT_FALSE(responses[2]->complete());
1116 EXPECT_FALSE(responses[4]->complete());
1117 }
1118
TEST_F(HostResolverManagerTest,CanceledRequestsReleaseJobSlots)1119 TEST_F(HostResolverManagerTest, CanceledRequestsReleaseJobSlots) {
1120 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1121
1122 // Fill up the dispatcher and queue.
1123 for (unsigned i = 0; i < kMaxJobs + 1; ++i) {
1124 std::string hostname = "a_";
1125 hostname[1] = 'a' + i;
1126
1127 responses.emplace_back(
1128 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1129 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
1130 NetLogWithSource(), std::nullopt, resolve_context_.get())));
1131 ASSERT_FALSE(responses.back()->complete());
1132
1133 responses.emplace_back(
1134 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1135 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
1136 NetLogWithSource(), std::nullopt, resolve_context_.get())));
1137 ASSERT_FALSE(responses.back()->complete());
1138 }
1139
1140 ASSERT_TRUE(proc_->WaitFor(kMaxJobs));
1141
1142 // Cancel all but last two.
1143 for (unsigned i = 0; i < responses.size() - 2; ++i) {
1144 responses[i]->CancelRequest();
1145 }
1146
1147 ASSERT_TRUE(proc_->WaitFor(kMaxJobs + 1));
1148
1149 proc_->SignalAll();
1150
1151 size_t num_requests = responses.size();
1152 EXPECT_THAT(responses[num_requests - 1]->result_error(), IsOk());
1153 EXPECT_THAT(responses[num_requests - 2]->result_error(), IsOk());
1154 for (unsigned i = 0; i < num_requests - 2; ++i) {
1155 EXPECT_FALSE(responses[i]->complete());
1156 }
1157 }
1158
TEST_F(HostResolverManagerTest,CancelWithinCallback)1159 TEST_F(HostResolverManagerTest, CancelWithinCallback) {
1160 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1161 auto custom_callback = base::BindLambdaForTesting(
1162 [&](CompletionOnceCallback completion_callback, int error) {
1163 for (auto& response : responses) {
1164 // Cancelling request is required to complete first, so that it can
1165 // attempt to cancel the others. This test assumes all jobs are
1166 // completed in order.
1167 DCHECK(!response->complete());
1168
1169 response->CancelRequest();
1170 }
1171 std::move(completion_callback).Run(error);
1172 });
1173
1174 ResolveHostResponseHelper cancelling_response(
1175 resolver_->CreateRequest(HostPortPair("a", 80), NetworkAnonymizationKey(),
1176 NetLogWithSource(), std::nullopt,
1177 resolve_context_.get()),
1178 std::move(custom_callback));
1179
1180 responses.emplace_back(
1181 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1182 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1183 std::nullopt, resolve_context_.get())));
1184 responses.emplace_back(
1185 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1186 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1187 std::nullopt, resolve_context_.get())));
1188
1189 proc_->SignalMultiple(2u); // One for "a". One for "finalrequest".
1190
1191 EXPECT_THAT(cancelling_response.result_error(), IsOk());
1192
1193 ResolveHostResponseHelper final_response(resolver_->CreateRequest(
1194 HostPortPair("finalrequest", 70), NetworkAnonymizationKey(),
1195 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1196 EXPECT_THAT(final_response.result_error(), IsOk());
1197
1198 for (auto& response : responses) {
1199 EXPECT_FALSE(response->complete());
1200 }
1201 }
1202
TEST_F(HostResolverManagerTest,DeleteWithinCallback)1203 TEST_F(HostResolverManagerTest, DeleteWithinCallback) {
1204 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1205 auto custom_callback = base::BindLambdaForTesting(
1206 [&](CompletionOnceCallback completion_callback, int error) {
1207 for (auto& response : responses) {
1208 // Deleting request is required to be first, so the other requests
1209 // will still be running to be deleted. This test assumes that the
1210 // Jobs will be Aborted in order and the requests in order within the
1211 // jobs.
1212 DCHECK(!response->complete());
1213 }
1214
1215 DestroyResolver();
1216 std::move(completion_callback).Run(error);
1217 });
1218
1219 ResolveHostResponseHelper deleting_response(
1220 resolver_->CreateRequest(HostPortPair("a", 80), NetworkAnonymizationKey(),
1221 NetLogWithSource(), std::nullopt,
1222 resolve_context_.get()),
1223 std::move(custom_callback));
1224
1225 // Start additional requests to be cancelled as part of the first's deletion.
1226 // Assumes all requests for a job are handled in order so that the deleting
1227 // request will run first and cancel the rest.
1228 responses.emplace_back(
1229 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1230 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1231 std::nullopt, resolve_context_.get())));
1232 responses.emplace_back(
1233 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1234 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1235 std::nullopt, resolve_context_.get())));
1236
1237 proc_->SignalMultiple(3u);
1238
1239 EXPECT_THAT(deleting_response.result_error(), IsOk());
1240
1241 base::RunLoop().RunUntilIdle();
1242 for (auto& response : responses) {
1243 EXPECT_FALSE(response->complete());
1244 }
1245 }
1246
TEST_F(HostResolverManagerTest,DeleteWithinAbortedCallback)1247 TEST_F(HostResolverManagerTest, DeleteWithinAbortedCallback) {
1248 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1249 ResolveHostResponseHelper::Callback custom_callback =
1250 base::BindLambdaForTesting(
1251 [&](CompletionOnceCallback completion_callback, int error) {
1252 for (auto& response : responses) {
1253 // Deleting request is required to be first, so the other requests
1254 // will still be running to be deleted. This test assumes that the
1255 // Jobs will be Aborted in order and the requests in order within
1256 // the jobs.
1257 DCHECK(!response->complete());
1258 }
1259 DestroyResolver();
1260 std::move(completion_callback).Run(error);
1261 });
1262
1263 ResolveHostResponseHelper deleting_response(
1264 resolver_->CreateRequest(HostPortPair("a", 80), NetworkAnonymizationKey(),
1265 NetLogWithSource(), std::nullopt,
1266 resolve_context_.get()),
1267 std::move(custom_callback));
1268
1269 responses.emplace_back(
1270 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1271 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1272 std::nullopt, resolve_context_.get())));
1273 responses.emplace_back(
1274 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1275 HostPortPair("b", 82), NetworkAnonymizationKey(), NetLogWithSource(),
1276 std::nullopt, resolve_context_.get())));
1277 responses.emplace_back(
1278 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1279 HostPortPair("b", 82), NetworkAnonymizationKey(), NetLogWithSource(),
1280 std::nullopt, resolve_context_.get())));
1281
1282 // Wait for all calls to queue up, trigger abort via IP address change, then
1283 // signal all the queued requests to let them all try to finish.
1284 EXPECT_TRUE(proc_->WaitFor(2u));
1285 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1286 proc_->SignalAll();
1287
1288 EXPECT_THAT(deleting_response.result_error(), IsError(ERR_NETWORK_CHANGED));
1289 base::RunLoop().RunUntilIdle();
1290 for (auto& response : responses) {
1291 EXPECT_FALSE(response->complete());
1292 }
1293 }
1294
TEST_F(HostResolverManagerTest,StartWithinCallback)1295 TEST_F(HostResolverManagerTest, StartWithinCallback) {
1296 std::unique_ptr<ResolveHostResponseHelper> new_response;
1297 auto custom_callback = base::BindLambdaForTesting(
1298 [&](CompletionOnceCallback completion_callback, int error) {
1299 new_response = std::make_unique<ResolveHostResponseHelper>(
1300 resolver_->CreateRequest(
1301 HostPortPair("new", 70), NetworkAnonymizationKey(),
1302 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1303 std::move(completion_callback).Run(error);
1304 });
1305
1306 ResolveHostResponseHelper starting_response(
1307 resolver_->CreateRequest(HostPortPair("a", 80), NetworkAnonymizationKey(),
1308 NetLogWithSource(), std::nullopt,
1309 resolve_context_.get()),
1310 std::move(custom_callback));
1311
1312 proc_->SignalMultiple(2u); // One for "a". One for "new".
1313
1314 EXPECT_THAT(starting_response.result_error(), IsOk());
1315 EXPECT_THAT(new_response->result_error(), IsOk());
1316 }
1317
TEST_F(HostResolverManagerTest,StartWithinEvictionCallback)1318 TEST_F(HostResolverManagerTest, StartWithinEvictionCallback) {
1319 CreateSerialResolver();
1320 resolver_->SetMaxQueuedJobsForTesting(2);
1321
1322 std::unique_ptr<ResolveHostResponseHelper> new_response;
1323 auto custom_callback = base::BindLambdaForTesting(
1324 [&](CompletionOnceCallback completion_callback, int error) {
1325 new_response = std::make_unique<ResolveHostResponseHelper>(
1326 resolver_->CreateRequest(
1327 HostPortPair("new", 70), NetworkAnonymizationKey(),
1328 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1329 std::move(completion_callback).Run(error);
1330 });
1331
1332 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1333 HostPortPair("initial", 80), NetworkAnonymizationKey(),
1334 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1335 ResolveHostResponseHelper evictee1_response(
1336 resolver_->CreateRequest(HostPortPair("evictee1", 80),
1337 NetworkAnonymizationKey(), NetLogWithSource(),
1338 std::nullopt, resolve_context_.get()),
1339 std::move(custom_callback));
1340 ResolveHostResponseHelper evictee2_response(resolver_->CreateRequest(
1341 HostPortPair("evictee2", 80), NetworkAnonymizationKey(),
1342 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1343
1344 // Now one running request ("initial") and two queued requests ("evictee1" and
1345 // "evictee2"). Any further requests will cause evictions.
1346 ResolveHostResponseHelper evictor_response(resolver_->CreateRequest(
1347 HostPortPair("evictor", 80), NetworkAnonymizationKey(),
1348 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1349 EXPECT_THAT(evictee1_response.result_error(),
1350 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1351
1352 // "new" should evict "evictee2"
1353 EXPECT_THAT(evictee2_response.result_error(),
1354 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1355
1356 proc_->SignalMultiple(3u);
1357
1358 EXPECT_THAT(initial_response.result_error(), IsOk());
1359 EXPECT_THAT(evictor_response.result_error(), IsOk());
1360 EXPECT_THAT(new_response->result_error(), IsOk());
1361 }
1362
1363 // Test where we start a new request within an eviction callback that itself
1364 // evicts the first evictor.
TEST_F(HostResolverManagerTest,StartWithinEvictionCallback_DoubleEviction)1365 TEST_F(HostResolverManagerTest, StartWithinEvictionCallback_DoubleEviction) {
1366 CreateSerialResolver();
1367 resolver_->SetMaxQueuedJobsForTesting(1);
1368
1369 std::unique_ptr<ResolveHostResponseHelper> new_response;
1370 auto custom_callback = base::BindLambdaForTesting(
1371 [&](CompletionOnceCallback completion_callback, int error) {
1372 new_response = std::make_unique<ResolveHostResponseHelper>(
1373 resolver_->CreateRequest(
1374 HostPortPair("new", 70), NetworkAnonymizationKey(),
1375 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1376 std::move(completion_callback).Run(error);
1377 });
1378
1379 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1380 HostPortPair("initial", 80), NetworkAnonymizationKey(),
1381 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1382 ResolveHostResponseHelper evictee_response(
1383 resolver_->CreateRequest(HostPortPair("evictee", 80),
1384 NetworkAnonymizationKey(), NetLogWithSource(),
1385 std::nullopt, resolve_context_.get()),
1386 std::move(custom_callback));
1387
1388 // Now one running request ("initial") and one queued requests ("evictee").
1389 // Any further requests will cause evictions.
1390 ResolveHostResponseHelper evictor_response(resolver_->CreateRequest(
1391 HostPortPair("evictor", 80), NetworkAnonymizationKey(),
1392 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1393 EXPECT_THAT(evictee_response.result_error(),
1394 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1395
1396 // "new" should evict "evictor"
1397 EXPECT_THAT(evictor_response.result_error(),
1398 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1399
1400 proc_->SignalMultiple(2u);
1401
1402 EXPECT_THAT(initial_response.result_error(), IsOk());
1403 EXPECT_THAT(new_response->result_error(), IsOk());
1404 }
1405
TEST_F(HostResolverManagerTest,StartWithinEvictionCallback_SameRequest)1406 TEST_F(HostResolverManagerTest, StartWithinEvictionCallback_SameRequest) {
1407 CreateSerialResolver();
1408 resolver_->SetMaxQueuedJobsForTesting(2);
1409
1410 std::unique_ptr<ResolveHostResponseHelper> new_response;
1411 auto custom_callback = base::BindLambdaForTesting(
1412 [&](CompletionOnceCallback completion_callback, int error) {
1413 new_response = std::make_unique<ResolveHostResponseHelper>(
1414 resolver_->CreateRequest(
1415 HostPortPair("evictor", 80), NetworkAnonymizationKey(),
1416 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1417 std::move(completion_callback).Run(error);
1418 });
1419
1420 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1421 HostPortPair("initial", 80), NetworkAnonymizationKey(),
1422 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1423 ResolveHostResponseHelper evictee_response(
1424 resolver_->CreateRequest(HostPortPair("evictee", 80),
1425 NetworkAnonymizationKey(), NetLogWithSource(),
1426 std::nullopt, resolve_context_.get()),
1427 std::move(custom_callback));
1428 ResolveHostResponseHelper additional_response(resolver_->CreateRequest(
1429 HostPortPair("additional", 80), NetworkAnonymizationKey(),
1430 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1431
1432 // Now one running request ("initial") and two queued requests ("evictee" and
1433 // "additional"). Any further requests will cause evictions.
1434 ResolveHostResponseHelper evictor_response(resolver_->CreateRequest(
1435 HostPortPair("evictor", 80), NetworkAnonymizationKey(),
1436 NetLogWithSource(), std::nullopt, resolve_context_.get()));
1437 EXPECT_THAT(evictee_response.result_error(),
1438 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1439
1440 // Second "evictor" should be joined with the first and not evict "additional"
1441
1442 // Only 3 proc requests because both "evictor" requests are combined.
1443 proc_->SignalMultiple(3u);
1444
1445 EXPECT_THAT(initial_response.result_error(), IsOk());
1446 EXPECT_THAT(additional_response.result_error(), IsOk());
1447 EXPECT_THAT(evictor_response.result_error(), IsOk());
1448 EXPECT_THAT(new_response->result_error(), IsOk());
1449 }
1450
TEST_F(HostResolverManagerTest,BypassCache)1451 TEST_F(HostResolverManagerTest, BypassCache) {
1452 proc_->SignalMultiple(2u);
1453
1454 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1455 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1456 std::nullopt, resolve_context_.get()));
1457 EXPECT_THAT(initial_response.result_error(), IsOk());
1458 EXPECT_EQ(1u, proc_->GetCaptureList().size());
1459
1460 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
1461 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1462 std::nullopt, resolve_context_.get()));
1463 EXPECT_THAT(cached_response.result_error(), IsOk());
1464 // Expect no increase to calls to |proc_| because result was cached.
1465 EXPECT_EQ(1u, proc_->GetCaptureList().size());
1466
1467 HostResolver::ResolveHostParameters parameters;
1468 parameters.cache_usage =
1469 HostResolver::ResolveHostParameters::CacheUsage::DISALLOWED;
1470 ResolveHostResponseHelper cache_bypassed_response(resolver_->CreateRequest(
1471 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1472 parameters, resolve_context_.get()));
1473 EXPECT_THAT(cache_bypassed_response.result_error(), IsOk());
1474 // Expect call to |proc_| because cache was bypassed.
1475 EXPECT_EQ(2u, proc_->GetCaptureList().size());
1476 }
1477
FlushCacheOnIPAddressChangeTest(bool is_async)1478 void HostResolverManagerTest::FlushCacheOnIPAddressChangeTest(bool is_async) {
1479 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1480 true /* ipv6_reachable */,
1481 true /* check_ipv6_on_wifi */, is_async);
1482 proc_->SignalMultiple(2u); // One before the flush, one after.
1483
1484 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
1485 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
1486 std::nullopt, resolve_context_.get()));
1487 EXPECT_THAT(initial_response.result_error(), IsOk());
1488 EXPECT_EQ(1u, proc_->GetCaptureList().size());
1489
1490 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
1491 HostPortPair("host1", 75), NetworkAnonymizationKey(), NetLogWithSource(),
1492 std::nullopt, resolve_context_.get()));
1493 EXPECT_THAT(cached_response.result_error(), IsOk());
1494 EXPECT_EQ(1u, proc_->GetCaptureList().size()); // No expected increase.
1495
1496 // Flush cache by triggering an IP address change.
1497 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1498 base::RunLoop().RunUntilIdle(); // Notification happens async.
1499
1500 // Resolve "host1" again -- this time it won't be served from cache, so it
1501 // will complete asynchronously.
1502 ResolveHostResponseHelper flushed_response(resolver_->CreateRequest(
1503 HostPortPair("host1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1504 std::nullopt, resolve_context_.get()));
1505 EXPECT_THAT(flushed_response.result_error(), IsOk());
1506 EXPECT_EQ(2u, proc_->GetCaptureList().size()); // Expected increase.
1507 }
1508
1509 // Test that IP address changes flush the cache but initial DNS config reads
1510 // do not.
TEST_F(HostResolverManagerTest,FlushCacheOnIPAddressChangeAsync)1511 TEST_F(HostResolverManagerTest, FlushCacheOnIPAddressChangeAsync) {
1512 FlushCacheOnIPAddressChangeTest(true);
1513 }
TEST_F(HostResolverManagerTest,FlushCacheOnIPAddressChangeSync)1514 TEST_F(HostResolverManagerTest, FlushCacheOnIPAddressChangeSync) {
1515 FlushCacheOnIPAddressChangeTest(false);
1516 }
1517
AbortOnIPAddressChangedTest(bool is_async)1518 void HostResolverManagerTest::AbortOnIPAddressChangedTest(bool is_async) {
1519 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1520 true /* ipv6_reachable */,
1521 true /* check_ipv6_on_wifi */, is_async);
1522 ResolveHostResponseHelper response(resolver_->CreateRequest(
1523 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
1524 std::nullopt, resolve_context_.get()));
1525
1526 ASSERT_FALSE(response.complete());
1527 if (is_async) {
1528 base::RunLoop().RunUntilIdle();
1529 }
1530 ASSERT_TRUE(proc_->WaitFor(1u));
1531
1532 // Triggering an IP address change.
1533 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1534 base::RunLoop().RunUntilIdle(); // Notification happens async.
1535 proc_->SignalAll();
1536
1537 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
1538 EXPECT_THAT(response.request()->GetAddressResults(),
1539 AnyOf(nullptr, Pointee(IsEmpty())));
1540 EXPECT_THAT(response.request()->GetEndpointResults(),
1541 AnyOf(nullptr, Pointee(IsEmpty())));
1542 EXPECT_EQ(0u, resolve_context_->host_cache()->size());
1543 }
1544
1545 // Test that IP address changes send ERR_NETWORK_CHANGED to pending requests.
TEST_F(HostResolverManagerTest,AbortOnIPAddressChangedAsync)1546 TEST_F(HostResolverManagerTest, AbortOnIPAddressChangedAsync) {
1547 AbortOnIPAddressChangedTest(true);
1548 }
TEST_F(HostResolverManagerTest,AbortOnIPAddressChangedSync)1549 TEST_F(HostResolverManagerTest, AbortOnIPAddressChangedSync) {
1550 AbortOnIPAddressChangedTest(false);
1551 }
1552
1553 // Obey pool constraints after IP address has changed.
TEST_F(HostResolverManagerTest,ObeyPoolConstraintsAfterIPAddressChange)1554 TEST_F(HostResolverManagerTest, ObeyPoolConstraintsAfterIPAddressChange) {
1555 // Runs at most one job at a time.
1556 CreateSerialResolver();
1557
1558 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1559 responses.emplace_back(
1560 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1561 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1562 std::nullopt, resolve_context_.get())));
1563 responses.emplace_back(
1564 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1565 HostPortPair("b", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1566 std::nullopt, resolve_context_.get())));
1567 responses.emplace_back(
1568 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1569 HostPortPair("c", 80), NetworkAnonymizationKey(), NetLogWithSource(),
1570 std::nullopt, resolve_context_.get())));
1571
1572 for (auto& response : responses) {
1573 ASSERT_FALSE(response->complete());
1574 }
1575 ASSERT_TRUE(proc_->WaitFor(1u));
1576
1577 // Triggering an IP address change.
1578 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1579 base::RunLoop().RunUntilIdle(); // Notification happens async.
1580 proc_->SignalMultiple(3u); // Let the false-start go so that we can catch it.
1581
1582 // Requests should complete one at a time, with the first failing.
1583 EXPECT_THAT(responses[0]->result_error(), IsError(ERR_NETWORK_CHANGED));
1584 EXPECT_EQ(1u, num_running_dispatcher_jobs());
1585 EXPECT_FALSE(responses[1]->complete());
1586 EXPECT_FALSE(responses[2]->complete());
1587
1588 EXPECT_THAT(responses[1]->result_error(), IsOk());
1589 EXPECT_EQ(1u, num_running_dispatcher_jobs());
1590 EXPECT_FALSE(responses[2]->complete());
1591
1592 EXPECT_THAT(responses[2]->result_error(), IsOk());
1593 }
1594
AbortOnlyExistingRequestsOnIPAddressChangeTest(bool is_async)1595 void HostResolverManagerTest::AbortOnlyExistingRequestsOnIPAddressChangeTest(
1596 bool is_async) {
1597 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
1598 true /* ipv6_reachable */,
1599 true /* check_ipv6_on_wifi */, is_async);
1600 auto custom_callback_template = base::BindLambdaForTesting(
1601 [&](const HostPortPair& next_host,
1602 std::unique_ptr<ResolveHostResponseHelper>* next_response,
1603 CompletionOnceCallback completion_callback, int error) {
1604 *next_response = std::make_unique<ResolveHostResponseHelper>(
1605 resolver_->CreateRequest(next_host, NetworkAnonymizationKey(),
1606 NetLogWithSource(), std::nullopt,
1607 resolve_context_.get()));
1608 std::move(completion_callback).Run(error);
1609 });
1610
1611 std::vector<std::unique_ptr<ResolveHostResponseHelper>> next_responses(3);
1612
1613 ResolveHostResponseHelper response0(
1614 resolver_->CreateRequest(HostPortPair("bbb", 80),
1615 NetworkAnonymizationKey(), NetLogWithSource(),
1616 std::nullopt, resolve_context_.get()),
1617 base::BindOnce(custom_callback_template, HostPortPair("zzz", 80),
1618 &next_responses[0]));
1619
1620 ResolveHostResponseHelper response1(
1621 resolver_->CreateRequest(HostPortPair("eee", 80),
1622 NetworkAnonymizationKey(), NetLogWithSource(),
1623 std::nullopt, resolve_context_.get()),
1624 base::BindOnce(custom_callback_template, HostPortPair("aaa", 80),
1625 &next_responses[1]));
1626
1627 ResolveHostResponseHelper response2(
1628 resolver_->CreateRequest(HostPortPair("ccc", 80),
1629 NetworkAnonymizationKey(), NetLogWithSource(),
1630 std::nullopt, resolve_context_.get()),
1631 base::BindOnce(custom_callback_template, HostPortPair("eee", 80),
1632 &next_responses[2]));
1633
1634 if (is_async) {
1635 base::RunLoop().RunUntilIdle();
1636 }
1637 // Wait until all are blocked;
1638 ASSERT_TRUE(proc_->WaitFor(3u));
1639
1640 // Trigger an IP address change.
1641 NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests();
1642 // This should abort all running jobs.
1643 base::RunLoop().RunUntilIdle();
1644
1645 EXPECT_THAT(response0.result_error(), IsError(ERR_NETWORK_CHANGED));
1646 EXPECT_THAT(response1.result_error(), IsError(ERR_NETWORK_CHANGED));
1647 EXPECT_THAT(response2.result_error(), IsError(ERR_NETWORK_CHANGED));
1648
1649 EXPECT_FALSE(next_responses[0]->complete());
1650 EXPECT_FALSE(next_responses[1]->complete());
1651 EXPECT_FALSE(next_responses[2]->complete());
1652
1653 // Unblock all calls to proc.
1654 proc_->SignalMultiple(6u);
1655
1656 // Run until the re-started requests finish.
1657 EXPECT_THAT(next_responses[0]->result_error(), IsOk());
1658 EXPECT_THAT(next_responses[1]->result_error(), IsOk());
1659 EXPECT_THAT(next_responses[2]->result_error(), IsOk());
1660
1661 // Verify that results of aborted Jobs were not cached.
1662 EXPECT_EQ(6u, proc_->GetCaptureList().size());
1663 EXPECT_EQ(3u, resolve_context_->host_cache()->size());
1664 }
1665 // Tests that a new Request made from the callback of a previously aborted one
1666 // will not be aborted.
TEST_F(HostResolverManagerTest,AbortOnlyExistingRequestsOnIPAddressChangeAsync)1667 TEST_F(HostResolverManagerTest,
1668 AbortOnlyExistingRequestsOnIPAddressChangeAsync) {
1669 AbortOnlyExistingRequestsOnIPAddressChangeTest(true);
1670 }
TEST_F(HostResolverManagerTest,AbortOnlyExistingRequestsOnIPAddressChangeSync)1671 TEST_F(HostResolverManagerTest,
1672 AbortOnlyExistingRequestsOnIPAddressChangeSync) {
1673 AbortOnlyExistingRequestsOnIPAddressChangeTest(false);
1674 }
1675
1676 // Tests that when the maximum threads is set to 1, requests are dequeued
1677 // in order of priority.
TEST_F(HostResolverManagerTest,HigherPriorityRequestsStartedFirst)1678 TEST_F(HostResolverManagerTest, HigherPriorityRequestsStartedFirst) {
1679 CreateSerialResolver();
1680
1681 HostResolver::ResolveHostParameters low_priority;
1682 low_priority.initial_priority = LOW;
1683 HostResolver::ResolveHostParameters medium_priority;
1684 medium_priority.initial_priority = MEDIUM;
1685 HostResolver::ResolveHostParameters highest_priority;
1686 highest_priority.initial_priority = HIGHEST;
1687
1688 // Note that at this point the MockHostResolverProc is blocked, so any
1689 // requests we make will not complete.
1690
1691 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1692 responses.emplace_back(
1693 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1694 HostPortPair("req0", 80), NetworkAnonymizationKey(),
1695 NetLogWithSource(), low_priority, resolve_context_.get())));
1696 responses.emplace_back(
1697 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1698 HostPortPair("req1", 80), NetworkAnonymizationKey(),
1699 NetLogWithSource(), medium_priority, resolve_context_.get())));
1700 responses.emplace_back(
1701 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1702 HostPortPair("req2", 80), NetworkAnonymizationKey(),
1703 NetLogWithSource(), medium_priority, resolve_context_.get())));
1704 responses.emplace_back(
1705 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1706 HostPortPair("req3", 80), NetworkAnonymizationKey(),
1707 NetLogWithSource(), low_priority, resolve_context_.get())));
1708 responses.emplace_back(
1709 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1710 HostPortPair("req4", 80), NetworkAnonymizationKey(),
1711 NetLogWithSource(), highest_priority, resolve_context_.get())));
1712 responses.emplace_back(
1713 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1714 HostPortPair("req5", 80), NetworkAnonymizationKey(),
1715 NetLogWithSource(), low_priority, resolve_context_.get())));
1716 responses.emplace_back(
1717 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1718 HostPortPair("req6", 80), NetworkAnonymizationKey(),
1719 NetLogWithSource(), low_priority, resolve_context_.get())));
1720 responses.emplace_back(
1721 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1722 HostPortPair("req5", 80), NetworkAnonymizationKey(),
1723 NetLogWithSource(), highest_priority, resolve_context_.get())));
1724
1725 for (const auto& response : responses) {
1726 ASSERT_FALSE(response->complete());
1727 }
1728
1729 // Unblock the resolver thread so the requests can run.
1730 proc_->SignalMultiple(responses.size()); // More than needed.
1731
1732 // Wait for all the requests to complete successfully.
1733 for (auto& response : responses) {
1734 EXPECT_THAT(response->result_error(), IsOk());
1735 }
1736
1737 // Since we have restricted to a single concurrent thread in the jobpool,
1738 // the requests should complete in order of priority (with the exception
1739 // of the first request, which gets started right away, since there is
1740 // nothing outstanding).
1741 MockHostResolverProc::CaptureList capture_list = proc_->GetCaptureList();
1742 ASSERT_EQ(7u, capture_list.size());
1743
1744 EXPECT_EQ("req0", capture_list[0].hostname);
1745 EXPECT_EQ("req4", capture_list[1].hostname);
1746 EXPECT_EQ("req5", capture_list[2].hostname);
1747 EXPECT_EQ("req1", capture_list[3].hostname);
1748 EXPECT_EQ("req2", capture_list[4].hostname);
1749 EXPECT_EQ("req3", capture_list[5].hostname);
1750 EXPECT_EQ("req6", capture_list[6].hostname);
1751 }
1752
ChangePriorityTest(bool is_async)1753 void HostResolverManagerTest::ChangePriorityTest(bool is_async) {
1754 CreateSerialResolver(true /* check_ipv6_on_wifi */, true /* ipv6_reachable */,
1755 is_async);
1756
1757 HostResolver::ResolveHostParameters lowest_priority;
1758 lowest_priority.initial_priority = LOWEST;
1759 HostResolver::ResolveHostParameters low_priority;
1760 low_priority.initial_priority = LOW;
1761 HostResolver::ResolveHostParameters medium_priority;
1762 medium_priority.initial_priority = MEDIUM;
1763
1764 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1765 responses.emplace_back(
1766 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1767 HostPortPair("req0", 80), NetworkAnonymizationKey(),
1768 NetLogWithSource(), medium_priority, resolve_context_.get())));
1769 responses.emplace_back(
1770 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1771 HostPortPair("req1", 80), NetworkAnonymizationKey(),
1772 NetLogWithSource(), low_priority, resolve_context_.get())));
1773 responses.emplace_back(
1774 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1775 HostPortPair("req2", 80), NetworkAnonymizationKey(),
1776 NetLogWithSource(), lowest_priority, resolve_context_.get())));
1777
1778 // req0 starts immediately; without ChangePriority, req1 and then req2 should
1779 // run.
1780 for (const auto& response : responses) {
1781 ASSERT_FALSE(response->complete());
1782 }
1783
1784 // Changing req2 to HIGHEST should make it run before req1.
1785 // (It can't run before req0, since req0 started immediately.)
1786 responses[2]->request()->ChangeRequestPriority(HIGHEST);
1787
1788 // Let all 3 requests finish.
1789 proc_->SignalMultiple(3u);
1790
1791 for (auto& response : responses) {
1792 EXPECT_THAT(response->result_error(), IsOk());
1793 }
1794
1795 MockHostResolverProc::CaptureList capture_list = proc_->GetCaptureList();
1796 ASSERT_EQ(3u, capture_list.size());
1797
1798 EXPECT_EQ("req0", capture_list[0].hostname);
1799 EXPECT_EQ("req2", capture_list[1].hostname);
1800 EXPECT_EQ("req1", capture_list[2].hostname);
1801 }
1802
1803 // Test that changing a job's priority affects the dequeueing order.
TEST_F(HostResolverManagerTest,ChangePriorityAsync)1804 TEST_F(HostResolverManagerTest, ChangePriorityAsync) {
1805 ChangePriorityTest(true);
1806 }
1807
TEST_F(HostResolverManagerTest,ChangePrioritySync)1808 TEST_F(HostResolverManagerTest, ChangePrioritySync) {
1809 ChangePriorityTest(false);
1810 }
1811
1812 // Try cancelling a job which has not started yet.
TEST_F(HostResolverManagerTest,CancelPendingRequest)1813 TEST_F(HostResolverManagerTest, CancelPendingRequest) {
1814 CreateSerialResolver();
1815
1816 HostResolver::ResolveHostParameters lowest_priority;
1817 lowest_priority.initial_priority = LOWEST;
1818 HostResolver::ResolveHostParameters low_priority;
1819 low_priority.initial_priority = LOW;
1820 HostResolver::ResolveHostParameters medium_priority;
1821 medium_priority.initial_priority = MEDIUM;
1822 HostResolver::ResolveHostParameters highest_priority;
1823 highest_priority.initial_priority = HIGHEST;
1824
1825 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1826 responses.emplace_back(
1827 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1828 HostPortPair("req0", 80), NetworkAnonymizationKey(),
1829 NetLogWithSource(), lowest_priority, resolve_context_.get())));
1830 responses.emplace_back(
1831 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1832 HostPortPair("req1", 80), NetworkAnonymizationKey(),
1833 NetLogWithSource(), highest_priority, resolve_context_.get())));
1834 responses.emplace_back(
1835 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1836 HostPortPair("req2", 80), NetworkAnonymizationKey(),
1837 NetLogWithSource(), medium_priority, resolve_context_.get())));
1838 responses.emplace_back(
1839 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1840 HostPortPair("req3", 80), NetworkAnonymizationKey(),
1841 NetLogWithSource(), low_priority, resolve_context_.get())));
1842 responses.emplace_back(
1843 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1844 HostPortPair("req4", 80), NetworkAnonymizationKey(),
1845 NetLogWithSource(), highest_priority, resolve_context_.get())));
1846 responses.emplace_back(
1847 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1848 HostPortPair("req5", 80), NetworkAnonymizationKey(),
1849 NetLogWithSource(), lowest_priority, resolve_context_.get())));
1850 responses.emplace_back(
1851 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1852 HostPortPair("req6", 80), NetworkAnonymizationKey(),
1853 NetLogWithSource(), medium_priority, resolve_context_.get())));
1854
1855 // Cancel some requests
1856 responses[1]->CancelRequest();
1857 responses[4]->CancelRequest();
1858 responses[5]->CancelRequest();
1859
1860 // Unblock the resolver thread so the requests can run.
1861 proc_->SignalMultiple(responses.size()); // More than needed.
1862
1863 // Let everything try to finish.
1864 base::RunLoop().RunUntilIdle();
1865
1866 // Wait for all the requests to complete succesfully.
1867 EXPECT_THAT(responses[0]->result_error(), IsOk());
1868 EXPECT_THAT(responses[2]->result_error(), IsOk());
1869 EXPECT_THAT(responses[3]->result_error(), IsOk());
1870 EXPECT_THAT(responses[6]->result_error(), IsOk());
1871
1872 // Cancelled requests shouldn't complete.
1873 EXPECT_FALSE(responses[1]->complete());
1874 EXPECT_FALSE(responses[4]->complete());
1875 EXPECT_FALSE(responses[5]->complete());
1876
1877 // Verify that they called out to the resolver proc (which runs on the
1878 // resolver thread) in the expected order.
1879 MockHostResolverProc::CaptureList capture_list = proc_->GetCaptureList();
1880 ASSERT_EQ(4u, capture_list.size());
1881
1882 EXPECT_EQ("req0", capture_list[0].hostname);
1883 EXPECT_EQ("req2", capture_list[1].hostname);
1884 EXPECT_EQ("req6", capture_list[2].hostname);
1885 EXPECT_EQ("req3", capture_list[3].hostname);
1886 }
1887
1888 // Test that when too many requests are enqueued, old ones start to be aborted.
TEST_F(HostResolverManagerTest,QueueOverflow)1889 TEST_F(HostResolverManagerTest, QueueOverflow) {
1890 CreateSerialResolver();
1891
1892 // Allow only 3 queued jobs.
1893 const size_t kMaxPendingJobs = 3u;
1894 resolver_->SetMaxQueuedJobsForTesting(kMaxPendingJobs);
1895
1896 HostResolver::ResolveHostParameters lowest_priority;
1897 lowest_priority.initial_priority = LOWEST;
1898 HostResolver::ResolveHostParameters low_priority;
1899 low_priority.initial_priority = LOW;
1900 HostResolver::ResolveHostParameters medium_priority;
1901 medium_priority.initial_priority = MEDIUM;
1902 HostResolver::ResolveHostParameters highest_priority;
1903 highest_priority.initial_priority = HIGHEST;
1904
1905 // Note that at this point the MockHostResolverProc is blocked, so any
1906 // requests we make will not complete.
1907
1908 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
1909 responses.emplace_back(
1910 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1911 HostPortPair("req0", 80), NetworkAnonymizationKey(),
1912 NetLogWithSource(), lowest_priority, resolve_context_.get())));
1913 responses.emplace_back(
1914 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1915 HostPortPair("req1", 80), NetworkAnonymizationKey(),
1916 NetLogWithSource(), highest_priority, resolve_context_.get())));
1917 responses.emplace_back(
1918 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1919 HostPortPair("req2", 80), NetworkAnonymizationKey(),
1920 NetLogWithSource(), medium_priority, resolve_context_.get())));
1921 responses.emplace_back(
1922 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1923 HostPortPair("req3", 80), NetworkAnonymizationKey(),
1924 NetLogWithSource(), medium_priority, resolve_context_.get())));
1925
1926 // At this point, there are 3 enqueued jobs (and one "running" job).
1927 // Insertion of subsequent requests will cause evictions.
1928
1929 responses.emplace_back(
1930 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1931 HostPortPair("req4", 80), NetworkAnonymizationKey(),
1932 NetLogWithSource(), low_priority, resolve_context_.get())));
1933 EXPECT_THAT(responses[4]->result_error(),
1934 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE)); // Evicts self.
1935 EXPECT_THAT(responses[4]->request()->GetAddressResults(),
1936 AnyOf(nullptr, Pointee(IsEmpty())));
1937 EXPECT_THAT(responses[4]->request()->GetEndpointResults(),
1938 AnyOf(nullptr, Pointee(IsEmpty())));
1939
1940 responses.emplace_back(
1941 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1942 HostPortPair("req5", 80), NetworkAnonymizationKey(),
1943 NetLogWithSource(), medium_priority, resolve_context_.get())));
1944 EXPECT_THAT(responses[2]->result_error(),
1945 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1946 EXPECT_THAT(responses[2]->request()->GetAddressResults(),
1947 AnyOf(nullptr, Pointee(IsEmpty())));
1948 EXPECT_THAT(responses[2]->request()->GetEndpointResults(),
1949 AnyOf(nullptr, Pointee(IsEmpty())));
1950
1951 responses.emplace_back(
1952 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1953 HostPortPair("req6", 80), NetworkAnonymizationKey(),
1954 NetLogWithSource(), highest_priority, resolve_context_.get())));
1955 EXPECT_THAT(responses[3]->result_error(),
1956 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1957 EXPECT_THAT(responses[3]->request()->GetAddressResults(),
1958 AnyOf(nullptr, Pointee(IsEmpty())));
1959 EXPECT_THAT(responses[3]->request()->GetEndpointResults(),
1960 AnyOf(nullptr, Pointee(IsEmpty())));
1961
1962 responses.emplace_back(
1963 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
1964 HostPortPair("req7", 80), NetworkAnonymizationKey(),
1965 NetLogWithSource(), medium_priority, resolve_context_.get())));
1966 EXPECT_THAT(responses[5]->result_error(),
1967 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
1968 EXPECT_THAT(responses[5]->request()->GetAddressResults(),
1969 AnyOf(nullptr, Pointee(IsEmpty())));
1970 EXPECT_THAT(responses[5]->request()->GetEndpointResults(),
1971 AnyOf(nullptr, Pointee(IsEmpty())));
1972
1973 // Unblock the resolver thread so the requests can run.
1974 proc_->SignalMultiple(4u);
1975
1976 // The rest should succeed.
1977 EXPECT_THAT(responses[0]->result_error(), IsOk());
1978 EXPECT_TRUE(responses[0]->request()->GetAddressResults());
1979 EXPECT_TRUE(responses[0]->request()->GetEndpointResults());
1980 EXPECT_THAT(responses[1]->result_error(), IsOk());
1981 EXPECT_TRUE(responses[1]->request()->GetAddressResults());
1982 EXPECT_TRUE(responses[1]->request()->GetEndpointResults());
1983 EXPECT_THAT(responses[6]->result_error(), IsOk());
1984 EXPECT_TRUE(responses[6]->request()->GetAddressResults());
1985 EXPECT_TRUE(responses[6]->request()->GetEndpointResults());
1986 EXPECT_THAT(responses[7]->result_error(), IsOk());
1987 EXPECT_TRUE(responses[7]->request()->GetAddressResults());
1988 EXPECT_TRUE(responses[7]->request()->GetEndpointResults());
1989
1990 // Verify that they called out the the resolver proc (which runs on the
1991 // resolver thread) in the expected order.
1992 MockHostResolverProc::CaptureList capture_list = proc_->GetCaptureList();
1993 ASSERT_EQ(4u, capture_list.size());
1994
1995 EXPECT_EQ("req0", capture_list[0].hostname);
1996 EXPECT_EQ("req1", capture_list[1].hostname);
1997 EXPECT_EQ("req6", capture_list[2].hostname);
1998 EXPECT_EQ("req7", capture_list[3].hostname);
1999
2000 // Verify that the evicted (incomplete) requests were not cached.
2001 EXPECT_EQ(4u, resolve_context_->host_cache()->size());
2002
2003 for (size_t i = 0; i < responses.size(); ++i) {
2004 EXPECT_TRUE(responses[i]->complete()) << i;
2005 }
2006 }
2007
2008 // Tests that jobs can self-evict by setting the max queue to 0.
TEST_F(HostResolverManagerTest,QueueOverflow_SelfEvict)2009 TEST_F(HostResolverManagerTest, QueueOverflow_SelfEvict) {
2010 CreateSerialResolver();
2011 resolver_->SetMaxQueuedJobsForTesting(0);
2012
2013 // Note that at this point the MockHostResolverProc is blocked, so any
2014 // requests we make will not complete.
2015
2016 ResolveHostResponseHelper run_response(resolver_->CreateRequest(
2017 HostPortPair("run", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2018 std::nullopt, resolve_context_.get()));
2019
2020 ResolveHostResponseHelper evict_response(resolver_->CreateRequest(
2021 HostPortPair("req1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2022 std::nullopt, resolve_context_.get()));
2023 EXPECT_THAT(evict_response.result_error(),
2024 IsError(ERR_HOST_RESOLVER_QUEUE_TOO_LARGE));
2025 EXPECT_THAT(evict_response.request()->GetAddressResults(),
2026 AnyOf(nullptr, Pointee(IsEmpty())));
2027 EXPECT_THAT(evict_response.request()->GetEndpointResults(),
2028 AnyOf(nullptr, Pointee(IsEmpty())));
2029
2030 proc_->SignalMultiple(1u);
2031
2032 EXPECT_THAT(run_response.result_error(), IsOk());
2033 EXPECT_TRUE(run_response.request()->GetAddressResults());
2034 EXPECT_TRUE(run_response.request()->GetEndpointResults());
2035 }
2036
2037 // Make sure that the dns query type parameter is respected when raw IPs are
2038 // passed in.
TEST_F(HostResolverManagerTest,AddressFamilyWithRawIPs)2039 TEST_F(HostResolverManagerTest, AddressFamilyWithRawIPs) {
2040 HostResolver::ResolveHostParameters v4_parameters;
2041 v4_parameters.dns_query_type = DnsQueryType::A;
2042
2043 HostResolver::ResolveHostParameters v6_parameters;
2044 v6_parameters.dns_query_type = DnsQueryType::AAAA;
2045
2046 ResolveHostResponseHelper v4_v4_request(resolver_->CreateRequest(
2047 HostPortPair("127.0.0.1", 80), NetworkAnonymizationKey(),
2048 NetLogWithSource(), v4_parameters, resolve_context_.get()));
2049 EXPECT_THAT(v4_v4_request.result_error(), IsOk());
2050 EXPECT_THAT(v4_v4_request.request()->GetAddressResults()->endpoints(),
2051 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
2052 EXPECT_THAT(
2053 v4_v4_request.request()->GetEndpointResults(),
2054 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2055 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
2056
2057 ResolveHostResponseHelper v4_v6_request(resolver_->CreateRequest(
2058 HostPortPair("127.0.0.1", 80), NetworkAnonymizationKey(),
2059 NetLogWithSource(), v6_parameters, resolve_context_.get()));
2060 EXPECT_THAT(v4_v6_request.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2061
2062 ResolveHostResponseHelper v4_unsp_request(resolver_->CreateRequest(
2063 HostPortPair("127.0.0.1", 80), NetworkAnonymizationKey(),
2064 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2065 EXPECT_THAT(v4_unsp_request.result_error(), IsOk());
2066 EXPECT_THAT(v4_unsp_request.request()->GetAddressResults()->endpoints(),
2067 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
2068 EXPECT_THAT(
2069 v4_unsp_request.request()->GetEndpointResults(),
2070 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2071 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
2072
2073 ResolveHostResponseHelper v6_v4_request(resolver_->CreateRequest(
2074 HostPortPair("::1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2075 v4_parameters, resolve_context_.get()));
2076 EXPECT_THAT(v6_v4_request.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2077
2078 ResolveHostResponseHelper v6_v6_request(resolver_->CreateRequest(
2079 HostPortPair("::1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2080 v6_parameters, resolve_context_.get()));
2081 EXPECT_THAT(v6_v6_request.result_error(), IsOk());
2082 EXPECT_THAT(v6_v6_request.request()->GetAddressResults()->endpoints(),
2083 testing::ElementsAre(CreateExpected("::1", 80)));
2084 EXPECT_THAT(
2085 v6_v6_request.request()->GetEndpointResults(),
2086 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2087 testing::ElementsAre(CreateExpected("::1", 80))))));
2088
2089 ResolveHostResponseHelper v6_unsp_request(resolver_->CreateRequest(
2090 HostPortPair("::1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2091 std::nullopt, resolve_context_.get()));
2092 EXPECT_THAT(v6_unsp_request.result_error(), IsOk());
2093 EXPECT_THAT(v6_unsp_request.request()->GetAddressResults()->endpoints(),
2094 testing::ElementsAre(CreateExpected("::1", 80)));
2095 EXPECT_THAT(
2096 v6_unsp_request.request()->GetEndpointResults(),
2097 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2098 testing::ElementsAre(CreateExpected("::1", 80))))));
2099 }
2100
TEST_F(HostResolverManagerTest,LocalOnly_FromCache)2101 TEST_F(HostResolverManagerTest, LocalOnly_FromCache) {
2102 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
2103 proc_->SignalMultiple(1u); // Need only one.
2104
2105 HostResolver::ResolveHostParameters source_none_parameters;
2106 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2107
2108 // First NONE query expected to complete synchronously with a cache miss.
2109 ResolveHostResponseHelper cache_miss_request(resolver_->CreateRequest(
2110 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2111 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
2112 EXPECT_TRUE(cache_miss_request.complete());
2113 EXPECT_THAT(cache_miss_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
2114 EXPECT_THAT(cache_miss_request.request()->GetAddressResults(),
2115 AnyOf(nullptr, Pointee(IsEmpty())));
2116 EXPECT_THAT(cache_miss_request.request()->GetEndpointResults(),
2117 AnyOf(nullptr, Pointee(IsEmpty())));
2118 EXPECT_FALSE(cache_miss_request.request()->GetStaleInfo());
2119
2120 // Normal query to populate the cache.
2121 ResolveHostResponseHelper normal_request(resolver_->CreateRequest(
2122 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2123 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2124 EXPECT_THAT(normal_request.result_error(), IsOk());
2125 EXPECT_FALSE(normal_request.request()->GetStaleInfo());
2126
2127 // Second NONE query expected to complete synchronously with cache hit.
2128 ResolveHostResponseHelper cache_hit_request(resolver_->CreateRequest(
2129 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2130 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
2131 EXPECT_TRUE(cache_hit_request.complete());
2132 EXPECT_THAT(cache_hit_request.result_error(), IsOk());
2133 EXPECT_THAT(cache_hit_request.request()->GetAddressResults()->endpoints(),
2134 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
2135 EXPECT_THAT(
2136 cache_hit_request.request()->GetEndpointResults(),
2137 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2138 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
2139 EXPECT_FALSE(cache_hit_request.request()->GetStaleInfo().value().is_stale());
2140 }
2141
TEST_F(HostResolverManagerTest,LocalOnly_StaleEntry)2142 TEST_F(HostResolverManagerTest, LocalOnly_StaleEntry) {
2143 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
2144 proc_->SignalMultiple(1u); // Need only one.
2145
2146 HostResolver::ResolveHostParameters source_none_parameters;
2147 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2148
2149 // First NONE query expected to complete synchronously with a cache miss.
2150 ResolveHostResponseHelper cache_miss_request(resolver_->CreateRequest(
2151 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2152 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
2153 EXPECT_TRUE(cache_miss_request.complete());
2154 EXPECT_THAT(cache_miss_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
2155 EXPECT_THAT(cache_miss_request.request()->GetAddressResults(),
2156 AnyOf(nullptr, Pointee(IsEmpty())));
2157 EXPECT_THAT(cache_miss_request.request()->GetEndpointResults(),
2158 AnyOf(nullptr, Pointee(IsEmpty())));
2159 EXPECT_FALSE(cache_miss_request.request()->GetStaleInfo());
2160
2161 // Normal query to populate the cache.
2162 ResolveHostResponseHelper normal_request(resolver_->CreateRequest(
2163 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2164 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2165 EXPECT_THAT(normal_request.result_error(), IsOk());
2166 EXPECT_FALSE(normal_request.request()->GetStaleInfo());
2167
2168 MakeCacheStale();
2169
2170 // Second NONE query still expected to complete synchronously with cache miss.
2171 ResolveHostResponseHelper stale_request(resolver_->CreateRequest(
2172 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2173 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
2174 EXPECT_TRUE(stale_request.complete());
2175 EXPECT_THAT(stale_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
2176 EXPECT_THAT(stale_request.request()->GetAddressResults(),
2177 AnyOf(nullptr, Pointee(IsEmpty())));
2178 EXPECT_THAT(stale_request.request()->GetEndpointResults(),
2179 AnyOf(nullptr, Pointee(IsEmpty())));
2180 EXPECT_FALSE(stale_request.request()->GetStaleInfo());
2181 }
2182
LocalOnlyFromIpTest(bool is_async)2183 void HostResolverManagerTest::LocalOnlyFromIpTest(bool is_async) {
2184 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
2185 true /* ipv6_reachable */,
2186 true /* check_ipv6_on_wifi */, is_async);
2187 HostResolver::ResolveHostParameters source_none_parameters;
2188 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2189
2190 ResolveHostResponseHelper response(resolver_->CreateRequest(
2191 HostPortPair("1.2.3.4", 56), NetworkAnonymizationKey(),
2192 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
2193
2194 // If IPv6 reachability is asynchronous, the first request will return
2195 // NAME_NOT_RESOLVED. Do a second request to confirm that it returns OK once
2196 // reachability check completes.
2197 if (is_async) {
2198 // Expected to resolve synchronously.
2199 EXPECT_TRUE(response.complete());
2200 EXPECT_EQ(response.result_error(), ERR_NAME_NOT_RESOLVED);
2201 EXPECT_THAT(response.request()->GetAddressResults(),
2202 AnyOf(nullptr, Pointee(IsEmpty())));
2203 EXPECT_THAT(response.request()->GetEndpointResults(),
2204 AnyOf(nullptr, Pointee(IsEmpty())));
2205 EXPECT_FALSE(response.request()->GetStaleInfo());
2206 base::RunLoop().RunUntilIdle();
2207
2208 ResolveHostResponseHelper response2(resolver_->CreateRequest(
2209 HostPortPair("1.2.3.4", 56), NetworkAnonymizationKey(),
2210 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
2211 EXPECT_TRUE(response2.complete());
2212 EXPECT_THAT(response2.result_error(), IsOk());
2213 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
2214 testing::ElementsAre(CreateExpected("1.2.3.4", 56)));
2215 EXPECT_THAT(response2.request()->GetEndpointResults(),
2216 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
2217 testing::ElementsAre(CreateExpected("1.2.3.4", 56))))));
2218 EXPECT_FALSE(response2.request()->GetStaleInfo());
2219 } else {
2220 // Expected to resolve synchronously.
2221 EXPECT_TRUE(response.complete());
2222 EXPECT_THAT(response.result_error(), IsOk());
2223 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2224 testing::ElementsAre(CreateExpected("1.2.3.4", 56)));
2225 EXPECT_THAT(response.request()->GetEndpointResults(),
2226 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
2227 testing::ElementsAre(CreateExpected("1.2.3.4", 56))))));
2228 EXPECT_FALSE(response.request()->GetStaleInfo());
2229 }
2230 }
2231
TEST_F(HostResolverManagerTest,LocalOnly_FromIpAsync)2232 TEST_F(HostResolverManagerTest, LocalOnly_FromIpAsync) {
2233 LocalOnlyFromIpTest(true);
2234 }
2235
TEST_F(HostResolverManagerTest,LocalOnly_FromIpSync)2236 TEST_F(HostResolverManagerTest, LocalOnly_FromIpSync) {
2237 LocalOnlyFromIpTest(false);
2238 }
2239
TEST_F(HostResolverManagerTest,LocalOnly_InvalidName)2240 TEST_F(HostResolverManagerTest, LocalOnly_InvalidName) {
2241 proc_->AddRuleForAllFamilies("foo,bar.com", "192.168.1.42");
2242
2243 HostResolver::ResolveHostParameters source_none_parameters;
2244 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2245
2246 ResolveHostResponseHelper response(resolver_->CreateRequest(
2247 HostPortPair("foo,bar.com", 57), NetworkAnonymizationKey(),
2248 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
2249
2250 // Expected to fail synchronously.
2251 EXPECT_TRUE(response.complete());
2252 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2253 EXPECT_THAT(response.request()->GetAddressResults(),
2254 AnyOf(nullptr, Pointee(IsEmpty())));
2255 EXPECT_THAT(response.request()->GetEndpointResults(),
2256 AnyOf(nullptr, Pointee(IsEmpty())));
2257 EXPECT_FALSE(response.request()->GetStaleInfo());
2258 }
2259
TEST_F(HostResolverManagerTest,LocalOnly_InvalidLocalhost)2260 TEST_F(HostResolverManagerTest, LocalOnly_InvalidLocalhost) {
2261 HostResolver::ResolveHostParameters source_none_parameters;
2262 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
2263
2264 ResolveHostResponseHelper response(resolver_->CreateRequest(
2265 HostPortPair("foo,bar.localhost", 58), NetworkAnonymizationKey(),
2266 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
2267
2268 // Expected to fail synchronously.
2269 EXPECT_TRUE(response.complete());
2270 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2271 EXPECT_THAT(response.request()->GetAddressResults(),
2272 AnyOf(nullptr, Pointee(IsEmpty())));
2273 EXPECT_THAT(response.request()->GetEndpointResults(),
2274 AnyOf(nullptr, Pointee(IsEmpty())));
2275 EXPECT_FALSE(response.request()->GetStaleInfo());
2276 }
2277
TEST_F(HostResolverManagerTest,StaleAllowed)2278 TEST_F(HostResolverManagerTest, StaleAllowed) {
2279 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
2280 proc_->SignalMultiple(1u); // Need only one.
2281
2282 HostResolver::ResolveHostParameters stale_allowed_parameters;
2283 stale_allowed_parameters.source = HostResolverSource::LOCAL_ONLY;
2284 stale_allowed_parameters.cache_usage =
2285 HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
2286
2287 // First query expected to complete synchronously as a cache miss.
2288 ResolveHostResponseHelper cache_miss_request(resolver_->CreateRequest(
2289 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2290 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get()));
2291 EXPECT_TRUE(cache_miss_request.complete());
2292 EXPECT_THAT(cache_miss_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
2293 EXPECT_THAT(cache_miss_request.request()->GetAddressResults(),
2294 AnyOf(nullptr, Pointee(IsEmpty())));
2295 EXPECT_THAT(cache_miss_request.request()->GetEndpointResults(),
2296 AnyOf(nullptr, Pointee(IsEmpty())));
2297 EXPECT_FALSE(cache_miss_request.request()->GetStaleInfo());
2298
2299 // Normal query to populate cache
2300 ResolveHostResponseHelper normal_request(resolver_->CreateRequest(
2301 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2302 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2303 EXPECT_THAT(normal_request.result_error(), IsOk());
2304 EXPECT_FALSE(normal_request.request()->GetStaleInfo());
2305
2306 MakeCacheStale();
2307
2308 // Second NONE query expected to get a stale cache hit.
2309 ResolveHostResponseHelper stale_request(resolver_->CreateRequest(
2310 HostPortPair("just.testing", 84), NetworkAnonymizationKey(),
2311 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get()));
2312 EXPECT_TRUE(stale_request.complete());
2313 EXPECT_THAT(stale_request.result_error(), IsOk());
2314 EXPECT_THAT(stale_request.request()->GetAddressResults()->endpoints(),
2315 testing::ElementsAre(CreateExpected("192.168.1.42", 84)));
2316 EXPECT_THAT(
2317 stale_request.request()->GetEndpointResults(),
2318 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2319 testing::ElementsAre(CreateExpected("192.168.1.42", 84))))));
2320 EXPECT_TRUE(stale_request.request()->GetStaleInfo().value().is_stale());
2321 }
2322
TEST_F(HostResolverManagerTest,StaleAllowed_NonLocal)2323 TEST_F(HostResolverManagerTest, StaleAllowed_NonLocal) {
2324 proc_->AddRuleForAllFamilies("just.testing", "192.168.2.42");
2325 proc_->SignalMultiple(1u); // Need only one.
2326
2327 HostResolver::ResolveHostParameters stale_allowed_parameters;
2328 stale_allowed_parameters.cache_usage =
2329 HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
2330
2331 // Normal non-local resolves should still work normally with the STALE_ALLOWED
2332 // parameter, and there should be no stale info.
2333 ResolveHostResponseHelper response(resolver_->CreateRequest(
2334 HostPortPair("just.testing", 85), NetworkAnonymizationKey(),
2335 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get()));
2336 EXPECT_THAT(response.result_error(), IsOk());
2337 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2338 testing::ElementsAre(CreateExpected("192.168.2.42", 85)));
2339 EXPECT_THAT(
2340 response.request()->GetEndpointResults(),
2341 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2342 testing::ElementsAre(CreateExpected("192.168.2.42", 85))))));
2343 EXPECT_FALSE(response.request()->GetStaleInfo());
2344 }
2345
StaleAllowedFromIpTest(bool is_async)2346 void HostResolverManagerTest::StaleAllowedFromIpTest(bool is_async) {
2347 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
2348 true /* ipv6_reachable */,
2349 true /* check_ipv6_on_wifi */, is_async);
2350 HostResolver::ResolveHostParameters stale_allowed_parameters;
2351 stale_allowed_parameters.cache_usage =
2352 HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
2353
2354 ResolveHostResponseHelper response(resolver_->CreateRequest(
2355 HostPortPair("1.2.3.4", 57), NetworkAnonymizationKey(),
2356 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get()));
2357
2358 if (!is_async) {
2359 // Expected to resolve synchronously without stale info.
2360 EXPECT_TRUE(response.complete());
2361 }
2362 EXPECT_THAT(response.result_error(), IsOk());
2363 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2364 testing::ElementsAre(CreateExpected("1.2.3.4", 57)));
2365 EXPECT_THAT(
2366 response.request()->GetEndpointResults(),
2367 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2368 testing::ElementsAre(CreateExpected("1.2.3.4", 57))))));
2369 EXPECT_FALSE(response.request()->GetStaleInfo());
2370 }
2371
TEST_F(HostResolverManagerTest,StaleAllowed_FromIpAsync)2372 TEST_F(HostResolverManagerTest, StaleAllowed_FromIpAsync) {
2373 StaleAllowedFromIpTest(true);
2374 }
2375
TEST_F(HostResolverManagerTest,StaleAllowed_FromIpSync)2376 TEST_F(HostResolverManagerTest, StaleAllowed_FromIpSync) {
2377 StaleAllowedFromIpTest(false);
2378 }
2379
2380 // TODO(mgersh): add a test case for errors with positive TTL after
2381 // https://crbug.com/115051 is fixed.
2382
2383 // Test the retry attempts simulating host resolver proc that takes too long.
TEST_F(HostResolverManagerTest,MultipleAttempts)2384 TEST_F(HostResolverManagerTest, MultipleAttempts) {
2385 // Total number of attempts would be 3 and we want the 3rd attempt to resolve
2386 // the host. First and second attempt will be forced to wait until they get
2387 // word that a resolution has completed. The 3rd resolution attempt will try
2388 // to get done ASAP, and won't wait.
2389 int kAttemptNumberToResolve = 3;
2390 int kTotalAttempts = 3;
2391
2392 // Add a little bit of extra fudge to the delay to allow reasonable
2393 // flexibility for time > vs >= etc. We don't need to fail the test if we
2394 // retry at t=6001 instead of t=6000.
2395 base::TimeDelta kSleepFudgeFactor = base::Milliseconds(1);
2396
2397 auto resolver_proc = base::MakeRefCounted<LookupAttemptHostResolverProc>(
2398 nullptr, kAttemptNumberToResolve, kTotalAttempts);
2399
2400 HostResolverSystemTask::Params params = DefaultParams(resolver_proc);
2401 base::TimeDelta unresponsive_delay = params.unresponsive_delay;
2402 int retry_factor = params.retry_factor;
2403
2404 CreateResolverWithLimitsAndParams(kMaxJobs, params, true /* ipv6_reachable */,
2405 true /* check_ipv6_on_wifi */);
2406
2407 // Override the current thread task runner, so we can simulate the passage of
2408 // time and avoid any actual sleeps.
2409 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
2410 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
2411 task_runner_current_default_handle_override(test_task_runner);
2412
2413 // Resolve "host1".
2414 ResolveHostResponseHelper response(resolver_->CreateRequest(
2415 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
2416 std::nullopt, resolve_context_.get()));
2417 EXPECT_FALSE(response.complete());
2418
2419 resolver_proc->WaitForNAttemptsToBeBlocked(1);
2420 EXPECT_FALSE(response.complete());
2421
2422 test_task_runner->FastForwardBy(unresponsive_delay + kSleepFudgeFactor);
2423 resolver_proc->WaitForNAttemptsToBeBlocked(2);
2424 EXPECT_FALSE(response.complete());
2425
2426 test_task_runner->FastForwardBy(unresponsive_delay * retry_factor +
2427 kSleepFudgeFactor);
2428
2429 resolver_proc->WaitForAllAttemptsToFinish();
2430 test_task_runner->RunUntilIdle();
2431
2432 // Resolve returns -4 to indicate that 3rd attempt has resolved the host.
2433 // Since we're using a TestMockTimeTaskRunner, the RunLoop stuff in
2434 // result_error() will fail if it actually has to wait, but unless there's an
2435 // error, the result should be immediately ready by this point.
2436 EXPECT_EQ(-4, response.result_error());
2437
2438 // We should be done with retries, but make sure none erroneously happen.
2439 test_task_runner->FastForwardUntilNoTasksRemain();
2440
2441 EXPECT_EQ(resolver_proc->GetTotalAttemptsResolved(), kTotalAttempts);
2442 }
2443
2444 // Regression test for https://crbug.com/976948.
2445 //
2446 // Tests that when the maximum number of retries is set to
2447 // |HostResolver::ManagerOptions::kDefaultRetryAttempts| the
2448 // number of retries used is 4 rather than something higher.
TEST_F(HostResolverManagerTest,DefaultMaxRetryAttempts)2449 TEST_F(HostResolverManagerTest, DefaultMaxRetryAttempts) {
2450 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
2451 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
2452 task_runner_current_default_handle_override(test_task_runner);
2453
2454 // Instantiate a ResolverProc that will block all incoming requests.
2455 auto resolver_proc = base::MakeRefCounted<LookupAttemptHostResolverProc>(
2456 nullptr, std::numeric_limits<size_t>::max(),
2457 std::numeric_limits<size_t>::max());
2458
2459 // This corresponds to kDefaultMaxRetryAttempts in
2460 // HostResolverSystemTask::Params::HostResolverSystemTask::Params(). The
2461 // correspondence is verified below, since that symbol is not exported.
2462 const size_t expected_max_retries = 4;
2463
2464 // Use the special value |ManagerOptions::kDefaultRetryAttempts|, which is
2465 // expected to translate into |expected_num_retries|.
2466 ASSERT_NE(HostResolverSystemTask::Params::kDefaultRetryAttempts,
2467 expected_max_retries);
2468 HostResolverSystemTask::Params params(
2469 resolver_proc, HostResolverSystemTask::Params::kDefaultRetryAttempts);
2470 ASSERT_EQ(params.max_retry_attempts, expected_max_retries);
2471
2472 CreateResolverWithLimitsAndParams(kMaxJobs, params,
2473 false /* ipv6_reachable */,
2474 false /* check_ipv6_on_wifi */);
2475 // Resolve "host1". The resolver proc will hang all requests so this
2476 // resolution should remain stalled until calling SetResolvedAttemptNumber().
2477 ResolveHostResponseHelper response(resolver_->CreateRequest(
2478 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
2479 std::nullopt, resolve_context_.get()));
2480 EXPECT_FALSE(response.complete());
2481
2482 // Simulate running the main thread (network task runner) for a long
2483 // time. Because none of the attempts posted to worker pool can complete, this
2484 // should cause all of the retry attempts to get posted, according to the
2485 // exponential backoff schedule.
2486 test_task_runner->FastForwardBy(base::Minutes(20));
2487
2488 // Unblock the resolver proc, then wait for all the worker pool and main
2489 // thread tasks to complete. Note that the call to SetResolvedAttemptNumber(1)
2490 // will cause all the blocked resolver procs tasks fail with -2.
2491 resolver_proc->SetResolvedAttemptNumber(1);
2492 const int kExpectedError = -2;
2493 base::ThreadPoolInstance::Get()->FlushForTesting();
2494 test_task_runner->RunUntilIdle();
2495
2496 ASSERT_TRUE(response.complete());
2497 EXPECT_EQ(kExpectedError, response.result_error());
2498
2499 // Ensure that the original attempt was executed on the worker pool, as well
2500 // as the maximum number of allowed retries, and no more.
2501 EXPECT_EQ(static_cast<int>(expected_max_retries + 1),
2502 resolver_proc->GetTotalAttemptsResolved());
2503 }
2504
2505 // If a host resolves to a list that includes 127.0.53.53, this is treated as
2506 // an error. 127.0.53.53 is a localhost address, however it has been given a
2507 // special significance by ICANN to help surface name collision resulting from
2508 // the new gTLDs.
TEST_F(HostResolverManagerTest,NameCollisionIcann)2509 TEST_F(HostResolverManagerTest, NameCollisionIcann) {
2510 proc_->AddRuleForAllFamilies("single", "127.0.53.53");
2511 proc_->AddRuleForAllFamilies("multiple", "127.0.0.1,127.0.53.53");
2512 proc_->AddRuleForAllFamilies("ipv6", "::127.0.53.53");
2513 proc_->AddRuleForAllFamilies("not_reserved1", "53.53.0.127");
2514 proc_->AddRuleForAllFamilies("not_reserved2", "127.0.53.54");
2515 proc_->AddRuleForAllFamilies("not_reserved3", "10.0.53.53");
2516 proc_->SignalMultiple(6u);
2517
2518 ResolveHostResponseHelper single_response(resolver_->CreateRequest(
2519 HostPortPair("single", 80), NetworkAnonymizationKey(), NetLogWithSource(),
2520 std::nullopt, resolve_context_.get()));
2521 EXPECT_THAT(single_response.result_error(),
2522 IsError(ERR_ICANN_NAME_COLLISION));
2523 EXPECT_THAT(single_response.request()->GetAddressResults(),
2524 AnyOf(nullptr, Pointee(IsEmpty())));
2525 EXPECT_THAT(single_response.request()->GetEndpointResults(),
2526 AnyOf(nullptr, Pointee(IsEmpty())));
2527
2528 // ERR_ICANN_NAME_COLLISION is cached like any other error, using a fixed TTL
2529 // for failed entries from proc-based resolver. That said, the fixed TTL is 0,
2530 // so it should never be cached.
2531 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
2532 GetCacheHit(HostCache::Key(
2533 "single", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
2534 HostResolverSource::ANY, NetworkAnonymizationKey()));
2535 EXPECT_FALSE(cache_result);
2536
2537 ResolveHostResponseHelper multiple_response(resolver_->CreateRequest(
2538 HostPortPair("multiple", 80), NetworkAnonymizationKey(),
2539 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2540 EXPECT_THAT(multiple_response.result_error(),
2541 IsError(ERR_ICANN_NAME_COLLISION));
2542
2543 // Resolving an IP literal of 127.0.53.53 however is allowed.
2544 ResolveHostResponseHelper literal_response(resolver_->CreateRequest(
2545 HostPortPair("127.0.53.53", 80), NetworkAnonymizationKey(),
2546 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2547 EXPECT_THAT(literal_response.result_error(), IsOk());
2548
2549 // Moreover the address should not be recognized when embedded in an IPv6
2550 // address.
2551 ResolveHostResponseHelper ipv6_response(resolver_->CreateRequest(
2552 HostPortPair("127.0.53.53", 80), NetworkAnonymizationKey(),
2553 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2554 EXPECT_THAT(ipv6_response.result_error(), IsOk());
2555
2556 // Try some other IPs which are similar, but NOT an exact match on
2557 // 127.0.53.53.
2558 ResolveHostResponseHelper similar_response1(resolver_->CreateRequest(
2559 HostPortPair("not_reserved1", 80), NetworkAnonymizationKey(),
2560 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2561 EXPECT_THAT(similar_response1.result_error(), IsOk());
2562
2563 ResolveHostResponseHelper similar_response2(resolver_->CreateRequest(
2564 HostPortPair("not_reserved2", 80), NetworkAnonymizationKey(),
2565 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2566 EXPECT_THAT(similar_response2.result_error(), IsOk());
2567
2568 ResolveHostResponseHelper similar_response3(resolver_->CreateRequest(
2569 HostPortPair("not_reserved3", 80), NetworkAnonymizationKey(),
2570 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2571 EXPECT_THAT(similar_response3.result_error(), IsOk());
2572 }
2573
TEST_F(HostResolverManagerTest,StartIPv6ReachabilityCheck)2574 TEST_F(HostResolverManagerTest, StartIPv6ReachabilityCheck) {
2575 // The real HostResolverManager is needed since TestHostResolverManager will
2576 // bypass the IPv6 reachability tests.
2577 DestroyResolver();
2578 resolver_ = std::make_unique<HostResolverManager>(
2579 DefaultOptions(), nullptr /* system_dns_config_notifier */,
2580 nullptr /* net_log */);
2581 // Verify that two consecutive calls return the same value.
2582 RecordingNetLogObserver net_log_observer;
2583 NetLogWithSource net_log =
2584 NetLogWithSource::Make(net::NetLog::Get(), NetLogSourceType::NONE);
2585 MockClientSocketFactory socket_factory;
2586 SequencedSocketData sync_connect(MockConnect(SYNCHRONOUS, OK),
2587 base::span<net::MockRead>(),
2588 base::span<net::MockWrite>());
2589 SequencedSocketData async_connect(MockConnect(ASYNC, OK),
2590 base::span<net::MockRead>(),
2591 base::span<net::MockWrite>());
2592 socket_factory.AddSocketDataProvider(&sync_connect);
2593 socket_factory.AddSocketDataProvider(&async_connect);
2594
2595 int attempt1 = StartIPv6ReachabilityCheck(net_log, &socket_factory,
2596 base::DoNothingAs<void(int)>());
2597 EXPECT_EQ(attempt1, OK);
2598 int result1 = GetLastIpv6ProbeResult();
2599
2600 int attempt2 = StartIPv6ReachabilityCheck(net_log, &socket_factory,
2601 base::DoNothingAs<void(int)>());
2602 EXPECT_EQ(attempt2, OK);
2603 int result2 = GetLastIpv6ProbeResult();
2604 EXPECT_EQ(result1, result2);
2605
2606 // Verify that async socket connections also return the same value.
2607 resolver_->ResetIPv6ProbeTimeForTesting();
2608 TestCompletionCallback callback;
2609 int attempt3 =
2610 StartIPv6ReachabilityCheck(net_log, &socket_factory, callback.callback());
2611 EXPECT_EQ(attempt3, ERR_IO_PENDING);
2612 EXPECT_THAT(callback.WaitForResult(), IsOk());
2613 int result3 = GetLastIpv6ProbeResult();
2614 EXPECT_EQ(result1, result3);
2615
2616 // Filter reachability check events and verify that there are three of them.
2617 auto probe_event_list = net_log_observer.GetEntriesWithType(
2618 NetLogEventType::HOST_RESOLVER_MANAGER_IPV6_REACHABILITY_CHECK);
2619 ASSERT_EQ(3U, probe_event_list.size());
2620 // Verify that the first and third requests were not cached and the second one
2621 // was.
2622 EXPECT_FALSE(GetBooleanValueFromParams(probe_event_list[0], "cached"));
2623 EXPECT_TRUE(GetBooleanValueFromParams(probe_event_list[1], "cached"));
2624 EXPECT_FALSE(GetBooleanValueFromParams(probe_event_list[0], "cached"));
2625 }
2626
TEST_F(HostResolverManagerTest,IncludeCanonicalName)2627 TEST_F(HostResolverManagerTest, IncludeCanonicalName) {
2628 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42",
2629 HOST_RESOLVER_CANONNAME, "canon.name");
2630 proc_->SignalMultiple(2u);
2631
2632 HostResolver::ResolveHostParameters parameters;
2633 parameters.include_canonical_name = true;
2634 ResolveHostResponseHelper response(resolver_->CreateRequest(
2635 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2636 NetLogWithSource(), parameters, resolve_context_.get()));
2637 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
2638 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2639 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2640
2641 EXPECT_THAT(response.result_error(), IsOk());
2642 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2643 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
2644 EXPECT_THAT(
2645 response.request()->GetEndpointResults(),
2646 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2647 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
2648 EXPECT_THAT(response.request()->GetDnsAliasResults(),
2649 testing::Pointee(testing::UnorderedElementsAre("canon.name")));
2650
2651 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2652 }
2653
TEST_F(HostResolverManagerTest,FixupCanonicalName)2654 TEST_F(HostResolverManagerTest, FixupCanonicalName) {
2655 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42", /*flags=*/0,
2656 "CANON.name");
2657 proc_->SignalMultiple(1u);
2658
2659 ResolveHostResponseHelper response(resolver_->CreateRequest(
2660 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2661 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2662
2663 EXPECT_THAT(response.result_error(), IsOk());
2664 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2665 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
2666 EXPECT_THAT(
2667 response.request()->GetEndpointResults(),
2668 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2669 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
2670 EXPECT_THAT(response.request()->GetDnsAliasResults(),
2671 testing::Pointee(testing::UnorderedElementsAre("canon.name")));
2672 }
2673
TEST_F(HostResolverManagerTest,IncludeCanonicalNameButNotReceived)2674 TEST_F(HostResolverManagerTest, IncludeCanonicalNameButNotReceived) {
2675 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42",
2676 HOST_RESOLVER_CANONNAME);
2677 proc_->SignalMultiple(2u);
2678
2679 HostResolver::ResolveHostParameters parameters;
2680 parameters.include_canonical_name = true;
2681 ResolveHostResponseHelper response(resolver_->CreateRequest(
2682 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2683 NetLogWithSource(), parameters, resolve_context_.get()));
2684 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
2685 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2686 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2687
2688 EXPECT_THAT(response.result_error(), IsOk());
2689 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2690 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
2691 EXPECT_THAT(
2692 response.request()->GetEndpointResults(),
2693 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2694 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
2695 EXPECT_THAT(response.request()->GetDnsAliasResults(),
2696 testing::Pointee(testing::IsEmpty()));
2697
2698 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2699 }
2700
2701 // If `ResolveHostParameters::include_canonical_name` is set, canonical name
2702 // should be returned exactly as received from the system resolver, without any
2703 // attempt to do URL hostname canonicalization on it.
TEST_F(HostResolverManagerTest,IncludeCanonicalNameSkipsUrlCanonicalization)2704 TEST_F(HostResolverManagerTest, IncludeCanonicalNameSkipsUrlCanonicalization) {
2705 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42",
2706 HOST_RESOLVER_CANONNAME, "CANON.name");
2707 proc_->SignalMultiple(2u);
2708
2709 HostResolver::ResolveHostParameters parameters;
2710 parameters.include_canonical_name = true;
2711 ResolveHostResponseHelper response(resolver_->CreateRequest(
2712 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2713 NetLogWithSource(), parameters, resolve_context_.get()));
2714 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
2715 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2716 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2717
2718 EXPECT_THAT(response.result_error(), IsOk());
2719 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2720 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
2721 EXPECT_THAT(
2722 response.request()->GetEndpointResults(),
2723 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2724 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
2725 EXPECT_THAT(response.request()->GetDnsAliasResults(),
2726 testing::Pointee(testing::UnorderedElementsAre("CANON.name")));
2727
2728 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2729 }
2730
TEST_F(HostResolverManagerTest,LoopbackOnly)2731 TEST_F(HostResolverManagerTest, LoopbackOnly) {
2732 proc_->AddRuleForAllFamilies("otherlocal", "127.0.0.1",
2733 HOST_RESOLVER_LOOPBACK_ONLY);
2734 proc_->SignalMultiple(2u);
2735
2736 HostResolver::ResolveHostParameters parameters;
2737 parameters.loopback_only = true;
2738 ResolveHostResponseHelper response(resolver_->CreateRequest(
2739 HostPortPair("otherlocal", 80), NetworkAnonymizationKey(),
2740 NetLogWithSource(), parameters, resolve_context_.get()));
2741 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
2742 HostPortPair("otherlocal", 80), NetworkAnonymizationKey(),
2743 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2744
2745 EXPECT_THAT(response.result_error(), IsOk());
2746 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2747 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
2748 EXPECT_THAT(
2749 response.request()->GetEndpointResults(),
2750 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2751 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
2752
2753 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2754 }
2755
TEST_F(HostResolverManagerTest,IsSpeculative)2756 TEST_F(HostResolverManagerTest, IsSpeculative) {
2757 proc_->AddRuleForAllFamilies("just.testing", "192.168.1.42");
2758 proc_->SignalMultiple(1u);
2759
2760 HostResolver::ResolveHostParameters parameters;
2761 parameters.is_speculative = true;
2762
2763 ResolveHostResponseHelper response(resolver_->CreateRequest(
2764 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2765 NetLogWithSource(), parameters, resolve_context_.get()));
2766
2767 EXPECT_THAT(response.result_error(), IsOk());
2768 EXPECT_THAT(response.request()->GetAddressResults(),
2769 AnyOf(nullptr, Pointee(IsEmpty())));
2770 EXPECT_THAT(response.request()->GetEndpointResults(),
2771 AnyOf(nullptr, Pointee(IsEmpty())));
2772
2773 ASSERT_EQ(1u, proc_->GetCaptureList().size());
2774 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
2775
2776 // Reresolve without the |is_speculative| flag should immediately return from
2777 // cache.
2778 ResolveHostResponseHelper response2(resolver_->CreateRequest(
2779 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
2780 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2781
2782 EXPECT_THAT(response2.result_error(), IsOk());
2783 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
2784 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
2785 EXPECT_THAT(
2786 response2.request()->GetEndpointResults(),
2787 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2788 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
2789
2790 EXPECT_EQ("just.testing", proc_->GetCaptureList()[0].hostname);
2791 EXPECT_EQ(1u, proc_->GetCaptureList().size()); // No increase.
2792 }
2793
TEST_F(HostResolverManagerTest,AvoidMulticastResolutionParameter)2794 TEST_F(HostResolverManagerTest, AvoidMulticastResolutionParameter) {
2795 proc_->AddRuleForAllFamilies("avoid.multicast.test", "123.123.123.123",
2796 HOST_RESOLVER_AVOID_MULTICAST);
2797 proc_->SignalMultiple(2u);
2798
2799 HostResolver::ResolveHostParameters parameters;
2800 parameters.avoid_multicast_resolution = true;
2801 ResolveHostResponseHelper response(resolver_->CreateRequest(
2802 HostPortPair("avoid.multicast.test", 80), NetworkAnonymizationKey(),
2803 NetLogWithSource(), parameters, resolve_context_.get()));
2804 ResolveHostResponseHelper response_no_flag(resolver_->CreateRequest(
2805 HostPortPair("avoid.multicast.test", 80), NetworkAnonymizationKey(),
2806 NetLogWithSource(), std::nullopt, resolve_context_.get()));
2807
2808 EXPECT_THAT(response.result_error(), IsOk());
2809 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
2810 testing::ElementsAre(CreateExpected("123.123.123.123", 80)));
2811 EXPECT_THAT(
2812 response.request()->GetEndpointResults(),
2813 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
2814 testing::ElementsAre(CreateExpected("123.123.123.123", 80))))));
2815
2816 EXPECT_THAT(response_no_flag.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
2817 }
2818
2819 #if BUILDFLAG(ENABLE_MDNS)
2820 const uint8_t kMdnsResponseA[] = {
2821 // Header
2822 0x00, 0x00, // ID is zeroed out
2823 0x81, 0x80, // Standard query response, RA, no error
2824 0x00, 0x00, // No questions (for simplicity)
2825 0x00, 0x01, // 1 RR (answers)
2826 0x00, 0x00, // 0 authority RRs
2827 0x00, 0x00, // 0 additional RRs
2828
2829 // "myhello.local."
