Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(253)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/certificate_transparency/log_dns_client_unittest.cc

Issue 2367523002: Merge LogDnsClient's QueryLeafIndex and QueryAuditProof methods (Closed)
Patch Set: Bug fix Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« components/certificate_transparency/log_dns_client.cc ('K') | « components/certificate_transparency/log_dns_client.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/certificate_transparency/log_dns_client.h" 5 #include "components/certificate_transparency/log_dns_client.h"
6 6
7 #include <memory> 7 #include <memory>
8 #include <string> 8 #include <string>
9 #include <utility> 9 #include <utility>
10 #include <vector> 10 #include <vector>
(...skipping 23 matching lines...) Expand all
34 using ::testing::AllOf; 34 using ::testing::AllOf;
35 using ::testing::Eq; 35 using ::testing::Eq;
36 using ::testing::IsEmpty; 36 using ::testing::IsEmpty;
37 using ::testing::IsNull; 37 using ::testing::IsNull;
38 using ::testing::Le; 38 using ::testing::Le;
39 using ::testing::Not; 39 using ::testing::Not;
40 using ::testing::NotNull; 40 using ::testing::NotNull;
41 using net::test::IsError; 41 using net::test::IsError;
42 using net::test::IsOk; 42 using net::test::IsOk;
43 43
44 // Sample Merkle leaf hashes.
44 const char* kLeafHashes[] = { 45 const char* kLeafHashes[] = {
45 "\x1f\x25\xe1\xca\xba\x4f\xf9\xb8\x27\x24\x83\x0f\xca\x60\xe4\xc2\xbe\xa8" 46 "\x1f\x25\xe1\xca\xba\x4f\xf9\xb8\x27\x24\x83\x0f\xca\x60\xe4\xc2\xbe\xa8"
46 "\xc3\xa9\x44\x1c\x27\xb0\xb4\x3e\x6a\x96\x94\xc7\xb8\x04", 47 "\xc3\xa9\x44\x1c\x27\xb0\xb4\x3e\x6a\x96\x94\xc7\xb8\x04",
47 "\x2c\x26\xb4\x6b\x68\xff\xc6\x8f\xf9\x9b\x45\x3c\x1d\x30\x41\x34\x13\x42" 48 "\x2c\x26\xb4\x6b\x68\xff\xc6\x8f\xf9\x9b\x45\x3c\x1d\x30\x41\x34\x13\x42"
48 "\x2d\x70\x64\x83\xbf\xa0\xf9\x8a\x5e\x88\x62\x66\xe7\xae", 49 "\x2d\x70\x64\x83\xbf\xa0\xf9\x8a\x5e\x88\x62\x66\xe7\xae",
49 "\xfc\xde\x2b\x2e\xdb\xa5\x6b\xf4\x08\x60\x1f\xb7\x21\xfe\x9b\x5c\x33\x8d" 50 "\xfc\xde\x2b\x2e\xdb\xa5\x6b\xf4\x08\x60\x1f\xb7\x21\xfe\x9b\x5c\x33\x8d"
50 "\x10\xee\x42\x9e\xa0\x4f\xae\x55\x11\xb6\x8f\xbf\x8f\xb9", 51 "\x10\xee\x42\x9e\xa0\x4f\xae\x55\x11\xb6\x8f\xbf\x8f\xb9",
51 }; 52 };
52 53
53 // Assumes log domain is "ct.test" 54 // DNS query names for looking up the leaf index associated with each hash in
54 const char* kBase32LeafHashes[] = { 55 // |kLeafHashes|. Assumes the log domain is "ct.test".
56 const char* kLeafIndexQnames[] = {
55 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.", 57 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.",
56 "FQTLI23I77DI76M3IU6B2MCBGQJUELLQMSB37IHZRJPIQYTG46XA.hash.ct.test.", 58 "FQTLI23I77DI76M3IU6B2MCBGQJUELLQMSB37IHZRJPIQYTG46XA.hash.ct.test.",
57 "7TPCWLW3UVV7ICDAD63SD7U3LQZY2EHOIKPKAT5OKUI3ND57R64Q.hash.ct.test.", 59 "7TPCWLW3UVV7ICDAD63SD7U3LQZY2EHOIKPKAT5OKUI3ND57R64Q.hash.ct.test.",
58 }; 60 };
59 61
60 // Leaf indices and tree sizes for use with above leaf hashes. 62 // Leaf indices and tree sizes for use with |kLeafHashes|.
