| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/certificate_transparency/log_dns_client.h" | 5 #include "components/certificate_transparency/log_dns_client.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <memory> |
| 8 #include <numeric> | 8 #include <string> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| 11 | 11 |
| 12 #include "base/big_endian.h" | |
| 13 #include "base/macros.h" | |
| 14 #include "base/message_loop/message_loop.h" | 12 #include "base/message_loop/message_loop.h" |
| 15 #include "base/run_loop.h" | 13 #include "base/run_loop.h" |
| 16 #include "base/sys_byteorder.h" | 14 #include "components/certificate_transparency/mock_log_dns_traffic.h" |
| 17 #include "base/test/test_timeouts.h" | |
| 18 #include "crypto/sha2.h" | 15 #include "crypto/sha2.h" |
| 19 #include "net/base/net_errors.h" | 16 #include "net/base/net_errors.h" |
| 20 #include "net/cert/merkle_audit_proof.h" | 17 #include "net/cert/merkle_audit_proof.h" |
| 21 #include "net/cert/merkle_tree_leaf.h" | |
| 22 #include "net/cert/signed_certificate_timestamp.h" | 18 #include "net/cert/signed_certificate_timestamp.h" |
| 23 #include "net/dns/dns_client.h" | 19 #include "net/dns/dns_client.h" |
| 24 #include "net/dns/dns_config_service.h" | 20 #include "net/dns/dns_config_service.h" |
| 25 #include "net/dns/dns_protocol.h" | 21 #include "net/dns/dns_protocol.h" |
| 26 #include "net/log/net_log.h" | 22 #include "net/log/net_log.h" |
| 27 #include "net/socket/socket_test_util.h" | |
| 28 #include "net/test/gtest_util.h" | 23 #include "net/test/gtest_util.h" |
| 29 #include "testing/gmock/include/gmock/gmock.h" | 24 #include "testing/gmock/include/gmock/gmock.h" |
| 30 #include "testing/gtest/include/gtest/gtest.h" | 25 #include "testing/gtest/include/gtest/gtest.h" |
| 31 | 26 |
| 32 namespace certificate_transparency { | 27 namespace certificate_transparency { |
| 33 namespace { | 28 namespace { |
| 34 | 29 |
| 35 using ::testing::IsEmpty; | 30 using ::testing::IsEmpty; |
| 36 using ::testing::IsNull; | 31 using ::testing::IsNull; |
| 37 using ::testing::Not; | 32 using ::testing::Not; |
| 38 using ::testing::NotNull; | 33 using ::testing::NotNull; |
| 39 using net::test::IsError; | 34 using net::test::IsError; |
| 40 using net::test::IsOk; | 35 using net::test::IsOk; |
| 41 | 36 |
| 42 constexpr char kLeafHash[] = | 37 constexpr char kLeafHash[] = |
| 43 "\x1f\x25\xe1\xca\xba\x4f\xf9\xb8\x27\x24\x83\x0f\xca\x60\xe4\xc2\xbe\xa8" | 38 "\x1f\x25\xe1\xca\xba\x4f\xf9\xb8\x27\x24\x83\x0f\xca\x60\xe4\xc2\xbe\xa8" |
| 44 "\xc3\xa9\x44\x1c\x27\xb0\xb4\x3e\x6a\x96\x94\xc7\xb8\x04"; | 39 "\xc3\xa9\x44\x1c\x27\xb0\xb4\x3e\x6a\x96\x94\xc7\xb8\x04"; |
| 45 | 40 |
| 46 // Necessary to expose SetDnsConfig for testing. | |
| 47 class DnsChangeNotifier : public net::NetworkChangeNotifier { | |
| 48 public: | |
| 49 static void SetInitialDnsConfig(const net::DnsConfig& config) { | |
| 50 net::NetworkChangeNotifier::SetInitialDnsConfig(config); | |
| 51 } | |
| 52 | |
| 53 static void SetDnsConfig(const net::DnsConfig& config) { | |
| 54 net::NetworkChangeNotifier::SetDnsConfig(config); | |
| 55 } | |
| 56 }; | |
| 57 | |
| 58 // Always return min, to simplify testing. | |
| 59 // This should result in the DNS query ID always being 0. | |
| 60 int FakeRandInt(int min, int max) { | |
| 61 return min; | |
| 62 } | |
| 63 | |
| 64 std::vector<char> CreateDnsTxtRequest(base::StringPiece qname) { | |
| 65 std::string encoded_qname; | |
| 66 EXPECT_TRUE(net::DNSDomainFromDot(qname, &encoded_qname)); | |
| 67 | |
| 68 const size_t query_section_size = encoded_qname.size() + 4; | |
| 69 | |
| 70 std::vector<char> request(sizeof(net::dns_protocol::Header) + | |
| 71 query_section_size); | |
| 72 base::BigEndianWriter writer(request.data(), request.size()); | |
| 73 | |
| 74 // Header | |
| 75 net::dns_protocol::Header header = {}; | |
| 76 header.flags = base::HostToNet16(net::dns_protocol::kFlagRD); | |
| 77 header.qdcount = base::HostToNet16(1); | |
| 78 EXPECT_TRUE(writer.WriteBytes(&header, sizeof(header))); | |
| 79 // Query section | |
| 80 EXPECT_TRUE(writer.WriteBytes(encoded_qname.data(), encoded_qname.size())); | |
| 81 EXPECT_TRUE(writer.WriteU16(net::dns_protocol::kTypeTXT)); | |
| 82 EXPECT_TRUE(writer.WriteU16(net::dns_protocol::kClassIN)); | |
| 83 EXPECT_EQ(0, writer.remaining()); | |
| 84 | |
| 85 return request; | |
| 86 } | |
| 87 | |
| 88 std::vector<char> CreateDnsTxtResponse(const std::vector<char>& request, | |
| 89 base::StringPiece answer) { | |
| 90 const size_t answers_section_size = 12 + answer.size(); | |
| 91 constexpr uint32_t ttl = 86400; // seconds | |
| 92 | |
| 93 std::vector<char> response(request.size() + answers_section_size); | |
| 94 std::copy(request.begin(), request.end(), response.begin()); | |
| 95 // Modify the header | |
| 96 net::dns_protocol::Header* header = | |
| 97 reinterpret_cast<net::dns_protocol::Header*>(response.data()); | |
| 98 header->ancount = base::HostToNet16(1); | |
| 99 header->flags |= base::HostToNet16(net::dns_protocol::kFlagResponse); | |
| 100 | |
| 101 // Write the answer section | |
| 102 base::BigEndianWriter writer(response.data() + request.size(), | |
| 103 response.size() - request.size()); | |
| 104 EXPECT_TRUE(writer.WriteU8(0xc0)); // qname is a pointer | |
| 105 EXPECT_TRUE(writer.WriteU8( | |
| 106 sizeof(*header))); // address of qname (start of query section) | |
| 107 EXPECT_TRUE(writer.WriteU16(net::dns_protocol::kTypeTXT)); | |
| 108 EXPECT_TRUE(writer.WriteU16(net::dns_protocol::kClassIN)); | |
| 109 EXPECT_TRUE(writer.WriteU32(ttl)); | |
| 110 EXPECT_TRUE(writer.WriteU16(answer.size())); | |
| 111 EXPECT_TRUE(writer.WriteBytes(answer.data(), answer.size())); | |
| 112 EXPECT_EQ(0, writer.remaining()); | |
| 113 | |
| 114 return response; | |
| 115 } | |
| 116 | |
| 117 std::vector<char> CreateDnsErrorResponse(const std::vector<char>& request, | |
| 118 uint8_t rcode) { | |
| 119 std::vector<char> response(request); | |
| 120 // Modify the header | |
| 121 net::dns_protocol::Header* header = | |