2830 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
2831 0x00,
2832
2833 0x00, 0x01, // TYPE is A.
2834 0x00, 0x01, // CLASS is IN.
2835 0x00, 0x00, 0x00, 0x10, // TTL is 16 (seconds)
2836 0x00, 0x04, // RDLENGTH is 4 bytes.
2837 0x01, 0x02, 0x03, 0x04, // 1.2.3.4
2838 };
2839
2840 const uint8_t kMdnsResponseA2[] = {
2841 // Header
2842 0x00, 0x00, // ID is zeroed out
2843 0x81, 0x80, // Standard query response, RA, no error
2844 0x00, 0x00, // No questions (for simplicity)
2845 0x00, 0x01, // 1 RR (answers)
2846 0x00, 0x00, // 0 authority RRs
2847 0x00, 0x00, // 0 additional RRs
2848
2849 // "myhello.local."
2850 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
2851 0x00,
2852
2853 0x00, 0x01, // TYPE is A.
2854 0x00, 0x01, // CLASS is IN.
2855 0x00, 0x00, 0x00, 0x10, // TTL is 16 (seconds)
2856 0x00, 0x04, // RDLENGTH is 4 bytes.
2857 0x05, 0x06, 0x07, 0x08, // 5.6.7.8
2858 };
2859
2860 const uint8_t kMdnsResponseA2Goodbye[] = {
2861 // Header
2862 0x00, 0x00, // ID is zeroed out
2863 0x81, 0x80, // Standard query response, RA, no error
2864 0x00, 0x00, // No questions (for simplicity)
2865 0x00, 0x01, // 1 RR (answers)
2866 0x00, 0x00, // 0 authority RRs
2867 0x00, 0x00, // 0 additional RRs
2868
2869 // "myhello.local."
2870 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
2871 0x00,
2872
2873 0x00, 0x01, // TYPE is A.
2874 0x00, 0x01, // CLASS is IN.
2875 0x00, 0x00, 0x00, 0x00, // TTL is 0 (signaling "goodbye" removal of result)
2876 0x00, 0x04, // RDLENGTH is 4 bytes.
2877 0x05, 0x06, 0x07, 0x08, // 5.6.7.8
2878 };
2879
2880 const uint8_t kMdnsResponseAAAA[] = {
2881 // Header
2882 0x00, 0x00, // ID is zeroed out
2883 0x81, 0x80, // Standard query response, RA, no error
2884 0x00, 0x00, // No questions (for simplicity)
2885 0x00, 0x01, // 1 RR (answers)
2886 0x00, 0x00, // 0 authority RRs
2887 0x00, 0x00, // 0 additional RRs
2888
2889 // "myhello.local."
2890 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
2891 0x00,
2892
2893 0x00, 0x1C, // TYPE is AAAA.
2894 0x00, 0x01, // CLASS is IN.
2895 0x00, 0x00, 0x00, 0x10, // TTL is 16 (seconds)
2896 0x00, 0x10, // RDLENGTH is 16 bytes.
2897
2898 // 000a:0000:0000:0000:0001:0002:0003:0004
2899 0x00, 0x0A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x02,
2900 0x00, 0x03, 0x00, 0x04};
2901
2902 // An MDNS response indicating that the responder owns the hostname, but the
2903 // specific requested type (AAAA) does not exist because the responder only has
2904 // A addresses.
2905 const uint8_t kMdnsResponseNsec[] = {
2906 // Header
2907 0x00, 0x00, // ID is zeroed out
2908 0x81, 0x80, // Standard query response, RA, no error
2909 0x00, 0x00, // No questions (for simplicity)
2910 0x00, 0x01, // 1 RR (answers)
2911 0x00, 0x00, // 0 authority RRs
2912 0x00, 0x00, // 0 additional RRs
2913
2914 // "myhello.local."
2915 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
2916 0x00,
2917
2918 0x00, 0x2f, // TYPE is NSEC.
2919 0x00, 0x01, // CLASS is IN.
2920 0x00, 0x00, 0x00, 0x10, // TTL is 16 (seconds)
2921 0x00, 0x06, // RDLENGTH is 6 bytes.
2922 0xc0, 0x0c, // Next Domain Name (always pointer back to name in MDNS)
2923 0x00, // Bitmap block number (always 0 in MDNS)
2924 0x02, // Bitmap length is 2
2925 0x00, 0x08 // A type only
2926 };
2927
2928 const uint8_t kMdnsResponseTxt[] = {
2929 // Header
2930 0x00, 0x00, // ID is zeroed out
2931 0x81, 0x80, // Standard query response, RA, no error
2932 0x00, 0x00, // No questions (for simplicity)
2933 0x00, 0x01, // 1 RR (answers)
2934 0x00, 0x00, // 0 authority RRs
2935 0x00, 0x00, // 0 additional RRs
2936
2937 // "myhello.local."
2938 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
2939 0x00,
2940
2941 0x00, 0x10, // TYPE is TXT.
2942 0x00, 0x01, // CLASS is IN.
2943 0x00, 0x00, 0x00, 0x11, // TTL is 17 (seconds)
2944 0x00, 0x08, // RDLENGTH is 8 bytes.
2945
2946 // "foo"
2947 0x03, 0x66, 0x6f, 0x6f,
2948 // "bar"
2949 0x03, 0x62, 0x61, 0x72};
2950
2951 const uint8_t kMdnsResponsePtr[] = {
2952 // Header
2953 0x00, 0x00, // ID is zeroed out
2954 0x81, 0x80, // Standard query response, RA, no error
2955 0x00, 0x00, // No questions (for simplicity)
2956 0x00, 0x01, // 1 RR (answers)
2957 0x00, 0x00, // 0 authority RRs
2958 0x00, 0x00, // 0 additional RRs
2959
2960 // "myhello.local."
2961 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
2962 0x00,
2963
2964 0x00, 0x0c, // TYPE is PTR.
2965 0x00, 0x01, // CLASS is IN.
2966 0x00, 0x00, 0x00, 0x12, // TTL is 18 (seconds)
2967 0x00, 0x09, // RDLENGTH is 9 bytes.
2968
2969 // "foo.com."
2970 0x03, 'f', 'o', 'o', 0x03, 'c', 'o', 'm', 0x00};
2971
2972 const uint8_t kMdnsResponsePtrRoot[] = {
2973 // Header
2974 0x00, 0x00, // ID is zeroed out
2975 0x81, 0x80, // Standard query response, RA, no error
2976 0x00, 0x00, // No questions (for simplicity)
2977 0x00, 0x01, // 1 RR (answers)
2978 0x00, 0x00, // 0 authority RRs
2979 0x00, 0x00, // 0 additional RRs
2980
2981 // "myhello.local."
2982 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
2983 0x00,
2984
2985 0x00, 0x0c, // TYPE is PTR.
2986 0x00, 0x01, // CLASS is IN.
2987 0x00, 0x00, 0x00, 0x13, // TTL is 19 (seconds)
2988 0x00, 0x01, // RDLENGTH is 1 byte.
2989
2990 // "." (the root domain)
2991 0x00};
2992
2993 const uint8_t kMdnsResponseSrv[] = {
2994 // Header
2995 0x00, 0x00, // ID is zeroed out
2996 0x81, 0x80, // Standard query response, RA, no error
2997 0x00, 0x00, // No questions (for simplicity)
2998 0x00, 0x01, // 1 RR (answers)
2999 0x00, 0x00, // 0 authority RRs
3000 0x00, 0x00, // 0 additional RRs
3001
3002 // "myhello.local."
3003 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3004 0x00,
3005
3006 0x00, 0x21, // TYPE is SRV.
3007 0x00, 0x01, // CLASS is IN.
3008 0x00, 0x00, 0x00, 0x13, // TTL is 19 (seconds)
3009 0x00, 0x0f, // RDLENGTH is 15 bytes.
3010
3011 0x00, 0x05, // Priority 5
3012 0x00, 0x01, // Weight 1
3013 0x20, 0x49, // Port 8265
3014
3015 // "foo.com."
3016 0x03, 'f', 'o', 'o', 0x03, 'c', 'o', 'm', 0x00};
3017
3018 const uint8_t kMdnsResponseSrvUnrestricted[] = {
3019 // Header
3020 0x00, 0x00, // ID is zeroed out
3021 0x81, 0x80, // Standard query response, RA, no error
3022 0x00, 0x00, // No questions (for simplicity)
3023 0x00, 0x01, // 1 RR (answers)
3024 0x00, 0x00, // 0 authority RRs
3025 0x00, 0x00, // 0 additional RRs
3026
3027 // "foo bar(A1B2)._ipps._tcp.local"
3028 0x0d, 'f', 'o', 'o', ' ', 'b', 'a', 'r', '(', 'A', '1', 'B', '2', ')', 0x05,
3029 '_', 'i', 'p', 'p', 's', 0x04, '_', 't', 'c', 'p', 0x05, 'l', 'o', 'c', 'a',
3030 'l', 0x00,
3031
3032 0x00, 0x21, // TYPE is SRV.
3033 0x00, 0x01, // CLASS is IN.
3034 0x00, 0x00, 0x00, 0x13, // TTL is 19 (seconds)
3035 0x00, 0x0f, // RDLENGTH is 15 bytes.
3036
3037 0x00, 0x05, // Priority 5
3038 0x00, 0x01, // Weight 1
3039 0x20, 0x49, // Port 8265
3040
3041 // "foo.com."
3042 0x03, 'f', 'o', 'o', 0x03, 'c', 'o', 'm', 0x00};
3043
3044 const uint8_t kMdnsResponseSrvUnrestrictedResult[] = {
3045 // Header
3046 0x00, 0x00, // ID is zeroed out
3047 0x81, 0x80, // Standard query response, RA, no error
3048 0x00, 0x00, // No questions (for simplicity)
3049 0x00, 0x01, // 1 RR (answers)
3050 0x00, 0x00, // 0 authority RRs
3051 0x00, 0x00, // 0 additional RRs
3052
3053 // "myhello.local."
3054 0x07, 'm', 'y', 'h', 'e', 'l', 'l', 'o', 0x05, 'l', 'o', 'c', 'a', 'l',
3055 0x00,
3056
3057 0x00, 0x21, // TYPE is SRV.
3058 0x00, 0x01, // CLASS is IN.
3059 0x00, 0x00, 0x00, 0x13, // TTL is 19 (seconds)
3060 0x00, 0x15, // RDLENGTH is 21 bytes.
3061
3062 0x00, 0x05, // Priority 5
3063 0x00, 0x01, // Weight 1
3064 0x20, 0x49, // Port 8265
3065
3066 // "foo bar.local"
3067 0x07, 'f', 'o', 'o', ' ', 'b', 'a', 'r', 0x05, 'l', 'o', 'c', 'a', 'l',
3068 0x00};
3069
TEST_F(HostResolverManagerTest,Mdns)3070 TEST_F(HostResolverManagerTest, Mdns) {
3071 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3072 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3073 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3074 // 2 socket creations for every transaction.
3075 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(4);
3076
3077 HostResolver::ResolveHostParameters parameters;
3078 parameters.source = HostResolverSource::MULTICAST_DNS;
3079
3080 ResolveHostResponseHelper response(resolver_->CreateRequest(
3081 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3082 NetLogWithSource(), parameters, resolve_context_.get()));
3083
3084 socket_factory_ptr->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3085 socket_factory_ptr->SimulateReceive(kMdnsResponseAAAA,
3086 sizeof(kMdnsResponseAAAA));
3087
3088 EXPECT_THAT(response.result_error(), IsOk());
3089 EXPECT_THAT(
3090 response.request()->GetAddressResults()->endpoints(),
3091 testing::UnorderedElementsAre(
3092 CreateExpected("1.2.3.4", 80),
3093 CreateExpected("000a:0000:0000:0000:0001:0002:0003:0004", 80)));
3094 EXPECT_THAT(
3095 response.request()->GetEndpointResults(),
3096 testing::Pointee(testing::UnorderedElementsAre(
3097 ExpectEndpointResult(testing::UnorderedElementsAre(
3098 CreateExpected("000a:0000:0000:0000:0001:0002:0003:0004", 80),
3099 CreateExpected("1.2.3.4", 80))))));
3100 EXPECT_THAT(response.request()->GetTextResults(),
3101 AnyOf(nullptr, Pointee(IsEmpty())));
3102 EXPECT_THAT(response.request()->GetHostnameResults(),
3103 AnyOf(nullptr, Pointee(IsEmpty())));
3104 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3105 AnyOf(nullptr, Pointee(IsEmpty())));
3106 }
3107
TEST_F(HostResolverManagerTest,Mdns_AaaaOnly)3108 TEST_F(HostResolverManagerTest, Mdns_AaaaOnly) {
3109 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3110 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3111 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3112 // 2 socket creations for every transaction.
3113 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3114
3115 HostResolver::ResolveHostParameters parameters;
3116 parameters.dns_query_type = DnsQueryType::AAAA;
3117 parameters.source = HostResolverSource::MULTICAST_DNS;
3118
3119 ResolveHostResponseHelper response(resolver_->CreateRequest(
3120 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3121 NetLogWithSource(), parameters, resolve_context_.get()));
3122
3123 socket_factory_ptr->SimulateReceive(kMdnsResponseAAAA,
3124 sizeof(kMdnsResponseAAAA));
3125
3126 EXPECT_THAT(response.result_error(), IsOk());
3127 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3128 testing::ElementsAre(CreateExpected(
3129 "000a:0000:0000:0000:0001:0002:0003:0004", 80)));
3130 EXPECT_THAT(response.request()->GetEndpointResults(),
3131 testing::Pointee(testing::UnorderedElementsAre(
3132 ExpectEndpointResult(testing::ElementsAre(CreateExpected(
3133 "000a:0000:0000:0000:0001:0002:0003:0004", 80))))));
3134 }
3135
TEST_F(HostResolverManagerTest,Mdns_Txt)3136 TEST_F(HostResolverManagerTest, Mdns_Txt) {
3137 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3138 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3139 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3140 // 2 socket creations for every transaction.
3141 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3142
3143 HostResolver::ResolveHostParameters parameters;
3144 parameters.dns_query_type = DnsQueryType::TXT;
3145 parameters.source = HostResolverSource::MULTICAST_DNS;
3146
3147 ResolveHostResponseHelper response(resolver_->CreateRequest(
3148 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3149 NetLogWithSource(), parameters, resolve_context_.get()));
3150
3151 socket_factory_ptr->SimulateReceive(kMdnsResponseTxt,
3152 sizeof(kMdnsResponseTxt));
3153
3154 EXPECT_THAT(response.result_error(), IsOk());
3155 EXPECT_THAT(response.request()->GetAddressResults(),
3156 AnyOf(nullptr, Pointee(IsEmpty())));
3157 EXPECT_THAT(response.request()->GetEndpointResults(),
3158 AnyOf(nullptr, Pointee(IsEmpty())));
3159 EXPECT_THAT(response.request()->GetTextResults(),
3160 testing::Pointee(testing::ElementsAre("foo", "bar")));
3161 EXPECT_THAT(response.request()->GetHostnameResults(),
3162 AnyOf(nullptr, Pointee(IsEmpty())));
3163 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3164 AnyOf(nullptr, Pointee(IsEmpty())));
3165 }
3166
TEST_F(HostResolverManagerTest,Mdns_Ptr)3167 TEST_F(HostResolverManagerTest, Mdns_Ptr) {
3168 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3169 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3170 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3171 // 2 socket creations for every transaction.
3172 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3173
3174 HostResolver::ResolveHostParameters parameters;
3175 parameters.dns_query_type = DnsQueryType::PTR;
3176 parameters.source = HostResolverSource::MULTICAST_DNS;
3177
3178 ResolveHostResponseHelper response(resolver_->CreateRequest(
3179 HostPortPair("myhello.local", 83), NetworkAnonymizationKey(),
3180 NetLogWithSource(), parameters, resolve_context_.get()));
3181
3182 socket_factory_ptr->SimulateReceive(kMdnsResponsePtr,
3183 sizeof(kMdnsResponsePtr));
3184
3185 EXPECT_THAT(response.result_error(), IsOk());
3186 EXPECT_THAT(response.request()->GetAddressResults(),
3187 AnyOf(nullptr, Pointee(IsEmpty())));
3188 EXPECT_THAT(response.request()->GetEndpointResults(),
3189 AnyOf(nullptr, Pointee(IsEmpty())));
3190 EXPECT_THAT(response.request()->GetTextResults(),
3191 AnyOf(nullptr, Pointee(IsEmpty())));
3192 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3193 AnyOf(nullptr, Pointee(IsEmpty())));
3194 EXPECT_THAT(
3195 response.request()->GetHostnameResults(),
3196 testing::Pointee(testing::ElementsAre(HostPortPair("foo.com", 83))));
3197 }
3198
TEST_F(HostResolverManagerTest,Mdns_Srv)3199 TEST_F(HostResolverManagerTest, Mdns_Srv) {
3200 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3201 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3202 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3203 // 2 socket creations for every transaction.
3204 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3205
3206 HostResolver::ResolveHostParameters parameters;
3207 parameters.dns_query_type = DnsQueryType::SRV;
3208 parameters.source = HostResolverSource::MULTICAST_DNS;
3209
3210 ResolveHostResponseHelper response(resolver_->CreateRequest(
3211 HostPortPair("myhello.local", 83), NetworkAnonymizationKey(),
3212 NetLogWithSource(), parameters, resolve_context_.get()));
3213
3214 socket_factory_ptr->SimulateReceive(kMdnsResponseSrv,
3215 sizeof(kMdnsResponseSrv));
3216
3217 EXPECT_THAT(response.result_error(), IsOk());
3218 EXPECT_THAT(response.request()->GetAddressResults(),
3219 AnyOf(nullptr, Pointee(IsEmpty())));
3220 EXPECT_THAT(response.request()->GetEndpointResults(),
3221 AnyOf(nullptr, Pointee(IsEmpty())));
3222 EXPECT_THAT(response.request()->GetTextResults(),
3223 AnyOf(nullptr, Pointee(IsEmpty())));
3224 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3225 AnyOf(nullptr, Pointee(IsEmpty())));
3226 EXPECT_THAT(
3227 response.request()->GetHostnameResults(),
3228 testing::Pointee(testing::ElementsAre(HostPortPair("foo.com", 8265))));
3229 }
3230
3231 // Test that we are able to create multicast DNS requests that contain
3232 // characters not permitted in the DNS spec such as spaces and parenthesis.
TEST_F(HostResolverManagerTest,Mdns_Srv_Unrestricted)3233 TEST_F(HostResolverManagerTest, Mdns_Srv_Unrestricted) {
3234 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3235 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3236 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3237
3238 HostResolver::ResolveHostParameters parameters;
3239 parameters.dns_query_type = DnsQueryType::SRV;
3240 parameters.source = HostResolverSource::MULTICAST_DNS;
3241
3242 ResolveHostResponseHelper response(resolver_->CreateRequest(
3243 HostPortPair("foo bar(A1B2)._ipps._tcp.local", 83),
3244 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
3245 resolve_context_.get()));
3246
3247 socket_factory_ptr->SimulateReceive(kMdnsResponseSrvUnrestricted,
3248 sizeof(kMdnsResponseSrvUnrestricted));
3249
3250 EXPECT_THAT(response.result_error(), IsOk());
3251 EXPECT_THAT(response.request()->GetAddressResults(),
3252 AnyOf(nullptr, Pointee(IsEmpty())));
3253 EXPECT_THAT(response.request()->GetEndpointResults(),
3254 AnyOf(nullptr, Pointee(IsEmpty())));
3255 EXPECT_THAT(response.request()->GetTextResults(),
3256 AnyOf(nullptr, Pointee(IsEmpty())));
3257 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3258 AnyOf(nullptr, Pointee(IsEmpty())));
3259 EXPECT_THAT(
3260 response.request()->GetHostnameResults(),
3261 testing::Pointee(testing::ElementsAre(HostPortPair("foo.com", 8265))));
3262 }
3263
3264 // Test that we are able to create multicast DNS requests that contain
3265 // characters not permitted in the DNS spec such as spaces and parenthesis.
TEST_F(HostResolverManagerTest,Mdns_Srv_Result_Unrestricted)3266 TEST_F(HostResolverManagerTest, Mdns_Srv_Result_Unrestricted) {
3267 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3268 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3269 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3270
3271 HostResolver::ResolveHostParameters parameters;
3272 parameters.dns_query_type = DnsQueryType::SRV;
3273 parameters.source = HostResolverSource::MULTICAST_DNS;
3274
3275 ResolveHostResponseHelper response(resolver_->CreateRequest(
3276 HostPortPair("myhello.local", 83), NetworkAnonymizationKey(),
3277 NetLogWithSource(), parameters, resolve_context_.get()));
3278
3279 socket_factory_ptr->SimulateReceive(
3280 kMdnsResponseSrvUnrestrictedResult,
3281 sizeof(kMdnsResponseSrvUnrestrictedResult));
3282
3283 EXPECT_THAT(response.result_error(), IsOk());
3284 EXPECT_THAT(response.request()->GetAddressResults(),
3285 AnyOf(nullptr, Pointee(IsEmpty())));
3286 EXPECT_THAT(response.request()->GetEndpointResults(),
3287 AnyOf(nullptr, Pointee(IsEmpty())));
3288 EXPECT_THAT(response.request()->GetTextResults(),
3289 AnyOf(nullptr, Pointee(IsEmpty())));
3290 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3291 AnyOf(nullptr, Pointee(IsEmpty())));
3292 EXPECT_THAT(response.request()->GetHostnameResults(),
3293 testing::Pointee(
3294 testing::ElementsAre(HostPortPair("foo bar.local", 8265))));
3295 }
3296
3297 // Test multicast DNS handling of NSEC responses (used for explicit negative
3298 // response).
TEST_F(HostResolverManagerTest,Mdns_Nsec)3299 TEST_F(HostResolverManagerTest, Mdns_Nsec) {
3300 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3301 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3302 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3303 // 2 socket creations for every transaction.
3304 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3305
3306 HostResolver::ResolveHostParameters parameters;
3307 parameters.dns_query_type = DnsQueryType::AAAA;
3308 parameters.source = HostResolverSource::MULTICAST_DNS;
3309
3310 ResolveHostResponseHelper response(resolver_->CreateRequest(
3311 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3312 NetLogWithSource(), parameters, resolve_context_.get()));
3313
3314 socket_factory_ptr->SimulateReceive(kMdnsResponseNsec,
3315 sizeof(kMdnsResponseNsec));
3316
3317 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3318 EXPECT_THAT(response.request()->GetAddressResults(),
3319 AnyOf(nullptr, Pointee(IsEmpty())));
3320 EXPECT_THAT(response.request()->GetEndpointResults(),
3321 AnyOf(nullptr, Pointee(IsEmpty())));
3322 }
3323
TEST_F(HostResolverManagerTest,Mdns_NoResponse)3324 TEST_F(HostResolverManagerTest, Mdns_NoResponse) {
3325 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3326 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3327 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3328 // 2 socket creations for every transaction.
3329 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(4);
3330
3331 // Add a little bit of extra fudge to the delay to allow reasonable
3332 // flexibility for time > vs >= etc. We don't need to fail the test if we
3333 // timeout at t=6001 instead of t=6000.
3334 base::TimeDelta kSleepFudgeFactor = base::Milliseconds(1);
3335
3336 // Override the current thread task runner, so we can simulate the passage of
3337 // time to trigger the timeout.
3338 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
3339 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
3340 task_runner_current_default_handle_override(test_task_runner);
3341
3342 HostResolver::ResolveHostParameters parameters;
3343 parameters.source = HostResolverSource::MULTICAST_DNS;
3344
3345 ResolveHostResponseHelper response(resolver_->CreateRequest(
3346 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3347 NetLogWithSource(), parameters, resolve_context_.get()));
3348
3349 ASSERT_TRUE(test_task_runner->HasPendingTask());
3350 test_task_runner->FastForwardBy(MDnsTransaction::kTransactionTimeout +
3351 kSleepFudgeFactor);
3352
3353 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3354 EXPECT_THAT(response.request()->GetAddressResults(),
3355 AnyOf(nullptr, Pointee(IsEmpty())));
3356 EXPECT_THAT(response.request()->GetEndpointResults(),
3357 AnyOf(nullptr, Pointee(IsEmpty())));
3358 EXPECT_THAT(response.request()->GetTextResults(),
3359 AnyOf(nullptr, Pointee(IsEmpty())));
3360 EXPECT_THAT(response.request()->GetHostnameResults(),
3361 AnyOf(nullptr, Pointee(IsEmpty())));
3362 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3363 AnyOf(nullptr, Pointee(IsEmpty())));
3364
3365 test_task_runner->FastForwardUntilNoTasksRemain();
3366 }
3367
TEST_F(HostResolverManagerTest,Mdns_WrongType)3368 TEST_F(HostResolverManagerTest, Mdns_WrongType) {
3369 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3370 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3371 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3372 // 2 socket creations for every transaction.
3373 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
3374
3375 // Add a little bit of extra fudge to the delay to allow reasonable
3376 // flexibility for time > vs >= etc. We don't need to fail the test if we
3377 // timeout at t=6001 instead of t=6000.
3378 base::TimeDelta kSleepFudgeFactor = base::Milliseconds(1);
3379
3380 // Override the current thread task runner, so we can simulate the passage of
3381 // time to trigger the timeout.
3382 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
3383 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
3384 task_runner_current_default_handle_override(test_task_runner);
3385
3386 HostResolver::ResolveHostParameters parameters;
3387 parameters.dns_query_type = DnsQueryType::A;
3388 parameters.source = HostResolverSource::MULTICAST_DNS;
3389
3390 ResolveHostResponseHelper response(resolver_->CreateRequest(
3391 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3392 NetLogWithSource(), parameters, resolve_context_.get()));
3393
3394 // Not the requested type. Should be ignored.
3395 socket_factory_ptr->SimulateReceive(kMdnsResponseTxt,
3396 sizeof(kMdnsResponseTxt));
3397
3398 ASSERT_TRUE(test_task_runner->HasPendingTask());
3399 test_task_runner->FastForwardBy(MDnsTransaction::kTransactionTimeout +
3400 kSleepFudgeFactor);
3401
3402 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
3403 EXPECT_THAT(response.request()->GetAddressResults(),
3404 AnyOf(nullptr, Pointee(IsEmpty())));
3405 EXPECT_THAT(response.request()->GetEndpointResults(),
3406 AnyOf(nullptr, Pointee(IsEmpty())));
3407 EXPECT_THAT(response.request()->GetTextResults(),
3408 AnyOf(nullptr, Pointee(IsEmpty())));
3409 EXPECT_THAT(response.request()->GetHostnameResults(),
3410 AnyOf(nullptr, Pointee(IsEmpty())));
3411 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
3412 AnyOf(nullptr, Pointee(IsEmpty())));
3413
3414 test_task_runner->FastForwardUntilNoTasksRemain();
3415 }
3416
3417 // Test for a request for both A and AAAA results where results only exist for
3418 // one type.
TEST_F(HostResolverManagerTest,Mdns_PartialResults)3419 TEST_F(HostResolverManagerTest, Mdns_PartialResults) {
3420 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3421 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3422 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3423 // 2 socket creations for every transaction.
3424 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(4);
3425
3426 // Add a little bit of extra fudge to the delay to allow reasonable
3427 // flexibility for time > vs >= etc. We don't need to fail the test if we
3428 // timeout at t=6001 instead of t=6000.
3429 base::TimeDelta kSleepFudgeFactor = base::Milliseconds(1);
3430
3431 // Override the current thread task runner, so we can simulate the passage of
3432 // time to trigger the timeout.
3433 auto test_task_runner = base::MakeRefCounted<base::TestMockTimeTaskRunner>();
3434 base::SingleThreadTaskRunner::CurrentHandleOverrideForTesting
3435 task_runner_current_default_handle_override(test_task_runner);
3436
3437 HostResolver::ResolveHostParameters parameters;
3438 parameters.source = HostResolverSource::MULTICAST_DNS;
3439
3440 ResolveHostResponseHelper response(resolver_->CreateRequest(
3441 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3442 NetLogWithSource(), parameters, resolve_context_.get()));
3443
3444 ASSERT_TRUE(test_task_runner->HasPendingTask());
3445
3446 socket_factory_ptr->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3447 test_task_runner->FastForwardBy(MDnsTransaction::kTransactionTimeout +
3448 kSleepFudgeFactor);
3449
3450 EXPECT_THAT(response.result_error(), IsOk());
3451 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
3452 testing::ElementsAre(CreateExpected("1.2.3.4", 80)));
3453 EXPECT_THAT(
3454 response.request()->GetEndpointResults(),
3455 testing::Pointee(testing::UnorderedElementsAre(ExpectEndpointResult(
3456 testing::ElementsAre(CreateExpected("1.2.3.4", 80))))));
3457
3458 test_task_runner->FastForwardUntilNoTasksRemain();
3459 }
3460
TEST_F(HostResolverManagerTest,Mdns_Cancel)3461 TEST_F(HostResolverManagerTest, Mdns_Cancel) {
3462 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3463 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3464 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3465 // 2 socket creations for every transaction.
3466 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(4);
3467
3468 HostResolver::ResolveHostParameters parameters;
3469 parameters.source = HostResolverSource::MULTICAST_DNS;
3470
3471 ResolveHostResponseHelper response(resolver_->CreateRequest(
3472 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3473 NetLogWithSource(), parameters, resolve_context_.get()));
3474
3475 response.CancelRequest();
3476
3477 socket_factory_ptr->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3478 socket_factory_ptr->SimulateReceive(kMdnsResponseAAAA,
3479 sizeof(kMdnsResponseAAAA));
3480
3481 base::RunLoop().RunUntilIdle();
3482 EXPECT_FALSE(response.complete());
3483 }
3484
3485 // Test for a two-transaction query where the first fails to start. The second
3486 // should be cancelled.
TEST_F(HostResolverManagerTest,Mdns_PartialFailure)3487 TEST_F(HostResolverManagerTest, Mdns_PartialFailure) {
3488 // Setup a mock MDnsClient where the first transaction will always return
3489 // |false| immediately on Start(). Second transaction may or may not be
3490 // created, but if it is, Start() not expected to be called because the
3491 // overall request should immediately fail.
3492 auto transaction1 = std::make_unique<MockMDnsTransaction>();
3493 EXPECT_CALL(*transaction1, Start()).WillOnce(Return(false));
3494 auto transaction2 = std::make_unique<MockMDnsTransaction>();
3495 EXPECT_CALL(*transaction2, Start()).Times(0);
3496
3497 auto client = std::make_unique<MockMDnsClient>();
3498 EXPECT_CALL(*client, CreateTransaction(_, _, _, _))
3499 .Times(Between(1, 2)) // Second transaction optionally created.
3500 .WillOnce(Return(ByMove(std::move(transaction1))))
3501 .WillOnce(Return(ByMove(std::move(transaction2))));
3502 EXPECT_CALL(*client, IsListening()).WillRepeatedly(Return(true));
3503 resolver_->SetMdnsClientForTesting(std::move(client));
3504
3505 HostResolver::ResolveHostParameters parameters;
3506 parameters.source = HostResolverSource::MULTICAST_DNS;
3507
3508 ResolveHostResponseHelper response(resolver_->CreateRequest(
3509 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3510 NetLogWithSource(), parameters, resolve_context_.get()));
3511
3512 EXPECT_THAT(response.result_error(), IsError(ERR_FAILED));
3513 EXPECT_THAT(response.request()->GetAddressResults(),
3514 AnyOf(nullptr, Pointee(IsEmpty())));
3515 EXPECT_THAT(response.request()->GetEndpointResults(),
3516 AnyOf(nullptr, Pointee(IsEmpty())));
3517 }
3518
TEST_F(HostResolverManagerTest,Mdns_ListenFailure)3519 TEST_F(HostResolverManagerTest, Mdns_ListenFailure) {
3520 // Inject an MdnsClient mock that will always fail to start listening.
3521 auto client = std::make_unique<MockMDnsClient>();
3522 EXPECT_CALL(*client, StartListening(_)).WillOnce(Return(ERR_FAILED));
3523 EXPECT_CALL(*client, IsListening()).WillRepeatedly(Return(false));
3524 resolver_->SetMdnsClientForTesting(std::move(client));
3525
3526 HostResolver::ResolveHostParameters parameters;
3527 parameters.source = HostResolverSource::MULTICAST_DNS;
3528
3529 ResolveHostResponseHelper response(resolver_->CreateRequest(
3530 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
3531 NetLogWithSource(), parameters, resolve_context_.get()));
3532
3533 EXPECT_THAT(response.result_error(), IsError(ERR_FAILED));
3534 EXPECT_THAT(response.request()->GetAddressResults(),
3535 AnyOf(nullptr, Pointee(IsEmpty())));
3536 EXPECT_THAT(response.request()->GetEndpointResults(),
3537 AnyOf(nullptr, Pointee(IsEmpty())));
3538 }
3539
3540 // Implementation of HostResolver::MdnsListenerDelegate that records all
3541 // received results in maps.
3542 class TestMdnsListenerDelegate : public HostResolver::MdnsListener::Delegate {
3543 public:
3544 using UpdateKey = std::pair<MdnsListenerUpdateType, DnsQueryType>;
3545
OnAddressResult(MdnsListenerUpdateType update_type,DnsQueryType result_type,IPEndPoint address)3546 void OnAddressResult(MdnsListenerUpdateType update_type,
3547 DnsQueryType result_type,
3548 IPEndPoint address) override {
3549 address_results_.insert({{update_type, result_type}, address});
3550 }
3551
OnTextResult(MdnsListenerUpdateType update_type,DnsQueryType result_type,std::vector<std::string> text_records)3552 void OnTextResult(MdnsListenerUpdateType update_type,
3553 DnsQueryType result_type,
3554 std::vector<std::string> text_records) override {
3555 for (auto& text_record : text_records) {
3556 text_results_.insert(
3557 {{update_type, result_type}, std::move(text_record)});
3558 }
3559 }
3560
OnHostnameResult(MdnsListenerUpdateType update_type,DnsQueryType result_type,HostPortPair host)3561 void OnHostnameResult(MdnsListenerUpdateType update_type,
3562 DnsQueryType result_type,
3563 HostPortPair host) override {
3564 hostname_results_.insert({{update_type, result_type}, std::move(host)});
3565 }
3566
OnUnhandledResult(MdnsListenerUpdateType update_type,DnsQueryType result_type)3567 void OnUnhandledResult(MdnsListenerUpdateType update_type,
3568 DnsQueryType result_type) override {
3569 unhandled_results_.insert({update_type, result_type});
3570 }
3571
address_results()3572 const std::multimap<UpdateKey, IPEndPoint>& address_results() {
3573 return address_results_;
3574 }
3575
text_results()3576 const std::multimap<UpdateKey, std::string>& text_results() {
3577 return text_results_;
3578 }
3579
hostname_results()3580 const std::multimap<UpdateKey, HostPortPair>& hostname_results() {
3581 return hostname_results_;
3582 }
3583
unhandled_results()3584 const std::multiset<UpdateKey>& unhandled_results() {
3585 return unhandled_results_;
3586 }
3587
3588 template <typename T>
CreateExpectedResult(MdnsListenerUpdateType update_type,DnsQueryType query_type,T result)3589 static std::pair<UpdateKey, T> CreateExpectedResult(
3590 MdnsListenerUpdateType update_type,
3591 DnsQueryType query_type,
3592 T result) {
3593 return std::pair(std::pair(update_type, query_type), result);
3594 }
3595
3596 private:
3597 std::multimap<UpdateKey, IPEndPoint> address_results_;
3598 std::multimap<UpdateKey, std::string> text_results_;
3599 std::multimap<UpdateKey, HostPortPair> hostname_results_;
3600 std::multiset<UpdateKey> unhandled_results_;
3601 };
3602
TEST_F(HostResolverManagerTest,MdnsListener)3603 TEST_F(HostResolverManagerTest, MdnsListener) {
3604 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3605 base::SimpleTestClock clock;
3606 clock.SetNow(base::Time::Now());
3607 auto cache_cleanup_timer = std::make_unique<base::MockOneShotTimer>();
3608 auto* cache_cleanup_timer_ptr = cache_cleanup_timer.get();
3609 auto mdns_client =
3610 std::make_unique<MDnsClientImpl>(&clock, std::move(cache_cleanup_timer));
3611 ASSERT_THAT(mdns_client->StartListening(socket_factory.get()), IsOk());
3612 resolver_->SetMdnsClientForTesting(std::move(mdns_client));
3613
3614 TestMdnsListenerDelegate delegate;
3615 std::unique_ptr<HostResolver::MdnsListener> listener =
3616 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 80),
3617 DnsQueryType::A);
3618
3619 ASSERT_THAT(listener->Start(&delegate), IsOk());
3620 ASSERT_THAT(delegate.address_results(), testing::IsEmpty());
3621
3622 socket_factory->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3623 socket_factory->SimulateReceive(kMdnsResponseA2, sizeof(kMdnsResponseA2));
3624 socket_factory->SimulateReceive(kMdnsResponseA2Goodbye,
3625 sizeof(kMdnsResponseA2Goodbye));
3626
3627 // Per RFC6762 section 10.1, removals take effect 1 second after receiving the
3628 // goodbye message.
3629 clock.Advance(base::Seconds(1));
3630 cache_cleanup_timer_ptr->Fire();
3631
3632 // Expect 1 record adding "1.2.3.4", another changing to "5.6.7.8", and a
3633 // final removing "5.6.7.8".
3634 EXPECT_THAT(delegate.address_results(),
3635 testing::ElementsAre(
3636 TestMdnsListenerDelegate::CreateExpectedResult(
3637 MdnsListenerUpdateType::kAdded, DnsQueryType::A,
3638 CreateExpected("1.2.3.4", 80)),
3639 TestMdnsListenerDelegate::CreateExpectedResult(
3640 MdnsListenerUpdateType::kChanged, DnsQueryType::A,
3641 CreateExpected("5.6.7.8", 80)),
3642 TestMdnsListenerDelegate::CreateExpectedResult(
3643 MdnsListenerUpdateType::kRemoved, DnsQueryType::A,
3644 CreateExpected("5.6.7.8", 80))));
3645
3646 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
3647 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
3648 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
3649 }
3650
TEST_F(HostResolverManagerTest,MdnsListener_StartListenFailure)3651 TEST_F(HostResolverManagerTest, MdnsListener_StartListenFailure) {
3652 // Inject an MdnsClient mock that will always fail to start listening.
3653 auto client = std::make_unique<MockMDnsClient>();
3654 EXPECT_CALL(*client, StartListening(_)).WillOnce(Return(ERR_TIMED_OUT));
3655 EXPECT_CALL(*client, IsListening()).WillRepeatedly(Return(false));
3656 resolver_->SetMdnsClientForTesting(std::move(client));
3657
3658 TestMdnsListenerDelegate delegate;
3659 std::unique_ptr<HostResolver::MdnsListener> listener =
3660 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 80),
3661 DnsQueryType::A);
3662
3663 EXPECT_THAT(listener->Start(&delegate), IsError(ERR_TIMED_OUT));
3664 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
3665 }
3666
3667 // Test that removal notifications are sent on natural expiration of MDNS
3668 // records.
TEST_F(HostResolverManagerTest,MdnsListener_Expiration)3669 TEST_F(HostResolverManagerTest, MdnsListener_Expiration) {
3670 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3671 base::SimpleTestClock clock;
3672 clock.SetNow(base::Time::Now());
3673 auto cache_cleanup_timer = std::make_unique<base::MockOneShotTimer>();
3674 auto* cache_cleanup_timer_ptr = cache_cleanup_timer.get();
3675 auto mdns_client =
3676 std::make_unique<MDnsClientImpl>(&clock, std::move(cache_cleanup_timer));
3677 ASSERT_THAT(mdns_client->StartListening(socket_factory.get()), IsOk());
3678 resolver_->SetMdnsClientForTesting(std::move(mdns_client));
3679
3680 TestMdnsListenerDelegate delegate;
3681 std::unique_ptr<HostResolver::MdnsListener> listener =
3682 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 100),
3683 DnsQueryType::A);
3684
3685 ASSERT_THAT(listener->Start(&delegate), IsOk());
3686 ASSERT_THAT(delegate.address_results(), testing::IsEmpty());
3687
3688 socket_factory->SimulateReceive(kMdnsResponseA, sizeof(kMdnsResponseA));
3689
3690 EXPECT_THAT(
3691 delegate.address_results(),
3692 testing::ElementsAre(TestMdnsListenerDelegate::CreateExpectedResult(
3693 MdnsListenerUpdateType::kAdded, DnsQueryType::A,
3694 CreateExpected("1.2.3.4", 100))));
3695
3696 clock.Advance(base::Seconds(16));
3697 cache_cleanup_timer_ptr->Fire();
3698
3699 EXPECT_THAT(delegate.address_results(),
3700 testing::ElementsAre(
3701 TestMdnsListenerDelegate::CreateExpectedResult(
3702 MdnsListenerUpdateType::kAdded, DnsQueryType::A,
3703 CreateExpected("1.2.3.4", 100)),
3704 TestMdnsListenerDelegate::CreateExpectedResult(
3705 MdnsListenerUpdateType::kRemoved, DnsQueryType::A,
3706 CreateExpected("1.2.3.4", 100))));
3707
3708 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
3709 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
3710 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
3711 }
3712
TEST_F(HostResolverManagerTest,MdnsListener_Txt)3713 TEST_F(HostResolverManagerTest, MdnsListener_Txt) {
3714 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3715 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3716 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3717
3718 TestMdnsListenerDelegate delegate;
3719 std::unique_ptr<HostResolver::MdnsListener> listener =
3720 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 12),
3721 DnsQueryType::TXT);
3722
3723 ASSERT_THAT(listener->Start(&delegate), IsOk());
3724 ASSERT_THAT(delegate.text_results(), testing::IsEmpty());
3725
3726 socket_factory_ptr->SimulateReceive(kMdnsResponseTxt,
3727 sizeof(kMdnsResponseTxt));
3728
3729 EXPECT_THAT(
3730 delegate.text_results(),
3731 testing::ElementsAre(
3732 TestMdnsListenerDelegate::CreateExpectedResult(
3733 MdnsListenerUpdateType::kAdded, DnsQueryType::TXT, "foo"),
3734 TestMdnsListenerDelegate::CreateExpectedResult(
3735 MdnsListenerUpdateType::kAdded, DnsQueryType::TXT, "bar")));
3736
3737 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
3738 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
3739 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
3740 }
3741
TEST_F(HostResolverManagerTest,MdnsListener_Ptr)3742 TEST_F(HostResolverManagerTest, MdnsListener_Ptr) {
3743 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3744 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3745 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3746
3747 TestMdnsListenerDelegate delegate;
3748 std::unique_ptr<HostResolver::MdnsListener> listener =
3749 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 13),
3750 DnsQueryType::PTR);
3751
3752 ASSERT_THAT(listener->Start(&delegate), IsOk());
3753 ASSERT_THAT(delegate.text_results(), testing::IsEmpty());
3754
3755 socket_factory_ptr->SimulateReceive(kMdnsResponsePtr,
3756 sizeof(kMdnsResponsePtr));
3757
3758 EXPECT_THAT(
3759 delegate.hostname_results(),
3760 testing::ElementsAre(TestMdnsListenerDelegate::CreateExpectedResult(
3761 MdnsListenerUpdateType::kAdded, DnsQueryType::PTR,
3762 HostPortPair("foo.com", 13))));
3763
3764 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
3765 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
3766 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
3767 }
3768
TEST_F(HostResolverManagerTest,MdnsListener_Srv)3769 TEST_F(HostResolverManagerTest, MdnsListener_Srv) {
3770 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3771 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3772 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3773
3774 TestMdnsListenerDelegate delegate;
3775 std::unique_ptr<HostResolver::MdnsListener> listener =
3776 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 14),
3777 DnsQueryType::SRV);
3778
3779 ASSERT_THAT(listener->Start(&delegate), IsOk());
3780 ASSERT_THAT(delegate.text_results(), testing::IsEmpty());
3781
3782 socket_factory_ptr->SimulateReceive(kMdnsResponseSrv,
3783 sizeof(kMdnsResponseSrv));
3784
3785 EXPECT_THAT(
3786 delegate.hostname_results(),
3787 testing::ElementsAre(TestMdnsListenerDelegate::CreateExpectedResult(
3788 MdnsListenerUpdateType::kAdded, DnsQueryType::SRV,
3789 HostPortPair("foo.com", 8265))));
3790
3791 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
3792 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
3793 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
3794 }
3795
3796 // Ensure query types we are not listening for do not affect MdnsListener.
TEST_F(HostResolverManagerTest,MdnsListener_NonListeningTypes)3797 TEST_F(HostResolverManagerTest, MdnsListener_NonListeningTypes) {
3798 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3799 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3800 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3801
3802 TestMdnsListenerDelegate delegate;
3803 std::unique_ptr<HostResolver::MdnsListener> listener =
3804 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 41),
3805 DnsQueryType::A);
3806
3807 ASSERT_THAT(listener->Start(&delegate), IsOk());
3808
3809 socket_factory_ptr->SimulateReceive(kMdnsResponseAAAA,
3810 sizeof(kMdnsResponseAAAA));
3811
3812 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
3813 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
3814 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
3815 EXPECT_THAT(delegate.unhandled_results(), testing::IsEmpty());
3816 }
3817
TEST_F(HostResolverManagerTest,MdnsListener_RootDomain)3818 TEST_F(HostResolverManagerTest, MdnsListener_RootDomain) {
3819 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
3820 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
3821 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
3822
3823 TestMdnsListenerDelegate delegate;
3824 std::unique_ptr<HostResolver::MdnsListener> listener =
3825 resolver_->CreateMdnsListener(HostPortPair("myhello.local", 5),
3826 DnsQueryType::PTR);
3827
3828 ASSERT_THAT(listener->Start(&delegate), IsOk());
3829
3830 socket_factory_ptr->SimulateReceive(kMdnsResponsePtrRoot,
3831 sizeof(kMdnsResponsePtrRoot));
3832
3833 EXPECT_THAT(delegate.unhandled_results(),
3834 testing::ElementsAre(std::pair(MdnsListenerUpdateType::kAdded,
3835 DnsQueryType::PTR)));
3836
3837 EXPECT_THAT(delegate.address_results(), testing::IsEmpty());
3838 EXPECT_THAT(delegate.text_results(), testing::IsEmpty());
3839 EXPECT_THAT(delegate.hostname_results(), testing::IsEmpty());
3840 }
3841 #endif // BUILDFLAG(ENABLE_MDNS)
3842
CreateUpgradableDnsConfig()3843 DnsConfig CreateUpgradableDnsConfig() {
3844 DnsConfig config;
3845 config.secure_dns_mode = SecureDnsMode::kAutomatic;
3846 config.allow_dns_over_https_upgrade = true;
3847
3848 auto ProviderHasAddr = [](std::string_view provider, const IPAddress& addr) {
3849 return base::Contains(GetDohProviderEntryForTesting(provider).ip_addresses,
3850 addr);
3851 };
3852
3853 // Cloudflare upgradeable IPs
3854 IPAddress dns_ip0(1, 0, 0, 1);
3855 IPAddress dns_ip1;
3856 EXPECT_TRUE(dns_ip1.AssignFromIPLiteral("2606:4700:4700::1111"));
3857 EXPECT_TRUE(ProviderHasAddr("Cloudflare", dns_ip0));
3858 EXPECT_TRUE(ProviderHasAddr("Cloudflare", dns_ip1));
3859 // CleanBrowsingFamily upgradeable IP
3860 IPAddress dns_ip2;
3861 EXPECT_TRUE(dns_ip2.AssignFromIPLiteral("2a0d:2a00:2::"));
3862 EXPECT_TRUE(ProviderHasAddr("CleanBrowsingFamily", dns_ip2));
3863 // CleanBrowsingSecure upgradeable IP
3864 IPAddress dns_ip3(185, 228, 169, 9);
3865 EXPECT_TRUE(ProviderHasAddr("CleanBrowsingSecure", dns_ip3));
3866 // Non-upgradeable IP
3867 IPAddress dns_ip4(1, 2, 3, 4);
3868
3869 config.nameservers = {
3870 IPEndPoint(dns_ip0, dns_protocol::kDefaultPort),
3871 IPEndPoint(dns_ip1, dns_protocol::kDefaultPort),
3872 IPEndPoint(dns_ip2, 54),
3873 IPEndPoint(dns_ip3, dns_protocol::kDefaultPort),
3874 IPEndPoint(dns_ip4, dns_protocol::kDefaultPort),
3875 };
3876 EXPECT_TRUE(config.IsValid());
3877 return config;
3878 }
3879
3880 // Check that entries are written to the cache with the right NAK.
TEST_F(HostResolverManagerTest,NetworkAnonymizationKeyWriteToHostCache)3881 TEST_F(HostResolverManagerTest, NetworkAnonymizationKeyWriteToHostCache) {
3882 const SchemefulSite kSite1(GURL("https://origin1.test/"));
3883 const SchemefulSite kSite2(GURL("https://origin2.test/"));
3884 auto kNetworkAnonymizationKey1 =
3885 net::NetworkAnonymizationKey::CreateSameSite(kSite1);
3886 auto kNetworkAnonymizationKey2 =
3887 net::NetworkAnonymizationKey::CreateSameSite(kSite2);
3888
3889 const char kFirstDnsResult[] = "192.168.1.42";
3890 const char kSecondDnsResult[] = "192.168.1.43";
3891
3892 for (bool split_cache_by_network_anonymization_key : {false, true}) {
3893 base::test::ScopedFeatureList feature_list;
3894 if (split_cache_by_network_anonymization_key) {
3895 feature_list.InitAndEnableFeature(
3896 features::kSplitHostCacheByNetworkIsolationKey);
3897 } else {
3898 feature_list.InitAndDisableFeature(
3899 features::kSplitHostCacheByNetworkIsolationKey);
3900 }
3901 proc_->AddRuleForAllFamilies("just.testing", kFirstDnsResult);
3902 proc_->SignalMultiple(1u);
3903
3904 // Resolve a host using kNetworkAnonymizationKey1.
3905 ResolveHostResponseHelper response1(resolver_->CreateRequest(
3906 HostPortPair("just.testing", 80), kNetworkAnonymizationKey1,
3907 NetLogWithSource(), std::nullopt, resolve_context_.get()));
3908 EXPECT_THAT(response1.result_error(), IsOk());
3909 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
3910 testing::ElementsAre(CreateExpected(kFirstDnsResult, 80)));
3911 EXPECT_THAT(
3912 response1.request()->GetEndpointResults(),
3913 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
3914 testing::ElementsAre(CreateExpected(kFirstDnsResult, 80))))));
3915 EXPECT_FALSE(response1.request()->GetStaleInfo());
3916 EXPECT_EQ(1u, proc_->GetCaptureList().size());
3917
3918 // If the host cache is being split by NetworkAnonymizationKeys, there
3919 // should be an entry in the HostCache with kNetworkAnonymizationKey1.
3920 // Otherwise, there should be an entry with the empty NAK.
3921 if (split_cache_by_network_anonymization_key) {
3922 EXPECT_TRUE(GetCacheHit(
3923 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
3924 0 /* host_resolver_flags */, HostResolverSource::ANY,
3925 kNetworkAnonymizationKey1)));
3926
3927 EXPECT_FALSE(GetCacheHit(
3928 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
3929 0 /* host_resolver_flags */, HostResolverSource::ANY,
3930 NetworkAnonymizationKey())));
3931 } else {
3932 EXPECT_FALSE(GetCacheHit(
3933 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
3934 0 /* host_resolver_flags */, HostResolverSource::ANY,
3935 kNetworkAnonymizationKey1)));
3936
3937 EXPECT_TRUE(GetCacheHit(
3938 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
3939 0 /* host_resolver_flags */, HostResolverSource::ANY,
3940 NetworkAnonymizationKey())));
3941 }
3942
3943 // There should be no entry using kNetworkAnonymizationKey2 in either case.
3944 EXPECT_FALSE(GetCacheHit(HostCache::Key(
3945 "just.testing", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
3946 HostResolverSource::ANY, kNetworkAnonymizationKey2)));
3947
3948 // A request using kNetworkAnonymizationKey2 should only be served out of
3949 // the cache of the cache if |split_cache_by_network_anonymization_key| is
3950 // false. If it's not served over the network, it is provided a different
3951 // result.
3952 if (split_cache_by_network_anonymization_key) {
3953 proc_->AddRuleForAllFamilies("just.testing", kSecondDnsResult);
3954 proc_->SignalMultiple(1u);
3955 }
3956 ResolveHostResponseHelper response2(resolver_->CreateRequest(
3957 HostPortPair("just.testing", 80), kNetworkAnonymizationKey2,
3958 NetLogWithSource(), std::nullopt, resolve_context_.get()));
3959 EXPECT_THAT(response2.result_error(), IsOk());
3960 if (split_cache_by_network_anonymization_key) {
3961 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
3962 testing::ElementsAre(CreateExpected(kSecondDnsResult, 80)));
3963 EXPECT_THAT(
3964 response2.request()->GetEndpointResults(),
3965 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
3966 testing::ElementsAre(CreateExpected(kSecondDnsResult, 80))))));
3967 EXPECT_FALSE(response2.request()->GetStaleInfo());
3968 EXPECT_EQ(2u, proc_->GetCaptureList().size());
3969 EXPECT_TRUE(GetCacheHit(
3970 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
3971 0 /* host_resolver_flags */, HostResolverSource::ANY,
3972 kNetworkAnonymizationKey2)));
3973 } else {
3974 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
3975 testing::ElementsAre(CreateExpected(kFirstDnsResult, 80)));
3976 EXPECT_THAT(
3977 response2.request()->GetEndpointResults(),
3978 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
3979 testing::ElementsAre(CreateExpected(kFirstDnsResult, 80))))));
3980 EXPECT_TRUE(response2.request()->GetStaleInfo());
3981 EXPECT_EQ(1u, proc_->GetCaptureList().size());
3982 EXPECT_FALSE(GetCacheHit(
3983 HostCache::Key("just.testing", DnsQueryType::UNSPECIFIED,
3984 0 /* host_resolver_flags */, HostResolverSource::ANY,
3985 kNetworkAnonymizationKey2)));
3986 }
3987
3988 resolve_context_->host_cache()->clear();
3989 proc_->ClearCaptureList();
3990 }
3991 }
3992
3993 // Check that entries are read to the cache with the right NAK.
TEST_F(HostResolverManagerTest,NetworkAnonymizationKeyReadFromHostCache)3994 TEST_F(HostResolverManagerTest, NetworkAnonymizationKeyReadFromHostCache) {
3995 const SchemefulSite kSite1(GURL("https://origin1.test/"));
3996 const SchemefulSite kSite2(GURL("https://origin2.test/"));
3997 auto kNetworkAnonymizationKey1 =
3998 net::NetworkAnonymizationKey::CreateSameSite(kSite1);
3999 auto kNetworkAnonymizationKey2 =
4000 net::NetworkAnonymizationKey::CreateSameSite(kSite2);
4001
4002 struct CacheEntry {
4003 NetworkAnonymizationKey network_anonymization_key;
4004 const char* cached_ip_address;
4005 };
4006
4007 const CacheEntry kCacheEntries[] = {
4008 {NetworkAnonymizationKey(), "192.168.1.42"},
4009 {kNetworkAnonymizationKey1, "192.168.1.43"},
4010 {kNetworkAnonymizationKey2, "192.168.1.44"},
4011 };
4012
4013 // Add entries to cache for the empty NAK, NAK1, and NAK2. Only the
4014 // HostResolverManager obeys network state partitioning, so this is fine to do
4015 // regardless of the feature value.
4016 for (const auto& cache_entry : kCacheEntries) {
4017 HostCache::Key key("just.testing", DnsQueryType::UNSPECIFIED, 0,
4018 HostResolverSource::ANY,
4019 cache_entry.network_anonymization_key);
4020 IPAddress address;
4021 ASSERT_TRUE(address.AssignFromIPLiteral(cache_entry.cached_ip_address));
4022 HostCache::Entry entry = HostCache::Entry(
4023 OK, {{address, 80}}, /*aliases=*/{}, HostCache::Entry::SOURCE_UNKNOWN);
4024 resolve_context_->host_cache()->Set(key, entry, base::TimeTicks::Now(),
4025 base::Days(1));
4026 }
4027
4028 for (bool split_cache_by_network_anonymization_key : {false, true}) {
4029 base::test::ScopedFeatureList feature_list;
4030 if (split_cache_by_network_anonymization_key) {
4031 feature_list.InitAndEnableFeature(
4032 features::kSplitHostCacheByNetworkIsolationKey);
4033 } else {
4034 feature_list.InitAndDisableFeature(
4035 features::kSplitHostCacheByNetworkIsolationKey);
4036 }
4037
4038 // A request that uses kNetworkAnonymizationKey1 will return cache entry 1
4039 // if the NetworkAnonymizationKeys are being used, and cache entry 0
4040 // otherwise.
4041 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4042 HostPortPair("just.testing", 80), kNetworkAnonymizationKey1,
4043 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4044 EXPECT_THAT(response1.result_error(), IsOk());
4045 EXPECT_THAT(
4046 response1.request()->GetAddressResults()->endpoints(),
4047 testing::ElementsAre(CreateExpected(
4048 kCacheEntries[split_cache_by_network_anonymization_key ? 1 : 0]
4049 .cached_ip_address,
4050 80)));
4051 EXPECT_THAT(
4052 response1.request()->GetEndpointResults(),
4053 testing::Pointee(testing::ElementsAre(
4054 ExpectEndpointResult(testing::ElementsAre(CreateExpected(
4055 kCacheEntries[split_cache_by_network_anonymization_key ? 1 : 0]
4056 .cached_ip_address,
4057 80))))));
4058 EXPECT_TRUE(response1.request()->GetStaleInfo());
4059
4060 // A request that uses kNetworkAnonymizationKey2 will return cache entry 2
4061 // if the NetworkAnonymizationKeys are being used, and cache entry 0
4062 // otherwise.
4063 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4064 HostPortPair("just.testing", 80), kNetworkAnonymizationKey2,
4065 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4066 EXPECT_THAT(response2.result_error(), IsOk());
4067 EXPECT_THAT(
4068 response2.request()->GetAddressResults()->endpoints(),
4069 testing::ElementsAre(CreateExpected(
4070 kCacheEntries[split_cache_by_network_anonymization_key ? 2 : 0]
4071 .cached_ip_address,
4072 80)));
4073 EXPECT_THAT(
4074 response2.request()->GetEndpointResults(),
4075 testing::Pointee(testing::ElementsAre(
4076 ExpectEndpointResult(testing::ElementsAre(CreateExpected(
4077 kCacheEntries[split_cache_by_network_anonymization_key ? 2 : 0]
4078 .cached_ip_address,
4079 80))))));
4080 EXPECT_TRUE(response2.request()->GetStaleInfo());
4081 }
4082 }
4083
4084 // Test that two requests made with different NetworkAnonymizationKeys are not
4085 // merged if network state partitioning is enabled.
TEST_F(HostResolverManagerTest,NetworkAnonymizationKeyTwoRequestsAtOnce)4086 TEST_F(HostResolverManagerTest, NetworkAnonymizationKeyTwoRequestsAtOnce) {
4087 const SchemefulSite kSite1(GURL("https://origin1.test/"));
4088 const SchemefulSite kSite2(GURL("https://origin2.test/"));
4089 auto kNetworkAnonymizationKey1 =
4090 net::NetworkAnonymizationKey::CreateSameSite(kSite1);
4091 auto kNetworkAnonymizationKey2 =
4092 net::NetworkAnonymizationKey::CreateSameSite(kSite2);
4093
4094 const char kDnsResult[] = "192.168.1.42";
4095
4096 for (bool split_cache_by_network_anonymization_key : {false, true}) {
4097 base::test::ScopedFeatureList feature_list;
4098 if (split_cache_by_network_anonymization_key) {
4099 feature_list.InitAndEnableFeature(
4100 features::kSplitHostCacheByNetworkIsolationKey);
4101 } else {
4102 feature_list.InitAndDisableFeature(
4103 features::kSplitHostCacheByNetworkIsolationKey);
4104 }
4105 proc_->AddRuleForAllFamilies("just.testing", kDnsResult);
4106
4107 // Start resolving a host using kNetworkAnonymizationKey1.
4108 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4109 HostPortPair("just.testing", 80), kNetworkAnonymizationKey1,
4110 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4111 EXPECT_FALSE(response1.complete());
4112
4113 // Start resolving the same host using kNetworkAnonymizationKey2.
4114 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4115 HostPortPair("just.testing", 80), kNetworkAnonymizationKey2,
4116 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4117 EXPECT_FALSE(response2.complete());
4118
4119 // Wait for and complete the expected number of over-the-wire DNS
4120 // resolutions.
4121 if (split_cache_by_network_anonymization_key) {
4122 proc_->WaitFor(2);
4123 EXPECT_EQ(2u, proc_->GetCaptureList().size());
4124 proc_->SignalMultiple(2u);
4125 } else {
4126 proc_->WaitFor(1);
4127 EXPECT_EQ(1u, proc_->GetCaptureList().size());
4128 proc_->SignalMultiple(1u);
4129 }
4130
4131 // Both requests should have completed successfully, with neither served out
4132 // of the cache.
4133
4134 EXPECT_THAT(response1.result_error(), IsOk());
4135 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4136 testing::ElementsAre(CreateExpected(kDnsResult, 80)));
4137 EXPECT_THAT(response1.request()->GetEndpointResults(),
4138 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4139 testing::ElementsAre(CreateExpected(kDnsResult, 80))))));
4140 EXPECT_FALSE(response1.request()->GetStaleInfo());
4141
4142 EXPECT_THAT(response2.result_error(), IsOk());
4143 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
4144 testing::ElementsAre(CreateExpected(kDnsResult, 80)));
4145 EXPECT_THAT(response2.request()->GetEndpointResults(),
4146 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4147 testing::ElementsAre(CreateExpected(kDnsResult, 80))))));
4148 EXPECT_FALSE(response2.request()->GetStaleInfo());
4149
4150 resolve_context_->host_cache()->clear();
4151 proc_->ClearCaptureList();
4152 }
4153 }
4154
4155 // Test that two otherwise-identical requests with different ResolveContexts are
4156 // not merged.
TEST_F(HostResolverManagerTest,ContextsNotMerged)4157 TEST_F(HostResolverManagerTest, ContextsNotMerged) {
4158 const char kDnsResult[] = "192.168.1.42";
4159
4160 proc_->AddRuleForAllFamilies("just.testing", kDnsResult);
4161
4162 // Start resolving a host using |resolve_context_|.
4163 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4164 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
4165 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4166 EXPECT_FALSE(response1.complete());
4167
4168 // Start resolving the same host using another ResolveContext and cache.
4169 ResolveContext resolve_context2(resolve_context_->url_request_context(),
4170 true /* enable_caching */);
4171 resolver_->RegisterResolveContext(&resolve_context2);
4172 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4173 HostPortPair("just.testing", 80), NetworkAnonymizationKey(),
4174 NetLogWithSource(), std::nullopt, &resolve_context2));
4175 EXPECT_FALSE(response2.complete());
4176 EXPECT_EQ(2u, resolver_->num_jobs_for_testing());
4177
4178 // Wait for and complete the 2 over-the-wire DNS resolutions.
4179 proc_->WaitFor(2);
4180 EXPECT_EQ(2u, proc_->GetCaptureList().size());
4181 proc_->SignalMultiple(2u);
4182
4183 // Both requests should have completed successfully, with neither served out
4184 // of the cache.
4185
4186 EXPECT_THAT(response1.result_error(), IsOk());
4187 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4188 testing::ElementsAre(CreateExpected(kDnsResult, 80)));
4189 EXPECT_THAT(response1.request()->GetEndpointResults(),
4190 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4191 testing::ElementsAre(CreateExpected(kDnsResult, 80))))));
4192 EXPECT_FALSE(response1.request()->GetStaleInfo());
4193
4194 EXPECT_THAT(response2.result_error(), IsOk());
4195 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
4196 testing::ElementsAre(CreateExpected(kDnsResult, 80)));
4197 EXPECT_THAT(response2.request()->GetEndpointResults(),
4198 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4199 testing::ElementsAre(CreateExpected(kDnsResult, 80))))));
4200 EXPECT_FALSE(response2.request()->GetStaleInfo());
4201
4202 EXPECT_EQ(1u, resolve_context_->host_cache()->size());
4203 EXPECT_EQ(1u, resolve_context2.host_cache()->size());
4204
4205 resolver_->DeregisterResolveContext(&resolve_context2);
4206 }
4207
4208 // HostResolverManagerDnsTest ==================================================
4209
HostResolverManagerDnsTest(base::test::TaskEnvironment::TimeSource time_source)4210 HostResolverManagerDnsTest::HostResolverManagerDnsTest(
4211 base::test::TaskEnvironment::TimeSource time_source)
4212 : HostResolverManagerTest(time_source),
4213 notifier_task_runner_(
4214 base::MakeRefCounted<base::TestMockTimeTaskRunner>()) {
4215 auto config_service = std::make_unique<TestDnsConfigService>();
4216 config_service_ = config_service.get();
4217 notifier_ = std::make_unique<SystemDnsConfigChangeNotifier>(
4218 notifier_task_runner_, std::move(config_service));
4219 }
4220
4221 HostResolverManagerDnsTest::~HostResolverManagerDnsTest() = default;
4222
DestroyResolver()4223 void HostResolverManagerDnsTest::DestroyResolver() {
4224 mock_dns_client_ = nullptr;
4225 HostResolverManagerTest::DestroyResolver();
4226 }
4227
SetDnsClient(std::unique_ptr<DnsClient> dns_client)4228 void HostResolverManagerDnsTest::SetDnsClient(
4229 std::unique_ptr<DnsClient> dns_client) {
4230 mock_dns_client_ = nullptr;
4231 resolver_->SetDnsClientForTesting(std::move(dns_client));
4232 }
4233
TearDown()4234 void HostResolverManagerDnsTest::TearDown() {
4235 HostResolverManagerTest::TearDown();
4236 InvalidateDnsConfig();
4237
4238 // Ensure |notifier_| is fully cleaned up before test shutdown.
4239 notifier_.reset();
4240 notifier_task_runner_->RunUntilIdle();
4241 }
4242
DefaultOptions()4243 HostResolver::ManagerOptions HostResolverManagerDnsTest::DefaultOptions() {
4244 HostResolver::ManagerOptions options =
4245 HostResolverManagerTest::DefaultOptions();
4246 options.insecure_dns_client_enabled = true;
4247 options.additional_types_via_insecure_dns_enabled = true;
4248 return options;
4249 }
4250
CreateResolverWithOptionsAndParams(HostResolver::ManagerOptions options,const HostResolverSystemTask::Params & params,bool ipv6_reachable,bool is_async,bool ipv4_reachable)4251 void HostResolverManagerDnsTest::CreateResolverWithOptionsAndParams(
4252 HostResolver::ManagerOptions options,
4253 const HostResolverSystemTask::Params& params,
4254 bool ipv6_reachable,
4255 bool is_async,
4256 bool ipv4_reachable) {
4257 DestroyResolver();
4258
4259 resolver_ = std::make_unique<TestHostResolverManager>(
4260 options, notifier_.get(), nullptr /* net_log */, ipv6_reachable,
4261 ipv4_reachable, is_async);
4262 auto dns_client =
4263 std::make_unique<MockDnsClient>(DnsConfig(), CreateDefaultDnsRules());
4264 mock_dns_client_ = dns_client.get();
4265 resolver_->SetDnsClientForTesting(std::move(dns_client));
4266 resolver_->SetInsecureDnsClientEnabled(
4267 options.insecure_dns_client_enabled,
4268 options.additional_types_via_insecure_dns_enabled);
4269 resolver_->set_host_resolver_system_params_for_test(params);
4270 resolver_->RegisterResolveContext(resolve_context_.get());
4271 }
4272
UseMockDnsClient(const DnsConfig & config,MockDnsClientRuleList rules)4273 void HostResolverManagerDnsTest::UseMockDnsClient(const DnsConfig& config,
4274 MockDnsClientRuleList rules) {
4275 // HostResolver expects DnsConfig to get set after setting DnsClient, so
4276 // create first with an empty config and then update the config.
4277 auto dns_client =
4278 std::make_unique<MockDnsClient>(DnsConfig(), std::move(rules));
4279 mock_dns_client_ = dns_client.get();
4280 resolver_->SetDnsClientForTesting(std::move(dns_client));
4281 resolver_->SetInsecureDnsClientEnabled(
4282 /*enabled=*/true,
4283 /*additional_dns_types_enabled=*/true);
4284 if (!config.Equals(DnsConfig())) {
4285 ChangeDnsConfig(config);
4286 }
4287 }
4288
4289 // static
CreateDefaultDnsRules()4290 MockDnsClientRuleList HostResolverManagerDnsTest::CreateDefaultDnsRules() {
4291 MockDnsClientRuleList rules;
4292
4293 AddDnsRule(&rules, "nodomain", dns_protocol::kTypeA,
4294 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4295 AddDnsRule(&rules, "nodomain", dns_protocol::kTypeAAAA,
4296 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4297 AddDnsRule(&rules, "nx", dns_protocol::kTypeA,
4298 MockDnsClientRule::ResultType::kFail, false /* delay */);
4299 AddDnsRule(&rules, "nx", dns_protocol::kTypeAAAA,
4300 MockDnsClientRule::ResultType::kFail, false /* delay */);
4301 AddDnsRule(&rules, "ok", dns_protocol::kTypeA,
4302 MockDnsClientRule::ResultType::kOk, false /* delay */);
4303 AddDnsRule(&rules, "ok", dns_protocol::kTypeAAAA,
4304 MockDnsClientRule::ResultType::kOk, false /* delay */);
4305 AddDnsRule(&rules, "4ok", dns_protocol::kTypeA,
4306 MockDnsClientRule::ResultType::kOk, false /* delay */);
4307 AddDnsRule(&rules, "4ok", dns_protocol::kTypeAAAA,
4308 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4309 AddDnsRule(&rules, "6ok", dns_protocol::kTypeA,
4310 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4311 AddDnsRule(&rules, "6ok", dns_protocol::kTypeAAAA,
4312 MockDnsClientRule::ResultType::kOk, false /* delay */);
4313 AddDnsRule(&rules, "4nx", dns_protocol::kTypeA,
4314 MockDnsClientRule::ResultType::kOk, false /* delay */);
4315 AddDnsRule(&rules, "4nx", dns_protocol::kTypeAAAA,
4316 MockDnsClientRule::ResultType::kFail, false /* delay */);
4317 AddDnsRule(&rules, "empty", dns_protocol::kTypeA,
4318 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4319 AddDnsRule(&rules, "empty", dns_protocol::kTypeAAAA,
4320 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4321
4322 AddDnsRule(&rules, "slow_nx", dns_protocol::kTypeA,
4323 MockDnsClientRule::ResultType::kFail, true /* delay */);
4324 AddDnsRule(&rules, "slow_nx", dns_protocol::kTypeAAAA,
4325 MockDnsClientRule::ResultType::kFail, true /* delay */);
4326
4327 AddDnsRule(&rules, "4slow_ok", dns_protocol::kTypeA,
4328 MockDnsClientRule::ResultType::kOk, true /* delay */);
4329 AddDnsRule(&rules, "4slow_ok", dns_protocol::kTypeAAAA,
4330 MockDnsClientRule::ResultType::kOk, false /* delay */);
4331 AddDnsRule(&rules, "6slow_ok", dns_protocol::kTypeA,
4332 MockDnsClientRule::ResultType::kOk, false /* delay */);
4333 AddDnsRule(&rules, "6slow_ok", dns_protocol::kTypeAAAA,
4334 MockDnsClientRule::ResultType::kOk, true /* delay */);
4335 AddDnsRule(&rules, "4slow_4ok", dns_protocol::kTypeA,
4336 MockDnsClientRule::ResultType::kOk, true /* delay */);
4337 AddDnsRule(&rules, "4slow_4ok", dns_protocol::kTypeAAAA,
4338 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4339 AddDnsRule(&rules, "4slow_4timeout", dns_protocol::kTypeA,
4340 MockDnsClientRule::ResultType::kTimeout, true /* delay */);
4341 AddDnsRule(&rules, "4slow_4timeout", dns_protocol::kTypeAAAA,
4342 MockDnsClientRule::ResultType::kOk, false /* delay */);
4343 AddDnsRule(&rules, "4slow_6timeout", dns_protocol::kTypeA,
4344 MockDnsClientRule::ResultType::kOk, true /* delay */);
4345 AddDnsRule(&rules, "4slow_6timeout", dns_protocol::kTypeAAAA,
4346 MockDnsClientRule::ResultType::kTimeout, false /* delay */);
4347
4348 AddDnsRule(&rules, "4collision", dns_protocol::kTypeA,
4349 IPAddress(127, 0, 53, 53), false /* delay */);
4350 AddDnsRule(&rules, "4collision", dns_protocol::kTypeAAAA,
4351 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4352 AddDnsRule(&rules, "6collision", dns_protocol::kTypeA,
4353 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
4354 // This isn't the expected IP for collisions (but looks close to it).
4355 AddDnsRule(&rules, "6collision", dns_protocol::kTypeAAAA,
4356 IPAddress(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 127, 0, 53, 53),
4357 false /* delay */);
4358
4359 AddSecureDnsRule(&rules, "automatic_nodomain", dns_protocol::kTypeA,
4360 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4361 AddSecureDnsRule(&rules, "automatic_nodomain", dns_protocol::kTypeAAAA,
4362 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4363 AddDnsRule(&rules, "automatic_nodomain", dns_protocol::kTypeA,
4364 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4365 AddDnsRule(&rules, "automatic_nodomain", dns_protocol::kTypeAAAA,
4366 MockDnsClientRule::ResultType::kNoDomain, false /* delay */);
4367 AddSecureDnsRule(&rules, "automatic", dns_protocol::kTypeA,
4368 MockDnsClientRule::ResultType::kOk, false /* delay */);
4369 AddSecureDnsRule(&rules, "automatic", dns_protocol::kTypeAAAA,
4370 MockDnsClientRule::ResultType::kOk, false /* delay */);
4371 AddDnsRule(&rules, "automatic", dns_protocol::kTypeA,
4372 MockDnsClientRule::ResultType::kOk, false /* delay */);
4373 AddDnsRule(&rules, "automatic", dns_protocol::kTypeAAAA,
4374 MockDnsClientRule::ResultType::kOk, false /* delay */);
4375 AddDnsRule(&rules, "insecure_automatic", dns_protocol::kTypeA,
4376 MockDnsClientRule::ResultType::kOk, false /* delay */);
4377 AddDnsRule(&rules, "insecure_automatic", dns_protocol::kTypeAAAA,
4378 MockDnsClientRule::ResultType::kOk, false /* delay */);
4379
4380 AddSecureDnsRule(&rules, "secure", dns_protocol::kTypeA,
4381 MockDnsClientRule::ResultType::kOk, false /* delay */);
4382 AddSecureDnsRule(&rules, "secure", dns_protocol::kTypeAAAA,
4383 MockDnsClientRule::ResultType::kOk, false /* delay */);
4384
4385 return rules;
4386 }
4387
4388 // static
AddDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,MockDnsClientRule::ResultType result_type,bool delay)4389 void HostResolverManagerDnsTest::AddDnsRule(
4390 MockDnsClientRuleList* rules,
4391 const std::string& prefix,
4392 uint16_t qtype,
4393 MockDnsClientRule::ResultType result_type,
4394 bool delay) {
4395 rules->emplace_back(prefix, qtype, false /* secure */,
4396 MockDnsClientRule::Result(result_type), delay);
4397 }
4398
4399 // static
AddDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,const IPAddress & result_ip,bool delay)4400 void HostResolverManagerDnsTest::AddDnsRule(MockDnsClientRuleList* rules,
4401 const std::string& prefix,
4402 uint16_t qtype,
4403 const IPAddress& result_ip,
4404 bool delay) {
4405 rules->emplace_back(
4406 prefix, qtype, false /* secure */,
4407 MockDnsClientRule::Result(BuildTestDnsAddressResponse(prefix, result_ip)),
4408 delay);
4409 }
4410
4411 // static
AddDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,IPAddress result_ip,std::string cannonname,bool delay)4412 void HostResolverManagerDnsTest::AddDnsRule(MockDnsClientRuleList* rules,
4413 const std::string& prefix,
4414 uint16_t qtype,
4415 IPAddress result_ip,
4416 std::string cannonname,
4417 bool delay) {
4418 rules->emplace_back(
4419 prefix, qtype, false /* secure */,
4420 MockDnsClientRule::Result(BuildTestDnsAddressResponseWithCname(
4421 prefix, result_ip, std::move(cannonname))),
4422 delay);
4423 }
4424
4425 // static
AddDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,DnsResponse dns_test_response,bool delay)4426 void HostResolverManagerDnsTest::AddDnsRule(MockDnsClientRuleList* rules,
4427
4428 const std::string& prefix,
4429 uint16_t qtype,
4430 DnsResponse dns_test_response,
4431 bool delay) {
4432 rules->emplace_back(prefix, qtype, false /* secure */,
4433 MockDnsClientRule::Result(std::move(dns_test_response)),
4434 delay);
4435 }
4436
4437 // static
AddSecureDnsRule(MockDnsClientRuleList * rules,const std::string & prefix,uint16_t qtype,MockDnsClientRule::ResultType result_type,bool delay)4438 void HostResolverManagerDnsTest::AddSecureDnsRule(
4439 MockDnsClientRuleList* rules,
4440 const std::string& prefix,
4441 uint16_t qtype,
4442 MockDnsClientRule::ResultType result_type,
4443 bool delay) {
4444 rules->emplace_back(prefix, qtype, true /* secure */,
4445 MockDnsClientRule::Result(result_type), delay);
4446 }
4447
ChangeDnsConfig(const DnsConfig & config)4448 void HostResolverManagerDnsTest::ChangeDnsConfig(const DnsConfig& config) {
4449 DCHECK(config.IsValid());
4450 notifier_task_runner_->PostTask(
4451 FROM_HERE,
4452 base::BindOnce(&TestDnsConfigService::OnHostsRead,
4453 base::Unretained(config_service_), config.hosts));
4454 notifier_task_runner_->PostTask(
4455 FROM_HERE, base::BindOnce(&TestDnsConfigService::OnConfigRead,
4456 base::Unretained(config_service_), config));
4457
4458 notifier_task_runner_->RunUntilIdle();
4459 base::RunLoop().RunUntilIdle();
4460 }
4461
InvalidateDnsConfig()4462 void HostResolverManagerDnsTest::InvalidateDnsConfig() {
4463 notifier_task_runner_->PostTask(
4464 FROM_HERE, base::BindOnce(&TestDnsConfigService::OnHostsRead,
4465 base::Unretained(config_service_), DnsHosts()));
4466 notifier_task_runner_->PostTask(
4467 FROM_HERE, base::BindOnce(&TestDnsConfigService::InvalidateConfig,
4468 base::Unretained(config_service_)));
4469
4470 notifier_task_runner_->FastForwardBy(DnsConfigService::kInvalidationTimeout);
4471 base::RunLoop().RunUntilIdle();
4472 }
4473
SetInitialDnsConfig(const DnsConfig & config)4474 void HostResolverManagerDnsTest::SetInitialDnsConfig(const DnsConfig& config) {
4475 InvalidateDnsConfig();
4476 ChangeDnsConfig(config);
4477 }
4478
TriggerInsecureFailureCondition()4479 void HostResolverManagerDnsTest::TriggerInsecureFailureCondition() {
4480 proc_->AddRuleForAllFamilies(std::string(),
4481 std::string()); // Default to failures.
4482
4483 // Disable Secure DNS for these requests.
4484 HostResolver::ResolveHostParameters parameters;
4485 parameters.secure_dns_policy = SecureDnsPolicy::kDisable;
4486
4487 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
4488 for (unsigned i = 0; i < maximum_insecure_dns_task_failures(); ++i) {
4489 // Use custom names to require separate Jobs.
4490 std::string hostname = base::StringPrintf("nx_%u", i);
4491 // Ensure fallback to HostResolverSystemTask succeeds.
4492 proc_->AddRuleForAllFamilies(hostname, "192.168.1.101");
4493 responses.emplace_back(
4494 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
4495 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
4496 NetLogWithSource(), parameters, resolve_context_.get())));
4497 }
4498
4499 proc_->SignalMultiple(responses.size());
4500
4501 for (const auto& response : responses) {
4502 EXPECT_THAT(response->result_error(), IsOk());
4503 }
4504
4505 ASSERT_FALSE(proc_->HasBlockedRequests());
4506 }
4507
TEST_F(HostResolverManagerDnsTest,FlushCacheOnDnsConfigChange)4508 TEST_F(HostResolverManagerDnsTest, FlushCacheOnDnsConfigChange) {
4509 proc_->SignalMultiple(2u); // One before the flush, one after.