61 const uint64_t kLeafIndices[] = {0, 1, 2}; 63 const uint64_t kLeafIndices[] = {0, 1, 2};
62 const uint64_t kTreeSizes[] = {100, 10000, 1000000}; 64 const uint64_t kTreeSizes[] = {100, 10000, 1000000};
63 65
64 // Only 7 audit proof nodes can fit into a DNS response, because they are sent 66 // Only 7 audit proof nodes can fit into a DNS response, because they are sent
65 // in a TXT RDATA string, which has a maximum size of 255 bytes, and each node 67 // in a TXT RDATA string, which has a maximum size of 255 bytes, and each node
66 // is a SHA-256 hash (32 bytes), i.e. (255 / 32) == 7. 68 // is a SHA-256 hash (32 bytes), i.e. (255 / 32) == 7.
67 // This means audit proofs consisting of more than 7 nodes require multiple DNS 69 // This means audit proofs consisting of more than 7 nodes require multiple DNS
68 // requests to retrieve. 70 // requests to retrieve.
69 const size_t kMaxProofNodesPerDnsResponse = 7; 71 const size_t kMaxProofNodesPerDnsResponse = 7;
70 72
71 std::vector<std::string> GetSampleAuditProof(size_t length) { 73 std::vector<std::string> GetSampleAuditProof(size_t length) {
72 std::vector<std::string> audit_proof(length); 74 std::vector<std::string> audit_proof(length);
73 // Makes each node of the audit proof different, so that tests are able to 75 // Makes each node of the audit proof different, so that tests are able to
74 // confirm that the audit proof is reconstructed in the correct order. 76 // confirm that the audit proof is reconstructed in the correct order.
75 for (size_t i = 0; i < length; ++i) { 77 for (size_t i = 0; i < length; ++i) {
76 std::string node(crypto::kSHA256Length, '\0'); 78 std::string node(crypto::kSHA256Length, '\0');
77 // Each node is 32 bytes, with each byte having a different value. 79 // Each node is 32 bytes, with each byte having a different value.
78 for (size_t j = 0; j < crypto::kSHA256Length; ++j) { 80 for (size_t j = 0; j < crypto::kSHA256Length; ++j) {
79 node[j] = static_cast<char>((-127 + i + j) % 128); 81 node[j] = static_cast<char>((-127 + i + j) % 128);
80 } 82 }
81 audit_proof[i].assign(std::move(node)); 83 audit_proof[i].assign(std::move(node));
82 } 84 }
83 85
84 return audit_proof; 86 return audit_proof;
85 } 87 }
86 88
87 class MockLeafIndexCallback {
88 public:
89 MockLeafIndexCallback() : called_(false) {}
90
91 bool called() const { return called_; }
92 int net_error() const { return net_error_; }
93 uint64_t leaf_index() const { return leaf_index_; }
94
95 void Run(int net_error, uint64_t leaf_index) {
96 EXPECT_TRUE(!called_) << "Callback invoked more than once";
97 called_ = true;
98 net_error_ = net_error;
99 leaf_index_ = leaf_index;
100 run_loop_.Quit();
101 }
102
103 LogDnsClient::LeafIndexCallback AsCallback() {
104 return base::Bind(&MockLeafIndexCallback::Run, base::Unretained(this));
105 }
106
107 void WaitUntilRun() { run_loop_.Run(); }
108
109 private:
110 bool called_;
111 int net_error_;
112 uint64_t leaf_index_;
113 base::RunLoop run_loop_;
114 };
115
116 class MockAuditProofCallback { 89 class MockAuditProofCallback {
117 public: 90 public:
118 MockAuditProofCallback() : called_(false) {} 91 MockAuditProofCallback() : called_(false) {}
119 92
120 bool called() const { return called_; } 93 bool called() const { return called_; }
121 int net_error() const { return net_error_; } 94 int net_error() const { return net_error_; }
122 const net::ct::MerkleAuditProof* proof() const { return proof_.get(); } 95 const net::ct::MerkleAuditProof* proof() const { return proof_.get(); }
123 96
124 void Run(int net_error, std::unique_ptr<net::ct::MerkleAuditProof> proof) { 97 void Run(int net_error, std::unique_ptr<net::ct::MerkleAuditProof> proof) {