| 122 reinterpret_cast<net::dns_protocol::Header*>(response.data()); | |
| 123 header->ancount = base::HostToNet16(1); | |
| 124 header->flags |= base::HostToNet16(net::dns_protocol::kFlagResponse | rcode); | |
| 125 | |
| 126 return response; | |
| 127 } | |
| 128 | |
| 129 std::vector<std::string> GetSampleAuditProof(size_t length) { | 41 std::vector<std::string> GetSampleAuditProof(size_t length) { |
| 130 std::vector<std::string> audit_proof(length); | 42 std::vector<std::string> audit_proof(length); |
| 131 // Makes each node of the audit proof different, so that tests are able to | 43 // Makes each node of the audit proof different, so that tests are able to |
| 132 // confirm that the audit proof is reconstructed in the correct order. | 44 // confirm that the audit proof is reconstructed in the correct order. |
| 133 for (size_t i = 0; i < length; ++i) { | 45 for (size_t i = 0; i < length; ++i) { |
| 134 std::string node(crypto::kSHA256Length, '\0'); | 46 std::string node(crypto::kSHA256Length, '\0'); |
| 135 // Each node is 32 bytes, with each byte having a different value. | 47 // Each node is 32 bytes, with each byte having a different value. |
| 136 for (size_t j = 0; j < crypto::kSHA256Length; ++j) { | 48 for (size_t j = 0; j < crypto::kSHA256Length; ++j) { |
| 137 node[j] = static_cast<char>((-127 + i + j) % 128); | 49 node[j] = static_cast<char>((-127 + i + j) % 128); |
| 138 } | 50 } |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 193 | 105 |
| 194 void WaitUntilRun() { run_loop_.Run(); } | 106 void WaitUntilRun() { run_loop_.Run(); } |
| 195 | 107 |
| 196 private: | 108 private: |
| 197 bool called_; | 109 bool called_; |
| 198 int net_error_; | 110 int net_error_; |
| 199 std::unique_ptr<net::ct::MerkleAuditProof> proof_; | 111 std::unique_ptr<net::ct::MerkleAuditProof> proof_; |
| 200 base::RunLoop run_loop_; | 112 base::RunLoop run_loop_; |
| 201 }; | 113 }; |
| 202 | 114 |
| 203 // A container for all of the data we need to keep alive for a mock socket. | |
| 204 // This is useful because Mock{Read,Write}, SequencedSocketData and | |
| 205 // MockClientSocketFactory all do not take ownership of or copy their arguments, | |
| 206 // so we have to manage the lifetime of those arguments ourselves. Wrapping all | |
| 207 // of that up in a single class simplifies this. | |
| 208 class MockSocketData { | |
| 209 public: | |
| 210 // A socket that expects one write and one read operation. | |
| 211 MockSocketData(const std::vector<char>& write, const std::vector<char>& read) | |
| 212 : expected_write_payload_(write), | |
| 213 expected_read_payload_(read), | |
| 214 expected_write_(net::SYNCHRONOUS, | |
| 215 expected_write_payload_.data(), | |
| 216 expected_write_payload_.size(), | |
| 217 0), | |
| 218 expected_reads_{net::MockRead(net::ASYNC, | |
| 219 expected_read_payload_.data(), | |
| 220 expected_read_payload_.size(), | |
| 221 1), | |
| 222 eof_}, | |
| 223 socket_data_(expected_reads_, 2, &expected_write_, 1) {} | |
| 224 | |
| 225 // A socket that expects one write and a read error. | |
| 226 MockSocketData(const std::vector<char>& write, int net_error) | |
| 227 : expected_write_payload_(write), | |
| 228 expected_write_(net::SYNCHRONOUS, | |
| 229 expected_write_payload_.data(), | |
| 230 expected_write_payload_.size(), | |
| 231 0), | |
| 232 expected_reads_{net::MockRead(net::ASYNC, net_error, 1), eof_}, | |
| 233 socket_data_(expected_reads_, 2, &expected_write_, 1) {} | |
| 234 | |
| 235 // A socket that expects one write and no response. | |
| 236 explicit MockSocketData(const std::vector<char>& write) | |
| 237 : expected_write_payload_(write), | |
| 238 expected_write_(net::SYNCHRONOUS, | |
| 239 expected_write_payload_.data(), | |
| 240 expected_write_payload_.size(), | |
| 241 0), | |
| 242 expected_reads_{net::MockRead(net::SYNCHRONOUS, net::ERR_IO_PENDING, 1), | |
| 243 eof_}, | |
| 244 socket_data_(expected_reads_, 2, &expected_write_, 1) {} | |
| 245 | |
| 246 void SetWriteMode(net::IoMode mode) { expected_write_.mode = mode; } | |
| 247 void SetReadMode(net::IoMode mode) { expected_reads_[0].mode = mode; } | |
| 248 | |
| 249 void AddToFactory(net::MockClientSocketFactory* socket_factory) { | |
| 250 socket_factory->AddSocketDataProvider(&socket_data_); | |
| 251 } | |
| 252 | |
| 253 private: | |
| 254 // Prevents read overruns and makes a socket timeout the default behaviour. | |
| 255 static const net::MockRead eof_; | |
| 256 | |
| 257 const std::vector<char> expected_write_payload_; | |
| 258 const std::vector<char> expected_read_payload_; | |
| 259 // Encapsulates the data that is expected to be written to a socket. | |
| 260 net::MockWrite expected_write_; | |
| 261 // Encapsulates the data/error that should be returned when reading from a | |
| 262 // socket. The expected response is followed by |eof_|, to catch further, | |
| 263 // unexpected read attempts. | |
| 264 net::MockRead expected_reads_[2]; | |
| 265 net::SequencedSocketData socket_data_; | |
| 266 | |
| 267 DISALLOW_COPY_AND_ASSIGN(MockSocketData); | |
| 268 }; | |
| 269 | |
| 270 const net::MockRead MockSocketData::eof_(net::SYNCHRONOUS, | |
| 271 net::ERR_IO_PENDING, | |
| 272 2); | |
| 273 | |
| 274 class LogDnsClientTest : public ::testing::TestWithParam<net::IoMode> { | 115 class LogDnsClientTest : public ::testing::TestWithParam<net::IoMode> { |
| 275 protected: | 116 protected: |
| 276 LogDnsClientTest() : | 117 LogDnsClientTest() |
| 277 network_change_notifier_(net::NetworkChangeNotifier::CreateMock()) { | 118 : network_change_notifier_(net::NetworkChangeNotifier::CreateMock()) { |
| 278 net::DnsConfig dns_config; | 119 mock_dns_.SetSocketReadMode(GetParam()); |
| 279 // Use an invalid nameserver address. This prevents the tests accidentally | 120 mock_dns_.InitializeDnsConfig(); |
| 280 // sending real DNS queries. The mock sockets don't care that the address | |
| 281 // is invalid. | |
| 282 dns_config.nameservers.push_back(net::IPEndPoint()); | |
| 283 // Don't attempt retransmissions - just fail. | |