4510
4511 // Resolve to populate the cache.
4512 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
4513 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
4514 std::nullopt, resolve_context_.get()));
4515 EXPECT_THAT(initial_response.result_error(), IsOk());
4516 EXPECT_EQ(1u, proc_->GetCaptureList().size());
4517
4518 // Result expected to come from the cache.
4519 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
4520 HostPortPair("host1", 75), NetworkAnonymizationKey(), NetLogWithSource(),
4521 std::nullopt, resolve_context_.get()));
4522 EXPECT_THAT(cached_response.result_error(), IsOk());
4523 EXPECT_EQ(1u, proc_->GetCaptureList().size()); // No expected increase.
4524
4525 // Flush cache by triggering a DNS config change.
4526 ChangeDnsConfig(CreateValidDnsConfig());
4527
4528 // Expect flushed from cache and therefore served from |proc_|.
4529 ResolveHostResponseHelper flushed_response(resolver_->CreateRequest(
4530 HostPortPair("host1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
4531 std::nullopt, resolve_context_.get()));
4532 EXPECT_THAT(flushed_response.result_error(), IsOk());
4533 EXPECT_EQ(2u, proc_->GetCaptureList().size()); // Expected increase.
4534 }
4535
TEST_F(HostResolverManagerDnsTest,DisableAndEnableInsecureDnsClient)4536 TEST_F(HostResolverManagerDnsTest, DisableAndEnableInsecureDnsClient) {
4537 // Disable fallback to allow testing how requests are initially handled.
4538 set_allow_fallback_to_systemtask(false);
4539
4540 ChangeDnsConfig(CreateValidDnsConfig());
4541 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.2.47");
4542 proc_->SignalMultiple(1u);
4543
4544 resolver_->SetInsecureDnsClientEnabled(
4545 /*enabled=*/false,
4546 /*additional_dns_types_enabled*/ false);
4547 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
4548 HostPortPair("nx_succeed", 1212), NetworkAnonymizationKey(),
4549 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4550 EXPECT_THAT(response_system.result_error(), IsOk());
4551 EXPECT_THAT(response_system.request()->GetAddressResults()->endpoints(),
4552 testing::ElementsAre(CreateExpected("192.168.2.47", 1212)));
4553 EXPECT_THAT(
4554 response_system.request()->GetEndpointResults(),
4555 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4556 testing::ElementsAre(CreateExpected("192.168.2.47", 1212))))));
4557
4558 resolver_->SetInsecureDnsClientEnabled(/*enabled*/ true,
4559 /*additional_dns_types_enabled=*/true);
4560 ResolveHostResponseHelper response_dns_client(resolver_->CreateRequest(
4561 HostPortPair("ok_fail", 1212), NetworkAnonymizationKey(),
4562 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4563 EXPECT_THAT(response_dns_client.result_error(), IsOk());
4564 EXPECT_THAT(response_dns_client.request()->GetAddressResults()->endpoints(),
4565 testing::UnorderedElementsAre(CreateExpected("::1", 1212),
4566 CreateExpected("127.0.0.1", 1212)));
4567 EXPECT_THAT(
4568 response_dns_client.request()->GetEndpointResults(),
4569 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4570 testing::UnorderedElementsAre(CreateExpected("::1", 1212),
4571 CreateExpected("127.0.0.1", 1212))))));
4572 }
4573
TEST_F(HostResolverManagerDnsTest,UseHostResolverSystemTaskWhenPrivateDnsActive)4574 TEST_F(HostResolverManagerDnsTest,
4575 UseHostResolverSystemTaskWhenPrivateDnsActive) {
4576 // Disable fallback to allow testing how requests are initially handled.
4577 set_allow_fallback_to_systemtask(false);
4578 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.2.47");
4579 proc_->SignalMultiple(1u);
4580
4581 DnsConfig config = CreateValidDnsConfig();
4582 config.dns_over_tls_active = true;
4583 ChangeDnsConfig(config);
4584 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
4585 HostPortPair("nx_succeed", 1212), NetworkAnonymizationKey(),
4586 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4587 EXPECT_THAT(response_system.result_error(), IsOk());
4588 EXPECT_THAT(response_system.request()->GetAddressResults()->endpoints(),
4589 testing::ElementsAre(CreateExpected("192.168.2.47", 1212)));
4590 EXPECT_THAT(
4591 response_system.request()->GetEndpointResults(),
4592 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4593 testing::ElementsAre(CreateExpected("192.168.2.47", 1212))))));
4594 }
4595
4596 // RFC 6761 localhost names should always resolve to loopback.
TEST_F(HostResolverManagerDnsTest,LocalhostLookup)4597 TEST_F(HostResolverManagerDnsTest, LocalhostLookup) {
4598 // Add a rule resolving localhost names to a non-loopback IP and test
4599 // that they still resolves to loopback.
4600 proc_->AddRuleForAllFamilies("foo.localhost", "192.168.1.42");
4601 proc_->AddRuleForAllFamilies("localhost", "192.168.1.42");
4602 proc_->AddRuleForAllFamilies("localhost.", "192.168.1.42");
4603
4604 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4605 HostPortPair("foo.localhost", 80), NetworkAnonymizationKey(),
4606 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4607 EXPECT_THAT(response0.result_error(), IsOk());
4608 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
4609 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4610 CreateExpected("::1", 80)));
4611 EXPECT_THAT(
4612 response0.request()->GetEndpointResults(),
4613 testing::Pointee(testing::ElementsAre(
4614 ExpectEndpointResult(testing::UnorderedElementsAre(
4615 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4616
4617 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4618 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
4619 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4620 EXPECT_THAT(response1.result_error(), IsOk());
4621 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4622 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4623 CreateExpected("::1", 80)));
4624 EXPECT_THAT(
4625 response1.request()->GetEndpointResults(),
4626 testing::Pointee(testing::ElementsAre(
4627 ExpectEndpointResult(testing::UnorderedElementsAre(
4628 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4629
4630 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4631 HostPortPair("localhost.", 80), NetworkAnonymizationKey(),
4632 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4633 EXPECT_THAT(response2.result_error(), IsOk());
4634 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
4635 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4636 CreateExpected("::1", 80)));
4637 EXPECT_THAT(
4638 response2.request()->GetEndpointResults(),
4639 testing::Pointee(testing::ElementsAre(
4640 ExpectEndpointResult(testing::UnorderedElementsAre(
4641 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4642 }
4643
4644 // RFC 6761 localhost names should always resolve to loopback, even if a HOSTS
4645 // file is active.
TEST_F(HostResolverManagerDnsTest,LocalhostLookupWithHosts)4646 TEST_F(HostResolverManagerDnsTest, LocalhostLookupWithHosts) {
4647 DnsHosts hosts;
4648 hosts[DnsHostsKey("localhost", ADDRESS_FAMILY_IPV4)] =
4649 IPAddress({192, 168, 1, 1});
4650 hosts[DnsHostsKey("foo.localhost", ADDRESS_FAMILY_IPV4)] =
4651 IPAddress({192, 168, 1, 2});
4652
4653 DnsConfig config = CreateValidDnsConfig();
4654 config.hosts = hosts;
4655 ChangeDnsConfig(config);
4656
4657 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4658 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
4659 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4660 EXPECT_THAT(response0.result_error(), IsOk());
4661 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
4662 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4663 CreateExpected("::1", 80)));
4664 EXPECT_THAT(
4665 response0.request()->GetEndpointResults(),
4666 testing::Pointee(testing::ElementsAre(
4667 ExpectEndpointResult(testing::UnorderedElementsAre(
4668 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4669
4670 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4671 HostPortPair("foo.localhost", 80), NetworkAnonymizationKey(),
4672 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4673 EXPECT_THAT(response1.result_error(), IsOk());
4674 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4675 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4676 CreateExpected("::1", 80)));
4677 EXPECT_THAT(
4678 response1.request()->GetEndpointResults(),
4679 testing::Pointee(testing::ElementsAre(
4680 ExpectEndpointResult(testing::UnorderedElementsAre(
4681 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4682 }
4683
4684 // Test successful and fallback resolutions in HostResolverManager::DnsTask.
TEST_F(HostResolverManagerDnsTest,DnsTask)4685 TEST_F(HostResolverManagerDnsTest, DnsTask) {
4686 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
4687 // All other hostnames will fail in proc_.
4688
4689 // Initially there is no config, so client should not be invoked.
4690 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
4691 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
4692 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4693 EXPECT_FALSE(initial_response.complete());
4694
4695 proc_->SignalMultiple(1u);
4696
4697 EXPECT_THAT(initial_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
4698
4699 ChangeDnsConfig(CreateValidDnsConfig());
4700
4701 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4702 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
4703 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4704 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4705 HostPortPair("nx_fail", 80), NetworkAnonymizationKey(),
4706 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4707 ResolveHostResponseHelper response2(resolver_->CreateRequest(
4708 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
4709 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4710
4711 proc_->SignalMultiple(4u);
4712
4713 // Resolved by MockDnsClient.
4714 EXPECT_THAT(response0.result_error(), IsOk());
4715 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
4716 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4717 CreateExpected("::1", 80)));
4718 EXPECT_THAT(
4719 response0.request()->GetEndpointResults(),
4720 testing::Pointee(testing::ElementsAre(
4721 ExpectEndpointResult(testing::UnorderedElementsAre(
4722 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4723
4724 // Fallback to HostResolverSystemTask.
4725 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
4726 EXPECT_THAT(response2.result_error(), IsOk());
4727 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
4728 testing::ElementsAre(CreateExpected("192.168.1.102", 80)));
4729 EXPECT_THAT(response2.request()->GetEndpointResults(),
4730 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4731 testing::ElementsAre(CreateExpected("192.168.1.102", 80))))));
4732 }
4733
TEST_F(HostResolverManagerDnsTest,DnsTaskWithScheme)4734 TEST_F(HostResolverManagerDnsTest, DnsTaskWithScheme) {
4735 ChangeDnsConfig(CreateValidDnsConfig());
4736
4737 ResolveHostResponseHelper response(resolver_->CreateRequest(
4738 url::SchemeHostPort(url::kWsScheme, "ok_fail", 80),
4739 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
4740 resolve_context_.get()));
4741
4742 // Resolved by MockDnsClient.
4743 EXPECT_THAT(response.result_error(), IsOk());
4744 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
4745 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4746 CreateExpected("::1", 80)));
4747 EXPECT_THAT(
4748 response.request()->GetEndpointResults(),
4749 testing::Pointee(testing::ElementsAre(
4750 ExpectEndpointResult(testing::UnorderedElementsAre(
4751 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4752 }
4753
4754 // Test successful and failing resolutions in HostResolverManager::DnsTask when
4755 // fallback to HostResolverSystemTask is disabled.
TEST_F(HostResolverManagerDnsTest,NoFallbackToHostResolverSystemTask)4756 TEST_F(HostResolverManagerDnsTest, NoFallbackToHostResolverSystemTask) {
4757 set_allow_fallback_to_systemtask(false);
4758
4759 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
4760 // All other hostnames will fail in proc_.
4761
4762 // Set empty DnsConfig.
4763 InvalidateDnsConfig();
4764 // Initially there is no config, so client should not be invoked.
4765 ResolveHostResponseHelper initial_response0(resolver_->CreateRequest(
4766 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
4767 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4768 ResolveHostResponseHelper initial_response1(resolver_->CreateRequest(
4769 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
4770 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4771 proc_->SignalMultiple(2u);
4772
4773 EXPECT_THAT(initial_response0.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
4774 EXPECT_THAT(initial_response1.result_error(), IsOk());
4775 EXPECT_THAT(initial_response1.request()->GetAddressResults()->endpoints(),
4776 testing::ElementsAre(CreateExpected("192.168.1.102", 80)));
4777 EXPECT_THAT(initial_response1.request()->GetEndpointResults(),
4778 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4779 testing::ElementsAre(CreateExpected("192.168.1.102", 80))))));
4780
4781 // Switch to a valid config.
4782 ChangeDnsConfig(CreateValidDnsConfig());
4783 // First request is resolved by MockDnsClient, others should fail due to
4784 // disabled fallback to HostResolverSystemTask.
4785 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4786 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
4787 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4788 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4789 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
4790 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4791 proc_->SignalMultiple(6u);
4792
4793 // Resolved by MockDnsClient.
4794 EXPECT_THAT(response0.result_error(), IsOk());
4795 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
4796 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4797 CreateExpected("::1", 80)));
4798 EXPECT_THAT(
4799 response0.request()->GetEndpointResults(),
4800 testing::Pointee(testing::ElementsAre(
4801 ExpectEndpointResult(testing::UnorderedElementsAre(
4802 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4803 // Fallback to HostResolverSystemTask is disabled.
4804 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
4805 }
4806
4807 // Test behavior of OnDnsTaskFailure when Job is aborted.
TEST_F(HostResolverManagerDnsTest,OnDnsTaskFailureAbortedJob)4808 TEST_F(HostResolverManagerDnsTest, OnDnsTaskFailureAbortedJob) {
4809 ChangeDnsConfig(CreateValidDnsConfig());
4810 ResolveHostResponseHelper response(resolver_->CreateRequest(
4811 HostPortPair("nx_abort", 80), NetworkAnonymizationKey(),
4812 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4813 // Abort all jobs here.
4814 CreateResolver();
4815 proc_->SignalMultiple(1u);
4816 // Run to completion.
4817 base::RunLoop().RunUntilIdle(); // Notification happens async.
4818 // It shouldn't crash during OnDnsTaskFailure callbacks.
4819 EXPECT_FALSE(response.complete());
4820
4821 // Repeat test with Fallback to HostResolverSystemTask disabled
4822 set_allow_fallback_to_systemtask(false);
4823 ChangeDnsConfig(CreateValidDnsConfig());
4824 ResolveHostResponseHelper no_fallback_response(resolver_->CreateRequest(
4825 HostPortPair("nx_abort", 80), NetworkAnonymizationKey(),
4826 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4827 // Abort all jobs here.
4828 CreateResolver();
4829 proc_->SignalMultiple(2u);
4830 // Run to completion.
4831 base::RunLoop().RunUntilIdle(); // Notification happens async.
4832 // It shouldn't crash during OnDnsTaskFailure callbacks.
4833 EXPECT_FALSE(no_fallback_response.complete());
4834 }
4835
4836 // Fallback to proc allowed with ANY source.
TEST_F(HostResolverManagerDnsTest,FallbackBySource_Any)4837 TEST_F(HostResolverManagerDnsTest, FallbackBySource_Any) {
4838 // Ensure fallback is otherwise allowed by resolver settings.
4839 set_allow_fallback_to_systemtask(true);
4840
4841 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
4842 // All other hostnames will fail in proc_.
4843
4844 ChangeDnsConfig(CreateValidDnsConfig());
4845
4846 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4847 HostPortPair("nx_fail", 80), NetworkAnonymizationKey(),
4848 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4849 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4850 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
4851 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4852 proc_->SignalMultiple(2u);
4853
4854 EXPECT_THAT(response0.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
4855 EXPECT_THAT(response1.result_error(), IsOk());
4856 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4857 testing::ElementsAre(CreateExpected("192.168.1.102", 80)));
4858 EXPECT_THAT(response1.request()->GetEndpointResults(),
4859 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4860 testing::ElementsAre(CreateExpected("192.168.1.102", 80))))));
4861 }
4862
4863 // Fallback to proc not allowed with DNS source.
TEST_F(HostResolverManagerDnsTest,FallbackBySource_Dns)4864 TEST_F(HostResolverManagerDnsTest, FallbackBySource_Dns) {
4865 // Ensure fallback is otherwise allowed by resolver settings.
4866 set_allow_fallback_to_systemtask(true);
4867
4868 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
4869 // All other hostnames will fail in proc_.
4870
4871 ChangeDnsConfig(CreateValidDnsConfig());
4872
4873 HostResolver::ResolveHostParameters parameters;
4874 parameters.source = HostResolverSource::DNS;
4875 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4876 HostPortPair("nx_fail", 80), NetworkAnonymizationKey(),
4877 NetLogWithSource(), parameters, resolve_context_.get()));
4878 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4879 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
4880 NetLogWithSource(), parameters, resolve_context_.get()));
4881 // Nothing should reach |proc_| on success, but let failures through to fail
4882 // instead of hanging.
4883 proc_->SignalMultiple(2u);
4884
4885 EXPECT_THAT(response0.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
4886 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
4887 }
4888
4889 // Fallback to proc on DnsClient change allowed with ANY source.
TEST_F(HostResolverManagerDnsTest,FallbackOnAbortBySource_Any)4890 TEST_F(HostResolverManagerDnsTest, FallbackOnAbortBySource_Any) {
4891 // Ensure fallback is otherwise allowed by resolver settings.
4892 set_allow_fallback_to_systemtask(true);
4893
4894 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
4895 // All other hostnames will fail in proc_.
4896
4897 ChangeDnsConfig(CreateValidDnsConfig());
4898
4899 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4900 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
4901 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4902 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4903 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
4904 NetLogWithSource(), std::nullopt, resolve_context_.get()));
4905 proc_->SignalMultiple(2u);
4906
4907 // Simulate the case when the preference or policy has disabled the insecure
4908 // DNS client causing AbortInsecureDnsTasks.
4909 resolver_->SetInsecureDnsClientEnabled(
4910 /*enabled=*/false,
4911 /*additional_dns_types_enabled=*/false);
4912
4913 // All requests should fallback to system resolver.
4914 EXPECT_THAT(response0.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
4915 EXPECT_THAT(response1.result_error(), IsOk());
4916 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
4917 testing::ElementsAre(CreateExpected("192.168.1.102", 80)));
4918 EXPECT_THAT(response1.request()->GetEndpointResults(),
4919 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
4920 testing::ElementsAre(CreateExpected("192.168.1.102", 80))))));
4921 }
4922
4923 // Fallback to system on DnsClient change not allowed with DNS source.
TEST_F(HostResolverManagerDnsTest,FallbackOnAbortBySource_Dns)4924 TEST_F(HostResolverManagerDnsTest, FallbackOnAbortBySource_Dns) {
4925 // Ensure fallback is otherwise allowed by resolver settings.
4926 set_allow_fallback_to_systemtask(true);
4927
4928 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102");
4929 // All other hostnames will fail in proc_.
4930
4931 ChangeDnsConfig(CreateValidDnsConfig());
4932
4933 HostResolver::ResolveHostParameters parameters;
4934 parameters.source = HostResolverSource::DNS;
4935 ResolveHostResponseHelper response0(resolver_->CreateRequest(
4936 HostPortPair("ok_fail", 80), NetworkAnonymizationKey(),
4937 NetLogWithSource(), parameters, resolve_context_.get()));
4938 ResolveHostResponseHelper response1(resolver_->CreateRequest(
4939 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
4940 NetLogWithSource(), parameters, resolve_context_.get()));
4941 // Nothing should reach |proc_| on success, but let failures through to fail
4942 // instead of hanging.
4943 proc_->SignalMultiple(2u);
4944
4945 // Simulate the case when the preference or policy has disabled the insecure
4946 // DNS client causing AbortInsecureDnsTasks.
4947 resolver_->SetInsecureDnsClientEnabled(
4948 /*enabled=*/false,
4949 /*additional_dns_types_enabled=*/false);
4950
4951 // No fallback expected. All requests should fail.
4952 EXPECT_THAT(response0.result_error(), IsError(ERR_NETWORK_CHANGED));
4953 EXPECT_THAT(response1.result_error(), IsError(ERR_NETWORK_CHANGED));
4954 }
4955
4956 // Insecure DnsClient change shouldn't affect secure DnsTasks.
TEST_F(HostResolverManagerDnsTest,DisableInsecureDnsClient_SecureDnsTasksUnaffected)4957 TEST_F(HostResolverManagerDnsTest,
4958 DisableInsecureDnsClient_SecureDnsTasksUnaffected) {
4959 // Ensure fallback is otherwise allowed by resolver settings.
4960 set_allow_fallback_to_systemtask(true);
4961
4962 proc_->AddRuleForAllFamilies("automatic", "192.168.1.102");
4963 // All other hostnames will fail in proc_.
4964
4965 ChangeDnsConfig(CreateValidDnsConfig());
4966 DnsConfigOverrides overrides;
4967 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
4968 resolver_->SetDnsConfigOverrides(overrides);
4969
4970 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
4971 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
4972 NetLogWithSource(),
4973 /* optional_parameters=*/std::nullopt, resolve_context_.get()));
4974 EXPECT_FALSE(response_secure.complete());
4975
4976 // Simulate the case when the preference or policy has disabled the insecure
4977 // DNS client causing AbortInsecureDnsTasks.
4978 resolver_->SetInsecureDnsClientEnabled(
4979 /*enabled=*/false,
4980 /*additional_dns_types_enabled*/ false);
4981
4982 EXPECT_THAT(response_secure.result_error(), IsOk());
4983 EXPECT_THAT(response_secure.request()->GetAddressResults()->endpoints(),
4984 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
4985 CreateExpected("::1", 80)));
4986 EXPECT_THAT(
4987 response_secure.request()->GetEndpointResults(),
4988 testing::Pointee(testing::ElementsAre(
4989 ExpectEndpointResult(testing::UnorderedElementsAre(
4990 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
4991 }
4992
TEST_F(HostResolverManagerDnsTest,DnsTaskUnspec)4993 TEST_F(HostResolverManagerDnsTest, DnsTaskUnspec) {
4994 ChangeDnsConfig(CreateValidDnsConfig());
4995
4996 proc_->AddRuleForAllFamilies("4nx", "192.168.1.101");
4997 // All other hostnames will fail in proc_.
4998
4999 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
5000 responses.emplace_back(
5001 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5002 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5003 std::nullopt, resolve_context_.get())));
5004 responses.emplace_back(
5005 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5006 HostPortPair("4ok", 80), NetworkAnonymizationKey(),
5007 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5008 responses.emplace_back(
5009 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5010 HostPortPair("6ok", 80), NetworkAnonymizationKey(),
5011 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5012 responses.emplace_back(
5013 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5014 HostPortPair("4nx", 80), NetworkAnonymizationKey(),
5015 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5016
5017 proc_->SignalMultiple(4u);
5018
5019 for (auto& response : responses) {
5020 EXPECT_THAT(response->result_error(), IsOk());
5021 }
5022
5023 EXPECT_THAT(responses[0]->request()->GetAddressResults()->endpoints(),
5024 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5025 CreateExpected("::1", 80)));
5026 EXPECT_THAT(
5027 responses[0]->request()->GetEndpointResults(),
5028 testing::Pointee(testing::ElementsAre(
5029 ExpectEndpointResult(testing::UnorderedElementsAre(
5030 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5031 EXPECT_THAT(responses[1]->request()->GetAddressResults()->endpoints(),
5032 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
5033 EXPECT_THAT(responses[1]->request()->GetEndpointResults(),
5034 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5035 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
5036 EXPECT_THAT(responses[2]->request()->GetAddressResults()->endpoints(),
5037 testing::ElementsAre(CreateExpected("::1", 80)));
5038 EXPECT_THAT(responses[2]->request()->GetEndpointResults(),
5039 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5040 testing::ElementsAre(CreateExpected("::1", 80))))));
5041 EXPECT_THAT(responses[3]->request()->GetAddressResults()->endpoints(),
5042 testing::ElementsAre(CreateExpected("192.168.1.101", 80)));
5043 EXPECT_THAT(responses[3]->request()->GetEndpointResults(),
5044 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5045 testing::ElementsAre(CreateExpected("192.168.1.101", 80))))));
5046 }
5047
TEST_F(HostResolverManagerDnsTest,NameCollisionIcann)5048 TEST_F(HostResolverManagerDnsTest, NameCollisionIcann) {
5049 ChangeDnsConfig(CreateValidDnsConfig());
5050
5051 // When the resolver returns an A record with 127.0.53.53 it should be
5052 // mapped to a special error.
5053 ResolveHostResponseHelper response_ipv4(resolver_->CreateRequest(
5054 HostPortPair("4collision", 80), NetworkAnonymizationKey(),
5055 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5056 EXPECT_THAT(response_ipv4.result_error(), IsError(ERR_ICANN_NAME_COLLISION));
5057 EXPECT_THAT(response_ipv4.request()->GetAddressResults(),
5058 AnyOf(nullptr, Pointee(IsEmpty())));
5059 EXPECT_THAT(response_ipv4.request()->GetEndpointResults(),
5060 AnyOf(nullptr, Pointee(IsEmpty())));
5061
5062 // When the resolver returns an AAAA record with ::127.0.53.53 it should
5063 // work just like any other IP. (Despite having the same suffix, it is not
5064 // considered special)
5065 ResolveHostResponseHelper response_ipv6(resolver_->CreateRequest(
5066 HostPortPair("6collision", 80), NetworkAnonymizationKey(),
5067 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5068 EXPECT_THAT(response_ipv6.result_error(), IsOk());
5069 EXPECT_THAT(response_ipv6.request()->GetAddressResults()->endpoints(),
5070 testing::ElementsAre(CreateExpected("::127.0.53.53", 80)));
5071 EXPECT_THAT(response_ipv6.request()->GetEndpointResults(),
5072 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5073 testing::ElementsAre(CreateExpected("::127.0.53.53", 80))))));
5074 }
5075
TEST_F(HostResolverManagerDnsTest,ServeFromHosts)5076 TEST_F(HostResolverManagerDnsTest, ServeFromHosts) {
5077 // Initially, use empty HOSTS file.
5078 DnsConfig config = CreateValidDnsConfig();
5079 ChangeDnsConfig(config);
5080
5081 proc_->AddRuleForAllFamilies(std::string(),
5082 std::string()); // Default to failures.
5083 proc_->SignalMultiple(1u); // For the first request which misses.
5084
5085 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
5086 HostPortPair("nx_ipv4", 80), NetworkAnonymizationKey(),
5087 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5088 EXPECT_THAT(initial_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5089
5090 IPAddress local_ipv4 = IPAddress::IPv4Localhost();
5091 IPAddress local_ipv6 = IPAddress::IPv6Localhost();
5092
5093 DnsHosts hosts;
5094 hosts[DnsHostsKey("nx_ipv4", ADDRESS_FAMILY_IPV4)] = local_ipv4;
5095 hosts[DnsHostsKey("nx_ipv6", ADDRESS_FAMILY_IPV6)] = local_ipv6;
5096 hosts[DnsHostsKey("nx_both", ADDRESS_FAMILY_IPV4)] = local_ipv4;
5097 hosts[DnsHostsKey("nx_both", ADDRESS_FAMILY_IPV6)] = local_ipv6;
5098
5099 // Update HOSTS file.
5100 config.hosts = hosts;
5101 ChangeDnsConfig(config);
5102
5103 ResolveHostResponseHelper response_ipv4(resolver_->CreateRequest(
5104 HostPortPair("nx_ipv4", 80), NetworkAnonymizationKey(),
5105 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5106 EXPECT_THAT(response_ipv4.result_error(), IsOk());
5107 EXPECT_THAT(response_ipv4.request()->GetAddressResults()->endpoints(),
5108 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
5109 EXPECT_THAT(response_ipv4.request()->GetEndpointResults(),
5110 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5111 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
5112 EXPECT_THAT(response_ipv4.request()->GetDnsAliasResults(),
5113 testing::Pointee(testing::IsEmpty()));
5114
5115 ResolveHostResponseHelper response_ipv6(resolver_->CreateRequest(
5116 HostPortPair("nx_ipv6", 80), NetworkAnonymizationKey(),
5117 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5118 EXPECT_THAT(response_ipv6.result_error(), IsOk());
5119 EXPECT_THAT(response_ipv6.request()->GetAddressResults()->endpoints(),
5120 testing::ElementsAre(CreateExpected("::1", 80)));
5121 EXPECT_THAT(response_ipv6.request()->GetEndpointResults(),
5122 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5123 testing::ElementsAre(CreateExpected("::1", 80))))));
5124 EXPECT_THAT(response_ipv6.request()->GetDnsAliasResults(),
5125 testing::Pointee(testing::IsEmpty()));
5126
5127 ResolveHostResponseHelper response_both(resolver_->CreateRequest(
5128 HostPortPair("nx_both", 80), NetworkAnonymizationKey(),
5129 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5130 EXPECT_THAT(response_both.result_error(), IsOk());
5131 EXPECT_THAT(response_both.request()->GetAddressResults()->endpoints(),
5132 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5133 CreateExpected("::1", 80)));
5134 EXPECT_THAT(
5135 response_both.request()->GetEndpointResults(),
5136 testing::Pointee(testing::ElementsAre(
5137 ExpectEndpointResult(testing::UnorderedElementsAre(
5138 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5139 EXPECT_THAT(response_both.request()->GetDnsAliasResults(),
5140 testing::Pointee(testing::IsEmpty()));
5141
5142 // Requests with specified DNS query type.
5143 HostResolver::ResolveHostParameters parameters;
5144
5145 parameters.dns_query_type = DnsQueryType::A;
5146 ResolveHostResponseHelper response_specified_ipv4(resolver_->CreateRequest(
5147 HostPortPair("nx_ipv4", 80), NetworkAnonymizationKey(),
5148 NetLogWithSource(), parameters, resolve_context_.get()));
5149 EXPECT_THAT(response_specified_ipv4.result_error(), IsOk());
5150 EXPECT_THAT(
5151 response_specified_ipv4.request()->GetAddressResults()->endpoints(),
5152 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
5153 EXPECT_THAT(response_specified_ipv4.request()->GetEndpointResults(),
5154 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5155 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
5156 EXPECT_THAT(response_specified_ipv4.request()->GetDnsAliasResults(),
5157 testing::Pointee(testing::IsEmpty()));
5158
5159 parameters.dns_query_type = DnsQueryType::AAAA;
5160 ResolveHostResponseHelper response_specified_ipv6(resolver_->CreateRequest(
5161 HostPortPair("nx_ipv6", 80), NetworkAnonymizationKey(),
5162 NetLogWithSource(), parameters, resolve_context_.get()));
5163 EXPECT_THAT(response_specified_ipv6.result_error(), IsOk());
5164 EXPECT_THAT(
5165 response_specified_ipv6.request()->GetAddressResults()->endpoints(),
5166 testing::ElementsAre(CreateExpected("::1", 80)));
5167 EXPECT_THAT(response_specified_ipv6.request()->GetEndpointResults(),
5168 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5169 testing::ElementsAre(CreateExpected("::1", 80))))));
5170 EXPECT_THAT(response_specified_ipv6.request()->GetDnsAliasResults(),
5171 testing::Pointee(testing::IsEmpty()));
5172 }
5173
TEST_F(HostResolverManagerDnsTest,SkipHostsWithUpcomingHostResolverSystemTask)5174 TEST_F(HostResolverManagerDnsTest,
5175 SkipHostsWithUpcomingHostResolverSystemTask) {
5176 // Disable the DnsClient.
5177 resolver_->SetInsecureDnsClientEnabled(
5178 /*enabled=*/false,
5179 /*additional_dns_types_enabled=*/false);
5180
5181 proc_->AddRuleForAllFamilies(std::string(),
5182 std::string()); // Default to failures.
5183 proc_->SignalMultiple(1u); // For the first request which misses.
5184
5185 DnsConfig config = CreateValidDnsConfig();
5186 DnsHosts hosts;
5187 hosts[DnsHostsKey("hosts", ADDRESS_FAMILY_IPV4)] = IPAddress::IPv4Localhost();
5188
5189 // Update HOSTS file.
5190 config.hosts = hosts;
5191 ChangeDnsConfig(config);
5192
5193 ResolveHostResponseHelper response(resolver_->CreateRequest(
5194 HostPortPair("hosts", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5195 std::nullopt, resolve_context_.get()));
5196 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5197 }
5198
5199 // Test that hosts ending in ".local" or ".local." are resolved using the system
5200 // resolver.
TEST_F(HostResolverManagerDnsTest,BypassDnsTask)5201 TEST_F(HostResolverManagerDnsTest, BypassDnsTask) {
5202 ChangeDnsConfig(CreateValidDnsConfig());
5203
5204 proc_->AddRuleForAllFamilies(std::string(),
5205 std::string()); // Default to failures.
5206
5207 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
5208
5209 responses.emplace_back(
5210 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5211 HostPortPair("ok.local", 80), NetworkAnonymizationKey(),
5212 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5213 responses.emplace_back(
5214 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5215 HostPortPair("ok.local.", 80), NetworkAnonymizationKey(),
5216 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5217 responses.emplace_back(
5218 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5219 HostPortPair("oklocal", 80), NetworkAnonymizationKey(),
5220 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5221 responses.emplace_back(
5222 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5223 HostPortPair("oklocal.", 80), NetworkAnonymizationKey(),
5224 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5225 responses.emplace_back(
5226 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5227 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5228 std::nullopt, resolve_context_.get())));
5229
5230 proc_->SignalMultiple(5u);
5231
5232 for (size_t i = 0; i < 2; ++i)
5233 EXPECT_THAT(responses[i]->result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5234
5235 for (size_t i = 2; i < responses.size(); ++i)
5236 EXPECT_THAT(responses[i]->result_error(), IsOk());
5237 }
5238
5239 #if BUILDFLAG(ENABLE_MDNS)
5240 // Test that non-address queries for hosts ending in ".local" are resolved using
5241 // the MDNS resolver.
TEST_F(HostResolverManagerDnsTest,BypassDnsToMdnsWithNonAddress)5242 TEST_F(HostResolverManagerDnsTest, BypassDnsToMdnsWithNonAddress) {
5243 // Ensure DNS task and system requests will fail.
5244 MockDnsClientRuleList rules;
5245 rules.emplace_back(
5246 "myhello.local", dns_protocol::kTypeTXT, false /* secure */,
5247 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
5248 false /* delay */);
5249 CreateResolver();
5250 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
5251 proc_->AddRuleForAllFamilies(std::string(), std::string());
5252
5253 auto socket_factory = std::make_unique<MockMDnsSocketFactory>();
5254 MockMDnsSocketFactory* socket_factory_ptr = socket_factory.get();
5255 resolver_->SetMdnsSocketFactoryForTesting(std::move(socket_factory));
5256 // 2 socket creations for every transaction.
5257 EXPECT_CALL(*socket_factory_ptr, OnSendTo(_)).Times(2);
5258
5259 HostResolver::ResolveHostParameters dns_parameters;
5260 dns_parameters.dns_query_type = DnsQueryType::TXT;
5261
5262 ResolveHostResponseHelper response(resolver_->CreateRequest(
5263 HostPortPair("myhello.local", 80), NetworkAnonymizationKey(),
5264 NetLogWithSource(), dns_parameters, resolve_context_.get()));
5265
5266 socket_factory_ptr->SimulateReceive(kMdnsResponseTxt,
5267 sizeof(kMdnsResponseTxt));
5268 proc_->SignalMultiple(1u);
5269
5270 EXPECT_THAT(response.result_error(), IsOk());
5271 EXPECT_THAT(response.request()->GetTextResults(),
5272 testing::Pointee(testing::ElementsAre("foo", "bar")));
5273 }
5274 #endif // BUILDFLAG(ENABLE_MDNS)
5275
5276 // Test that DNS task is always used when explicitly requested as the source,
5277 // even with a case that would normally bypass it eg hosts ending in ".local".
TEST_F(HostResolverManagerDnsTest,DnsNotBypassedWhenDnsSource)5278 TEST_F(HostResolverManagerDnsTest, DnsNotBypassedWhenDnsSource) {
5279 // Ensure DNS task requests will succeed and system requests will fail.
5280 ChangeDnsConfig(CreateValidDnsConfig());
5281 proc_->AddRuleForAllFamilies(std::string(), std::string());
5282
5283 HostResolver::ResolveHostParameters dns_parameters;
5284 dns_parameters.source = HostResolverSource::DNS;
5285
5286 ResolveHostResponseHelper dns_response(resolver_->CreateRequest(
5287 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5288 dns_parameters, resolve_context_.get()));
5289 ResolveHostResponseHelper dns_local_response(resolver_->CreateRequest(
5290 HostPortPair("ok.local", 80), NetworkAnonymizationKey(),
5291 NetLogWithSource(), dns_parameters, resolve_context_.get()));
5292 ResolveHostResponseHelper normal_local_response(resolver_->CreateRequest(
5293 HostPortPair("ok.local", 80), NetworkAnonymizationKey(),
5294 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5295
5296 proc_->SignalMultiple(3u);
5297
5298 EXPECT_THAT(dns_response.result_error(), IsOk());
5299 EXPECT_THAT(dns_local_response.result_error(), IsOk());
5300 EXPECT_THAT(normal_local_response.result_error(),
5301 IsError(ERR_NAME_NOT_RESOLVED));
5302 }
5303
TEST_F(HostResolverManagerDnsTest,SystemOnlyBypassesDnsTask)5304 TEST_F(HostResolverManagerDnsTest, SystemOnlyBypassesDnsTask) {
5305 // Ensure DNS task requests will succeed and system requests will fail.
5306 ChangeDnsConfig(CreateValidDnsConfig());
5307 proc_->AddRuleForAllFamilies(std::string(), std::string());
5308
5309 ResolveHostResponseHelper dns_response(resolver_->CreateRequest(
5310 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5311 std::nullopt, resolve_context_.get()));
5312
5313 HostResolver::ResolveHostParameters parameters;
5314 parameters.source = HostResolverSource::SYSTEM;
5315 ResolveHostResponseHelper system_response(resolver_->CreateRequest(
5316 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5317 parameters, resolve_context_.get()));
5318
5319 proc_->SignalMultiple(2u);
5320
5321 EXPECT_THAT(dns_response.result_error(), IsOk());
5322 EXPECT_THAT(system_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5323 }
5324
TEST_F(HostResolverManagerDnsTest,DisableInsecureDnsClientOnPersistentFailure)5325 TEST_F(HostResolverManagerDnsTest,
5326 DisableInsecureDnsClientOnPersistentFailure) {
5327 ChangeDnsConfig(CreateValidDnsConfig());
5328
5329 // Check that DnsTask works.
5330 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
5331 HostPortPair("ok_1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5332 std::nullopt, resolve_context_.get()));
5333 EXPECT_THAT(initial_response.result_error(), IsOk());
5334
5335 TriggerInsecureFailureCondition();
5336
5337 // Insecure DnsTasks should be disabled by now unless explicitly requested via
5338 // |source|.
5339 ResolveHostResponseHelper fail_response(resolver_->CreateRequest(
5340 HostPortPair("ok_2", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5341 std::nullopt, resolve_context_.get()));
5342 HostResolver::ResolveHostParameters parameters;
5343 parameters.source = HostResolverSource::DNS;
5344 ResolveHostResponseHelper dns_response(resolver_->CreateRequest(
5345 HostPortPair("ok_2", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5346 parameters, resolve_context_.get()));
5347 proc_->SignalMultiple(2u);
5348 EXPECT_THAT(fail_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
5349 EXPECT_THAT(dns_response.result_error(), IsOk());
5350
5351 // Check that it is re-enabled after DNS change.
5352 ChangeDnsConfig(CreateValidDnsConfig());
5353 ResolveHostResponseHelper reenabled_response(resolver_->CreateRequest(
5354 HostPortPair("ok_3", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5355 std::nullopt, resolve_context_.get()));
5356 EXPECT_THAT(reenabled_response.result_error(), IsOk());
5357 }
5358
TEST_F(HostResolverManagerDnsTest,SecureDnsWorksAfterInsecureFailure)5359 TEST_F(HostResolverManagerDnsTest, SecureDnsWorksAfterInsecureFailure) {
5360 DnsConfig config = CreateValidDnsConfig();
5361 config.secure_dns_mode = SecureDnsMode::kSecure;
5362 ChangeDnsConfig(config);
5363
5364 TriggerInsecureFailureCondition();
5365
5366 // Secure DnsTasks should not be affected.
5367 ResolveHostResponseHelper secure_response(resolver_->CreateRequest(
5368 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5369 /* optional_parameters=*/std::nullopt, resolve_context_.get()));
5370 EXPECT_THAT(secure_response.result_error(), IsOk());
5371 }
5372
TEST_F(HostResolverManagerDnsTest,DontDisableDnsClientOnSporadicFailure)5373 TEST_F(HostResolverManagerDnsTest, DontDisableDnsClientOnSporadicFailure) {
5374 ChangeDnsConfig(CreateValidDnsConfig());
5375
5376 // |proc_| defaults to successes.
5377
5378 // 20 failures interleaved with 20 successes.
5379 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
5380 for (unsigned i = 0; i < 40; ++i) {
5381 // Use custom names to require separate Jobs.
5382 std::string hostname = (i % 2) == 0 ? base::StringPrintf("nx_%u", i)
5383 : base::StringPrintf("ok_%u", i);
5384 responses.emplace_back(
5385 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5386 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
5387 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5388 }
5389
5390 proc_->SignalMultiple(40u);
5391
5392 for (const auto& response : responses)
5393 EXPECT_THAT(response->result_error(), IsOk());
5394
5395 // Make |proc_| default to failures.
5396 proc_->AddRuleForAllFamilies(std::string(), std::string());
5397
5398 // DnsTask should still be enabled.
5399 ResolveHostResponseHelper final_response(resolver_->CreateRequest(
5400 HostPortPair("ok_last", 80), NetworkAnonymizationKey(),
5401 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5402 EXPECT_THAT(final_response.result_error(), IsOk());
5403 }
5404
Ipv6UnreachableTest(bool is_async)5405 void HostResolverManagerDnsTest::Ipv6UnreachableTest(bool is_async) {
5406 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5407 false /* ipv6_reachable */,
5408 true /* check_ipv6_on_wifi */, is_async);
5409 ChangeDnsConfig(CreateValidDnsConfig());
5410
5411 ResolveHostResponseHelper response(resolver_->CreateRequest(
5412 HostPortPair("ok", 500), NetworkAnonymizationKey(), NetLogWithSource(),
5413 std::nullopt, resolve_context_.get()));
5414 EXPECT_THAT(response.result_error(), IsOk());
5415
5416 // Only expect IPv4 results.
5417 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
5418 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 500)));
5419 EXPECT_THAT(response.request()->GetEndpointResults(),
5420 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5421 testing::ElementsAre(CreateExpected("127.0.0.1", 500))))));
5422 }
5423
TEST_F(HostResolverManagerDnsTest,Ipv6UnreachableAsync)5424 TEST_F(HostResolverManagerDnsTest, Ipv6UnreachableAsync) {
5425 Ipv6UnreachableTest(true);
5426 }
5427
TEST_F(HostResolverManagerDnsTest,Ipv6UnreachableSync)5428 TEST_F(HostResolverManagerDnsTest, Ipv6UnreachableSync) {
5429 Ipv6UnreachableTest(false);
5430 }
5431
Ipv6UnreachableInvalidConfigTest(bool is_async)5432 void HostResolverManagerDnsTest::Ipv6UnreachableInvalidConfigTest(
5433 bool is_async) {
5434 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5435 false /* ipv6_reachable */,
5436 true /* check_ipv6_on_wifi */, is_async);
5437
5438 proc_->AddRule("example.com", ADDRESS_FAMILY_UNSPECIFIED, "1.2.3.4,::5");
5439 proc_->SignalMultiple(1u);
5440
5441 ResolveHostResponseHelper response(resolver_->CreateRequest(
5442 HostPortPair("example.com", 500), NetworkAnonymizationKey(),
5443 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5444 EXPECT_THAT(response.result_error(), IsOk());
5445 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
5446 testing::UnorderedElementsAre(CreateExpected("1.2.3.4", 500),
5447 CreateExpected("::5", 500)));
5448 EXPECT_THAT(
5449 response.request()->GetEndpointResults(),
5450 testing::Pointee(testing::ElementsAre(
5451 ExpectEndpointResult(testing::UnorderedElementsAre(
5452 CreateExpected("::5", 500), CreateExpected("1.2.3.4", 500))))));
5453 }
5454 // Without a valid DnsConfig, assume IPv6 is needed and ignore prober.
TEST_F(HostResolverManagerDnsTest,Ipv6Unreachable_InvalidConfigAsync)5455 TEST_F(HostResolverManagerDnsTest, Ipv6Unreachable_InvalidConfigAsync) {
5456 Ipv6UnreachableInvalidConfigTest(true);
5457 }
5458
TEST_F(HostResolverManagerDnsTest,Ipv6Unreachable_InvalidConfigSync)5459 TEST_F(HostResolverManagerDnsTest, Ipv6Unreachable_InvalidConfigSync) {
5460 Ipv6UnreachableInvalidConfigTest(false);
5461 }
5462
TEST_F(HostResolverManagerDnsTest,Ipv6Unreachable_UseLocalIpv6)5463 TEST_F(HostResolverManagerDnsTest, Ipv6Unreachable_UseLocalIpv6) {
5464 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5465 false /* ipv6_reachable */,
5466 true /* check_ipv6_on_wifi */);
5467
5468 DnsConfig config = CreateValidDnsConfig();
5469 config.use_local_ipv6 = true;
5470 ChangeDnsConfig(config);
5471
5472 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5473 HostPortPair("ok", 500), NetworkAnonymizationKey(), NetLogWithSource(),
5474 std::nullopt, resolve_context_.get()));
5475 EXPECT_THAT(response1.result_error(), IsOk());
5476 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
5477 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 500),
5478 CreateExpected("::1", 500)));
5479 EXPECT_THAT(
5480 response1.request()->GetEndpointResults(),
5481 testing::Pointee(testing::ElementsAre(
5482 ExpectEndpointResult(testing::UnorderedElementsAre(
5483 CreateExpected("::1", 500), CreateExpected("127.0.0.1", 500))))));
5484
5485 // Set |use_local_ipv6| to false. Expect only IPv4 results.
5486 config.use_local_ipv6 = false;
5487 ChangeDnsConfig(config);
5488
5489 ResolveHostResponseHelper response2(resolver_->CreateRequest(
5490 HostPortPair("ok", 500), NetworkAnonymizationKey(), NetLogWithSource(),
5491 std::nullopt, resolve_context_.get()));
5492 EXPECT_THAT(response2.result_error(), IsOk());
5493 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
5494 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 500)));
5495 EXPECT_THAT(response2.request()->GetEndpointResults(),
5496 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5497 testing::ElementsAre(CreateExpected("127.0.0.1", 500))))));
5498 }
5499
5500 // Confirm that resolving "localhost" is unrestricted even if there are no
5501 // global IPv6 address. See SystemHostResolverCall for rationale.
5502 // Test both the DnsClient and system host resolver paths.
TEST_F(HostResolverManagerDnsTest,Ipv6Unreachable_Localhost)5503 TEST_F(HostResolverManagerDnsTest, Ipv6Unreachable_Localhost) {
5504 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5505 false /* ipv6_reachable */,
5506 true /* check_ipv6_on_wifi */);
5507
5508 // Make request fail if we actually get to the system resolver.
5509 proc_->AddRuleForAllFamilies(std::string(), std::string());
5510
5511 // Try without DnsClient.
5512 resolver_->SetInsecureDnsClientEnabled(
5513 /*enabled=*/false,
5514 /*additional_dns_types_enabled=*/false);
5515 ResolveHostResponseHelper system_response(resolver_->CreateRequest(
5516 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
5517 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5518 EXPECT_THAT(system_response.result_error(), IsOk());
5519 EXPECT_THAT(system_response.request()->GetAddressResults()->endpoints(),
5520 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5521 CreateExpected("::1", 80)));
5522 EXPECT_THAT(
5523 system_response.request()->GetEndpointResults(),
5524 testing::Pointee(testing::ElementsAre(
5525 ExpectEndpointResult(testing::UnorderedElementsAre(
5526 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5527
5528 // With DnsClient
5529 UseMockDnsClient(CreateValidDnsConfig(), CreateDefaultDnsRules());
5530 ResolveHostResponseHelper builtin_response(resolver_->CreateRequest(
5531 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
5532 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5533 EXPECT_THAT(builtin_response.result_error(), IsOk());
5534 EXPECT_THAT(builtin_response.request()->GetAddressResults()->endpoints(),
5535 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5536 CreateExpected("::1", 80)));
5537 EXPECT_THAT(
5538 builtin_response.request()->GetEndpointResults(),
5539 testing::Pointee(testing::ElementsAre(
5540 ExpectEndpointResult(testing::UnorderedElementsAre(
5541 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5542
5543 // DnsClient configured without ipv6 (but ipv6 should still work for
5544 // localhost).
5545 DnsConfig config = CreateValidDnsConfig();
5546 config.use_local_ipv6 = false;
5547 ChangeDnsConfig(config);
5548 ResolveHostResponseHelper ipv6_disabled_response(resolver_->CreateRequest(
5549 HostPortPair("localhost", 80), NetworkAnonymizationKey(),
5550 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5551 EXPECT_THAT(ipv6_disabled_response.result_error(), IsOk());
5552 EXPECT_THAT(
5553 ipv6_disabled_response.request()->GetAddressResults()->endpoints(),
5554 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5555 CreateExpected("::1", 80)));
5556 EXPECT_THAT(
5557 ipv6_disabled_response.request()->GetEndpointResults(),
5558 testing::Pointee(testing::ElementsAre(
5559 ExpectEndpointResult(testing::UnorderedElementsAre(
5560 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5561 }
5562
5563 // Test that IPv6 being unreachable only causes the AAAA query to be disabled,
5564 // rather than querying only for A. See https://crbug.com/1272055.
TEST_F(HostResolverManagerDnsTest,Ipv6UnreachableOnlyDisablesAAAAQuery)5565 TEST_F(HostResolverManagerDnsTest, Ipv6UnreachableOnlyDisablesAAAAQuery) {
5566 const std::string kName = "https.test";
5567
5568 base::test::ScopedFeatureList features;
5569 features.InitAndEnableFeatureWithParameters(
5570 features::kUseDnsHttpsSvcb,
5571 {// Disable timeouts.
5572 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
5573 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
5574 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
5575 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
5576 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
5577 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
5578
5579 MockDnsClientRuleList rules;
5580 std::vector<DnsResourceRecord> records = {
5581 BuildTestHttpsAliasRecord(kName, "alias.test")};
5582 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
5583 MockDnsClientRule::Result(BuildTestDnsResponse(
5584 kName, dns_protocol::kTypeHttps, records)),
5585 /*delay=*/false);
5586 rules.emplace_back(
5587 kName, dns_protocol::kTypeA, /*secure=*/false,
5588 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5589 /*delay=*/false);
5590 rules.emplace_back(
5591 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
5592 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
5593 /*delay=*/false);
5594
5595 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5596 /*ipv6_reachable=*/false,
5597 /*check_ipv6_on_wifi=*/true);
5598 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
5599
5600 ResolveHostResponseHelper response(resolver_->CreateRequest(
5601 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
5602 NetworkAnonymizationKey(), NetLogWithSource(),
5603 /*optional_parameters=*/std::nullopt, resolve_context_.get()));
5604 EXPECT_THAT(response.result_error(), IsOk());
5605 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
5606 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 443)));
5607 EXPECT_THAT(
5608 response.request()->GetEndpointResults(),
5609 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5610 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 443))))));
5611 EXPECT_THAT(response.request()->GetHostnameResults(),
5612 AnyOf(nullptr, Pointee(IsEmpty())));
5613 EXPECT_THAT(response.request()->GetTextResults(),
5614 AnyOf(nullptr, Pointee(IsEmpty())));
5615 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
5616 testing::Pointee(testing::ElementsAre(true)));
5617 }
5618
TEST_F(HostResolverManagerDnsTest,SeparateJobsBySecureDnsMode)5619 TEST_F(HostResolverManagerDnsTest, SeparateJobsBySecureDnsMode) {
5620 MockDnsClientRuleList rules;
5621 rules.emplace_back(
5622 "a", dns_protocol::kTypeA, true /* secure */,
5623 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5624 false /* delay */);
5625 rules.emplace_back(
5626 "a", dns_protocol::kTypeAAAA, true /* secure */,
5627 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5628 false /* delay */);
5629 rules.emplace_back(
5630 "a", dns_protocol::kTypeA, false /* secure */,
5631 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5632 true /* delay */);
5633 rules.emplace_back(
5634 "a", dns_protocol::kTypeAAAA, false /* secure */,
5635 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5636 true /* delay */);
5637 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
5638 DnsConfigOverrides overrides;
5639 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
5640 resolver_->SetDnsConfigOverrides(overrides);
5641
5642 // Create three requests. One with a DISABLE policy parameter, one with no
5643 // resolution parameters at all, and one with an ALLOW policy parameter
5644 // (which is a no-op).
5645 HostResolver::ResolveHostParameters parameters_disable_secure;
5646 parameters_disable_secure.secure_dns_policy = SecureDnsPolicy::kDisable;
5647 ResolveHostResponseHelper insecure_response(resolver_->CreateRequest(
5648 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5649 parameters_disable_secure, resolve_context_.get()));
5650 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
5651
5652 ResolveHostResponseHelper automatic_response0(resolver_->CreateRequest(
5653 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5654 std::nullopt, resolve_context_.get()));
5655 EXPECT_EQ(2u, resolver_->num_jobs_for_testing());
5656
5657 HostResolver::ResolveHostParameters parameters_allow_secure;
5658 parameters_allow_secure.secure_dns_policy = SecureDnsPolicy::kAllow;
5659 ResolveHostResponseHelper automatic_response1(resolver_->CreateRequest(
5660 HostPortPair("a", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5661 parameters_allow_secure, resolve_context_.get()));
5662 // The AUTOMATIC mode requests should be joined into the same job.
5663 EXPECT_EQ(2u, resolver_->num_jobs_for_testing());
5664
5665 // Automatic mode requests have completed. Insecure request is still blocked.
5666 base::RunLoop().RunUntilIdle();
5667 EXPECT_FALSE(insecure_response.complete());
5668 EXPECT_TRUE(automatic_response0.complete());
5669 EXPECT_TRUE(automatic_response1.complete());
5670 EXPECT_THAT(automatic_response0.result_error(), IsOk());
5671 EXPECT_THAT(automatic_response1.result_error(), IsOk());
5672
5673 // Complete insecure transaction.
5674 mock_dns_client_->CompleteDelayedTransactions();
5675 EXPECT_TRUE(insecure_response.complete());
5676 EXPECT_THAT(insecure_response.result_error(), IsOk());
5677 }
5678
5679 // Cancel a request with a single DNS transaction active.
TEST_F(HostResolverManagerDnsTest,CancelWithOneTransactionActive)5680 TEST_F(HostResolverManagerDnsTest, CancelWithOneTransactionActive) {
5681 // Disable ipv6 to ensure we'll only try a single transaction for the host.
5682 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
5683 false /* ipv6_reachable */,
5684 true /* check_ipv6_on_wifi */);
5685 DnsConfig config = CreateValidDnsConfig();
5686 config.use_local_ipv6 = false;
5687 ChangeDnsConfig(config);
5688
5689 ResolveHostResponseHelper response(resolver_->CreateRequest(
5690 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5691 std::nullopt, resolve_context_.get()));
5692 ASSERT_FALSE(response.complete());
5693 ASSERT_EQ(1u, num_running_dispatcher_jobs());
5694
5695 response.CancelRequest();
5696 base::RunLoop().RunUntilIdle();
5697 EXPECT_FALSE(response.complete());
5698
5699 // Dispatcher state checked in TearDown.
5700 }
5701
5702 // Cancel a request with a single DNS transaction active and another pending.
TEST_F(HostResolverManagerDnsTest,CancelWithOneTransactionActiveOnePending)5703 TEST_F(HostResolverManagerDnsTest, CancelWithOneTransactionActiveOnePending) {
5704 CreateSerialResolver();
5705 ChangeDnsConfig(CreateValidDnsConfig());
5706
5707 ResolveHostResponseHelper response(resolver_->CreateRequest(
5708 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5709 std::nullopt, resolve_context_.get()));
5710 EXPECT_EQ(1u, num_running_dispatcher_jobs());
5711
5712 response.CancelRequest();
5713 base::RunLoop().RunUntilIdle();
5714 EXPECT_FALSE(response.complete());
5715
5716 // Dispatcher state checked in TearDown.
5717 }
5718
5719 // Cancel a request with two DNS transactions active.
TEST_F(HostResolverManagerDnsTest,CancelWithTwoTransactionsActive)5720 TEST_F(HostResolverManagerDnsTest, CancelWithTwoTransactionsActive) {
5721 ChangeDnsConfig(CreateValidDnsConfig());
5722
5723 ResolveHostResponseHelper response(resolver_->CreateRequest(
5724 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5725 std::nullopt, resolve_context_.get()));
5726 EXPECT_EQ(2u, num_running_dispatcher_jobs());
5727
5728 response.CancelRequest();
5729 base::RunLoop().RunUntilIdle();
5730 EXPECT_FALSE(response.complete());
5731
5732 // Dispatcher state checked in TearDown.
5733 }
5734
5735 // Delete a resolver with some active requests and some queued requests.
TEST_F(HostResolverManagerDnsTest,DeleteWithActiveTransactions)5736 TEST_F(HostResolverManagerDnsTest, DeleteWithActiveTransactions) {
5737 // At most 10 Jobs active at once.
5738 CreateResolverWithLimitsAndParams(10u, DefaultParams(proc_),
5739 true /* ipv6_reachable */,
5740 true /* check_ipv6_on_wifi */);
5741
5742 ChangeDnsConfig(CreateValidDnsConfig());
5743
5744 // Add 12 DNS lookups (creating well more than 10 transaction).
5745 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
5746 for (int i = 0; i < 12; ++i) {
5747 std::string hostname = base::StringPrintf("ok%i", i);
5748 responses.emplace_back(
5749 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5750 HostPortPair(hostname, 80), NetworkAnonymizationKey(),
5751 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5752 }
5753 EXPECT_EQ(10u, num_running_dispatcher_jobs());
5754
5755 DestroyResolver();
5756
5757 base::RunLoop().RunUntilIdle();
5758 for (auto& response : responses) {
5759 EXPECT_FALSE(response->complete());
5760 }
5761 }
5762
TEST_F(HostResolverManagerDnsTest,DeleteWithSecureTransactions)5763 TEST_F(HostResolverManagerDnsTest, DeleteWithSecureTransactions) {
5764 ChangeDnsConfig(CreateValidDnsConfig());
5765 DnsConfigOverrides overrides;
5766 overrides.secure_dns_mode = SecureDnsMode::kSecure;
5767 resolver_->SetDnsConfigOverrides(overrides);
5768
5769 ResolveHostResponseHelper response(resolver_->CreateRequest(
5770 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5771 std::nullopt, resolve_context_.get()));
5772
5773 DestroyResolver();
5774
5775 base::RunLoop().RunUntilIdle();
5776 EXPECT_FALSE(response.complete());
5777 }
5778
TEST_F(HostResolverManagerDnsTest,DeleteWithCompletedRequests)5779 TEST_F(HostResolverManagerDnsTest, DeleteWithCompletedRequests) {
5780 ChangeDnsConfig(CreateValidDnsConfig());
5781
5782 ResolveHostResponseHelper response(resolver_->CreateRequest(
5783 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
5784 std::nullopt, resolve_context_.get()));
5785
5786 EXPECT_THAT(response.result_error(), IsOk());
5787 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
5788 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5789 CreateExpected("::1", 80)));
5790 EXPECT_THAT(
5791 response.request()->GetEndpointResults(),
5792 testing::Pointee(testing::ElementsAre(
5793 ExpectEndpointResult(testing::UnorderedElementsAre(
5794 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5795
5796 DestroyResolver();
5797
5798 // Completed requests should be unaffected by manager destruction.
5799 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
5800 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5801 CreateExpected("::1", 80)));
5802 EXPECT_THAT(
5803 response.request()->GetEndpointResults(),
5804 testing::Pointee(testing::ElementsAre(
5805 ExpectEndpointResult(testing::UnorderedElementsAre(
5806 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5807 }
5808
5809 // Cancel a request with only the IPv6 transaction active.
TEST_F(HostResolverManagerDnsTest,CancelWithIPv6TransactionActive)5810 TEST_F(HostResolverManagerDnsTest, CancelWithIPv6TransactionActive) {
5811 ChangeDnsConfig(CreateValidDnsConfig());
5812
5813 ResolveHostResponseHelper response(resolver_->CreateRequest(
5814 HostPortPair("6slow_ok", 80), NetworkAnonymizationKey(),
5815 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5816 EXPECT_EQ(2u, num_running_dispatcher_jobs());
5817
5818 // The IPv4 request should complete, the IPv6 request is still pending.
5819 base::RunLoop().RunUntilIdle();
5820 EXPECT_EQ(1u, num_running_dispatcher_jobs());
5821
5822 response.CancelRequest();
5823 base::RunLoop().RunUntilIdle();
5824 EXPECT_FALSE(response.complete());
5825
5826 // Dispatcher state checked in TearDown.
5827 }
5828
5829 // Cancel a request with only the IPv4 transaction pending.
TEST_F(HostResolverManagerDnsTest,CancelWithIPv4TransactionPending)5830 TEST_F(HostResolverManagerDnsTest, CancelWithIPv4TransactionPending) {
5831 set_allow_fallback_to_systemtask(false);
5832 ChangeDnsConfig(CreateValidDnsConfig());
5833
5834 ResolveHostResponseHelper response(resolver_->CreateRequest(
5835 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
5836 NetLogWithSource(), std::nullopt, resolve_context_.get()));
5837 EXPECT_EQ(2u, num_running_dispatcher_jobs());
5838
5839 // The IPv6 request should complete, the IPv4 request is still pending.
5840 base::RunLoop().RunUntilIdle();
5841 EXPECT_EQ(1u, num_running_dispatcher_jobs());
5842
5843 response.CancelRequest();
5844 base::RunLoop().RunUntilIdle();
5845 EXPECT_FALSE(response.complete());
5846 }
5847
TEST_F(HostResolverManagerDnsTest,CancelWithAutomaticModeTransactionPending)5848 TEST_F(HostResolverManagerDnsTest, CancelWithAutomaticModeTransactionPending) {
5849 MockDnsClientRuleList rules;
5850 rules.emplace_back(
5851 "secure_6slow_6nx_insecure_6slow_ok", dns_protocol::kTypeA,
5852 true /* secure */,
5853 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5854 false /* delay */);
5855 rules.emplace_back(
5856 "secure_6slow_6nx_insecure_6slow_ok", dns_protocol::kTypeAAAA,
5857 true /* secure */,
5858 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
5859 true /* delay */);
5860 rules.emplace_back(
5861 "secure_6slow_6nx_insecure_6slow_ok", dns_protocol::kTypeA,
5862 false /* secure */,
5863 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5864 false /* delay */);
5865 rules.emplace_back(
5866 "secure_6slow_6nx_insecure_6slow_ok", dns_protocol::kTypeAAAA,
5867 false /* secure */,
5868 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5869 true /* delay */);
5870 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
5871
5872 DnsConfigOverrides overrides;
5873 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
5874 resolver_->SetDnsConfigOverrides(overrides);
5875
5876 ResolveHostResponseHelper response0(resolver_->CreateRequest(
5877 HostPortPair("secure_6slow_6nx_insecure_6slow_ok", 80),
5878 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
5879 resolve_context_.get()));
5880 EXPECT_EQ(0u, num_running_dispatcher_jobs());
5881
5882 // The secure IPv4 request should complete, the secure IPv6 request is still
5883 // pending.
5884 base::RunLoop().RunUntilIdle();
5885 EXPECT_EQ(0u, num_running_dispatcher_jobs());
5886
5887 response0.CancelRequest();
5888 base::RunLoop().RunUntilIdle();
5889 EXPECT_FALSE(response0.complete());
5890 EXPECT_EQ(0u, num_running_dispatcher_jobs());
5891
5892 ResolveHostResponseHelper response1(resolver_->CreateRequest(
5893 HostPortPair("secure_6slow_6nx_insecure_6slow_ok", 80),
5894 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
5895 resolve_context_.get()));
5896 EXPECT_EQ(0u, num_running_dispatcher_jobs());
5897
5898 // The secure IPv4 request should complete, the secure IPv6 request is still
5899 // pending.
5900 base::RunLoop().RunUntilIdle();
5901 EXPECT_EQ(0u, num_running_dispatcher_jobs());
5902
5903 // Let the secure IPv6 request complete and start the insecure requests.
5904 mock_dns_client_->CompleteDelayedTransactions();
5905 EXPECT_EQ(2u, num_running_dispatcher_jobs());
5906
5907 // The insecure IPv4 request should complete, the insecure IPv6 request is
5908 // still pending.
5909 base::RunLoop().RunUntilIdle();
5910 EXPECT_EQ(1u, num_running_dispatcher_jobs());
5911
5912 response1.CancelRequest();
5913 base::RunLoop().RunUntilIdle();
5914 EXPECT_FALSE(response1.complete());
5915
5916 // Dispatcher state checked in TearDown.
5917 }
5918
5919 // Test cases where AAAA completes first.
TEST_F(HostResolverManagerDnsTest,AAAACompletesFirst)5920 TEST_F(HostResolverManagerDnsTest, AAAACompletesFirst) {
5921 set_allow_fallback_to_systemtask(false);
5922 ChangeDnsConfig(CreateValidDnsConfig());
5923
5924 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
5925 responses.emplace_back(
5926 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5927 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
5928 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5929 responses.emplace_back(
5930 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5931 HostPortPair("4slow_4ok", 80), NetworkAnonymizationKey(),
5932 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5933 responses.emplace_back(
5934 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5935 HostPortPair("4slow_4timeout", 80), NetworkAnonymizationKey(),
5936 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5937 responses.emplace_back(
5938 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
5939 HostPortPair("4slow_6timeout", 80), NetworkAnonymizationKey(),
5940 NetLogWithSource(), std::nullopt, resolve_context_.get())));
5941
5942 base::RunLoop().RunUntilIdle();
5943 EXPECT_FALSE(responses[0]->complete());
5944 EXPECT_FALSE(responses[1]->complete());
5945 EXPECT_FALSE(responses[2]->complete());
5946 // The IPv6 of request 3 should have failed and resulted in cancelling the
5947 // IPv4 request.
5948 EXPECT_THAT(responses[3]->result_error(), IsError(ERR_DNS_TIMED_OUT));
5949 EXPECT_EQ(3u, num_running_dispatcher_jobs());
5950
5951 mock_dns_client_->CompleteDelayedTransactions();
5952 EXPECT_THAT(responses[0]->result_error(), IsOk());
5953 EXPECT_THAT(responses[0]->request()->GetAddressResults()->endpoints(),
5954 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
5955 CreateExpected("::1", 80)));
5956 EXPECT_THAT(
5957 responses[0]->request()->GetEndpointResults(),
5958 testing::Pointee(testing::ElementsAre(
5959 ExpectEndpointResult(testing::UnorderedElementsAre(
5960 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
5961
5962 EXPECT_THAT(responses[1]->result_error(), IsOk());
5963 EXPECT_THAT(responses[1]->request()->GetAddressResults()->endpoints(),
5964 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
5965 EXPECT_THAT(responses[1]->request()->GetEndpointResults(),
5966 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
5967 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
5968
5969 EXPECT_THAT(responses[2]->result_error(), IsError(ERR_DNS_TIMED_OUT));
5970 }
5971
TEST_F(HostResolverManagerDnsTest,AAAACompletesFirst_AutomaticMode)5972 TEST_F(HostResolverManagerDnsTest, AAAACompletesFirst_AutomaticMode) {
5973 MockDnsClientRuleList rules;
5974 rules.emplace_back(
5975 "secure_slow_nx_insecure_4slow_ok", dns_protocol::kTypeA,
5976 true /* secure */,
5977 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
5978 true /* delay */);
5979 rules.emplace_back(
5980 "secure_slow_nx_insecure_4slow_ok", dns_protocol::kTypeAAAA,
5981 true /* secure */,
5982 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
5983 true /* delay */);
5984 rules.emplace_back(
5985 "secure_slow_nx_insecure_4slow_ok", dns_protocol::kTypeA,
5986 false /* secure */,
5987 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
5988 true /* delay */);
5989 rules.emplace_back(
5990 "secure_slow_nx_insecure_4slow_ok", dns_protocol::kTypeAAAA,
5991 false /* secure */,
5992 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
5993 false /* delay */);
5994 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
5995 DnsConfigOverrides overrides;
5996 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
5997 resolver_->SetDnsConfigOverrides(overrides);
5998
5999 ResolveHostResponseHelper response(resolver_->CreateRequest(
6000 HostPortPair("secure_slow_nx_insecure_4slow_ok", 80),
6001 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
6002 resolve_context_.get()));
6003 base::RunLoop().RunUntilIdle();
6004 EXPECT_FALSE(response.complete());
6005 // Complete the secure transactions.
6006 mock_dns_client_->CompleteDelayedTransactions();
6007 base::RunLoop().RunUntilIdle();
6008 EXPECT_FALSE(response.complete());
6009 // Complete the insecure transactions.
6010 mock_dns_client_->CompleteDelayedTransactions();
6011 ASSERT_THAT(response.result_error(), IsOk());
6012 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6013 testing::ElementsAre(CreateExpected("127.0.0.1", 80)));
6014 EXPECT_THAT(response.request()->GetEndpointResults(),
6015 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6016 testing::ElementsAre(CreateExpected("127.0.0.1", 80))))));
6017 HostCache::Key insecure_key =
6018 HostCache::Key("secure_slow_nx_insecure_4slow_ok",
6019 DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6020 HostResolverSource::ANY, NetworkAnonymizationKey());
6021 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
6022 GetCacheHit(insecure_key);
6023 EXPECT_TRUE(!!cache_result);
6024 }
6025
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic)6026 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic) {
6027 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.100");
6028 set_allow_fallback_to_systemtask(true);
6029
6030 ChangeDnsConfig(CreateValidDnsConfig());
6031 DnsConfigOverrides overrides;
6032 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6033 resolver_->SetDnsConfigOverrides(overrides);
6034 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6035
6036 // A successful DoH request should result in a secure cache entry.
6037 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6038 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6039 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6040 ASSERT_THAT(response_secure.result_error(), IsOk());
6041 EXPECT_FALSE(
6042 response_secure.request()->GetResolveErrorInfo().is_secure_network_error);
6043 EXPECT_THAT(response_secure.request()->GetAddressResults()->endpoints(),
6044 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6045 CreateExpected("::1", 80)));
6046 EXPECT_THAT(
6047 response_secure.request()->GetEndpointResults(),
6048 testing::Pointee(testing::ElementsAre(
6049 ExpectEndpointResult(testing::UnorderedElementsAre(
6050 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6051 HostCache::Key secure_key = HostCache::Key(
6052 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6053 HostResolverSource::ANY, NetworkAnonymizationKey());
6054 secure_key.secure = true;
6055 cache_result = GetCacheHit(secure_key);
6056 EXPECT_TRUE(!!cache_result);
6057
6058 // A successful plaintext DNS request should result in an insecure cache
6059 // entry.
6060 ResolveHostResponseHelper response_insecure(resolver_->CreateRequest(
6061 HostPortPair("insecure_automatic", 80), NetworkAnonymizationKey(),
6062 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6063 ASSERT_THAT(response_insecure.result_error(), IsOk());
6064 EXPECT_FALSE(response_insecure.request()
6065 ->GetResolveErrorInfo()
6066 .is_secure_network_error);
6067 EXPECT_THAT(response_insecure.request()->GetAddressResults()->endpoints(),
6068 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6069 CreateExpected("::1", 80)));
6070 EXPECT_THAT(
6071 response_insecure.request()->GetEndpointResults(),
6072 testing::Pointee(testing::ElementsAre(
6073 ExpectEndpointResult(testing::UnorderedElementsAre(
6074 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6075 HostCache::Key insecure_key =
6076 HostCache::Key("insecure_automatic", DnsQueryType::UNSPECIFIED,
6077 0 /* host_resolver_flags */, HostResolverSource::ANY,
6078 NetworkAnonymizationKey());
6079 cache_result = GetCacheHit(insecure_key);
6080 EXPECT_TRUE(!!cache_result);
6081
6082 // Fallback to HostResolverSystemTask allowed in AUTOMATIC mode.
6083 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
6084 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
6085 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6086 proc_->SignalMultiple(1u);
6087 EXPECT_THAT(response_system.result_error(), IsOk());
6088 EXPECT_THAT(response_system.request()->GetAddressResults()->endpoints(),
6089 testing::ElementsAre(CreateExpected("192.168.1.100", 80)));
6090 EXPECT_THAT(response_system.request()->GetEndpointResults(),
6091 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6092 testing::ElementsAre(CreateExpected("192.168.1.100", 80))))));
6093 }
6094
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_SecureCache)6095 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_SecureCache) {
6096 ChangeDnsConfig(CreateValidDnsConfig());
6097 DnsConfigOverrides overrides;
6098 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6099 resolver_->SetDnsConfigOverrides(overrides);
6100
6101 // Populate cache with a secure entry.
6102 HostCache::Key cached_secure_key =
6103 HostCache::Key("automatic_cached", DnsQueryType::UNSPECIFIED,
6104 0 /* host_resolver_flags */, HostResolverSource::ANY,
6105 NetworkAnonymizationKey());
6106 cached_secure_key.secure = true;
6107 IPEndPoint kExpectedSecureIP = CreateExpected("192.168.1.102", 80);
6108 PopulateCache(cached_secure_key, kExpectedSecureIP);
6109
6110 // The secure cache should be checked prior to any DoH request being sent.
6111 ResolveHostResponseHelper response_secure_cached(resolver_->CreateRequest(
6112 HostPortPair("automatic_cached", 80), NetworkAnonymizationKey(),
6113 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6114 EXPECT_THAT(response_secure_cached.result_error(), IsOk());
6115 EXPECT_FALSE(response_secure_cached.request()
6116 ->GetResolveErrorInfo()
6117 .is_secure_network_error);
6118 EXPECT_THAT(
6119 response_secure_cached.request()->GetAddressResults()->endpoints(),
6120 testing::ElementsAre(kExpectedSecureIP));
6121 EXPECT_THAT(response_secure_cached.request()->GetEndpointResults(),
6122 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6123 testing::ElementsAre(kExpectedSecureIP)))));
6124 EXPECT_FALSE(
6125 response_secure_cached.request()->GetStaleInfo().value().is_stale());
6126 }
6127
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_InsecureCache)6128 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_InsecureCache) {
6129 ChangeDnsConfig(CreateValidDnsConfig());
6130 DnsConfigOverrides overrides;
6131 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6132 resolver_->SetDnsConfigOverrides(overrides);
6133
6134 // Populate cache with an insecure entry.
6135 HostCache::Key cached_insecure_key =
6136 HostCache::Key("insecure_automatic_cached", DnsQueryType::UNSPECIFIED,
6137 0 /* host_resolver_flags */, HostResolverSource::ANY,
6138 NetworkAnonymizationKey());
6139 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.103", 80);
6140 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6141
6142 // The insecure cache should be checked after DoH requests fail.
6143 ResolveHostResponseHelper response_insecure_cached(resolver_->CreateRequest(
6144 HostPortPair("insecure_automatic_cached", 80), NetworkAnonymizationKey(),
6145 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6146 EXPECT_THAT(response_insecure_cached.result_error(), IsOk());
6147 EXPECT_FALSE(response_insecure_cached.request()
6148 ->GetResolveErrorInfo()
6149 .is_secure_network_error);
6150 EXPECT_THAT(
6151 response_insecure_cached.request()->GetAddressResults()->endpoints(),
6152 testing::ElementsAre(kExpectedInsecureIP));
6153 EXPECT_THAT(response_insecure_cached.request()->GetEndpointResults(),
6154 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6155 testing::ElementsAre(kExpectedInsecureIP)))));
6156 EXPECT_FALSE(
6157 response_insecure_cached.request()->GetStaleInfo().value().is_stale());
6158 }
6159
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_Downgrade)6160 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Downgrade) {
6161 ChangeDnsConfig(CreateValidDnsConfig());
6162 // There is no DoH server available.
6163 DnsConfigOverrides overrides;
6164 overrides.dns_over_https_config.emplace();
6165 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6166 resolver_->SetDnsConfigOverrides(overrides);
6167 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6168
6169 // Populate cache with both secure and insecure entries.
6170 HostCache::Key cached_secure_key =
6171 HostCache::Key("automatic_cached", DnsQueryType::UNSPECIFIED,
6172 0 /* host_resolver_flags */, HostResolverSource::ANY,
6173 NetworkAnonymizationKey());
6174 cached_secure_key.secure = true;
6175 IPEndPoint kExpectedSecureIP = CreateExpected("192.168.1.102", 80);
6176 PopulateCache(cached_secure_key, kExpectedSecureIP);
6177 HostCache::Key cached_insecure_key =
6178 HostCache::Key("insecure_automatic_cached", DnsQueryType::UNSPECIFIED,
6179 0 /* host_resolver_flags */, HostResolverSource::ANY,
6180 NetworkAnonymizationKey());
6181 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.103", 80);
6182 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6183
6184 // The secure cache should still be checked first.
6185 ResolveHostResponseHelper response_cached(resolver_->CreateRequest(
6186 HostPortPair("automatic_cached", 80), NetworkAnonymizationKey(),
6187 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6188 EXPECT_THAT(response_cached.result_error(), IsOk());
6189 EXPECT_THAT(response_cached.request()->GetAddressResults()->endpoints(),
6190 testing::ElementsAre(kExpectedSecureIP));
6191 EXPECT_THAT(response_cached.request()->GetEndpointResults(),
6192 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6193 testing::ElementsAre(kExpectedSecureIP)))));
6194
6195 // The insecure cache should be checked before any insecure requests are sent.
6196 ResolveHostResponseHelper insecure_response_cached(resolver_->CreateRequest(
6197 HostPortPair("insecure_automatic_cached", 80), NetworkAnonymizationKey(),
6198 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6199 EXPECT_THAT(insecure_response_cached.result_error(), IsOk());
6200 EXPECT_THAT(
6201 insecure_response_cached.request()->GetAddressResults()->endpoints(),
6202 testing::ElementsAre(kExpectedInsecureIP));
6203 EXPECT_THAT(insecure_response_cached.request()->GetEndpointResults(),
6204 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6205 testing::ElementsAre(kExpectedInsecureIP)))));
6206
6207 // The DnsConfig doesn't contain DoH servers so AUTOMATIC mode will be
6208 // downgraded to OFF. A successful plaintext DNS request should result in an
6209 // insecure cache entry.
6210 ResolveHostResponseHelper response(resolver_->CreateRequest(
6211 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6212 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6213 ASSERT_THAT(response.result_error(), IsOk());
6214 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6215 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6216 CreateExpected("::1", 80)));
6217 EXPECT_THAT(
6218 response.request()->GetEndpointResults(),
6219 testing::Pointee(testing::ElementsAre(
6220 ExpectEndpointResult(testing::UnorderedElementsAre(
6221 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6222 HostCache::Key key = HostCache::Key(
6223 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6224 HostResolverSource::ANY, NetworkAnonymizationKey());
6225 cache_result = GetCacheHit(key);
6226 EXPECT_TRUE(!!cache_result);
6227 }
6228
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_Unavailable)6229 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Unavailable) {
6230 ChangeDnsConfig(CreateValidDnsConfig());
6231 DnsConfigOverrides overrides;
6232 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6233 resolver_->SetDnsConfigOverrides(overrides);
6234 mock_dns_client_->SetForceDohServerAvailable(false);
6235
6236 // DoH requests should be skipped when there are no available DoH servers
6237 // in automatic mode. The cached result should be in the insecure cache.
6238 ResolveHostResponseHelper response_automatic(resolver_->CreateRequest(
6239 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6240 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6241 ASSERT_THAT(response_automatic.result_error(), IsOk());
6242 EXPECT_FALSE(response_automatic.request()
6243 ->GetResolveErrorInfo()
6244 .is_secure_network_error);
6245 EXPECT_THAT(response_automatic.request()->GetAddressResults()->endpoints(),
6246 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6247 CreateExpected("::1", 80)));
6248 EXPECT_THAT(
6249 response_automatic.request()->GetEndpointResults(),
6250 testing::Pointee(testing::ElementsAre(
6251 ExpectEndpointResult(testing::UnorderedElementsAre(
6252 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6253 HostCache::Key secure_key = HostCache::Key(
6254 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6255 HostResolverSource::ANY, NetworkAnonymizationKey());
6256 secure_key.secure = true;
6257 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
6258 GetCacheHit(secure_key);
6259 EXPECT_FALSE(!!cache_result);
6260
6261 HostCache::Key insecure_key = HostCache::Key(
6262 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6263 HostResolverSource::ANY, NetworkAnonymizationKey());
6264 cache_result = GetCacheHit(insecure_key);
6265 EXPECT_TRUE(!!cache_result);
6266 }
6267
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_Unavailable_Fail)6268 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Unavailable_Fail) {
6269 set_allow_fallback_to_systemtask(false);
6270 ChangeDnsConfig(CreateValidDnsConfig());
6271 DnsConfigOverrides overrides;
6272 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6273 resolver_->SetDnsConfigOverrides(overrides);
6274 mock_dns_client_->SetForceDohServerAvailable(false);
6275
6276 // Insecure requests that fail should not be cached.