125 EXPECT_TRUE(!called_) << "Callback invoked more than once"; 98 EXPECT_TRUE(!called_) << "Callback invoked more than once";
(...skipping 18 matching lines...) Expand all
144 117
145 class LogDnsClientTest : public ::testing::TestWithParam<net::IoMode> { 118 class LogDnsClientTest : public ::testing::TestWithParam<net::IoMode> {
146 protected: 119 protected:
147 LogDnsClientTest() 120 LogDnsClientTest()
148 : network_change_notifier_(net::NetworkChangeNotifier::CreateMock()) { 121 : network_change_notifier_(net::NetworkChangeNotifier::CreateMock()) {
149 mock_dns_.SetSocketReadMode(GetParam()); 122 mock_dns_.SetSocketReadMode(GetParam());
150 mock_dns_.InitializeDnsConfig(); 123 mock_dns_.InitializeDnsConfig();
151 } 124 }
152 125
153 std::unique_ptr<LogDnsClient> CreateLogDnsClient( 126 std::unique_ptr<LogDnsClient> CreateLogDnsClient(
154 size_t max_concurrent_queries) { 127 size_t kMaxConcurrentQueries) {
155 return base::MakeUnique<LogDnsClient>(mock_dns_.CreateDnsClient(), 128 return base::MakeUnique<LogDnsClient>(mock_dns_.CreateDnsClient(),
156 net::NetLogWithSource(), 129 net::NetLogWithSource(),
157 max_concurrent_queries); 130 kMaxConcurrentQueries);
158 }
159
160 void QueryLeafIndexAsync(LogDnsClient* log_client,
161 base::StringPiece log_domain,
162 const char leaf_hash[crypto::kSHA256Length],
163 const LogDnsClient::LeafIndexCallback& callback) {
164 log_client->QueryLeafIndex(log_domain, leaf_hash, callback);
165 }
166
167 // Convenience function for calling QueryLeafIndexAsync synchronously.
168 void QueryLeafIndex(base::StringPiece log_domain,
169 const char leaf_hash[crypto::kSHA256Length],
170 MockLeafIndexCallback* callback) {
171 std::unique_ptr<LogDnsClient> log_client = CreateLogDnsClient(0);
172 QueryLeafIndexAsync(log_client.get(), log_domain, leaf_hash,
173 callback->AsCallback());
174 callback->WaitUntilRun();
175 } 131 }
176 132
177 void QueryAuditProofAsync(LogDnsClient* log_client, 133 void QueryAuditProofAsync(LogDnsClient* log_client,
178 base::StringPiece log_domain, 134 const std::string& log_domain,
179 uint64_t leaf_index, 135 const char leaf_hash[crypto::kSHA256Length],
180 uint64_t tree_size, 136 uint64_t tree_size,
181 const LogDnsClient::AuditProofCallback& callback) { 137 const LogDnsClient::AuditProofCallback& callback) {
182 log_client->QueryAuditProof(log_domain, leaf_index, tree_size, callback); 138 log_client->QueryAuditProof(log_domain, leaf_hash, tree_size, callback);
183 } 139 }
184 140
185 // Convenience function for calling QueryAuditProofAsync synchronously. 141 // Convenience function for calling QueryAuditProofAsync synchronously.
186 void QueryAuditProof(base::StringPiece log_domain, 142 void QueryAuditProof(const std::string& log_domain,
187 uint64_t leaf_index, 143 const char leaf_hash[crypto::kSHA256Length],
188 uint64_t tree_size, 144 uint64_t tree_size,
189 MockAuditProofCallback* callback) { 145 MockAuditProofCallback* callback) {
190 std::unique_ptr<LogDnsClient> log_client = CreateLogDnsClient(0); 146 std::unique_ptr<LogDnsClient> log_client = CreateLogDnsClient(0);
191 QueryAuditProofAsync(log_client.get(), log_domain, leaf_index, tree_size, 147 QueryAuditProofAsync(log_client.get(), log_domain, leaf_hash, tree_size,
192 callback->AsCallback()); 148 callback->AsCallback());
193 callback->WaitUntilRun(); 149 callback->WaitUntilRun();
194 } 150 }
195 151
196 // This will be the NetworkChangeNotifier singleton for the duration of the 152 // This will be the NetworkChangeNotifier singleton for the duration of the
197 // test. It is accessed statically by LogDnsClient. 153 // test. It is accessed statically by LogDnsClient.