| 284 dns_config.attempts = 1; | |
| 285 // This ensures timeouts are long enough for memory tests. | |
| 286 dns_config.timeout = TestTimeouts::action_timeout(); | |
| 287 // Simplify testing - don't require random numbers for the source port. | |
| 288 // This means our FakeRandInt function should only be called to get query | |
| 289 // IDs. | |
| 290 dns_config.randomize_ports = false; | |
| 291 | |
| 292 DnsChangeNotifier::SetInitialDnsConfig(dns_config); | |
| 293 } | |
| 294 | |
| 295 void ExpectRequestAndErrorResponse(base::StringPiece qname, uint8_t rcode) { | |
| 296 std::vector<char> request = CreateDnsTxtRequest(qname); | |
| 297 std::vector<char> response = CreateDnsErrorResponse(request, rcode); | |
| 298 | |
| 299 mock_socket_data_.emplace_back(new MockSocketData(request, response)); | |
| 300 mock_socket_data_.back()->SetReadMode(GetParam()); | |
| 301 mock_socket_data_.back()->AddToFactory(&socket_factory_); | |
| 302 } | |
| 303 | |
| 304 void ExpectRequestAndSocketError(base::StringPiece qname, int net_error) { | |
| 305 std::vector<char> request = CreateDnsTxtRequest(qname); | |
| 306 | |
| 307 mock_socket_data_.emplace_back(new MockSocketData(request, net_error)); | |
| 308 mock_socket_data_.back()->SetReadMode(GetParam()); | |
| 309 mock_socket_data_.back()->AddToFactory(&socket_factory_); | |
| 310 } | |
| 311 | |
| 312 void ExpectRequestAndTimeout(base::StringPiece qname) { | |
| 313 std::vector<char> request = CreateDnsTxtRequest(qname); | |
| 314 | |
| 315 mock_socket_data_.emplace_back(new MockSocketData(request)); | |
| 316 mock_socket_data_.back()->SetReadMode(GetParam()); | |
| 317 mock_socket_data_.back()->AddToFactory(&socket_factory_); | |
| 318 | |
| 319 // Speed up timeout tests. | |
| 320 net::DnsConfig dns_config; | |
| 321 DnsChangeNotifier::GetDnsConfig(&dns_config); | |
| 322 dns_config.timeout = TestTimeouts::tiny_timeout(); | |
| 323 DnsChangeNotifier::SetDnsConfig(dns_config); | |
| 324 } | |
| 325 | |
| 326 void ExpectLeafIndexRequestAndResponse(base::StringPiece qname, | |
| 327 base::StringPiece leaf_index) { | |
| 328 // Prepend size to leaf_index to create the query answer (rdata) | |
| 329 ASSERT_LE(leaf_index.size(), 0xFFul); // size must fit into a single byte | |
| 330 std::string answer = leaf_index.as_string(); | |
| 331 answer.insert(answer.begin(), static_cast<char>(leaf_index.size())); | |
| 332 | |
| 333 ExpectRequestAndResponse(qname, answer); | |
| 334 } | |
| 335 | |
| 336 void ExpectAuditProofRequestAndResponse( | |
| 337 base::StringPiece qname, | |
| 338 std::vector<std::string>::const_iterator audit_path_start, | |
| 339 std::vector<std::string>::const_iterator audit_path_end) { | |
| 340 // Join nodes in the audit path into a single string. | |
| 341 std::string proof = | |
| 342 std::accumulate(audit_path_start, audit_path_end, std::string()); | |
| 343 | |
| 344 // Prepend size to proof to create the query answer (rdata) | |
| 345 ASSERT_LE(proof.size(), 0xFFul); // size must fit into a single byte | |
| 346 proof.insert(proof.begin(), static_cast<char>(proof.size())); | |
| 347 | |
| 348 ExpectRequestAndResponse(qname, proof); | |
| 349 } | 121 } |
| 350 | 122 |
| 351 void QueryLeafIndex(base::StringPiece log_domain, | 123 void QueryLeafIndex(base::StringPiece log_domain, |
| 352 base::StringPiece leaf_hash, | 124 base::StringPiece leaf_hash, |
| 353 MockLeafIndexCallback* callback) { | 125 MockLeafIndexCallback* callback) { |
| 354 std::unique_ptr<net::DnsClient> dns_client = CreateDnsClient(); | 126 LogDnsClient log_client(mock_dns_.CreateDnsClient(), net::BoundNetLog()); |
| 355 LogDnsClient log_client(std::move(dns_client), net::BoundNetLog()); | |
| 356 net::NetworkChangeNotifier::NotifyObserversOfInitialDNSConfigReadForTests(); | |
| 357 | |
| 358 log_client.QueryLeafIndex(log_domain, leaf_hash, callback->AsCallback()); | 127 log_client.QueryLeafIndex(log_domain, leaf_hash, callback->AsCallback()); |
| 359 callback->WaitUntilRun(); | 128 callback->WaitUntilRun(); |
| 360 } | 129 } |
| 361 | 130 |
| 362 void QueryAuditProof(base::StringPiece log_domain, | 131 void QueryAuditProof(base::StringPiece log_domain, |
| 363 uint64_t leaf_index, | 132 uint64_t leaf_index, |
| 364 uint64_t tree_size, | 133 uint64_t tree_size, |
| 365 MockAuditProofCallback* callback) { | 134 MockAuditProofCallback* callback) { |
| 366 std::unique_ptr<net::DnsClient> dns_client = CreateDnsClient(); | 135 LogDnsClient log_client(mock_dns_.CreateDnsClient(), net::BoundNetLog()); |
| 367 LogDnsClient log_client(std::move(dns_client), net::BoundNetLog()); | |
| 368 net::NetworkChangeNotifier::NotifyObserversOfInitialDNSConfigReadForTests(); | |
| 369 | |
| 370 log_client.QueryAuditProof(log_domain, leaf_index, tree_size, | 136 log_client.QueryAuditProof(log_domain, leaf_index, tree_size, |
| 371 callback->AsCallback()); | 137 callback->AsCallback()); |
| 372 callback->WaitUntilRun(); | 138 callback->WaitUntilRun(); |
| 373 } | 139 } |
| 374 | 140 |
| 375 std::unique_ptr<net::DnsClient> CreateDnsClient() { | |
| 376 return net::DnsClient::CreateClientForTesting(nullptr, &socket_factory_, | |
| 377 base::Bind(&FakeRandInt)); | |
| 378 } | |
| 379 | |
| 380 private: | |
| 381 | |
| 382 void ExpectRequestAndResponse(base::StringPiece qname, | |
| 383 base::StringPiece answer) { | |
| 384 std::vector<char> request = CreateDnsTxtRequest(qname); | |
| 385 std::vector<char> response = CreateDnsTxtResponse(request, answer); | |
| 386 | |
| 387 mock_socket_data_.emplace_back(new MockSocketData(request, response)); | |
| 388 mock_socket_data_.back()->SetReadMode(GetParam()); | |
| 389 mock_socket_data_.back()->AddToFactory(&socket_factory_); | |
| 390 } | |
| 391 | |
| 392 // This will be the NetworkChangeNotifier singleton for the duration of the | 141 // This will be the NetworkChangeNotifier singleton for the duration of the |
| 393 // test. It is accessed statically by LogDnsClient. | 142 // test. It is accessed statically by LogDnsClient. |