6277 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6278 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6279 std::nullopt, resolve_context_.get()));
6280 ASSERT_THAT(response_secure.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6281 EXPECT_FALSE(
6282 response_secure.request()->GetResolveErrorInfo().is_secure_network_error);
6283
6284 HostCache::Key secure_key = HostCache::Key(
6285 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6286 HostResolverSource::ANY, NetworkAnonymizationKey());
6287 secure_key.secure = true;
6288 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
6289 GetCacheHit(secure_key);
6290 EXPECT_FALSE(!!cache_result);
6291
6292 HostCache::Key insecure_key = HostCache::Key(
6293 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6294 HostResolverSource::ANY, NetworkAnonymizationKey());
6295 cache_result = GetCacheHit(insecure_key);
6296 EXPECT_FALSE(!!cache_result);
6297 }
6298
6299 // Test that DoH server availability is respected per-context.
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_UnavailableByContext)6300 TEST_F(HostResolverManagerDnsTest,
6301 SecureDnsMode_Automatic_UnavailableByContext) {
6302 // Create and register two separate contexts.
6303 auto request_context1 = CreateTestURLRequestContextBuilder()->Build();
6304 auto request_context2 = CreateTestURLRequestContextBuilder()->Build();
6305 ResolveContext resolve_context1(request_context1.get(),
6306 false /* enable_caching */);
6307 ResolveContext resolve_context2(request_context2.get(),
6308 false /* enable_caching */);
6309 resolver_->RegisterResolveContext(&resolve_context1);
6310 resolver_->RegisterResolveContext(&resolve_context2);
6311
6312 // Configure the resolver and underlying mock to attempt a secure query iff
6313 // the context has marked a DoH server available and otherwise attempt a
6314 // non-secure query.
6315 set_allow_fallback_to_systemtask(false);
6316 ChangeDnsConfig(CreateValidDnsConfig());
6317 DnsConfigOverrides overrides;
6318 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6319 resolver_->SetDnsConfigOverrides(overrides);
6320 mock_dns_client_->SetForceDohServerAvailable(false);
6321
6322 // Mark a DoH server successful only for |resolve_context2|. Note that this
6323 // must come after the resolver's configuration is set because this relies on
6324 // the specific configuration containing a DoH server.
6325 resolve_context2.RecordServerSuccess(0u /* server_index */,
6326 true /* is_doh_server */,
6327 mock_dns_client_->GetCurrentSession());
6328
6329 // No available DoH servers for |resolve_context1|, so expect a non-secure
6330 // request. Non-secure requests for "secure" will fail with
6331 // ERR_NAME_NOT_RESOLVED.
6332 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6333 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6334 std::nullopt, &resolve_context1));
6335 ASSERT_THAT(response_secure.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6336
6337 // One available DoH server for |resolve_context2|, so expect a secure
6338 // request. Secure requests for "secure" will succeed.
6339 ResolveHostResponseHelper response_secure2(resolver_->CreateRequest(
6340 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6341 std::nullopt, &resolve_context2));
6342 ASSERT_THAT(response_secure2.result_error(), IsOk());
6343
6344 resolver_->DeregisterResolveContext(&resolve_context1);
6345 resolver_->DeregisterResolveContext(&resolve_context2);
6346 }
6347
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_Stale)6348 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Stale) {
6349 ChangeDnsConfig(CreateValidDnsConfig());
6350 DnsConfigOverrides overrides;
6351 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6352 resolver_->SetDnsConfigOverrides(overrides);
6353
6354 // Populate cache with insecure entry.
6355 HostCache::Key cached_stale_key = HostCache::Key(
6356 "automatic_stale", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6357 HostResolverSource::ANY, NetworkAnonymizationKey());
6358 IPEndPoint kExpectedStaleIP = CreateExpected("192.168.1.102", 80);
6359 PopulateCache(cached_stale_key, kExpectedStaleIP);
6360 MakeCacheStale();
6361
6362 HostResolver::ResolveHostParameters stale_allowed_parameters;
6363 stale_allowed_parameters.cache_usage =
6364 HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
6365
6366 // The insecure cache should be checked before secure requests are made since
6367 // stale results are allowed.
6368 ResolveHostResponseHelper response_stale(resolver_->CreateRequest(
6369 HostPortPair("automatic_stale", 80), NetworkAnonymizationKey(),
6370 NetLogWithSource(), stale_allowed_parameters, resolve_context_.get()));
6371 EXPECT_THAT(response_stale.result_error(), IsOk());
6372 EXPECT_FALSE(
6373 response_stale.request()->GetResolveErrorInfo().is_secure_network_error);
6374 EXPECT_THAT(response_stale.request()->GetAddressResults()->endpoints(),
6375 testing::ElementsAre(kExpectedStaleIP));
6376 EXPECT_THAT(response_stale.request()->GetEndpointResults(),
6377 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6378 testing::ElementsAre(kExpectedStaleIP)))));
6379 EXPECT_TRUE(response_stale.request()->GetStaleInfo()->is_stale());
6380 }
6381
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_InsecureAsyncDisabled)6382 TEST_F(HostResolverManagerDnsTest,
6383 SecureDnsMode_Automatic_InsecureAsyncDisabled) {
6384 proc_->AddRuleForAllFamilies("insecure_automatic", "192.168.1.100");
6385 ChangeDnsConfig(CreateValidDnsConfig());
6386 resolver_->SetInsecureDnsClientEnabled(
6387 /*enabled=*/false,
6388 /*additional_dns_types_enabled=*/false);
6389 DnsConfigOverrides overrides;
6390 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6391 resolver_->SetDnsConfigOverrides(overrides);
6392
6393 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6394
6395 // The secure part of the dns client should be enabled.
6396 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6397 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6398 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6399 ASSERT_THAT(response_secure.result_error(), IsOk());
6400 EXPECT_THAT(response_secure.request()->GetAddressResults()->endpoints(),
6401 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6402 CreateExpected("::1", 80)));
6403 EXPECT_THAT(
6404 response_secure.request()->GetEndpointResults(),
6405 testing::Pointee(testing::ElementsAre(
6406 ExpectEndpointResult(testing::UnorderedElementsAre(
6407 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6408 HostCache::Key secure_key = HostCache::Key(
6409 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6410 HostResolverSource::ANY, NetworkAnonymizationKey());
6411 secure_key.secure = true;
6412 cache_result = GetCacheHit(secure_key);
6413 EXPECT_TRUE(!!cache_result);
6414
6415 // The insecure part of the dns client is disabled so insecure requests
6416 // should be skipped.
6417 ResolveHostResponseHelper response_insecure(resolver_->CreateRequest(
6418 HostPortPair("insecure_automatic", 80), NetworkAnonymizationKey(),
6419 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6420 proc_->SignalMultiple(1u);
6421 ASSERT_THAT(response_insecure.result_error(), IsOk());
6422 EXPECT_THAT(response_insecure.request()->GetAddressResults()->endpoints(),
6423 testing::ElementsAre(CreateExpected("192.168.1.100", 80)));
6424 EXPECT_THAT(response_insecure.request()->GetEndpointResults(),
6425 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6426 testing::ElementsAre(CreateExpected("192.168.1.100", 80))))));
6427 HostCache::Key insecure_key =
6428 HostCache::Key("insecure_automatic", DnsQueryType::UNSPECIFIED,
6429 0 /* host_resolver_flags */, HostResolverSource::ANY,
6430 NetworkAnonymizationKey());
6431 cache_result = GetCacheHit(insecure_key);
6432 EXPECT_TRUE(!!cache_result);
6433
6434 HostCache::Key cached_insecure_key =
6435 HostCache::Key("insecure_automatic_cached", DnsQueryType::UNSPECIFIED,
6436 0 /* host_resolver_flags */, HostResolverSource::ANY,
6437 NetworkAnonymizationKey());
6438 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.101", 80);
6439 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6440
6441 // The insecure cache should still be checked even if the insecure part of
6442 // the dns client is disabled.
6443 ResolveHostResponseHelper response_insecure_cached(resolver_->CreateRequest(
6444 HostPortPair("insecure_automatic_cached", 80), NetworkAnonymizationKey(),
6445 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6446 EXPECT_THAT(response_insecure_cached.result_error(), IsOk());
6447 EXPECT_THAT(
6448 response_insecure_cached.request()->GetAddressResults()->endpoints(),
6449 testing::ElementsAre(kExpectedInsecureIP));
6450 EXPECT_THAT(response_insecure_cached.request()->GetEndpointResults(),
6451 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6452 testing::ElementsAre(kExpectedInsecureIP)))));
6453 }
6454
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Automatic_DotActive)6455 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_DotActive) {
6456 proc_->AddRuleForAllFamilies("insecure_automatic", "192.168.1.100");
6457 DnsConfig config = CreateValidDnsConfig();
6458 config.dns_over_tls_active = true;
6459 ChangeDnsConfig(config);
6460 DnsConfigOverrides overrides;
6461 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6462 resolver_->SetDnsConfigOverrides(overrides);
6463
6464 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6465
6466 // The secure part of the dns client should be enabled.
6467 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6468 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6469 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6470 ASSERT_THAT(response_secure.result_error(), IsOk());
6471 EXPECT_THAT(response_secure.request()->GetAddressResults()->endpoints(),
6472 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6473 CreateExpected("::1", 80)));
6474 EXPECT_THAT(
6475 response_secure.request()->GetEndpointResults(),
6476 testing::Pointee(testing::ElementsAre(
6477 ExpectEndpointResult(testing::UnorderedElementsAre(
6478 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6479 HostCache::Key secure_key = HostCache::Key(
6480 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6481 HostResolverSource::ANY, NetworkAnonymizationKey());
6482 secure_key.secure = true;
6483 cache_result = GetCacheHit(secure_key);
6484 EXPECT_TRUE(!!cache_result);
6485
6486 // Insecure async requests should be skipped since the system resolver
6487 // requests will be secure.
6488 ResolveHostResponseHelper response_insecure(resolver_->CreateRequest(
6489 HostPortPair("insecure_automatic", 80), NetworkAnonymizationKey(),
6490 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6491 proc_->SignalMultiple(1u);
6492 ASSERT_THAT(response_insecure.result_error(), IsOk());
6493 EXPECT_FALSE(response_insecure.request()
6494 ->GetResolveErrorInfo()
6495 .is_secure_network_error);
6496 EXPECT_THAT(response_insecure.request()->GetAddressResults()->endpoints(),
6497 testing::ElementsAre(CreateExpected("192.168.1.100", 80)));
6498 EXPECT_THAT(response_insecure.request()->GetEndpointResults(),
6499 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6500 testing::ElementsAre(CreateExpected("192.168.1.100", 80))))));
6501 HostCache::Key insecure_key =
6502 HostCache::Key("insecure_automatic", DnsQueryType::UNSPECIFIED,
6503 0 /* host_resolver_flags */, HostResolverSource::ANY,
6504 NetworkAnonymizationKey());
6505 cache_result = GetCacheHit(insecure_key);
6506 EXPECT_TRUE(!!cache_result);
6507
6508 HostCache::Key cached_insecure_key =
6509 HostCache::Key("insecure_automatic_cached", DnsQueryType::UNSPECIFIED,
6510 0 /* host_resolver_flags */, HostResolverSource::ANY,
6511 NetworkAnonymizationKey());
6512 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.101", 80);
6513 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6514
6515 // The insecure cache should still be checked.
6516 ResolveHostResponseHelper response_insecure_cached(resolver_->CreateRequest(
6517 HostPortPair("insecure_automatic_cached", 80), NetworkAnonymizationKey(),
6518 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6519 EXPECT_THAT(response_insecure_cached.result_error(), IsOk());
6520 EXPECT_FALSE(response_insecure_cached.request()
6521 ->GetResolveErrorInfo()
6522 .is_secure_network_error);
6523 EXPECT_THAT(
6524 response_insecure_cached.request()->GetAddressResults()->endpoints(),
6525 testing::ElementsAre(kExpectedInsecureIP));
6526 EXPECT_THAT(response_insecure_cached.request()->GetEndpointResults(),
6527 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6528 testing::ElementsAre(kExpectedInsecureIP)))));
6529 }
6530
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Secure)6531 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure) {
6532 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.100");
6533 set_allow_fallback_to_systemtask(true);
6534
6535 ChangeDnsConfig(CreateValidDnsConfig());
6536 DnsConfigOverrides overrides;
6537 overrides.secure_dns_mode = SecureDnsMode::kSecure;
6538 resolver_->SetDnsConfigOverrides(overrides);
6539 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6540
6541 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6542 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6543 std::nullopt, resolve_context_.get()));
6544 ASSERT_THAT(response_secure.result_error(), IsOk());
6545 EXPECT_FALSE(
6546 response_secure.request()->GetResolveErrorInfo().is_secure_network_error);
6547 HostCache::Key secure_key = HostCache::Key(
6548 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6549 HostResolverSource::ANY, NetworkAnonymizationKey());
6550 secure_key.secure = true;
6551 cache_result = GetCacheHit(secure_key);
6552 EXPECT_TRUE(!!cache_result);
6553
6554 ResolveHostResponseHelper response_insecure(resolver_->CreateRequest(
6555 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6556 std::nullopt, resolve_context_.get()));
6557 ASSERT_THAT(response_insecure.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6558 EXPECT_TRUE(response_insecure.request()
6559 ->GetResolveErrorInfo()
6560 .is_secure_network_error);
6561 HostCache::Key insecure_key = HostCache::Key(
6562 "ok", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6563 HostResolverSource::ANY, NetworkAnonymizationKey());
6564 cache_result = GetCacheHit(insecure_key);
6565 EXPECT_FALSE(!!cache_result);
6566
6567 // Fallback to HostResolverSystemTask not allowed in SECURE mode.
6568 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
6569 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
6570 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6571 proc_->SignalMultiple(1u);
6572 EXPECT_THAT(response_system.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6573 EXPECT_TRUE(
6574 response_system.request()->GetResolveErrorInfo().is_secure_network_error);
6575 }
6576
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Secure_InsecureAsyncDisabled)6577 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure_InsecureAsyncDisabled) {
6578 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.100");
6579 set_allow_fallback_to_systemtask(true);
6580 resolver_->SetInsecureDnsClientEnabled(
6581 /*enabled=*/false,
6582 /*additional_dns_types_enabled=*/false);
6583
6584 ChangeDnsConfig(CreateValidDnsConfig());
6585 DnsConfigOverrides overrides;
6586 overrides.secure_dns_mode = SecureDnsMode::kSecure;
6587 resolver_->SetDnsConfigOverrides(overrides);
6588 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
6589
6590 // The secure part of the dns client should be enabled.
6591 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
6592 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6593 std::nullopt, resolve_context_.get()));
6594 ASSERT_THAT(response_secure.result_error(), IsOk());
6595 HostCache::Key secure_key = HostCache::Key(
6596 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6597 HostResolverSource::ANY, NetworkAnonymizationKey());
6598 secure_key.secure = true;
6599 cache_result = GetCacheHit(secure_key);
6600 EXPECT_TRUE(!!cache_result);
6601 }
6602
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Secure_Local_CacheMiss)6603 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure_Local_CacheMiss) {
6604 ChangeDnsConfig(CreateValidDnsConfig());
6605 DnsConfigOverrides overrides;
6606 overrides.secure_dns_mode = SecureDnsMode::kSecure;
6607 resolver_->SetDnsConfigOverrides(overrides);
6608
6609 HostResolver::ResolveHostParameters source_none_parameters;
6610 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
6611
6612 // Populate cache with an insecure entry.
6613 HostCache::Key cached_insecure_key = HostCache::Key(
6614 "automatic", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6615 HostResolverSource::ANY, NetworkAnonymizationKey());
6616 IPEndPoint kExpectedInsecureIP = CreateExpected("192.168.1.102", 80);
6617 PopulateCache(cached_insecure_key, kExpectedInsecureIP);
6618
6619 // NONE query expected to complete synchronously with a cache miss since
6620 // the insecure cache should not be checked.
6621 ResolveHostResponseHelper cache_miss_request(resolver_->CreateRequest(
6622 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
6623 NetLogWithSource(), source_none_parameters, resolve_context_.get()));
6624 EXPECT_TRUE(cache_miss_request.complete());
6625 EXPECT_THAT(cache_miss_request.result_error(), IsError(ERR_DNS_CACHE_MISS));
6626 EXPECT_FALSE(cache_miss_request.request()
6627 ->GetResolveErrorInfo()
6628 .is_secure_network_error);
6629 EXPECT_THAT(cache_miss_request.request()->GetAddressResults(),
6630 AnyOf(nullptr, Pointee(IsEmpty())));
6631 EXPECT_THAT(cache_miss_request.request()->GetEndpointResults(),
6632 AnyOf(nullptr, Pointee(IsEmpty())));
6633 EXPECT_FALSE(cache_miss_request.request()->GetStaleInfo());
6634 }
6635
TEST_F(HostResolverManagerDnsTest,SecureDnsMode_Secure_Local_CacheHit)6636 TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure_Local_CacheHit) {
6637 ChangeDnsConfig(CreateValidDnsConfig());
6638 DnsConfigOverrides overrides;
6639 overrides.secure_dns_mode = SecureDnsMode::kSecure;
6640 resolver_->SetDnsConfigOverrides(overrides);
6641
6642 HostResolver::ResolveHostParameters source_none_parameters;
6643 source_none_parameters.source = HostResolverSource::LOCAL_ONLY;
6644
6645 // Populate cache with a secure entry.
6646 HostCache::Key cached_secure_key = HostCache::Key(
6647 "secure", DnsQueryType::UNSPECIFIED, 0 /* host_resolver_flags */,
6648 HostResolverSource::ANY, NetworkAnonymizationKey());
6649 cached_secure_key.secure = true;
6650 IPEndPoint kExpectedSecureIP = CreateExpected("192.168.1.103", 80);
6651 PopulateCache(cached_secure_key, kExpectedSecureIP);
6652
6653 // NONE query expected to complete synchronously with a cache hit from the
6654 // secure cache.
6655 ResolveHostResponseHelper response_cached(resolver_->CreateRequest(
6656 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6657 std::nullopt, resolve_context_.get()));
6658 EXPECT_TRUE(response_cached.complete());
6659 EXPECT_THAT(response_cached.result_error(), IsOk());
6660 EXPECT_FALSE(
6661 response_cached.request()->GetResolveErrorInfo().is_secure_network_error);
6662 EXPECT_THAT(response_cached.request()->GetAddressResults()->endpoints(),
6663 testing::ElementsAre(kExpectedSecureIP));
6664 EXPECT_THAT(response_cached.request()->GetEndpointResults(),
6665 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6666 testing::ElementsAre(kExpectedSecureIP)))));
6667 }
6668
6669 // On an IPv6 network, if we get A results and the AAAA response is SERVFAIL, we
6670 // fail the whole DnsTask rather than proceeding with just the A results. In
6671 // SECURE mode, fallback to the system resolver is disabled. See
6672 // https://crbug.com/1292324.
TEST_F(HostResolverManagerDnsTest,SecureDnsModeIsSecureAndAAAAServfailCausesFailDespiteAResults)6673 TEST_F(HostResolverManagerDnsTest,
6674 SecureDnsModeIsSecureAndAAAAServfailCausesFailDespiteAResults) {
6675 constexpr char kName[] = "name.test";
6676
6677 MockDnsClientRuleList rules;
6678 rules.emplace_back(
6679 kName, dns_protocol::kTypeA, /*secure=*/true,
6680 MockDnsClientRule::Result(
6681 MockDnsClientRule::ResultType::kOk,
6682 BuildTestDnsAddressResponse(kName, IPAddress(192, 168, 1, 103))),
6683 /*delay=*/false);
6684 rules.emplace_back(
6685 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
6686 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
6687 /*delay=*/false);
6688
6689 DnsConfig config = CreateValidDnsConfig();
6690 config.use_local_ipv6 = true;
6691
6692 CreateResolver();
6693 UseMockDnsClient(config, std::move(rules));
6694 DnsConfigOverrides overrides;
6695 overrides.secure_dns_mode = SecureDnsMode::kSecure;
6696 resolver_->SetDnsConfigOverrides(overrides);
6697
6698 ResolveHostResponseHelper response(resolver_->CreateRequest(
6699 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
6700 NetworkAnonymizationKey(), NetLogWithSource(),
6701 /*optional_parameters=*/std::nullopt, resolve_context_.get()));
6702 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6703 EXPECT_THAT(response.request()->GetEndpointResults(),
6704 AnyOf(nullptr, Pointee(IsEmpty())));
6705 EXPECT_THAT(response.request()->GetTextResults(),
6706 AnyOf(nullptr, Pointee(IsEmpty())));
6707 EXPECT_THAT(response.request()->GetHostnameResults(),
6708 AnyOf(nullptr, Pointee(IsEmpty())));
6709 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
6710 AnyOf(nullptr, Pointee(IsEmpty())));
6711
6712 // Expect result not cached.
6713 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
6714 }
6715
6716 // Test for a resolve with a transaction that takes longer than usual to
6717 // complete. With the typical behavior of using fast timeouts, this is expected
6718 // to timeout and fallback to the system resolver.
TEST_F(HostResolverManagerDnsTest,SlowResolve)6719 TEST_F(HostResolverManagerDnsTest, SlowResolve) {
6720 // Add a successful fallback result.
6721 proc_->AddRuleForAllFamilies("slow_succeed", "192.168.1.211");
6722
6723 MockDnsClientRuleList rules = CreateDefaultDnsRules();
6724 AddDnsRule(&rules, "slow_fail", dns_protocol::kTypeA,
6725 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6726 AddDnsRule(&rules, "slow_fail", dns_protocol::kTypeAAAA,
6727 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6728 AddDnsRule(&rules, "slow_succeed", dns_protocol::kTypeA,
6729 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6730 AddDnsRule(&rules, "slow_succeed", dns_protocol::kTypeAAAA,
6731 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6732 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
6733
6734 ResolveHostResponseHelper response0(resolver_->CreateRequest(
6735 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6736 std::nullopt, resolve_context_.get()));
6737 ResolveHostResponseHelper response1(resolver_->CreateRequest(
6738 HostPortPair("slow_fail", 80), NetworkAnonymizationKey(),
6739 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6740 ResolveHostResponseHelper response2(resolver_->CreateRequest(
6741 HostPortPair("slow_succeed", 80), NetworkAnonymizationKey(),
6742 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6743 proc_->SignalMultiple(3u);
6744
6745 EXPECT_THAT(response0.result_error(), IsOk());
6746 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
6747 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6748 CreateExpected("::1", 80)));
6749 EXPECT_THAT(
6750 response0.request()->GetEndpointResults(),
6751 testing::Pointee(testing::ElementsAre(
6752 ExpectEndpointResult(testing::UnorderedElementsAre(
6753 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6754 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6755 EXPECT_THAT(response2.result_error(), IsOk());
6756 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
6757 testing::ElementsAre(CreateExpected("192.168.1.211", 80)));
6758 EXPECT_THAT(response2.request()->GetEndpointResults(),
6759 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6760 testing::ElementsAre(CreateExpected("192.168.1.211", 80))))));
6761 }
6762
6763 // Test for a resolve with a secure transaction that takes longer than usual to
6764 // complete. In automatic mode, because fallback to insecure is available, the
6765 // secure transaction is expected to quickly timeout and fallback to insecure.
TEST_F(HostResolverManagerDnsTest,SlowSecureResolve_AutomaticMode)6766 TEST_F(HostResolverManagerDnsTest, SlowSecureResolve_AutomaticMode) {
6767 set_allow_fallback_to_systemtask(false);
6768
6769 MockDnsClientRuleList rules = CreateDefaultDnsRules();
6770 AddSecureDnsRule(&rules, "slow_fail", dns_protocol::kTypeA,
6771 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6772 AddSecureDnsRule(&rules, "slow_fail", dns_protocol::kTypeAAAA,
6773 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6774 AddSecureDnsRule(&rules, "slow_succeed", dns_protocol::kTypeA,
6775 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6776 AddSecureDnsRule(&rules, "slow_succeed", dns_protocol::kTypeAAAA,
6777 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6778 AddDnsRule(&rules, "slow_succeed", dns_protocol::kTypeA,
6779 IPAddress(111, 222, 112, 223), false /* delay */);
6780 AddDnsRule(&rules, "slow_succeed", dns_protocol::kTypeAAAA,
6781 MockDnsClientRule::ResultType::kEmpty, false /* delay */);
6782 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
6783
6784 DnsConfigOverrides overrides;
6785 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
6786 resolver_->SetDnsConfigOverrides(overrides);
6787
6788 ResolveHostResponseHelper response0(resolver_->CreateRequest(
6789 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6790 std::nullopt, resolve_context_.get()));
6791 ResolveHostResponseHelper response1(resolver_->CreateRequest(
6792 HostPortPair("slow_fail", 80), NetworkAnonymizationKey(),
6793 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6794 ResolveHostResponseHelper response2(resolver_->CreateRequest(
6795 HostPortPair("slow_succeed", 80), NetworkAnonymizationKey(),
6796 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6797
6798 EXPECT_THAT(response0.result_error(), IsOk());
6799 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
6800 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6801 CreateExpected("::1", 80)));
6802 EXPECT_THAT(
6803 response0.request()->GetEndpointResults(),
6804 testing::Pointee(testing::ElementsAre(
6805 ExpectEndpointResult(testing::UnorderedElementsAre(
6806 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6807 EXPECT_THAT(response1.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
6808 EXPECT_THAT(response2.result_error(), IsOk());
6809 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
6810 testing::ElementsAre(CreateExpected("111.222.112.223", 80)));
6811 EXPECT_THAT(
6812 response2.request()->GetEndpointResults(),
6813 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6814 testing::ElementsAre(CreateExpected("111.222.112.223", 80))))));
6815 }
6816
6817 // Test for a resolve with a secure transaction that takes longer than usual to
6818 // complete. In secure mode, because no fallback is available, this is expected
6819 // to wait longer before timeout and complete successfully.
TEST_F(HostResolverManagerDnsTest,SlowSecureResolve_SecureMode)6820 TEST_F(HostResolverManagerDnsTest, SlowSecureResolve_SecureMode) {
6821 MockDnsClientRuleList rules = CreateDefaultDnsRules();
6822 AddSecureDnsRule(&rules, "slow", dns_protocol::kTypeA,
6823 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6824 AddSecureDnsRule(&rules, "slow", dns_protocol::kTypeAAAA,
6825 MockDnsClientRule::ResultType::kSlow, false /* delay */);
6826 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
6827
6828 DnsConfigOverrides overrides;
6829 overrides.secure_dns_mode = SecureDnsMode::kSecure;
6830 resolver_->SetDnsConfigOverrides(overrides);
6831
6832 ResolveHostResponseHelper response0(resolver_->CreateRequest(
6833 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6834 std::nullopt, resolve_context_.get()));
6835 ResolveHostResponseHelper response1(resolver_->CreateRequest(
6836 HostPortPair("slow", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6837 std::nullopt, resolve_context_.get()));
6838
6839 EXPECT_THAT(response0.result_error(), IsOk());
6840 EXPECT_THAT(response1.result_error(), IsOk());
6841 }
6842
6843 // Test the case where only a single transaction slot is available.
TEST_F(HostResolverManagerDnsTest,SerialResolver)6844 TEST_F(HostResolverManagerDnsTest, SerialResolver) {
6845 CreateSerialResolver();
6846 set_allow_fallback_to_systemtask(false);
6847 ChangeDnsConfig(CreateValidDnsConfig());
6848
6849 ResolveHostResponseHelper response(resolver_->CreateRequest(
6850 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6851 std::nullopt, resolve_context_.get()));
6852 EXPECT_FALSE(response.complete());
6853 EXPECT_EQ(1u, num_running_dispatcher_jobs());
6854
6855 base::RunLoop().RunUntilIdle();
6856 EXPECT_TRUE(response.complete());
6857 EXPECT_THAT(response.result_error(), IsOk());
6858 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6859 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6860 CreateExpected("::1", 80)));
6861 EXPECT_THAT(
6862 response.request()->GetEndpointResults(),
6863 testing::Pointee(testing::ElementsAre(
6864 ExpectEndpointResult(testing::UnorderedElementsAre(
6865 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6866 }
6867
6868 // Test the case where subsequent transactions are handled on transaction
6869 // completion when only part of a multi-transaction request could be initially
6870 // started.
TEST_F(HostResolverManagerDnsTest,AAAAStartsAfterOtherJobFinishes)6871 TEST_F(HostResolverManagerDnsTest, AAAAStartsAfterOtherJobFinishes) {
6872 CreateResolverWithLimitsAndParams(3u, DefaultParams(proc_),
6873 true /* ipv6_reachable */,
6874 true /* check_ipv6_on_wifi */);
6875 set_allow_fallback_to_systemtask(false);
6876 ChangeDnsConfig(CreateValidDnsConfig());
6877
6878 ResolveHostResponseHelper response0(resolver_->CreateRequest(
6879 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6880 std::nullopt, resolve_context_.get()));
6881 EXPECT_EQ(2u, num_running_dispatcher_jobs());
6882 ResolveHostResponseHelper response1(resolver_->CreateRequest(
6883 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
6884 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6885 EXPECT_EQ(3u, num_running_dispatcher_jobs());
6886
6887 // Request 0's transactions should complete, starting Request 1's second
6888 // transaction, which should also complete.
6889 base::RunLoop().RunUntilIdle();
6890 EXPECT_EQ(1u, num_running_dispatcher_jobs());
6891 EXPECT_TRUE(response0.complete());
6892 EXPECT_FALSE(response1.complete());
6893
6894 mock_dns_client_->CompleteDelayedTransactions();
6895 EXPECT_THAT(response1.result_error(), IsOk());
6896 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
6897 testing::UnorderedElementsAre(CreateExpected("127.0.0.1", 80),
6898 CreateExpected("::1", 80)));
6899 EXPECT_THAT(
6900 response1.request()->GetEndpointResults(),
6901 testing::Pointee(testing::ElementsAre(
6902 ExpectEndpointResult(testing::UnorderedElementsAre(
6903 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
6904 }
6905
6906 // Tests the case that a Job with a single transaction receives an empty address
6907 // list, triggering fallback to HostResolverSystemTask.
TEST_F(HostResolverManagerDnsTest,IPv4EmptyFallback)6908 TEST_F(HostResolverManagerDnsTest, IPv4EmptyFallback) {
6909 // Disable ipv6 to ensure we'll only try a single transaction for the host.
6910 CreateResolverWithLimitsAndParams(kMaxJobs, DefaultParams(proc_),
6911 false /* ipv6_reachable */,
6912 true /* check_ipv6_on_wifi */);
6913 DnsConfig config = CreateValidDnsConfig();
6914 config.use_local_ipv6 = false;
6915 ChangeDnsConfig(config);
6916
6917 proc_->AddRuleForAllFamilies("empty_fallback", "192.168.0.1",
6918 HOST_RESOLVER_DEFAULT_FAMILY_SET_DUE_TO_NO_IPV6);
6919 proc_->SignalMultiple(1u);
6920
6921 ResolveHostResponseHelper response(resolver_->CreateRequest(
6922 HostPortPair("empty_fallback", 80), NetworkAnonymizationKey(),
6923 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6924 EXPECT_THAT(response.result_error(), IsOk());
6925 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6926 testing::ElementsAre(CreateExpected("192.168.0.1", 80)));
6927 EXPECT_THAT(response.request()->GetEndpointResults(),
6928 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6929 testing::ElementsAre(CreateExpected("192.168.0.1", 80))))));
6930 }
6931
6932 // Tests the case that a Job with two transactions receives two empty address
6933 // lists, triggering fallback to HostResolverSystemTask.
TEST_F(HostResolverManagerDnsTest,UnspecEmptyFallback)6934 TEST_F(HostResolverManagerDnsTest, UnspecEmptyFallback) {
6935 ChangeDnsConfig(CreateValidDnsConfig());
6936 proc_->AddRuleForAllFamilies("empty_fallback", "192.168.0.1");
6937 proc_->SignalMultiple(1u);
6938
6939 ResolveHostResponseHelper response(resolver_->CreateRequest(
6940 HostPortPair("empty_fallback", 80), NetworkAnonymizationKey(),
6941 NetLogWithSource(), std::nullopt, resolve_context_.get()));
6942
6943 EXPECT_THAT(response.result_error(), IsOk());
6944 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
6945 testing::ElementsAre(CreateExpected("192.168.0.1", 80)));
6946 EXPECT_THAT(response.request()->GetEndpointResults(),
6947 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
6948 testing::ElementsAre(CreateExpected("192.168.0.1", 80))))));
6949 }
6950
6951 // Tests getting a new invalid DnsConfig while there are active DnsTasks.
TEST_F(HostResolverManagerDnsTest,InvalidDnsConfigWithPendingRequests)6952 TEST_F(HostResolverManagerDnsTest, InvalidDnsConfigWithPendingRequests) {
6953 // At most 3 jobs active at once. This number is important, since we want
6954 // to make sure that aborting the first HostResolverManager::Job does not
6955 // trigger another DnsTransaction on the second Job when it releases its
6956 // second prioritized dispatcher slot.
6957 CreateResolverWithLimitsAndParams(3u, DefaultParams(proc_),
6958 true /* ipv6_reachable */,
6959 true /* check_ipv6_on_wifi */);
6960
6961 ChangeDnsConfig(CreateValidDnsConfig());
6962
6963 proc_->AddRuleForAllFamilies("slow_nx1", "192.168.0.1");
6964 proc_->AddRuleForAllFamilies("slow_nx2", "192.168.0.2");
6965 proc_->AddRuleForAllFamilies("ok", "192.168.0.3");
6966
6967 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
6968 // First active job gets two slots.
6969 responses.emplace_back(
6970 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
6971 HostPortPair("slow_nx1", 80), NetworkAnonymizationKey(),
6972 NetLogWithSource(), std::nullopt, resolve_context_.get())));
6973 // Next job gets one slot, and waits on another.
6974 responses.emplace_back(
6975 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
6976 HostPortPair("slow_nx2", 80), NetworkAnonymizationKey(),
6977 NetLogWithSource(), std::nullopt, resolve_context_.get())));
6978 responses.emplace_back(
6979 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
6980 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
6981 std::nullopt, resolve_context_.get())));
6982
6983 EXPECT_EQ(3u, num_running_dispatcher_jobs());
6984 for (auto& response : responses) {
6985 EXPECT_FALSE(response->complete());
6986 }
6987
6988 // Clear DNS config. Fully in-progress, partially in-progress, and queued
6989 // requests should all be aborted.
6990 InvalidateDnsConfig();
6991 for (auto& response : responses) {
6992 EXPECT_THAT(response->result_error(), IsError(ERR_NETWORK_CHANGED));
6993 }
6994 }
6995
6996 // Test that initial DNS config read signals do not abort pending requests
6997 // when using DnsClient.
TEST_F(HostResolverManagerDnsTest,DontAbortOnInitialDNSConfigRead)6998 TEST_F(HostResolverManagerDnsTest, DontAbortOnInitialDNSConfigRead) {
6999 // DnsClient is enabled, but there's no DnsConfig, so the request should start
7000 // using HostResolverSystemTask.
7001 ResolveHostResponseHelper response(resolver_->CreateRequest(
7002 HostPortPair("host1", 70), NetworkAnonymizationKey(), NetLogWithSource(),
7003 std::nullopt, resolve_context_.get()));
7004 EXPECT_FALSE(response.complete());
7005
7006 EXPECT_TRUE(proc_->WaitFor(1u));
7007 // Send the initial config read signal, with a valid config.
7008 SetInitialDnsConfig(CreateValidDnsConfig());
7009 proc_->SignalAll();
7010
7011 EXPECT_THAT(response.result_error(), IsOk());
7012 }
7013
7014 // Tests the case that the insecure part of the DnsClient is automatically
7015 // disabled due to failures while there are active DnsTasks.
TEST_F(HostResolverManagerDnsTest,AutomaticallyDisableInsecureDnsClientWithPendingRequests)7016 TEST_F(HostResolverManagerDnsTest,
7017 AutomaticallyDisableInsecureDnsClientWithPendingRequests) {
7018 // Trying different limits is important for this test: Different limits
7019 // result in different behavior when aborting in-progress DnsTasks. Having
7020 // a DnsTask that has one job active and one in the queue when another job
7021 // occupying two slots has its DnsTask aborted is the case most likely to run
7022 // into problems. Try limits between [1, 2 * # of non failure requests].
7023 for (size_t limit = 1u; limit < 10u; ++limit) {
7024 CreateResolverWithLimitsAndParams(limit, DefaultParams(proc_),
7025 true /* ipv6_reachable */,
7026 true /* check_ipv6_on_wifi */);
7027
7028 // Set the resolver in automatic-secure mode.
7029 net::DnsConfig config = CreateValidDnsConfig();
7030 config.secure_dns_mode = SecureDnsMode::kAutomatic;
7031 ChangeDnsConfig(config);
7032
7033 // Start with request parameters that disable Secure DNS.
7034 HostResolver::ResolveHostParameters parameters;
7035 parameters.secure_dns_policy = SecureDnsPolicy::kDisable;
7036
7037 // Queue up enough failures to disable insecure DnsTasks. These will all
7038 // fall back to HostResolverSystemTasks, and succeed there.
7039 std::vector<std::unique_ptr<ResolveHostResponseHelper>> failure_responses;
7040 for (unsigned i = 0u; i < maximum_insecure_dns_task_failures(); ++i) {
7041 std::string host = base::StringPrintf("nx%u", i);
7042 proc_->AddRuleForAllFamilies(host, "192.168.0.1");
7043 failure_responses.emplace_back(
7044 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7045 HostPortPair(host, 80), NetworkAnonymizationKey(),
7046 NetLogWithSource(), parameters, resolve_context_.get())));
7047 EXPECT_FALSE(failure_responses[i]->complete());
7048 }
7049
7050 // These requests should all bypass insecure DnsTasks, due to the above
7051 // failures, so should end up using HostResolverSystemTasks.
7052 proc_->AddRuleForAllFamilies("slow_ok1", "192.168.0.2");
7053 ResolveHostResponseHelper response0(resolver_->CreateRequest(
7054 HostPortPair("slow_ok1", 80), NetworkAnonymizationKey(),
7055 NetLogWithSource(), parameters, resolve_context_.get()));
7056 EXPECT_FALSE(response0.complete());
7057 proc_->AddRuleForAllFamilies("slow_ok2", "192.168.0.3");
7058 ResolveHostResponseHelper response1(resolver_->CreateRequest(
7059 HostPortPair("slow_ok2", 80), NetworkAnonymizationKey(),
7060 NetLogWithSource(), parameters, resolve_context_.get()));
7061 EXPECT_FALSE(response1.complete());
7062 proc_->AddRuleForAllFamilies("slow_ok3", "192.168.0.4");
7063 ResolveHostResponseHelper response2(resolver_->CreateRequest(
7064 HostPortPair("slow_ok3", 80), NetworkAnonymizationKey(),
7065 NetLogWithSource(), parameters, resolve_context_.get()));
7066 EXPECT_FALSE(response2.complete());
7067
7068 // Requests specifying DNS source cannot fallback to HostResolverSystemTask,
7069 // so they should be unaffected.
7070 parameters.source = HostResolverSource::DNS;
7071 ResolveHostResponseHelper response_dns(resolver_->CreateRequest(
7072 HostPortPair("6slow_ok", 80), NetworkAnonymizationKey(),
7073 NetLogWithSource(), parameters, resolve_context_.get()));
7074 EXPECT_FALSE(response_dns.complete());
7075
7076 // Requests specifying SYSTEM source should be unaffected by disabling
7077 // DnsClient.
7078 proc_->AddRuleForAllFamilies("nx_ok", "192.168.0.5");
7079 parameters.source = HostResolverSource::SYSTEM;
7080 ResolveHostResponseHelper response_system(resolver_->CreateRequest(
7081 HostPortPair("nx_ok", 80), NetworkAnonymizationKey(),
7082 NetLogWithSource(), parameters, resolve_context_.get()));
7083 EXPECT_FALSE(response_system.complete());
7084
7085 // Secure DnsTasks should not be affected.
7086 ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
7087 HostPortPair("automatic", 80), NetworkAnonymizationKey(),
7088 NetLogWithSource(), /* optional_parameters=*/std::nullopt,
7089 resolve_context_.get()));
7090 EXPECT_FALSE(response_secure.complete());
7091
7092 proc_->SignalMultiple(maximum_insecure_dns_task_failures() + 4);
7093
7094 for (size_t i = 0u; i < maximum_insecure_dns_task_failures(); ++i) {
7095 EXPECT_THAT(failure_responses[i]->result_error(), IsOk());
7096 EXPECT_THAT(
7097 failure_responses[i]->request()->GetAddressResults()->endpoints(),
7098 testing::ElementsAre(CreateExpected("192.168.0.1", 80)));
7099 EXPECT_THAT(
7100 failure_responses[i]->request()->GetEndpointResults(),
7101 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7102 testing::ElementsAre(CreateExpected("192.168.0.1", 80))))));
7103 }
7104
7105 EXPECT_THAT(response0.result_error(), IsOk());
7106 EXPECT_THAT(response0.request()->GetAddressResults()->endpoints(),
7107 testing::ElementsAre(CreateExpected("192.168.0.2", 80)));
7108 EXPECT_THAT(response0.request()->GetEndpointResults(),
7109 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7110 testing::ElementsAre(CreateExpected("192.168.0.2", 80))))));
7111 EXPECT_THAT(response1.result_error(), IsOk());
7112 EXPECT_THAT(response1.request()->GetAddressResults()->endpoints(),
7113 testing::ElementsAre(CreateExpected("192.168.0.3", 80)));
7114 EXPECT_THAT(response1.request()->GetEndpointResults(),
7115 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7116 testing::ElementsAre(CreateExpected("192.168.0.3", 80))))));
7117 EXPECT_THAT(response2.result_error(), IsOk());
7118 EXPECT_THAT(response2.request()->GetAddressResults()->endpoints(),
7119 testing::ElementsAre(CreateExpected("192.168.0.4", 80)));
7120 EXPECT_THAT(response2.request()->GetEndpointResults(),
7121 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7122 testing::ElementsAre(CreateExpected("192.168.0.4", 80))))));
7123
7124 mock_dns_client_->CompleteDelayedTransactions();
7125 EXPECT_THAT(response_dns.result_error(), IsOk());
7126
7127 EXPECT_THAT(response_system.result_error(), IsOk());
7128 EXPECT_THAT(response_system.request()->GetAddressResults()->endpoints(),
7129 testing::ElementsAre(CreateExpected("192.168.0.5", 80)));
7130 EXPECT_THAT(response_system.request()->GetEndpointResults(),
7131 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7132 testing::ElementsAre(CreateExpected("192.168.0.5", 80))))));
7133
7134 EXPECT_THAT(response_secure.result_error(), IsOk());
7135 }
7136 }
7137
7138 // Tests a call to SetDnsClient while there are active DnsTasks.
TEST_F(HostResolverManagerDnsTest,ManuallyDisableDnsClientWithPendingRequests)7139 TEST_F(HostResolverManagerDnsTest,
7140 ManuallyDisableDnsClientWithPendingRequests) {
7141 // At most 3 jobs active at once. This number is important, since we want to
7142 // make sure that aborting the first HostResolverManager::Job does not trigger
7143 // another DnsTransaction on the second Job when it releases its second
7144 // prioritized dispatcher slot.
7145 CreateResolverWithLimitsAndParams(3u, DefaultParams(proc_),
7146 true /* ipv6_reachable */,
7147 true /* check_ipv6_on_wifi */);
7148
7149 ChangeDnsConfig(CreateValidDnsConfig());
7150
7151 proc_->AddRuleForAllFamilies("slow_ok1", "192.168.0.1");
7152 proc_->AddRuleForAllFamilies("slow_ok2", "192.168.0.2");
7153 proc_->AddRuleForAllFamilies("ok", "192.168.0.3");
7154
7155 std::vector<std::unique_ptr<ResolveHostResponseHelper>> responses;
7156 // First active job gets two slots.
7157 responses.emplace_back(
7158 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7159 HostPortPair("slow_ok1", 80), NetworkAnonymizationKey(),
7160 NetLogWithSource(), std::nullopt, resolve_context_.get())));
7161 EXPECT_FALSE(responses[0]->complete());
7162 // Next job gets one slot, and waits on another.
7163 responses.emplace_back(
7164 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7165 HostPortPair("slow_ok2", 80), NetworkAnonymizationKey(),
7166 NetLogWithSource(), std::nullopt, resolve_context_.get())));
7167 EXPECT_FALSE(responses[1]->complete());
7168 // Next one is queued.
7169 responses.emplace_back(
7170 std::make_unique<ResolveHostResponseHelper>(resolver_->CreateRequest(
7171 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7172 std::nullopt, resolve_context_.get())));
7173 EXPECT_FALSE(responses[2]->complete());
7174
7175 EXPECT_EQ(3u, num_running_dispatcher_jobs());
7176
7177 // Clear DnsClient. The two in-progress jobs should fall back to a
7178 // HostResolverSystemTask, and the next one should be started with a
7179 // HostResolverSystemTask.
7180 resolver_->SetInsecureDnsClientEnabled(
7181 /*enabled=*/false,
7182 /*additional_dns_types_enabled=*/false);
7183
7184 // All three in-progress requests should now be running a
7185 // HostResolverSystemTask.
7186 EXPECT_EQ(3u, num_running_dispatcher_jobs());
7187 proc_->SignalMultiple(3u);
7188
7189 for (auto& response : responses) {
7190 EXPECT_THAT(response->result_error(), IsOk());
7191 }
7192 EXPECT_THAT(responses[0]->request()->GetAddressResults()->endpoints(),
7193 testing::ElementsAre(CreateExpected("192.168.0.1", 80)));
7194 EXPECT_THAT(responses[0]->request()->GetEndpointResults(),
7195 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7196 testing::ElementsAre(CreateExpected("192.168.0.1", 80))))));
7197 EXPECT_THAT(responses[1]->request()->GetAddressResults()->endpoints(),
7198 testing::ElementsAre(CreateExpected("192.168.0.2", 80)));
7199 EXPECT_THAT(responses[1]->request()->GetEndpointResults(),
7200 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7201 testing::ElementsAre(CreateExpected("192.168.0.2", 80))))));
7202 EXPECT_THAT(responses[2]->request()->GetAddressResults()->endpoints(),
7203 testing::ElementsAre(CreateExpected("192.168.0.3", 80)));
7204 EXPECT_THAT(responses[2]->request()->GetEndpointResults(),
7205 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7206 testing::ElementsAre(CreateExpected("192.168.0.3", 80))))));
7207 }
7208
7209 // When explicitly requesting source=DNS, no fallback allowed, so doing so with
7210 // DnsClient disabled should result in an error.
TEST_F(HostResolverManagerDnsTest,DnsCallsWithDisabledDnsClient)7211 TEST_F(HostResolverManagerDnsTest, DnsCallsWithDisabledDnsClient) {
7212 ChangeDnsConfig(CreateValidDnsConfig());
7213 resolver_->SetInsecureDnsClientEnabled(
7214 /*enabled=*/false,
7215 /*additional_dns_types_enabled=*/false);
7216
7217 HostResolver::ResolveHostParameters params;
7218 params.source = HostResolverSource::DNS;
7219 ResolveHostResponseHelper response(resolver_->CreateRequest(
7220 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7221 params, resolve_context_.get()));
7222
7223 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
7224 }
7225
TEST_F(HostResolverManagerDnsTest,DnsCallsWithDisabledDnsClient_DisabledAtConstruction)7226 TEST_F(HostResolverManagerDnsTest,
7227 DnsCallsWithDisabledDnsClient_DisabledAtConstruction) {
7228 HostResolver::ManagerOptions options = DefaultOptions();
7229 options.insecure_dns_client_enabled = false;
7230 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
7231 true /* ipv6_reachable */);
7232 ChangeDnsConfig(CreateValidDnsConfig());
7233
7234 HostResolver::ResolveHostParameters params;
7235 params.source = HostResolverSource::DNS;
7236 ResolveHostResponseHelper response(resolver_->CreateRequest(
7237 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7238 params, resolve_context_.get()));
7239
7240 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
7241 }
7242
7243 // Same as DnsClient disabled, requests with source=DNS and no usable DnsConfig
7244 // should result in an error.
TEST_F(HostResolverManagerDnsTest,DnsCallsWithNoDnsConfig)7245 TEST_F(HostResolverManagerDnsTest, DnsCallsWithNoDnsConfig) {
7246 InvalidateDnsConfig();
7247
7248 HostResolver::ResolveHostParameters params;
7249 params.source = HostResolverSource::DNS;
7250 ResolveHostResponseHelper response(resolver_->CreateRequest(
7251 HostPortPair("host", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7252 params, resolve_context_.get()));
7253
7254 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
7255 }
7256
TEST_F(HostResolverManagerDnsTest,NoCheckIpv6OnWifi)7257 TEST_F(HostResolverManagerDnsTest, NoCheckIpv6OnWifi) {
7258 // CreateSerialResolver will destroy the current resolver_ which will attempt
7259 // to remove itself from the NetworkChangeNotifier. If this happens after a
7260 // new NetworkChangeNotifier is active, then it will not remove itself from
7261 // the old NetworkChangeNotifier which is a potential use-after-free.
7262 DestroyResolver();
7263 test::ScopedMockNetworkChangeNotifier notifier;
7264 // Serial resolver to guarantee order of resolutions.
7265 CreateSerialResolver(false /* check_ipv6_on_wifi */);
7266
7267 notifier.mock_network_change_notifier()->SetConnectionType(
7268 NetworkChangeNotifier::CONNECTION_WIFI);
7269 // Needed so IPv6 availability check isn't skipped.
7270 ChangeDnsConfig(CreateValidDnsConfig());
7271
7272 proc_->AddRule("h1", ADDRESS_FAMILY_UNSPECIFIED, "::3");
7273 proc_->AddRule("h1", ADDRESS_FAMILY_IPV4, "1.0.0.1");
7274 proc_->AddRule("h1", ADDRESS_FAMILY_IPV4, "1.0.0.1",
7275 HOST_RESOLVER_DEFAULT_FAMILY_SET_DUE_TO_NO_IPV6);
7276 proc_->AddRule("h1", ADDRESS_FAMILY_IPV6, "::2");
7277
7278 ResolveHostResponseHelper response(resolver_->CreateRequest(
7279 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7280 std::nullopt, resolve_context_.get()));
7281 HostResolver::ResolveHostParameters parameters;
7282 parameters.dns_query_type = DnsQueryType::A;
7283 ResolveHostResponseHelper v4_response(resolver_->CreateRequest(
7284 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7285 parameters, resolve_context_.get()));
7286 parameters.dns_query_type = DnsQueryType::AAAA;
7287 ResolveHostResponseHelper v6_response(resolver_->CreateRequest(
7288 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7289 parameters, resolve_context_.get()));
7290
7291 proc_->SignalMultiple(3u);
7292
7293 // Should revert to only IPV4 request.
7294 EXPECT_THAT(response.result_error(), IsOk());
7295 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
7296 testing::ElementsAre(CreateExpected("1.0.0.1", 80)));
7297 EXPECT_THAT(response.request()->GetEndpointResults(),
7298 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7299 testing::ElementsAre(CreateExpected("1.0.0.1", 80))))));
7300
7301 EXPECT_THAT(v4_response.result_error(), IsOk());
7302 EXPECT_THAT(v4_response.request()->GetAddressResults()->endpoints(),
7303 testing::ElementsAre(CreateExpected("1.0.0.1", 80)));
7304 EXPECT_THAT(v4_response.request()->GetEndpointResults(),
7305 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7306 testing::ElementsAre(CreateExpected("1.0.0.1", 80))))));
7307 EXPECT_THAT(v6_response.result_error(), IsOk());
7308 EXPECT_THAT(v6_response.request()->GetAddressResults()->endpoints(),
7309 testing::ElementsAre(CreateExpected("::2", 80)));
7310 EXPECT_THAT(v6_response.request()->GetEndpointResults(),
7311 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7312 testing::ElementsAre(CreateExpected("::2", 80))))));
7313
7314 // Now repeat the test on non-wifi to check that IPv6 is used as normal
7315 // after the network changes.
7316 notifier.mock_network_change_notifier()->SetConnectionType(
7317 NetworkChangeNotifier::CONNECTION_4G);
7318 base::RunLoop().RunUntilIdle(); // Wait for NetworkChangeNotifier.
7319
7320 ResolveHostResponseHelper no_wifi_response(resolver_->CreateRequest(
7321 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7322 std::nullopt, resolve_context_.get()));
7323 parameters.dns_query_type = DnsQueryType::A;
7324 ResolveHostResponseHelper no_wifi_v4_response(resolver_->CreateRequest(
7325 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7326 parameters, resolve_context_.get()));
7327 parameters.dns_query_type = DnsQueryType::AAAA;
7328 ResolveHostResponseHelper no_wifi_v6_response(resolver_->CreateRequest(
7329 HostPortPair("h1", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7330 parameters, resolve_context_.get()));
7331
7332 proc_->SignalMultiple(3u);
7333
7334 // IPV6 should be available.
7335 EXPECT_THAT(no_wifi_response.result_error(), IsOk());
7336 EXPECT_THAT(no_wifi_response.request()->GetAddressResults()->endpoints(),
7337 testing::ElementsAre(CreateExpected("::3", 80)));
7338 EXPECT_THAT(no_wifi_response.request()->GetEndpointResults(),
7339 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7340 testing::ElementsAre(CreateExpected("::3", 80))))));
7341
7342 EXPECT_THAT(no_wifi_v4_response.result_error(), IsOk());
7343 EXPECT_THAT(no_wifi_v4_response.request()->GetAddressResults()->endpoints(),
7344 testing::ElementsAre(CreateExpected("1.0.0.1", 80)));
7345 EXPECT_THAT(no_wifi_v4_response.request()->GetEndpointResults(),
7346 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7347 testing::ElementsAre(CreateExpected("1.0.0.1", 80))))));
7348 EXPECT_THAT(no_wifi_v6_response.result_error(), IsOk());
7349 EXPECT_THAT(no_wifi_v6_response.request()->GetAddressResults()->endpoints(),
7350 testing::ElementsAre(CreateExpected("::2", 80)));
7351 EXPECT_THAT(no_wifi_v6_response.request()->GetEndpointResults(),
7352 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7353 testing::ElementsAre(CreateExpected("::2", 80))))));
7354 }
7355
TEST_F(HostResolverManagerDnsTest,NotFoundTtl)7356 TEST_F(HostResolverManagerDnsTest, NotFoundTtl) {
7357 base::test::ScopedFeatureList feature_list;
7358 feature_list.InitWithFeatures(
7359 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey,
7360 features::kUseHostResolverCache},
7361 /*disabled_features=*/{});
7362
7363 CreateResolver();
7364 set_allow_fallback_to_systemtask(false);
7365 ChangeDnsConfig(CreateValidDnsConfig());
7366
7367 const SchemefulSite kSite(GURL("https://site.test/"));
7368 const auto kNetworkAnonymizationKey =
7369 NetworkAnonymizationKey::CreateSameSite(kSite);
7370
7371 // NODATA
7372 ResolveHostResponseHelper no_data_response(resolver_->CreateRequest(
7373 HostPortPair("empty", 80), kNetworkAnonymizationKey, NetLogWithSource(),
7374 std::nullopt, resolve_context_.get()));
7375 EXPECT_THAT(no_data_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7376 EXPECT_THAT(no_data_response.request()->GetAddressResults(),
7377 AnyOf(nullptr, Pointee(IsEmpty())));
7378 EXPECT_THAT(no_data_response.request()->GetEndpointResults(),
7379 AnyOf(nullptr, Pointee(IsEmpty())));
7380 EXPECT_THAT(
7381 resolve_context_->host_resolver_cache()->Lookup(
7382 "empty", kNetworkAnonymizationKey, DnsQueryType::A,
7383 HostResolverSource::DNS, /*secure=*/false),
7384 Pointee(ExpectHostResolverInternalErrorResult(
7385 "empty", DnsQueryType::A, HostResolverInternalResult::Source::kDns,
7386 Optional(base::TimeTicks::Now() + base::Days(1)),
7387 Optional(base::Time::Now() + base::Days(1)), ERR_NAME_NOT_RESOLVED)));
7388 EXPECT_THAT(
7389 resolve_context_->host_resolver_cache()->Lookup(
7390 "empty", kNetworkAnonymizationKey, DnsQueryType::AAAA,
7391 HostResolverSource::DNS, /*secure=*/false),
7392 Pointee(ExpectHostResolverInternalErrorResult(
7393 "empty", DnsQueryType::AAAA, HostResolverInternalResult::Source::kDns,
7394 Optional(base::TimeTicks::Now() + base::Days(1)),
7395 Optional(base::Time::Now() + base::Days(1)), ERR_NAME_NOT_RESOLVED)));
7396
7397 // NXDOMAIN
7398 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
7399 HostPortPair("nodomain", 80), kNetworkAnonymizationKey,
7400 NetLogWithSource(), std::nullopt, resolve_context_.get()));
7401 EXPECT_THAT(no_domain_response.result_error(),
7402 IsError(ERR_NAME_NOT_RESOLVED));
7403 EXPECT_THAT(no_domain_response.request()->GetAddressResults(),
7404 AnyOf(nullptr, Pointee(IsEmpty())));
7405 EXPECT_THAT(no_domain_response.request()->GetEndpointResults(),
7406 AnyOf(nullptr, Pointee(IsEmpty())));
7407 EXPECT_THAT(
7408 resolve_context_->host_resolver_cache()->Lookup(
7409 "nodomain", kNetworkAnonymizationKey, DnsQueryType::A,
7410 HostResolverSource::DNS, /*secure=*/false),
7411 Pointee(ExpectHostResolverInternalErrorResult(
7412 "nodomain", DnsQueryType::A, HostResolverInternalResult::Source::kDns,
7413 Optional(base::TimeTicks::Now() + base::Days(1)),
7414 Optional(base::Time::Now() + base::Days(1)), ERR_NAME_NOT_RESOLVED)));
7415 EXPECT_THAT(
7416 resolve_context_->host_resolver_cache()->Lookup(
7417 "nodomain", kNetworkAnonymizationKey, DnsQueryType::AAAA,
7418 HostResolverSource::DNS, /*secure=*/false),
7419 Pointee(ExpectHostResolverInternalErrorResult(
7420 "nodomain", DnsQueryType::AAAA,
7421 HostResolverInternalResult::Source::kDns,
7422 Optional(base::TimeTicks::Now() + base::Days(1)),
7423 Optional(base::Time::Now() + base::Days(1)), ERR_NAME_NOT_RESOLVED)));
7424 }
7425
TEST_F(HostResolverManagerDnsTest,NotFoundTtlWithHostCache)7426 TEST_F(HostResolverManagerDnsTest, NotFoundTtlWithHostCache) {
7427 base::test::ScopedFeatureList feature_list;
7428 feature_list.InitAndDisableFeature(features::kUseHostResolverCache);
7429
7430 CreateResolver();
7431 set_allow_fallback_to_systemtask(false);
7432 ChangeDnsConfig(CreateValidDnsConfig());
7433
7434 // NODATA
7435 ResolveHostResponseHelper no_data_response(resolver_->CreateRequest(
7436 HostPortPair("empty", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7437 std::nullopt, resolve_context_.get()));
7438 EXPECT_THAT(no_data_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7439 EXPECT_THAT(no_data_response.request()->GetAddressResults(),
7440 AnyOf(nullptr, Pointee(IsEmpty())));
7441 EXPECT_THAT(no_data_response.request()->GetEndpointResults(),
7442 AnyOf(nullptr, Pointee(IsEmpty())));
7443 HostCache::Key key("empty", DnsQueryType::UNSPECIFIED, 0,
7444 HostResolverSource::ANY, NetworkAnonymizationKey());
7445 HostCache::EntryStaleness staleness;
7446 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
7447 resolve_context_->host_cache()->Lookup(key, base::TimeTicks::Now(),
7448 false /* ignore_secure */);
7449 EXPECT_TRUE(!!cache_result);
7450 EXPECT_TRUE(cache_result->second.has_ttl());
7451 EXPECT_THAT(cache_result->second.ttl(), base::Seconds(86400));
7452
7453 // NXDOMAIN
7454 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
7455 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7456 NetLogWithSource(), std::nullopt, resolve_context_.get()));
7457 EXPECT_THAT(no_domain_response.result_error(),
7458 IsError(ERR_NAME_NOT_RESOLVED));
7459 EXPECT_THAT(no_domain_response.request()->GetAddressResults(),
7460 AnyOf(nullptr, Pointee(IsEmpty())));
7461 EXPECT_THAT(no_domain_response.request()->GetEndpointResults(),
7462 AnyOf(nullptr, Pointee(IsEmpty())));
7463 HostCache::Key nxkey("nodomain", DnsQueryType::UNSPECIFIED, 0,
7464 HostResolverSource::ANY, NetworkAnonymizationKey());
7465 cache_result = resolve_context_->host_cache()->Lookup(
7466 nxkey, base::TimeTicks::Now(), false /* ignore_secure */);
7467 EXPECT_TRUE(!!cache_result);
7468 EXPECT_TRUE(cache_result->second.has_ttl());
7469 EXPECT_THAT(cache_result->second.ttl(), base::Seconds(86400));
7470 }
7471
TEST_F(HostResolverManagerDnsTest,CachedError)7472 TEST_F(HostResolverManagerDnsTest, CachedError) {
7473 proc_->AddRuleForAllFamilies(std::string(),
7474 "0.0.0.1"); // Default to failures.
7475 proc_->SignalMultiple(1u);
7476
7477 CreateResolver();
7478 set_allow_fallback_to_systemtask(true);
7479 ChangeDnsConfig(CreateValidDnsConfig());
7480
7481 HostResolver::ResolveHostParameters cache_only_parameters;
7482 cache_only_parameters.source = HostResolverSource::LOCAL_ONLY;
7483
7484 // Expect cache initially empty.
7485 ResolveHostResponseHelper cache_miss_response0(resolver_->CreateRequest(
7486 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7487 NetLogWithSource(), cache_only_parameters, resolve_context_.get()));
7488 EXPECT_THAT(cache_miss_response0.result_error(), IsError(ERR_DNS_CACHE_MISS));
7489 EXPECT_FALSE(cache_miss_response0.request()->GetStaleInfo());
7490
7491 // The cache should not be populate with an error because fallback to
7492 // HostResolverSystemTask was available.
7493 ResolveHostResponseHelper no_domain_response_with_fallback(
7494 resolver_->CreateRequest(HostPortPair("nodomain", 80),
7495 NetworkAnonymizationKey(), NetLogWithSource(),
7496 std::nullopt, resolve_context_.get()));
7497 EXPECT_THAT(no_domain_response_with_fallback.result_error(),
7498 IsError(ERR_NAME_NOT_RESOLVED));
7499
7500 // Expect cache still empty.
7501 ResolveHostResponseHelper cache_miss_response1(resolver_->CreateRequest(
7502 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7503 NetLogWithSource(), cache_only_parameters, resolve_context_.get()));
7504 EXPECT_THAT(cache_miss_response1.result_error(), IsError(ERR_DNS_CACHE_MISS));
7505 EXPECT_FALSE(cache_miss_response1.request()->GetStaleInfo());
7506
7507 // Disable fallback to systemtask
7508 set_allow_fallback_to_systemtask(false);
7509
7510 // Populate cache with an error.
7511 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
7512 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7513 NetLogWithSource(), std::nullopt, resolve_context_.get()));
7514 EXPECT_THAT(no_domain_response.result_error(),
7515 IsError(ERR_NAME_NOT_RESOLVED));
7516
7517 // Expect the error result can be resolved from the cache.
7518 ResolveHostResponseHelper cache_hit_response(resolver_->CreateRequest(
7519 HostPortPair("nodomain", 80), NetworkAnonymizationKey(),
7520 NetLogWithSource(), cache_only_parameters, resolve_context_.get()));
7521 EXPECT_THAT(cache_hit_response.result_error(),
7522 IsError(ERR_NAME_NOT_RESOLVED));
7523 EXPECT_FALSE(cache_hit_response.request()->GetStaleInfo().value().is_stale());
7524 }
7525
TEST_F(HostResolverManagerDnsTest,CachedError_AutomaticMode)7526 TEST_F(HostResolverManagerDnsTest, CachedError_AutomaticMode) {
7527 CreateResolver();
7528 set_allow_fallback_to_systemtask(false);
7529 ChangeDnsConfig(CreateValidDnsConfig());
7530
7531 // Switch to automatic mode.
7532 DnsConfigOverrides overrides;
7533 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
7534 resolver_->SetDnsConfigOverrides(overrides);
7535
7536 HostCache::Key insecure_key =
7537 HostCache::Key("automatic_nodomain", DnsQueryType::UNSPECIFIED,
7538 0 /* host_resolver_flags */, HostResolverSource::ANY,
7539 NetworkAnonymizationKey());
7540 HostCache::Key secure_key =
7541 HostCache::Key("automatic_nodomain", DnsQueryType::UNSPECIFIED,
7542 0 /* host_resolver_flags */, HostResolverSource::ANY,
7543 NetworkAnonymizationKey());
7544 secure_key.secure = true;
7545
7546 // Expect cache initially empty.
7547 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
7548 cache_result = GetCacheHit(secure_key);
7549 EXPECT_FALSE(!!cache_result);
7550 cache_result = GetCacheHit(insecure_key);
7551 EXPECT_FALSE(!!cache_result);
7552
7553 // Populate both secure and insecure caches with an error.
7554 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
7555 HostPortPair("automatic_nodomain", 80), NetworkAnonymizationKey(),
7556 NetLogWithSource(), std::nullopt, resolve_context_.get()));
7557 EXPECT_THAT(no_domain_response.result_error(),
7558 IsError(ERR_NAME_NOT_RESOLVED));
7559
7560 // Expect both secure and insecure caches to have the error result.
7561 cache_result = GetCacheHit(secure_key);
7562 EXPECT_TRUE(!!cache_result);
7563 cache_result = GetCacheHit(insecure_key);
7564 EXPECT_TRUE(!!cache_result);
7565 }
7566
TEST_F(HostResolverManagerDnsTest,CachedError_SecureMode)7567 TEST_F(HostResolverManagerDnsTest, CachedError_SecureMode) {
7568 CreateResolver();
7569 set_allow_fallback_to_systemtask(false);
7570 ChangeDnsConfig(CreateValidDnsConfig());
7571
7572 // Switch to secure mode.
7573 DnsConfigOverrides overrides;
7574 overrides.secure_dns_mode = SecureDnsMode::kSecure;
7575 resolver_->SetDnsConfigOverrides(overrides);
7576
7577 HostCache::Key insecure_key =
7578 HostCache::Key("automatic_nodomain", DnsQueryType::UNSPECIFIED,
7579 0 /* host_resolver_flags */, HostResolverSource::ANY,
7580 NetworkAnonymizationKey());
7581 HostCache::Key secure_key =
7582 HostCache::Key("automatic_nodomain", DnsQueryType::UNSPECIFIED,
7583 0 /* host_resolver_flags */, HostResolverSource::ANY,
7584 NetworkAnonymizationKey());
7585 secure_key.secure = true;
7586
7587 // Expect cache initially empty.
7588 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
7589 cache_result = GetCacheHit(secure_key);
7590 EXPECT_FALSE(!!cache_result);
7591 cache_result = GetCacheHit(insecure_key);
7592 EXPECT_FALSE(!!cache_result);
7593
7594 // Populate secure cache with an error.
7595 ResolveHostResponseHelper no_domain_response(resolver_->CreateRequest(
7596 HostPortPair("automatic_nodomain", 80), NetworkAnonymizationKey(),
7597 NetLogWithSource(), std::nullopt, resolve_context_.get()));
7598 EXPECT_THAT(no_domain_response.result_error(),
7599 IsError(ERR_NAME_NOT_RESOLVED));
7600
7601 // Expect only the secure cache to have the error result.
7602 cache_result = GetCacheHit(secure_key);
7603 EXPECT_TRUE(!!cache_result);
7604 cache_result = GetCacheHit(insecure_key);
7605 EXPECT_FALSE(!!cache_result);
7606 }
7607
7608 // Test that if one of A and AAAA completes successfully and the other fails,
7609 // the failure is not cached.
TEST_F(HostResolverManagerDnsTest,TtlNotSharedBetweenQtypes)7610 TEST_F(HostResolverManagerDnsTest, TtlNotSharedBetweenQtypes) {
7611 CreateResolver();
7612 set_allow_fallback_to_systemtask(false);
7613 ChangeDnsConfig(CreateValidDnsConfig());
7614
7615 ResolveHostResponseHelper response(resolver_->CreateRequest(
7616 HostPortPair("4slow_4timeout", 80), NetworkAnonymizationKey(),
7617 NetLogWithSource(), std::nullopt /* optional_parameters */,
7618 resolve_context_.get()));
7619
7620 // Ensure success completes before the timeout result.
7621 base::RunLoop().RunUntilIdle();
7622 EXPECT_FALSE(response.complete());
7623
7624 mock_dns_client_->CompleteDelayedTransactions();
7625 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
7626
7627 // Expect failure not cached.
7628 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
7629 }
7630
TEST_F(HostResolverManagerDnsTest,CanonicalName)7631 TEST_F(HostResolverManagerDnsTest, CanonicalName) {
7632 MockDnsClientRuleList rules;
7633 AddDnsRule(&rules, "alias", dns_protocol::kTypeA, IPAddress::IPv4Localhost(),
7634 "canonical", false /* delay */);
7635 AddDnsRule(&rules, "alias", dns_protocol::kTypeAAAA,
7636 IPAddress::IPv6Localhost(), "canonical", false /* delay */);
7637
7638 CreateResolver();
7639 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7640 set_allow_fallback_to_systemtask(false);
7641
7642 HostResolver::ResolveHostParameters params;
7643 params.source = HostResolverSource::DNS;
7644 ResolveHostResponseHelper response(resolver_->CreateRequest(
7645 HostPortPair("alias", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7646 params, resolve_context_.get()));
7647 ASSERT_THAT(response.result_error(), IsOk());
7648
7649 EXPECT_THAT(
7650 response.request()->GetDnsAliasResults(),
7651 testing::Pointee(testing::UnorderedElementsAre("canonical", "alias")));
7652 }
7653
TEST_F(HostResolverManagerDnsTest,CanonicalName_PreferV6)7654 TEST_F(HostResolverManagerDnsTest, CanonicalName_PreferV6) {
7655 MockDnsClientRuleList rules;
7656 AddDnsRule(&rules, "alias", dns_protocol::kTypeA, IPAddress::IPv4Localhost(),
7657 "wrong", false /* delay */);
7658 AddDnsRule(&rules, "alias", dns_protocol::kTypeAAAA,
7659 IPAddress::IPv6Localhost(), "correct", true /* delay */);
7660
7661 CreateResolver();
7662 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7663 set_allow_fallback_to_systemtask(false);
7664
7665 HostResolver::ResolveHostParameters params;
7666 params.source = HostResolverSource::DNS;
7667 ResolveHostResponseHelper response(resolver_->CreateRequest(
7668 HostPortPair("alias", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7669 params, resolve_context_.get()));
7670 ASSERT_FALSE(response.complete());
7671 base::RunLoop().RunUntilIdle();
7672 mock_dns_client_->CompleteDelayedTransactions();
7673 ASSERT_THAT(response.result_error(), IsOk());
7674
7675 // GetDnsAliasResults() includes all aliases from all families.
7676 EXPECT_THAT(response.request()->GetDnsAliasResults(),
7677 testing::Pointee(
7678 testing::UnorderedElementsAre("correct", "alias", "wrong")));
7679 }
7680
TEST_F(HostResolverManagerDnsTest,CanonicalName_V4Only)7681 TEST_F(HostResolverManagerDnsTest, CanonicalName_V4Only) {
7682 MockDnsClientRuleList rules;
7683 AddDnsRule(&rules, "alias", dns_protocol::kTypeA, IPAddress::IPv4Localhost(),
7684 "correct", false /* delay */);
7685 CreateResolver();
7686 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7687 set_allow_fallback_to_systemtask(false);
7688
7689 HostResolver::ResolveHostParameters params;
7690 params.dns_query_type = DnsQueryType::A;
7691 params.source = HostResolverSource::DNS;
7692 ResolveHostResponseHelper response(resolver_->CreateRequest(
7693 HostPortPair("alias", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7694 params, resolve_context_.get()));
7695 ASSERT_THAT(response.result_error(), IsOk());
7696 EXPECT_THAT(
7697 response.request()->GetDnsAliasResults(),
7698 testing::Pointee(testing::UnorderedElementsAre("correct", "alias")));
7699 }
7700
7701 // Test that responses containing CNAME records but no address results are fine
7702 // and treated as normal NODATA responses.
TEST_F(HostResolverManagerDnsTest,CanonicalNameWithoutResults)7703 TEST_F(HostResolverManagerDnsTest, CanonicalNameWithoutResults) {
7704 MockDnsClientRuleList rules;
7705
7706 DnsResponse a_response =
7707 BuildTestDnsResponse("a.test", dns_protocol::kTypeA,
7708 {BuildTestCnameRecord("c.test", "d.test"),
7709 BuildTestCnameRecord("b.test", "c.test"),
7710 BuildTestCnameRecord("a.test", "b.test")});
7711 AddDnsRule(&rules, "a.test", dns_protocol::kTypeA, std::move(a_response),
7712 /*delay=*/false);
7713
7714 DnsResponse aaaa_response =
7715 BuildTestDnsResponse("a.test", dns_protocol::kTypeAAAA,
7716 {BuildTestCnameRecord("c.test", "d.test"),
7717 BuildTestCnameRecord("b.test", "c.test"),
7718 BuildTestCnameRecord("a.test", "b.test")});
7719 AddDnsRule(&rules, "a.test", dns_protocol::kTypeAAAA,
7720 std::move(aaaa_response), /*delay=*/false);
7721
7722 CreateResolver();
7723 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7724 set_allow_fallback_to_systemtask(false);
7725
7726 ResolveHostResponseHelper response(resolver_->CreateRequest(
7727 HostPortPair("a.test", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7728 /*optional_parameters=*/std::nullopt, resolve_context_.get()));
7729
7730 ASSERT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
7731 EXPECT_FALSE(response.request()->GetDnsAliasResults());
7732
7733 // Underlying error should be the typical no-results error
7734 // (ERR_NAME_NOT_RESOLVED), not anything more exotic like
7735 // ERR_DNS_MALFORMED_RESPONSE.
7736 EXPECT_EQ(response.request()->GetResolveErrorInfo().error,
7737 ERR_NAME_NOT_RESOLVED);
7738 }
7739
7740 // Test that if the response for one address family contains CNAME records but
7741 // no address results, it doesn't interfere with the other address family
7742 // receiving address results (as would happen if such a response were
7743 // incorrectly treated as a malformed response error).
TEST_F(HostResolverManagerDnsTest,CanonicalNameWithResultsForOnlyOneFamily)7744 TEST_F(HostResolverManagerDnsTest, CanonicalNameWithResultsForOnlyOneFamily) {
7745 MockDnsClientRuleList rules;
7746
7747 DnsResponse a_response =
7748 BuildTestDnsResponse("a.test", dns_protocol::kTypeA,
7749 {BuildTestCnameRecord("c.test", "d.test"),
7750 BuildTestCnameRecord("b.test", "c.test"),
7751 BuildTestCnameRecord("a.test", "b.test")});
7752 AddDnsRule(&rules, "a.test", dns_protocol::kTypeA, std::move(a_response),
7753 /*delay=*/false);
7754
7755 DnsResponse aaaa_response = BuildTestDnsResponse(
7756 "a.test", dns_protocol::kTypeAAAA,
7757 {BuildTestAddressRecord("d.test", IPAddress::IPv6Localhost()),
7758 BuildTestCnameRecord("c.test", "d.test"),
7759 BuildTestCnameRecord("b.test", "c.test"),
7760 BuildTestCnameRecord("a.test", "b.test")});
7761 AddDnsRule(&rules, "a.test", dns_protocol::kTypeAAAA,
7762 std::move(aaaa_response), /*delay=*/false);
7763
7764 CreateResolver();
7765 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7766
7767 ResolveHostResponseHelper response(resolver_->CreateRequest(
7768 HostPortPair("a.test", 80), NetworkAnonymizationKey(), NetLogWithSource(),
7769 /*optional_parameters=*/std::nullopt, resolve_context_.get()));
7770
7771 ASSERT_THAT(response.result_error(), IsOk());
7772
7773 ASSERT_TRUE(response.request()->GetAddressResults());
7774 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
7775 testing::ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 80)));
7776 EXPECT_THAT(
7777 response.request()->GetEndpointResults(),
7778 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
7779 testing::ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 80))))));
7780 }
7781
7782 // Test that without specifying source, a request that would otherwise be
7783 // handled by DNS is sent to the system resolver if cannonname is requested.
TEST_F(HostResolverManagerDnsTest,CanonicalNameForcesProc)7784 TEST_F(HostResolverManagerDnsTest, CanonicalNameForcesProc) {
7785 // Disable fallback to ensure system resolver is used directly, not via
7786 // fallback.
7787 set_allow_fallback_to_systemtask(false);
7788
7789 proc_->AddRuleForAllFamilies("nx_succeed", "192.168.1.102",
7790 HOST_RESOLVER_CANONNAME, "canonical");
7791 proc_->SignalMultiple(1u);
7792
7793 ChangeDnsConfig(CreateValidDnsConfig());
7794
7795 HostResolver::ResolveHostParameters params;
7796 params.include_canonical_name = true;
7797 ResolveHostResponseHelper response(resolver_->CreateRequest(
7798 HostPortPair("nx_succeed", 80), NetworkAnonymizationKey(),
7799 NetLogWithSource(), params, resolve_context_.get()));
7800 ASSERT_THAT(response.result_error(), IsOk());
7801
7802 EXPECT_THAT(response.request()->GetDnsAliasResults(),
7803 testing::Pointee(testing::UnorderedElementsAre("canonical")));
7804 }
7805
TEST_F(HostResolverManagerDnsTest,DnsAliases)7806 TEST_F(HostResolverManagerDnsTest, DnsAliases) {
7807 MockDnsClientRuleList rules;
7808
7809 DnsResponse expected_A_response = BuildTestDnsResponse(
7810 "first.test", dns_protocol::kTypeA,
7811 {BuildTestAddressRecord("fourth.test", IPAddress::IPv4Localhost()),
7812 BuildTestCnameRecord("third.test", "fourth.test"),
7813 BuildTestCnameRecord("second.test", "third.test"),
7814 BuildTestCnameRecord("first.test", "second.test")});
7815
7816 AddDnsRule(&rules, "first.test", dns_protocol::kTypeA,
7817 std::move(expected_A_response), false /* delay */);
7818
7819 DnsResponse expected_AAAA_response = BuildTestDnsResponse(
7820 "first.test", dns_protocol::kTypeAAAA,
7821 {BuildTestAddressRecord("fourth.test", IPAddress::IPv6Localhost()),
7822 BuildTestCnameRecord("third.test", "fourth.test"),
7823 BuildTestCnameRecord("second.test", "third.test"),
7824 BuildTestCnameRecord("first.test", "second.test")});
7825
7826 AddDnsRule(&rules, "first.test", dns_protocol::kTypeAAAA,
7827 std::move(expected_AAAA_response), false /* delay */);
7828
7829 CreateResolver();
7830 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7831 set_allow_fallback_to_systemtask(false);
7832 HostResolver::ResolveHostParameters params;
7833 params.source = HostResolverSource::DNS;
7834
7835 ResolveHostResponseHelper response(resolver_->CreateRequest(
7836 HostPortPair("first.test", 80), NetworkAnonymizationKey(),
7837 NetLogWithSource(), params, resolve_context_.get()));
7838
7839 ASSERT_THAT(response.result_error(), IsOk());
7840 ASSERT_TRUE(response.request()->GetAddressResults());
7841 EXPECT_THAT(response.request()->GetAddressResults()->dns_aliases(),
7842 testing::UnorderedElementsAre("fourth.test", "third.test",
7843 "second.test", "first.test"));
7844
7845 EXPECT_THAT(response.request()->GetDnsAliasResults(),
7846 testing::Pointee(testing::UnorderedElementsAre(
7847 "fourth.test", "third.test", "second.test", "first.test")));
7848 }
7849
TEST_F(HostResolverManagerDnsTest,DnsAliasesAreFixedUp)7850 TEST_F(HostResolverManagerDnsTest, DnsAliasesAreFixedUp) {
7851 MockDnsClientRuleList rules;
7852
7853 // Need to manually encode non-URL-canonical names because DNSDomainFromDot()
7854 // requires URL-canonical names.