198 std::unique_ptr<net::NetworkChangeNotifier> network_change_notifier_; 154 std::unique_ptr<net::NetworkChangeNotifier> network_change_notifier_;
199 // Queues and handles asynchronous DNS tasks. Indirectly used by LogDnsClient, 155 // Queues and handles asynchronous DNS tasks. Indirectly used by LogDnsClient,
200 // the underlying net::DnsClient, and NetworkChangeNotifier. 156 // the underlying net::DnsClient, and NetworkChangeNotifier.
201 base::MessageLoopForIO message_loop_; 157 base::MessageLoopForIO message_loop_;
202 // Allows mock DNS sockets to be setup. 158 // Allows mock DNS sockets to be setup.
203 MockLogDnsTraffic mock_dns_; 159 MockLogDnsTraffic mock_dns_;
204 }; 160 };
205 161
206 TEST_P(LogDnsClientTest, QueryLeafIndex) { 162 TEST_P(LogDnsClientTest, QueryAuditProofReportsThatLogDomainDoesNotExist) {
207 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[0], "123456"); 163 mock_dns_.ExpectRequestAndErrorResponse(kLeafIndexQnames[0],
208
209 MockLeafIndexCallback callback;
210 QueryLeafIndex("ct.test", kLeafHashes[0], &callback);
211 ASSERT_TRUE(callback.called());
212 EXPECT_THAT(callback.net_error(), IsOk());
213 EXPECT_THAT(callback.leaf_index(), Eq(123456u));
214 }
215
216 TEST_P(LogDnsClientTest, QueryLeafIndexReportsThatLogDomainDoesNotExist) {
217 mock_dns_.ExpectRequestAndErrorResponse(kBase32LeafHashes[0],
218 net::dns_protocol::kRcodeNXDOMAIN); 164 net::dns_protocol::kRcodeNXDOMAIN);
219 165
220 MockLeafIndexCallback callback; 166 MockAuditProofCallback callback;
221 QueryLeafIndex("ct.test", kLeafHashes[0], &callback); 167 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
222 ASSERT_TRUE(callback.called()); 168 ASSERT_TRUE(callback.called());
223 EXPECT_THAT(callback.net_error(), IsError(net::ERR_NAME_NOT_RESOLVED)); 169 EXPECT_THAT(callback.net_error(), IsError(net::ERR_NAME_NOT_RESOLVED));
224 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 170 EXPECT_THAT(callback.proof(), IsNull());
225 }
226
227 TEST_P(LogDnsClientTest, QueryLeafIndexReportsServerFailure) {
228 mock_dns_.ExpectRequestAndErrorResponse(kBase32LeafHashes[0],
229 net::dns_protocol::kRcodeSERVFAIL);
230
231 MockLeafIndexCallback callback;
232 QueryLeafIndex("ct.test", kLeafHashes[0], &callback);
233 ASSERT_TRUE(callback.called());
234 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED));
235 EXPECT_THAT(callback.leaf_index(), Eq(0u));
236 }
237
238 TEST_P(LogDnsClientTest, QueryLeafIndexReportsServerRefusal) {
239 mock_dns_.ExpectRequestAndErrorResponse(kBase32LeafHashes[0],
240 net::dns_protocol::kRcodeREFUSED);
241
242 MockLeafIndexCallback callback;
243 QueryLeafIndex("ct.test", kLeafHashes[0], &callback);
244 ASSERT_TRUE(callback.called());
245 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED));
246 EXPECT_THAT(callback.leaf_index(), Eq(0u));
247 } 171 }
248 172
249 TEST_P(LogDnsClientTest, 173 TEST_P(LogDnsClientTest,
250 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsNotNumeric) { 174 QueryAuditProofReportsServerFailuresDuringLeafIndexRequests) {
251 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[0], "foo"); 175 mock_dns_.ExpectRequestAndErrorResponse(kLeafIndexQnames[0],
176 net::dns_protocol::kRcodeSERVFAIL);
252 177
253 MockLeafIndexCallback callback; 178 MockAuditProofCallback callback;
254 QueryLeafIndex("ct.test", kLeafHashes[0], &callback); 179 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
255 ASSERT_TRUE(callback.called()); 180 ASSERT_TRUE(callback.called());
256 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); 181 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED));
257 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 182 EXPECT_THAT(callback.proof(), IsNull());
258 } 183 }
259 184