| 394 std::unique_ptr<net::NetworkChangeNotifier> network_change_notifier_; | 143 std::unique_ptr<net::NetworkChangeNotifier> network_change_notifier_; |
| 395 // Queues and handles asynchronous DNS tasks. Indirectly used by LogDnsClient, | 144 // Queues and handles asynchronous DNS tasks. Indirectly used by LogDnsClient, |
| 396 // the underlying net::DnsClient, and NetworkChangeNotifier. | 145 // the underlying net::DnsClient, and NetworkChangeNotifier. |
| 397 base::MessageLoopForIO message_loop_; | 146 base::MessageLoopForIO message_loop_; |
| 398 // One MockSocketData for each socket that is created. This corresponds to one | 147 // Allows mock DNS sockets to be setup. |
| 399 // for each DNS request sent. | 148 MockLogDnsTraffic mock_dns_; |
| 400 std::vector<std::unique_ptr<MockSocketData>> mock_socket_data_; | |
| 401 // Provides as many mock sockets as there are entries in |mock_socket_data_|. | |
| 402 net::MockClientSocketFactory socket_factory_; | |
| 403 }; | 149 }; |
| 404 | 150 |
| 405 TEST_P(LogDnsClientTest, QueryLeafIndex) { | 151 TEST_P(LogDnsClientTest, QueryLeafIndex) { |
| 406 ExpectLeafIndexRequestAndResponse( | 152 mock_dns_.ExpectLeafIndexRequestAndResponse( |
| 407 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 153 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 408 "123456"); | 154 "123456"); |
| 409 | 155 |
| 410 MockLeafIndexCallback callback; | 156 MockLeafIndexCallback callback; |
| 411 QueryLeafIndex("ct.test", kLeafHash, &callback); | 157 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 412 ASSERT_TRUE(callback.called()); | 158 ASSERT_TRUE(callback.called()); |
| 413 EXPECT_THAT(callback.net_error(), IsOk()); | 159 EXPECT_THAT(callback.net_error(), IsOk()); |
| 414 EXPECT_THAT(callback.leaf_index(), 123456); | 160 EXPECT_THAT(callback.leaf_index(), 123456); |
| 415 } | 161 } |
| 416 | 162 |
| 417 TEST_P(LogDnsClientTest, QueryLeafIndexReportsThatLogDomainDoesNotExist) { | 163 TEST_P(LogDnsClientTest, QueryLeafIndexReportsThatLogDomainDoesNotExist) { |
| 418 ExpectRequestAndErrorResponse( | 164 mock_dns_.ExpectRequestAndErrorResponse( |
| 419 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 165 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 420 net::dns_protocol::kRcodeNXDOMAIN); | 166 net::dns_protocol::kRcodeNXDOMAIN); |
| 421 | 167 |
| 422 MockLeafIndexCallback callback; | 168 MockLeafIndexCallback callback; |
| 423 QueryLeafIndex("ct.test", kLeafHash, &callback); | 169 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 424 ASSERT_TRUE(callback.called()); | 170 ASSERT_TRUE(callback.called()); |
| 425 EXPECT_THAT(callback.net_error(), IsError(net::ERR_NAME_NOT_RESOLVED)); | 171 EXPECT_THAT(callback.net_error(), IsError(net::ERR_NAME_NOT_RESOLVED)); |
| 426 EXPECT_THAT(callback.leaf_index(), 0); | 172 EXPECT_THAT(callback.leaf_index(), 0); |
| 427 } | 173 } |
| 428 | 174 |
| 429 TEST_P(LogDnsClientTest, QueryLeafIndexReportsServerFailure) { | 175 TEST_P(LogDnsClientTest, QueryLeafIndexReportsServerFailure) { |
| 430 ExpectRequestAndErrorResponse( | 176 mock_dns_.ExpectRequestAndErrorResponse( |
| 431 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 177 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 432 net::dns_protocol::kRcodeSERVFAIL); | 178 net::dns_protocol::kRcodeSERVFAIL); |
| 433 | 179 |
| 434 MockLeafIndexCallback callback; | 180 MockLeafIndexCallback callback; |
| 435 QueryLeafIndex("ct.test", kLeafHash, &callback); | 181 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 436 ASSERT_TRUE(callback.called()); | 182 ASSERT_TRUE(callback.called()); |
| 437 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); | 183 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); |
| 438 EXPECT_THAT(callback.leaf_index(), 0); | 184 EXPECT_THAT(callback.leaf_index(), 0); |
| 439 } | 185 } |
| 440 | 186 |
| 441 TEST_P(LogDnsClientTest, QueryLeafIndexReportsServerRefusal) { | 187 TEST_P(LogDnsClientTest, QueryLeafIndexReportsServerRefusal) { |
| 442 ExpectRequestAndErrorResponse( | 188 mock_dns_.ExpectRequestAndErrorResponse( |
| 443 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 189 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 444 net::dns_protocol::kRcodeREFUSED); | 190 net::dns_protocol::kRcodeREFUSED); |
| 445 | 191 |
| 446 MockLeafIndexCallback callback; | 192 MockLeafIndexCallback callback; |
| 447 QueryLeafIndex("ct.test", kLeafHash, &callback); | 193 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 448 ASSERT_TRUE(callback.called()); | 194 ASSERT_TRUE(callback.called()); |
| 449 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); | 195 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); |
| 450 EXPECT_THAT(callback.leaf_index(), 0); | 196 EXPECT_THAT(callback.leaf_index(), 0); |
| 451 } | 197 } |
| 452 | 198 |
| 453 TEST_P(LogDnsClientTest, | 199 TEST_P(LogDnsClientTest, |
| 454 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsNotNumeric) { | 200 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsNotNumeric) { |
| 455 ExpectLeafIndexRequestAndResponse( | 201 mock_dns_.ExpectLeafIndexRequestAndResponse( |
| 456 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 202 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 457 "foo"); | 203 "foo"); |
| 458 | 204 |
| 459 MockLeafIndexCallback callback; | 205 MockLeafIndexCallback callback; |
| 460 QueryLeafIndex("ct.test", kLeafHash, &callback); | 206 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 461 ASSERT_TRUE(callback.called()); | 207 ASSERT_TRUE(callback.called()); |
| 462 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); | 208 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); |
| 463 EXPECT_THAT(callback.leaf_index(), 0); | 209 EXPECT_THAT(callback.leaf_index(), 0); |
| 464 } | 210 } |
| 465 | 211 |
| 466 TEST_P(LogDnsClientTest, | 212 TEST_P(LogDnsClientTest, |
| 467 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsFloatingPoint) { | 213 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsFloatingPoint) { |
| 468 ExpectLeafIndexRequestAndResponse( | 214 mock_dns_.ExpectLeafIndexRequestAndResponse( |