7855 constexpr char kNonCanonicalName[] = "\005HOST2\004test\000";
7856
7857 DnsResponse expected_A_response = BuildTestDnsResponse(
7858 "host.test", dns_protocol::kTypeA,
7859 {BuildTestAddressRecord("host2.test", IPAddress::IPv4Localhost()),
7860 BuildTestDnsRecord(
7861 "host.test", dns_protocol::kTypeCNAME,
7862 std::string(kNonCanonicalName, sizeof(kNonCanonicalName) - 1))});
7863
7864 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA,
7865 std::move(expected_A_response), false /* delay */);
7866
7867 DnsResponse expected_AAAA_response = BuildTestDnsResponse(
7868 "host.test", dns_protocol::kTypeAAAA,
7869 {BuildTestAddressRecord("host2.test", IPAddress::IPv6Localhost()),
7870 BuildTestDnsRecord(
7871 "host.test", dns_protocol::kTypeCNAME,
7872 std::string(kNonCanonicalName, sizeof(kNonCanonicalName) - 1))});
7873
7874 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
7875 std::move(expected_AAAA_response), false /* delay */);
7876
7877 CreateResolver();
7878 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7879 set_allow_fallback_to_systemtask(false);
7880 HostResolver::ResolveHostParameters params;
7881 params.source = HostResolverSource::DNS;
7882
7883 ResolveHostResponseHelper response(resolver_->CreateRequest(
7884 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
7885 NetLogWithSource(), params, resolve_context_.get()));
7886
7887 ASSERT_THAT(response.result_error(), IsOk());
7888 ASSERT_TRUE(response.request()->GetAddressResults());
7889 EXPECT_THAT(response.request()->GetAddressResults()->dns_aliases(),
7890 testing::UnorderedElementsAre("host2.test", "host.test"));
7891 EXPECT_THAT(response.request()->GetDnsAliasResults(),
7892 testing::Pointee(
7893 testing::UnorderedElementsAre("host2.test", "host.test")));
7894 }
7895
TEST_F(HostResolverManagerDnsTest,RejectsLocalhostAlias)7896 TEST_F(HostResolverManagerDnsTest, RejectsLocalhostAlias) {
7897 MockDnsClientRuleList rules;
7898
7899 DnsResponse expected_A_response = BuildTestDnsResponse(
7900 "host.test", dns_protocol::kTypeA,
7901 {BuildTestAddressRecord("localhost", IPAddress::IPv4Localhost()),
7902 BuildTestCnameRecord("host.test", "localhost")});
7903
7904 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA,
7905 std::move(expected_A_response), false /* delay */);
7906
7907 DnsResponse expected_AAAA_response = BuildTestDnsResponse(
7908 "host.test", dns_protocol::kTypeAAAA,
7909 {BuildTestAddressRecord("localhost", IPAddress::IPv6Localhost()),
7910 BuildTestCnameRecord("host.test", "localhost")});
7911
7912 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
7913 std::move(expected_AAAA_response), false /* delay */);
7914
7915 CreateResolver();
7916 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7917 set_allow_fallback_to_systemtask(false);
7918 HostResolver::ResolveHostParameters params;
7919 params.source = HostResolverSource::DNS;
7920
7921 ResolveHostResponseHelper response(resolver_->CreateRequest(
7922 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
7923 NetLogWithSource(), params, resolve_context_.get()));
7924
7925 ASSERT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
7926 }
7927
TEST_F(HostResolverManagerDnsTest,NoAdditionalDnsAliases)7928 TEST_F(HostResolverManagerDnsTest, NoAdditionalDnsAliases) {
7929 MockDnsClientRuleList rules;
7930
7931 AddDnsRule(&rules, "first.test", dns_protocol::kTypeA,
7932 IPAddress::IPv4Localhost(), false /* delay */);
7933
7934 AddDnsRule(&rules, "first.test", dns_protocol::kTypeAAAA,
7935 IPAddress::IPv6Localhost(), false /* delay */);
7936
7937 CreateResolver();
7938 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
7939 set_allow_fallback_to_systemtask(false);
7940 HostResolver::ResolveHostParameters params;
7941 params.source = HostResolverSource::DNS;
7942
7943 ResolveHostResponseHelper response(resolver_->CreateRequest(
7944 HostPortPair("first.test", 80), NetworkAnonymizationKey(),
7945 NetLogWithSource(), params, resolve_context_.get()));
7946
7947 ASSERT_THAT(response.result_error(), IsOk());
7948 ASSERT_TRUE(response.request()->GetAddressResults());
7949 EXPECT_THAT(response.request()->GetAddressResults()->dns_aliases(),
7950 testing::ElementsAre("first.test"));
7951 EXPECT_THAT(response.request()->GetDnsAliasResults(),
7952 testing::Pointee(testing::UnorderedElementsAre("first.test")));
7953 }
7954
TEST_F(HostResolverManagerTest,ResolveLocalHostname)7955 TEST_F(HostResolverManagerTest, ResolveLocalHostname) {
7956 std::vector<IPEndPoint> addresses;
7957
7958 TestBothLoopbackIPs("localhost");
7959 TestBothLoopbackIPs("localhoST");
7960 TestBothLoopbackIPs("localhost.");
7961 TestBothLoopbackIPs("localhoST.");
7962 TestBothLoopbackIPs("foo.localhost");
7963 TestBothLoopbackIPs("foo.localhOSt");
7964 TestBothLoopbackIPs("foo.localhost.");
7965 TestBothLoopbackIPs("foo.localhOSt.");
7966
7967 // Legacy localhost names.
7968 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomain", &addresses));
7969 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomAIn", &addresses));
7970 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomain.", &addresses));
7971 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomAIn.", &addresses));
7972 EXPECT_FALSE(ResolveLocalHostname("localhost6", &addresses));
7973 EXPECT_FALSE(ResolveLocalHostname("localhoST6", &addresses));
7974 EXPECT_FALSE(ResolveLocalHostname("localhost6.", &addresses));
7975 EXPECT_FALSE(ResolveLocalHostname("localhost6.localdomain6", &addresses));
7976 EXPECT_FALSE(ResolveLocalHostname("localhost6.localdomain6.", &addresses));
7977
7978 EXPECT_FALSE(ResolveLocalHostname("127.0.0.1", &addresses));
7979 EXPECT_FALSE(ResolveLocalHostname("::1", &addresses));
7980 EXPECT_FALSE(ResolveLocalHostname("0:0:0:0:0:0:0:1", &addresses));
7981 EXPECT_FALSE(ResolveLocalHostname("localhostx", &addresses));
7982 EXPECT_FALSE(ResolveLocalHostname("localhost.x", &addresses));
7983 EXPECT_FALSE(ResolveLocalHostname("foo.localdomain", &addresses));
7984 EXPECT_FALSE(ResolveLocalHostname("foo.localdomain.x", &addresses));
7985 EXPECT_FALSE(ResolveLocalHostname("localhost6x", &addresses));
7986 EXPECT_FALSE(ResolveLocalHostname("localhost.localdomain6", &addresses));
7987 EXPECT_FALSE(ResolveLocalHostname("localhost6.localdomain", &addresses));
7988 EXPECT_FALSE(ResolveLocalHostname("127.0.0.1.1", &addresses));
7989 EXPECT_FALSE(ResolveLocalHostname(".127.0.0.255", &addresses));
7990 EXPECT_FALSE(ResolveLocalHostname("::2", &addresses));
7991 EXPECT_FALSE(ResolveLocalHostname("::1:1", &addresses));
7992 EXPECT_FALSE(ResolveLocalHostname("0:0:0:0:1:0:0:1", &addresses));
7993 EXPECT_FALSE(ResolveLocalHostname("::1:1", &addresses));
7994 EXPECT_FALSE(ResolveLocalHostname("0:0:0:0:0:0:0:0:1", &addresses));
7995 EXPECT_FALSE(ResolveLocalHostname("foo.localhost.com", &addresses));
7996 EXPECT_FALSE(ResolveLocalHostname("foo.localhoste", &addresses));
7997 }
7998
TEST_F(HostResolverManagerDnsTest,AddDnsOverHttpsServerAfterConfig)7999 TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerAfterConfig) {
8000 DestroyResolver();
8001 test::ScopedMockNetworkChangeNotifier notifier;
8002 CreateSerialResolver(); // To guarantee order of resolutions.
8003 notifier.mock_network_change_notifier()->SetConnectionType(
8004 NetworkChangeNotifier::CONNECTION_WIFI);
8005 ChangeDnsConfig(CreateValidDnsConfig());
8006
8007 std::string server("https://dnsserver.example.net/dns-query{?dns}");
8008 DnsConfigOverrides overrides;
8009 overrides.dns_over_https_config = *DnsOverHttpsConfig::FromString(server);
8010 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
8011 resolver_->SetDnsConfigOverrides(overrides);
8012 const auto* config = mock_dns_client_->GetEffectiveConfig();
8013 ASSERT_TRUE(config);
8014 EXPECT_EQ(overrides.dns_over_https_config, config->doh_config);
8015 EXPECT_EQ(SecureDnsMode::kAutomatic, config->secure_dns_mode);
8016 }
8017
TEST_F(HostResolverManagerDnsTest,AddDnsOverHttpsServerBeforeConfig)8018 TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerBeforeConfig) {
8019 DestroyResolver();
8020 test::ScopedMockNetworkChangeNotifier notifier;
8021 CreateSerialResolver(); // To guarantee order of resolutions.
8022 std::string server("https://dnsserver.example.net/dns-query{?dns}");
8023 DnsConfigOverrides overrides;
8024 overrides.dns_over_https_config = *DnsOverHttpsConfig::FromString(server);
8025 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
8026 resolver_->SetDnsConfigOverrides(overrides);
8027
8028 notifier.mock_network_change_notifier()->SetConnectionType(
8029 NetworkChangeNotifier::CONNECTION_WIFI);
8030 ChangeDnsConfig(CreateValidDnsConfig());
8031
8032 const auto* config = mock_dns_client_->GetEffectiveConfig();
8033 ASSERT_TRUE(config);
8034 EXPECT_EQ(overrides.dns_over_https_config, config->doh_config);
8035 EXPECT_EQ(SecureDnsMode::kAutomatic, config->secure_dns_mode);
8036 }
8037
TEST_F(HostResolverManagerDnsTest,AddDnsOverHttpsServerBeforeClient)8038 TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerBeforeClient) {
8039 DestroyResolver();
8040 test::ScopedMockNetworkChangeNotifier notifier;
8041 CreateSerialResolver(); // To guarantee order of resolutions.
8042 std::string server("https://dnsserver.example.net/dns-query{?dns}");
8043 DnsConfigOverrides overrides;
8044 overrides.dns_over_https_config = *DnsOverHttpsConfig::FromString(server);
8045 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
8046 resolver_->SetDnsConfigOverrides(overrides);
8047
8048 notifier.mock_network_change_notifier()->SetConnectionType(
8049 NetworkChangeNotifier::CONNECTION_WIFI);
8050 ChangeDnsConfig(CreateValidDnsConfig());
8051
8052 const auto* config = mock_dns_client_->GetEffectiveConfig();
8053 ASSERT_TRUE(config);
8054 EXPECT_EQ(overrides.dns_over_https_config, config->doh_config);
8055 EXPECT_EQ(SecureDnsMode::kAutomatic, config->secure_dns_mode);
8056 }
8057
TEST_F(HostResolverManagerDnsTest,AddDnsOverHttpsServerAndThenRemove)8058 TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerAndThenRemove) {
8059 DestroyResolver();
8060 test::ScopedMockNetworkChangeNotifier notifier;
8061 CreateSerialResolver(); // To guarantee order of resolutions.
8062 std::string server("https://dns.example.com/");
8063 DnsConfigOverrides overrides;
8064 overrides.dns_over_https_config = *DnsOverHttpsConfig::FromString(server);
8065 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
8066 resolver_->SetDnsConfigOverrides(overrides);
8067
8068 notifier.mock_network_change_notifier()->SetConnectionType(
8069 NetworkChangeNotifier::CONNECTION_WIFI);
8070 DnsConfig network_dns_config = CreateValidDnsConfig();
8071 network_dns_config.doh_config = {};
8072 ChangeDnsConfig(network_dns_config);
8073
8074 const auto* config = mock_dns_client_->GetEffectiveConfig();
8075 ASSERT_TRUE(config);
8076 EXPECT_EQ(overrides.dns_over_https_config, config->doh_config);
8077 EXPECT_EQ(SecureDnsMode::kAutomatic, config->secure_dns_mode);
8078
8079 resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
8080 config = mock_dns_client_->GetEffectiveConfig();
8081 ASSERT_TRUE(config);
8082 EXPECT_EQ(0u, config->doh_config.servers().size());
8083 EXPECT_EQ(SecureDnsMode::kOff, config->secure_dns_mode);
8084 }
8085
8086 // Basic test socket factory that allows creation of UDP sockets, but those
8087 // sockets are mocks with no data and are not expected to be usable.
8088 class AlwaysFailSocketFactory : public MockClientSocketFactory {
8089 public:
CreateDatagramClientSocket(DatagramSocket::BindType bind_type,NetLog * net_log,const NetLogSource & source)8090 std::unique_ptr<DatagramClientSocket> CreateDatagramClientSocket(
8091 DatagramSocket::BindType bind_type,
8092 NetLog* net_log,
8093 const NetLogSource& source) override {
8094 return std::make_unique<MockUDPClientSocket>();
8095 }
8096 };
8097
8098 class TestDnsObserver : public NetworkChangeNotifier::DNSObserver {
8099 public:
OnDNSChanged()8100 void OnDNSChanged() override { ++dns_changed_calls_; }
8101
dns_changed_calls() const8102 int dns_changed_calls() const { return dns_changed_calls_; }
8103
8104 private:
8105 int dns_changed_calls_ = 0;
8106 };
8107
8108 // Built-in client and config overrides not available on iOS.
8109 #if !BUILDFLAG(IS_IOS)
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides)8110 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides) {
8111 test::ScopedMockNetworkChangeNotifier mock_network_change_notifier;
8112 TestDnsObserver config_observer;
8113 NetworkChangeNotifier::AddDNSObserver(&config_observer);
8114
8115 // Use a real DnsClient to test config-handling behavior.
8116 AlwaysFailSocketFactory socket_factory;
8117 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8118 DnsClient* client_ptr = client.get();
8119 SetDnsClient(std::move(client));
8120
8121 DnsConfig original_config = CreateValidDnsConfig();
8122 original_config.hosts = {
8123 {DnsHostsKey("host", ADDRESS_FAMILY_IPV4), IPAddress(192, 168, 1, 1)}};
8124 ChangeDnsConfig(original_config);
8125
8126 // Confirm pre-override state.
8127 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8128
8129 DnsConfigOverrides overrides;
8130 const std::vector<IPEndPoint> nameservers = {
8131 CreateExpected("192.168.0.1", 92)};
8132 overrides.nameservers = nameservers;
8133 overrides.dns_over_tls_active = true;
8134 const std::string dns_over_tls_hostname = "dns.example.com";
8135 overrides.dns_over_tls_hostname = dns_over_tls_hostname;
8136 const std::vector<std::string> search = {"str"};
8137 overrides.search = search;
8138 overrides.append_to_multi_label_name = false;
8139 const int ndots = 5;
8140 overrides.ndots = ndots;
8141 const base::TimeDelta fallback_period = base::Seconds(10);
8142 overrides.fallback_period = fallback_period;
8143 const int attempts = 20;
8144 overrides.attempts = attempts;
8145 const int doh_attempts = 19;
8146 overrides.doh_attempts = doh_attempts;
8147 overrides.rotate = true;
8148 overrides.use_local_ipv6 = true;
8149 auto doh_config = *DnsOverHttpsConfig::FromString("https://dns.example.com/");
8150 overrides.dns_over_https_config = doh_config;
8151 const SecureDnsMode secure_dns_mode = SecureDnsMode::kSecure;
8152 overrides.secure_dns_mode = secure_dns_mode;
8153 overrides.allow_dns_over_https_upgrade = true;
8154 overrides.clear_hosts = true;
8155
8156 // This test is expected to test overriding all fields.
8157 EXPECT_TRUE(overrides.OverridesEverything());
8158
8159 EXPECT_EQ(0, config_observer.dns_changed_calls());
8160
8161 resolver_->SetDnsConfigOverrides(overrides);
8162
8163 const DnsConfig* overridden_config = client_ptr->GetEffectiveConfig();
8164 ASSERT_TRUE(overridden_config);
8165 EXPECT_EQ(nameservers, overridden_config->nameservers);
8166 EXPECT_TRUE(overridden_config->dns_over_tls_active);
8167 EXPECT_EQ(dns_over_tls_hostname, overridden_config->dns_over_tls_hostname);
8168 EXPECT_EQ(search, overridden_config->search);
8169 EXPECT_FALSE(overridden_config->append_to_multi_label_name);
8170 EXPECT_EQ(ndots, overridden_config->ndots);
8171 EXPECT_EQ(fallback_period, overridden_config->fallback_period);
8172 EXPECT_EQ(attempts, overridden_config->attempts);
8173 EXPECT_EQ(doh_attempts, overridden_config->doh_attempts);
8174 EXPECT_TRUE(overridden_config->rotate);
8175 EXPECT_TRUE(overridden_config->use_local_ipv6);
8176 EXPECT_EQ(doh_config, overridden_config->doh_config);
8177 EXPECT_EQ(secure_dns_mode, overridden_config->secure_dns_mode);
8178 EXPECT_TRUE(overridden_config->allow_dns_over_https_upgrade);
8179 EXPECT_THAT(overridden_config->hosts, testing::IsEmpty());
8180
8181 base::RunLoop().RunUntilIdle(); // Notifications are async.
8182 EXPECT_EQ(1, config_observer.dns_changed_calls());
8183
8184 NetworkChangeNotifier::RemoveDNSObserver(&config_observer);
8185 }
8186
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_OverrideEverythingCreation)8187 TEST_F(HostResolverManagerDnsTest,
8188 SetDnsConfigOverrides_OverrideEverythingCreation) {
8189 // Use a real DnsClient to test config-handling behavior.
8190 AlwaysFailSocketFactory socket_factory;
8191 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8192 DnsClient* client_ptr = client.get();
8193 SetDnsClient(std::move(client));
8194
8195 DnsConfig original_config = CreateValidDnsConfig();
8196 ChangeDnsConfig(original_config);
8197
8198 // Confirm pre-override state.
8199 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8200 ASSERT_FALSE(original_config.Equals(DnsConfig()));
8201
8202 DnsConfigOverrides overrides =
8203 DnsConfigOverrides::CreateOverridingEverythingWithDefaults();
8204 EXPECT_TRUE(overrides.OverridesEverything());
8205
8206 // Ensure config is valid by setting a nameserver.
8207 std::vector<IPEndPoint> nameservers = {CreateExpected("1.2.3.4", 50)};
8208 overrides.nameservers = nameservers;
8209 EXPECT_TRUE(overrides.OverridesEverything());
8210
8211 resolver_->SetDnsConfigOverrides(overrides);
8212
8213 DnsConfig expected;
8214 expected.nameservers = nameservers;
8215 EXPECT_THAT(client_ptr->GetEffectiveConfig(), testing::Pointee(expected));
8216 }
8217
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_PartialOverride)8218 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides_PartialOverride) {
8219 // Use a real DnsClient to test config-handling behavior.
8220 AlwaysFailSocketFactory socket_factory;
8221 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8222 DnsClient* client_ptr = client.get();
8223 SetDnsClient(std::move(client));
8224
8225 DnsConfig original_config = CreateValidDnsConfig();
8226 ChangeDnsConfig(original_config);
8227
8228 // Confirm pre-override state.
8229 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8230
8231 DnsConfigOverrides overrides;
8232 const std::vector<IPEndPoint> nameservers = {
8233 CreateExpected("192.168.0.2", 192)};
8234 overrides.nameservers = nameservers;
8235 overrides.rotate = true;
8236 EXPECT_FALSE(overrides.OverridesEverything());
8237
8238 resolver_->SetDnsConfigOverrides(overrides);
8239
8240 const DnsConfig* overridden_config = client_ptr->GetEffectiveConfig();
8241 ASSERT_TRUE(overridden_config);
8242 EXPECT_EQ(nameservers, overridden_config->nameservers);
8243 EXPECT_EQ(original_config.search, overridden_config->search);
8244 EXPECT_EQ(original_config.hosts, overridden_config->hosts);
8245 EXPECT_TRUE(overridden_config->append_to_multi_label_name);
8246 EXPECT_EQ(original_config.ndots, overridden_config->ndots);
8247 EXPECT_EQ(original_config.fallback_period,
8248 overridden_config->fallback_period);
8249 EXPECT_EQ(original_config.attempts, overridden_config->attempts);
8250 EXPECT_TRUE(overridden_config->rotate);
8251 EXPECT_FALSE(overridden_config->use_local_ipv6);
8252 EXPECT_EQ(original_config.doh_config, overridden_config->doh_config);
8253 EXPECT_EQ(original_config.secure_dns_mode,
8254 overridden_config->secure_dns_mode);
8255 }
8256
8257 // Test that overridden configs are reapplied over a changed underlying system
8258 // config.
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_NewConfig)8259 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides_NewConfig) {
8260 // Use a real DnsClient to test config-handling behavior.
8261 AlwaysFailSocketFactory socket_factory;
8262 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8263 DnsClient* client_ptr = client.get();
8264 SetDnsClient(std::move(client));
8265
8266 DnsConfig original_config = CreateValidDnsConfig();
8267 ChangeDnsConfig(original_config);
8268
8269 // Confirm pre-override state.
8270 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8271
8272 DnsConfigOverrides overrides;
8273 const std::vector<IPEndPoint> nameservers = {
8274 CreateExpected("192.168.0.2", 192)};
8275 overrides.nameservers = nameservers;
8276
8277 resolver_->SetDnsConfigOverrides(overrides);
8278 ASSERT_TRUE(client_ptr->GetEffectiveConfig());
8279 ASSERT_EQ(nameservers, client_ptr->GetEffectiveConfig()->nameservers);
8280
8281 DnsConfig new_config = original_config;
8282 new_config.attempts = 103;
8283 ASSERT_NE(nameservers, new_config.nameservers);
8284 ChangeDnsConfig(new_config);
8285
8286 const DnsConfig* overridden_config = client_ptr->GetEffectiveConfig();
8287 ASSERT_TRUE(overridden_config);
8288 EXPECT_EQ(nameservers, overridden_config->nameservers);
8289 EXPECT_EQ(new_config.attempts, overridden_config->attempts);
8290 }
8291
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_ClearOverrides)8292 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides_ClearOverrides) {
8293 // Use a real DnsClient to test config-handling behavior.
8294 AlwaysFailSocketFactory socket_factory;
8295 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8296 DnsClient* client_ptr = client.get();
8297 SetDnsClient(std::move(client));
8298
8299 DnsConfig original_config = CreateValidDnsConfig();
8300 ChangeDnsConfig(original_config);
8301
8302 DnsConfigOverrides overrides;
8303 overrides.attempts = 245;
8304 resolver_->SetDnsConfigOverrides(overrides);
8305
8306 ASSERT_THAT(client_ptr->GetEffectiveConfig(),
8307 testing::Not(testing::Pointee(original_config)));
8308
8309 resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
8310 EXPECT_THAT(client_ptr->GetEffectiveConfig(),
8311 testing::Pointee(original_config));
8312 }
8313
TEST_F(HostResolverManagerDnsTest,SetDnsConfigOverrides_NoChange)8314 TEST_F(HostResolverManagerDnsTest, SetDnsConfigOverrides_NoChange) {
8315 test::ScopedMockNetworkChangeNotifier mock_network_change_notifier;
8316 TestDnsObserver config_observer;
8317 NetworkChangeNotifier::AddDNSObserver(&config_observer);
8318
8319 // Use a real DnsClient to test config-handling behavior.
8320 AlwaysFailSocketFactory socket_factory;
8321 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8322 DnsClient* client_ptr = client.get();
8323 SetDnsClient(std::move(client));
8324
8325 DnsConfig original_config = CreateValidDnsConfig();
8326 ChangeDnsConfig(original_config);
8327
8328 // Confirm pre-override state.
8329 ASSERT_EQ(original_config, *client_ptr->GetEffectiveConfig());
8330
8331 DnsConfigOverrides overrides;
8332 overrides.nameservers = original_config.nameservers;
8333
8334 EXPECT_EQ(0, config_observer.dns_changed_calls());
8335
8336 resolver_->SetDnsConfigOverrides(overrides);
8337 EXPECT_THAT(client_ptr->GetEffectiveConfig(),
8338 testing::Pointee(original_config));
8339
8340 base::RunLoop().RunUntilIdle(); // Notifications are async.
8341 EXPECT_EQ(0,
8342 config_observer.dns_changed_calls()); // No expected notification
8343
8344 NetworkChangeNotifier::RemoveDNSObserver(&config_observer);
8345 }
8346
8347 // No effect or notifications expected using partial overrides without a base
8348 // system config.
TEST_F(HostResolverManagerDnsTest,NoBaseConfig_PartialOverrides)8349 TEST_F(HostResolverManagerDnsTest, NoBaseConfig_PartialOverrides) {
8350 test::ScopedMockNetworkChangeNotifier mock_network_change_notifier;
8351 TestDnsObserver config_observer;
8352 NetworkChangeNotifier::AddDNSObserver(&config_observer);
8353
8354 // Use a real DnsClient to test config-handling behavior.
8355 AlwaysFailSocketFactory socket_factory;
8356 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8357 DnsClient* client_ptr = client.get();
8358 SetDnsClient(std::move(client));
8359
8360 client_ptr->SetSystemConfig(std::nullopt);
8361
8362 DnsConfigOverrides overrides;
8363 overrides.nameservers.emplace({CreateExpected("192.168.0.3", 193)});
8364 resolver_->SetDnsConfigOverrides(overrides);
8365 base::RunLoop().RunUntilIdle(); // Potential notifications are async.
8366
8367 EXPECT_FALSE(client_ptr->GetEffectiveConfig());
8368 EXPECT_EQ(0, config_observer.dns_changed_calls());
8369
8370 NetworkChangeNotifier::RemoveDNSObserver(&config_observer);
8371 }
8372
TEST_F(HostResolverManagerDnsTest,NoBaseConfig_OverridesEverything)8373 TEST_F(HostResolverManagerDnsTest, NoBaseConfig_OverridesEverything) {
8374 test::ScopedMockNetworkChangeNotifier mock_network_change_notifier;
8375 TestDnsObserver config_observer;
8376 NetworkChangeNotifier::AddDNSObserver(&config_observer);
8377
8378 // Use a real DnsClient to test config-handling behavior.
8379 AlwaysFailSocketFactory socket_factory;
8380 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8381 DnsClient* client_ptr = client.get();
8382 SetDnsClient(std::move(client));
8383
8384 client_ptr->SetSystemConfig(std::nullopt);
8385
8386 DnsConfigOverrides overrides =
8387 DnsConfigOverrides::CreateOverridingEverythingWithDefaults();
8388 const std::vector<IPEndPoint> nameservers = {
8389 CreateExpected("192.168.0.4", 194)};
8390 overrides.nameservers = nameservers;
8391 resolver_->SetDnsConfigOverrides(overrides);
8392 base::RunLoop().RunUntilIdle(); // Notifications are async.
8393
8394 DnsConfig expected;
8395 expected.nameservers = nameservers;
8396
8397 EXPECT_THAT(client_ptr->GetEffectiveConfig(), testing::Pointee(expected));
8398 EXPECT_EQ(1, config_observer.dns_changed_calls());
8399
8400 NetworkChangeNotifier::RemoveDNSObserver(&config_observer);
8401 }
8402
TEST_F(HostResolverManagerDnsTest,DohMapping)8403 TEST_F(HostResolverManagerDnsTest, DohMapping) {
8404 // Use a real DnsClient to test config-handling behavior.
8405 AlwaysFailSocketFactory socket_factory;
8406 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8407 DnsClient* client_ptr = client.get();
8408 SetDnsClient(std::move(client));
8409
8410 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8411 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8412 // not associated with hardcoded DoH services.
8413 DnsConfig original_config = CreateUpgradableDnsConfig();
8414 ChangeDnsConfig(original_config);
8415
8416 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8417 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8418 auto expected_doh_config = *DnsOverHttpsConfig::FromTemplatesForTesting(
8419 {"https://chrome.cloudflare-dns.com/dns-query",
8420 "https://doh.cleanbrowsing.org/doh/family-filter{?dns}",
8421 "https://doh.cleanbrowsing.org/doh/security-filter{?dns}"});
8422 EXPECT_EQ(expected_doh_config, fetched_config->doh_config);
8423 }
8424
TEST_F(HostResolverManagerDnsTest,DohMappingDisabled)8425 TEST_F(HostResolverManagerDnsTest, DohMappingDisabled) {
8426 // Use a real DnsClient to test config-handling behavior.
8427 AlwaysFailSocketFactory socket_factory;
8428 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8429 DnsClient* client_ptr = client.get();
8430 SetDnsClient(std::move(client));
8431
8432 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8433 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8434 // not associated with hardcoded DoH services.
8435 DnsConfig original_config = CreateUpgradableDnsConfig();
8436 original_config.allow_dns_over_https_upgrade = false;
8437 ChangeDnsConfig(original_config);
8438
8439 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8440 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8441 EXPECT_THAT(fetched_config->doh_config.servers(), IsEmpty());
8442 }
8443
TEST_F(HostResolverManagerDnsTest,DohMappingModeIneligibleForUpgrade)8444 TEST_F(HostResolverManagerDnsTest, DohMappingModeIneligibleForUpgrade) {
8445 // Use a real DnsClient to test config-handling behavior.
8446 AlwaysFailSocketFactory socket_factory;
8447 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8448 DnsClient* client_ptr = client.get();
8449 SetDnsClient(std::move(client));
8450
8451 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8452 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8453 // not associated with hardcoded DoH services.
8454 DnsConfig original_config = CreateUpgradableDnsConfig();
8455 original_config.secure_dns_mode = SecureDnsMode::kSecure;
8456 ChangeDnsConfig(original_config);
8457
8458 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8459 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8460 EXPECT_THAT(fetched_config->doh_config.servers(), IsEmpty());
8461 }
8462
TEST_F(HostResolverManagerDnsTest,DohMappingUnhandledOptionsIneligibleForUpgrade)8463 TEST_F(HostResolverManagerDnsTest,
8464 DohMappingUnhandledOptionsIneligibleForUpgrade) {
8465 // Use a real DnsClient to test config-handling behavior.
8466 AlwaysFailSocketFactory socket_factory;
8467 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8468 DnsClient* client_ptr = client.get();
8469 SetDnsClient(std::move(client));
8470
8471 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8472 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8473 // not associated with hardcoded DoH services.
8474 DnsConfig original_config = CreateUpgradableDnsConfig();
8475 original_config.unhandled_options = true;
8476 ChangeDnsConfig(original_config);
8477
8478 EXPECT_FALSE(client_ptr->GetEffectiveConfig());
8479 }
8480
TEST_F(HostResolverManagerDnsTest,DohMappingWithExclusion)8481 TEST_F(HostResolverManagerDnsTest, DohMappingWithExclusion) {
8482 // Use a real DnsClient to test config-handling behavior.
8483 AlwaysFailSocketFactory socket_factory;
8484 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8485 DnsClient* client_ptr = client.get();
8486 SetDnsClient(std::move(client));
8487
8488 base::test::ScopedFeatureList feature_list;
8489 feature_list.InitWithFeatures(
8490 /*enabled_features=*/{}, /*disabled_features=*/{
8491 GetDohProviderEntryForTesting("CleanBrowsingSecure").feature,
8492 GetDohProviderEntryForTesting("Cloudflare").feature});
8493
8494 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8495 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8496 // not associated with hardcoded DoH services.
8497 DnsConfig original_config = CreateUpgradableDnsConfig();
8498 ChangeDnsConfig(original_config);
8499
8500 // A DoH upgrade should be attempted on the DNS servers in the config, but
8501 // only for permitted providers.
8502 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8503 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8504 auto expected_doh_config = *DnsOverHttpsConfig::FromString(
8505 "https://doh.cleanbrowsing.org/doh/family-filter{?dns}");
8506 EXPECT_EQ(expected_doh_config, fetched_config->doh_config);
8507 }
8508
TEST_F(HostResolverManagerDnsTest,DohMappingIgnoredIfTemplateSpecified)8509 TEST_F(HostResolverManagerDnsTest, DohMappingIgnoredIfTemplateSpecified) {
8510 // Use a real DnsClient to test config-handling behavior.
8511 AlwaysFailSocketFactory socket_factory;
8512 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8513 DnsClient* client_ptr = client.get();
8514 SetDnsClient(std::move(client));
8515
8516 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8517 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8518 // not associated with hardcoded DoH services.
8519 DnsConfig original_config = CreateUpgradableDnsConfig();
8520 ChangeDnsConfig(original_config);
8521
8522 // If the overrides contains DoH servers, no DoH upgrade should be attempted.
8523 DnsConfigOverrides overrides;
8524 const auto dns_over_https_config_override =
8525 *DnsOverHttpsConfig::FromString("https://doh.server.override.com/");
8526 overrides.dns_over_https_config = dns_over_https_config_override;
8527 resolver_->SetDnsConfigOverrides(overrides);
8528 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8529 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8530 EXPECT_EQ(dns_over_https_config_override, fetched_config->doh_config);
8531 }
8532
TEST_F(HostResolverManagerDnsTest,DohMappingUnhandledOptionsAndTemplateSpecified)8533 TEST_F(HostResolverManagerDnsTest,
8534 DohMappingUnhandledOptionsAndTemplateSpecified) {
8535 // Use a real DnsClient to test config-handling behavior.
8536 AlwaysFailSocketFactory socket_factory;
8537 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8538 DnsClient* client_ptr = client.get();
8539 SetDnsClient(std::move(client));
8540
8541 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8542 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8543 // not associated with hardcoded DoH services.
8544 DnsConfig original_config = CreateUpgradableDnsConfig();
8545 original_config.unhandled_options = true;
8546 ChangeDnsConfig(original_config);
8547
8548 // If the overrides contains DoH servers, no DoH upgrade should be attempted.
8549 DnsConfigOverrides overrides;
8550 const auto dns_over_https_config_override =
8551 *DnsOverHttpsConfig::FromString("https://doh.server.override.com/");
8552 overrides.dns_over_https_config = dns_over_https_config_override;
8553 resolver_->SetDnsConfigOverrides(overrides);
8554 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8555 EXPECT_TRUE(fetched_config->nameservers.empty());
8556 EXPECT_FALSE(client_ptr->CanUseInsecureDnsTransactions());
8557 EXPECT_EQ(dns_over_https_config_override, fetched_config->doh_config);
8558 EXPECT_TRUE(client_ptr->CanUseSecureDnsTransactions());
8559 }
8560
TEST_F(HostResolverManagerDnsTest,DohMappingWithAutomaticDot)8561 TEST_F(HostResolverManagerDnsTest, DohMappingWithAutomaticDot) {
8562 // Use a real DnsClient to test config-handling behavior.
8563 AlwaysFailSocketFactory socket_factory;
8564 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8565 DnsClient* client_ptr = client.get();
8566 SetDnsClient(std::move(client));
8567
8568 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8569 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8570 // not associated with hardcoded DoH services.
8571 DnsConfig original_config = CreateUpgradableDnsConfig();
8572 original_config.dns_over_tls_active = true;
8573 ChangeDnsConfig(original_config);
8574
8575 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8576 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8577 auto expected_doh_config = *DnsOverHttpsConfig::FromTemplatesForTesting(
8578 {"https://chrome.cloudflare-dns.com/dns-query",
8579 "https://doh.cleanbrowsing.org/doh/family-filter{?dns}",
8580 "https://doh.cleanbrowsing.org/doh/security-filter{?dns}"});
8581 EXPECT_EQ(expected_doh_config, fetched_config->doh_config);
8582 }
8583
TEST_F(HostResolverManagerDnsTest,DohMappingWithStrictDot)8584 TEST_F(HostResolverManagerDnsTest, DohMappingWithStrictDot) {
8585 // Use a real DnsClient to test config-handling behavior.
8586 AlwaysFailSocketFactory socket_factory;
8587 auto client = DnsClient::CreateClient(nullptr /* net_log */);
8588 DnsClient* client_ptr = client.get();
8589 SetDnsClient(std::move(client));
8590
8591 // Create a DnsConfig containing IP addresses associated with Cloudflare,
8592 // SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
8593 // not associated with hardcoded DoH services.
8594 DnsConfig original_config = CreateUpgradableDnsConfig();
8595 original_config.secure_dns_mode = SecureDnsMode::kAutomatic;
8596 original_config.dns_over_tls_active = true;
8597
8598 // Google DoT hostname
8599 original_config.dns_over_tls_hostname = "dns.google";
8600 ChangeDnsConfig(original_config);
8601 const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
8602 EXPECT_EQ(original_config.nameservers, fetched_config->nameservers);
8603 auto expected_doh_config =
8604 *DnsOverHttpsConfig::FromString("https://dns.google/dns-query{?dns}");
8605 EXPECT_EQ(expected_doh_config, fetched_config->doh_config);
8606 }
8607
8608 #endif // !BUILDFLAG(IS_IOS)
8609
TEST_F(HostResolverManagerDnsTest,FlushCacheOnDnsConfigOverridesChange)8610 TEST_F(HostResolverManagerDnsTest, FlushCacheOnDnsConfigOverridesChange) {
8611 ChangeDnsConfig(CreateValidDnsConfig());
8612
8613 HostResolver::ResolveHostParameters local_source_parameters;
8614 local_source_parameters.source = HostResolverSource::LOCAL_ONLY;
8615
8616 // Populate cache.
8617 ResolveHostResponseHelper initial_response(resolver_->CreateRequest(
8618 HostPortPair("ok", 70), NetworkAnonymizationKey(), NetLogWithSource(),
8619 std::nullopt, resolve_context_.get()));
8620 EXPECT_THAT(initial_response.result_error(), IsOk());
8621
8622 // Confirm result now cached.
8623 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
8624 HostPortPair("ok", 75), NetworkAnonymizationKey(), NetLogWithSource(),
8625 local_source_parameters, resolve_context_.get()));
8626 ASSERT_THAT(cached_response.result_error(), IsOk());
8627 ASSERT_TRUE(cached_response.request()->GetStaleInfo());
8628
8629 // Flush cache by triggering a DnsConfigOverrides change.
8630 DnsConfigOverrides overrides;
8631 overrides.attempts = 4;
8632 resolver_->SetDnsConfigOverrides(overrides);
8633
8634 // Expect no longer cached
8635 ResolveHostResponseHelper flushed_response(resolver_->CreateRequest(
8636 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
8637 local_source_parameters, resolve_context_.get()));
8638 EXPECT_THAT(flushed_response.result_error(), IsError(ERR_DNS_CACHE_MISS));
8639 }
8640
TEST_F(HostResolverManagerDnsTest,FlushContextSessionDataOnDnsConfigOverridesChange)8641 TEST_F(HostResolverManagerDnsTest,
8642 FlushContextSessionDataOnDnsConfigOverridesChange) {
8643 ChangeDnsConfig(CreateValidDnsConfig());
8644
8645 DnsSession* session_before = mock_dns_client_->GetCurrentSession();
8646 resolve_context_->RecordServerSuccess(
8647 0u /* server_index */, true /* is_doh_server */, session_before);
8648 ASSERT_TRUE(resolve_context_->GetDohServerAvailability(0u, session_before));
8649
8650 // Flush data by triggering a DnsConfigOverrides change.
8651 DnsConfigOverrides overrides;
8652 overrides.attempts = 4;
8653 resolver_->SetDnsConfigOverrides(overrides);
8654
8655 DnsSession* session_after = mock_dns_client_->GetCurrentSession();
8656 EXPECT_NE(session_before, session_after);
8657
8658 EXPECT_FALSE(resolve_context_->GetDohServerAvailability(0u, session_after));
8659
8660 // Confirm new session is in use.
8661 resolve_context_->RecordServerSuccess(
8662 0u /* server_index */, true /* is_doh_server */, session_after);
8663 EXPECT_TRUE(resolve_context_->GetDohServerAvailability(0u, session_after));
8664 }
8665
8666 // Test that even when using config overrides, a change to the base system
8667 // config cancels pending requests.
TEST_F(HostResolverManagerDnsTest,CancellationOnBaseConfigChange)8668 TEST_F(HostResolverManagerDnsTest, CancellationOnBaseConfigChange) {
8669 DnsConfig original_config = CreateValidDnsConfig();
8670 ChangeDnsConfig(original_config);
8671
8672 DnsConfigOverrides overrides;
8673 overrides.nameservers.emplace({CreateExpected("123.123.123.123", 80)});
8674 ASSERT_FALSE(overrides.OverridesEverything());
8675 resolver_->SetDnsConfigOverrides(overrides);
8676
8677 ResolveHostResponseHelper response(resolver_->CreateRequest(
8678 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
8679 NetLogWithSource(), std::nullopt, resolve_context_.get()));
8680 ASSERT_FALSE(response.complete());
8681
8682 DnsConfig new_config = original_config;
8683 new_config.attempts = 103;
8684 ChangeDnsConfig(new_config);
8685
8686 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
8687 }
8688
8689 // Test that when all configuration is overridden, system configuration changes
8690 // do not cancel requests.
TEST_F(HostResolverManagerDnsTest,CancellationOnBaseConfigChange_OverridesEverything)8691 TEST_F(HostResolverManagerDnsTest,
8692 CancellationOnBaseConfigChange_OverridesEverything) {
8693 DnsConfig original_config = CreateValidDnsConfig();
8694 ChangeDnsConfig(original_config);
8695
8696 DnsConfigOverrides overrides =
8697 DnsConfigOverrides::CreateOverridingEverythingWithDefaults();
8698 overrides.nameservers.emplace({CreateExpected("123.123.123.123", 80)});
8699 ASSERT_TRUE(overrides.OverridesEverything());
8700 resolver_->SetDnsConfigOverrides(overrides);
8701
8702 ResolveHostResponseHelper response(resolver_->CreateRequest(
8703 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
8704 NetLogWithSource(), std::nullopt, resolve_context_.get()));
8705 ASSERT_FALSE(response.complete());
8706
8707 DnsConfig new_config = original_config;
8708 new_config.attempts = 103;
8709 ChangeDnsConfig(new_config);
8710
8711 mock_dns_client_->CompleteDelayedTransactions();
8712 EXPECT_THAT(response.result_error(), IsOk());
8713 }
8714
8715 // Test that in-progress queries are cancelled on applying new DNS config
8716 // overrides, same as receiving a new DnsConfig from the system.
TEST_F(HostResolverManagerDnsTest,CancelQueriesOnSettingOverrides)8717 TEST_F(HostResolverManagerDnsTest, CancelQueriesOnSettingOverrides) {
8718 ChangeDnsConfig(CreateValidDnsConfig());
8719 ResolveHostResponseHelper response(resolver_->CreateRequest(
8720 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
8721 NetLogWithSource(), std::nullopt, resolve_context_.get()));
8722 ASSERT_FALSE(response.complete());
8723
8724 DnsConfigOverrides overrides;
8725 overrides.attempts = 123;
8726 resolver_->SetDnsConfigOverrides(overrides);
8727
8728 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
8729 }
8730
8731 // Queries should not be cancelled if equal overrides are set.
TEST_F(HostResolverManagerDnsTest,CancelQueriesOnSettingOverrides_SameOverrides)8732 TEST_F(HostResolverManagerDnsTest,
8733 CancelQueriesOnSettingOverrides_SameOverrides) {
8734 ChangeDnsConfig(CreateValidDnsConfig());
8735 DnsConfigOverrides overrides;
8736 overrides.attempts = 123;
8737 resolver_->SetDnsConfigOverrides(overrides);
8738
8739 ResolveHostResponseHelper response(resolver_->CreateRequest(
8740 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
8741 NetLogWithSource(), std::nullopt, resolve_context_.get()));
8742 ASSERT_FALSE(response.complete());
8743
8744 resolver_->SetDnsConfigOverrides(overrides);
8745
8746 mock_dns_client_->CompleteDelayedTransactions();
8747 EXPECT_THAT(response.result_error(), IsOk());
8748 }
8749
8750 // Test that in-progress queries are cancelled on clearing DNS config overrides,
8751 // same as receiving a new DnsConfig from the system.
TEST_F(HostResolverManagerDnsTest,CancelQueriesOnClearingOverrides)8752 TEST_F(HostResolverManagerDnsTest, CancelQueriesOnClearingOverrides) {
8753 ChangeDnsConfig(CreateValidDnsConfig());
8754 DnsConfigOverrides overrides;
8755 overrides.attempts = 123;
8756 resolver_->SetDnsConfigOverrides(overrides);
8757
8758 ResolveHostResponseHelper response(resolver_->CreateRequest(
8759 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
8760 NetLogWithSource(), std::nullopt, resolve_context_.get()));
8761 ASSERT_FALSE(response.complete());
8762
8763 resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
8764
8765 EXPECT_THAT(response.result_error(), IsError(ERR_NETWORK_CHANGED));
8766 }
8767
8768 // Queries should not be cancelled on clearing overrides if there were not any
8769 // overrides.
TEST_F(HostResolverManagerDnsTest,CancelQueriesOnClearingOverrides_NoOverrides)8770 TEST_F(HostResolverManagerDnsTest,
8771 CancelQueriesOnClearingOverrides_NoOverrides) {
8772 ChangeDnsConfig(CreateValidDnsConfig());
8773 ResolveHostResponseHelper response(resolver_->CreateRequest(
8774 HostPortPair("4slow_ok", 80), NetworkAnonymizationKey(),
8775 NetLogWithSource(), std::nullopt, resolve_context_.get()));
8776 ASSERT_FALSE(response.complete());
8777
8778 resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
8779
8780 mock_dns_client_->CompleteDelayedTransactions();
8781 EXPECT_THAT(response.result_error(), IsOk());
8782 }
8783
TEST_F(HostResolverManagerDnsTest,FlushContextSessionDataOnSystemConfigChange)8784 TEST_F(HostResolverManagerDnsTest,
8785 FlushContextSessionDataOnSystemConfigChange) {
8786 DnsConfig original_config = CreateValidDnsConfig();
8787 ChangeDnsConfig(original_config);
8788
8789 DnsSession* session_before = mock_dns_client_->GetCurrentSession();
8790 resolve_context_->RecordServerSuccess(
8791 0u /* server_index */, true /* is_doh_server */, session_before);
8792 ASSERT_TRUE(resolve_context_->GetDohServerAvailability(0u, session_before));
8793
8794 // Flush data by triggering a config change.
8795 DnsConfig new_config = original_config;
8796 new_config.attempts = 103;
8797 ChangeDnsConfig(new_config);
8798
8799 DnsSession* session_after = mock_dns_client_->GetCurrentSession();
8800 EXPECT_NE(session_before, session_after);
8801
8802 EXPECT_FALSE(resolve_context_->GetDohServerAvailability(0u, session_after));
8803
8804 // Confirm new session is in use.
8805 resolve_context_->RecordServerSuccess(
8806 0u /* server_index */, true /* is_doh_server */, session_after);
8807 EXPECT_TRUE(resolve_context_->GetDohServerAvailability(0u, session_after));
8808 }
8809
TEST_F(HostResolverManagerDnsTest,TxtQuery)8810 TEST_F(HostResolverManagerDnsTest, TxtQuery) {
8811 // Simulate two separate DNS records, each with multiple strings.
8812 std::vector<std::string> foo_records = {"foo1", "foo2", "foo3"};
8813 std::vector<std::string> bar_records = {"bar1", "bar2"};
8814 std::vector<std::vector<std::string>> text_records = {foo_records,
8815 bar_records};
8816
8817 MockDnsClientRuleList rules;
8818 rules.emplace_back("host", dns_protocol::kTypeTXT, false /* secure */,
8819 MockDnsClientRule::Result(BuildTestDnsTextResponse(
8820 "host", std::move(text_records))),
8821 false /* delay */);
8822
8823 CreateResolver();
8824 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8825
8826 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
8827
8828 HostResolver::ResolveHostParameters parameters;
8829 parameters.dns_query_type = DnsQueryType::TXT;
8830
8831 ResolveHostResponseHelper response(resolver_->CreateRequest(
8832 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
8833 parameters, resolve_context_.get()));
8834 EXPECT_THAT(response.result_error(), IsOk());
8835 EXPECT_THAT(response.request()->GetAddressResults(),
8836 AnyOf(nullptr, Pointee(IsEmpty())));
8837 EXPECT_THAT(response.request()->GetEndpointResults(),
8838 AnyOf(nullptr, Pointee(IsEmpty())));
8839 EXPECT_THAT(response.request()->GetHostnameResults(),
8840 AnyOf(nullptr, Pointee(IsEmpty())));
8841 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
8842 AnyOf(nullptr, Pointee(IsEmpty())));
8843
8844 // Order between separate DNS records is undefined, but each record should
8845 // stay in order as that order may be meaningful.
8846 ASSERT_THAT(response.request()->GetTextResults(),
8847 testing::Pointee(testing::UnorderedElementsAre(
8848 "foo1", "foo2", "foo3", "bar1", "bar2")));
8849 const std::vector<std::string>* results =
8850 response.request()->GetTextResults();
8851 EXPECT_NE(results->end(), base::ranges::search(*results, foo_records));
8852 EXPECT_NE(results->end(), base::ranges::search(*results, bar_records));
8853
8854 // Expect result to be cached.
8855 EXPECT_EQ(resolve_context_->host_cache()->size(), 1u);
8856 parameters.source = HostResolverSource::LOCAL_ONLY;
8857 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
8858 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
8859 parameters, resolve_context_.get()));
8860 EXPECT_THAT(cached_response.result_error(), IsOk());
8861 ASSERT_THAT(cached_response.request()->GetTextResults(),
8862 testing::Pointee(testing::UnorderedElementsAre(
8863 "foo1", "foo2", "foo3", "bar1", "bar2")));
8864 results = cached_response.request()->GetTextResults();
8865 EXPECT_NE(results->end(), base::ranges::search(*results, foo_records));
8866 EXPECT_NE(results->end(), base::ranges::search(*results, bar_records));
8867 }
8868
TEST_F(HostResolverManagerDnsTest,TxtQueryRejectsIpLiteral)8869 TEST_F(HostResolverManagerDnsTest, TxtQueryRejectsIpLiteral) {
8870 MockDnsClientRuleList rules;
8871
8872 // Entry that would resolve if DNS is mistakenly queried to ensure that does
8873 // not happen.
8874 rules.emplace_back("8.8.8.8", dns_protocol::kTypeTXT, /*secure=*/false,
8875 MockDnsClientRule::Result(
8876 BuildTestDnsTextResponse("8.8.8.8", {{"text"}})),
8877 /*delay=*/false);
8878
8879 CreateResolver();
8880 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8881
8882 HostResolver::ResolveHostParameters parameters;
8883 parameters.dns_query_type = DnsQueryType::TXT;
8884
8885 ResolveHostResponseHelper response(resolver_->CreateRequest(
8886 HostPortPair("8.8.8.8", 108), NetworkAnonymizationKey(),
8887 NetLogWithSource(), parameters, resolve_context_.get()));
8888 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
8889 EXPECT_THAT(response.request()->GetAddressResults(),
8890 AnyOf(nullptr, Pointee(IsEmpty())));
8891 EXPECT_THAT(response.request()->GetEndpointResults(),
8892 AnyOf(nullptr, Pointee(IsEmpty())));
8893 EXPECT_THAT(response.request()->GetTextResults(),
8894 AnyOf(nullptr, Pointee(IsEmpty())));
8895 EXPECT_THAT(response.request()->GetHostnameResults(),
8896 AnyOf(nullptr, Pointee(IsEmpty())));
8897 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
8898 AnyOf(nullptr, Pointee(IsEmpty())));
8899 }
8900
8901 // Test that TXT records can be extracted from a response that also contains
8902 // unrecognized record types.
TEST_F(HostResolverManagerDnsTest,TxtQuery_MixedWithUnrecognizedType)8903 TEST_F(HostResolverManagerDnsTest, TxtQuery_MixedWithUnrecognizedType) {
8904 std::vector<std::string> text_strings = {"foo"};
8905
8906 MockDnsClientRuleList rules;
8907 rules.emplace_back(
8908 "host", dns_protocol::kTypeTXT, false /* secure */,
8909 MockDnsClientRule::Result(BuildTestDnsResponse(
8910 "host", dns_protocol::kTypeTXT,
8911 {BuildTestDnsRecord("host", 3u /* type */, "fake rdata 1"),
8912 BuildTestTextRecord("host", std::move(text_strings)),
8913 BuildTestDnsRecord("host", 3u /* type */, "fake rdata 2")})),
8914 false /* delay */);
8915
8916 CreateResolver();
8917 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8918
8919 HostResolver::ResolveHostParameters parameters;
8920 parameters.dns_query_type = DnsQueryType::TXT;
8921
8922 ResolveHostResponseHelper response(resolver_->CreateRequest(
8923 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
8924 parameters, resolve_context_.get()));
8925 EXPECT_THAT(response.result_error(), IsOk());
8926 EXPECT_THAT(response.request()->GetAddressResults(),
8927 AnyOf(nullptr, Pointee(IsEmpty())));
8928 EXPECT_THAT(response.request()->GetEndpointResults(),
8929 AnyOf(nullptr, Pointee(IsEmpty())));
8930 EXPECT_THAT(response.request()->GetHostnameResults(),
8931 AnyOf(nullptr, Pointee(IsEmpty())));
8932 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
8933 AnyOf(nullptr, Pointee(IsEmpty())));
8934
8935 EXPECT_THAT(response.request()->GetTextResults(),
8936 testing::Pointee(testing::ElementsAre("foo")));
8937 }
8938
TEST_F(HostResolverManagerDnsTest,TxtQuery_InvalidConfig)8939 TEST_F(HostResolverManagerDnsTest, TxtQuery_InvalidConfig) {
8940 set_allow_fallback_to_systemtask(false);
8941 // Set empty DnsConfig.
8942 InvalidateDnsConfig();
8943
8944 HostResolver::ResolveHostParameters parameters;
8945 parameters.dns_query_type = DnsQueryType::TXT;
8946
8947 ResolveHostResponseHelper response(resolver_->CreateRequest(
8948 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
8949 parameters, resolve_context_.get()));
8950 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
8951 }
8952
TEST_F(HostResolverManagerDnsTest,TxtQuery_NonexistentDomain)8953 TEST_F(HostResolverManagerDnsTest, TxtQuery_NonexistentDomain) {
8954 // Setup fallback to confirm it is not used for non-address results.
8955 set_allow_fallback_to_systemtask(true);
8956 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
8957 proc_->SignalMultiple(1u);
8958
8959 MockDnsClientRuleList rules;
8960 rules.emplace_back(
8961 "host", dns_protocol::kTypeTXT, false /* secure */,
8962 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kNoDomain),
8963 false /* delay */);
8964
8965 CreateResolver();
8966 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
8967
8968 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
8969
8970 HostResolver::ResolveHostParameters parameters;
8971 parameters.dns_query_type = DnsQueryType::TXT;
8972
8973 ResolveHostResponseHelper response(resolver_->CreateRequest(
8974 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
8975 parameters, resolve_context_.get()));
8976 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
8977 EXPECT_THAT(response.request()->GetAddressResults(),
8978 AnyOf(nullptr, Pointee(IsEmpty())));
8979 EXPECT_THAT(response.request()->GetEndpointResults(),
8980 AnyOf(nullptr, Pointee(IsEmpty())));
8981 EXPECT_THAT(response.request()->GetTextResults(),
8982 AnyOf(nullptr, Pointee(IsEmpty())));
8983 EXPECT_THAT(response.request()->GetHostnameResults(),
8984 AnyOf(nullptr, Pointee(IsEmpty())));
8985 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
8986 AnyOf(nullptr, Pointee(IsEmpty())));
8987
8988 // Expect result to be cached.
8989 EXPECT_EQ(resolve_context_->host_cache()->size(), 1u);
8990 parameters.source = HostResolverSource::LOCAL_ONLY;
8991 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
8992 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
8993 parameters, resolve_context_.get()));
8994 EXPECT_THAT(cached_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
8995 EXPECT_THAT(cached_response.request()->GetAddressResults(),
8996 AnyOf(nullptr, Pointee(IsEmpty())));
8997 EXPECT_THAT(cached_response.request()->GetEndpointResults(),
8998 AnyOf(nullptr, Pointee(IsEmpty())));
8999 EXPECT_THAT(cached_response.request()->GetTextResults(),
9000 AnyOf(nullptr, Pointee(IsEmpty())));
9001 EXPECT_THAT(cached_response.request()->GetHostnameResults(),
9002 AnyOf(nullptr, Pointee(IsEmpty())));
9003 EXPECT_THAT(cached_response.request()->GetExperimentalResultsForTesting(),
9004 AnyOf(nullptr, Pointee(IsEmpty())));
9005 }
9006
TEST_F(HostResolverManagerDnsTest,TxtQuery_Failure)9007 TEST_F(HostResolverManagerDnsTest, TxtQuery_Failure) {
9008 // Setup fallback to confirm it is not used for non-address results.
9009 set_allow_fallback_to_systemtask(true);
9010 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9011 proc_->SignalMultiple(1u);
9012
9013 MockDnsClientRuleList rules;
9014 rules.emplace_back(
9015 "host", dns_protocol::kTypeTXT, false /* secure */,
9016 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
9017 false /* delay */);
9018
9019 CreateResolver();
9020 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9021
9022 HostResolver::ResolveHostParameters parameters;
9023 parameters.dns_query_type = DnsQueryType::TXT;
9024
9025 ResolveHostResponseHelper response(resolver_->CreateRequest(
9026 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9027 parameters, resolve_context_.get()));
9028 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9029 EXPECT_THAT(response.request()->GetAddressResults(),
9030 AnyOf(nullptr, Pointee(IsEmpty())));
9031 EXPECT_THAT(response.request()->GetEndpointResults(),
9032 AnyOf(nullptr, Pointee(IsEmpty())));
9033 EXPECT_THAT(response.request()->GetTextResults(),
9034 AnyOf(nullptr, Pointee(IsEmpty())));
9035 EXPECT_THAT(response.request()->GetHostnameResults(),
9036 AnyOf(nullptr, Pointee(IsEmpty())));
9037 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9038 AnyOf(nullptr, Pointee(IsEmpty())));
9039
9040 // Expect result not cached.
9041 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9042 }
9043
TEST_F(HostResolverManagerDnsTest,TxtQuery_Timeout)9044 TEST_F(HostResolverManagerDnsTest, TxtQuery_Timeout) {
9045 // Setup fallback to confirm it is not used for non-address results.
9046 set_allow_fallback_to_systemtask(true);
9047 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9048 proc_->SignalMultiple(1u);
9049
9050 MockDnsClientRuleList rules;
9051 rules.emplace_back(
9052 "host", dns_protocol::kTypeTXT, false /* secure */,
9053 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
9054 false /* delay */);
9055
9056 CreateResolver();
9057 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9058
9059 HostResolver::ResolveHostParameters parameters;
9060 parameters.dns_query_type = DnsQueryType::TXT;
9061
9062 ResolveHostResponseHelper response(resolver_->CreateRequest(
9063 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9064 parameters, resolve_context_.get()));
9065 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
9066 EXPECT_THAT(response.request()->GetAddressResults(),
9067 AnyOf(nullptr, Pointee(IsEmpty())));
9068 EXPECT_THAT(response.request()->GetEndpointResults(),
9069 AnyOf(nullptr, Pointee(IsEmpty())));
9070 EXPECT_THAT(response.request()->GetTextResults(),
9071 AnyOf(nullptr, Pointee(IsEmpty())));
9072 EXPECT_THAT(response.request()->GetHostnameResults(),
9073 AnyOf(nullptr, Pointee(IsEmpty())));
9074 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9075 AnyOf(nullptr, Pointee(IsEmpty())));
9076
9077 // Expect result not cached.
9078 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9079 }
9080
TEST_F(HostResolverManagerDnsTest,TxtQuery_Empty)9081 TEST_F(HostResolverManagerDnsTest, TxtQuery_Empty) {
9082 // Setup fallback to confirm it is not used for non-address results.
9083 set_allow_fallback_to_systemtask(true);
9084 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9085 proc_->SignalMultiple(1u);
9086
9087 MockDnsClientRuleList rules;
9088 rules.emplace_back(
9089 "host", dns_protocol::kTypeTXT, false /* secure */,
9090 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
9091 false /* delay */);
9092
9093 CreateResolver();
9094 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9095
9096 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9097
9098 HostResolver::ResolveHostParameters parameters;
9099 parameters.dns_query_type = DnsQueryType::TXT;
9100
9101 ResolveHostResponseHelper response(resolver_->CreateRequest(
9102 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9103 parameters, resolve_context_.get()));
9104 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9105 EXPECT_THAT(response.request()->GetAddressResults(),
9106 AnyOf(nullptr, Pointee(IsEmpty())));
9107 EXPECT_THAT(response.request()->GetEndpointResults(),
9108 AnyOf(nullptr, Pointee(IsEmpty())));
9109 EXPECT_THAT(response.request()->GetTextResults(),
9110 AnyOf(nullptr, Pointee(IsEmpty())));
9111 EXPECT_THAT(response.request()->GetHostnameResults(),
9112 AnyOf(nullptr, Pointee(IsEmpty())));
9113 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9114 AnyOf(nullptr, Pointee(IsEmpty())));
9115
9116 // Expect result to be cached.
9117 EXPECT_EQ(resolve_context_->host_cache()->size(), 1u);
9118 parameters.source = HostResolverSource::LOCAL_ONLY;
9119 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
9120 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9121 parameters, resolve_context_.get()));
9122 EXPECT_THAT(cached_response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9123 EXPECT_THAT(cached_response.request()->GetAddressResults(),
9124 AnyOf(nullptr, Pointee(IsEmpty())));
9125 EXPECT_THAT(cached_response.request()->GetEndpointResults(),
9126 AnyOf(nullptr, Pointee(IsEmpty())));
9127 EXPECT_THAT(cached_response.request()->GetTextResults(),
9128 AnyOf(nullptr, Pointee(IsEmpty())));
9129 EXPECT_THAT(cached_response.request()->GetHostnameResults(),
9130 AnyOf(nullptr, Pointee(IsEmpty())));
9131 EXPECT_THAT(cached_response.request()->GetExperimentalResultsForTesting(),
9132 AnyOf(nullptr, Pointee(IsEmpty())));
9133 }
9134
TEST_F(HostResolverManagerDnsTest,TxtQuery_Malformed)9135 TEST_F(HostResolverManagerDnsTest, TxtQuery_Malformed) {
9136 // Setup fallback to confirm it is not used for non-address results.
9137 set_allow_fallback_to_systemtask(true);
9138 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9139 proc_->SignalMultiple(1u);
9140
9141 MockDnsClientRuleList rules;
9142 rules.emplace_back(
9143 "host", dns_protocol::kTypeTXT, false /* secure */,
9144 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
9145 false /* delay */);
9146
9147 CreateResolver();
9148 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9149
9150 HostResolver::ResolveHostParameters parameters;
9151 parameters.dns_query_type = DnsQueryType::TXT;
9152
9153 ResolveHostResponseHelper response(resolver_->CreateRequest(
9154 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9155 parameters, resolve_context_.get()));
9156 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
9157 EXPECT_THAT(response.request()->GetAddressResults(),
9158 AnyOf(nullptr, Pointee(IsEmpty())));
9159 EXPECT_THAT(response.request()->GetEndpointResults(),
9160 AnyOf(nullptr, Pointee(IsEmpty())));
9161 EXPECT_THAT(response.request()->GetTextResults(),
9162 AnyOf(nullptr, Pointee(IsEmpty())));
9163 EXPECT_THAT(response.request()->GetHostnameResults(),
9164 AnyOf(nullptr, Pointee(IsEmpty())));
9165 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9166 AnyOf(nullptr, Pointee(IsEmpty())));
9167
9168 // Expect result not cached.
9169 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9170 }
9171
TEST_F(HostResolverManagerDnsTest,TxtQuery_MismatchedName)9172 TEST_F(HostResolverManagerDnsTest, TxtQuery_MismatchedName) {
9173 std::vector<std::vector<std::string>> text_records = {{"text"}};
9174 MockDnsClientRuleList rules;
9175 rules.emplace_back("host", dns_protocol::kTypeTXT, false /* secure */,
9176 MockDnsClientRule::Result(BuildTestDnsTextResponse(
9177 "host", std::move(text_records), "not.host")),
9178 false /* delay */);
9179
9180 CreateResolver();
9181 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9182
9183 HostResolver::ResolveHostParameters parameters;
9184 parameters.dns_query_type = DnsQueryType::TXT;
9185
9186 ResolveHostResponseHelper response(resolver_->CreateRequest(
9187 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9188 parameters, resolve_context_.get()));
9189 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
9190 EXPECT_THAT(response.request()->GetAddressResults(),
9191 AnyOf(nullptr, Pointee(IsEmpty())));
9192 EXPECT_THAT(response.request()->GetEndpointResults(),
9193 AnyOf(nullptr, Pointee(IsEmpty())));
9194 EXPECT_THAT(response.request()->GetTextResults(),
9195 AnyOf(nullptr, Pointee(IsEmpty())));
9196 EXPECT_THAT(response.request()->GetHostnameResults(),
9197 AnyOf(nullptr, Pointee(IsEmpty())));
9198 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9199 AnyOf(nullptr, Pointee(IsEmpty())));
9200
9201 // Expect result not cached.
9202 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9203 }
9204
TEST_F(HostResolverManagerDnsTest,TxtQuery_WrongType)9205 TEST_F(HostResolverManagerDnsTest, TxtQuery_WrongType) {
9206 // Respond to a TXT query with an A response.
9207 MockDnsClientRuleList rules;
9208 rules.emplace_back(
9209 "host", dns_protocol::kTypeTXT, false /* secure */,
9210 MockDnsClientRule::Result(BuildTestDnsResponse(
9211 "host", dns_protocol::kTypeTXT,
9212 {BuildTestAddressRecord("host", IPAddress(1, 2, 3, 4))})),
9213 false /* delay */);
9214
9215 CreateResolver();
9216 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9217
9218 HostResolver::ResolveHostParameters parameters;
9219 parameters.dns_query_type = DnsQueryType::TXT;
9220
9221 // Responses for the wrong type should be ignored.
9222 ResolveHostResponseHelper response(resolver_->CreateRequest(
9223 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9224 parameters, resolve_context_.get()));
9225 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9226 EXPECT_THAT(response.request()->GetAddressResults(),
9227 AnyOf(nullptr, Pointee(IsEmpty())));
9228 EXPECT_THAT(response.request()->GetEndpointResults(),
9229 AnyOf(nullptr, Pointee(IsEmpty())));
9230 EXPECT_THAT(response.request()->GetTextResults(),
9231 AnyOf(nullptr, Pointee(IsEmpty())));
9232 EXPECT_THAT(response.request()->GetHostnameResults(),
9233 AnyOf(nullptr, Pointee(IsEmpty())));
9234 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9235 AnyOf(nullptr, Pointee(IsEmpty())));
9236
9237 // Expect result not cached.
9238 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9239 }
9240
TEST_F(HostResolverManagerDnsTest,TxtInsecureQueryDisallowedWhenAdditionalTypesDisallowed)9241 TEST_F(HostResolverManagerDnsTest,
9242 TxtInsecureQueryDisallowedWhenAdditionalTypesDisallowed) {
9243 const std::string kName = "txt.test";
9244
9245 ChangeDnsConfig(CreateValidDnsConfig());
9246 DnsConfigOverrides overrides;
9247 overrides.secure_dns_mode = SecureDnsMode::kOff;
9248 resolver_->SetDnsConfigOverrides(overrides);
9249 resolver_->SetInsecureDnsClientEnabled(
9250 /*enabled=*/true,
9251 /*additional_dns_types_enabled=*/false);
9252
9253 HostResolver::ResolveHostParameters parameters;
9254 parameters.dns_query_type = DnsQueryType::TXT;
9255
9256 ResolveHostResponseHelper response(resolver_->CreateRequest(
9257 HostPortPair(kName, 108), NetworkAnonymizationKey(), NetLogWithSource(),
9258 parameters, resolve_context_.get()));
9259 // No non-local work is done, so ERR_DNS_CACHE_MISS is the result.
9260 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
9261 EXPECT_THAT(response.request()->GetAddressResults(),
9262 AnyOf(nullptr, Pointee(IsEmpty())));
9263 EXPECT_THAT(response.request()->GetEndpointResults(),
9264 AnyOf(nullptr, Pointee(IsEmpty())));
9265 EXPECT_THAT(response.request()->GetHostnameResults(),
9266 AnyOf(nullptr, Pointee(IsEmpty())));
9267 EXPECT_THAT(response.request()->GetTextResults(),
9268 AnyOf(nullptr, Pointee(IsEmpty())));
9269 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9270 AnyOf(nullptr, Pointee(IsEmpty())));
9271 }
9272
9273 // Same as TxtQuery except we specify DNS HostResolverSource instead of relying
9274 // on automatic determination. Expect same results since DNS should be what we
9275 // automatically determine, but some slightly different logic paths are
9276 // involved.
TEST_F(HostResolverManagerDnsTest,TxtDnsQuery)9277 TEST_F(HostResolverManagerDnsTest, TxtDnsQuery) {
9278 // Simulate two separate DNS records, each with multiple strings.
9279 std::vector<std::string> foo_records = {"foo1", "foo2", "foo3"};
9280 std::vector<std::string> bar_records = {"bar1", "bar2"};
9281 std::vector<std::vector<std::string>> text_records = {foo_records,
9282 bar_records};
9283
9284 MockDnsClientRuleList rules;
9285 rules.emplace_back("host", dns_protocol::kTypeTXT, false /* secure */,
9286 MockDnsClientRule::Result(BuildTestDnsTextResponse(
9287 "host", std::move(text_records))),
9288 false /* delay */);
9289
9290 CreateResolver();
9291 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9292
9293 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
9294
9295 HostResolver::ResolveHostParameters parameters;
9296 parameters.source = HostResolverSource::DNS;
9297 parameters.dns_query_type = DnsQueryType::TXT;
9298
9299 ResolveHostResponseHelper response(resolver_->CreateRequest(
9300 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9301 parameters, resolve_context_.get()));
9302 EXPECT_THAT(response.result_error(), IsOk());
9303 EXPECT_THAT(response.request()->GetAddressResults(),
9304 AnyOf(nullptr, Pointee(IsEmpty())));
9305 EXPECT_THAT(response.request()->GetEndpointResults(),
9306 AnyOf(nullptr, Pointee(IsEmpty())));
9307 EXPECT_THAT(response.request()->GetHostnameResults(),
9308 AnyOf(nullptr, Pointee(IsEmpty())));
9309 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9310 AnyOf(nullptr, Pointee(IsEmpty())));
9311
9312 // Order between separate DNS records is undefined, but each record should
9313 // stay in order as that order may be meaningful.
9314 ASSERT_THAT(response.request()->GetTextResults(),
9315 testing::Pointee(testing::UnorderedElementsAre(
9316 "foo1", "foo2", "foo3", "bar1", "bar2")));
9317 const std::vector<std::string>* results =
9318 response.request()->GetTextResults();
9319 EXPECT_NE(results->end(), base::ranges::search(*results, foo_records));
9320 EXPECT_NE(results->end(), base::ranges::search(*results, bar_records));
9321
9322 // Expect result to be cached.
9323 EXPECT_EQ(resolve_context_->host_cache()->size(), 1u);
9324 ResolveHostResponseHelper cached_response(resolver_->CreateRequest(
9325 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9326 parameters, resolve_context_.get()));
9327 EXPECT_THAT(cached_response.result_error(), IsOk());
9328 EXPECT_TRUE(cached_response.request()->GetStaleInfo());
9329 ASSERT_THAT(cached_response.request()->GetTextResults(),
9330 testing::Pointee(testing::UnorderedElementsAre(
9331 "foo1", "foo2", "foo3", "bar1", "bar2")));
9332 results = cached_response.request()->GetTextResults();
9333 EXPECT_NE(results->end(), base::ranges::search(*results, foo_records));
9334 EXPECT_NE(results->end(), base::ranges::search(*results, bar_records));
9335 }
9336
TEST_F(HostResolverManagerDnsTest,PtrQuery)9337 TEST_F(HostResolverManagerDnsTest, PtrQuery) {
9338 MockDnsClientRuleList rules;
9339 rules.emplace_back("host", dns_protocol::kTypePTR, false /* secure */,
9340 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
9341 "host", {"foo.com", "bar.com"})),
9342 false /* delay */);
9343
9344 CreateResolver();
9345 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9346
9347 HostResolver::ResolveHostParameters parameters;
9348 parameters.dns_query_type = DnsQueryType::PTR;
9349
9350 ResolveHostResponseHelper response(resolver_->CreateRequest(
9351 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9352 parameters, resolve_context_.get()));
9353 EXPECT_THAT(response.result_error(), IsOk());
9354 EXPECT_THAT(response.request()->GetAddressResults(),
9355 AnyOf(nullptr, Pointee(IsEmpty())));
9356 EXPECT_THAT(response.request()->GetEndpointResults(),
9357 AnyOf(nullptr, Pointee(IsEmpty())));
9358 EXPECT_THAT(response.request()->GetTextResults(),
9359 AnyOf(nullptr, Pointee(IsEmpty())));
9360 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9361 AnyOf(nullptr, Pointee(IsEmpty())));
9362
9363 // Order between separate records is undefined.
9364 EXPECT_THAT(response.request()->GetHostnameResults(),
9365 testing::Pointee(testing::UnorderedElementsAre(
9366 HostPortPair("foo.com", 108), HostPortPair("bar.com", 108))));
9367 }
9368
TEST_F(HostResolverManagerDnsTest,PtrQueryRejectsIpLiteral)9369 TEST_F(HostResolverManagerDnsTest, PtrQueryRejectsIpLiteral) {
9370 MockDnsClientRuleList rules;
9371
9372 // Entry that would resolve if DNS is mistakenly queried to ensure that does
9373 // not happen.
9374 rules.emplace_back("8.8.8.8", dns_protocol::kTypePTR, /*secure=*/false,
9375 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
9376 "8.8.8.8", {"foo.com", "bar.com"})),
9377 /*delay=*/false);
9378
9379 CreateResolver();
9380 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9381
9382 HostResolver::ResolveHostParameters parameters;
9383 parameters.dns_query_type = DnsQueryType::PTR;
9384
9385 ResolveHostResponseHelper response(resolver_->CreateRequest(
9386 HostPortPair("8.8.8.8", 108), NetworkAnonymizationKey(),
9387 NetLogWithSource(), parameters, resolve_context_.get()));
9388 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9389 EXPECT_THAT(response.request()->GetAddressResults(),
9390 AnyOf(nullptr, Pointee(IsEmpty())));
9391 EXPECT_THAT(response.request()->GetEndpointResults(),
9392 AnyOf(nullptr, Pointee(IsEmpty())));
9393 EXPECT_THAT(response.request()->GetTextResults(),
9394 AnyOf(nullptr, Pointee(IsEmpty())));
9395 EXPECT_THAT(response.request()->GetHostnameResults(),
9396 AnyOf(nullptr, Pointee(IsEmpty())));
9397 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9398 AnyOf(nullptr, Pointee(IsEmpty())));
9399 }
9400
TEST_F(HostResolverManagerDnsTest,PtrQueryHandlesReverseIpLookup)9401 TEST_F(HostResolverManagerDnsTest, PtrQueryHandlesReverseIpLookup) {
9402 const char kHostname[] = "8.8.8.8.in-addr.arpa";
9403
9404 MockDnsClientRuleList rules;
9405 rules.emplace_back(kHostname, dns_protocol::kTypePTR, /*secure=*/false,
9406 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
9407 kHostname, {"dns.google.test", "foo.test"})),
9408 /*delay=*/false);
9409
9410 CreateResolver();
9411 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9412
9413 HostResolver::ResolveHostParameters parameters;
9414 parameters.dns_query_type = DnsQueryType::PTR;
9415
9416 ResolveHostResponseHelper response(resolver_->CreateRequest(
9417 HostPortPair(kHostname, 108), NetworkAnonymizationKey(),
9418 NetLogWithSource(), parameters, resolve_context_.get()));
9419 EXPECT_THAT(response.result_error(), IsOk());
9420 EXPECT_THAT(response.request()->GetAddressResults(),
9421 AnyOf(nullptr, Pointee(IsEmpty())));
9422 EXPECT_THAT(response.request()->GetEndpointResults(),
9423 AnyOf(nullptr, Pointee(IsEmpty())));
9424 EXPECT_THAT(response.request()->GetTextResults(),
9425 AnyOf(nullptr, Pointee(IsEmpty())));
9426 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9427 AnyOf(nullptr, Pointee(IsEmpty())));
9428
9429 // Order between separate records is undefined.
9430 EXPECT_THAT(response.request()->GetHostnameResults(),
9431 testing::Pointee(testing::UnorderedElementsAre(
9432 HostPortPair("dns.google.test", 108),
9433 HostPortPair("foo.test", 108))));
9434 }
9435
TEST_F(HostResolverManagerDnsTest,PtrQuery_NonexistentDomain)9436 TEST_F(HostResolverManagerDnsTest, PtrQuery_NonexistentDomain) {
9437 // Setup fallback to confirm it is not used for non-address results.
9438 set_allow_fallback_to_systemtask(true);
9439 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9440 proc_->SignalMultiple(1u);
9441
9442 MockDnsClientRuleList rules;
9443 rules.emplace_back(
9444 "host", dns_protocol::kTypePTR, false /* secure */,
9445 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kNoDomain),
9446 false /* delay */);
9447
9448 CreateResolver();
9449 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9450
9451 HostResolver::ResolveHostParameters parameters;
9452 parameters.dns_query_type = DnsQueryType::PTR;
9453
9454 ResolveHostResponseHelper response(resolver_->CreateRequest(
9455 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9456 parameters, resolve_context_.get()));
9457 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9458 EXPECT_THAT(response.request()->GetAddressResults(),
9459 AnyOf(nullptr, Pointee(IsEmpty())));
9460 EXPECT_THAT(response.request()->GetEndpointResults(),
9461 AnyOf(nullptr, Pointee(IsEmpty())));
9462 EXPECT_THAT(response.request()->GetTextResults(),
9463 AnyOf(nullptr, Pointee(IsEmpty())));
9464 EXPECT_THAT(response.request()->GetHostnameResults(),
9465 AnyOf(nullptr, Pointee(IsEmpty())));
9466 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9467 AnyOf(nullptr, Pointee(IsEmpty())));
9468 }
9469
TEST_F(HostResolverManagerDnsTest,PtrQuery_Failure)9470 TEST_F(HostResolverManagerDnsTest, PtrQuery_Failure) {
9471 // Setup fallback to confirm it is not used for non-address results.
9472 set_allow_fallback_to_systemtask(true);
9473 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9474 proc_->SignalMultiple(1u);
9475
9476 MockDnsClientRuleList rules;
9477 rules.emplace_back(
9478 "host", dns_protocol::kTypePTR, false /* secure */,
9479 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
9480 false /* delay */);
9481
9482 CreateResolver();
9483 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9484
9485 HostResolver::ResolveHostParameters parameters;
9486 parameters.dns_query_type = DnsQueryType::PTR;
9487
9488 ResolveHostResponseHelper response(resolver_->CreateRequest(
9489 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9490 parameters, resolve_context_.get()));
9491 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9492 EXPECT_THAT(response.request()->GetAddressResults(),
9493 AnyOf(nullptr, Pointee(IsEmpty())));
9494 EXPECT_THAT(response.request()->GetEndpointResults(),
9495 AnyOf(nullptr, Pointee(IsEmpty())));
9496 EXPECT_THAT(response.request()->GetTextResults(),
9497 AnyOf(nullptr, Pointee(IsEmpty())));
9498 EXPECT_THAT(response.request()->GetHostnameResults(),
9499 AnyOf(nullptr, Pointee(IsEmpty())));
9500 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9501 AnyOf(nullptr, Pointee(IsEmpty())));
9502 }
9503
TEST_F(HostResolverManagerDnsTest,PtrQuery_Timeout)9504 TEST_F(HostResolverManagerDnsTest, PtrQuery_Timeout) {
9505 // Setup fallback to confirm it is not used for non-address results.