260 TEST_P(LogDnsClientTest, 185 TEST_P(LogDnsClientTest,
261 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsFloatingPoint) { 186 QueryAuditProofReportsServerRefusalsDuringLeafIndexRequests) {
262 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[0], "123456.0"); 187 mock_dns_.ExpectRequestAndErrorResponse(kLeafIndexQnames[0],
188 net::dns_protocol::kRcodeREFUSED);
263 189
264 MockLeafIndexCallback callback; 190 MockAuditProofCallback callback;
265 QueryLeafIndex("ct.test", kLeafHashes[0], &callback); 191 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
266 ASSERT_TRUE(callback.called()); 192 ASSERT_TRUE(callback.called());
267 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); 193 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED));
268 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 194 EXPECT_THAT(callback.proof(), IsNull());
269 } 195 }
270 196
271 TEST_P(LogDnsClientTest, 197 TEST_P(LogDnsClientTest,
272 QueryLeafIndexReportsMalformedResponseIfLeafIndexIsEmpty) { 198 QueryAuditProofReportsMalformedResponseIfLeafIndexIsNotNumeric) {
273 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[0], ""); 199 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "foo");
274 200
275 MockLeafIndexCallback callback; 201 MockAuditProofCallback callback;
276 QueryLeafIndex("ct.test", kLeafHashes[0], &callback); 202 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
277 ASSERT_TRUE(callback.called()); 203 ASSERT_TRUE(callback.called());
278 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); 204 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE));
279 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 205 EXPECT_THAT(callback.proof(), IsNull());
280 } 206 }
281 207
282 TEST_P(LogDnsClientTest, 208 TEST_P(LogDnsClientTest,
283 QueryLeafIndexReportsMalformedResponseIfLeafIndexHasNonNumericPrefix) { 209 QueryAuditProofReportsMalformedResponseIfLeafIndexIsFloatingPoint) {
284 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[0], 210 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456.0");
285 "foo123456");
286 211
287 MockLeafIndexCallback callback; 212 MockAuditProofCallback callback;
288 QueryLeafIndex("ct.test", kLeafHashes[0], &callback); 213 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
289 ASSERT_TRUE(callback.called()); 214 ASSERT_TRUE(callback.called());
290 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); 215 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE));
291 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 216 EXPECT_THAT(callback.proof(), IsNull());
292 } 217 }
293 218
294 TEST_P(LogDnsClientTest, 219 TEST_P(LogDnsClientTest,
295 QueryLeafIndexReportsMalformedResponseIfLeafIndexHasNonNumericSuffix) { 220 QueryAuditProofReportsMalformedResponseIfLeafIndexIsEmpty) {
296 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[0], 221 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "");
297 "123456foo");
298 222
299 MockLeafIndexCallback callback; 223 MockAuditProofCallback callback;
300 QueryLeafIndex("ct.test", kLeafHashes[0], &callback); 224 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
301 ASSERT_TRUE(callback.called()); 225 ASSERT_TRUE(callback.called());
302 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); 226 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE));
303 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 227 EXPECT_THAT(callback.proof(), IsNull());
304 } 228 }
305 229
306 TEST_P(LogDnsClientTest, QueryLeafIndexReportsInvalidArgIfLogDomainIsEmpty) { 230 TEST_P(LogDnsClientTest,
307 MockLeafIndexCallback callback; 231 QueryAuditProofReportsMalformedResponseIfLeafIndexHasNonNumericPrefix) {
308 QueryLeafIndex("", kLeafHashes[0], &callback); 232 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "foo123456");