| 469 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 215 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 470 "123456.0"); | 216 "123456.0"); |
| 471 | 217 |
| 472 MockLeafIndexCallback callback; | 218 MockLeafIndexCallback callback; |
| 473 QueryLeafIndex("ct.test", kLeafHash, &callback); | 219 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 474 ASSERT_TRUE(callback.called()); | 220 ASSERT_TRUE(callback.called()); |
| 475 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); | 221 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); |
| 476 EXPECT_THAT(callback.leaf_index(), 0); | 222 EXPECT_THAT(callback.leaf_index(), 0); |
| 477 } | 223 } |
| 478 | 224 |
| 479 TEST_P(LogDnsClientTest, | 225 TEST_P(LogDnsClientTest, |
| 480 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsEmpty) { | 226 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsEmpty) { |
| 481 ExpectLeafIndexRequestAndResponse( | 227 mock_dns_.ExpectLeafIndexRequestAndResponse( |
| 482 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", ""); | 228 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", ""); |
| 483 | 229 |
| 484 MockLeafIndexCallback callback; | 230 MockLeafIndexCallback callback; |
| 485 QueryLeafIndex("ct.test", kLeafHash, &callback); | 231 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 486 ASSERT_TRUE(callback.called()); | 232 ASSERT_TRUE(callback.called()); |
| 487 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); | 233 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); |
| 488 EXPECT_THAT(callback.leaf_index(), 0); | 234 EXPECT_THAT(callback.leaf_index(), 0); |
| 489 } | 235 } |
| 490 | 236 |
| 491 TEST_P(LogDnsClientTest, | 237 TEST_P(LogDnsClientTest, |
| 492 QueryLeafIndexReportsMalformedResponseIfLeafIndexHasNonNumericPrefix) { | 238 QueryLeafIndexReportsMalformedResponseIfLeafIndexHasNonNumericPrefix) { |
| 493 ExpectLeafIndexRequestAndResponse( | 239 mock_dns_.ExpectLeafIndexRequestAndResponse( |
| 494 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 240 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 495 "foo123456"); | 241 "foo123456"); |
| 496 | 242 |
| 497 MockLeafIndexCallback callback; | 243 MockLeafIndexCallback callback; |
| 498 QueryLeafIndex("ct.test", kLeafHash, &callback); | 244 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 499 ASSERT_TRUE(callback.called()); | 245 ASSERT_TRUE(callback.called()); |
| 500 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); | 246 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); |
| 501 EXPECT_THAT(callback.leaf_index(), 0); | 247 EXPECT_THAT(callback.leaf_index(), 0); |
| 502 } | 248 } |
| 503 | 249 |
| 504 TEST_P(LogDnsClientTest, | 250 TEST_P(LogDnsClientTest, |
| 505 QueryLeafIndexReportsMalformedResponseIfLeafIndexHasNonNumericSuffix) { | 251 QueryLeafIndexReportsMalformedResponseIfLeafIndexHasNonNumericSuffix) { |
| 506 ExpectLeafIndexRequestAndResponse( | 252 mock_dns_.ExpectLeafIndexRequestAndResponse( |
| 507 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 253 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 508 "123456foo"); | 254 "123456foo"); |
| 509 | 255 |
| 510 MockLeafIndexCallback callback; | 256 MockLeafIndexCallback callback; |
| 511 QueryLeafIndex("ct.test", kLeafHash, &callback); | 257 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 512 ASSERT_TRUE(callback.called()); | 258 ASSERT_TRUE(callback.called()); |
| 513 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); | 259 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); |
| 514 EXPECT_THAT(callback.leaf_index(), 0); | 260 EXPECT_THAT(callback.leaf_index(), 0); |
| 515 } | 261 } |
| 516 | 262 |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 548 | 294 |
| 549 TEST_P(LogDnsClientTest, QueryLeafIndexReportsInvalidArgIfLeafHashIsNull) { | 295 TEST_P(LogDnsClientTest, QueryLeafIndexReportsInvalidArgIfLeafHashIsNull) { |
| 550 MockLeafIndexCallback callback; | 296 MockLeafIndexCallback callback; |
| 551 QueryLeafIndex("ct.test", nullptr, &callback); | 297 QueryLeafIndex("ct.test", nullptr, &callback); |
| 552 ASSERT_TRUE(callback.called()); | 298 ASSERT_TRUE(callback.called()); |
| 553 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); | 299 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); |
| 554 EXPECT_THAT(callback.leaf_index(), 0); | 300 EXPECT_THAT(callback.leaf_index(), 0); |
| 555 } | 301 } |
| 556 | 302 |
| 557 TEST_P(LogDnsClientTest, QueryLeafIndexReportsSocketError) { | 303 TEST_P(LogDnsClientTest, QueryLeafIndexReportsSocketError) { |
| 558 ExpectRequestAndSocketError( | 304 mock_dns_.ExpectRequestAndSocketError( |
| 559 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", | 305 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", |
| 560 net::ERR_CONNECTION_REFUSED); | 306 net::ERR_CONNECTION_REFUSED); |
| 561 | 307 |
| 562 MockLeafIndexCallback callback; | 308 MockLeafIndexCallback callback; |
| 563 QueryLeafIndex("ct.test", kLeafHash, &callback); | 309 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 564 ASSERT_TRUE(callback.called()); | 310 ASSERT_TRUE(callback.called()); |
| 565 EXPECT_THAT(callback.net_error(), IsError(net::ERR_CONNECTION_REFUSED)); | 311 EXPECT_THAT(callback.net_error(), IsError(net::ERR_CONNECTION_REFUSED)); |
| 566 EXPECT_THAT(callback.leaf_index(), 0); | 312 EXPECT_THAT(callback.leaf_index(), 0); |
| 567 } | 313 } |
| 568 | 314 |
| 569 TEST_P(LogDnsClientTest, QueryLeafIndexReportsTimeout) { | 315 TEST_P(LogDnsClientTest, QueryLeafIndexReportsTimeout) { |
| 570 ExpectRequestAndTimeout( | 316 mock_dns_.ExpectRequestAndTimeout( |
| 571 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test."); | 317 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test."); |
| 572 | 318 |
| 573 MockLeafIndexCallback callback; | 319 MockLeafIndexCallback callback; |
| 574 QueryLeafIndex("ct.test", kLeafHash, &callback); | 320 QueryLeafIndex("ct.test", kLeafHash, &callback); |
| 575 ASSERT_TRUE(callback.called()); | 321 ASSERT_TRUE(callback.called()); |