9506 set_allow_fallback_to_systemtask(true);
9507 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9508 proc_->SignalMultiple(1u);
9509
9510 MockDnsClientRuleList rules;
9511 rules.emplace_back(
9512 "host", dns_protocol::kTypePTR, false /* secure */,
9513 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
9514 false /* delay */);
9515
9516 CreateResolver();
9517 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9518
9519 HostResolver::ResolveHostParameters parameters;
9520 parameters.dns_query_type = DnsQueryType::PTR;
9521
9522 ResolveHostResponseHelper response(resolver_->CreateRequest(
9523 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9524 parameters, resolve_context_.get()));
9525 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
9526 EXPECT_THAT(response.request()->GetAddressResults(),
9527 AnyOf(nullptr, Pointee(IsEmpty())));
9528 EXPECT_THAT(response.request()->GetEndpointResults(),
9529 AnyOf(nullptr, Pointee(IsEmpty())));
9530 EXPECT_THAT(response.request()->GetTextResults(),
9531 AnyOf(nullptr, Pointee(IsEmpty())));
9532 EXPECT_THAT(response.request()->GetHostnameResults(),
9533 AnyOf(nullptr, Pointee(IsEmpty())));
9534 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9535 AnyOf(nullptr, Pointee(IsEmpty())));
9536 }
9537
TEST_F(HostResolverManagerDnsTest,PtrQuery_Empty)9538 TEST_F(HostResolverManagerDnsTest, PtrQuery_Empty) {
9539 // Setup fallback to confirm it is not used for non-address results.
9540 set_allow_fallback_to_systemtask(true);
9541 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9542 proc_->SignalMultiple(1u);
9543
9544 MockDnsClientRuleList rules;
9545 rules.emplace_back(
9546 "host", dns_protocol::kTypePTR, false /* secure */,
9547 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
9548 false /* delay */);
9549
9550 CreateResolver();
9551 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9552
9553 HostResolver::ResolveHostParameters parameters;
9554 parameters.dns_query_type = DnsQueryType::PTR;
9555
9556 ResolveHostResponseHelper response(resolver_->CreateRequest(
9557 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9558 parameters, resolve_context_.get()));
9559 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9560 EXPECT_THAT(response.request()->GetAddressResults(),
9561 AnyOf(nullptr, Pointee(IsEmpty())));
9562 EXPECT_THAT(response.request()->GetEndpointResults(),
9563 AnyOf(nullptr, Pointee(IsEmpty())));
9564 EXPECT_THAT(response.request()->GetTextResults(),
9565 AnyOf(nullptr, Pointee(IsEmpty())));
9566 EXPECT_THAT(response.request()->GetHostnameResults(),
9567 AnyOf(nullptr, Pointee(IsEmpty())));
9568 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9569 AnyOf(nullptr, Pointee(IsEmpty())));
9570 }
9571
TEST_F(HostResolverManagerDnsTest,PtrQuery_Malformed)9572 TEST_F(HostResolverManagerDnsTest, PtrQuery_Malformed) {
9573 // Setup fallback to confirm it is not used for non-address results.
9574 set_allow_fallback_to_systemtask(true);
9575 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9576 proc_->SignalMultiple(1u);
9577
9578 MockDnsClientRuleList rules;
9579 rules.emplace_back(
9580 "host", dns_protocol::kTypePTR, false /* secure */,
9581 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
9582 false /* delay */);
9583
9584 CreateResolver();
9585 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9586
9587 HostResolver::ResolveHostParameters parameters;
9588 parameters.dns_query_type = DnsQueryType::PTR;
9589
9590 ResolveHostResponseHelper response(resolver_->CreateRequest(
9591 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9592 parameters, resolve_context_.get()));
9593 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
9594 EXPECT_THAT(response.request()->GetAddressResults(),
9595 AnyOf(nullptr, Pointee(IsEmpty())));
9596 EXPECT_THAT(response.request()->GetEndpointResults(),
9597 AnyOf(nullptr, Pointee(IsEmpty())));
9598 EXPECT_THAT(response.request()->GetTextResults(),
9599 AnyOf(nullptr, Pointee(IsEmpty())));
9600 EXPECT_THAT(response.request()->GetHostnameResults(),
9601 AnyOf(nullptr, Pointee(IsEmpty())));
9602 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9603 AnyOf(nullptr, Pointee(IsEmpty())));
9604 }
9605
TEST_F(HostResolverManagerDnsTest,PtrQuery_MismatchedName)9606 TEST_F(HostResolverManagerDnsTest, PtrQuery_MismatchedName) {
9607 std::vector<std::string> ptr_records = {{"foo.com"}};
9608 MockDnsClientRuleList rules;
9609 rules.emplace_back("host", dns_protocol::kTypePTR, false /* secure */,
9610 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
9611 "host", std::move(ptr_records), "not.host")),
9612 false /* delay */);
9613
9614 CreateResolver();
9615 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9616
9617 HostResolver::ResolveHostParameters parameters;
9618 parameters.dns_query_type = DnsQueryType::PTR;
9619
9620 ResolveHostResponseHelper response(resolver_->CreateRequest(
9621 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9622 parameters, resolve_context_.get()));
9623 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
9624 EXPECT_THAT(response.request()->GetAddressResults(),
9625 AnyOf(nullptr, Pointee(IsEmpty())));
9626 EXPECT_THAT(response.request()->GetEndpointResults(),
9627 AnyOf(nullptr, Pointee(IsEmpty())));
9628 EXPECT_THAT(response.request()->GetTextResults(),
9629 AnyOf(nullptr, Pointee(IsEmpty())));
9630 EXPECT_THAT(response.request()->GetHostnameResults(),
9631 AnyOf(nullptr, Pointee(IsEmpty())));
9632 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9633 AnyOf(nullptr, Pointee(IsEmpty())));
9634 }
9635
TEST_F(HostResolverManagerDnsTest,PtrQuery_WrongType)9636 TEST_F(HostResolverManagerDnsTest, PtrQuery_WrongType) {
9637 // Respond to a TXT query with an A response.
9638 MockDnsClientRuleList rules;
9639 rules.emplace_back(
9640 "host", dns_protocol::kTypePTR, false /* secure */,
9641 MockDnsClientRule::Result(BuildTestDnsResponse(
9642 "host", dns_protocol::kTypePTR,
9643 {BuildTestAddressRecord("host", IPAddress(1, 2, 3, 4))})),
9644 false /* delay */);
9645
9646 CreateResolver();
9647 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9648
9649 HostResolver::ResolveHostParameters parameters;
9650 parameters.dns_query_type = DnsQueryType::PTR;
9651
9652 // Responses for the wrong type should be ignored.
9653 ResolveHostResponseHelper response(resolver_->CreateRequest(
9654 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9655 parameters, resolve_context_.get()));
9656 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9657 EXPECT_THAT(response.request()->GetAddressResults(),
9658 AnyOf(nullptr, Pointee(IsEmpty())));
9659 EXPECT_THAT(response.request()->GetEndpointResults(),
9660 AnyOf(nullptr, Pointee(IsEmpty())));
9661 EXPECT_THAT(response.request()->GetTextResults(),
9662 AnyOf(nullptr, Pointee(IsEmpty())));
9663 EXPECT_THAT(response.request()->GetHostnameResults(),
9664 AnyOf(nullptr, Pointee(IsEmpty())));
9665 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9666 AnyOf(nullptr, Pointee(IsEmpty())));
9667 }
9668
TEST_F(HostResolverManagerDnsTest,PtrInsecureQueryDisallowedWhenAdditionalTypesDisallowed)9669 TEST_F(HostResolverManagerDnsTest,
9670 PtrInsecureQueryDisallowedWhenAdditionalTypesDisallowed) {
9671 const std::string kName = "ptr.test";
9672
9673 ChangeDnsConfig(CreateValidDnsConfig());
9674 DnsConfigOverrides overrides;
9675 overrides.secure_dns_mode = SecureDnsMode::kOff;
9676 resolver_->SetDnsConfigOverrides(overrides);
9677 resolver_->SetInsecureDnsClientEnabled(
9678 /*enabled=*/true,
9679 /*additional_dns_types_enabled=*/false);
9680
9681 HostResolver::ResolveHostParameters parameters;
9682 parameters.dns_query_type = DnsQueryType::PTR;
9683
9684 ResolveHostResponseHelper response(resolver_->CreateRequest(
9685 HostPortPair(kName, 108), NetworkAnonymizationKey(), NetLogWithSource(),
9686 parameters, resolve_context_.get()));
9687 // No non-local work is done, so ERR_DNS_CACHE_MISS is the result.
9688 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
9689 EXPECT_THAT(response.request()->GetAddressResults(),
9690 AnyOf(nullptr, Pointee(IsEmpty())));
9691 EXPECT_THAT(response.request()->GetEndpointResults(),
9692 AnyOf(nullptr, Pointee(IsEmpty())));
9693 EXPECT_THAT(response.request()->GetHostnameResults(),
9694 AnyOf(nullptr, Pointee(IsEmpty())));
9695 EXPECT_THAT(response.request()->GetTextResults(),
9696 AnyOf(nullptr, Pointee(IsEmpty())));
9697 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9698 AnyOf(nullptr, Pointee(IsEmpty())));
9699 }
9700
9701 // Same as PtrQuery except we specify DNS HostResolverSource instead of relying
9702 // on automatic determination. Expect same results since DNS should be what we
9703 // automatically determine, but some slightly different logic paths are
9704 // involved.
TEST_F(HostResolverManagerDnsTest,PtrDnsQuery)9705 TEST_F(HostResolverManagerDnsTest, PtrDnsQuery) {
9706 MockDnsClientRuleList rules;
9707 rules.emplace_back("host", dns_protocol::kTypePTR, false /* secure */,
9708 MockDnsClientRule::Result(BuildTestDnsPointerResponse(
9709 "host", {"foo.com", "bar.com"})),
9710 false /* delay */);
9711
9712 CreateResolver();
9713 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9714
9715 HostResolver::ResolveHostParameters parameters;
9716 parameters.source = HostResolverSource::DNS;
9717 parameters.dns_query_type = DnsQueryType::PTR;
9718
9719 ResolveHostResponseHelper response(resolver_->CreateRequest(
9720 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9721 parameters, resolve_context_.get()));
9722 EXPECT_THAT(response.result_error(), IsOk());
9723 EXPECT_THAT(response.request()->GetAddressResults(),
9724 AnyOf(nullptr, Pointee(IsEmpty())));
9725 EXPECT_THAT(response.request()->GetEndpointResults(),
9726 AnyOf(nullptr, Pointee(IsEmpty())));
9727 EXPECT_THAT(response.request()->GetTextResults(),
9728 AnyOf(nullptr, Pointee(IsEmpty())));
9729 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9730 AnyOf(nullptr, Pointee(IsEmpty())));
9731
9732 // Order between separate records is undefined.
9733 EXPECT_THAT(response.request()->GetHostnameResults(),
9734 testing::Pointee(testing::UnorderedElementsAre(
9735 HostPortPair("foo.com", 108), HostPortPair("bar.com", 108))));
9736 }
9737
TEST_F(HostResolverManagerDnsTest,SrvQuery)9738 TEST_F(HostResolverManagerDnsTest, SrvQuery) {
9739 const TestServiceRecord kRecord1 = {2, 3, 1223, "foo.com"};
9740 const TestServiceRecord kRecord2 = {5, 10, 80, "bar.com"};
9741 const TestServiceRecord kRecord3 = {5, 1, 5, "google.com"};
9742 const TestServiceRecord kRecord4 = {2, 100, 12345, "chromium.org"};
9743 MockDnsClientRuleList rules;
9744 rules.emplace_back("host", dns_protocol::kTypeSRV, false /* secure */,
9745 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
9746 "host", {kRecord1, kRecord2, kRecord3, kRecord4})),
9747 false /* delay */);
9748
9749 CreateResolver();
9750 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9751
9752 HostResolver::ResolveHostParameters parameters;
9753 parameters.dns_query_type = DnsQueryType::SRV;
9754
9755 ResolveHostResponseHelper response(resolver_->CreateRequest(
9756 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9757 parameters, resolve_context_.get()));
9758 EXPECT_THAT(response.result_error(), IsOk());
9759 EXPECT_THAT(response.request()->GetAddressResults(),
9760 AnyOf(nullptr, Pointee(IsEmpty())));
9761 EXPECT_THAT(response.request()->GetEndpointResults(),
9762 AnyOf(nullptr, Pointee(IsEmpty())));
9763 EXPECT_THAT(response.request()->GetTextResults(),
9764 AnyOf(nullptr, Pointee(IsEmpty())));
9765 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9766 AnyOf(nullptr, Pointee(IsEmpty())));
9767
9768 // Expect ordered by priority, and random within a priority.
9769 const std::vector<HostPortPair>* results =
9770 response.request()->GetHostnameResults();
9771 ASSERT_THAT(
9772 results,
9773 testing::Pointee(testing::UnorderedElementsAre(
9774 HostPortPair("foo.com", 1223), HostPortPair("bar.com", 80),
9775 HostPortPair("google.com", 5), HostPortPair("chromium.org", 12345))));
9776 auto priority2 =
9777 std::vector<HostPortPair>(results->begin(), results->begin() + 2);
9778 EXPECT_THAT(priority2, testing::UnorderedElementsAre(
9779 HostPortPair("foo.com", 1223),
9780 HostPortPair("chromium.org", 12345)));
9781 auto priority5 =
9782 std::vector<HostPortPair>(results->begin() + 2, results->end());
9783 EXPECT_THAT(priority5,
9784 testing::UnorderedElementsAre(HostPortPair("bar.com", 80),
9785 HostPortPair("google.com", 5)));
9786 }
9787
TEST_F(HostResolverManagerDnsTest,SrvQueryRejectsIpLiteral)9788 TEST_F(HostResolverManagerDnsTest, SrvQueryRejectsIpLiteral) {
9789 MockDnsClientRuleList rules;
9790
9791 // Entry that would resolve if DNS is mistakenly queried to ensure that does
9792 // not happen.
9793 rules.emplace_back("8.8.8.8", dns_protocol::kTypeSRV, /*secure=*/false,
9794 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
9795 "8.8.8.8", {{/*priority=*/4, /*weight=*/0, /*port=*/90,
9796 /*target=*/"google.test"}})),
9797 /*delay=*/false);
9798
9799 CreateResolver();
9800 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9801
9802 HostResolver::ResolveHostParameters parameters;
9803 parameters.dns_query_type = DnsQueryType::SRV;
9804
9805 ResolveHostResponseHelper response(resolver_->CreateRequest(
9806 HostPortPair("8.8.8.8", 108), NetworkAnonymizationKey(),
9807 NetLogWithSource(), parameters, resolve_context_.get()));
9808 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9809 EXPECT_THAT(response.request()->GetAddressResults(),
9810 AnyOf(nullptr, Pointee(IsEmpty())));
9811 EXPECT_THAT(response.request()->GetEndpointResults(),
9812 AnyOf(nullptr, Pointee(IsEmpty())));
9813 EXPECT_THAT(response.request()->GetTextResults(),
9814 AnyOf(nullptr, Pointee(IsEmpty())));
9815 EXPECT_THAT(response.request()->GetHostnameResults(),
9816 AnyOf(nullptr, Pointee(IsEmpty())));
9817 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9818 AnyOf(nullptr, Pointee(IsEmpty())));
9819 }
9820
9821 // 0-weight services are allowed. Ensure that we can handle such records,
9822 // especially the case where all entries have weight 0.
TEST_F(HostResolverManagerDnsTest,SrvQuery_ZeroWeight)9823 TEST_F(HostResolverManagerDnsTest, SrvQuery_ZeroWeight) {
9824 const TestServiceRecord kRecord1 = {5, 0, 80, "bar.com"};
9825 const TestServiceRecord kRecord2 = {5, 0, 5, "google.com"};
9826 MockDnsClientRuleList rules;
9827 rules.emplace_back("host", dns_protocol::kTypeSRV, false /* secure */,
9828 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
9829 "host", {kRecord1, kRecord2})),
9830 false /* delay */);
9831
9832 CreateResolver();
9833 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9834
9835 HostResolver::ResolveHostParameters parameters;
9836 parameters.dns_query_type = DnsQueryType::SRV;
9837
9838 ResolveHostResponseHelper response(resolver_->CreateRequest(
9839 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9840 parameters, resolve_context_.get()));
9841 EXPECT_THAT(response.result_error(), IsOk());
9842 EXPECT_THAT(response.request()->GetAddressResults(),
9843 AnyOf(nullptr, Pointee(IsEmpty())));
9844 EXPECT_THAT(response.request()->GetEndpointResults(),
9845 AnyOf(nullptr, Pointee(IsEmpty())));
9846 EXPECT_THAT(response.request()->GetTextResults(),
9847 AnyOf(nullptr, Pointee(IsEmpty())));
9848 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9849 AnyOf(nullptr, Pointee(IsEmpty())));
9850
9851 // Expect ordered by priority, and random within a priority.
9852 EXPECT_THAT(response.request()->GetHostnameResults(),
9853 testing::Pointee(testing::UnorderedElementsAre(
9854 HostPortPair("bar.com", 80), HostPortPair("google.com", 5))));
9855 }
9856
TEST_F(HostResolverManagerDnsTest,SrvQuery_NonexistentDomain)9857 TEST_F(HostResolverManagerDnsTest, SrvQuery_NonexistentDomain) {
9858 // Setup fallback to confirm it is not used for non-address results.
9859 set_allow_fallback_to_systemtask(true);
9860 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9861 proc_->SignalMultiple(1u);
9862
9863 MockDnsClientRuleList rules;
9864 rules.emplace_back(
9865 "host", dns_protocol::kTypeSRV, false /* secure */,
9866 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kNoDomain),
9867 false /* delay */);
9868
9869 CreateResolver();
9870 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9871
9872 HostResolver::ResolveHostParameters parameters;
9873 parameters.dns_query_type = DnsQueryType::SRV;
9874
9875 ResolveHostResponseHelper response(resolver_->CreateRequest(
9876 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9877 parameters, resolve_context_.get()));
9878 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9879 EXPECT_THAT(response.request()->GetAddressResults(),
9880 AnyOf(nullptr, Pointee(IsEmpty())));
9881 EXPECT_THAT(response.request()->GetEndpointResults(),
9882 AnyOf(nullptr, Pointee(IsEmpty())));
9883 EXPECT_THAT(response.request()->GetTextResults(),
9884 AnyOf(nullptr, Pointee(IsEmpty())));
9885 EXPECT_THAT(response.request()->GetHostnameResults(),
9886 AnyOf(nullptr, Pointee(IsEmpty())));
9887 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9888 AnyOf(nullptr, Pointee(IsEmpty())));
9889 }
9890
TEST_F(HostResolverManagerDnsTest,SrvQuery_Failure)9891 TEST_F(HostResolverManagerDnsTest, SrvQuery_Failure) {
9892 // Setup fallback to confirm it is not used for non-address results.
9893 set_allow_fallback_to_systemtask(true);
9894 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9895 proc_->SignalMultiple(1u);
9896
9897 MockDnsClientRuleList rules;
9898 rules.emplace_back(
9899 "host", dns_protocol::kTypeSRV, false /* secure */,
9900 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
9901 false /* delay */);
9902
9903 CreateResolver();
9904 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9905
9906 HostResolver::ResolveHostParameters parameters;
9907 parameters.dns_query_type = DnsQueryType::SRV;
9908
9909 ResolveHostResponseHelper response(resolver_->CreateRequest(
9910 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9911 parameters, resolve_context_.get()));
9912 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9913 EXPECT_THAT(response.request()->GetAddressResults(),
9914 AnyOf(nullptr, Pointee(IsEmpty())));
9915 EXPECT_THAT(response.request()->GetEndpointResults(),
9916 AnyOf(nullptr, Pointee(IsEmpty())));
9917 EXPECT_THAT(response.request()->GetTextResults(),
9918 AnyOf(nullptr, Pointee(IsEmpty())));
9919 EXPECT_THAT(response.request()->GetHostnameResults(),
9920 AnyOf(nullptr, Pointee(IsEmpty())));
9921 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9922 AnyOf(nullptr, Pointee(IsEmpty())));
9923 }
9924
TEST_F(HostResolverManagerDnsTest,SrvQuery_Timeout)9925 TEST_F(HostResolverManagerDnsTest, SrvQuery_Timeout) {
9926 // Setup fallback to confirm it is not used for non-address results.
9927 set_allow_fallback_to_systemtask(true);
9928 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9929 proc_->SignalMultiple(1u);
9930
9931 MockDnsClientRuleList rules;
9932 rules.emplace_back(
9933 "host", dns_protocol::kTypeSRV, false /* secure */,
9934 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
9935 false /* delay */);
9936
9937 CreateResolver();
9938 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9939
9940 HostResolver::ResolveHostParameters parameters;
9941 parameters.dns_query_type = DnsQueryType::SRV;
9942
9943 ResolveHostResponseHelper response(resolver_->CreateRequest(
9944 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9945 parameters, resolve_context_.get()));
9946 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
9947 EXPECT_THAT(response.request()->GetAddressResults(),
9948 AnyOf(nullptr, Pointee(IsEmpty())));
9949 EXPECT_THAT(response.request()->GetEndpointResults(),
9950 AnyOf(nullptr, Pointee(IsEmpty())));
9951 EXPECT_THAT(response.request()->GetTextResults(),
9952 AnyOf(nullptr, Pointee(IsEmpty())));
9953 EXPECT_THAT(response.request()->GetHostnameResults(),
9954 AnyOf(nullptr, Pointee(IsEmpty())));
9955 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9956 AnyOf(nullptr, Pointee(IsEmpty())));
9957 }
9958
TEST_F(HostResolverManagerDnsTest,SrvQuery_Empty)9959 TEST_F(HostResolverManagerDnsTest, SrvQuery_Empty) {
9960 // Setup fallback to confirm it is not used for non-address results.
9961 set_allow_fallback_to_systemtask(true);
9962 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9963 proc_->SignalMultiple(1u);
9964
9965 MockDnsClientRuleList rules;
9966 rules.emplace_back(
9967 "host", dns_protocol::kTypeSRV, false /* secure */,
9968 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
9969 false /* delay */);
9970
9971 CreateResolver();
9972 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
9973
9974 HostResolver::ResolveHostParameters parameters;
9975 parameters.dns_query_type = DnsQueryType::SRV;
9976
9977 ResolveHostResponseHelper response(resolver_->CreateRequest(
9978 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
9979 parameters, resolve_context_.get()));
9980 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
9981 EXPECT_THAT(response.request()->GetAddressResults(),
9982 AnyOf(nullptr, Pointee(IsEmpty())));
9983 EXPECT_THAT(response.request()->GetEndpointResults(),
9984 AnyOf(nullptr, Pointee(IsEmpty())));
9985 EXPECT_THAT(response.request()->GetTextResults(),
9986 AnyOf(nullptr, Pointee(IsEmpty())));
9987 EXPECT_THAT(response.request()->GetHostnameResults(),
9988 AnyOf(nullptr, Pointee(IsEmpty())));
9989 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
9990 AnyOf(nullptr, Pointee(IsEmpty())));
9991 }
9992
TEST_F(HostResolverManagerDnsTest,SrvQuery_Malformed)9993 TEST_F(HostResolverManagerDnsTest, SrvQuery_Malformed) {
9994 // Setup fallback to confirm it is not used for non-address results.
9995 set_allow_fallback_to_systemtask(true);
9996 proc_->AddRuleForAllFamilies("host", "192.168.1.102");
9997 proc_->SignalMultiple(1u);
9998
9999 MockDnsClientRuleList rules;
10000 rules.emplace_back(
10001 "host", dns_protocol::kTypeSRV, false /* secure */,
10002 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
10003 false /* delay */);
10004
10005 CreateResolver();
10006 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10007
10008 HostResolver::ResolveHostParameters parameters;
10009 parameters.dns_query_type = DnsQueryType::SRV;
10010
10011 ResolveHostResponseHelper response(resolver_->CreateRequest(
10012 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10013 parameters, resolve_context_.get()));
10014 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
10015 EXPECT_THAT(response.request()->GetAddressResults(),
10016 AnyOf(nullptr, Pointee(IsEmpty())));
10017 EXPECT_THAT(response.request()->GetEndpointResults(),
10018 AnyOf(nullptr, Pointee(IsEmpty())));
10019 EXPECT_THAT(response.request()->GetTextResults(),
10020 AnyOf(nullptr, Pointee(IsEmpty())));
10021 EXPECT_THAT(response.request()->GetHostnameResults(),
10022 AnyOf(nullptr, Pointee(IsEmpty())));
10023 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10024 AnyOf(nullptr, Pointee(IsEmpty())));
10025 }
10026
TEST_F(HostResolverManagerDnsTest,SrvQuery_MismatchedName)10027 TEST_F(HostResolverManagerDnsTest, SrvQuery_MismatchedName) {
10028 std::vector<TestServiceRecord> srv_records = {{1, 2, 3, "foo.com"}};
10029 MockDnsClientRuleList rules;
10030 rules.emplace_back("host", dns_protocol::kTypeSRV, false /* secure */,
10031 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
10032 "host", std::move(srv_records), "not.host")),
10033 false /* delay */);
10034
10035 CreateResolver();
10036 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10037
10038 HostResolver::ResolveHostParameters parameters;
10039 parameters.dns_query_type = DnsQueryType::SRV;
10040
10041 ResolveHostResponseHelper response(resolver_->CreateRequest(
10042 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10043 parameters, resolve_context_.get()));
10044 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
10045 EXPECT_THAT(response.request()->GetAddressResults(),
10046 AnyOf(nullptr, Pointee(IsEmpty())));
10047 EXPECT_THAT(response.request()->GetEndpointResults(),
10048 AnyOf(nullptr, Pointee(IsEmpty())));
10049 EXPECT_THAT(response.request()->GetTextResults(),
10050 AnyOf(nullptr, Pointee(IsEmpty())));
10051 EXPECT_THAT(response.request()->GetHostnameResults(),
10052 AnyOf(nullptr, Pointee(IsEmpty())));
10053 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10054 AnyOf(nullptr, Pointee(IsEmpty())));
10055 }
10056
TEST_F(HostResolverManagerDnsTest,SrvQuery_WrongType)10057 TEST_F(HostResolverManagerDnsTest, SrvQuery_WrongType) {
10058 // Respond to a SRV query with an A response.
10059 MockDnsClientRuleList rules;
10060 rules.emplace_back(
10061 "host", dns_protocol::kTypeSRV, false /* secure */,
10062 MockDnsClientRule::Result(BuildTestDnsResponse(
10063 "host", dns_protocol::kTypeSRV,
10064 {BuildTestAddressRecord("host", IPAddress(1, 2, 3, 4))})),
10065 false /* delay */);
10066
10067 CreateResolver();
10068 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10069
10070 HostResolver::ResolveHostParameters parameters;
10071 parameters.dns_query_type = DnsQueryType::SRV;
10072
10073 // Responses for the wrong type should be ignored.
10074 ResolveHostResponseHelper response(resolver_->CreateRequest(
10075 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10076 parameters, resolve_context_.get()));
10077 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10078 EXPECT_THAT(response.request()->GetAddressResults(),
10079 AnyOf(nullptr, Pointee(IsEmpty())));
10080 EXPECT_THAT(response.request()->GetEndpointResults(),
10081 AnyOf(nullptr, Pointee(IsEmpty())));
10082 EXPECT_THAT(response.request()->GetTextResults(),
10083 AnyOf(nullptr, Pointee(IsEmpty())));
10084 EXPECT_THAT(response.request()->GetHostnameResults(),
10085 AnyOf(nullptr, Pointee(IsEmpty())));
10086 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10087 AnyOf(nullptr, Pointee(IsEmpty())));
10088 }
10089
TEST_F(HostResolverManagerDnsTest,SrvInsecureQueryDisallowedWhenAdditionalTypesDisallowed)10090 TEST_F(HostResolverManagerDnsTest,
10091 SrvInsecureQueryDisallowedWhenAdditionalTypesDisallowed) {
10092 const std::string kName = "srv.test";
10093
10094 ChangeDnsConfig(CreateValidDnsConfig());
10095 DnsConfigOverrides overrides;
10096 overrides.secure_dns_mode = SecureDnsMode::kOff;
10097 resolver_->SetDnsConfigOverrides(overrides);
10098 resolver_->SetInsecureDnsClientEnabled(
10099 /*enabled=*/true,
10100 /*additional_dns_types_enabled=*/false);
10101
10102 HostResolver::ResolveHostParameters parameters;
10103 parameters.dns_query_type = DnsQueryType::SRV;
10104
10105 ResolveHostResponseHelper response(resolver_->CreateRequest(
10106 HostPortPair(kName, 108), NetworkAnonymizationKey(), NetLogWithSource(),
10107 parameters, resolve_context_.get()));
10108 // No non-local work is done, so ERR_DNS_CACHE_MISS is the result.
10109 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_CACHE_MISS));
10110 EXPECT_THAT(response.request()->GetAddressResults(),
10111 AnyOf(nullptr, Pointee(IsEmpty())));
10112 EXPECT_THAT(response.request()->GetEndpointResults(),
10113 AnyOf(nullptr, Pointee(IsEmpty())));
10114 EXPECT_THAT(response.request()->GetHostnameResults(),
10115 AnyOf(nullptr, Pointee(IsEmpty())));
10116 EXPECT_THAT(response.request()->GetTextResults(),
10117 AnyOf(nullptr, Pointee(IsEmpty())));
10118 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10119 AnyOf(nullptr, Pointee(IsEmpty())));
10120 }
10121
10122 // Same as SrvQuery except we specify DNS HostResolverSource instead of relying
10123 // on automatic determination. Expect same results since DNS should be what we
10124 // automatically determine, but some slightly different logic paths are
10125 // involved.
TEST_F(HostResolverManagerDnsTest,SrvDnsQuery)10126 TEST_F(HostResolverManagerDnsTest, SrvDnsQuery) {
10127 const TestServiceRecord kRecord1 = {2, 3, 1223, "foo.com"};
10128 const TestServiceRecord kRecord2 = {5, 10, 80, "bar.com"};
10129 const TestServiceRecord kRecord3 = {5, 1, 5, "google.com"};
10130 const TestServiceRecord kRecord4 = {2, 100, 12345, "chromium.org"};
10131 MockDnsClientRuleList rules;
10132 rules.emplace_back("host", dns_protocol::kTypeSRV, false /* secure */,
10133 MockDnsClientRule::Result(BuildTestDnsServiceResponse(
10134 "host", {kRecord1, kRecord2, kRecord3, kRecord4})),
10135 false /* delay */);
10136
10137 CreateResolver();
10138 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10139
10140 HostResolver::ResolveHostParameters parameters;
10141 parameters.source = HostResolverSource::DNS;
10142 parameters.dns_query_type = DnsQueryType::SRV;
10143
10144 ResolveHostResponseHelper response(resolver_->CreateRequest(
10145 HostPortPair("host", 108), NetworkAnonymizationKey(), NetLogWithSource(),
10146 parameters, resolve_context_.get()));
10147 EXPECT_THAT(response.result_error(), IsOk());
10148 EXPECT_THAT(response.request()->GetAddressResults(),
10149 AnyOf(nullptr, Pointee(IsEmpty())));
10150 EXPECT_THAT(response.request()->GetEndpointResults(),
10151 AnyOf(nullptr, Pointee(IsEmpty())));
10152 EXPECT_THAT(response.request()->GetTextResults(),
10153 AnyOf(nullptr, Pointee(IsEmpty())));
10154 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10155 AnyOf(nullptr, Pointee(IsEmpty())));
10156
10157 // Expect ordered by priority, and random within a priority.
10158 const std::vector<HostPortPair>* results =
10159 response.request()->GetHostnameResults();
10160 ASSERT_THAT(
10161 results,
10162 testing::Pointee(testing::UnorderedElementsAre(
10163 HostPortPair("foo.com", 1223), HostPortPair("bar.com", 80),
10164 HostPortPair("google.com", 5), HostPortPair("chromium.org", 12345))));
10165 auto priority2 =
10166 std::vector<HostPortPair>(results->begin(), results->begin() + 2);
10167 EXPECT_THAT(priority2, testing::UnorderedElementsAre(
10168 HostPortPair("foo.com", 1223),
10169 HostPortPair("chromium.org", 12345)));
10170 auto priority5 =
10171 std::vector<HostPortPair>(results->begin() + 2, results->end());
10172 EXPECT_THAT(priority5,
10173 testing::UnorderedElementsAre(HostPortPair("bar.com", 80),
10174 HostPortPair("google.com", 5)));
10175 }
10176
TEST_F(HostResolverManagerDnsTest,HttpsQuery)10177 TEST_F(HostResolverManagerDnsTest, HttpsQuery) {
10178 const std::string kName = "https.test";
10179
10180 MockDnsClientRuleList rules;
10181 std::vector<DnsResourceRecord> records = {
10182 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10183 /*params=*/{})};
10184 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
10185 MockDnsClientRule::Result(BuildTestDnsResponse(
10186 kName, dns_protocol::kTypeHttps, records)),
10187 /*delay=*/false);
10188
10189 CreateResolver();
10190 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10191
10192 HostResolver::ResolveHostParameters parameters;
10193 parameters.dns_query_type = DnsQueryType::HTTPS;
10194
10195 ResolveHostResponseHelper response(resolver_->CreateRequest(
10196 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10197 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10198 resolve_context_.get()));
10199 EXPECT_THAT(response.result_error(), IsOk());
10200 EXPECT_THAT(response.request()->GetAddressResults(),
10201 AnyOf(nullptr, Pointee(IsEmpty())));
10202 EXPECT_THAT(response.request()->GetEndpointResults(),
10203 AnyOf(nullptr, Pointee(IsEmpty())));
10204 EXPECT_THAT(response.request()->GetHostnameResults(),
10205 AnyOf(nullptr, Pointee(IsEmpty())));
10206 EXPECT_THAT(response.request()->GetTextResults(),
10207 AnyOf(nullptr, Pointee(IsEmpty())));
10208 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10209 testing::Pointee(testing::ElementsAre(true)));
10210 }
10211
TEST_F(HostResolverManagerDnsTest,HttpsQueryForNonStandardPort)10212 TEST_F(HostResolverManagerDnsTest, HttpsQueryForNonStandardPort) {
10213 const std::string kName = "https.test";
10214 const std::string kExpectedQueryName = "_1111._https." + kName;
10215
10216 MockDnsClientRuleList rules;
10217 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10218 kExpectedQueryName, /*priority=*/1, /*service_name=*/kName,
10219 /*params=*/{})};
10220 rules.emplace_back(
10221 kExpectedQueryName, dns_protocol::kTypeHttps,
10222 /*secure=*/false,
10223 MockDnsClientRule::Result(BuildTestDnsResponse(
10224 kExpectedQueryName, dns_protocol::kTypeHttps, records)),
10225 /*delay=*/false);
10226
10227 CreateResolver();
10228 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10229
10230 HostResolver::ResolveHostParameters parameters;
10231 parameters.dns_query_type = DnsQueryType::HTTPS;
10232
10233 ResolveHostResponseHelper response(resolver_->CreateRequest(
10234 url::SchemeHostPort(url::kHttpsScheme, kName, 1111),
10235 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10236 resolve_context_.get()));
10237 EXPECT_THAT(response.result_error(), IsOk());
10238 EXPECT_THAT(response.request()->GetAddressResults(),
10239 AnyOf(nullptr, Pointee(IsEmpty())));
10240 EXPECT_THAT(response.request()->GetEndpointResults(),
10241 AnyOf(nullptr, Pointee(IsEmpty())));
10242 EXPECT_THAT(response.request()->GetHostnameResults(),
10243 AnyOf(nullptr, Pointee(IsEmpty())));
10244 EXPECT_THAT(response.request()->GetTextResults(),
10245 AnyOf(nullptr, Pointee(IsEmpty())));
10246 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10247 testing::Pointee(testing::ElementsAre(true)));
10248 }
10249
TEST_F(HostResolverManagerDnsTest,HttpsQueryForHttpUpgrade)10250 TEST_F(HostResolverManagerDnsTest, HttpsQueryForHttpUpgrade) {
10251 const std::string kName = "https.test";
10252
10253 MockDnsClientRuleList rules;
10254 std::vector<DnsResourceRecord> records = {
10255 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10256 /*params=*/{})};
10257 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
10258 MockDnsClientRule::Result(BuildTestDnsResponse(
10259 kName, dns_protocol::kTypeHttps, records)),
10260 /*delay=*/false);
10261
10262 CreateResolver();
10263 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10264
10265 HostResolver::ResolveHostParameters parameters;
10266 parameters.dns_query_type = DnsQueryType::HTTPS;
10267
10268 ResolveHostResponseHelper response(
10269 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kName, 80),
10270 NetworkAnonymizationKey(), NetLogWithSource(),
10271 parameters, resolve_context_.get()));
10272 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
10273 EXPECT_THAT(response.request()->GetAddressResults(),
10274 AnyOf(nullptr, Pointee(IsEmpty())));
10275 EXPECT_THAT(response.request()->GetEndpointResults(),
10276 AnyOf(nullptr, Pointee(IsEmpty())));
10277 EXPECT_THAT(response.request()->GetHostnameResults(),
10278 AnyOf(nullptr, Pointee(IsEmpty())));
10279 EXPECT_THAT(response.request()->GetTextResults(),
10280 AnyOf(nullptr, Pointee(IsEmpty())));
10281 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10282 AnyOf(nullptr, Pointee(IsEmpty())));
10283 }
10284
10285 // Test that HTTPS requests for an http host with port 443 will result in a
10286 // transaction hostname without prepending port and scheme, despite not having
10287 // the default port for an http host. The request host ("http://https.test:443")
10288 // will be mapped to the equivalent https upgrade host
10289 // ("https://https.test:443") at port 443, which is the default port for an
10290 // https host, so port and scheme are not prefixed.
TEST_F(HostResolverManagerDnsTest,HttpsQueryForHttpUpgradeFromHttpsPort)10291 TEST_F(HostResolverManagerDnsTest, HttpsQueryForHttpUpgradeFromHttpsPort) {
10292 const std::string kName = "https.test";
10293
10294 MockDnsClientRuleList rules;
10295 std::vector<DnsResourceRecord> records = {
10296 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10297 /*params=*/{})};
10298 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
10299 MockDnsClientRule::Result(BuildTestDnsResponse(
10300 kName, dns_protocol::kTypeHttps, records)),
10301 /*delay=*/false);
10302
10303 CreateResolver();
10304 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10305
10306 HostResolver::ResolveHostParameters parameters;
10307 parameters.dns_query_type = DnsQueryType::HTTPS;
10308
10309 ResolveHostResponseHelper response(resolver_->CreateRequest(
10310 url::SchemeHostPort(url::kHttpScheme, kName, 443),
10311 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10312 resolve_context_.get()));
10313 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
10314 EXPECT_THAT(response.request()->GetAddressResults(),
10315 AnyOf(nullptr, Pointee(IsEmpty())));
10316 EXPECT_THAT(response.request()->GetEndpointResults(),
10317 AnyOf(nullptr, Pointee(IsEmpty())));
10318 EXPECT_THAT(response.request()->GetHostnameResults(),
10319 AnyOf(nullptr, Pointee(IsEmpty())));
10320 EXPECT_THAT(response.request()->GetTextResults(),
10321 AnyOf(nullptr, Pointee(IsEmpty())));
10322 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10323 AnyOf(nullptr, Pointee(IsEmpty())));
10324 }
10325
TEST_F(HostResolverManagerDnsTest,HttpsQueryForHttpUpgradeWithNonStandardPort)10326 TEST_F(HostResolverManagerDnsTest,
10327 HttpsQueryForHttpUpgradeWithNonStandardPort) {
10328 const std::string kName = "https.test";
10329 const std::string kExpectedQueryName = "_1111._https." + kName;
10330
10331 MockDnsClientRuleList rules;
10332 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10333 kExpectedQueryName, /*priority=*/1, /*service_name=*/kName,
10334 /*params=*/{})};
10335 rules.emplace_back(
10336 kExpectedQueryName, dns_protocol::kTypeHttps,
10337 /*secure=*/false,
10338 MockDnsClientRule::Result(BuildTestDnsResponse(
10339 kExpectedQueryName, dns_protocol::kTypeHttps, records)),
10340 /*delay=*/false);
10341
10342 CreateResolver();
10343 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10344
10345 HostResolver::ResolveHostParameters parameters;
10346 parameters.dns_query_type = DnsQueryType::HTTPS;
10347
10348 ResolveHostResponseHelper response(resolver_->CreateRequest(
10349 url::SchemeHostPort(url::kHttpScheme, kName, 1111),
10350 NetworkAnonymizationKey(), NetLogWithSource(), parameters,
10351 resolve_context_.get()));
10352 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
10353 EXPECT_THAT(response.request()->GetAddressResults(),
10354 AnyOf(nullptr, Pointee(IsEmpty())));
10355 EXPECT_THAT(response.request()->GetEndpointResults(),
10356 AnyOf(nullptr, Pointee(IsEmpty())));
10357 EXPECT_THAT(response.request()->GetHostnameResults(),
10358 AnyOf(nullptr, Pointee(IsEmpty())));
10359 EXPECT_THAT(response.request()->GetTextResults(),
10360 AnyOf(nullptr, Pointee(IsEmpty())));
10361 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10362 AnyOf(nullptr, Pointee(IsEmpty())));
10363 }
10364
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQuery)10365 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQuery) {
10366 const char kName[] = "name.test";
10367
10368 base::test::ScopedFeatureList features(features::kUseDnsHttpsSvcb);
10369
10370 MockDnsClientRuleList rules;
10371 std::vector<DnsResourceRecord> records = {
10372 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10373 /*params=*/{})};
10374 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
10375 MockDnsClientRule::Result(BuildTestDnsResponse(
10376 kName, dns_protocol::kTypeHttps, records)),
10377 /*delay=*/false);
10378 rules.emplace_back(
10379 kName, dns_protocol::kTypeA, /*secure=*/true,
10380 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10381 /*delay=*/false);
10382 rules.emplace_back(
10383 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10384 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10385 /*delay=*/false);
10386
10387 CreateResolver();
10388 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10389 DnsConfigOverrides overrides;
10390 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10391 resolver_->SetDnsConfigOverrides(overrides);
10392
10393 ResolveHostResponseHelper response(resolver_->CreateRequest(
10394 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10395 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10396 resolve_context_.get()));
10397 EXPECT_THAT(response.result_error(), IsOk());
10398 EXPECT_TRUE(response.request()->GetAddressResults());
10399 EXPECT_THAT(
10400 response.request()->GetEndpointResults(),
10401 testing::Pointee(testing::ElementsAre(
10402 ExpectEndpointResult(
10403 testing::SizeIs(2),
10404 ExpectConnectionEndpointMetadata(
10405 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
10406 testing::IsEmpty(), kName)),
10407 ExpectEndpointResult(testing::SizeIs(2)))));
10408 EXPECT_THAT(response.request()->GetTextResults(),
10409 AnyOf(nullptr, Pointee(IsEmpty())));
10410 EXPECT_THAT(response.request()->GetHostnameResults(),
10411 AnyOf(nullptr, Pointee(IsEmpty())));
10412 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10413 testing::Pointee(testing::ElementsAre(true)));
10414 }
10415
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithNonstandardPort)10416 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithNonstandardPort) {
10417 const char kName[] = "name.test";
10418 const char kExpectedHttpsQueryName[] = "_108._https.name.test";
10419
10420 base::test::ScopedFeatureList features;
10421 features.InitAndEnableFeatureWithParameters(
10422 features::kUseDnsHttpsSvcb,
10423 {// Disable timeouts.
10424 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10425 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10426 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10427 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10428 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10429 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10430
10431 MockDnsClientRuleList rules;
10432 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10433 kExpectedHttpsQueryName, /*priority=*/1, /*service_name=*/kName,
10434 /*params=*/{})};
10435 rules.emplace_back(
10436 kExpectedHttpsQueryName, dns_protocol::kTypeHttps,
10437 /*secure=*/true,
10438 MockDnsClientRule::Result(BuildTestDnsResponse(
10439 kExpectedHttpsQueryName, dns_protocol::kTypeHttps, records)),
10440 /*delay=*/false);
10441 rules.emplace_back(
10442 kName, dns_protocol::kTypeA, /*secure=*/true,
10443 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10444 /*delay=*/false);
10445 rules.emplace_back(
10446 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10447 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10448 /*delay=*/false);
10449
10450 CreateResolver();
10451 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10452 DnsConfigOverrides overrides;
10453 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10454 resolver_->SetDnsConfigOverrides(overrides);
10455
10456 ResolveHostResponseHelper response(resolver_->CreateRequest(
10457 url::SchemeHostPort(url::kHttpsScheme, kName, 108),
10458 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10459 resolve_context_.get()));
10460 EXPECT_THAT(response.result_error(), IsOk());
10461 EXPECT_TRUE(response.request()->GetAddressResults());
10462 EXPECT_THAT(
10463 response.request()->GetEndpointResults(),
10464 testing::Pointee(testing::ElementsAre(
10465 ExpectEndpointResult(
10466 testing::SizeIs(2),
10467 ExpectConnectionEndpointMetadata(
10468 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
10469 testing::IsEmpty(), kName)),
10470 ExpectEndpointResult(testing::SizeIs(2)))));
10471 EXPECT_THAT(response.request()->GetTextResults(),
10472 AnyOf(nullptr, Pointee(IsEmpty())));
10473 EXPECT_THAT(response.request()->GetHostnameResults(),
10474 AnyOf(nullptr, Pointee(IsEmpty())));
10475 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10476 testing::Pointee(testing::ElementsAre(true)));
10477 }
10478
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithNonstandardPortAndDefaultServiceName)10479 TEST_F(HostResolverManagerDnsTest,
10480 HttpsInAddressQueryWithNonstandardPortAndDefaultServiceName) {
10481 const char kName[] = "name.test";
10482 const char kExpectedHttpsQueryName[] = "_108._https.name.test";
10483
10484 base::test::ScopedFeatureList features;
10485 features.InitAndEnableFeatureWithParameters(
10486 features::kUseDnsHttpsSvcb,
10487 {// Disable timeouts.
10488 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10489 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10490 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10491 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10492 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10493 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10494
10495 MockDnsClientRuleList rules;
10496 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10497 kExpectedHttpsQueryName, /*priority=*/1, /*service_name=*/".",
10498 /*params=*/{})};
10499 rules.emplace_back(
10500 kExpectedHttpsQueryName, dns_protocol::kTypeHttps,
10501 /*secure=*/true,
10502 MockDnsClientRule::Result(BuildTestDnsResponse(
10503 kExpectedHttpsQueryName, dns_protocol::kTypeHttps, records)),
10504 /*delay=*/false);
10505 rules.emplace_back(
10506 kName, dns_protocol::kTypeA, /*secure=*/true,
10507 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10508 /*delay=*/false);
10509 rules.emplace_back(
10510 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10511 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10512 /*delay=*/false);
10513
10514 CreateResolver();
10515 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10516 DnsConfigOverrides overrides;
10517 overrides.secure_dns_mode = SecureDnsMode::kSecure;
10518 resolver_->SetDnsConfigOverrides(overrides);
10519
10520 ResolveHostResponseHelper response(resolver_->CreateRequest(
10521 url::SchemeHostPort(url::kHttpsScheme, kName, 108),
10522 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10523 resolve_context_.get()));
10524 EXPECT_THAT(response.result_error(), IsOk());
10525 EXPECT_TRUE(response.request()->GetAddressResults());
10526 // Expect only A/AAAA results without metadata because the HTTPS service
10527 // target name matches the port-prefixed name which does not match the A/AAAA
10528 // name and is thus not supported due to requiring followup queries.
10529 EXPECT_THAT(response.request()->GetEndpointResults(),
10530 testing::Pointee(testing::ElementsAre(
10531 ExpectEndpointResult(testing::SizeIs(2)))));
10532 EXPECT_THAT(response.request()->GetTextResults(),
10533 AnyOf(nullptr, Pointee(IsEmpty())));
10534 EXPECT_THAT(response.request()->GetHostnameResults(),
10535 AnyOf(nullptr, Pointee(IsEmpty())));
10536 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10537 testing::Pointee(testing::ElementsAre(true)));
10538 }
10539
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithAlpnAndEch)10540 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithAlpnAndEch) {
10541 const char kName[] = "name.test";
10542 const uint8_t kEch[] = "ECH is neato!";
10543
10544 base::test::ScopedFeatureList features;
10545 features.InitAndEnableFeatureWithParameters(
10546 features::kUseDnsHttpsSvcb,
10547 {// Disable timeouts.
10548 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10549 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10550 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10551 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10552 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10553 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10554
10555 MockDnsClientRuleList rules;
10556 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
10557 kName, /*priority=*/8, /*service_name=*/".",
10558 /*params=*/
10559 {BuildTestHttpsServiceAlpnParam({"foo1", "foo2"}),
10560 BuildTestHttpsServiceEchConfigParam(kEch)})};
10561 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
10562 MockDnsClientRule::Result(BuildTestDnsResponse(
10563 kName, dns_protocol::kTypeHttps, records)),
10564 /*delay=*/false);
10565 rules.emplace_back(
10566 kName, dns_protocol::kTypeA, /*secure=*/true,
10567 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10568 /*delay=*/false);
10569 rules.emplace_back(
10570 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10571 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10572 /*delay=*/false);
10573
10574 CreateResolver();
10575 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10576 DnsConfigOverrides overrides;
10577 overrides.secure_dns_mode = SecureDnsMode::kSecure;
10578 resolver_->SetDnsConfigOverrides(overrides);
10579
10580 ResolveHostResponseHelper response(resolver_->CreateRequest(
10581 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10582 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10583 resolve_context_.get()));
10584 EXPECT_THAT(response.result_error(), IsOk());
10585 EXPECT_TRUE(response.request()->GetAddressResults());
10586 EXPECT_THAT(
10587 response.request()->GetEndpointResults(),
10588 testing::Pointee(testing::ElementsAre(
10589 ExpectEndpointResult(
10590 testing::SizeIs(2),
10591 ExpectConnectionEndpointMetadata(
10592 testing::UnorderedElementsAre(
10593 "foo1", "foo2", dns_protocol::kHttpsServiceDefaultAlpn),
10594 testing::ElementsAreArray(kEch), kName)),
10595 ExpectEndpointResult(testing::SizeIs(2)))));
10596 EXPECT_THAT(response.request()->GetTextResults(),
10597 AnyOf(nullptr, Pointee(IsEmpty())));
10598 EXPECT_THAT(response.request()->GetHostnameResults(),
10599 AnyOf(nullptr, Pointee(IsEmpty())));
10600 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10601 testing::Pointee(testing::ElementsAre(true)));
10602 }
10603
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithNonMatchingPort)10604 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithNonMatchingPort) {
10605 const char kName[] = "name.test";
10606
10607 base::test::ScopedFeatureList features;
10608 features.InitAndEnableFeatureWithParameters(
10609 features::kUseDnsHttpsSvcb,
10610 {// Disable timeouts.
10611 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10612 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10613 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10614 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10615 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10616 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10617
10618 MockDnsClientRuleList rules;
10619 std::vector<DnsResourceRecord> records = {
10620 BuildTestHttpsServiceRecord(kName, /*priority=*/8, /*service_name=*/".",
10621 /*params=*/
10622 {BuildTestHttpsServicePortParam(3000)})};
10623 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
10624 MockDnsClientRule::Result(BuildTestDnsResponse(
10625 kName, dns_protocol::kTypeHttps, records)),
10626 /*delay=*/false);
10627 rules.emplace_back(
10628 kName, dns_protocol::kTypeA, /*secure=*/true,
10629 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10630 /*delay=*/false);
10631 rules.emplace_back(
10632 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10633 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10634 /*delay=*/false);
10635
10636 CreateResolver();
10637 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10638 DnsConfigOverrides overrides;
10639 overrides.secure_dns_mode = SecureDnsMode::kSecure;
10640 resolver_->SetDnsConfigOverrides(overrides);
10641
10642 ResolveHostResponseHelper response(resolver_->CreateRequest(
10643 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10644 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10645 resolve_context_.get()));
10646 EXPECT_THAT(response.result_error(), IsOk());
10647 EXPECT_TRUE(response.request()->GetAddressResults());
10648 EXPECT_THAT(response.request()->GetEndpointResults(),
10649 testing::Pointee(testing::ElementsAre(
10650 ExpectEndpointResult(testing::SizeIs(2)))));
10651 EXPECT_THAT(response.request()->GetTextResults(),
10652 AnyOf(nullptr, Pointee(IsEmpty())));
10653 EXPECT_THAT(response.request()->GetHostnameResults(),
10654 AnyOf(nullptr, Pointee(IsEmpty())));
10655 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10656 testing::Pointee(testing::ElementsAre(true)));
10657 }
10658
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithMatchingPort)10659 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithMatchingPort) {
10660 const char kName[] = "name.test";
10661
10662 base::test::ScopedFeatureList features;
10663 features.InitAndEnableFeatureWithParameters(
10664 features::kUseDnsHttpsSvcb,
10665 {// Disable timeouts.
10666 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10667 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10668 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10669 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10670 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10671 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10672
10673 MockDnsClientRuleList rules;
10674 std::vector<DnsResourceRecord> records = {
10675 BuildTestHttpsServiceRecord(kName, /*priority=*/8, /*service_name=*/".",
10676 /*params=*/
10677 {BuildTestHttpsServicePortParam(443)})};
10678 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
10679 MockDnsClientRule::Result(BuildTestDnsResponse(
10680 kName, dns_protocol::kTypeHttps, records)),
10681 /*delay=*/false);
10682 rules.emplace_back(
10683 kName, dns_protocol::kTypeA, /*secure=*/true,
10684 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10685 /*delay=*/false);
10686 rules.emplace_back(
10687 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10688 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10689 /*delay=*/false);
10690
10691 CreateResolver();
10692 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10693 DnsConfigOverrides overrides;
10694 overrides.secure_dns_mode = SecureDnsMode::kSecure;
10695 resolver_->SetDnsConfigOverrides(overrides);
10696
10697 ResolveHostResponseHelper response(resolver_->CreateRequest(
10698 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10699 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10700 resolve_context_.get()));
10701 EXPECT_THAT(response.result_error(), IsOk());
10702 EXPECT_TRUE(response.request()->GetAddressResults());
10703 EXPECT_THAT(
10704 response.request()->GetEndpointResults(),
10705 testing::Pointee(testing::ElementsAre(
10706 ExpectEndpointResult(
10707 testing::SizeIs(2),
10708 ExpectConnectionEndpointMetadata(
10709 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
10710 testing::IsEmpty(), kName)),
10711 ExpectEndpointResult(testing::SizeIs(2)))));
10712 EXPECT_THAT(response.request()->GetTextResults(),
10713 AnyOf(nullptr, Pointee(IsEmpty())));
10714 EXPECT_THAT(response.request()->GetHostnameResults(),
10715 AnyOf(nullptr, Pointee(IsEmpty())));
10716 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10717 testing::Pointee(testing::ElementsAre(true)));
10718 }
10719
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithoutAddresses)10720 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryWithoutAddresses) {
10721 const char kName[] = "name.test";
10722
10723 base::test::ScopedFeatureList features;
10724 features.InitAndEnableFeatureWithParameters(
10725 features::kUseDnsHttpsSvcb,
10726 {// Disable timeouts.
10727 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10728 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10729 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10730 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10731 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10732 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10733
10734 MockDnsClientRuleList rules;
10735 std::vector<DnsResourceRecord> records = {
10736 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
10737 /*params=*/{})};
10738 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
10739 MockDnsClientRule::Result(BuildTestDnsResponse(
10740 kName, dns_protocol::kTypeHttps, records)),
10741 /*delay=*/false);
10742 rules.emplace_back(
10743 kName, dns_protocol::kTypeA, /*secure=*/true,
10744 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
10745 /*delay=*/false);
10746 rules.emplace_back(
10747 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10748 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
10749 /*delay=*/false);
10750
10751 // Will fall back to insecure due to lack of addresses.
10752 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
10753 MockDnsClientRule::Result(BuildTestDnsResponse(
10754 kName, dns_protocol::kTypeHttps, records)),
10755 /*delay=*/false);
10756 rules.emplace_back(
10757 kName, dns_protocol::kTypeA, /*secure=*/false,
10758 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
10759 /*delay=*/false);
10760 rules.emplace_back(
10761 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
10762 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
10763 /*delay=*/false);
10764
10765 // Will fall back to system resolver due to lack of addresses.
10766 proc_->AddRuleForAllFamilies("just.testing", "");
10767 proc_->SignalMultiple(1u);
10768
10769 CreateResolver();
10770 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10771 DnsConfigOverrides overrides;
10772 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10773 resolver_->SetDnsConfigOverrides(overrides);
10774
10775 ResolveHostResponseHelper response(resolver_->CreateRequest(
10776 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10777 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10778 resolve_context_.get()));
10779 // No address results overrides overall result.
10780 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10781 EXPECT_THAT(response.request()->GetAddressResults(),
10782 AnyOf(nullptr, Pointee(IsEmpty())));
10783 EXPECT_THAT(response.request()->GetEndpointResults(),
10784 AnyOf(nullptr, Pointee(IsEmpty())));
10785 EXPECT_THAT(response.request()->GetTextResults(),
10786 AnyOf(nullptr, Pointee(IsEmpty())));
10787 EXPECT_THAT(response.request()->GetHostnameResults(),
10788 AnyOf(nullptr, Pointee(IsEmpty())));
10789 // No results maintained when overall error is ERR_NAME_NOT_RESOLVED (and also
10790 // because of the fallback to system resolver).
10791 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10792 AnyOf(nullptr, Pointee(IsEmpty())));
10793 }
10794
TEST_F(HostResolverManagerDnsTest,HttpsQueriedInAddressQueryButNoResults)10795 TEST_F(HostResolverManagerDnsTest, HttpsQueriedInAddressQueryButNoResults) {
10796 const char kName[] = "name.test";
10797
10798 base::test::ScopedFeatureList features;
10799 features.InitAndEnableFeatureWithParameters(
10800 features::kUseDnsHttpsSvcb,
10801 {// Disable timeouts.
10802 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10803 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10804 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10805 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10806 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10807 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10808
10809 MockDnsClientRuleList rules;
10810 rules.emplace_back(
10811 kName, dns_protocol::kTypeHttps, /*secure=*/true,
10812 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
10813 /*delay=*/false);
10814 rules.emplace_back(
10815 kName, dns_protocol::kTypeA, /*secure=*/true,
10816 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10817 /*delay=*/false);
10818 rules.emplace_back(
10819 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10820 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10821 /*delay=*/false);
10822
10823 CreateResolver();
10824 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10825 DnsConfigOverrides overrides;
10826 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10827 resolver_->SetDnsConfigOverrides(overrides);
10828
10829 ResolveHostResponseHelper response(resolver_->CreateRequest(
10830 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10831 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10832 resolve_context_.get()));
10833 EXPECT_THAT(response.result_error(), IsOk());
10834 EXPECT_TRUE(response.request()->GetAddressResults());
10835 EXPECT_THAT(response.request()->GetEndpointResults(),
10836 testing::Pointee(testing::ElementsAre(
10837 ExpectEndpointResult(testing::SizeIs(2)))));
10838 EXPECT_THAT(response.request()->GetTextResults(),
10839 AnyOf(nullptr, Pointee(IsEmpty())));
10840 EXPECT_THAT(response.request()->GetHostnameResults(),
10841 AnyOf(nullptr, Pointee(IsEmpty())));
10842 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10843 testing::Pointee(testing::IsEmpty()));
10844 }
10845
10846 // For a response where DnsTransaction can at least do its basic parsing and
10847 // return a DnsResponse object to HostResolverManager. See
10848 // `UnparsableHttpsInAddressRequestIsFatal` for a response so unparsable that
10849 // DnsTransaction couldn't do that.
TEST_F(HostResolverManagerDnsTest,MalformedHttpsInResponseInAddressRequestIsIgnored)10850 TEST_F(HostResolverManagerDnsTest,
10851 MalformedHttpsInResponseInAddressRequestIsIgnored) {
10852 const char kName[] = "name.test";
10853
10854 base::test::ScopedFeatureList features;
10855 features.InitAndEnableFeatureWithParameters(
10856 features::kUseDnsHttpsSvcb,
10857 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
10858 // Disable timeouts.
10859 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10860 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10861 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10862 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10863 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10864 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10865
10866 MockDnsClientRuleList rules;
10867 rules.emplace_back(
10868 kName, dns_protocol::kTypeHttps, /*secure=*/true,
10869 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
10870 /*delay=*/false);
10871 rules.emplace_back(
10872 kName, dns_protocol::kTypeA, /*secure=*/true,
10873 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10874 /*delay=*/false);
10875 rules.emplace_back(
10876 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10877 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10878 /*delay=*/false);
10879
10880 CreateResolver();
10881 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10882 DnsConfigOverrides overrides;
10883 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10884 resolver_->SetDnsConfigOverrides(overrides);
10885
10886 ResolveHostResponseHelper response(resolver_->CreateRequest(
10887 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10888 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10889 resolve_context_.get()));
10890 EXPECT_THAT(response.result_error(), IsOk());
10891 EXPECT_TRUE(response.request()->GetAddressResults());
10892 EXPECT_THAT(response.request()->GetEndpointResults(),
10893 testing::Pointee(testing::ElementsAre(
10894 ExpectEndpointResult(testing::SizeIs(2)))));
10895 EXPECT_THAT(response.request()->GetTextResults(),
10896 AnyOf(nullptr, Pointee(IsEmpty())));
10897 EXPECT_THAT(response.request()->GetHostnameResults(),
10898 AnyOf(nullptr, Pointee(IsEmpty())));
10899 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10900 testing::Pointee(testing::IsEmpty()));
10901 }
10902
TEST_F(HostResolverManagerDnsTest,MalformedHttpsRdataInAddressRequestIsIgnored)10903 TEST_F(HostResolverManagerDnsTest,
10904 MalformedHttpsRdataInAddressRequestIsIgnored) {
10905 const char kName[] = "name.test";
10906
10907 base::test::ScopedFeatureList features;
10908 features.InitAndEnableFeatureWithParameters(
10909 features::kUseDnsHttpsSvcb,
10910 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
10911 // Disable timeouts.
10912 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10913 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10914 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10915 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10916 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10917 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10918
10919 MockDnsClientRuleList rules;
10920 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
10921 MockDnsClientRule::Result(BuildTestDnsResponse(
10922 kName, dns_protocol::kTypeHttps, /*answers=*/
10923 {BuildTestDnsRecord(kName, dns_protocol::kTypeHttps,
10924 /*rdata=*/"malformed rdata")})),
10925 /*delay=*/false);
10926 rules.emplace_back(
10927 kName, dns_protocol::kTypeA, /*secure=*/true,
10928 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10929 /*delay=*/false);
10930 rules.emplace_back(
10931 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10932 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10933 /*delay=*/false);
10934
10935 CreateResolver();
10936 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10937 DnsConfigOverrides overrides;
10938 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10939 resolver_->SetDnsConfigOverrides(overrides);
10940
10941 ResolveHostResponseHelper response(resolver_->CreateRequest(
10942 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10943 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10944 resolve_context_.get()));
10945 EXPECT_THAT(response.result_error(), IsOk());
10946 EXPECT_TRUE(response.request()->GetAddressResults());
10947 EXPECT_THAT(response.request()->GetEndpointResults(),
10948 testing::Pointee(testing::ElementsAre(
10949 ExpectEndpointResult(testing::SizeIs(2)))));
10950 EXPECT_THAT(response.request()->GetTextResults(),
10951 AnyOf(nullptr, Pointee(IsEmpty())));
10952 EXPECT_THAT(response.request()->GetHostnameResults(),
10953 AnyOf(nullptr, Pointee(IsEmpty())));
10954 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
10955 testing::Pointee(testing::IsEmpty()));
10956 }
10957
TEST_F(HostResolverManagerDnsTest,FailedHttpsInAddressRequestIsFatalWhenFeatureEnabled)10958 TEST_F(HostResolverManagerDnsTest,
10959 FailedHttpsInAddressRequestIsFatalWhenFeatureEnabled) {
10960 const char kName[] = "name.test";
10961
10962 base::test::ScopedFeatureList features;
10963 features.InitAndEnableFeatureWithParameters(
10964 features::kUseDnsHttpsSvcb,
10965 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
10966 // Disable timeouts.
10967 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
10968 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
10969 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
10970 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
10971 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
10972 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
10973
10974 MockDnsClientRuleList rules;
10975 rules.emplace_back(
10976 kName, dns_protocol::kTypeHttps, /*secure=*/true,
10977 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
10978 /*delay=*/false);
10979 rules.emplace_back(
10980 kName, dns_protocol::kTypeA, /*secure=*/true,
10981 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10982 /*delay=*/false);
10983 rules.emplace_back(
10984 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
10985 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
10986 /*delay=*/false);
10987
10988 CreateResolver();
10989 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
10990 DnsConfigOverrides overrides;
10991 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
10992 resolver_->SetDnsConfigOverrides(overrides);
10993
10994 ResolveHostResponseHelper response(resolver_->CreateRequest(
10995 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
10996 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
10997 resolve_context_.get()));
10998 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
10999 EXPECT_THAT(response.request()->GetAddressResults(),
11000 AnyOf(nullptr, Pointee(IsEmpty())));
11001 EXPECT_THAT(response.request()->GetEndpointResults(),
11002 AnyOf(nullptr, Pointee(IsEmpty())));
11003 EXPECT_THAT(response.request()->GetTextResults(),
11004 AnyOf(nullptr, Pointee(IsEmpty())));
11005 EXPECT_THAT(response.request()->GetHostnameResults(),
11006 AnyOf(nullptr, Pointee(IsEmpty())));
11007 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11008 AnyOf(nullptr, Pointee(IsEmpty())));
11009
11010 // Expect result not cached.
11011 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11012 }
11013
TEST_F(HostResolverManagerDnsTest,FailedHttpsInAddressRequestIgnoredWhenFeatureDisabled)11014 TEST_F(HostResolverManagerDnsTest,
11015 FailedHttpsInAddressRequestIgnoredWhenFeatureDisabled) {
11016 const char kName[] = "name.test";
11017
11018 base::test::ScopedFeatureList features;
11019 features.InitAndEnableFeatureWithParameters(
11020 features::kUseDnsHttpsSvcb,
11021 {{"UseDnsHttpsSvcbEnforceSecureResponse", "false"},
11022 // Disable timeouts.
11023 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11024 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11025 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11026 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11027 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11028 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11029
11030 MockDnsClientRuleList rules;
11031 rules.emplace_back(
11032 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11033 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11034 /*delay=*/false);
11035 rules.emplace_back(
11036 kName, dns_protocol::kTypeA, /*secure=*/true,
11037 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11038 /*delay=*/false);
11039 rules.emplace_back(
11040 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11041 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11042 /*delay=*/false);
11043
11044 CreateResolver();
11045 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11046 DnsConfigOverrides overrides;
11047 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11048 resolver_->SetDnsConfigOverrides(overrides);
11049
11050 ResolveHostResponseHelper response(resolver_->CreateRequest(
11051 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11052 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11053 resolve_context_.get()));
11054 EXPECT_THAT(response.result_error(), IsOk());
11055 EXPECT_TRUE(response.request()->GetAddressResults());
11056 EXPECT_THAT(response.request()->GetEndpointResults(),
11057 testing::Pointee(testing::ElementsAre(
11058 ExpectEndpointResult(testing::SizeIs(2)))));
11059 EXPECT_THAT(response.request()->GetTextResults(),
11060 AnyOf(nullptr, Pointee(IsEmpty())));
11061 EXPECT_THAT(response.request()->GetHostnameResults(),
11062 AnyOf(nullptr, Pointee(IsEmpty())));
11063 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11064 testing::Pointee(testing::IsEmpty()));
11065 }
11066
TEST_F(HostResolverManagerDnsTest,FailedHttpsInAddressRequestAfterAddressFailureIsFatalWhenFeatureEnabled)11067 TEST_F(
11068 HostResolverManagerDnsTest,
11069 FailedHttpsInAddressRequestAfterAddressFailureIsFatalWhenFeatureEnabled) {
11070 const char kName[] = "name.test";
11071
11072 base::test::ScopedFeatureList features;
11073 features.InitAndEnableFeatureWithParameters(
11074 features::kUseDnsHttpsSvcb,
11075 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11076 // Disable timeouts.
11077 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11078 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11079 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11080 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11081 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11082 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11083
11084 MockDnsClientRuleList rules;
11085 // Delay HTTPS result to ensure it comes after A failure.
11086 rules.emplace_back(
11087 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11088 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11089 /*delay=*/true);
11090 rules.emplace_back(
11091 kName, dns_protocol::kTypeA, /*secure=*/true,
11092 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11093 /*delay=*/false);
11094 // Delay AAAA result to ensure it is cancelled after A failure.
11095 rules.emplace_back(
11096 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11097 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11098 /*delay=*/true);
11099
11100 CreateResolver();
11101 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11102 DnsConfigOverrides overrides;
11103 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11104 resolver_->SetDnsConfigOverrides(overrides);
11105
11106 ResolveHostResponseHelper response(resolver_->CreateRequest(
11107 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11108 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11109 resolve_context_.get()));
11110
11111 base::RunLoop().RunUntilIdle();
11112 EXPECT_FALSE(response.complete());
11113 mock_dns_client_->CompleteDelayedTransactions();
11114
11115 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
11116 EXPECT_THAT(response.request()->GetAddressResults(),
11117 AnyOf(nullptr, Pointee(IsEmpty())));
11118 EXPECT_THAT(response.request()->GetEndpointResults(),
11119 AnyOf(nullptr, Pointee(IsEmpty())));
11120 EXPECT_THAT(response.request()->GetTextResults(),
11121 AnyOf(nullptr, Pointee(IsEmpty())));
11122 EXPECT_THAT(response.request()->GetHostnameResults(),
11123 AnyOf(nullptr, Pointee(IsEmpty())));
11124 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11125 AnyOf(nullptr, Pointee(IsEmpty())));
11126
11127 // Expect result not cached.
11128 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11129 }
11130
TEST_F(HostResolverManagerDnsTest,FailedHttpsInAddressRequestAfterAddressFailureIgnoredWhenFeatureDisabled)11131 TEST_F(
11132 HostResolverManagerDnsTest,
11133 FailedHttpsInAddressRequestAfterAddressFailureIgnoredWhenFeatureDisabled) {
11134 const char kName[] = "name.test";
11135
11136 base::test::ScopedFeatureList features;
11137 features.InitAndEnableFeatureWithParameters(
11138 features::kUseDnsHttpsSvcb,
11139 {{"UseDnsHttpsSvcbEnforceSecureResponse", "false"},
11140 // Disable timeouts.
11141 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11142 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11143 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11144 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11145 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11146 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11147
11148 MockDnsClientRuleList rules;
11149 // Delay HTTPS result to ensure it is cancelled after AAAA failure.
11150 rules.emplace_back(
11151 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11152 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11153 /*delay=*/true);
11154 // Delay A result to ensure it is cancelled after AAAA failure.
11155 rules.emplace_back(
11156 kName, dns_protocol::kTypeA, /*secure=*/true,
11157 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11158 /*delay=*/true);
11159 rules.emplace_back(
11160 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11161 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
11162 /*delay=*/false);
11163
11164 // Expect fall back to insecure due to AAAA failure.
11165 rules.emplace_back(
11166 kName, dns_protocol::kTypeHttps, /*secure=*/false,
11167 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11168 /*delay=*/false);
11169 rules.emplace_back(
11170 kName, dns_protocol::kTypeA, /*secure=*/false,
11171 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11172 /*delay=*/false);
11173 rules.emplace_back(
11174 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
11175 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11176 /*delay=*/false);
11177
11178 CreateResolver();
11179 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11180 DnsConfigOverrides overrides;
11181 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11182 resolver_->SetDnsConfigOverrides(overrides);
11183
11184 ResolveHostResponseHelper response(resolver_->CreateRequest(
11185 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11186 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11187 resolve_context_.get()));
11188
11189 base::RunLoop().RunUntilIdle();
11190 // Unnecessary to complete delayed transactions because they should be
11191 // cancelled after first failure (AAAA).
11192 EXPECT_TRUE(response.complete());
11193
11194 EXPECT_THAT(response.result_error(), IsOk());
11195 EXPECT_TRUE(response.request()->GetAddressResults());
11196 EXPECT_TRUE(response.request()->GetEndpointResults());
11197 EXPECT_THAT(response.request()->GetTextResults(),
11198 AnyOf(nullptr, Pointee(IsEmpty())));
11199 EXPECT_THAT(response.request()->GetHostnameResults(),
11200 AnyOf(nullptr, Pointee(IsEmpty())));
11201 EXPECT_TRUE(response.request()->GetExperimentalResultsForTesting());
11202 }
11203
TEST_F(HostResolverManagerDnsTest,TimeoutHttpsInAddressRequestIsFatal)11204 TEST_F(HostResolverManagerDnsTest, TimeoutHttpsInAddressRequestIsFatal) {
11205 const char kName[] = "name.test";
11206
11207 base::test::ScopedFeatureList features;
11208 features.InitAndEnableFeatureWithParameters(
11209 features::kUseDnsHttpsSvcb,
11210 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11211 // Disable timeouts.
11212 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11213 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11214 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11215 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11216 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11217 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11218
11219 MockDnsClientRuleList rules;
11220 rules.emplace_back(
11221 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11222 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
11223 /*delay=*/false);
11224 rules.emplace_back(
11225 kName, dns_protocol::kTypeA, /*secure=*/true,
11226 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11227 /*delay=*/false);
11228 rules.emplace_back(
11229 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11230 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11231 /*delay=*/false);
11232
11233 CreateResolver();
11234 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11235 DnsConfigOverrides overrides;
11236 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11237 resolver_->SetDnsConfigOverrides(overrides);
11238
11239 ResolveHostResponseHelper response(resolver_->CreateRequest(
11240 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11241 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11242 resolve_context_.get()));
11243 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_TIMED_OUT));
11244 EXPECT_THAT(response.request()->GetAddressResults(),
11245 AnyOf(nullptr, Pointee(IsEmpty())));
11246 EXPECT_THAT(response.request()->GetEndpointResults(),
11247 AnyOf(nullptr, Pointee(IsEmpty())));
11248 EXPECT_THAT(response.request()->GetTextResults(),
11249 AnyOf(nullptr, Pointee(IsEmpty())));
11250 EXPECT_THAT(response.request()->GetHostnameResults(),
11251 AnyOf(nullptr, Pointee(IsEmpty())));
11252 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11253 AnyOf(nullptr, Pointee(IsEmpty())));
11254
11255 // Expect result not cached.
11256 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11257 }
11258
TEST_F(HostResolverManagerDnsTest,ServfailHttpsInAddressRequestIsFatal)11259 TEST_F(HostResolverManagerDnsTest, ServfailHttpsInAddressRequestIsFatal) {
11260 const char kName[] = "name.test";
11261
11262 base::test::ScopedFeatureList features;
11263 features.InitAndEnableFeatureWithParameters(
11264 features::kUseDnsHttpsSvcb,
11265 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11266 // Disable timeouts.
11267 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11268 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11269 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11270 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11271 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11272 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11273
11274 MockDnsClientRuleList rules;
11275 rules.emplace_back(
11276 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11277 MockDnsClientRule::Result(
11278 MockDnsClientRule::ResultType::kFail,
11279 BuildTestDnsResponse(kName, dns_protocol::kTypeHttps, /*answers=*/{},
11280 /*authority=*/{}, /*additional=*/{},
11281 dns_protocol::kRcodeSERVFAIL),
11282 ERR_DNS_SERVER_FAILED),
11283 /*delay=*/false);
11284 rules.emplace_back(
11285 kName, dns_protocol::kTypeA, /*secure=*/true,
11286 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11287 /*delay=*/false);
11288 rules.emplace_back(
11289 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11290 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11291 /*delay=*/false);
11292
11293 CreateResolver();
11294 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11295 DnsConfigOverrides overrides;
11296 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11297 resolver_->SetDnsConfigOverrides(overrides);
11298
11299 ResolveHostResponseHelper response(resolver_->CreateRequest(
11300 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11301 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11302 resolve_context_.get()));
11303 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_SERVER_FAILED));
11304 EXPECT_THAT(response.request()->GetAddressResults(),
11305 AnyOf(nullptr, Pointee(IsEmpty())));
11306 EXPECT_THAT(response.request()->GetEndpointResults(),
11307 AnyOf(nullptr, Pointee(IsEmpty())));
11308 EXPECT_THAT(response.request()->GetTextResults(),
11309 AnyOf(nullptr, Pointee(IsEmpty())));
11310 EXPECT_THAT(response.request()->GetHostnameResults(),
11311 AnyOf(nullptr, Pointee(IsEmpty())));
11312 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11313 AnyOf(nullptr, Pointee(IsEmpty())));
11314
11315 // Expect result not cached.
11316 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11317 }
11318
11319 // For a response so malformed that DnsTransaction can't do its basic parsing to
11320 // determine an RCODE and return a DnsResponse object to HostResolverManager.
11321 // Essentially equivalent to a network error. See
11322 // `MalformedHttpsInResponseInAddressRequestIsFatal` for a malformed response
11323 // that can at least send a DnsResponse to HostResolverManager.
TEST_F(HostResolverManagerDnsTest,UnparsableHttpsInAddressRequestIsFatal)11324 TEST_F(HostResolverManagerDnsTest, UnparsableHttpsInAddressRequestIsFatal) {
11325 const char kName[] = "name.test";
11326
11327 base::test::ScopedFeatureList features;
11328 features.InitAndEnableFeatureWithParameters(
11329 features::kUseDnsHttpsSvcb,
11330 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11331 // Disable timeouts.
11332 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11333 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11334 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11335 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11336 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11337 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11338
11339 MockDnsClientRuleList rules;
11340 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11341 MockDnsClientRule::Result(
11342 MockDnsClientRule::ResultType::kFail,
11343 /*response=*/std::nullopt, ERR_DNS_MALFORMED_RESPONSE),
11344 /*delay=*/false);
11345 rules.emplace_back(
11346 kName, dns_protocol::kTypeA, /*secure=*/true,
11347 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11348 /*delay=*/false);
11349 rules.emplace_back(
11350 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11351 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11352 /*delay=*/false);
11353
11354 CreateResolver();
11355 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11356 DnsConfigOverrides overrides;
11357 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11358 resolver_->SetDnsConfigOverrides(overrides);
11359
11360 ResolveHostResponseHelper response(resolver_->CreateRequest(
11361 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11362 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11363 resolve_context_.get()));
11364 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
11365 EXPECT_THAT(response.request()->GetAddressResults(),
11366 AnyOf(nullptr, Pointee(IsEmpty())));
11367 EXPECT_THAT(response.request()->GetEndpointResults(),
11368 AnyOf(nullptr, Pointee(IsEmpty())));
11369 EXPECT_THAT(response.request()->GetTextResults(),
11370 AnyOf(nullptr, Pointee(IsEmpty())));
11371 EXPECT_THAT(response.request()->GetHostnameResults(),
11372 AnyOf(nullptr, Pointee(IsEmpty())));
11373 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11374 AnyOf(nullptr, Pointee(IsEmpty())));
11375
11376 // Expect result not cached.
11377 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
11378 }
11379
TEST_F(HostResolverManagerDnsTest,RefusedHttpsInAddressRequestIsIgnored)11380 TEST_F(HostResolverManagerDnsTest, RefusedHttpsInAddressRequestIsIgnored) {
11381 const char kName[] = "name.test";
11382
11383 base::test::ScopedFeatureList features;
11384 features.InitAndEnableFeatureWithParameters(
11385 features::kUseDnsHttpsSvcb,
11386 {{"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
11387 // Disable timeouts.
11388 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11389 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11390 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11391 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11392 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11393 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11394
11395 MockDnsClientRuleList rules;
11396 rules.emplace_back(
11397 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11398 MockDnsClientRule::Result(
11399 MockDnsClientRule::ResultType::kFail,
11400 BuildTestDnsResponse(kName, dns_protocol::kTypeHttps, /*answers=*/{},
11401 /*authority=*/{}, /*additional=*/{},
11402 dns_protocol::kRcodeREFUSED),
11403 ERR_DNS_SERVER_FAILED),
11404 /*delay=*/false);
11405 rules.emplace_back(
11406 kName, dns_protocol::kTypeA, /*secure=*/true,
11407 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11408 /*delay=*/false);
11409 rules.emplace_back(
11410 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11411 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11412 /*delay=*/false);
11413
11414 CreateResolver();
11415 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11416 DnsConfigOverrides overrides;
11417 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11418 resolver_->SetDnsConfigOverrides(overrides);
11419
11420 ResolveHostResponseHelper response(resolver_->CreateRequest(
11421 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11422 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11423 resolve_context_.get()));
11424 EXPECT_THAT(response.result_error(), IsOk());
11425 EXPECT_TRUE(response.request()->GetAddressResults());
11426 EXPECT_THAT(response.request()->GetEndpointResults(),
11427 testing::Pointee(testing::ElementsAre(
11428 ExpectEndpointResult(testing::SizeIs(2)))));
11429 EXPECT_THAT(response.request()->GetTextResults(),
11430 AnyOf(nullptr, Pointee(IsEmpty())));
11431 EXPECT_THAT(response.request()->GetHostnameResults(),
11432 AnyOf(nullptr, Pointee(IsEmpty())));
11433 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11434 testing::Pointee(testing::IsEmpty()));
11435 }
11436
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForWssScheme)11437 TEST_F(HostResolverManagerDnsTest, HttpsInAddressQueryForWssScheme) {
11438 const char kName[] = "name.test";
11439
11440 base::test::ScopedFeatureList features;
11441 features.InitAndEnableFeatureWithParameters(
11442 features::kUseDnsHttpsSvcb,
11443 {// Disable timeouts.