233
234 MockAuditProofCallback callback;
235 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
236 ASSERT_TRUE(callback.called());
237 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE));
238 EXPECT_THAT(callback.proof(), IsNull());
239 }
240
241 TEST_P(LogDnsClientTest,
242 QueryAuditProofReportsMalformedResponseIfLeafIndexHasNonNumericSuffix) {
243 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456foo");
244
245 MockAuditProofCallback callback;
246 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
247 ASSERT_TRUE(callback.called());
248 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE));
249 EXPECT_THAT(callback.proof(), IsNull());
250 }
251
252 TEST_P(LogDnsClientTest, QueryAuditProofReportsInvalidArgIfLogDomainIsEmpty) {
253 MockAuditProofCallback callback;
254 QueryAuditProof("", kLeafHashes[0], kTreeSizes[0], &callback);
309 ASSERT_TRUE(callback.called()); 255 ASSERT_TRUE(callback.called());
310 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); 256 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT));
311 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 257 EXPECT_THAT(callback.proof(), IsNull());
312 } 258 }
313 259
314 TEST_P(LogDnsClientTest, QueryLeafIndexReportsInvalidArgIfLogDomainIsNull) { 260 TEST_P(LogDnsClientTest, QueryAuditProofReportsInvalidArgIfLeafHashIsInvalid) {
315 MockLeafIndexCallback callback; 261 MockAuditProofCallback callback;
316 QueryLeafIndex(nullptr, kLeafHashes[0], &callback); 262 QueryAuditProof("ct.test", "foo", kTreeSizes[0], &callback);
317 ASSERT_TRUE(callback.called()); 263 ASSERT_TRUE(callback.called());
318 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); 264 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT));
319 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 265 EXPECT_THAT(callback.proof(), IsNull());
320 } 266 }
321 267
322 TEST_P(LogDnsClientTest, QueryLeafIndexReportsInvalidArgIfLeafHashIsInvalid) { 268 TEST_P(LogDnsClientTest, QueryAuditProofReportsInvalidArgIfLeafHashIsEmpty) {
323 MockLeafIndexCallback callback; 269 MockAuditProofCallback callback;
324 QueryLeafIndex("ct.test", "foo", &callback); 270 QueryAuditProof("ct.test", "", kTreeSizes[0], &callback);
325 ASSERT_TRUE(callback.called()); 271 ASSERT_TRUE(callback.called());
326 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); 272 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT));
327 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 273 EXPECT_THAT(callback.proof(), IsNull());
328 } 274 }
329 275
330 TEST_P(LogDnsClientTest, QueryLeafIndexReportsInvalidArgIfLeafHashIsEmpty) { 276 TEST_P(LogDnsClientTest, QueryAuditProofReportsInvalidArgIfLeafHashIsNull) {
331 MockLeafIndexCallback callback; 277 MockAuditProofCallback callback;
332 QueryLeafIndex("ct.test", "", &callback); 278 QueryAuditProof("ct.test", nullptr, kTreeSizes[0], &callback);
333 ASSERT_TRUE(callback.called()); 279 ASSERT_TRUE(callback.called());
334 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); 280 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT));
335 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 281 EXPECT_THAT(callback.proof(), IsNull());
336 } 282 }
337 283
338 TEST_P(LogDnsClientTest, QueryLeafIndexReportsInvalidArgIfLeafHashIsNull) { 284 TEST_P(LogDnsClientTest,
339 MockLeafIndexCallback callback; 285 QueryAuditProofReportsSocketErrorsDuringLeafIndexRequests) {
340 QueryLeafIndex("ct.test", nullptr, &callback); 286 mock_dns_.ExpectRequestAndSocketError(kLeafIndexQnames[0],
287 net::ERR_CONNECTION_REFUSED);
288
289 MockAuditProofCallback callback;
290 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
341 ASSERT_TRUE(callback.called()); 291 ASSERT_TRUE(callback.called());