| 576 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_TIMED_OUT)); | 322 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_TIMED_OUT)); |
| 577 EXPECT_THAT(callback.leaf_index(), 0); | 323 EXPECT_THAT(callback.leaf_index(), 0); |
| 578 } | 324 } |
| 579 | 325 |
| 580 TEST_P(LogDnsClientTest, QueryAuditProof) { | 326 TEST_P(LogDnsClientTest, QueryAuditProof) { |
| 581 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); | 327 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); |
| 582 | 328 |
| 583 // It should require 3 queries to collect the entire audit proof, as there is | 329 // It should require 3 queries to collect the entire audit proof, as there is |
| 584 // only space for 7 nodes per UDP packet. | 330 // only space for 7 nodes per UDP packet. |
| 585 ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", | 331 mock_dns_.ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", |
| 586 audit_proof.begin(), | 332 audit_proof.begin(), |
| 587 audit_proof.begin() + 7); | 333 audit_proof.begin() + 7); |
| 588 ExpectAuditProofRequestAndResponse("7.123456.999999.tree.ct.test.", | 334 mock_dns_.ExpectAuditProofRequestAndResponse("7.123456.999999.tree.ct.test.", |
| 589 audit_proof.begin() + 7, | 335 audit_proof.begin() + 7, |
| 590 audit_proof.begin() + 14); | 336 audit_proof.begin() + 14); |
| 591 ExpectAuditProofRequestAndResponse("14.123456.999999.tree.ct.test.", | 337 mock_dns_.ExpectAuditProofRequestAndResponse("14.123456.999999.tree.ct.test.", |
| 592 audit_proof.begin() + 14, | 338 audit_proof.begin() + 14, |
| 593 audit_proof.end()); | 339 audit_proof.end()); |
| 594 | 340 |
| 595 MockAuditProofCallback callback; | 341 MockAuditProofCallback callback; |
| 596 QueryAuditProof("ct.test", 123456, 999999, &callback); | 342 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 597 ASSERT_TRUE(callback.called()); | 343 ASSERT_TRUE(callback.called()); |
| 598 EXPECT_THAT(callback.net_error(), IsOk()); | 344 EXPECT_THAT(callback.net_error(), IsOk()); |
| 599 ASSERT_THAT(callback.proof(), NotNull()); | 345 ASSERT_THAT(callback.proof(), NotNull()); |
| 600 EXPECT_THAT(callback.proof()->leaf_index, 123456); | 346 EXPECT_THAT(callback.proof()->leaf_index, 123456); |
| 601 // EXPECT_THAT(callback.proof()->tree_size, 999999); | 347 // EXPECT_THAT(callback.proof()->tree_size, 999999); |
| 602 EXPECT_THAT(callback.proof()->nodes, audit_proof); | 348 EXPECT_THAT(callback.proof()->nodes, audit_proof); |
| 603 } | 349 } |
| 604 | 350 |
| 605 TEST_P(LogDnsClientTest, QueryAuditProofHandlesResponsesWithShortAuditPaths) { | 351 TEST_P(LogDnsClientTest, QueryAuditProofHandlesResponsesWithShortAuditPaths) { |
| 606 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); | 352 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); |
| 607 | 353 |
| 608 // Make some of the responses contain fewer proof nodes than they can hold. | 354 // Make some of the responses contain fewer proof nodes than they can hold. |
| 609 ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", | 355 mock_dns_.ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", |
| 610 audit_proof.begin(), | 356 audit_proof.begin(), |
| 611 audit_proof.begin() + 1); | 357 audit_proof.begin() + 1); |
| 612 ExpectAuditProofRequestAndResponse("1.123456.999999.tree.ct.test.", | 358 mock_dns_.ExpectAuditProofRequestAndResponse("1.123456.999999.tree.ct.test.", |
| 613 audit_proof.begin() + 1, | 359 audit_proof.begin() + 1, |
| 614 audit_proof.begin() + 3); | 360 audit_proof.begin() + 3); |
| 615 ExpectAuditProofRequestAndResponse("3.123456.999999.tree.ct.test.", | 361 mock_dns_.ExpectAuditProofRequestAndResponse("3.123456.999999.tree.ct.test.", |
| 616 audit_proof.begin() + 3, | 362 audit_proof.begin() + 3, |
| 617 audit_proof.begin() + 6); | 363 audit_proof.begin() + 6); |
| 618 ExpectAuditProofRequestAndResponse("6.123456.999999.tree.ct.test.", | 364 mock_dns_.ExpectAuditProofRequestAndResponse("6.123456.999999.tree.ct.test.", |
| 619 audit_proof.begin() + 6, | 365 audit_proof.begin() + 6, |
| 620 audit_proof.begin() + 10); | 366 audit_proof.begin() + 10); |
| 621 ExpectAuditProofRequestAndResponse("10.123456.999999.tree.ct.test.", | 367 mock_dns_.ExpectAuditProofRequestAndResponse("10.123456.999999.tree.ct.test.", |
| 622 audit_proof.begin() + 10, | 368 audit_proof.begin() + 10, |
| 623 audit_proof.begin() + 13); | 369 audit_proof.begin() + 13); |
| 624 ExpectAuditProofRequestAndResponse("13.123456.999999.tree.ct.test.", | 370 mock_dns_.ExpectAuditProofRequestAndResponse("13.123456.999999.tree.ct.test.", |
| 625 audit_proof.begin() + 13, | 371 audit_proof.begin() + 13, |
| 626 audit_proof.end()); | 372 audit_proof.end()); |
| 627 | 373 |
| 628 MockAuditProofCallback callback; | 374 MockAuditProofCallback callback; |
| 629 QueryAuditProof("ct.test", 123456, 999999, &callback); | 375 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 630 ASSERT_TRUE(callback.called()); | 376 ASSERT_TRUE(callback.called()); |
| 631 EXPECT_THAT(callback.net_error(), IsOk()); | 377 EXPECT_THAT(callback.net_error(), IsOk()); |
| 632 ASSERT_THAT(callback.proof(), NotNull()); | 378 ASSERT_THAT(callback.proof(), NotNull()); |
| 633 EXPECT_THAT(callback.proof()->leaf_index, 123456); | 379 EXPECT_THAT(callback.proof()->leaf_index, 123456); |
| 634 // EXPECT_THAT(callback.proof()->tree_size, 999999); | 380 // EXPECT_THAT(callback.proof()->tree_size, 999999); |
| 635 EXPECT_THAT(callback.proof()->nodes, audit_proof); | 381 EXPECT_THAT(callback.proof()->nodes, audit_proof); |
| 636 } | 382 } |
| 637 | 383 |
| 638 TEST_P(LogDnsClientTest, QueryAuditProofReportsThatLogDomainDoesNotExist) { | 384 TEST_P(LogDnsClientTest, QueryAuditProofReportsThatLogDomainDoesNotExist) { |
| 639 ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", | 385 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", |
| 640 net::dns_protocol::kRcodeNXDOMAIN); | 386 net::dns_protocol::kRcodeNXDOMAIN); |
| 641 | 387 |
| 642 MockAuditProofCallback callback; | 388 MockAuditProofCallback callback; |