11444 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11445 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11446 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11447 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11448 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11449 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11450
11451 MockDnsClientRuleList rules;
11452 std::vector<DnsResourceRecord> records = {
11453 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
11454 /*params=*/{})};
11455 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11456 MockDnsClientRule::Result(BuildTestDnsResponse(
11457 kName, dns_protocol::kTypeHttps, records)),
11458 /*delay=*/false);
11459 rules.emplace_back(
11460 kName, dns_protocol::kTypeA, /*secure=*/true,
11461 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11462 /*delay=*/false);
11463 rules.emplace_back(
11464 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11465 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11466 /*delay=*/false);
11467
11468 CreateResolver();
11469 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11470 DnsConfigOverrides overrides;
11471 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11472 resolver_->SetDnsConfigOverrides(overrides);
11473
11474 ResolveHostResponseHelper response(
11475 resolver_->CreateRequest(url::SchemeHostPort(url::kWssScheme, kName, 443),
11476 NetworkAnonymizationKey(), NetLogWithSource(),
11477 std::nullopt, resolve_context_.get()));
11478 EXPECT_THAT(response.result_error(), IsOk());
11479 EXPECT_TRUE(response.request()->GetAddressResults());
11480 EXPECT_THAT(
11481 response.request()->GetEndpointResults(),
11482 testing::Pointee(testing::ElementsAre(
11483 ExpectEndpointResult(
11484 testing::SizeIs(2),
11485 ExpectConnectionEndpointMetadata(
11486 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
11487 testing::IsEmpty(), kName)),
11488 ExpectEndpointResult(testing::SizeIs(2)))));
11489 EXPECT_THAT(response.request()->GetTextResults(),
11490 AnyOf(nullptr, Pointee(IsEmpty())));
11491 EXPECT_THAT(response.request()->GetHostnameResults(),
11492 AnyOf(nullptr, Pointee(IsEmpty())));
11493 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11494 testing::Pointee(testing::ElementsAre(true)));
11495 }
11496
TEST_F(HostResolverManagerDnsTest,NoHttpsInAddressQueryWithoutScheme)11497 TEST_F(HostResolverManagerDnsTest, NoHttpsInAddressQueryWithoutScheme) {
11498 const char kName[] = "name.test";
11499
11500 base::test::ScopedFeatureList features;
11501 features.InitAndEnableFeatureWithParameters(
11502 features::kUseDnsHttpsSvcb,
11503 {// Disable timeouts.
11504 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11505 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11506 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11507 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11508 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11509 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11510
11511 MockDnsClientRuleList rules;
11512 rules.emplace_back(
11513 kName, dns_protocol::kTypeA, /*secure=*/true,
11514 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11515 /*delay=*/false);
11516 rules.emplace_back(
11517 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11518 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11519 /*delay=*/false);
11520 // Should not be queried.
11521 rules.emplace_back(
11522 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11523 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11524 /*delay=*/false);
11525
11526 CreateResolver();
11527 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11528 DnsConfigOverrides overrides;
11529 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11530 resolver_->SetDnsConfigOverrides(overrides);
11531
11532 ResolveHostResponseHelper response(resolver_->CreateRequest(
11533 HostPortPair(kName, 443), NetworkAnonymizationKey(), NetLogWithSource(),
11534 std::nullopt, resolve_context_.get()));
11535 EXPECT_THAT(response.result_error(), IsOk());
11536 EXPECT_TRUE(response.request()->GetAddressResults());
11537 EXPECT_THAT(response.request()->GetEndpointResults(),
11538 testing::Pointee(testing::ElementsAre(
11539 ExpectEndpointResult(testing::SizeIs(2)))));
11540 EXPECT_THAT(response.request()->GetTextResults(),
11541 AnyOf(nullptr, Pointee(IsEmpty())));
11542 EXPECT_THAT(response.request()->GetHostnameResults(),
11543 AnyOf(nullptr, Pointee(IsEmpty())));
11544 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11545 AnyOf(nullptr, Pointee(IsEmpty())));
11546 }
11547
TEST_F(HostResolverManagerDnsTest,NoHttpsInAddressQueryForNonHttpScheme)11548 TEST_F(HostResolverManagerDnsTest, NoHttpsInAddressQueryForNonHttpScheme) {
11549 const char kName[] = "name.test";
11550
11551 base::test::ScopedFeatureList features;
11552 features.InitAndEnableFeatureWithParameters(
11553 features::kUseDnsHttpsSvcb,
11554 {// Disable timeouts.
11555 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11556 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11557 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11558 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11559 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11560 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11561
11562 MockDnsClientRuleList rules;
11563 rules.emplace_back(
11564 kName, dns_protocol::kTypeA, /*secure=*/true,
11565 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11566 /*delay=*/false);
11567 rules.emplace_back(
11568 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11569 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11570 /*delay=*/false);
11571 // Should not be queried.
11572 rules.emplace_back(
11573 kName, dns_protocol::kTypeHttps, /*secure=*/true,
11574 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kUnexpected),
11575 /*delay=*/false);
11576
11577 CreateResolver();
11578 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11579 DnsConfigOverrides overrides;
11580 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11581 resolver_->SetDnsConfigOverrides(overrides);
11582
11583 ResolveHostResponseHelper response(
11584 resolver_->CreateRequest(url::SchemeHostPort(url::kFtpScheme, kName, 443),
11585 NetworkAnonymizationKey(), NetLogWithSource(),
11586 std::nullopt, resolve_context_.get()));
11587 EXPECT_THAT(response.result_error(), IsOk());
11588 EXPECT_TRUE(response.request()->GetAddressResults());
11589 EXPECT_THAT(response.request()->GetEndpointResults(),
11590 testing::Pointee(testing::ElementsAre(
11591 ExpectEndpointResult(testing::SizeIs(2)))));
11592 EXPECT_THAT(response.request()->GetTextResults(),
11593 AnyOf(nullptr, Pointee(IsEmpty())));
11594 EXPECT_THAT(response.request()->GetHostnameResults(),
11595 AnyOf(nullptr, Pointee(IsEmpty())));
11596 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11597 AnyOf(nullptr, Pointee(IsEmpty())));
11598 }
11599
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabled)11600 TEST_F(HostResolverManagerDnsTest,
11601 HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabled) {
11602 const char kName[] = "name.test";
11603
11604 base::test::ScopedFeatureList features;
11605 features.InitAndEnableFeatureWithParameters(
11606 features::kUseDnsHttpsSvcb,
11607 {// Disable timeouts.
11608 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11609 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11610 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11611 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11612 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11613 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11614
11615 MockDnsClientRuleList rules;
11616 std::vector<DnsResourceRecord> records = {
11617 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
11618 /*params=*/{})};
11619 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11620 MockDnsClientRule::Result(BuildTestDnsResponse(
11621 kName, dns_protocol::kTypeHttps, records)),
11622 /*delay=*/false);
11623 rules.emplace_back(
11624 kName, dns_protocol::kTypeA, /*secure=*/true,
11625 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11626 /*delay=*/false);
11627 rules.emplace_back(
11628 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11629 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11630 /*delay=*/false);
11631
11632 CreateResolver();
11633 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11634 DnsConfigOverrides overrides;
11635 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11636 resolver_->SetDnsConfigOverrides(overrides);
11637
11638 ResolveHostResponseHelper response(
11639 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kName, 80),
11640 NetworkAnonymizationKey(), NetLogWithSource(),
11641 std::nullopt, resolve_context_.get()));
11642
11643 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
11644 EXPECT_THAT(response.request()->GetAddressResults(),
11645 AnyOf(nullptr, Pointee(IsEmpty())));
11646 EXPECT_THAT(response.request()->GetEndpointResults(),
11647 AnyOf(nullptr, Pointee(IsEmpty())));
11648 EXPECT_THAT(response.request()->GetTextResults(),
11649 AnyOf(nullptr, Pointee(IsEmpty())));
11650 EXPECT_THAT(response.request()->GetHostnameResults(),
11651 AnyOf(nullptr, Pointee(IsEmpty())));
11652 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11653 AnyOf(nullptr, Pointee(IsEmpty())));
11654 }
11655
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithAliasRecord)11656 TEST_F(HostResolverManagerDnsTest,
11657 HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithAliasRecord) {
11658 const char kName[] = "name.test";
11659
11660 base::test::ScopedFeatureList features;
11661 features.InitAndEnableFeatureWithParameters(
11662 features::kUseDnsHttpsSvcb,
11663 {// Disable timeouts.
11664 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11665 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11666 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11667 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11668 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11669 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11670
11671 MockDnsClientRuleList rules;
11672 std::vector<DnsResourceRecord> records = {
11673 BuildTestHttpsAliasRecord(kName, "alias.test")};
11674 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11675 MockDnsClientRule::Result(BuildTestDnsResponse(
11676 kName, dns_protocol::kTypeHttps, records)),
11677 /*delay=*/false);
11678 rules.emplace_back(
11679 kName, dns_protocol::kTypeA, /*secure=*/true,
11680 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11681 /*delay=*/false);
11682 rules.emplace_back(
11683 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11684 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11685 /*delay=*/false);
11686
11687 CreateResolver();
11688 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11689 DnsConfigOverrides overrides;
11690 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11691 resolver_->SetDnsConfigOverrides(overrides);
11692
11693 ResolveHostResponseHelper response(
11694 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kName, 80),
11695 NetworkAnonymizationKey(), NetLogWithSource(),
11696 std::nullopt, resolve_context_.get()));
11697
11698 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
11699 EXPECT_THAT(response.request()->GetAddressResults(),
11700 AnyOf(nullptr, Pointee(IsEmpty())));
11701 EXPECT_THAT(response.request()->GetEndpointResults(),
11702 AnyOf(nullptr, Pointee(IsEmpty())));
11703 EXPECT_THAT(response.request()->GetTextResults(),
11704 AnyOf(nullptr, Pointee(IsEmpty())));
11705 EXPECT_THAT(response.request()->GetHostnameResults(),
11706 AnyOf(nullptr, Pointee(IsEmpty())));
11707 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11708 AnyOf(nullptr, Pointee(IsEmpty())));
11709 }
11710
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithIncompatibleServiceRecord)11711 TEST_F(
11712 HostResolverManagerDnsTest,
11713 HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithIncompatibleServiceRecord) {
11714 const char kName[] = "name.test";
11715 const uint16_t kMadeUpParam = 65300; // From the private-use block.
11716
11717 base::test::ScopedFeatureList features;
11718 features.InitAndEnableFeatureWithParameters(
11719 features::kUseDnsHttpsSvcb,
11720 {// Disable timeouts.
11721 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11722 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11723 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11724 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11725 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11726 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11727
11728 MockDnsClientRuleList rules;
11729 std::vector<DnsResourceRecord> records = {BuildTestHttpsServiceRecord(
11730 kName, /*priority=*/1, /*service_name=*/".",
11731 /*params=*/
11732 {BuildTestHttpsServiceMandatoryParam({kMadeUpParam}),
11733 {kMadeUpParam, "foo"}})};
11734 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11735 MockDnsClientRule::Result(BuildTestDnsResponse(
11736 kName, dns_protocol::kTypeHttps, records)),
11737 /*delay=*/false);
11738 rules.emplace_back(
11739 kName, dns_protocol::kTypeA, /*secure=*/true,
11740 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11741 /*delay=*/false);
11742 rules.emplace_back(
11743 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11744 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11745 /*delay=*/false);
11746
11747 CreateResolver();
11748 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11749 DnsConfigOverrides overrides;
11750 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11751 resolver_->SetDnsConfigOverrides(overrides);
11752
11753 ResolveHostResponseHelper response(
11754 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kName, 80),
11755 NetworkAnonymizationKey(), NetLogWithSource(),
11756 std::nullopt, resolve_context_.get()));
11757
11758 // Expect incompatible HTTPS record to have no effect on results (except
11759 // `GetExperimentalResultsForTesting()` which returns the record
11760 // compatibility).
11761 EXPECT_THAT(response.result_error(), IsOk());
11762 EXPECT_TRUE(response.request()->GetAddressResults());
11763 EXPECT_TRUE(response.request()->GetEndpointResults());
11764 EXPECT_THAT(response.request()->GetTextResults(),
11765 AnyOf(nullptr, Pointee(IsEmpty())));
11766 EXPECT_THAT(response.request()->GetHostnameResults(),
11767 AnyOf(nullptr, Pointee(IsEmpty())));
11768 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11769 Pointee(Not(Contains(true))));
11770 }
11771
11772 // Even if no addresses are received for a request, finding an HTTPS record
11773 // should still force an HTTP->HTTPS upgrade.
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithoutAddresses)11774 TEST_F(HostResolverManagerDnsTest,
11775 HttpsInAddressQueryForHttpSchemeWhenUpgradeEnabledWithoutAddresses) {
11776 const char kName[] = "name.test";
11777
11778 base::test::ScopedFeatureList features;
11779 features.InitAndEnableFeatureWithParameters(
11780 features::kUseDnsHttpsSvcb,
11781 {// Disable timeouts.
11782 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11783 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11784 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11785 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11786 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11787 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11788
11789 MockDnsClientRuleList rules;
11790 std::vector<DnsResourceRecord> records = {
11791 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
11792 /*params=*/{})};
11793 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11794 MockDnsClientRule::Result(BuildTestDnsResponse(
11795 kName, dns_protocol::kTypeHttps, records)),
11796 /*delay=*/false);
11797 rules.emplace_back(
11798 kName, dns_protocol::kTypeA, /*secure=*/true,
11799 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11800 /*delay=*/false);
11801 rules.emplace_back(
11802 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11803 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kEmpty),
11804 /*delay=*/false);
11805
11806 CreateResolver();
11807 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11808 DnsConfigOverrides overrides;
11809 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
11810 resolver_->SetDnsConfigOverrides(overrides);
11811
11812 ResolveHostResponseHelper response(
11813 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kName, 80),
11814 NetworkAnonymizationKey(), NetLogWithSource(),
11815 std::nullopt, resolve_context_.get()));
11816
11817 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
11818 EXPECT_THAT(response.request()->GetAddressResults(),
11819 AnyOf(nullptr, Pointee(IsEmpty())));
11820 EXPECT_THAT(response.request()->GetEndpointResults(),
11821 AnyOf(nullptr, Pointee(IsEmpty())));
11822 EXPECT_THAT(response.request()->GetTextResults(),
11823 AnyOf(nullptr, Pointee(IsEmpty())));
11824 EXPECT_THAT(response.request()->GetHostnameResults(),
11825 AnyOf(nullptr, Pointee(IsEmpty())));
11826 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11827 AnyOf(nullptr, Pointee(IsEmpty())));
11828 }
11829
TEST_F(HostResolverManagerDnsTest,HttpsInSecureModeAddressQuery)11830 TEST_F(HostResolverManagerDnsTest, HttpsInSecureModeAddressQuery) {
11831 const char kName[] = "name.test";
11832
11833 base::test::ScopedFeatureList features;
11834 features.InitAndEnableFeatureWithParameters(
11835 features::kUseDnsHttpsSvcb,
11836 {// Disable timeouts.
11837 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11838 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11839 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11840 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11841 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11842 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11843
11844 MockDnsClientRuleList rules;
11845 std::vector<DnsResourceRecord> records = {
11846 BuildTestHttpsAliasRecord(kName, "alias.test")};
11847 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11848 MockDnsClientRule::Result(BuildTestDnsResponse(
11849 kName, dns_protocol::kTypeHttps, records)),
11850 /*delay=*/false);
11851 rules.emplace_back(
11852 kName, dns_protocol::kTypeA, /*secure=*/true,
11853 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11854 /*delay=*/false);
11855 rules.emplace_back(
11856 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11857 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11858 /*delay=*/false);
11859
11860 CreateResolver();
11861 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11862 DnsConfigOverrides overrides;
11863 overrides.secure_dns_mode = SecureDnsMode::kSecure;
11864 resolver_->SetDnsConfigOverrides(overrides);
11865
11866 ResolveHostResponseHelper response(resolver_->CreateRequest(
11867 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11868 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11869 resolve_context_.get()));
11870
11871 EXPECT_THAT(response.result_error(), IsOk());
11872 EXPECT_TRUE(response.request()->GetAddressResults());
11873 EXPECT_TRUE(response.request()->GetEndpointResults());
11874 EXPECT_THAT(response.request()->GetTextResults(),
11875 AnyOf(nullptr, Pointee(IsEmpty())));
11876 EXPECT_THAT(response.request()->GetHostnameResults(),
11877 AnyOf(nullptr, Pointee(IsEmpty())));
11878 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11879 testing::Pointee(testing::ElementsAre(true)));
11880 }
11881
TEST_F(HostResolverManagerDnsTest,HttpsInSecureModeAddressQueryForHttpScheme)11882 TEST_F(HostResolverManagerDnsTest, HttpsInSecureModeAddressQueryForHttpScheme) {
11883 const char kName[] = "name.test";
11884
11885 base::test::ScopedFeatureList features;
11886 features.InitAndEnableFeatureWithParameters(
11887 features::kUseDnsHttpsSvcb,
11888 {// Disable timeouts.
11889 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11890 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11891 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11892 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11893 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11894 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11895
11896 MockDnsClientRuleList rules;
11897 std::vector<DnsResourceRecord> records = {
11898 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
11899 /*params=*/{})};
11900 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
11901 MockDnsClientRule::Result(BuildTestDnsResponse(
11902 kName, dns_protocol::kTypeHttps, records)),
11903 /*delay=*/false);
11904 rules.emplace_back(
11905 kName, dns_protocol::kTypeA, /*secure=*/true,
11906 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11907 /*delay=*/false);
11908 rules.emplace_back(
11909 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
11910 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11911 /*delay=*/false);
11912
11913 CreateResolver();
11914 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11915 DnsConfigOverrides overrides;
11916 overrides.secure_dns_mode = SecureDnsMode::kSecure;
11917 resolver_->SetDnsConfigOverrides(overrides);
11918
11919 ResolveHostResponseHelper response(
11920 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kName, 80),
11921 NetworkAnonymizationKey(), NetLogWithSource(),
11922 std::nullopt, resolve_context_.get()));
11923
11924 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
11925 EXPECT_THAT(response.request()->GetAddressResults(),
11926 AnyOf(nullptr, Pointee(IsEmpty())));
11927 EXPECT_THAT(response.request()->GetEndpointResults(),
11928 AnyOf(nullptr, Pointee(IsEmpty())));
11929 EXPECT_THAT(response.request()->GetTextResults(),
11930 AnyOf(nullptr, Pointee(IsEmpty())));
11931 EXPECT_THAT(response.request()->GetHostnameResults(),
11932 AnyOf(nullptr, Pointee(IsEmpty())));
11933 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11934 AnyOf(nullptr, Pointee(IsEmpty())));
11935 }
11936
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQuery)11937 TEST_F(HostResolverManagerDnsTest, HttpsInInsecureAddressQuery) {
11938 const char kName[] = "name.test";
11939
11940 base::test::ScopedFeatureList features;
11941 features.InitAndEnableFeatureWithParameters(
11942 features::kUseDnsHttpsSvcb,
11943 {// Disable timeouts.
11944 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
11945 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
11946 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
11947 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
11948 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
11949 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
11950
11951 MockDnsClientRuleList rules;
11952 std::vector<DnsResourceRecord> records = {
11953 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
11954 /*params=*/{})};
11955 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
11956 MockDnsClientRule::Result(BuildTestDnsResponse(
11957 kName, dns_protocol::kTypeHttps, records)),
11958 /*delay=*/false);
11959 rules.emplace_back(
11960 kName, dns_protocol::kTypeA, /*secure=*/false,
11961 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11962 /*delay=*/false);
11963 rules.emplace_back(
11964 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
11965 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
11966 /*delay=*/false);
11967
11968 CreateResolver();
11969 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
11970
11971 ResolveHostResponseHelper response(resolver_->CreateRequest(
11972 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
11973 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
11974 resolve_context_.get()));
11975
11976 EXPECT_THAT(response.result_error(), IsOk());
11977 EXPECT_TRUE(response.request()->GetAddressResults());
11978 EXPECT_THAT(
11979 response.request()->GetEndpointResults(),
11980 testing::Pointee(testing::ElementsAre(
11981 ExpectEndpointResult(
11982 testing::SizeIs(2),
11983 ExpectConnectionEndpointMetadata(
11984 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
11985 testing::IsEmpty(), kName)),
11986 ExpectEndpointResult(testing::SizeIs(2)))));
11987 EXPECT_THAT(response.request()->GetTextResults(),
11988 AnyOf(nullptr, Pointee(IsEmpty())));
11989 EXPECT_THAT(response.request()->GetHostnameResults(),
11990 AnyOf(nullptr, Pointee(IsEmpty())));
11991 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
11992 testing::Pointee(testing::ElementsAre(true)));
11993 }
11994
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQueryForHttpScheme)11995 TEST_F(HostResolverManagerDnsTest, HttpsInInsecureAddressQueryForHttpScheme) {
11996 const char kName[] = "name.test";
11997
11998 base::test::ScopedFeatureList features;
11999 features.InitAndEnableFeatureWithParameters(
12000 features::kUseDnsHttpsSvcb,
12001 {// Disable timeouts.
12002 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12003 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12004 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12005 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12006 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12007 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12008
12009 MockDnsClientRuleList rules;
12010 std::vector<DnsResourceRecord> records = {
12011 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12012 /*params=*/{})};
12013 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
12014 MockDnsClientRule::Result(BuildTestDnsResponse(
12015 kName, dns_protocol::kTypeHttps, records)),
12016 /*delay=*/false);
12017 rules.emplace_back(
12018 kName, dns_protocol::kTypeA, /*secure=*/false,
12019 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12020 /*delay=*/false);
12021 rules.emplace_back(
12022 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12023 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12024 /*delay=*/false);
12025
12026 CreateResolver();
12027 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12028
12029 ResolveHostResponseHelper response(
12030 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kName, 80),
12031 NetworkAnonymizationKey(), NetLogWithSource(),
12032 std::nullopt, resolve_context_.get()));
12033
12034 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
12035 EXPECT_THAT(response.request()->GetAddressResults(),
12036 AnyOf(nullptr, Pointee(IsEmpty())));
12037 EXPECT_THAT(response.request()->GetEndpointResults(),
12038 AnyOf(nullptr, Pointee(IsEmpty())));
12039 EXPECT_THAT(response.request()->GetTextResults(),
12040 AnyOf(nullptr, Pointee(IsEmpty())));
12041 EXPECT_THAT(response.request()->GetHostnameResults(),
12042 AnyOf(nullptr, Pointee(IsEmpty())));
12043 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12044 AnyOf(nullptr, Pointee(IsEmpty())));
12045 }
12046
TEST_F(HostResolverManagerDnsTest,FailedHttpsInInsecureAddressRequestIgnored)12047 TEST_F(HostResolverManagerDnsTest, FailedHttpsInInsecureAddressRequestIgnored) {
12048 const char kName[] = "name.test";
12049
12050 base::test::ScopedFeatureList features;
12051 features.InitAndEnableFeatureWithParameters(
12052 features::kUseDnsHttpsSvcb,
12053 {// Disable timeouts.
12054 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12055 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12056 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12057 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12058 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12059 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12060
12061 MockDnsClientRuleList rules;
12062 rules.emplace_back(
12063 kName, dns_protocol::kTypeHttps, /*secure=*/false,
12064 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail),
12065 /*delay=*/false);
12066 rules.emplace_back(
12067 kName, dns_protocol::kTypeA, /*secure=*/false,
12068 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12069 /*delay=*/false);
12070 rules.emplace_back(
12071 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12072 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12073 /*delay=*/false);
12074
12075 CreateResolver();
12076 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12077
12078 ResolveHostResponseHelper response(resolver_->CreateRequest(
12079 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12080 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12081 resolve_context_.get()));
12082 EXPECT_THAT(response.result_error(), IsOk());
12083 EXPECT_TRUE(response.request()->GetAddressResults());
12084 EXPECT_THAT(response.request()->GetEndpointResults(),
12085 testing::Pointee(testing::ElementsAre(
12086 ExpectEndpointResult(testing::SizeIs(2)))));
12087 EXPECT_THAT(response.request()->GetTextResults(),
12088 AnyOf(nullptr, Pointee(IsEmpty())));
12089 EXPECT_THAT(response.request()->GetHostnameResults(),
12090 AnyOf(nullptr, Pointee(IsEmpty())));
12091 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12092 testing::Pointee(testing::IsEmpty()));
12093 }
12094
TEST_F(HostResolverManagerDnsTest,TimeoutHttpsInInsecureAddressRequestIgnored)12095 TEST_F(HostResolverManagerDnsTest,
12096 TimeoutHttpsInInsecureAddressRequestIgnored) {
12097 const char kName[] = "name.test";
12098
12099 base::test::ScopedFeatureList features;
12100 features.InitAndEnableFeatureWithParameters(
12101 features::kUseDnsHttpsSvcb,
12102 {// Disable timeouts.
12103 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12104 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12105 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12106 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12107 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12108 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12109
12110 MockDnsClientRuleList rules;
12111 rules.emplace_back(
12112 kName, dns_protocol::kTypeHttps, /*secure=*/false,
12113 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
12114 /*delay=*/false);
12115 rules.emplace_back(
12116 kName, dns_protocol::kTypeA, /*secure=*/false,
12117 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12118 /*delay=*/false);
12119 rules.emplace_back(
12120 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12121 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12122 /*delay=*/false);
12123
12124 CreateResolver();
12125 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12126
12127 ResolveHostResponseHelper response(resolver_->CreateRequest(
12128 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12129 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12130 resolve_context_.get()));
12131 EXPECT_THAT(response.result_error(), IsOk());
12132 EXPECT_TRUE(response.request()->GetAddressResults());
12133 EXPECT_THAT(response.request()->GetEndpointResults(),
12134 testing::Pointee(testing::ElementsAre(
12135 ExpectEndpointResult(testing::SizeIs(2)))));
12136 EXPECT_THAT(response.request()->GetTextResults(),
12137 AnyOf(nullptr, Pointee(IsEmpty())));
12138 EXPECT_THAT(response.request()->GetHostnameResults(),
12139 AnyOf(nullptr, Pointee(IsEmpty())));
12140 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12141 testing::Pointee(testing::IsEmpty()));
12142 }
12143
TEST_F(HostResolverManagerDnsTest,ServfailHttpsInInsecureAddressRequestIgnored)12144 TEST_F(HostResolverManagerDnsTest,
12145 ServfailHttpsInInsecureAddressRequestIgnored) {
12146 const char kName[] = "name.test";
12147
12148 base::test::ScopedFeatureList features;
12149 features.InitAndEnableFeatureWithParameters(
12150 features::kUseDnsHttpsSvcb,
12151 {// Disable timeouts.
12152 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12153 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12154 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12155 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12156 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12157 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12158
12159 MockDnsClientRuleList rules;
12160 rules.emplace_back(
12161 kName, dns_protocol::kTypeHttps, /*secure=*/false,
12162 MockDnsClientRule::Result(
12163 MockDnsClientRule::ResultType::kFail,
12164 BuildTestDnsResponse(kName, dns_protocol::kTypeHttps, /*answers=*/{},
12165 /*authority=*/{}, /*additional=*/{},
12166 dns_protocol::kRcodeSERVFAIL),
12167 ERR_DNS_SERVER_FAILED),
12168 /*delay=*/false);
12169 rules.emplace_back(
12170 kName, dns_protocol::kTypeA, /*secure=*/false,
12171 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12172 /*delay=*/false);
12173 rules.emplace_back(
12174 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12175 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12176 /*delay=*/false);
12177
12178 CreateResolver();
12179 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12180
12181 ResolveHostResponseHelper response(resolver_->CreateRequest(
12182 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12183 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12184 resolve_context_.get()));
12185 EXPECT_THAT(response.result_error(), IsOk());
12186 EXPECT_TRUE(response.request()->GetAddressResults());
12187 EXPECT_THAT(response.request()->GetEndpointResults(),
12188 testing::Pointee(testing::ElementsAre(
12189 ExpectEndpointResult(testing::SizeIs(2)))));
12190 EXPECT_THAT(response.request()->GetTextResults(),
12191 AnyOf(nullptr, Pointee(IsEmpty())));
12192 EXPECT_THAT(response.request()->GetHostnameResults(),
12193 AnyOf(nullptr, Pointee(IsEmpty())));
12194 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12195 testing::Pointee(testing::IsEmpty()));
12196 }
12197
TEST_F(HostResolverManagerDnsTest,UnparsableHttpsInInsecureAddressRequestIgnored)12198 TEST_F(HostResolverManagerDnsTest,
12199 UnparsableHttpsInInsecureAddressRequestIgnored) {
12200 const char kName[] = "name.test";
12201
12202 base::test::ScopedFeatureList features;
12203 features.InitAndEnableFeatureWithParameters(
12204 features::kUseDnsHttpsSvcb,
12205 {// Disable timeouts.
12206 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12207 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12208 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12209 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12210 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12211 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12212
12213 MockDnsClientRuleList rules;
12214 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
12215 MockDnsClientRule::Result(
12216 MockDnsClientRule::ResultType::kFail,
12217 /*response=*/std::nullopt, ERR_DNS_MALFORMED_RESPONSE),
12218 /*delay=*/false);
12219 rules.emplace_back(
12220 kName, dns_protocol::kTypeA, /*secure=*/false,
12221 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12222 /*delay=*/false);
12223 rules.emplace_back(
12224 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12225 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12226 /*delay=*/false);
12227
12228 CreateResolver();
12229 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12230
12231 ResolveHostResponseHelper response(resolver_->CreateRequest(
12232 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12233 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12234 resolve_context_.get()));
12235 EXPECT_THAT(response.result_error(), IsOk());
12236 EXPECT_TRUE(response.request()->GetAddressResults());
12237 EXPECT_THAT(response.request()->GetEndpointResults(),
12238 testing::Pointee(testing::ElementsAre(
12239 ExpectEndpointResult(testing::SizeIs(2)))));
12240 EXPECT_THAT(response.request()->GetTextResults(),
12241 AnyOf(nullptr, Pointee(IsEmpty())));
12242 EXPECT_THAT(response.request()->GetHostnameResults(),
12243 AnyOf(nullptr, Pointee(IsEmpty())));
12244 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12245 testing::Pointee(testing::IsEmpty()));
12246 }
12247
12248 // Test that when additional HTTPS timeout Feature params are disabled, the task
12249 // does not timeout until the transactions themselves timeout.
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWaitsWithoutAdditionalTimeout)12250 TEST_F(HostResolverManagerDnsTest,
12251 HttpsInAddressQueryWaitsWithoutAdditionalTimeout) {
12252 const char kName[] = "name.test";
12253
12254 base::test::ScopedFeatureList features;
12255 features.InitAndEnableFeatureWithParameters(
12256 features::kUseDnsHttpsSvcb,
12257 {// Disable timeouts.
12258 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12259 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12260 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12261 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12262 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12263 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12264
12265 MockDnsClientRuleList rules;
12266 rules.emplace_back(
12267 kName, dns_protocol::kTypeHttps, /*secure=*/true,
12268 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kTimeout),
12269 /*delay=*/true);
12270 rules.emplace_back(
12271 kName, dns_protocol::kTypeA, /*secure=*/true,
12272 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12273 /*delay=*/false);
12274 rules.emplace_back(
12275 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12276 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12277 /*delay=*/false);
12278
12279 CreateResolver();
12280 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12281 DnsConfigOverrides overrides;
12282 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12283 resolver_->SetDnsConfigOverrides(overrides);
12284
12285 ResolveHostResponseHelper response(resolver_->CreateRequest(
12286 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12287 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12288 resolve_context_.get()));
12289 RunUntilIdle();
12290 EXPECT_FALSE(response.complete());
12291
12292 // Wait an absurd amount of time (1 hour) and expect the request to not
12293 // complete because it is waiting on the transaction, where the mock is
12294 // delaying completion.
12295 FastForwardBy(base::Hours(1));
12296 RunUntilIdle();
12297 EXPECT_FALSE(response.complete());
12298
12299 mock_dns_client_->CompleteDelayedTransactions();
12300 EXPECT_THAT(response.result_error(), IsOk());
12301 EXPECT_TRUE(response.request()->GetAddressResults());
12302 EXPECT_THAT(response.request()->GetEndpointResults(),
12303 testing::Pointee(testing::ElementsAre(
12304 ExpectEndpointResult(testing::SizeIs(2)))));
12305 EXPECT_THAT(response.request()->GetTextResults(),
12306 AnyOf(nullptr, Pointee(IsEmpty())));
12307 EXPECT_THAT(response.request()->GetHostnameResults(),
12308 AnyOf(nullptr, Pointee(IsEmpty())));
12309 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12310 testing::Pointee(testing::IsEmpty()));
12311 }
12312
TEST_F(HostResolverManagerDnsTest,HttpsInSecureAddressQueryWithOnlyMinTimeout)12313 TEST_F(HostResolverManagerDnsTest,
12314 HttpsInSecureAddressQueryWithOnlyMinTimeout) {
12315 const char kName[] = "name.test";
12316
12317 base::test::ScopedFeatureList features;
12318 features.InitAndEnableFeatureWithParameters(
12319 features::kUseDnsHttpsSvcb,
12320 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12321 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12322 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "30m"},
12323 // Set a Secure absolute timeout of 10 minutes via the "min" param.
12324 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12325 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12326 {"UseDnsHttpsSvcbSecureExtraTimeMin", "10m"}});
12327
12328 MockDnsClientRuleList rules;
12329 std::vector<DnsResourceRecord> records = {
12330 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12331 /*params=*/{})};
12332 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12333 MockDnsClientRule::Result(BuildTestDnsResponse(
12334 kName, dns_protocol::kTypeHttps, records)),
12335 /*delay=*/true);
12336 rules.emplace_back(
12337 kName, dns_protocol::kTypeA, /*secure=*/true,
12338 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12339 /*delay=*/false);
12340 rules.emplace_back(
12341 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12342 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12343 /*delay=*/false);
12344
12345 CreateResolver();
12346 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12347 DnsConfigOverrides overrides;
12348 overrides.secure_dns_mode = SecureDnsMode::kSecure;
12349 resolver_->SetDnsConfigOverrides(overrides);
12350
12351 ResolveHostResponseHelper response(resolver_->CreateRequest(
12352 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12353 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12354 resolve_context_.get()));
12355 RunUntilIdle();
12356 EXPECT_FALSE(response.complete());
12357
12358 // Wait until 1 second before expected timeout.
12359 FastForwardBy(base::Minutes(10) - base::Seconds(1));
12360 RunUntilIdle();
12361 EXPECT_FALSE(response.complete());
12362
12363 // Exceed expected timeout.
12364 FastForwardBy(base::Seconds(2));
12365
12366 EXPECT_THAT(response.result_error(), IsOk());
12367 EXPECT_TRUE(response.request()->GetAddressResults());
12368 EXPECT_THAT(response.request()->GetEndpointResults(),
12369 testing::Pointee(testing::ElementsAre(
12370 ExpectEndpointResult(testing::SizeIs(2)))));
12371 EXPECT_THAT(response.request()->GetTextResults(),
12372 AnyOf(nullptr, Pointee(IsEmpty())));
12373 EXPECT_THAT(response.request()->GetHostnameResults(),
12374 AnyOf(nullptr, Pointee(IsEmpty())));
12375 // No experimental results if transaction did not complete.
12376 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12377 AnyOf(nullptr, Pointee(IsEmpty())));
12378 }
12379
TEST_F(HostResolverManagerDnsTest,HttpsInSecureAddressQueryWithOnlyMaxTimeout)12380 TEST_F(HostResolverManagerDnsTest,
12381 HttpsInSecureAddressQueryWithOnlyMaxTimeout) {
12382 const char kName[] = "name.test";
12383
12384 base::test::ScopedFeatureList features;
12385 features.InitAndEnableFeatureWithParameters(
12386 features::kUseDnsHttpsSvcb,
12387 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12388 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12389 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "30m"},
12390 // Set a Secure absolute timeout of 10 minutes via the "max" param.
12391 {"UseDnsHttpsSvcbSecureExtraTimeMax", "10m"},
12392 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12393 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12394
12395 MockDnsClientRuleList rules;
12396 std::vector<DnsResourceRecord> records = {
12397 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12398 /*params=*/{})};
12399 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12400 MockDnsClientRule::Result(BuildTestDnsResponse(
12401 kName, dns_protocol::kTypeHttps, records)),
12402 /*delay=*/true);
12403 rules.emplace_back(
12404 kName, dns_protocol::kTypeA, /*secure=*/true,
12405 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12406 /*delay=*/false);
12407 rules.emplace_back(
12408 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12409 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12410 /*delay=*/false);
12411
12412 CreateResolver();
12413 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12414 DnsConfigOverrides overrides;
12415 overrides.secure_dns_mode = SecureDnsMode::kSecure;
12416 resolver_->SetDnsConfigOverrides(overrides);
12417
12418 ResolveHostResponseHelper response(resolver_->CreateRequest(
12419 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12420 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12421 resolve_context_.get()));
12422 RunUntilIdle();
12423 EXPECT_FALSE(response.complete());
12424
12425 // Wait until 1 second before expected timeout.
12426 FastForwardBy(base::Minutes(10) - base::Seconds(1));
12427 RunUntilIdle();
12428 EXPECT_FALSE(response.complete());
12429
12430 // Exceed expected timeout.
12431 FastForwardBy(base::Seconds(2));
12432
12433 EXPECT_THAT(response.result_error(), IsOk());
12434 EXPECT_TRUE(response.request()->GetAddressResults());
12435 EXPECT_THAT(response.request()->GetEndpointResults(),
12436 testing::Pointee(testing::ElementsAre(
12437 ExpectEndpointResult(testing::SizeIs(2)))));
12438 EXPECT_THAT(response.request()->GetTextResults(),
12439 AnyOf(nullptr, Pointee(IsEmpty())));
12440 EXPECT_THAT(response.request()->GetHostnameResults(),
12441 AnyOf(nullptr, Pointee(IsEmpty())));
12442 // No experimental results if transaction did not complete.
12443 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12444 AnyOf(nullptr, Pointee(IsEmpty())));
12445 }
12446
TEST_F(HostResolverManagerDnsTest,HttpsInSecureAddressQueryWithRelativeTimeout)12447 TEST_F(HostResolverManagerDnsTest,
12448 HttpsInSecureAddressQueryWithRelativeTimeout) {
12449 const char kName[] = "name.test";
12450
12451 base::test::ScopedFeatureList features;
12452 features.InitAndEnableFeatureWithParameters(
12453 features::kUseDnsHttpsSvcb,
12454 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12455 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12456 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "30m"},
12457 // Set a Secure relative timeout of 10%.
12458 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12459 {"UseDnsHttpsSvcbSecureExtraTimePercent", "10"},
12460 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12461
12462 MockDnsClientRuleList rules;
12463 std::vector<DnsResourceRecord> records = {
12464 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12465 /*params=*/{})};
12466 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12467 MockDnsClientRule::Result(BuildTestDnsResponse(
12468 kName, dns_protocol::kTypeHttps, records)),
12469 /*delay=*/true);
12470 rules.emplace_back(
12471 kName, dns_protocol::kTypeA, /*secure=*/true,
12472 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12473 /*delay=*/true);
12474 rules.emplace_back(
12475 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12476 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12477 /*delay=*/true);
12478
12479 CreateResolver();
12480 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12481 DnsConfigOverrides overrides;
12482 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12483 resolver_->SetDnsConfigOverrides(overrides);
12484
12485 ResolveHostResponseHelper response(resolver_->CreateRequest(
12486 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12487 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12488 resolve_context_.get()));
12489 RunUntilIdle();
12490 EXPECT_FALSE(response.complete());
12491
12492 // Complete final address transaction after 100 seconds total.
12493 FastForwardBy(base::Seconds(50));
12494 ASSERT_TRUE(
12495 mock_dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
12496 FastForwardBy(base::Seconds(50));
12497 ASSERT_TRUE(mock_dns_client_->CompleteOneDelayedTransactionOfType(
12498 DnsQueryType::AAAA));
12499 RunUntilIdle();
12500 EXPECT_FALSE(response.complete());
12501
12502 // Expect timeout at additional 10 seconds.
12503 FastForwardBy(base::Seconds(9));
12504 RunUntilIdle();
12505 EXPECT_FALSE(response.complete());
12506
12507 FastForwardBy(base::Seconds(2));
12508 EXPECT_THAT(response.result_error(), IsOk());
12509 EXPECT_TRUE(response.request()->GetAddressResults());
12510 EXPECT_THAT(response.request()->GetEndpointResults(),
12511 testing::Pointee(testing::ElementsAre(
12512 ExpectEndpointResult(testing::SizeIs(2)))));
12513 EXPECT_THAT(response.request()->GetTextResults(),
12514 AnyOf(nullptr, Pointee(IsEmpty())));
12515 EXPECT_THAT(response.request()->GetHostnameResults(),
12516 AnyOf(nullptr, Pointee(IsEmpty())));
12517 // No experimental results if transaction did not complete.
12518 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12519 AnyOf(nullptr, Pointee(IsEmpty())));
12520 }
12521
TEST_F(HostResolverManagerDnsTest,HttpsInSecureAddressQueryWithMaxTimeoutFirst)12522 TEST_F(HostResolverManagerDnsTest,
12523 HttpsInSecureAddressQueryWithMaxTimeoutFirst) {
12524 const char kName[] = "name.test";
12525
12526 base::test::ScopedFeatureList features;
12527 features.InitAndEnableFeatureWithParameters(
12528 features::kUseDnsHttpsSvcb,
12529 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12530 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12531 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12532 // Set a Secure max timeout of 30s and a relative timeout of 100%.
12533 {"UseDnsHttpsSvcbSecureExtraTimeMax", "30s"},
12534 {"UseDnsHttpsSvcbSecureExtraTimePercent", "100"},
12535 {"UseDnsHttpsSvcbSecureExtraTimeMin", "10s"}});
12536
12537 MockDnsClientRuleList rules;
12538 std::vector<DnsResourceRecord> records = {
12539 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12540 /*params=*/{})};
12541 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12542 MockDnsClientRule::Result(BuildTestDnsResponse(
12543 kName, dns_protocol::kTypeHttps, records)),
12544 /*delay=*/true);
12545 rules.emplace_back(
12546 kName, dns_protocol::kTypeA, /*secure=*/true,
12547 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12548 /*delay=*/true);
12549 rules.emplace_back(
12550 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12551 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12552 /*delay=*/true);
12553
12554 CreateResolver();
12555 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12556 DnsConfigOverrides overrides;
12557 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12558 resolver_->SetDnsConfigOverrides(overrides);
12559
12560 ResolveHostResponseHelper response(resolver_->CreateRequest(
12561 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12562 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12563 resolve_context_.get()));
12564 RunUntilIdle();
12565 EXPECT_FALSE(response.complete());
12566
12567 // Complete final address transaction after 4 minutes total.
12568 FastForwardBy(base::Minutes(2));
12569 ASSERT_TRUE(
12570 mock_dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
12571 FastForwardBy(base::Minutes(2));
12572 ASSERT_TRUE(mock_dns_client_->CompleteOneDelayedTransactionOfType(
12573 DnsQueryType::AAAA));
12574 RunUntilIdle();
12575 EXPECT_FALSE(response.complete());
12576
12577 // Wait until 1 second before expected timeout (from the max timeout).
12578 FastForwardBy(base::Seconds(29));
12579 RunUntilIdle();
12580 EXPECT_FALSE(response.complete());
12581
12582 // Exceed expected timeout.
12583 FastForwardBy(base::Seconds(2));
12584
12585 EXPECT_THAT(response.result_error(), IsOk());
12586 EXPECT_TRUE(response.request()->GetAddressResults());
12587 EXPECT_THAT(response.request()->GetEndpointResults(),
12588 testing::Pointee(testing::ElementsAre(
12589 ExpectEndpointResult(testing::SizeIs(2)))));
12590 EXPECT_THAT(response.request()->GetTextResults(),
12591 AnyOf(nullptr, Pointee(IsEmpty())));
12592 EXPECT_THAT(response.request()->GetHostnameResults(),
12593 AnyOf(nullptr, Pointee(IsEmpty())));
12594 // No experimental results if transaction did not complete.
12595 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12596 AnyOf(nullptr, Pointee(IsEmpty())));
12597 }
12598
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithRelativeTimeoutFirst)12599 TEST_F(HostResolverManagerDnsTest,
12600 HttpsInAddressQueryWithRelativeTimeoutFirst) {
12601 const char kName[] = "name.test";
12602
12603 base::test::ScopedFeatureList features;
12604 features.InitAndEnableFeatureWithParameters(
12605 features::kUseDnsHttpsSvcb,
12606 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12607 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12608 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12609 // Set a Secure max timeout of 20 minutes and a relative timeout of 10%.
12610 {"UseDnsHttpsSvcbSecureExtraTimeMax", "20m"},
12611 {"UseDnsHttpsSvcbSecureExtraTimePercent", "10"},
12612 {"UseDnsHttpsSvcbSecureExtraTimeMin", "1s"}});
12613
12614 MockDnsClientRuleList rules;
12615 std::vector<DnsResourceRecord> records = {
12616 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12617 /*params=*/{})};
12618 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12619 MockDnsClientRule::Result(BuildTestDnsResponse(
12620 kName, dns_protocol::kTypeHttps, records)),
12621 /*delay=*/true);
12622 rules.emplace_back(
12623 kName, dns_protocol::kTypeA, /*secure=*/true,
12624 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12625 /*delay=*/true);
12626 rules.emplace_back(
12627 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12628 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12629 /*delay=*/true);
12630
12631 CreateResolver();
12632 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12633 DnsConfigOverrides overrides;
12634 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12635 resolver_->SetDnsConfigOverrides(overrides);
12636
12637 ResolveHostResponseHelper response(resolver_->CreateRequest(
12638 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12639 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12640 resolve_context_.get()));
12641 RunUntilIdle();
12642 EXPECT_FALSE(response.complete());
12643
12644 // Complete final address transaction after 100 seconds total.
12645 FastForwardBy(base::Seconds(50));
12646 ASSERT_TRUE(
12647 mock_dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
12648 FastForwardBy(base::Seconds(50));
12649 ASSERT_TRUE(mock_dns_client_->CompleteOneDelayedTransactionOfType(
12650 DnsQueryType::AAAA));
12651 RunUntilIdle();
12652 EXPECT_FALSE(response.complete());
12653
12654 // Expect timeout at additional 10 seconds (from the relative timeout).
12655 FastForwardBy(base::Seconds(9));
12656 RunUntilIdle();
12657 EXPECT_FALSE(response.complete());
12658
12659 FastForwardBy(base::Seconds(2));
12660 EXPECT_THAT(response.result_error(), IsOk());
12661 EXPECT_TRUE(response.request()->GetAddressResults());
12662 EXPECT_THAT(response.request()->GetEndpointResults(),
12663 testing::Pointee(testing::ElementsAre(
12664 ExpectEndpointResult(testing::SizeIs(2)))));
12665 EXPECT_THAT(response.request()->GetTextResults(),
12666 AnyOf(nullptr, Pointee(IsEmpty())));
12667 EXPECT_THAT(response.request()->GetHostnameResults(),
12668 AnyOf(nullptr, Pointee(IsEmpty())));
12669 // No experimental results if transaction did not complete.
12670 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12671 AnyOf(nullptr, Pointee(IsEmpty())));
12672 }
12673
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWithRelativeTimeoutShorterThanMinTimeout)12674 TEST_F(HostResolverManagerDnsTest,
12675 HttpsInAddressQueryWithRelativeTimeoutShorterThanMinTimeout) {
12676 const char kName[] = "name.test";
12677
12678 base::test::ScopedFeatureList features;
12679 features.InitAndEnableFeatureWithParameters(
12680 features::kUseDnsHttpsSvcb,
12681 {{"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12682 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12683 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12684 // Set a Secure min timeout of 1 minute and a relative timeout of 10%.
12685 {"UseDnsHttpsSvcbSecureExtraTimeMax", "20m"},
12686 {"UseDnsHttpsSvcbSecureExtraTimePercent", "10"},
12687 {"UseDnsHttpsSvcbSecureExtraTimeMin", "1m"}});
12688
12689 MockDnsClientRuleList rules;
12690 std::vector<DnsResourceRecord> records = {
12691 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12692 /*params=*/{})};
12693 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12694 MockDnsClientRule::Result(BuildTestDnsResponse(
12695 kName, dns_protocol::kTypeHttps, records)),
12696 /*delay=*/true);
12697 rules.emplace_back(
12698 kName, dns_protocol::kTypeA, /*secure=*/true,
12699 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12700 /*delay=*/true);
12701 rules.emplace_back(
12702 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12703 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12704 /*delay=*/true);
12705
12706 CreateResolver();
12707 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12708 DnsConfigOverrides overrides;
12709 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12710 resolver_->SetDnsConfigOverrides(overrides);
12711
12712 ResolveHostResponseHelper response(resolver_->CreateRequest(
12713 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12714 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12715 resolve_context_.get()));
12716 RunUntilIdle();
12717 EXPECT_FALSE(response.complete());
12718
12719 // Complete final address transaction after 100 seconds total.
12720 FastForwardBy(base::Seconds(50));
12721 ASSERT_TRUE(
12722 mock_dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
12723 FastForwardBy(base::Seconds(50));
12724 ASSERT_TRUE(mock_dns_client_->CompleteOneDelayedTransactionOfType(
12725 DnsQueryType::AAAA));
12726 RunUntilIdle();
12727 EXPECT_FALSE(response.complete());
12728
12729 // Expect timeout at additional 1 minute (from the min timeout).
12730 FastForwardBy(base::Minutes(1) - base::Seconds(1));
12731 RunUntilIdle();
12732 EXPECT_FALSE(response.complete());
12733
12734 FastForwardBy(base::Seconds(2));
12735 EXPECT_THAT(response.result_error(), IsOk());
12736 EXPECT_TRUE(response.request()->GetAddressResults());
12737 EXPECT_THAT(response.request()->GetEndpointResults(),
12738 testing::Pointee(testing::ElementsAre(
12739 ExpectEndpointResult(testing::SizeIs(2)))));
12740 EXPECT_THAT(response.request()->GetTextResults(),
12741 AnyOf(nullptr, Pointee(IsEmpty())));
12742 EXPECT_THAT(response.request()->GetHostnameResults(),
12743 AnyOf(nullptr, Pointee(IsEmpty())));
12744 // No experimental results if transaction did not complete.
12745 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12746 AnyOf(nullptr, Pointee(IsEmpty())));
12747 }
12748
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQueryWithOnlyMinTimeout)12749 TEST_F(HostResolverManagerDnsTest,
12750 HttpsInInsecureAddressQueryWithOnlyMinTimeout) {
12751 const char kName[] = "name.test";
12752
12753 base::test::ScopedFeatureList features;
12754 features.InitAndEnableFeatureWithParameters(
12755 features::kUseDnsHttpsSvcb,
12756 {// Set an Insecure absolute timeout of 10 minutes via the "min" param.
12757 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12758 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12759 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "10m"},
12760 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12761 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12762 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12763
12764 MockDnsClientRuleList rules;
12765 std::vector<DnsResourceRecord> records = {
12766 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12767 /*params=*/{})};
12768 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
12769 MockDnsClientRule::Result(BuildTestDnsResponse(
12770 kName, dns_protocol::kTypeHttps, records)),
12771 /*delay=*/true);
12772 rules.emplace_back(
12773 kName, dns_protocol::kTypeA, /*secure=*/false,
12774 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12775 /*delay=*/false);
12776 rules.emplace_back(
12777 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12778 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12779 /*delay=*/false);
12780
12781 CreateResolver();
12782 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12783
12784 ResolveHostResponseHelper response(resolver_->CreateRequest(
12785 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12786 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12787 resolve_context_.get()));
12788 RunUntilIdle();
12789 EXPECT_FALSE(response.complete());
12790
12791 // Wait until 1 second before expected timeout.
12792 FastForwardBy(base::Minutes(10) - base::Seconds(1));
12793 RunUntilIdle();
12794 EXPECT_FALSE(response.complete());
12795
12796 // Exceed expected timeout.
12797 FastForwardBy(base::Seconds(2));
12798
12799 EXPECT_THAT(response.result_error(), IsOk());
12800 EXPECT_TRUE(response.request()->GetAddressResults());
12801 EXPECT_THAT(response.request()->GetEndpointResults(),
12802 testing::Pointee(testing::ElementsAre(
12803 ExpectEndpointResult(testing::SizeIs(2)))));
12804 EXPECT_THAT(response.request()->GetTextResults(),
12805 AnyOf(nullptr, Pointee(IsEmpty())));
12806 EXPECT_THAT(response.request()->GetHostnameResults(),
12807 AnyOf(nullptr, Pointee(IsEmpty())));
12808 // No experimental results if transaction did not complete.
12809 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12810 AnyOf(nullptr, Pointee(IsEmpty())));
12811 }
12812
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQueryWithOnlyMaxTimeout)12813 TEST_F(HostResolverManagerDnsTest,
12814 HttpsInInsecureAddressQueryWithOnlyMaxTimeout) {
12815 const char kName[] = "name.test";
12816
12817 base::test::ScopedFeatureList features;
12818 features.InitAndEnableFeatureWithParameters(
12819 features::kUseDnsHttpsSvcb,
12820 {// Set an Insecure absolute timeout of 10 minutes via the "max" param.
12821 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "10m"},
12822 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12823 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12824 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12825 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12826 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12827
12828 MockDnsClientRuleList rules;
12829 std::vector<DnsResourceRecord> records = {
12830 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12831 /*params=*/{})};
12832 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
12833 MockDnsClientRule::Result(BuildTestDnsResponse(
12834 kName, dns_protocol::kTypeHttps, records)),
12835 /*delay=*/true);
12836 rules.emplace_back(
12837 kName, dns_protocol::kTypeA, /*secure=*/false,
12838 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12839 /*delay=*/false);
12840 rules.emplace_back(
12841 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12842 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12843 /*delay=*/false);
12844
12845 CreateResolver();
12846 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12847
12848 ResolveHostResponseHelper response(resolver_->CreateRequest(
12849 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12850 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12851 resolve_context_.get()));
12852 RunUntilIdle();
12853 EXPECT_FALSE(response.complete());
12854
12855 // Wait until 1 second before expected timeout.
12856 FastForwardBy(base::Minutes(10) - base::Seconds(1));
12857 RunUntilIdle();
12858 EXPECT_FALSE(response.complete());
12859
12860 // Exceed expected timeout.
12861 FastForwardBy(base::Seconds(2));
12862
12863 EXPECT_THAT(response.result_error(), IsOk());
12864 EXPECT_TRUE(response.request()->GetAddressResults());
12865 EXPECT_THAT(response.request()->GetEndpointResults(),
12866 testing::Pointee(testing::ElementsAre(
12867 ExpectEndpointResult(testing::SizeIs(2)))));
12868 EXPECT_THAT(response.request()->GetTextResults(),
12869 AnyOf(nullptr, Pointee(IsEmpty())));
12870 EXPECT_THAT(response.request()->GetHostnameResults(),
12871 AnyOf(nullptr, Pointee(IsEmpty())));
12872 // No experimental results if transaction did not complete.
12873 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12874 AnyOf(nullptr, Pointee(IsEmpty())));
12875 }
12876
TEST_F(HostResolverManagerDnsTest,HttpsInInsecureAddressQueryWithRelativeTimeout)12877 TEST_F(HostResolverManagerDnsTest,
12878 HttpsInInsecureAddressQueryWithRelativeTimeout) {
12879 const char kName[] = "name.test";
12880
12881 base::test::ScopedFeatureList features;
12882 features.InitAndEnableFeatureWithParameters(
12883 features::kUseDnsHttpsSvcb,
12884 {// Set an Insecure relative timeout of 10%.
12885 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12886 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "10"},
12887 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12888 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12889 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12890 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
12891
12892 MockDnsClientRuleList rules;
12893 std::vector<DnsResourceRecord> records = {
12894 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12895 /*params=*/{})};
12896 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
12897 MockDnsClientRule::Result(BuildTestDnsResponse(
12898 kName, dns_protocol::kTypeHttps, records)),
12899 /*delay=*/true);
12900 rules.emplace_back(
12901 kName, dns_protocol::kTypeA, /*secure=*/false,
12902 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12903 /*delay=*/true);
12904 rules.emplace_back(
12905 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
12906 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12907 /*delay=*/true);
12908
12909 CreateResolver();
12910 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12911
12912 ResolveHostResponseHelper response(resolver_->CreateRequest(
12913 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12914 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12915 resolve_context_.get()));
12916 RunUntilIdle();
12917 EXPECT_FALSE(response.complete());
12918
12919 // Complete final address transaction after 100 seconds total.
12920 FastForwardBy(base::Seconds(50));
12921 ASSERT_TRUE(
12922 mock_dns_client_->CompleteOneDelayedTransactionOfType(DnsQueryType::A));
12923 FastForwardBy(base::Seconds(50));
12924 ASSERT_TRUE(mock_dns_client_->CompleteOneDelayedTransactionOfType(
12925 DnsQueryType::AAAA));
12926 RunUntilIdle();
12927 EXPECT_FALSE(response.complete());
12928
12929 // Expect timeout at additional 10 seconds.
12930 FastForwardBy(base::Seconds(9));
12931 RunUntilIdle();
12932 EXPECT_FALSE(response.complete());
12933
12934 FastForwardBy(base::Seconds(2));
12935 EXPECT_THAT(response.result_error(), IsOk());
12936 EXPECT_TRUE(response.request()->GetAddressResults());
12937 EXPECT_THAT(response.request()->GetEndpointResults(),
12938 testing::Pointee(testing::ElementsAre(
12939 ExpectEndpointResult(testing::SizeIs(2)))));
12940 EXPECT_THAT(response.request()->GetTextResults(),
12941 AnyOf(nullptr, Pointee(IsEmpty())));
12942 EXPECT_THAT(response.request()->GetHostnameResults(),
12943 AnyOf(nullptr, Pointee(IsEmpty())));
12944 // No experimental results if transaction did not complete.
12945 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
12946 AnyOf(nullptr, Pointee(IsEmpty())));
12947 }
12948
12949 // Test that HTTPS timeouts are not used when fatal for the request.
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryWaitsWithoutTimeoutIfFatal)12950 TEST_F(HostResolverManagerDnsTest,
12951 HttpsInAddressQueryWaitsWithoutTimeoutIfFatal) {
12952 const char kName[] = "name.test";
12953
12954 base::test::ScopedFeatureList features;
12955 features.InitAndEnableFeatureWithParameters(
12956 features::kUseDnsHttpsSvcb,
12957 {// Set timeouts but also enforce secure responses.
12958 {"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
12959 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
12960 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
12961 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
12962 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
12963 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
12964 {"UseDnsHttpsSvcbSecureExtraTimeMin", "20m"}});
12965
12966 MockDnsClientRuleList rules;
12967 std::vector<DnsResourceRecord> records = {
12968 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
12969 /*params=*/{})};
12970 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/true,
12971 MockDnsClientRule::Result(BuildTestDnsResponse(
12972 kName, dns_protocol::kTypeHttps, records)),
12973 /*delay=*/true);
12974 rules.emplace_back(
12975 kName, dns_protocol::kTypeA, /*secure=*/true,
12976 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12977 /*delay=*/false);
12978 rules.emplace_back(
12979 kName, dns_protocol::kTypeAAAA, /*secure=*/true,
12980 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
12981 /*delay=*/false);
12982
12983 CreateResolver();
12984 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
12985 DnsConfigOverrides overrides;
12986 overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
12987 resolver_->SetDnsConfigOverrides(overrides);
12988
12989 ResolveHostResponseHelper response(resolver_->CreateRequest(
12990 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
12991 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
12992 resolve_context_.get()));
12993 RunUntilIdle();
12994 EXPECT_FALSE(response.complete());
12995
12996 // Wait an absurd amount of time (1 hour) and expect the request to not
12997 // complete because it is waiting on the transaction, where the mock is
12998 // delaying completion.
12999 FastForwardBy(base::Hours(1));
13000 RunUntilIdle();
13001 EXPECT_FALSE(response.complete());
13002
13003 mock_dns_client_->CompleteDelayedTransactions();
13004 EXPECT_THAT(response.result_error(), IsOk());
13005 EXPECT_TRUE(response.request()->GetAddressResults());
13006 EXPECT_THAT(
13007 response.request()->GetEndpointResults(),
13008 testing::Pointee(testing::ElementsAre(
13009 ExpectEndpointResult(
13010 testing::SizeIs(2),
13011 ExpectConnectionEndpointMetadata(
13012 testing::ElementsAre(dns_protocol::kHttpsServiceDefaultAlpn),
13013 testing::IsEmpty(), kName)),
13014 ExpectEndpointResult(testing::SizeIs(2)))));
13015 EXPECT_THAT(response.request()->GetTextResults(),
13016 AnyOf(nullptr, Pointee(IsEmpty())));
13017 EXPECT_THAT(response.request()->GetHostnameResults(),
13018 AnyOf(nullptr, Pointee(IsEmpty())));
13019 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13020 testing::Pointee(testing::ElementsAre(true)));
13021 }
13022
13023 // Test that HTTPS timeouts are always respected for insecure requests.
TEST_F(HostResolverManagerDnsTest,HttpsInAddressQueryAlwaysRespectsTimeoutsForInsecure)13024 TEST_F(HostResolverManagerDnsTest,
13025 HttpsInAddressQueryAlwaysRespectsTimeoutsForInsecure) {
13026 const char kName[] = "name.test";
13027
13028 base::test::ScopedFeatureList features;
13029 features.InitAndEnableFeatureWithParameters(
13030 features::kUseDnsHttpsSvcb,
13031 {// Set timeouts but also enforce secure responses.
13032 {"UseDnsHttpsSvcbEnforceSecureResponse", "true"},
13033 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
13034 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
13035 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "20m"},
13036 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
13037 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
13038 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
13039
13040 MockDnsClientRuleList rules;
13041 std::vector<DnsResourceRecord> records = {
13042 BuildTestHttpsServiceRecord(kName, /*priority=*/1, /*service_name=*/".",
13043 /*params=*/{})};
13044 rules.emplace_back(kName, dns_protocol::kTypeHttps, /*secure=*/false,
13045 MockDnsClientRule::Result(BuildTestDnsResponse(
13046 kName, dns_protocol::kTypeHttps, records)),
13047 /*delay=*/true);
13048 rules.emplace_back(
13049 kName, dns_protocol::kTypeA, /*secure=*/false,
13050 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13051 /*delay=*/false);
13052 rules.emplace_back(
13053 kName, dns_protocol::kTypeAAAA, /*secure=*/false,
13054 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13055 /*delay=*/false);
13056
13057 CreateResolver();
13058 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13059
13060 ResolveHostResponseHelper response(resolver_->CreateRequest(
13061 url::SchemeHostPort(url::kHttpsScheme, kName, 443),
13062 NetworkAnonymizationKey(), NetLogWithSource(), std::nullopt,
13063 resolve_context_.get()));
13064 RunUntilIdle();
13065 EXPECT_FALSE(response.complete());
13066
13067 // Wait until 1s before expected timeout.
13068 FastForwardBy(base::Minutes(20) - base::Seconds(1));
13069 RunUntilIdle();
13070 EXPECT_FALSE(response.complete());
13071
13072 FastForwardBy(base::Seconds(2));
13073 EXPECT_THAT(response.result_error(), IsOk());
13074 EXPECT_TRUE(response.request()->GetAddressResults());
13075 EXPECT_THAT(response.request()->GetEndpointResults(),
13076 testing::Pointee(testing::ElementsAre(
13077 ExpectEndpointResult(testing::SizeIs(2)))));
13078 EXPECT_THAT(response.request()->GetTextResults(),
13079 AnyOf(nullptr, Pointee(IsEmpty())));
13080 EXPECT_THAT(response.request()->GetHostnameResults(),
13081 AnyOf(nullptr, Pointee(IsEmpty())));
13082 // No experimental results if transaction did not complete.
13083 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13084 AnyOf(nullptr, Pointee(IsEmpty())));
13085 }
13086
TEST_F(HostResolverManagerDnsTest,UnsolicitedHttps)13087 TEST_F(HostResolverManagerDnsTest, UnsolicitedHttps) {
13088 const char kName[] = "unsolicited.test";
13089
13090 MockDnsClientRuleList rules;
13091 std::vector<DnsResourceRecord> records = {
13092 BuildTestAddressRecord(kName, IPAddress(1, 2, 3, 4))};
13093 std::vector<DnsResourceRecord> additional = {BuildTestHttpsServiceRecord(
13094 kName, /*priority=*/1, /*service_name=*/".", /*params=*/{})};
13095 rules.emplace_back(kName, dns_protocol::kTypeA, true /* secure */,
13096 MockDnsClientRule::Result(BuildTestDnsResponse(
13097 kName, dns_protocol::kTypeA, records,
13098 {} /* authority */, additional)),
13099 false /* delay */);
13100 rules.emplace_back(
13101 kName, dns_protocol::kTypeAAAA, true /* secure */,
13102 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
13103 false /* delay */);
13104
13105 CreateResolver();
13106 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13107 DnsConfigOverrides overrides;
13108 overrides.secure_dns_mode = SecureDnsMode::kSecure;
13109 resolver_->SetDnsConfigOverrides(overrides);
13110
13111 ResolveHostResponseHelper response(resolver_->CreateRequest(
13112 HostPortPair(kName, 108), NetworkAnonymizationKey(), NetLogWithSource(),
13113 std::nullopt, resolve_context_.get()));
13114 EXPECT_THAT(response.result_error(), IsOk());
13115 EXPECT_TRUE(response.request()->GetAddressResults());
13116 EXPECT_THAT(response.request()->GetEndpointResults(),
13117 testing::Pointee(testing::ElementsAre(
13118 ExpectEndpointResult(testing::SizeIs(2)))));
13119 EXPECT_THAT(response.request()->GetTextResults(),
13120 AnyOf(nullptr, Pointee(IsEmpty())));
13121 EXPECT_THAT(response.request()->GetHostnameResults(),
13122 AnyOf(nullptr, Pointee(IsEmpty())));
13123 // Unsolicited records not included in results.
13124 EXPECT_THAT(response.request()->GetExperimentalResultsForTesting(),
13125 AnyOf(nullptr, Pointee(IsEmpty())));
13126 }
13127
TEST_F(HostResolverManagerDnsTest,DohProbeRequest)13128 TEST_F(HostResolverManagerDnsTest, DohProbeRequest) {
13129 ChangeDnsConfig(CreateValidDnsConfig());
13130
13131 EXPECT_FALSE(mock_dns_client_->factory()->doh_probes_running());
13132
13133 std::unique_ptr<HostResolver::ProbeRequest> request =
13134 resolver_->CreateDohProbeRequest(resolve_context_.get());
13135 EXPECT_THAT(request->Start(), IsError(ERR_IO_PENDING));
13136
13137 EXPECT_TRUE(mock_dns_client_->factory()->doh_probes_running());
13138
13139 request.reset();
13140
13141 EXPECT_FALSE(mock_dns_client_->factory()->doh_probes_running());
13142 }
13143
TEST_F(HostResolverManagerDnsTest,DohProbeRequest_BeforeConfig)13144 TEST_F(HostResolverManagerDnsTest, DohProbeRequest_BeforeConfig) {
13145 InvalidateDnsConfig();
13146
13147 std::unique_ptr<HostResolver::ProbeRequest> request =
13148 resolver_->CreateDohProbeRequest(resolve_context_.get());
13149 EXPECT_THAT(request->Start(), IsError(ERR_IO_PENDING));
13150 EXPECT_FALSE(mock_dns_client_->factory()->doh_probes_running());
13151
13152 ChangeDnsConfig(CreateValidDnsConfig());
13153 EXPECT_TRUE(mock_dns_client_->factory()->doh_probes_running());
13154 }
13155
TEST_F(HostResolverManagerDnsTest,DohProbeRequest_InvalidateConfig)13156 TEST_F(HostResolverManagerDnsTest, DohProbeRequest_InvalidateConfig) {
13157 ChangeDnsConfig(CreateValidDnsConfig());
13158
13159 std::unique_ptr<HostResolver::ProbeRequest> request =
13160 resolver_->CreateDohProbeRequest(resolve_context_.get());
13161 EXPECT_THAT(request->Start(), IsError(ERR_IO_PENDING));
13162 ASSERT_TRUE(mock_dns_client_->factory()->doh_probes_running());
13163
13164 InvalidateDnsConfig();
13165
13166 EXPECT_FALSE(mock_dns_client_->factory()->doh_probes_running());
13167 }
13168
TEST_F(HostResolverManagerDnsTest,DohProbeRequest_RestartOnConnectionChange)13169 TEST_F(HostResolverManagerDnsTest, DohProbeRequest_RestartOnConnectionChange) {
13170 DestroyResolver();
13171 test::ScopedMockNetworkChangeNotifier notifier;
13172 CreateSerialResolver();
13173 notifier.mock_network_change_notifier()->SetConnectionType(
13174 NetworkChangeNotifier::CONNECTION_NONE);
13175 ChangeDnsConfig(CreateValidDnsConfig());
13176
13177 std::unique_ptr<HostResolver::ProbeRequest> request =
13178 resolver_->CreateDohProbeRequest(resolve_context_.get());
13179 EXPECT_THAT(request->Start(), IsError(ERR_IO_PENDING));
13180 EXPECT_TRUE(mock_dns_client_->factory()->doh_probes_running());
13181 mock_dns_client_->factory()->CompleteDohProbeRuners();
13182 ASSERT_FALSE(mock_dns_client_->factory()->doh_probes_running());
13183
13184 notifier.mock_network_change_notifier()->SetConnectionTypeAndNotifyObservers(
13185 NetworkChangeNotifier::CONNECTION_NONE);
13186
13187 EXPECT_TRUE(mock_dns_client_->factory()->doh_probes_running());
13188 }
13189
TEST_F(HostResolverManagerDnsTest,MultipleDohProbeRequests)13190 TEST_F(HostResolverManagerDnsTest, MultipleDohProbeRequests) {
13191 ChangeDnsConfig(CreateValidDnsConfig());
13192
13193 EXPECT_FALSE(mock_dns_client_->factory()->doh_probes_running());
13194
13195 std::unique_ptr<HostResolver::ProbeRequest> request1 =
13196 resolver_->CreateDohProbeRequest(resolve_context_.get());
13197 EXPECT_THAT(request1->Start(), IsError(ERR_IO_PENDING));
13198 std::unique_ptr<HostResolver::ProbeRequest> request2 =
13199 resolver_->CreateDohProbeRequest(resolve_context_.get());
13200 EXPECT_THAT(request2->Start(), IsError(ERR_IO_PENDING));
13201
13202 EXPECT_TRUE(mock_dns_client_->factory()->doh_probes_running());
13203
13204 request1.reset();
13205 EXPECT_TRUE(mock_dns_client_->factory()->doh_probes_running());
13206
13207 request2.reset();
13208 EXPECT_FALSE(mock_dns_client_->factory()->doh_probes_running());
13209 }
13210
13211 // Test that a newly-registered ResolveContext is immediately usable with a DNS
13212 // configuration loaded before the context registration.
TEST_F(HostResolverManagerDnsTest,NewlyRegisteredContext_ConfigBeforeRegistration)13213 TEST_F(HostResolverManagerDnsTest,
13214 NewlyRegisteredContext_ConfigBeforeRegistration) {
13215 ResolveContext context(nullptr /* url_request_context */,
13216 true /* enable_caching */);
13217 set_allow_fallback_to_systemtask(false);
13218 ChangeDnsConfig(CreateValidDnsConfig());
13219 DnsConfigOverrides overrides;
13220 overrides.secure_dns_mode = SecureDnsMode::kSecure;
13221 resolver_->SetDnsConfigOverrides(overrides);
13222
13223 ASSERT_TRUE(mock_dns_client_->GetCurrentSession());
13224
13225 resolver_->RegisterResolveContext(&context);
13226 EXPECT_EQ(context.current_session_for_testing(),
13227 mock_dns_client_->GetCurrentSession());
13228
13229 // Test a SECURE-mode DoH request with SetForceDohServerAvailable(false).
13230 // Should only succeed if a DoH server is marked available in the
13231 // ResolveContext. MockDnsClient skips most other interaction with
13232 // ResolveContext.
13233 mock_dns_client_->SetForceDohServerAvailable(false);
13234 context.RecordServerSuccess(0u /* server_index */, true /* is_doh_server */,
13235 mock_dns_client_->GetCurrentSession());
13236 ResolveHostResponseHelper response(resolver_->CreateRequest(
13237 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
13238 std::nullopt, &context));
13239 EXPECT_THAT(response.result_error(), IsOk());
13240
13241 resolver_->DeregisterResolveContext(&context);
13242 }
13243
13244 // Test interaction with a ResolveContext registered before a DNS config is
13245 // ready.
TEST_F(HostResolverManagerDnsTest,NewlyRegisteredContext_NoConfigAtRegistration)13246 TEST_F(HostResolverManagerDnsTest,
13247 NewlyRegisteredContext_NoConfigAtRegistration) {
13248 ResolveContext context(nullptr /* url_request_context */,
13249 true /* enable_caching */);
13250 set_allow_fallback_to_systemtask(false);
13251 InvalidateDnsConfig();
13252 DnsConfigOverrides overrides;
13253 overrides.secure_dns_mode = SecureDnsMode::kSecure;
13254 resolver_->SetDnsConfigOverrides(overrides);
13255
13256 ASSERT_FALSE(mock_dns_client_->GetCurrentSession());
13257
13258 // Register context before loading a DNS config.
13259 resolver_->RegisterResolveContext(&context);
13260 EXPECT_FALSE(context.current_session_for_testing());
13261
13262 // Load DNS config and expect the session to be loaded into the ResolveContext
13263 ChangeDnsConfig(CreateValidDnsConfig());
13264 ASSERT_TRUE(mock_dns_client_->GetCurrentSession());
13265 EXPECT_EQ(context.current_session_for_testing(),
13266 mock_dns_client_->GetCurrentSession());
13267
13268 // Test a SECURE-mode DoH request with SetForceDohServerAvailable(false).
13269 // Should only succeed if a DoH server is marked available in the
13270 // ResolveContext. MockDnsClient skips most other interaction with
13271 // ResolveContext.
13272 mock_dns_client_->SetForceDohServerAvailable(false);
13273 context.RecordServerSuccess(0u /* server_index */, true /* is_doh_server */,
13274 mock_dns_client_->GetCurrentSession());
13275 ResolveHostResponseHelper response(resolver_->CreateRequest(
13276 HostPortPair("secure", 80), NetworkAnonymizationKey(), NetLogWithSource(),
13277 std::nullopt, &context));
13278 EXPECT_THAT(response.result_error(), IsOk());
13279
13280 resolver_->DeregisterResolveContext(&context);
13281 }
13282
13283 // `HostResolver::ResolveHostParameters::avoid_multicast_resolution` not
13284 // currently supported to do anything except with the system resolver. So with
13285 // DnsTask, expect it to be ignored.
TEST_F(HostResolverManagerDnsTest,AvoidMulticastIgnoredWithDnsTask)13286 TEST_F(HostResolverManagerDnsTest, AvoidMulticastIgnoredWithDnsTask) {
13287 ChangeDnsConfig(CreateValidDnsConfig());
13288
13289 HostResolver::ResolveHostParameters parameters;
13290 parameters.avoid_multicast_resolution = true;
13291
13292 ResolveHostResponseHelper response(resolver_->CreateRequest(
13293 HostPortPair("ok", 80), NetworkAnonymizationKey(), NetLogWithSource(),
13294 parameters, resolve_context_.get()));
13295 EXPECT_THAT(response.result_error(), IsOk());
13296 }
13297
13298 class MockAddressSorter : public AddressSorter {
13299 public:
13300 MOCK_METHOD(void,
13301 Sort,
13302 (const std::vector<IPEndPoint>& endpoints, CallbackType callback),
13303 (const, override));
13304
ExpectCall(const std::vector<IPEndPoint> & expected,std::vector<IPEndPoint> sorted)13305 void ExpectCall(const std::vector<IPEndPoint>& expected,
13306 std::vector<IPEndPoint> sorted) {
13307 EXPECT_CALL(*this, Sort(expected, _))
13308 .WillOnce([sorted](const std::vector<IPEndPoint>& endpoints,
13309 AddressSorter::CallbackType callback) {
13310 std::move(callback).Run(true, std::move(sorted));
13311 });
13312 }
13313
ExpectCallAndFailSort(const std::vector<IPEndPoint> & expected)13314 void ExpectCallAndFailSort(const std::vector<IPEndPoint>& expected) {
13315 EXPECT_CALL(*this, Sort(expected, _))
13316 .WillOnce([](const std::vector<IPEndPoint>& endpoints,
13317 AddressSorter::CallbackType callback) {
13318 std::move(callback).Run(false, {});
13319 });
13320 }
13321 };
13322
TEST_F(HostResolverManagerDnsTest,ResultsAreSorted)13323 TEST_F(HostResolverManagerDnsTest, ResultsAreSorted) {
13324 base::test::ScopedFeatureList feature_list(features::kUseHostResolverCache);
13325
13326 // Expect sorter to be separately called with A and AAAA results. For the
13327 // AAAA, sort to reversed order.
13328 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13329 sorter->ExpectCall(
13330 {CreateExpected("::1", 0), CreateExpected("2001:4860:4860::8888", 0)},
13331 {CreateExpected("2001:4860:4860::8888", 0), CreateExpected("::1", 0)});
13332 sorter->ExpectCall({CreateExpected("127.0.0.1", 0)},
13333 {CreateExpected("127.0.0.1", 0)});
13334
13335 DnsResponse a_response =
13336 BuildTestDnsAddressResponse("host.test", IPAddress::IPv4Localhost());
13337 DnsResponse aaaa_response = BuildTestDnsResponse(
13338 "host.test", dns_protocol::kTypeAAAA,
13339 {BuildTestAddressRecord("host.test", IPAddress::IPv6Localhost()),
13340 BuildTestAddressRecord(
13341 "host.test",
13342 IPAddress::FromIPLiteral("2001:4860:4860::8888").value())});
13343 MockDnsClientRuleList rules;
13344 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA, std::move(a_response),
13345 /*delay=*/false);
13346 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13347 std::move(aaaa_response), /*delay=*/false);
13348
13349 CreateResolver();
13350 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13351 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13352
13353 ResolveHostResponseHelper response(resolver_->CreateRequest(
13354 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13355 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13356
13357 EXPECT_THAT(response.result_error(), IsOk());
13358
13359 // Expect results in the order given by the sorter (with AAAA results before A
13360 // results).
13361 EXPECT_THAT(
13362 response.request()->GetEndpointResults(),
13363 testing::Pointee(
13364 testing::ElementsAre(ExpectEndpointResult(testing::ElementsAre(
13365 CreateExpected("2001:4860:4860::8888", 80),
13366 CreateExpected("::1", 80), CreateExpected("127.0.0.1", 80))))));
13367 }
13368
TEST_F(HostResolverManagerDnsTest,ResultsAreSortedWithHostCache)13369 TEST_F(HostResolverManagerDnsTest, ResultsAreSortedWithHostCache) {
13370 base::test::ScopedFeatureList feature_list;
13371 feature_list.InitAndDisableFeature(features::kUseHostResolverCache);
13372
13373 // When using HostCache, expect sorter to be called once for all address
13374 // results together (AAAA before A).
13375 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13376 sorter->ExpectCall(
13377 {CreateExpected("::1", 0), CreateExpected("2001:4860:4860::8888", 0),
13378 CreateExpected("127.0.0.1", 0)},
13379 {CreateExpected("2001:4860:4860::8888", 0),
13380 CreateExpected("127.0.0.1", 0), CreateExpected("::1", 0)});
13381
13382 DnsResponse a_response =
13383 BuildTestDnsAddressResponse("host.test", IPAddress::IPv4Localhost());
13384 DnsResponse aaaa_response = BuildTestDnsResponse(
13385 "host.test", dns_protocol::kTypeAAAA,
13386 {BuildTestAddressRecord("host.test", IPAddress::IPv6Localhost()),
13387 BuildTestAddressRecord(
13388 "host.test",
13389 IPAddress::FromIPLiteral("2001:4860:4860::8888").value())});
13390 MockDnsClientRuleList rules;
13391 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA, std::move(a_response),
13392 /*delay=*/false);
13393 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13394 std::move(aaaa_response), /*delay=*/false);
13395
13396 CreateResolver();
13397 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13398 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13399
13400 ResolveHostResponseHelper response(resolver_->CreateRequest(
13401 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13402 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13403
13404 EXPECT_THAT(response.result_error(), IsOk());
13405
13406 // Expect results in the order given by the sorter.
