Extracts CT DNS test utilities into a standalone class

components/certificate_transparency/mock_log_dns_traffic.h

Index: components/certificate_transparency/mock_log_dns_traffic.h
diff --git a/components/certificate_transparency/mock_log_dns_traffic.h b/components/certificate_transparency/mock_log_dns_traffic.h
new file mode 100644
index 0000000000000000000000000000000000000000..25c689ebfc12f6c8befb46476cbc11b1f5895177
--- /dev/null
+++ b/components/certificate_transparency/mock_log_dns_traffic.h
@@ -0,0 +1,133 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_MOCK_LOG_DNS_TRAFFIC_H_
+#define COMPONENTS_CERTIFICATE_TRANSPARENCY_MOCK_LOG_DNS_TRAFFIC_H_
+
+#include <stdint.h>
+
+#include <memory>
+#include <string>
+#include <vector>
+
+#include "base/macros.h"
+#include "base/strings/string_piece.h"
+#include "net/dns/dns_client.h"
+#include "net/dns/dns_config_service.h"
+#include "net/socket/socket_test_util.h"
+
+namespace certificate_transparency {
+
+namespace detail {

[Eran Messeri, 2016/07/21 14:47:02]

nit: Why not use 'internal'  or 'internal_testing' ? That's the convention as
far as I can tell for implementation details that have to be exposed.

[Rob Percival, 2016/07/21 15:27:19]

Done.

+
+// A container for all of the data we need to keep alive for a mock socket.
+// This is useful because Mock{Read,Write}, SequencedSocketData and
+// MockClientSocketFactory all do not take ownership of or copy their arguments,
+// so we have to manage the lifetime of those arguments ourselves. Wrapping all
+// of that up in a single class simplifies this.
+class MockSocketData {
+ public:
+  // A socket that expects one write and one read operation.
+  MockSocketData(const std::vector<char>& write, const std::vector<char>& read);
+  // A socket that expects one write and a read error.
+  MockSocketData(const std::vector<char>& write, int net_error);
+  // A socket that expects one write and no response.
+  explicit MockSocketData(const std::vector<char>& write);
+
+  ~MockSocketData();
+
+  void SetWriteMode(net::IoMode mode) { expected_write_.mode = mode; }
+  void SetReadMode(net::IoMode mode) { expected_reads_[0].mode = mode; }
+
+  void AddToFactory(net::MockClientSocketFactory* socket_factory);
+
+ private:
+  // Prevents read overruns and makes a socket timeout the default behaviour.
+  static const net::MockRead eof_;
+
+  // This class only supports one write and one read, so just need to store one
+  // payload each.
+  const std::vector<char> expected_write_payload_;
+  const std::vector<char> expected_read_payload_;
+  // Encapsulates the data that is expected to be written to a socket.
+  net::MockWrite expected_write_;
+  // Encapsulates the data/error that should be returned when reading from a
+  // socket. The expected response is followed by |eof_|, to catch further,
+  // unexpected read attempts.
+  net::MockRead expected_reads_[2];

[Eran Messeri, 2016/07/21 14:47:02]

Why the 2 here, if we only support one read at most?

[Rob Percival, 2016/07/21 15:27:19]

There is always a second "expected" read which is |eof_|. This makes the mock
socket hang as though it were waiting for something to read, and should time
out. This is more like the behaviour of an actual socket and gives better test
failure messages (mock sockets CHECK-fail if more reads are attempted than there
are MockReads). See
https://cs.chromium.org/chromium/src/net/socket/socket_test_util.h?l=408 for the
explanation of what |eof_| does. The DnsTransaction tests do the same thing:
https://cs.chromium.org/chromium/src/net/dns/dns_transaction_unittest.cc?l=125.

Should I improve the comment above to better explain that?

[Eran Messeri, 2016/07/21 16:49:21]

I noticed the eof_ later when reviewing the implementation. Yes, please improve
the comment to explain.

