Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(239)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/dns/host_resolver_impl.cc

Issue 1035803003: Fail DNS resolution if the result contains 127.0.53.53. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Add 3 more test cases Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/base/net_error_list.h ('k') | net/dns/host_resolver_impl_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/dns/host_resolver_impl.h" 5 #include "net/dns/host_resolver_impl.h"
6 6
7 #if defined(OS_WIN) 7 #if defined(OS_WIN)
8 #include <Winsock2.h> 8 #include <Winsock2.h>
9 #elif defined(OS_POSIX) 9 #elif defined(OS_POSIX)
10 #include <netdb.h> 10 #include <netdb.h>
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after
137 } 137 }
138 138
139 enum DnsResolveStatus { 139 enum DnsResolveStatus {
140 RESOLVE_STATUS_DNS_SUCCESS = 0, 140 RESOLVE_STATUS_DNS_SUCCESS = 0,
141 RESOLVE_STATUS_PROC_SUCCESS, 141 RESOLVE_STATUS_PROC_SUCCESS,
142 RESOLVE_STATUS_FAIL, 142 RESOLVE_STATUS_FAIL,
143 RESOLVE_STATUS_SUSPECT_NETBIOS, 143 RESOLVE_STATUS_SUSPECT_NETBIOS,
144 RESOLVE_STATUS_MAX 144 RESOLVE_STATUS_MAX
145 }; 145 };
146 146
147 // ICANN uses this localhost address to indicate a name collision.
148 //
149 // The policy in Chromium is to fail host resolving if it resolves to
150 // this special address.
151 //
152 // Not however that IP literals are exempt from this policy, so it is still
153 // possible to navigate to http://127.0.53.53/ directly.
154 //
155 // For more details: https://www.icann.org/news/announcement-2-2014-08-01-en
156 const unsigned char kIcanNameCollisionIp[] = {127, 0, 53, 53};
157
147 void UmaAsyncDnsResolveStatus(DnsResolveStatus result) { 158 void UmaAsyncDnsResolveStatus(DnsResolveStatus result) {
148 UMA_HISTOGRAM_ENUMERATION("AsyncDNS.ResolveStatus", 159 UMA_HISTOGRAM_ENUMERATION("AsyncDNS.ResolveStatus",
149 result, 160 result,
150 RESOLVE_STATUS_MAX); 161 RESOLVE_STATUS_MAX);
151 } 162 }
152 163
153 bool ResemblesNetBIOSName(const std::string& hostname) { 164 bool ResemblesNetBIOSName(const std::string& hostname) {
154 return (hostname.size() < 16) && (hostname.find('.') == std::string::npos); 165 return (hostname.size() < 16) && (hostname.find('.') == std::string::npos);
155 } 166 }
156 167
(...skipping 499 matching lines...) Expand 10 before | Expand all | Expand 10 after
656 const uint32 attempt_number) { 667 const uint32 attempt_number) {
657 AddressList results; 668 AddressList results;
658 int os_error = 0; 669 int os_error = 0;
659 // Running on the worker thread 670 // Running on the worker thread
660 int error = params_.resolver_proc->Resolve(key_.hostname, 671 int error = params_.resolver_proc->Resolve(key_.hostname,
661 key_.address_family, 672 key_.address_family,
662 key_.host_resolver_flags, 673 key_.host_resolver_flags,
663 &results, 674 &results,
664 &os_error); 675 &os_error);
665 676
677 // Fail the resolution if the result contains 127.0.53.53. See the comment
678 // block of kIcanNameCollisionIp for details on why.
679 for (const auto& it : results) {
680 const IPAddressNumber& cur = it.address();
681 if (cur.size() == arraysize(kIcanNameCollisionIp) &&
682 0 == memcmp(&cur.front(), kIcanNameCollisionIp, cur.size())) {
683 error = ERR_ICANN_NAME_COLLISION;
684 break;
685 }
686 }
687
666 origin_loop_->PostTask( 688 origin_loop_->PostTask(
667 FROM_HERE, 689 FROM_HERE,
668 base::Bind(&ProcTask::OnLookupComplete, this, results, start_time, 690 base::Bind(&ProcTask::OnLookupComplete, this, results, start_time,
669 attempt_number, error, os_error)); 691 attempt_number, error, os_error));
670 } 692 }
671 693
672 // Makes next attempt if DoLookup() has not finished (runs on origin thread). 694 // Makes next attempt if DoLookup() has not finished (runs on origin thread).
673 void RetryIfNotComplete() { 695 void RetryIfNotComplete() {
674 DCHECK(origin_loop_->BelongsToCurrentThread()); 696 DCHECK(origin_loop_->BelongsToCurrentThread());
675 697
(...skipping 1687 matching lines...) Expand 10 before | Expand all | Expand 10 after
2363 dns_client_->SetConfig(dns_config); 2385 dns_client_->SetConfig(dns_config);
2364 num_dns_failures_ = 0; 2386 num_dns_failures_ = 0;
2365 if (dns_client_->GetConfig()) 2387 if (dns_client_->GetConfig())
2366 UMA_HISTOGRAM_BOOLEAN("AsyncDNS.DnsClientEnabled", true); 2388 UMA_HISTOGRAM_BOOLEAN("AsyncDNS.DnsClientEnabled", true);
2367 } 2389 }
2368 2390
2369 AbortDnsTasks(); 2391 AbortDnsTasks();
2370 } 2392 }
2371 2393
2372 } // namespace net 2394 } // namespace net
OLDNEW
« no previous file with comments | « net/base/net_error_list.h ('k') | net/dns/host_resolver_impl_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698