13407 EXPECT_THAT(
13408 response.request()->GetEndpointResults(),
13409 testing::Pointee(
13410 testing::ElementsAre(ExpectEndpointResult(testing::ElementsAre(
13411 CreateExpected("2001:4860:4860::8888", 80),
13412 CreateExpected("127.0.0.1", 80), CreateExpected("::1", 80))))));
13413 }
13414
TEST_F(HostResolverManagerDnsTest,Ipv4OnlyResultsAreSorted)13415 TEST_F(HostResolverManagerDnsTest, Ipv4OnlyResultsAreSorted) {
13416 base::test::ScopedFeatureList feature_list(features::kUseHostResolverCache);
13417
13418 // Sort to reversed order.
13419 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13420 sorter->ExpectCall(
13421 {CreateExpected("127.0.0.1", 0), CreateExpected("127.0.0.2", 0)},
13422 {CreateExpected("127.0.0.2", 0), CreateExpected("127.0.0.1", 0)});
13423
13424 DnsResponse a_response = BuildTestDnsResponse(
13425 "host.test", dns_protocol::kTypeA,
13426 {BuildTestAddressRecord("host.test", IPAddress::IPv4Localhost()),
13427 BuildTestAddressRecord("host.test",
13428 IPAddress::FromIPLiteral("127.0.0.2").value())});
13429 MockDnsClientRuleList rules;
13430 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA, std::move(a_response),
13431 /*delay=*/false);
13432 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13433 MockDnsClientRule::ResultType::kEmpty, /*delay=*/false);
13434
13435 CreateResolver();
13436 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13437 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13438
13439 ResolveHostResponseHelper response(resolver_->CreateRequest(
13440 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13441 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13442
13443 EXPECT_THAT(response.result_error(), IsOk());
13444
13445 // Expect results in the order given by the sorter.
13446 EXPECT_THAT(response.request()->GetEndpointResults(),
13447 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
13448 testing::ElementsAre(CreateExpected("127.0.0.2", 80),
13449 CreateExpected("127.0.0.1", 80))))));
13450 }
13451
TEST_F(HostResolverManagerDnsTest,Ipv4OnlyResultsNotSortedWithHostCache)13452 TEST_F(HostResolverManagerDnsTest, Ipv4OnlyResultsNotSortedWithHostCache) {
13453 base::test::ScopedFeatureList feature_list;
13454 feature_list.InitAndDisableFeature(features::kUseHostResolverCache);
13455
13456 // When using HostCache, expect no sort calls for IPv4-only results.
13457 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13458
13459 DnsResponse a_response = BuildTestDnsResponse(
13460 "host.test", dns_protocol::kTypeA,
13461 {BuildTestAddressRecord("host.test", IPAddress::IPv4Localhost()),
13462 BuildTestAddressRecord("host.test",
13463 IPAddress::FromIPLiteral("127.0.0.2").value())});
13464 MockDnsClientRuleList rules;
13465 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA, std::move(a_response),
13466 /*delay=*/false);
13467 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13468 MockDnsClientRule::ResultType::kEmpty, /*delay=*/false);
13469
13470 CreateResolver();
13471 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13472 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13473
13474 ResolveHostResponseHelper response(resolver_->CreateRequest(
13475 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13476 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13477
13478 EXPECT_THAT(response.result_error(), IsOk());
13479
13480 // Expect results in original unsorted order.
13481 EXPECT_THAT(response.request()->GetEndpointResults(),
13482 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
13483 testing::ElementsAre(CreateExpected("127.0.0.1", 80),
13484 CreateExpected("127.0.0.2", 80))))));
13485 }
13486
TEST_F(HostResolverManagerDnsTest,EmptyResultsNotSorted)13487 TEST_F(HostResolverManagerDnsTest, EmptyResultsNotSorted) {
13488 base::test::ScopedFeatureList feature_list(features::kUseHostResolverCache);
13489
13490 // Expect no calls to sorter for empty results.
13491 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13492
13493 MockDnsClientRuleList rules;
13494 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA,
13495 MockDnsClientRule::ResultType::kEmpty,
13496 /*delay=*/false);
13497 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13498 MockDnsClientRule::ResultType::kEmpty, /*delay=*/false);
13499
13500 CreateResolver();
13501 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13502 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13503 set_allow_fallback_to_systemtask(false);
13504
13505 ResolveHostResponseHelper response(resolver_->CreateRequest(
13506 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13507 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13508
13509 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
13510 }
13511
TEST_F(HostResolverManagerDnsTest,EmptyResultsNotSortedWithHostCache)13512 TEST_F(HostResolverManagerDnsTest, EmptyResultsNotSortedWithHostCache) {
13513 base::test::ScopedFeatureList feature_list;
13514 feature_list.InitAndDisableFeature(features::kUseHostResolverCache);
13515
13516 // Expect no calls to sorter for empty results.
13517 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13518
13519 MockDnsClientRuleList rules;
13520 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA,
13521 MockDnsClientRule::ResultType::kEmpty,
13522 /*delay=*/false);
13523 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13524 MockDnsClientRule::ResultType::kEmpty, /*delay=*/false);
13525
13526 CreateResolver();
13527 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13528 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13529 set_allow_fallback_to_systemtask(false);
13530
13531 ResolveHostResponseHelper response(resolver_->CreateRequest(
13532 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13533 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13534
13535 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
13536 }
13537
13538 // Test for when AddressSorter removes all results.
TEST_F(HostResolverManagerDnsTest,ResultsSortedAsUnreachable)13539 TEST_F(HostResolverManagerDnsTest, ResultsSortedAsUnreachable) {
13540 base::test::ScopedFeatureList feature_list(features::kUseHostResolverCache);
13541
13542 // Set up sorter to return result with no addresses.
13543 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13544 sorter->ExpectCall(
13545 {CreateExpected("::1", 0), CreateExpected("2001:4860:4860::8888", 0)},
13546 {});
13547 sorter->ExpectCall({CreateExpected("127.0.0.1", 0)}, {});
13548
13549 DnsResponse a_response =
13550 BuildTestDnsAddressResponse("host.test", IPAddress::IPv4Localhost());
13551 DnsResponse aaaa_response = BuildTestDnsResponse(
13552 "host.test", dns_protocol::kTypeAAAA,
13553 {BuildTestAddressRecord("host.test", IPAddress::IPv6Localhost()),
13554 BuildTestAddressRecord(
13555 "host.test",
13556 IPAddress::FromIPLiteral("2001:4860:4860::8888").value())});
13557 MockDnsClientRuleList rules;
13558 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA, std::move(a_response),
13559 /*delay=*/false);
13560 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13561 std::move(aaaa_response), /*delay=*/false);
13562
13563 CreateResolver();
13564 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13565 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13566 set_allow_fallback_to_systemtask(false);
13567
13568 ASSERT_FALSE(!!GetCacheHit(HostCache::Key(
13569 "host.test", DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
13570 HostResolverSource::ANY, NetworkAnonymizationKey())));
13571
13572 ResolveHostResponseHelper response(resolver_->CreateRequest(
13573 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13574 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13575
13576 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
13577
13578 // Expect error is cached (because pre-sort results had a TTL).
13579 EXPECT_TRUE(!!GetCacheHit(HostCache::Key(
13580 "host.test", DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
13581 HostResolverSource::ANY, NetworkAnonymizationKey())));
13582 }
13583
13584 // Test for when AddressSorter removes all results.
TEST_F(HostResolverManagerDnsTest,ResultsSortedAsUnreachableWithHostCache)13585 TEST_F(HostResolverManagerDnsTest, ResultsSortedAsUnreachableWithHostCache) {
13586 base::test::ScopedFeatureList feature_list;
13587 feature_list.InitAndDisableFeature(features::kUseHostResolverCache);
13588
13589 // Set up sorter to return result with no addresses.
13590 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13591 sorter->ExpectCall(
13592 {CreateExpected("::1", 0), CreateExpected("2001:4860:4860::8888", 0),
13593 CreateExpected("127.0.0.1", 0)},
13594 {});
13595
13596 DnsResponse a_response =
13597 BuildTestDnsAddressResponse("host.test", IPAddress::IPv4Localhost());
13598 DnsResponse aaaa_response = BuildTestDnsResponse(
13599 "host.test", dns_protocol::kTypeAAAA,
13600 {BuildTestAddressRecord("host.test", IPAddress::IPv6Localhost()),
13601 BuildTestAddressRecord(
13602 "host.test",
13603 IPAddress::FromIPLiteral("2001:4860:4860::8888").value())});
13604 MockDnsClientRuleList rules;
13605 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA, std::move(a_response),
13606 /*delay=*/false);
13607 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13608 std::move(aaaa_response), /*delay=*/false);
13609
13610 CreateResolver();
13611 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13612 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13613 set_allow_fallback_to_systemtask(false);
13614
13615 ASSERT_FALSE(!!GetCacheHit(HostCache::Key(
13616 "host.test", DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
13617 HostResolverSource::ANY, NetworkAnonymizationKey())));
13618
13619 ResolveHostResponseHelper response(resolver_->CreateRequest(
13620 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13621 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13622
13623 EXPECT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
13624
13625 // Expect error is cached (because pre-sort results had a TTL).
13626 EXPECT_TRUE(!!GetCacheHit(HostCache::Key(
13627 "host.test", DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
13628 HostResolverSource::ANY, NetworkAnonymizationKey())));
13629 }
13630
TEST_F(HostResolverManagerDnsTest,SortFailure)13631 TEST_F(HostResolverManagerDnsTest, SortFailure) {
13632 base::test::ScopedFeatureList feature_list;
13633 feature_list.InitWithFeatures(
13634 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey,
13635 features::kUseHostResolverCache},
13636 /*disabled_features=*/{});
13637
13638 constexpr std::string_view kHost = "host.test";
13639 constexpr base::TimeDelta kMinTtl = base::Minutes(10);
13640
13641 // Fail the AAAA sort. Don't expect resolver to even attempt to sort A.
13642 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13643 sorter->ExpectCallAndFailSort(
13644 {CreateExpected("::1", 0), CreateExpected("2001:4860:4860::8888", 0)});
13645
13646 DnsResponse a_response = BuildTestDnsAddressResponse(
13647 std::string(kHost), IPAddress::IPv4Localhost());
13648 DnsResponse aaaa_response = BuildTestDnsResponse(
13649 std::string(kHost), dns_protocol::kTypeAAAA,
13650 {BuildTestAddressRecord(std::string(kHost), IPAddress::IPv6Localhost(),
13651 kMinTtl),
13652 BuildTestAddressRecord(
13653 std::string(kHost),
13654 IPAddress::FromIPLiteral("2001:4860:4860::8888").value(),
13655 base::Minutes(15))});
13656 MockDnsClientRuleList rules;
13657 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeA,
13658 std::move(a_response),
13659 /*delay=*/false);
13660 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeAAAA,
13661 std::move(aaaa_response), /*delay=*/false);
13662
13663 CreateResolver();
13664 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13665 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13666 set_allow_fallback_to_systemtask(false);
13667
13668 const SchemefulSite kSite(GURL("https://site.test/"));
13669 const auto kNetworkAnonymizationKey =
13670 NetworkAnonymizationKey::CreateSameSite(kSite);
13671
13672 ResolveHostResponseHelper response(resolver_->CreateRequest(
13673 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
13674 std::nullopt, resolve_context_.get()));
13675
13676 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_SORT_ERROR));
13677
13678 // Expect error is cached with same TTL as results that failed to sort.
13679 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
13680 kHost, kNetworkAnonymizationKey, DnsQueryType::A, HostResolverSource::DNS,
13681 /*secure=*/false));
13682 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
13683 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA,
13684 HostResolverSource::DNS, /*secure=*/false),
13685 Pointee(ExpectHostResolverInternalErrorResult(
13686 std::string(kHost), DnsQueryType::AAAA,
13687 HostResolverInternalResult::Source::kUnknown,
13688 Optional(base::TimeTicks::Now() + kMinTtl),
13689 Optional(base::Time::Now() + kMinTtl), ERR_DNS_SORT_ERROR)));
13690 }
13691
13692 // Test for if a transaction sort fails after another transaction has already
13693 // succeeded.
TEST_F(HostResolverManagerDnsTest,PartialSortFailure)13694 TEST_F(HostResolverManagerDnsTest, PartialSortFailure) {
13695 base::test::ScopedFeatureList feature_list;
13696 feature_list.InitWithFeatures(
13697 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey,
13698 features::kUseHostResolverCache},
13699 /*disabled_features=*/{});
13700
13701 constexpr std::string_view kHost = "host.test";
13702 constexpr base::TimeDelta kMinTtl = base::Minutes(3);
13703
13704 // Successfully sort A. Fail to sort AAAA.
13705 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13706 sorter->ExpectCall({IPEndPoint(IPAddress::IPv4Localhost(), 0)},
13707 {IPEndPoint(IPAddress::IPv4Localhost(), 0)});
13708 sorter->ExpectCallAndFailSort({IPEndPoint(IPAddress::IPv6Localhost(), 0),
13709 CreateExpected("2001:4860:4860::8888", 0)});
13710
13711 DnsResponse a_response = BuildTestDnsAddressResponse(
13712 std::string(kHost), IPAddress::IPv4Localhost());
13713 DnsResponse aaaa_response = BuildTestDnsResponse(
13714 std::string(kHost), dns_protocol::kTypeAAAA,
13715 {BuildTestAddressRecord(std::string(kHost), IPAddress::IPv6Localhost(),
13716 kMinTtl),
13717 BuildTestAddressRecord(
13718 std::string(kHost),
13719 IPAddress::FromIPLiteral("2001:4860:4860::8888").value(),
13720 base::Minutes(7))});
13721 MockDnsClientRuleList rules;
13722 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeA,
13723 std::move(a_response),
13724 /*delay=*/false);
13725 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeAAAA,
13726 std::move(aaaa_response), /*delay=*/true);
13727
13728 CreateResolver();
13729 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13730 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13731 set_allow_fallback_to_systemtask(false);
13732
13733 const SchemefulSite kSite(GURL("https://site.test/"));
13734 const auto kNetworkAnonymizationKey =
13735 NetworkAnonymizationKey::CreateSameSite(kSite);
13736
13737 ResolveHostResponseHelper response(resolver_->CreateRequest(
13738 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
13739 std::nullopt, resolve_context_.get()));
13740 base::RunLoop().RunUntilIdle();
13741 EXPECT_FALSE(response.complete());
13742
13743 // Expect the successful A result to be cached immediately on receipt.
13744 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
13745 kHost, kNetworkAnonymizationKey, DnsQueryType::A,
13746 HostResolverSource::DNS, /*secure=*/false),
13747 Pointee(ExpectHostResolverInternalDataResult(
13748 std::string(kHost), DnsQueryType::A,
13749 HostResolverInternalResult::Source::kDns, _, _,
13750 ElementsAre(IPEndPoint(IPAddress::IPv4Localhost(), 0)))));
13751 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
13752 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA));
13753
13754 mock_dns_client_->CompleteDelayedTransactions();
13755 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_SORT_ERROR));
13756
13757 // Expect error is cached with same TTL as results that failed to sort.
13758 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
13759 kHost, kNetworkAnonymizationKey, DnsQueryType::A,
13760 HostResolverSource::DNS, /*secure=*/false),
13761 Pointee(ExpectHostResolverInternalDataResult(
13762 std::string(kHost), DnsQueryType::A,
13763 HostResolverInternalResult::Source::kDns, _, _,
13764 ElementsAre(IPEndPoint(IPAddress::IPv4Localhost(), 0)))));
13765 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
13766 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA,
13767 HostResolverSource::DNS, /*secure=*/false),
13768 Pointee(ExpectHostResolverInternalErrorResult(
13769 std::string(kHost), DnsQueryType::AAAA,
13770 HostResolverInternalResult::Source::kUnknown,
13771 Optional(base::TimeTicks::Now() + kMinTtl),
13772 Optional(base::Time::Now() + kMinTtl), ERR_DNS_SORT_ERROR)));
13773 }
13774
TEST_F(HostResolverManagerDnsTest,SortFailureWithHostCache)13775 TEST_F(HostResolverManagerDnsTest, SortFailureWithHostCache) {
13776 base::test::ScopedFeatureList feature_list;
13777 feature_list.InitAndDisableFeature(features::kUseHostResolverCache);
13778
13779 // Fail the sort.
13780 auto sorter = std::make_unique<testing::StrictMock<MockAddressSorter>>();
13781 sorter->ExpectCallAndFailSort({CreateExpected("::1", 0),
13782 CreateExpected("2001:4860:4860::8888", 0),
13783 CreateExpected("127.0.0.1", 0)});
13784
13785 DnsResponse a_response =
13786 BuildTestDnsAddressResponse("host.test", IPAddress::IPv4Localhost());
13787 DnsResponse aaaa_response = BuildTestDnsResponse(
13788 "host.test", dns_protocol::kTypeAAAA,
13789 {BuildTestAddressRecord("host.test", IPAddress::IPv6Localhost()),
13790 BuildTestAddressRecord(
13791 "host.test",
13792 IPAddress::FromIPLiteral("2001:4860:4860::8888").value())});
13793 MockDnsClientRuleList rules;
13794 AddDnsRule(&rules, "host.test", dns_protocol::kTypeA, std::move(a_response),
13795 /*delay=*/false);
13796 AddDnsRule(&rules, "host.test", dns_protocol::kTypeAAAA,
13797 std::move(aaaa_response), /*delay=*/false);
13798
13799 CreateResolver();
13800 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13801 mock_dns_client_->SetAddressSorterForTesting(std::move(sorter));
13802 set_allow_fallback_to_systemtask(false);
13803
13804 ASSERT_FALSE(!!GetCacheHit(HostCache::Key(
13805 "host.test", DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
13806 HostResolverSource::ANY, NetworkAnonymizationKey())));
13807
13808 ResolveHostResponseHelper response(resolver_->CreateRequest(
13809 HostPortPair("host.test", 80), NetworkAnonymizationKey(),
13810 NetLogWithSource(), std::nullopt, resolve_context_.get()));
13811
13812 EXPECT_THAT(response.result_error(), IsError(ERR_DNS_SORT_ERROR));
13813
13814 // Expect error is cached (because pre-sort results had a TTL).
13815 EXPECT_TRUE(!!GetCacheHit(HostCache::Key(
13816 "host.test", DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
13817 HostResolverSource::ANY, NetworkAnonymizationKey())));
13818 }
13819
TEST_F(HostResolverManagerDnsTest,HostResolverCacheContainsTransactions)13820 TEST_F(HostResolverManagerDnsTest, HostResolverCacheContainsTransactions) {
13821 base::test::ScopedFeatureList feature_list;
13822 feature_list.InitWithFeatures(
13823 /*enabled_features=*/{features::kUseHostResolverCache,
13824 features::kSplitHostCacheByNetworkIsolationKey},
13825 /*disabled_features=*/{});
13826
13827 ChangeDnsConfig(CreateValidDnsConfig());
13828
13829 const SchemefulSite kSite(GURL("https://site.test/"));
13830 const auto kNetworkAnonymizationKey =
13831 NetworkAnonymizationKey::CreateSameSite(kSite);
13832
13833 ResolveHostResponseHelper response(resolver_->CreateRequest(
13834 HostPortPair("ok", 80), kNetworkAnonymizationKey, NetLogWithSource(),
13835 std::nullopt, resolve_context_.get()));
13836 ASSERT_THAT(response.result_error(), IsOk());
13837
13838 // Expect separate transactions to be separately cached.
13839 EXPECT_THAT(
13840 resolve_context_->host_resolver_cache()->Lookup(
13841 "ok", kNetworkAnonymizationKey, DnsQueryType::A,
13842 HostResolverSource::DNS, /*secure=*/false),
13843 Pointee(ExpectHostResolverInternalDataResult(
13844 "ok", DnsQueryType::A, HostResolverInternalResult::Source::kDns, _, _,
13845 ElementsAre(IPEndPoint(IPAddress::IPv4Localhost(), 0)))));
13846 EXPECT_THAT(
13847 resolve_context_->host_resolver_cache()->Lookup(
13848 "ok", kNetworkAnonymizationKey, DnsQueryType::AAAA,
13849 HostResolverSource::DNS, /*secure=*/false),
13850 Pointee(ExpectHostResolverInternalDataResult(
13851 "ok", DnsQueryType::AAAA, HostResolverInternalResult::Source::kDns, _,
13852 _, ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 0)))));
13853 }
13854
TEST_F(HostResolverManagerDnsTest,HostResolverCacheContainsAliasChains)13855 TEST_F(HostResolverManagerDnsTest, HostResolverCacheContainsAliasChains) {
13856 base::test::ScopedFeatureList feature_list;
13857 feature_list.InitWithFeatures(
13858 /*enabled_features=*/{features::kUseHostResolverCache,
13859 features::kSplitHostCacheByNetworkIsolationKey},
13860 /*disabled_features=*/{});
13861
13862 constexpr std::string_view kHost = "host.test";
13863
13864 MockDnsClientRuleList rules;
13865 DnsResponse a_response = BuildTestDnsResponse(
13866 std::string(kHost), dns_protocol::kTypeA,
13867 {BuildTestCnameRecord(std::string(kHost), "alias1.test"),
13868 BuildTestCnameRecord("alias1.test", "alias2.test"),
13869 BuildTestAddressRecord("alias2.test", IPAddress::IPv4Localhost())});
13870 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeA,
13871 std::move(a_response),
13872 /*delay=*/false);
13873 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeAAAA,
13874 MockDnsClientRule::ResultType::kEmpty, /*delay=*/false);
13875 CreateResolver();
13876 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13877
13878 const SchemefulSite kSite(GURL("https://site.test/"));
13879 const auto kNetworkAnonymizationKey =
13880 NetworkAnonymizationKey::CreateSameSite(kSite);
13881
13882 ResolveHostResponseHelper response(resolver_->CreateRequest(
13883 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
13884 std::nullopt, resolve_context_.get()));
13885 ASSERT_THAT(response.result_error(), IsOk());
13886
13887 // Expect each alias link and the result to be separately cached with the
13888 // aliases cached under the original query type.
13889 EXPECT_THAT(
13890 resolve_context_->host_resolver_cache()->Lookup(
13891 kHost, kNetworkAnonymizationKey, DnsQueryType::A,
13892 HostResolverSource::DNS, /*secure=*/false),
13893 Pointee(ExpectHostResolverInternalAliasResult(
13894 std::string(kHost), DnsQueryType::A,
13895 HostResolverInternalResult::Source::kDns, _, _, "alias1.test")));
13896 EXPECT_THAT(
13897 resolve_context_->host_resolver_cache()->Lookup(
13898 "alias1.test", kNetworkAnonymizationKey, DnsQueryType::A,
13899 HostResolverSource::DNS, /*secure=*/false),
13900 Pointee(ExpectHostResolverInternalAliasResult(
13901 "alias1.test", DnsQueryType::A,
13902 HostResolverInternalResult::Source::kDns, _, _, "alias2.test")));
13903 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
13904 "alias2.test", kNetworkAnonymizationKey, DnsQueryType::A,
13905 HostResolverSource::DNS, /*secure=*/false),
13906 Pointee(ExpectHostResolverInternalDataResult(
13907 "alias2.test", DnsQueryType::A,
13908 HostResolverInternalResult::Source::kDns, _, _,
13909 ElementsAre(IPEndPoint(IPAddress::IPv4Localhost(), 0)))));
13910 }
13911
TEST_F(HostResolverManagerDnsTest,HostResolverCacheContainsAliasChainsWithErrors)13912 TEST_F(HostResolverManagerDnsTest,
13913 HostResolverCacheContainsAliasChainsWithErrors) {
13914 base::test::ScopedFeatureList feature_list;
13915 feature_list.InitWithFeatures(
13916 /*enabled_features=*/{features::kUseHostResolverCache,
13917 features::kSplitHostCacheByNetworkIsolationKey},
13918 /*disabled_features=*/{});
13919
13920 constexpr std::string_view kHost = "host.test";
13921 constexpr base::TimeDelta kTtl = base::Minutes(30);
13922
13923 MockDnsClientRuleList rules;
13924 DnsResponse a_response = BuildTestDnsResponse(
13925 std::string(kHost), dns_protocol::kTypeA,
13926 /*answers=*/
13927 {BuildTestCnameRecord(std::string(kHost), "alias1.test"),
13928 BuildTestCnameRecord("alias1.test", "alias2.test")},
13929 /*authority=*/
13930 {BuildTestDnsRecord("authority.test", dns_protocol::kTypeSOA,
13931 "fake rdata", kTtl)});
13932 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeA,
13933 std::move(a_response),
13934 /*delay=*/false);
13935 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeAAAA,
13936 MockDnsClientRule::ResultType::kEmpty, /*delay=*/false);
13937 CreateResolver();
13938 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
13939 set_allow_fallback_to_systemtask(false);
13940
13941 const SchemefulSite kSite(GURL("https://site.test/"));
13942 const auto kNetworkAnonymizationKey =
13943 NetworkAnonymizationKey::CreateSameSite(kSite);
13944
13945 ResolveHostResponseHelper response(resolver_->CreateRequest(
13946 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
13947 std::nullopt, resolve_context_.get()));
13948 ASSERT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
13949
13950 // Expect each alias link and the result error to be separately cached with
13951 // the aliases cached under the original query type.
13952 EXPECT_THAT(
13953 resolve_context_->host_resolver_cache()->Lookup(
13954 kHost, kNetworkAnonymizationKey, DnsQueryType::A,
13955 HostResolverSource::DNS, /*secure=*/false),
13956 Pointee(ExpectHostResolverInternalAliasResult(
13957 std::string(kHost), DnsQueryType::A,
13958 HostResolverInternalResult::Source::kDns, _, _, "alias1.test")));
13959 EXPECT_THAT(
13960 resolve_context_->host_resolver_cache()->Lookup(
13961 "alias1.test", kNetworkAnonymizationKey, DnsQueryType::A,
13962 HostResolverSource::DNS, /*secure=*/false),
13963 Pointee(ExpectHostResolverInternalAliasResult(
13964 "alias1.test", DnsQueryType::A,
13965 HostResolverInternalResult::Source::kDns, _, _, "alias2.test")));
13966 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
13967 "alias2.test", kNetworkAnonymizationKey, DnsQueryType::A,
13968 HostResolverSource::DNS, /*secure=*/false),
13969 Pointee(ExpectHostResolverInternalErrorResult(
13970 "alias2.test", DnsQueryType::A,
13971 HostResolverInternalResult::Source::kDns,
13972 Optional(base::TimeTicks::Now() + kTtl),
13973 Optional(base::Time::Now() + kTtl), ERR_NAME_NOT_RESOLVED)));
13974 }
13975
TEST_F(HostResolverManagerDnsTest,HostResolverCacheContainsAliasChainsWithNoTtlErrors)13976 TEST_F(HostResolverManagerDnsTest,
13977 HostResolverCacheContainsAliasChainsWithNoTtlErrors) {
13978 base::test::ScopedFeatureList feature_list;
13979 feature_list.InitWithFeatures(
13980 /*enabled_features=*/{features::kUseHostResolverCache,
13981 features::kSplitHostCacheByNetworkIsolationKey},
13982 /*disabled_features=*/{});
13983
13984 constexpr std::string_view kHost = "host.test";
13985
13986 MockDnsClientRuleList rules;
13987 // No SOA authority record, so NODATA error is not cacheable.
13988 DnsResponse a_response = BuildTestDnsResponse(
13989 std::string(kHost), dns_protocol::kTypeA,
13990 /*answers=*/
13991 {BuildTestCnameRecord(std::string(kHost), "alias1.test"),
13992 BuildTestCnameRecord("alias1.test", "alias2.test")});
13993 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeA,
13994 std::move(a_response),
13995 /*delay=*/false);
13996 AddDnsRule(&rules, std::string(kHost), dns_protocol::kTypeAAAA,
13997 MockDnsClientRule::ResultType::kEmpty, /*delay=*/false);
13998 CreateResolver();
13999 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14000 set_allow_fallback_to_systemtask(false);
14001
14002 const SchemefulSite kSite(GURL("https://site.test/"));
14003 const auto kNetworkAnonymizationKey =
14004 NetworkAnonymizationKey::CreateSameSite(kSite);
14005
14006 ResolveHostResponseHelper response(resolver_->CreateRequest(
14007 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14008 std::nullopt, resolve_context_.get()));
14009 ASSERT_THAT(response.result_error(), IsError(ERR_NAME_NOT_RESOLVED));
14010
14011 // Expect each alias link to be separately cached under the original query
14012 // type. No cache entry for the NODATA error because there was no SOA record
14013 // to contain the NODATA TTL.
14014 EXPECT_THAT(
14015 resolve_context_->host_resolver_cache()->Lookup(
14016 kHost, kNetworkAnonymizationKey, DnsQueryType::A,
14017 HostResolverSource::DNS, /*secure=*/false),
14018 Pointee(ExpectHostResolverInternalAliasResult(
14019 std::string(kHost), DnsQueryType::A,
14020 HostResolverInternalResult::Source::kDns, _, _, "alias1.test")));
14021 EXPECT_THAT(
14022 resolve_context_->host_resolver_cache()->Lookup(
14023 "alias1.test", kNetworkAnonymizationKey, DnsQueryType::A,
14024 HostResolverSource::DNS, /*secure=*/false),
14025 Pointee(ExpectHostResolverInternalAliasResult(
14026 "alias1.test", DnsQueryType::A,
14027 HostResolverInternalResult::Source::kDns, _, _, "alias2.test")));
14028 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
14029 "alias2.test", kNetworkAnonymizationKey, DnsQueryType::A,
14030 HostResolverSource::DNS, /*secure=*/false));
14031 }
14032
TEST_F(HostResolverManagerDnsTest,NetworkErrorsNotSavedInHostCache)14033 TEST_F(HostResolverManagerDnsTest, NetworkErrorsNotSavedInHostCache) {
14034 base::test::ScopedFeatureList feature_list;
14035 feature_list.InitWithFeatures(
14036 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey},
14037 /*disabled_features=*/{features::kUseHostResolverCache});
14038
14039 constexpr std::string_view kHost = "host.test";
14040
14041 // Network failures for all result types.
14042 MockDnsClientRuleList rules;
14043 rules.emplace_back(std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14044 MockDnsClientRule::Result(
14045 MockDnsClientRule::ResultType::kFail,
14046 /*response=*/std::nullopt, ERR_CONNECTION_REFUSED),
14047 /*delay=*/false);
14048 rules.emplace_back(
14049 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14050 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail,
14051 /*response=*/std::nullopt,
14052 ERR_CONNECTION_REFUSED),
14053 /*delay=*/false);
14054 CreateResolver();
14055 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14056 set_allow_fallback_to_systemtask(false);
14057
14058 const SchemefulSite kSite(GURL("https://site.test/"));
14059 const auto kNetworkAnonymizationKey =
14060 NetworkAnonymizationKey::CreateSameSite(kSite);
14061
14062 ResolveHostResponseHelper response(resolver_->CreateRequest(
14063 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14064 std::nullopt, resolve_context_.get()));
14065 ASSERT_THAT(response.result_error(), IsError(ERR_CONNECTION_REFUSED));
14066
14067 // Expect result not cached because network errors have no TTL.
14068 EXPECT_FALSE(GetCacheHit(HostCache::Key(
14069 std::string(kHost), DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
14070 HostResolverSource::ANY, kNetworkAnonymizationKey)));
14071 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
14072 }
14073
14074 // Test for if a DNS transaction fails with network error after another
14075 // transaction has already succeeded.
TEST_F(HostResolverManagerDnsTest,PartialNetworkErrorsNotSavedInHostCache)14076 TEST_F(HostResolverManagerDnsTest, PartialNetworkErrorsNotSavedInHostCache) {
14077 base::test::ScopedFeatureList feature_list;
14078 feature_list.InitWithFeatures(
14079 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey},
14080 /*disabled_features=*/{features::kUseHostResolverCache});
14081
14082 constexpr std::string_view kHost = "host.test";
14083
14084 // Return a successful AAAA response before a delayed failure A response.
14085 MockDnsClientRuleList rules;
14086 rules.emplace_back(std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14087 MockDnsClientRule::Result(
14088 MockDnsClientRule::ResultType::kFail,
14089 /*response=*/std::nullopt, ERR_CONNECTION_REFUSED),
14090 /*delay=*/true);
14091 rules.emplace_back(
14092 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14093 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
14094 /*delay=*/false);
14095 CreateResolver();
14096 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14097 set_allow_fallback_to_systemtask(false);
14098
14099 const SchemefulSite kSite(GURL("https://site.test/"));
14100 const auto kNetworkAnonymizationKey =
14101 NetworkAnonymizationKey::CreateSameSite(kSite);
14102
14103 ResolveHostResponseHelper response(resolver_->CreateRequest(
14104 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14105 std::nullopt, resolve_context_.get()));
14106 base::RunLoop().RunUntilIdle();
14107 EXPECT_FALSE(response.complete());
14108 mock_dns_client_->CompleteDelayedTransactions();
14109 ASSERT_THAT(response.result_error(), IsError(ERR_CONNECTION_REFUSED));
14110
14111 // Even if some transactions have already received results successfully, a
14112 // network failure means the entire request fails and nothing should be cached
14113 // to the HostCache.
14114 EXPECT_FALSE(GetCacheHit(HostCache::Key(
14115 std::string(kHost), DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
14116 HostResolverSource::ANY, kNetworkAnonymizationKey)));
14117 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
14118 }
14119
TEST_F(HostResolverManagerDnsTest,NetworkErrorsNotSavedInHostResolverCache)14120 TEST_F(HostResolverManagerDnsTest, NetworkErrorsNotSavedInHostResolverCache) {
14121 base::test::ScopedFeatureList feature_list;
14122 feature_list.InitWithFeatures(
14123 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey,
14124 features::kUseHostResolverCache},
14125 /*disabled_features=*/{});
14126
14127 constexpr std::string_view kHost = "host.test";
14128
14129 // Network failures for all result types.
14130 MockDnsClientRuleList rules;
14131 rules.emplace_back(std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14132 MockDnsClientRule::Result(
14133 MockDnsClientRule::ResultType::kFail,
14134 /*response=*/std::nullopt, ERR_CONNECTION_REFUSED),
14135 /*delay=*/false);
14136 rules.emplace_back(
14137 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14138 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kFail,
14139 /*response=*/std::nullopt,
14140 ERR_CONNECTION_REFUSED),
14141 /*delay=*/false);
14142 CreateResolver();
14143 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14144 set_allow_fallback_to_systemtask(false);
14145
14146 const SchemefulSite kSite(GURL("https://site.test/"));
14147 const auto kNetworkAnonymizationKey =
14148 NetworkAnonymizationKey::CreateSameSite(kSite);
14149
14150 ResolveHostResponseHelper response(resolver_->CreateRequest(
14151 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14152 std::nullopt, resolve_context_.get()));
14153 ASSERT_THAT(response.result_error(), IsError(ERR_CONNECTION_REFUSED));
14154
14155 // Expect result not cached because network errors have no TTL.
14156 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
14157 kHost, kNetworkAnonymizationKey));
14158 }
14159
14160 // Test for if a DNS transaction fails with network error after another
14161 // transaction has already succeeded.
TEST_F(HostResolverManagerDnsTest,PartialNetworkErrorsNotSavedInHostResolverCache)14162 TEST_F(HostResolverManagerDnsTest,
14163 PartialNetworkErrorsNotSavedInHostResolverCache) {
14164 base::test::ScopedFeatureList feature_list;
14165 feature_list.InitWithFeatures(
14166 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey,
14167 features::kUseHostResolverCache},
14168 /*disabled_features=*/{});
14169
14170 constexpr std::string_view kHost = "host.test";
14171
14172 // Return a successful AAAA response before a delayed failure A response.
14173 MockDnsClientRuleList rules;
14174 rules.emplace_back(std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14175 MockDnsClientRule::Result(
14176 MockDnsClientRule::ResultType::kFail,
14177 /*response=*/std::nullopt, ERR_CONNECTION_REFUSED),
14178 /*delay=*/true);
14179 rules.emplace_back(
14180 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14181 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
14182 /*delay=*/false);
14183 CreateResolver();
14184 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14185 set_allow_fallback_to_systemtask(false);
14186
14187 const SchemefulSite kSite(GURL("https://site.test/"));
14188 const auto kNetworkAnonymizationKey =
14189 NetworkAnonymizationKey::CreateSameSite(kSite);
14190
14191 ResolveHostResponseHelper response(resolver_->CreateRequest(
14192 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14193 std::nullopt, resolve_context_.get()));
14194 base::RunLoop().RunUntilIdle();
14195 EXPECT_FALSE(response.complete());
14196
14197 // Expect AAAA result to be cached immediately on receipt.
14198 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
14199 kHost, kNetworkAnonymizationKey, DnsQueryType::A));
14200 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14201 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA,
14202 HostResolverSource::DNS, /*secure=*/false),
14203 Pointee(ExpectHostResolverInternalDataResult(
14204 std::string(kHost), DnsQueryType::AAAA,
14205 HostResolverInternalResult::Source::kDns, _, _,
14206 ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 0)))));
14207
14208 mock_dns_client_->CompleteDelayedTransactions();
14209 ASSERT_THAT(response.result_error(), IsError(ERR_CONNECTION_REFUSED));
14210
14211 // Expect same cache contents, as network errors are not cacheable.
14212 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
14213 kHost, kNetworkAnonymizationKey, DnsQueryType::A));
14214 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14215 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA,
14216 HostResolverSource::DNS, /*secure=*/false),
14217 Pointee(ExpectHostResolverInternalDataResult(
14218 std::string(kHost), DnsQueryType::AAAA,
14219 HostResolverInternalResult::Source::kDns, _, _,
14220 ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 0)))));
14221 }
14222
TEST_F(HostResolverManagerDnsTest,MalformedResponsesNotSavedInHostCache)14223 TEST_F(HostResolverManagerDnsTest, MalformedResponsesNotSavedInHostCache) {
14224 base::test::ScopedFeatureList feature_list;
14225 feature_list.InitWithFeatures(
14226 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey},
14227 /*disabled_features=*/{features::kUseHostResolverCache});
14228
14229 constexpr std::string_view kHost = "host.test";
14230
14231 // Malformed responses for all result types.
14232 MockDnsClientRuleList rules;
14233 rules.emplace_back(
14234 std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14235 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
14236 /*delay=*/false);
14237 rules.emplace_back(
14238 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14239 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
14240 /*delay=*/false);
14241 CreateResolver();
14242 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14243 set_allow_fallback_to_systemtask(false);
14244
14245 const SchemefulSite kSite(GURL("https://site.test/"));
14246 const auto kNetworkAnonymizationKey =
14247 NetworkAnonymizationKey::CreateSameSite(kSite);
14248
14249 ResolveHostResponseHelper response(resolver_->CreateRequest(
14250 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14251 std::nullopt, resolve_context_.get()));
14252 ASSERT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
14253
14254 // Expect result not cached because malformed responses have no TTL.
14255 EXPECT_FALSE(GetCacheHit(HostCache::Key(
14256 std::string(kHost), DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
14257 HostResolverSource::ANY, kNetworkAnonymizationKey)));
14258 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
14259 }
14260
14261 // Test for if a DNS transaction fails with a malformed response after another
14262 // transaction has already succeeded.
TEST_F(HostResolverManagerDnsTest,PartialMalformedResponsesNotSavedInHostCache)14263 TEST_F(HostResolverManagerDnsTest,
14264 PartialMalformedResponsesNotSavedInHostCache) {
14265 base::test::ScopedFeatureList feature_list;
14266 feature_list.InitWithFeatures(
14267 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey},
14268 /*disabled_features=*/{features::kUseHostResolverCache});
14269
14270 constexpr std::string_view kHost = "host.test";
14271
14272 // Return a successful AAAA response before a delayed failure A response.
14273 MockDnsClientRuleList rules;
14274 rules.emplace_back(
14275 std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14276 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
14277 /*delay=*/true);
14278 rules.emplace_back(
14279 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14280 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
14281 /*delay=*/false);
14282 CreateResolver();
14283 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14284 set_allow_fallback_to_systemtask(false);
14285
14286 const SchemefulSite kSite(GURL("https://site.test/"));
14287 const auto kNetworkAnonymizationKey =
14288 NetworkAnonymizationKey::CreateSameSite(kSite);
14289
14290 ResolveHostResponseHelper response(resolver_->CreateRequest(
14291 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14292 std::nullopt, resolve_context_.get()));
14293 base::RunLoop().RunUntilIdle();
14294 EXPECT_FALSE(response.complete());
14295 mock_dns_client_->CompleteDelayedTransactions();
14296 ASSERT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
14297
14298 // Even if some transactions have already received results successfully, a
14299 // malformed response means the entire request fails and nothing should be
14300 // cached to the HostCache.
14301 EXPECT_FALSE(GetCacheHit(HostCache::Key(
14302 std::string(kHost), DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
14303 HostResolverSource::ANY, kNetworkAnonymizationKey)));
14304 EXPECT_EQ(resolve_context_->host_cache()->size(), 0u);
14305 }
14306
TEST_F(HostResolverManagerDnsTest,MalformedResponsesNotSavedInHostResolverCache)14307 TEST_F(HostResolverManagerDnsTest,
14308 MalformedResponsesNotSavedInHostResolverCache) {
14309 base::test::ScopedFeatureList feature_list;
14310 feature_list.InitWithFeatures(
14311 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey,
14312 features::kUseHostResolverCache},
14313 /*disabled_features=*/{});
14314
14315 constexpr std::string_view kHost = "host.test";
14316
14317 // Network failures for all result types.
14318 MockDnsClientRuleList rules;
14319 rules.emplace_back(
14320 std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14321 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
14322 /*delay=*/false);
14323 rules.emplace_back(
14324 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14325 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
14326 /*delay=*/false);
14327 CreateResolver();
14328 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14329 set_allow_fallback_to_systemtask(false);
14330
14331 const SchemefulSite kSite(GURL("https://site.test/"));
14332 const auto kNetworkAnonymizationKey =
14333 NetworkAnonymizationKey::CreateSameSite(kSite);
14334
14335 ResolveHostResponseHelper response(resolver_->CreateRequest(
14336 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14337 std::nullopt, resolve_context_.get()));
14338 ASSERT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
14339
14340 // Expect result not cached because malformed responses have no TTL.
14341 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
14342 kHost, kNetworkAnonymizationKey));
14343 }
14344
14345 // Test for if a DNS transaction fails with malformed response after another
14346 // transaction has already succeeded.
TEST_F(HostResolverManagerDnsTest,PartialMalformedResponsesNotSavedInHostResolverCache)14347 TEST_F(HostResolverManagerDnsTest,
14348 PartialMalformedResponsesNotSavedInHostResolverCache) {
14349 base::test::ScopedFeatureList feature_list;
14350 feature_list.InitWithFeatures(
14351 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey,
14352 features::kUseHostResolverCache},
14353 /*disabled_features=*/{});
14354
14355 constexpr std::string_view kHost = "host.test";
14356
14357 // Return a successful AAAA response before a delayed failure A response.
14358 MockDnsClientRuleList rules;
14359 rules.emplace_back(
14360 std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14361 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kMalformed),
14362 /*delay=*/true);
14363 rules.emplace_back(
14364 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14365 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
14366 /*delay=*/false);
14367 CreateResolver();
14368 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14369 set_allow_fallback_to_systemtask(false);
14370
14371 const SchemefulSite kSite(GURL("https://site.test/"));
14372 const auto kNetworkAnonymizationKey =
14373 NetworkAnonymizationKey::CreateSameSite(kSite);
14374
14375 ResolveHostResponseHelper response(resolver_->CreateRequest(
14376 HostPortPair(kHost, 80), kNetworkAnonymizationKey, NetLogWithSource(),
14377 std::nullopt, resolve_context_.get()));
14378 base::RunLoop().RunUntilIdle();
14379 EXPECT_FALSE(response.complete());
14380
14381 // Expect the successful AAAA result to be cached immediately on receipt.
14382 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
14383 kHost, kNetworkAnonymizationKey, DnsQueryType::A));
14384 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14385 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA,
14386 HostResolverSource::DNS, /*secure=*/false),
14387 Pointee(ExpectHostResolverInternalDataResult(
14388 std::string(kHost), DnsQueryType::AAAA,
14389 HostResolverInternalResult::Source::kDns, _, _,
14390 ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 0)))));
14391
14392 mock_dns_client_->CompleteDelayedTransactions();
14393 ASSERT_THAT(response.result_error(), IsError(ERR_DNS_MALFORMED_RESPONSE));
14394
14395 // Expect same cache contents, as malformed responses are not cacheable.
14396 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
14397 kHost, kNetworkAnonymizationKey, DnsQueryType::A));
14398 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14399 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA,
14400 HostResolverSource::DNS, /*secure=*/false),
14401 Pointee(ExpectHostResolverInternalDataResult(
14402 std::string(kHost), DnsQueryType::AAAA,
14403 HostResolverInternalResult::Source::kDns, _, _,
14404 ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 0)))));
14405 }
14406
TEST_F(HostResolverManagerDnsTest,HttpToHttpsUpgradeSavedInHostCache)14407 TEST_F(HostResolverManagerDnsTest, HttpToHttpsUpgradeSavedInHostCache) {
14408 base::test::ScopedFeatureList feature_list;
14409 feature_list.InitWithFeatures(
14410 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey},
14411 /*disabled_features=*/{features::kUseHostResolverCache});
14412
14413 constexpr std::string_view kHost = "host.test";
14414
14415 // Return successful A/AAAA responses before HTTPS to ensure they are not
14416 // cached.
14417 MockDnsClientRuleList rules;
14418 std::vector<DnsResourceRecord> records = {BuildTestHttpsAliasRecord(
14419 std::string(kHost), "alias.test", /*ttl=*/base::Days(20))};
14420 rules.emplace_back(
14421 std::string(kHost), dns_protocol::kTypeHttps, /*secure=*/false,
14422 MockDnsClientRule::Result(BuildTestDnsResponse(
14423 std::string(kHost), dns_protocol::kTypeHttps, records)),
14424 /*delay=*/true);
14425 rules.emplace_back(
14426 std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14427 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
14428 /*delay=*/false);
14429 rules.emplace_back(
14430 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14431 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
14432 /*delay=*/false);
14433 CreateResolver();
14434 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14435 set_allow_fallback_to_systemtask(false);
14436
14437 const SchemefulSite kSite(GURL("https://site.test/"));
14438 const auto kNetworkAnonymizationKey =
14439 NetworkAnonymizationKey::CreateSameSite(kSite);
14440
14441 ResolveHostResponseHelper response(
14442 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kHost, 80),
14443 kNetworkAnonymizationKey, NetLogWithSource(),
14444 std::nullopt, resolve_context_.get()));
14445 base::RunLoop().RunUntilIdle();
14446 EXPECT_FALSE(response.complete());
14447 mock_dns_client_->CompleteDelayedTransactions();
14448 ASSERT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
14449
14450 // Even if some transactions have already received results successfully, an
14451 // HTTPS record means the entire request fails and the upgrade failure should
14452 // be cached for the TTL from the HTTPS response.
14453 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
14454 GetCacheHit(
14455 HostCache::Key(url::SchemeHostPort(url::kHttpScheme, kHost, 80),
14456 DnsQueryType::UNSPECIFIED, /*host_resolver_flags=*/0,
14457 HostResolverSource::ANY, kNetworkAnonymizationKey));
14458 ASSERT_TRUE(cache_result);
14459 ASSERT_TRUE(cache_result->second.has_ttl());
14460 EXPECT_EQ(cache_result->second.ttl(), base::Days(20));
14461 }
14462
14463 // Test cache behavior for when an HTTPS response indicating http->https upgrade
14464 // is received after successful address responses.
TEST_F(HostResolverManagerDnsTest,HttpToHttpsUpgradeAfterAddressesSavedInHostResolverCache)14465 TEST_F(HostResolverManagerDnsTest,
14466 HttpToHttpsUpgradeAfterAddressesSavedInHostResolverCache) {
14467 base::test::ScopedFeatureList feature_list;
14468 feature_list.InitWithFeatures(
14469 /*enabled_features=*/{features::kSplitHostCacheByNetworkIsolationKey,
14470 features::kUseHostResolverCache},
14471 /*disabled_features=*/{});
14472
14473 constexpr std::string_view kHost = "host.test";
14474
14475 // Return successful A/AAAA responses before HTTPS.
14476 MockDnsClientRuleList rules;
14477 std::vector<DnsResourceRecord> records = {BuildTestHttpsAliasRecord(
14478 std::string(kHost), "alias.test", /*ttl=*/base::Days(20))};
14479 rules.emplace_back(
14480 std::string(kHost), dns_protocol::kTypeHttps, /*secure=*/false,
14481 MockDnsClientRule::Result(BuildTestDnsResponse(
14482 std::string(kHost), dns_protocol::kTypeHttps, records)),
14483 /*delay=*/true);
14484 rules.emplace_back(
14485 std::string(kHost), dns_protocol::kTypeA, /*secure=*/false,
14486 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
14487 /*delay=*/false);
14488 rules.emplace_back(
14489 std::string(kHost), dns_protocol::kTypeAAAA, /*secure=*/false,
14490 MockDnsClientRule::Result(MockDnsClientRule::ResultType::kOk),
14491 /*delay=*/false);
14492 CreateResolver();
14493 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14494 set_allow_fallback_to_systemtask(false);
14495
14496 const SchemefulSite kSite(GURL("https://site.test/"));
14497 const auto kNetworkAnonymizationKey =
14498 NetworkAnonymizationKey::CreateSameSite(kSite);
14499
14500 ResolveHostResponseHelper response(
14501 resolver_->CreateRequest(url::SchemeHostPort(url::kHttpScheme, kHost, 80),
14502 kNetworkAnonymizationKey, NetLogWithSource(),
14503 std::nullopt, resolve_context_.get()));
14504 base::RunLoop().RunUntilIdle();
14505 EXPECT_FALSE(response.complete());
14506
14507 // Expect successful address responses to be cached immediately on receipt.
14508 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14509 kHost, kNetworkAnonymizationKey, DnsQueryType::A,
14510 HostResolverSource::DNS, /*secure=*/false),
14511 Pointee(ExpectHostResolverInternalDataResult(
14512 std::string(kHost), DnsQueryType::A,
14513 HostResolverInternalResult::Source::kDns, _, _,
14514 ElementsAre(IPEndPoint(IPAddress::IPv4Localhost(), 0)))));
14515 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14516 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA,
14517 HostResolverSource::DNS, /*secure=*/false),
14518 Pointee(ExpectHostResolverInternalDataResult(
14519 std::string(kHost), DnsQueryType::AAAA,
14520 HostResolverInternalResult::Source::kDns, _, _,
14521 ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 0)))));
14522 EXPECT_FALSE(resolve_context_->host_resolver_cache()->Lookup(
14523 kHost, kNetworkAnonymizationKey, DnsQueryType::HTTPS,
14524 HostResolverSource::DNS, /*secure=*/false));
14525
14526 mock_dns_client_->CompleteDelayedTransactions();
14527 ASSERT_THAT(response.result_error(), IsError(ERR_DNS_NAME_HTTPS_ONLY));
14528
14529 // All responses cached, including the full metadata result because it is
14530 // still a usable result when requested for https://.
14531 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14532 kHost, kNetworkAnonymizationKey, DnsQueryType::A,
14533 HostResolverSource::DNS, /*secure=*/false),
14534 Pointee(ExpectHostResolverInternalDataResult(
14535 std::string(kHost), DnsQueryType::A,
14536 HostResolverInternalResult::Source::kDns, _, _,
14537 ElementsAre(IPEndPoint(IPAddress::IPv4Localhost(), 0)))));
14538 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14539 kHost, kNetworkAnonymizationKey, DnsQueryType::AAAA,
14540 HostResolverSource::DNS, /*secure=*/false),
14541 Pointee(ExpectHostResolverInternalDataResult(
14542 std::string(kHost), DnsQueryType::AAAA,
14543 HostResolverInternalResult::Source::kDns, _, _,
14544 ElementsAre(IPEndPoint(IPAddress::IPv6Localhost(), 0)))));
14545 EXPECT_THAT(resolve_context_->host_resolver_cache()->Lookup(
14546 kHost, kNetworkAnonymizationKey, DnsQueryType::HTTPS,
14547 HostResolverSource::DNS, /*secure=*/false),
14548 Pointee(ExpectHostResolverInternalMetadataResult(
14549 std::string(kHost), DnsQueryType::HTTPS,
14550 HostResolverInternalResult::Source::kDns,
14551 Optional(base::TimeTicks::Now() + base::Days(20)),
14552 Optional(base::Time::Now() + base::Days(20)))));
14553 }
14554
14555 class HostResolverManagerBootstrapTest : public HostResolverManagerDnsTest {
14556 protected:
14557 using MockResult = MockDnsClientRule::ResultType;
14558
SetUp()14559 void SetUp() override {
14560 // The request host scheme and port are only preserved if the SVCB feature
14561 // is enabled.
14562 features.InitAndEnableFeatureWithParameters(
14563 features::kUseDnsHttpsSvcb,
14564 {// Disable timeouts.
14565 {"UseDnsHttpsSvcbInsecureExtraTimeMax", "0"},
14566 {"UseDnsHttpsSvcbInsecureExtraTimePercent", "0"},
14567 {"UseDnsHttpsSvcbInsecureExtraTimeMin", "0"},
14568 {"UseDnsHttpsSvcbSecureExtraTimeMax", "0"},
14569 {"UseDnsHttpsSvcbSecureExtraTimePercent", "0"},
14570 {"UseDnsHttpsSvcbSecureExtraTimeMin", "0"}});
14571
14572 HostResolverManagerDnsTest::SetUp();
14573
14574 // MockHostResolverProc only returns failure if there is at least one
14575 // non-matching rule.
14576 proc_->AddRuleForAllFamilies("other_name", {});
14577 proc_->SignalMultiple(1u); // Allow up to one proc query.
14578 }
14579
14580 const NetworkAnonymizationKey kAnonymizationKey;
14581 const url::SchemeHostPort kEndpoint =
14582 url::SchemeHostPort(url::kHttpsScheme, "bootstrap", 443);
14583 const std::vector<IPEndPoint> kCacheAddrs = {
14584 {{0x20, 0x01, 0x0d, 0xb1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}, 0},
14585 {{192, 0, 2, 1}, 0}};
14586 const std::vector<IPEndPoint> kBootstrapAddrs = {
14587 {{0x20, 0x01, 0x0d, 0xb1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2}, 0},
14588 {{192, 0, 2, 2}, 0}};
14589 // The mock DNS client always returns localhost.
14590 const std::vector<IPEndPoint> kRemoteAddrs = {
14591 {IPAddress::IPv6Localhost(), 0},
14592 {IPAddress::IPv4Localhost(), 0}};
14593
bootstrap_params()14594 static HostResolver::ResolveHostParameters bootstrap_params() {
14595 HostResolver::ResolveHostParameters params;
14596 params.secure_dns_policy = SecureDnsPolicy::kBootstrap;
14597 return params;
14598 }
14599
ConfigureMockDns(MockResult insecure_result,MockResult secure_result)14600 void ConfigureMockDns(MockResult insecure_result, MockResult secure_result) {
14601 MockDnsClientRuleList rules;
14602 AddDnsRule(&rules, kEndpoint.host(), dns_protocol::kTypeA, insecure_result,
14603 /*delay=*/false);
14604 AddDnsRule(&rules, kEndpoint.host(), dns_protocol::kTypeAAAA,
14605 insecure_result, /*delay=*/false);
14606 AddSecureDnsRule(&rules, kEndpoint.host(), dns_protocol::kTypeA,
14607 secure_result, /*delay=*/false);
14608 AddSecureDnsRule(&rules, kEndpoint.host(), dns_protocol::kTypeAAAA,
14609 secure_result, /*delay=*/false);
14610 UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
14611 mock_dns_client_->set_preset_endpoint(kEndpoint);
14612 }
14613
MakeCacheKey(bool secure)14614 HostCache::Key MakeCacheKey(bool secure) {
14615 HostCache::Key cache_key(kEndpoint, DnsQueryType::UNSPECIFIED, 0,
14616 HostResolverSource::ANY, kAnonymizationKey);
14617 cache_key.secure = secure;
14618 return cache_key;
14619 }
14620
PopulateCache(bool secure)14621 void PopulateCache(bool secure) {
14622 constexpr base::TimeDelta kTtl = base::Seconds(3600);
14623 HostCache::Entry entry(OK, kCacheAddrs, /*aliases=*/{},
14624 HostCache::Entry::SOURCE_DNS, kTtl);
14625 resolve_context_->host_cache()->Set(MakeCacheKey(secure), std::move(entry),
14626 GetMockTickClock()->NowTicks(), kTtl);
14627 }
14628
14629 base::test::ScopedFeatureList features;
14630 };
14631
IPAddresses(const std::vector<IPEndPoint> & endpoints)14632 std::vector<IPAddress> IPAddresses(const std::vector<IPEndPoint>& endpoints) {
14633 return base::ToVector(endpoints, &IPEndPoint::address);
14634 }
14635
IPAddresses(const AddressList & addresses)14636 std::vector<IPAddress> IPAddresses(const AddressList& addresses) {
14637 return IPAddresses(addresses.endpoints());
14638 }
14639
14640 MATCHER_P(AddressesMatch, expected, "Matches addresses between AddressLists") {
14641 return testing::Matches(testing::UnorderedElementsAreArray(
14642 IPAddresses(expected)))(IPAddresses(arg));
14643 }
14644
TEST_F(HostResolverManagerBootstrapTest,BlankSlate)14645 TEST_F(HostResolverManagerBootstrapTest, BlankSlate) {
14646 ConfigureMockDns(/*insecure_result=*/MockResult::kOk,
14647 /*secure_result=*/MockResult::kUnexpected);
14648
14649 ResolveHostResponseHelper bootstrap_response(
14650 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14651 bootstrap_params(), resolve_context_.get()));
14652
14653 EXPECT_FALSE(bootstrap_response.complete());
14654 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
14655 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
14656 testing::Pointee(AddressesMatch(kRemoteAddrs)));
14657 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
14658 testing::Pointee(testing::ElementsAre(
14659 ExpectEndpointResult(AddressesMatch(kRemoteAddrs)))));
14660 }
14661
TEST_F(HostResolverManagerBootstrapTest,InsecureCacheEntry)14662 TEST_F(HostResolverManagerBootstrapTest, InsecureCacheEntry) {
14663 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14664 /*secure_result=*/MockResult::kUnexpected);
14665 PopulateCache(/*secure=*/false);
14666
14667 ResolveHostResponseHelper bootstrap_response(
14668 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14669 bootstrap_params(), resolve_context_.get()));
14670
14671 EXPECT_TRUE(bootstrap_response.complete());
14672 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
14673 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
14674 testing::Pointee(AddressesMatch(kCacheAddrs)));
14675 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
14676 testing::Pointee(testing::ElementsAre(
14677 ExpectEndpointResult(AddressesMatch(kCacheAddrs)))));
14678 }
14679
TEST_F(HostResolverManagerBootstrapTest,SecureCacheEntry)14680 TEST_F(HostResolverManagerBootstrapTest, SecureCacheEntry) {
14681 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14682 /*secure_result=*/MockResult::kUnexpected);
14683 PopulateCache(/*secure=*/true);
14684
14685 ResolveHostResponseHelper bootstrap_response(
14686 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14687 bootstrap_params(), resolve_context_.get()));
14688
14689 EXPECT_TRUE(bootstrap_response.complete());
14690 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
14691 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
14692 testing::Pointee(AddressesMatch(kCacheAddrs)));
14693 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
14694 testing::Pointee(testing::ElementsAre(
14695 ExpectEndpointResult(AddressesMatch(kCacheAddrs)))));
14696 }
14697
TEST_F(HostResolverManagerBootstrapTest,OnlyBootstrap)14698 TEST_F(HostResolverManagerBootstrapTest, OnlyBootstrap) {
14699 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14700 /*secure_result=*/MockResult::kOk);
14701 mock_dns_client_->set_preset_addrs(kBootstrapAddrs);
14702
14703 ResolveHostResponseHelper bootstrap_response(
14704 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14705 bootstrap_params(), resolve_context_.get()));
14706
14707 EXPECT_TRUE(bootstrap_response.complete());
14708 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
14709 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
14710 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14711 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
14712 testing::Pointee(testing::ElementsAre(
14713 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14714
14715 // Run the followup query.
14716 RunUntilIdle();
14717
14718 // Confirm that the remote addresses are now in the secure cache.
14719 const auto* secure_result = resolve_context_->host_cache()->Lookup(
14720 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
14721 ASSERT_THAT(secure_result, testing::NotNull());
14722 EXPECT_THAT(
14723 secure_result->second.GetEndpoints(),
14724 testing::ElementsAre(ExpectEndpointResult(AddressesMatch(kRemoteAddrs))));
14725 }
14726
14727 // The insecure cache is ignored, so the results are identical to
14728 // OnlyBootstrap.
TEST_F(HostResolverManagerBootstrapTest,BootstrapAndInsecureCache)14729 TEST_F(HostResolverManagerBootstrapTest, BootstrapAndInsecureCache) {
14730 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14731 /*secure_result=*/MockResult::kOk);
14732 mock_dns_client_->set_preset_addrs(kBootstrapAddrs);
14733 PopulateCache(/*secure=*/false);
14734
14735 ResolveHostResponseHelper bootstrap_response(
14736 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14737 bootstrap_params(), resolve_context_.get()));
14738
14739 EXPECT_TRUE(bootstrap_response.complete());
14740 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
14741 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
14742 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14743 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
14744 testing::Pointee(testing::ElementsAre(
14745 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14746
14747 // Run the followup query.
14748 RunUntilIdle();
14749
14750 // Confirm that the remote addresses are now in the secure cache.
14751 const auto* secure_result = resolve_context_->host_cache()->Lookup(
14752 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
14753 ASSERT_THAT(secure_result, testing::NotNull());
14754 EXPECT_THAT(
14755 secure_result->second.GetEndpoints(),
14756 testing::ElementsAre(ExpectEndpointResult(AddressesMatch(kRemoteAddrs))));
14757 }
14758
14759 // The bootstrap addrs are ignored, so the results are identical to
14760 // SecureCacheEntry.
TEST_F(HostResolverManagerBootstrapTest,BootstrapAndSecureCacheEntry)14761 TEST_F(HostResolverManagerBootstrapTest, BootstrapAndSecureCacheEntry) {
14762 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14763 /*secure_result=*/MockResult::kUnexpected);
14764 mock_dns_client_->set_preset_addrs(kBootstrapAddrs);
14765 PopulateCache(/*secure=*/true);
14766
14767 ResolveHostResponseHelper bootstrap_response(
14768 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14769 bootstrap_params(), resolve_context_.get()));
14770
14771 EXPECT_TRUE(bootstrap_response.complete());
14772 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
14773 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
14774 testing::Pointee(AddressesMatch(kCacheAddrs)));
14775 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
14776 testing::Pointee(testing::ElementsAre(
14777 ExpectEndpointResult(AddressesMatch(kCacheAddrs)))));
14778 }
14779
TEST_F(HostResolverManagerBootstrapTest,BlankSlateFailure)14780 TEST_F(HostResolverManagerBootstrapTest, BlankSlateFailure) {
14781 ConfigureMockDns(/*insecure_result=*/MockResult::kFail,
14782 /*secure_result=*/MockResult::kUnexpected);
14783
14784 ResolveHostResponseHelper bootstrap_response(
14785 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14786 bootstrap_params(), resolve_context_.get()));
14787
14788 EXPECT_FALSE(bootstrap_response.complete());
14789 EXPECT_THAT(bootstrap_response.result_error(),
14790 IsError(ERR_NAME_NOT_RESOLVED));
14791 EXPECT_FALSE(bootstrap_response.request()
14792 ->GetResolveErrorInfo()
14793 .is_secure_network_error);
14794 }
14795
TEST_F(HostResolverManagerBootstrapTest,BootstrapFollowupFailure)14796 TEST_F(HostResolverManagerBootstrapTest, BootstrapFollowupFailure) {
14797 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14798 /*secure_result=*/MockResult::kFail);
14799 mock_dns_client_->set_preset_addrs(kBootstrapAddrs);
14800
14801 ResolveHostResponseHelper bootstrap_response(
14802 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14803 bootstrap_params(), resolve_context_.get()));
14804
14805 EXPECT_TRUE(bootstrap_response.complete());
14806 EXPECT_THAT(bootstrap_response.result_error(), IsOk());
14807 EXPECT_THAT(bootstrap_response.request()->GetAddressResults(),
14808 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14809 EXPECT_THAT(bootstrap_response.request()->GetEndpointResults(),
14810 testing::Pointee(testing::ElementsAre(
14811 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14812
14813 // Run the followup query.
14814 RunUntilIdle();
14815
14816 // Confirm that the secure cache remains empty.
14817 const auto* secure_result = resolve_context_->host_cache()->Lookup(
14818 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
14819 EXPECT_THAT(secure_result, testing::IsNull());
14820 }
14821
TEST_F(HostResolverManagerBootstrapTest,ContextClose)14822 TEST_F(HostResolverManagerBootstrapTest, ContextClose) {
14823 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14824 /*secure_result=*/MockResult::kOk);
14825 mock_dns_client_->set_preset_addrs(kBootstrapAddrs);
14826
14827 // Trigger a followup request.
14828 ResolveHostResponseHelper bootstrap_response(
14829 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14830 bootstrap_params(), resolve_context_.get()));
14831
14832 // Deregistering the resolve context should clean up the pending followup job.
14833 EXPECT_EQ(1u, resolver_->num_jobs_for_testing());
14834 resolver_->DeregisterResolveContext(resolve_context_.get());
14835 EXPECT_EQ(0u, resolver_->num_jobs_for_testing());
14836
14837 mock_dns_client_ = nullptr;
14838 resolver_ = nullptr; // Avoid duplicate Deregister in TearDown.
14839 }
14840
14841 // Equivalent to OnlyBootstrap + BootstrapAndSecureCacheEntry
TEST_F(HostResolverManagerBootstrapTest,BootstrapAfterFollowup)14842 TEST_F(HostResolverManagerBootstrapTest, BootstrapAfterFollowup) {
14843 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14844 /*secure_result=*/MockResult::kOk);
14845 mock_dns_client_->set_preset_addrs(kBootstrapAddrs);
14846
14847 // Run bootstrap and its followup query.
14848 ResolveHostResponseHelper bootstrap_response1(
14849 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14850 bootstrap_params(), resolve_context_.get()));
14851 RunUntilIdle();
14852
14853 // The remote addresses are now in the secure cache.
14854 // Rerun bootstrap, which reads the secure cache results.
14855 ResolveHostResponseHelper bootstrap_response2(
14856 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14857 bootstrap_params(), resolve_context_.get()));
14858
14859 EXPECT_TRUE(bootstrap_response2.complete());
14860 EXPECT_THAT(bootstrap_response2.result_error(), IsOk());
14861 EXPECT_THAT(bootstrap_response2.request()->GetAddressResults(),
14862 testing::Pointee(AddressesMatch(kRemoteAddrs)));
14863 EXPECT_THAT(bootstrap_response2.request()->GetEndpointResults(),
14864 testing::Pointee(testing::ElementsAre(
14865 ExpectEndpointResult(AddressesMatch(kRemoteAddrs)))));
14866 }
14867
TEST_F(HostResolverManagerBootstrapTest,BootstrapFollowupFailureTwice)14868 TEST_F(HostResolverManagerBootstrapTest, BootstrapFollowupFailureTwice) {
14869 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14870 /*secure_result=*/MockResult::kFail);
14871 mock_dns_client_->set_preset_addrs(kBootstrapAddrs);
14872
14873 // Run the bootstrap query and the followup, which will fail.
14874 ResolveHostResponseHelper bootstrap_response1(
14875 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14876 bootstrap_params(), resolve_context_.get()));
14877 RunUntilIdle();
14878
14879 // Reissue the bootstrap query.
14880 ResolveHostResponseHelper bootstrap_response2(
14881 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14882 bootstrap_params(), resolve_context_.get()));
14883
14884 EXPECT_TRUE(bootstrap_response2.complete());
14885 EXPECT_THAT(bootstrap_response2.result_error(), IsOk());
14886 EXPECT_THAT(bootstrap_response2.request()->GetAddressResults(),
14887 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14888 EXPECT_THAT(bootstrap_response2.request()->GetEndpointResults(),
14889 testing::Pointee(testing::ElementsAre(
14890 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14891
14892 // Run the followup query again.
14893 RunUntilIdle();
14894
14895 // Confirm that the secure cache remains empty.
14896 const auto* secure_result = resolve_context_->host_cache()->Lookup(
14897 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
14898 EXPECT_THAT(secure_result, testing::IsNull());
14899 }
14900
TEST_F(HostResolverManagerBootstrapTest,OnlyBootstrapTwice)14901 TEST_F(HostResolverManagerBootstrapTest, OnlyBootstrapTwice) {
14902 ConfigureMockDns(/*insecure_result=*/MockResult::kUnexpected,
14903 /*secure_result=*/MockResult::kOk);
14904 mock_dns_client_->set_preset_addrs(kBootstrapAddrs);
14905
14906 ResolveHostResponseHelper bootstrap_response1(
14907 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14908 bootstrap_params(), resolve_context_.get()));
14909
14910 EXPECT_TRUE(bootstrap_response1.complete());
14911 EXPECT_THAT(bootstrap_response1.result_error(), IsOk());
14912 EXPECT_THAT(bootstrap_response1.request()->GetAddressResults(),
14913 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14914 EXPECT_THAT(bootstrap_response1.request()->GetEndpointResults(),
14915 testing::Pointee(testing::ElementsAre(
14916 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14917
14918 ResolveHostResponseHelper bootstrap_response2(
14919 resolver_->CreateRequest(kEndpoint, kAnonymizationKey, NetLogWithSource(),
14920 bootstrap_params(), resolve_context_.get()));
14921
14922 EXPECT_TRUE(bootstrap_response2.complete());
14923 EXPECT_THAT(bootstrap_response2.result_error(), IsOk());
14924 EXPECT_THAT(bootstrap_response2.request()->GetAddressResults(),
14925 testing::Pointee(AddressesMatch(kBootstrapAddrs)));
14926 EXPECT_THAT(bootstrap_response2.request()->GetEndpointResults(),
14927 testing::Pointee(testing::ElementsAre(
14928 ExpectEndpointResult(AddressesMatch(kBootstrapAddrs)))));
14929
14930 // Run the followup query.
14931 RunUntilIdle();
14932
14933 // Confirm that the remote addresses are now in the secure cache.
14934 const auto* secure_result = resolve_context_->host_cache()->Lookup(
14935 MakeCacheKey(/*secure=*/true), GetMockTickClock()->NowTicks());
14936 ASSERT_THAT(secure_result, testing::NotNull());
14937 EXPECT_THAT(
14938 secure_result->second.GetEndpoints(),
14939 testing::ElementsAre(ExpectEndpointResult(AddressesMatch(kRemoteAddrs))));
14940 }
14941
IPv4AddressLiteralInIPv6OnlyNetworkTest(bool is_async)14942 void HostResolverManagerTest::IPv4AddressLiteralInIPv6OnlyNetworkTest(
14943 bool is_async) {
14944 base::test::ScopedFeatureList feature_list;
14945 feature_list.InitWithFeatures(
14946 /*enabled_features=*/{features::kUseNAT64ForIPv4Literal},
14947 /*disabled_features=*/{});
14948
14949 HostResolver::ManagerOptions options = DefaultOptions();
14950 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
14951 true /* ipv6_reachable */, is_async,
14952 false /* ipv4_reachable */);
14953 proc_->AddRule("ipv4only.arpa", ADDRESS_FAMILY_IPV6,
14954 "64:ff9b::c000:aa,64:ff9b::c000:ab,2001:db8:43::c000:aa,"
14955 "2001:db8:43::c000:ab");
14956 proc_->SignalMultiple(1u);
14957
14958 ResolveHostResponseHelper response(resolver_->CreateRequest(
14959 HostPortPair("192.168.1.42", 80), NetworkAnonymizationKey(),
14960 NetLogWithSource(), std::nullopt, resolve_context_.get()));
14961
14962 EXPECT_THAT(response.result_error(), IsOk());
14963 EXPECT_THAT(response.top_level_result_error(), IsOk());
14964 EXPECT_THAT(
14965 response.request()->GetAddressResults()->endpoints(),
14966 testing::ElementsAre(CreateExpected("64:ff9b::c0a8:12a", 80),
14967 CreateExpected("2001:db8:43::c0a8:12a", 80)));
14968 EXPECT_THAT(
14969 response.request()->GetEndpointResults(),
14970 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
14971 testing::ElementsAre(CreateExpected("64:ff9b::c0a8:12a", 80),
14972 CreateExpected("2001:db8:43::c0a8:12a", 80))))));
14973 EXPECT_FALSE(response.request()->GetStaleInfo());
14974
14975 ASSERT_TRUE(!proc_->GetCaptureList().empty());
14976 EXPECT_EQ("ipv4only.arpa", proc_->GetCaptureList()[0].hostname);
14977
14978 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
14979 GetCacheHit(HostCache::Key(
14980 "ipv4only.arpa", DnsQueryType::AAAA, 0 /* host_resolver_flags */,
14981 HostResolverSource::ANY, NetworkAnonymizationKey()));
14982 EXPECT_TRUE(cache_result);
14983 }
14984
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkAsync)14985 TEST_F(HostResolverManagerTest, IPv4AddressLiteralInIPv6OnlyNetworkAsync) {
14986 IPv4AddressLiteralInIPv6OnlyNetworkTest(true);
14987 }
14988
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkSync)14989 TEST_F(HostResolverManagerTest, IPv4AddressLiteralInIPv6OnlyNetworkSync) {
14990 IPv4AddressLiteralInIPv6OnlyNetworkTest(false);
14991 }
14992
IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(bool is_async)14993 void HostResolverManagerTest::IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(
14994 bool is_async) {
14995 base::test::ScopedFeatureList feature_list;
14996 feature_list.InitWithFeatures(
14997 /*enabled_features=*/{features::kUseNAT64ForIPv4Literal},
14998 /*disabled_features=*/{});
14999
15000 HostResolver::ManagerOptions options = DefaultOptions();
15001 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
15002 true /* ipv6_reachable */, is_async,
15003 false /* ipv4_reachable */);
15004 proc_->AddRule("ipv4only.arpa", ADDRESS_FAMILY_IPV6,
15005 "64:ff9b::c000:aa,64:ff9b::c000:ab,2001:db8:43::c000:aa,"
15006 "2001:db8:43::c000:ab");
15007 proc_->SignalMultiple(1u);
15008
15009 ResolveHostResponseHelper response(resolver_->CreateRequest(
15010 HostPortPair("192.168.1.42", 443), NetworkAnonymizationKey(),
15011 NetLogWithSource(), std::nullopt, resolve_context_.get()));
15012
15013 EXPECT_THAT(response.result_error(), IsOk());
15014 EXPECT_THAT(response.top_level_result_error(), IsOk());
15015 EXPECT_THAT(
15016 response.request()->GetAddressResults()->endpoints(),
15017 testing::ElementsAre(CreateExpected("64:ff9b::c0a8:12a", 443),
15018 CreateExpected("2001:db8:43::c0a8:12a", 443)));
15019 EXPECT_THAT(response.request()->GetEndpointResults(),
15020 testing::Pointee(testing::ElementsAre(
15021 ExpectEndpointResult(testing::ElementsAre(
15022 CreateExpected("64:ff9b::c0a8:12a", 443),
15023 CreateExpected("2001:db8:43::c0a8:12a", 443))))));
15024 EXPECT_FALSE(response.request()->GetStaleInfo());
15025
15026 ASSERT_TRUE(!proc_->GetCaptureList().empty());
15027 EXPECT_EQ("ipv4only.arpa", proc_->GetCaptureList()[0].hostname);
15028
15029 const std::pair<const HostCache::Key, HostCache::Entry>* cache_result =
15030 GetCacheHit(HostCache::Key(
15031 "ipv4only.arpa", DnsQueryType::AAAA, 0 /* host_resolver_flags */,
15032 HostResolverSource::ANY, NetworkAnonymizationKey()));
15033 EXPECT_TRUE(cache_result);
15034 }
15035
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkPort443Async)15036 TEST_F(HostResolverManagerTest,
15037 IPv4AddressLiteralInIPv6OnlyNetworkPort443Async) {
15038 IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(true);
15039 }
15040
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkPort443Sync)15041 TEST_F(HostResolverManagerTest,
15042 IPv4AddressLiteralInIPv6OnlyNetworkPort443Sync) {
15043 IPv4AddressLiteralInIPv6OnlyNetworkPort443Test(false);
15044 }
15045
IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(bool is_async)15046 void HostResolverManagerTest::IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(
15047 bool is_async) {
15048 base::test::ScopedFeatureList feature_list;
15049 feature_list.InitWithFeatures(
15050 /*enabled_features=*/{features::kUseNAT64ForIPv4Literal},
15051 /*disabled_features=*/{});
15052
15053 HostResolver::ManagerOptions options = DefaultOptions();
15054 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
15055 true /* ipv6_reachable */, is_async,
15056 false /* ipv4_reachable */);
15057 proc_->AddRule("ipv4only.arpa", ADDRESS_FAMILY_IPV6, std::string());
15058 proc_->SignalMultiple(1u);
15059
15060 ResolveHostResponseHelper response(resolver_->CreateRequest(
15061 HostPortPair("192.168.1.42", 80), NetworkAnonymizationKey(),
15062 NetLogWithSource(), std::nullopt, resolve_context_.get()));
15063
15064 EXPECT_THAT(response.result_error(), IsOk());
15065 EXPECT_THAT(response.top_level_result_error(), IsOk());
15066 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
15067 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
15068 EXPECT_THAT(response.request()->GetEndpointResults(),
15069 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
15070 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
15071 EXPECT_FALSE(response.request()->GetStaleInfo());
15072 }
15073
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Async)15074 TEST_F(HostResolverManagerTest,
15075 IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Async) {
15076 IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(true);
15077 }
15078
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Sync)15079 TEST_F(HostResolverManagerTest,
15080 IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Sync) {
15081 IPv4AddressLiteralInIPv6OnlyNetworkNoDns64Test(false);
15082 }
15083
IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(bool is_async)15084 void HostResolverManagerTest::IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(
15085 bool is_async) {
15086 base::test::ScopedFeatureList feature_list;
15087 feature_list.InitWithFeatures(
15088 /*enabled_features=*/{features::kUseNAT64ForIPv4Literal},
15089 /*disabled_features=*/{});
15090
15091 HostResolver::ManagerOptions options = DefaultOptions();
15092 CreateResolverWithOptionsAndParams(std::move(options), DefaultParams(proc_),
15093 true /* ipv6_reachable */, is_async,
15094 false /* ipv4_reachable */);
15095 proc_->AddRule("ipv4only.arpa", ADDRESS_FAMILY_IPV6, "2001:db8::1");
15096 proc_->SignalMultiple(1u);
15097
15098 ResolveHostResponseHelper response(resolver_->CreateRequest(
15099 HostPortPair("192.168.1.42", 80), NetworkAnonymizationKey(),
15100 NetLogWithSource(), std::nullopt, resolve_context_.get()));
15101
15102 EXPECT_THAT(response.result_error(), IsOk());
15103 EXPECT_THAT(response.top_level_result_error(), IsOk());
15104 EXPECT_THAT(response.request()->GetAddressResults()->endpoints(),
15105 testing::ElementsAre(CreateExpected("192.168.1.42", 80)));
15106 EXPECT_THAT(response.request()->GetEndpointResults(),
15107 testing::Pointee(testing::ElementsAre(ExpectEndpointResult(
15108 testing::ElementsAre(CreateExpected("192.168.1.42", 80))))));
15109 EXPECT_FALSE(response.request()->GetStaleInfo());
15110 }
15111 // Test when DNS returns bad IPv6 address of ipv4only.arpa., and the
15112 // IPv4 address of ipv4only.arpa is not contained in the IPv6 address.
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkBadAddressAsync)15113 TEST_F(HostResolverManagerTest,
15114 IPv4AddressLiteralInIPv6OnlyNetworkBadAddressAsync) {
15115 IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(true);
15116 }
15117
TEST_F(HostResolverManagerTest,IPv4AddressLiteralInIPv6OnlyNetworkBadAddressSync)15118 TEST_F(HostResolverManagerTest,
15119 IPv4AddressLiteralInIPv6OnlyNetworkBadAddressSync) {
15120 IPv4AddressLiteralInIPv6OnlyNetworkBadAddressTest(false);
15121 }
15122
15123 } // namespace net
15124