| 643 QueryAuditProof("ct.test", 123456, 999999, &callback); | 389 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 644 ASSERT_TRUE(callback.called()); | 390 ASSERT_TRUE(callback.called()); |
| 645 EXPECT_THAT(callback.net_error(), IsError(net::ERR_NAME_NOT_RESOLVED)); | 391 EXPECT_THAT(callback.net_error(), IsError(net::ERR_NAME_NOT_RESOLVED)); |
| 646 EXPECT_THAT(callback.proof(), IsNull()); | 392 EXPECT_THAT(callback.proof(), IsNull()); |
| 647 } | 393 } |
| 648 | 394 |
| 649 TEST_P(LogDnsClientTest, QueryAuditProofReportsServerFailure) { | 395 TEST_P(LogDnsClientTest, QueryAuditProofReportsServerFailure) { |
| 650 ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", | 396 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", |
| 651 net::dns_protocol::kRcodeSERVFAIL); | 397 net::dns_protocol::kRcodeSERVFAIL); |
| 652 | 398 |
| 653 MockAuditProofCallback callback; | 399 MockAuditProofCallback callback; |
| 654 QueryAuditProof("ct.test", 123456, 999999, &callback); | 400 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 655 ASSERT_TRUE(callback.called()); | 401 ASSERT_TRUE(callback.called()); |
| 656 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); | 402 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); |
| 657 EXPECT_THAT(callback.proof(), IsNull()); | 403 EXPECT_THAT(callback.proof(), IsNull()); |
| 658 } | 404 } |
| 659 | 405 |
| 660 TEST_P(LogDnsClientTest, QueryAuditProofReportsServerRefusal) { | 406 TEST_P(LogDnsClientTest, QueryAuditProofReportsServerRefusal) { |
| 661 ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", | 407 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", |
| 662 net::dns_protocol::kRcodeREFUSED); | 408 net::dns_protocol::kRcodeREFUSED); |
| 663 | 409 |
| 664 MockAuditProofCallback callback; | 410 MockAuditProofCallback callback; |
| 665 QueryAuditProof("ct.test", 123456, 999999, &callback); | 411 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 666 ASSERT_TRUE(callback.called()); | 412 ASSERT_TRUE(callback.called()); |
| 667 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); | 413 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); |
| 668 EXPECT_THAT(callback.proof(), IsNull()); | 414 EXPECT_THAT(callback.proof(), IsNull()); |
| 669 } | 415 } |
| 670 | 416 |
| 671 TEST_P(LogDnsClientTest, | 417 TEST_P(LogDnsClientTest, |
| 672 QueryAuditProofReportsResponseMalformedIfNodeTooShort) { | 418 QueryAuditProofReportsResponseMalformedIfNodeTooShort) { |
| 673 // node is shorter than a SHA-256 hash (31 vs 32 bytes) | 419 // node is shorter than a SHA-256 hash (31 vs 32 bytes) |
| 674 const std::vector<std::string> audit_proof(1, std::string(31, 'a')); | 420 const std::vector<std::string> audit_proof(1, std::string(31, 'a')); |
| 675 | 421 |
| 676 ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", | 422 mock_dns_.ExpectAuditProofRequestAndResponse( |
| 677 audit_proof.begin(), audit_proof.end()); | 423 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end()); |
| 678 | 424 |
| 679 MockAuditProofCallback callback; | 425 MockAuditProofCallback callback; |
| 680 QueryAuditProof("ct.test", 123456, 999999, &callback); | 426 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 681 ASSERT_TRUE(callback.called()); | 427 ASSERT_TRUE(callback.called()); |
| 682 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); | 428 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); |
| 683 EXPECT_THAT(callback.proof(), IsNull()); | 429 EXPECT_THAT(callback.proof(), IsNull()); |
| 684 } | 430 } |
| 685 | 431 |
| 686 TEST_P(LogDnsClientTest, QueryAuditProofReportsResponseMalformedIfNodeTooLong) { | 432 TEST_P(LogDnsClientTest, QueryAuditProofReportsResponseMalformedIfNodeTooLong) { |
| 687 // node is longer than a SHA-256 hash (33 vs 32 bytes) | 433 // node is longer than a SHA-256 hash (33 vs 32 bytes) |
| 688 const std::vector<std::string> audit_proof(1, std::string(33, 'a')); | 434 const std::vector<std::string> audit_proof(1, std::string(33, 'a')); |
| 689 | 435 |
| 690 ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", | 436 mock_dns_.ExpectAuditProofRequestAndResponse( |
| 691 audit_proof.begin(), audit_proof.end()); | 437 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end()); |
| 692 | 438 |
| 693 MockAuditProofCallback callback; | 439 MockAuditProofCallback callback; |
| 694 QueryAuditProof("ct.test", 123456, 999999, &callback); | 440 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 695 ASSERT_TRUE(callback.called()); | 441 ASSERT_TRUE(callback.called()); |
| 696 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); | 442 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); |
| 697 EXPECT_THAT(callback.proof(), IsNull()); | 443 EXPECT_THAT(callback.proof(), IsNull()); |
| 698 } | 444 } |
| 699 | 445 |
| 700 TEST_P(LogDnsClientTest, QueryAuditProofReportsResponseMalformedIfEmpty) { | 446 TEST_P(LogDnsClientTest, QueryAuditProofReportsResponseMalformedIfEmpty) { |
| 701 const std::vector<std::string> audit_proof; | 447 const std::vector<std::string> audit_proof; |
| 702 | 448 |
| 703 ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", | 449 mock_dns_.ExpectAuditProofRequestAndResponse( |
| 704 audit_proof.begin(), audit_proof.end()); | 450 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end()); |
| 705 | 451 |
| 706 MockAuditProofCallback callback; | 452 MockAuditProofCallback callback; |
| 707 QueryAuditProof("ct.test", 123456, 999999, &callback); | 453 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 708 ASSERT_TRUE(callback.called()); | 454 ASSERT_TRUE(callback.called()); |
| 709 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); | 455 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); |
| 710 EXPECT_THAT(callback.proof(), IsNull()); | 456 EXPECT_THAT(callback.proof(), IsNull()); |
| 711 } | 457 } |
| 712 | 458 |
| 713 TEST_P(LogDnsClientTest, QueryAuditProofReportsInvalidArgIfLogDomainIsEmpty) { | 459 TEST_P(LogDnsClientTest, QueryAuditProofReportsInvalidArgIfLogDomainIsEmpty) { |