[Rob Percival, 2016/07/21 17:32:21]

Done.

+  net::SequencedSocketData socket_data_;
+
+  DISALLOW_COPY_AND_ASSIGN(MockSocketData);
+};
+
+}  // namespace detail
+
+// Mocks DNS requests and responses for a Certificate Transparency (CT) log.
+// This is implemented using mock sockets. Call the CreateDnsClient() method to
+// get a net::DnsClient wired up to these mock sockets.
+// The Expect*() methods must be called from within a GTest test case.
+class MockLogDnsTraffic {
+ public:
+  MockLogDnsTraffic();
+  ~MockLogDnsTraffic();
+
+  // Expect a CT DNS request for the domain |qname|.
+  // Such a request will receive a DNS response indicating that the error
+  // specified by |rcode| occurred. See RFC1035, Section 4.1.1 for |rcode|
+  // values.
+  void ExpectRequestAndErrorResponse(base::StringPiece qname, uint8_t rcode);
+  // Expect a CT DNS request for the domain |qname|.
+  // Such a request will trigger a socket error of type |net_error|.
+  // |net_error| can be any net:Error value.
+  void ExpectRequestAndSocketError(base::StringPiece qname, int net_error);
+  // Expect a CT DNS request for the domain |qname|.
+  // Such a request will timeout.
+  // This will reduce the DNS timeout to minimize test duration.
+  void ExpectRequestAndTimeout(base::StringPiece qname);
+  // Expect a CT DNS request for the domain |qname|.
+  // Such a request will receive a DNS response containing |leaf_index|.
+  // A description of such a request and response can be seen here:
+  // https://github.com/google/certificate-transparency-rfcs/blob/c8844de6bd0b5d3d16bac79865e6edef533d760b/dns/draft-ct-over-dns.md#hash-query-hashquery
+  void ExpectLeafIndexRequestAndResponse(base::StringPiece qname,
+                                         base::StringPiece leaf_index);
+  // Expect a CT DNS request for the domain |qname|.
+  // Such a request will receive a DNS response containing the inclusion proof
+  // nodes between |audit_path_start| and |audit_path_end|.
+  // A description of such a request and response can be seen here:
+  // https://github.com/google/certificate-transparency-rfcs/blob/c8844de6bd0b5d3d16bac79865e6edef533d760b/dns/draft-ct-over-dns.md#tree-query-treequery
+  void ExpectAuditProofRequestAndResponse(
+      base::StringPiece qname,
+      std::vector<std::string>::const_iterator audit_path_start,
+      std::vector<std::string>::const_iterator audit_path_end);
+
+  // Creates a DNS client that uses mock sockets.
+  // It is this DNS client that the expectations will be tested against.
+  std::unique_ptr<net::DnsClient> CreateDnsClient();
+
+  // Sets whether mock reads should complete synchronously or asynchronously.
+  void SetSocketReadMode(net::IoMode read_mode) {
+    socket_read_mode_ = read_mode;
+  }
+
+ private:
+  // Expect A CT DNS request for the domain |qname|.
+  // Such a request will receive a DNS response containing |answer|.
+  void ExpectRequestAndResponse(base::StringPiece qname,
+                                base::StringPiece answer);
+
+  // The DNS configuration to pass to the DNS client.
+  net::DnsConfig dns_config_;
+  // A list of mock sockets for the DNS client to use.
+  std::vector<std::unique_ptr<detail::MockSocketData>> mock_socket_data_;
+  // A factory for handing out the mock sockets.
+  net::MockClientSocketFactory socket_factory_;
+  // Controls whether mock socket reads are asynchronous.
+  net::IoMode socket_read_mode_;
+
+  DISALLOW_COPY_AND_ASSIGN(MockLogDnsTraffic);
+};
+
+}  // namespace certificate_transparency
+
+#endif  // COMPONENTS_CERTIFICATE_TRANSPARENCY_MOCK_LOG_DNS_TRAFFIC_H_