| 714 MockAuditProofCallback callback; | 460 MockAuditProofCallback callback; |
| (...skipping 23 matching lines...) Expand all Loading... |
| 738 TEST_P(LogDnsClientTest, | 484 TEST_P(LogDnsClientTest, |
| 739 QueryAuditProofReportsInvalidArgIfLeafIndexGreaterThanTreeSize) { | 485 QueryAuditProofReportsInvalidArgIfLeafIndexGreaterThanTreeSize) { |
| 740 MockAuditProofCallback callback; | 486 MockAuditProofCallback callback; |
| 741 QueryAuditProof("ct.test", 999999, 123456, &callback); | 487 QueryAuditProof("ct.test", 999999, 123456, &callback); |
| 742 ASSERT_TRUE(callback.called()); | 488 ASSERT_TRUE(callback.called()); |
| 743 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); | 489 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); |
| 744 EXPECT_THAT(callback.proof(), IsNull()); | 490 EXPECT_THAT(callback.proof(), IsNull()); |
| 745 } | 491 } |
| 746 | 492 |
| 747 TEST_P(LogDnsClientTest, QueryAuditProofReportsSocketError) { | 493 TEST_P(LogDnsClientTest, QueryAuditProofReportsSocketError) { |
| 748 ExpectRequestAndSocketError("0.123456.999999.tree.ct.test.", | 494 mock_dns_.ExpectRequestAndSocketError("0.123456.999999.tree.ct.test.", |
| 749 net::ERR_CONNECTION_REFUSED); | 495 net::ERR_CONNECTION_REFUSED); |
| 750 | 496 |
| 751 MockAuditProofCallback callback; | 497 MockAuditProofCallback callback; |
| 752 QueryAuditProof("ct.test", 123456, 999999, &callback); | 498 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 753 ASSERT_TRUE(callback.called()); | 499 ASSERT_TRUE(callback.called()); |
| 754 EXPECT_THAT(callback.net_error(), IsError(net::ERR_CONNECTION_REFUSED)); | 500 EXPECT_THAT(callback.net_error(), IsError(net::ERR_CONNECTION_REFUSED)); |
| 755 EXPECT_THAT(callback.proof(), IsNull()); | 501 EXPECT_THAT(callback.proof(), IsNull()); |
| 756 } | 502 } |
| 757 | 503 |
| 758 TEST_P(LogDnsClientTest, QueryAuditProofReportsTimeout) { | 504 TEST_P(LogDnsClientTest, QueryAuditProofReportsTimeout) { |
| 759 ExpectRequestAndTimeout("0.123456.999999.tree.ct.test."); | 505 mock_dns_.ExpectRequestAndTimeout("0.123456.999999.tree.ct.test."); |
| 760 | 506 |
| 761 MockAuditProofCallback callback; | 507 MockAuditProofCallback callback; |
| 762 QueryAuditProof("ct.test", 123456, 999999, &callback); | 508 QueryAuditProof("ct.test", 123456, 999999, &callback); |
| 763 ASSERT_TRUE(callback.called()); | 509 ASSERT_TRUE(callback.called()); |
| 764 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_TIMED_OUT)); | 510 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_TIMED_OUT)); |
| 765 EXPECT_THAT(callback.proof(), IsNull()); | 511 EXPECT_THAT(callback.proof(), IsNull()); |
| 766 } | 512 } |
| 767 | 513 |
| 768 TEST_P(LogDnsClientTest, AdoptsLatestDnsConfigIfValid) { | 514 TEST_P(LogDnsClientTest, AdoptsLatestDnsConfigIfValid) { |
| 769 std::unique_ptr<net::DnsClient> tmp = CreateDnsClient(); | 515 std::unique_ptr<net::DnsClient> tmp = mock_dns_.CreateDnsClient(); |
| 770 net::DnsClient* dns_client = tmp.get(); | 516 net::DnsClient* dns_client = tmp.get(); |
| 771 LogDnsClient log_client(std::move(tmp), net::BoundNetLog()); | 517 LogDnsClient log_client(std::move(tmp), net::BoundNetLog()); |
| 772 | 518 |
| 773 // Get the current DNS config, modify it and broadcast the update. | 519 // Get the current DNS config, modify it and broadcast the update. |
| 774 net::DnsConfig config(*dns_client->GetConfig()); | 520 net::DnsConfig config(*dns_client->GetConfig()); |
| 775 ASSERT_NE(123, config.attempts); | 521 ASSERT_NE(123, config.attempts); |
| 776 config.attempts = 123; | 522 config.attempts = 123; |
| 777 DnsChangeNotifier::SetDnsConfig(config); | 523 mock_dns_.SetDnsConfig(config); |
| 778 | 524 |
| 779 // Let the DNS config change propogate. | 525 // Let the DNS config change propogate. |
| 780 base::RunLoop().RunUntilIdle(); | 526 base::RunLoop().RunUntilIdle(); |
| 781 EXPECT_EQ(123, dns_client->GetConfig()->attempts); | 527 EXPECT_EQ(123, dns_client->GetConfig()->attempts); |
| 782 } | 528 } |
| 783 | 529 |
| 784 TEST_P(LogDnsClientTest, IgnoresLatestDnsConfigIfInvalid) { | 530 TEST_P(LogDnsClientTest, IgnoresLatestDnsConfigIfInvalid) { |
| 785 std::unique_ptr<net::DnsClient> tmp = CreateDnsClient(); | 531 std::unique_ptr<net::DnsClient> tmp = mock_dns_.CreateDnsClient(); |
| 786 net::DnsClient* dns_client = tmp.get(); | 532 net::DnsClient* dns_client = tmp.get(); |
| 787 LogDnsClient log_client(std::move(tmp), net::BoundNetLog()); | 533 LogDnsClient log_client(std::move(tmp), net::BoundNetLog()); |
| 788 | 534 |
| 789 // Get the current DNS config, modify it and broadcast the update. | 535 // Get the current DNS config, modify it and broadcast the update. |
| 790 net::DnsConfig config(*dns_client->GetConfig()); | 536 net::DnsConfig config(*dns_client->GetConfig()); |
| 791 ASSERT_THAT(config.nameservers, Not(IsEmpty())); | 537 ASSERT_THAT(config.nameservers, Not(IsEmpty())); |
| 792 config.nameservers.clear(); // Makes config invalid | 538 config.nameservers.clear(); // Makes config invalid |
| 793 DnsChangeNotifier::SetDnsConfig(config); | 539 mock_dns_.SetDnsConfig(config); |
| 794 | 540 |
| 795 // Let the DNS config change propogate. | 541 // Let the DNS config change propogate. |
| 796 base::RunLoop().RunUntilIdle(); | 542 base::RunLoop().RunUntilIdle(); |
| 797 EXPECT_THAT(dns_client->GetConfig()->nameservers, Not(IsEmpty())); | 543 EXPECT_THAT(dns_client->GetConfig()->nameservers, Not(IsEmpty())); |
| 798 } | 544 } |
| 799 | 545 |
| 800 INSTANTIATE_TEST_CASE_P(ReadMode, | 546 INSTANTIATE_TEST_CASE_P(ReadMode, |
| 801 LogDnsClientTest, | 547 LogDnsClientTest, |
| 802 ::testing::Values(net::IoMode::ASYNC, | 548 ::testing::Values(net::IoMode::ASYNC, |
| 803 net::IoMode::SYNCHRONOUS)); | 549 net::IoMode::SYNCHRONOUS)); |
| 804 | 550 |
| 805 } // namespace | 551 } // namespace |
| 806 } // namespace certificate_transparency | 552 } // namespace certificate_transparency |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2149973003:
Extracts CT DNS test utilities into a standalone class (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master