342 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); 292 EXPECT_THAT(callback.net_error(), IsError(net::ERR_CONNECTION_REFUSED));
343 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 293 EXPECT_THAT(callback.proof(), IsNull());
344 } 294 }
345 295
346 TEST_P(LogDnsClientTest, QueryLeafIndexReportsSocketError) { 296 TEST_P(LogDnsClientTest,
347 mock_dns_.ExpectRequestAndSocketError(kBase32LeafHashes[0], 297 QueryAuditProofReportsTimeoutsDuringLeafIndexRequests) {
348 net::ERR_CONNECTION_REFUSED); 298 mock_dns_.ExpectRequestAndTimeout(kLeafIndexQnames[0]);
349 299
350 MockLeafIndexCallback callback; 300 MockAuditProofCallback callback;
351 QueryLeafIndex("ct.test", kLeafHashes[0], &callback); 301 QueryAuditProof("ct.test", kLeafHashes[0], kTreeSizes[0], &callback);
352 ASSERT_TRUE(callback.called());
353 EXPECT_THAT(callback.net_error(), IsError(net::ERR_CONNECTION_REFUSED));
354 EXPECT_THAT(callback.leaf_index(), Eq(0u));
355 }
356
357 TEST_P(LogDnsClientTest, QueryLeafIndexReportsTimeout) {
358 mock_dns_.ExpectRequestAndTimeout(kBase32LeafHashes[0]);
359
360 MockLeafIndexCallback callback;
361 QueryLeafIndex("ct.test", kLeafHashes[0], &callback);
362 ASSERT_TRUE(callback.called()); 302 ASSERT_TRUE(callback.called());
363 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_TIMED_OUT)); 303 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_TIMED_OUT));
364 EXPECT_THAT(callback.leaf_index(), Eq(0u)); 304 EXPECT_THAT(callback.proof(), IsNull());
365 } 305 }
366 306
367 TEST_P(LogDnsClientTest, QueryAuditProof) { 307 TEST_P(LogDnsClientTest, QueryAuditProof) {
368 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); 308 const std::vector<std::string> audit_proof = GetSampleAuditProof(20);
369 309
310 // Expect a leaf index query first, to map the leaf hash to a leaf index.
311 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
312
370 // It takes a number of DNS requests to retrieve the entire |audit_proof| 313 // It takes a number of DNS requests to retrieve the entire |audit_proof|
371 // (see |kMaxProofNodesPerDnsResponse|). 314 // (see |kMaxProofNodesPerDnsResponse|).
372 for (size_t nodes_begin = 0; nodes_begin < audit_proof.size(); 315 for (size_t nodes_begin = 0; nodes_begin < audit_proof.size();
373 nodes_begin += kMaxProofNodesPerDnsResponse) { 316 nodes_begin += kMaxProofNodesPerDnsResponse) {
374 const size_t nodes_end = std::min( 317 const size_t nodes_end = std::min(
375 nodes_begin + kMaxProofNodesPerDnsResponse, audit_proof.size()); 318 nodes_begin + kMaxProofNodesPerDnsResponse, audit_proof.size());
376 319
377 mock_dns_.ExpectAuditProofRequestAndResponse( 320 mock_dns_.ExpectAuditProofRequestAndResponse(
378 base::StringPrintf("%zu.123456.999999.tree.ct.test.", nodes_begin), 321 base::StringPrintf("%zu.123456.999999.tree.ct.test.", nodes_begin),
379 audit_proof.begin() + nodes_begin, audit_proof.begin() + nodes_end); 322 audit_proof.begin() + nodes_begin, audit_proof.begin() + nodes_end);
380 } 323 }
381 324
382 MockAuditProofCallback callback; 325 MockAuditProofCallback callback;
383 QueryAuditProof("ct.test", 123456, 999999, &callback); 326 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
384 ASSERT_TRUE(callback.called()); 327 ASSERT_TRUE(callback.called());
385 EXPECT_THAT(callback.net_error(), IsOk()); 328 EXPECT_THAT(callback.net_error(), IsOk());
386 ASSERT_THAT(callback.proof(), NotNull()); 329 ASSERT_THAT(callback.proof(), NotNull());
387 EXPECT_THAT(callback.proof()->leaf_index, Eq(123456u)); 330 EXPECT_THAT(callback.proof()->leaf_index, Eq(123456u));
388 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. 331 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size.
389 // EXPECT_THAT(callback.proof()->tree_size, Eq(999999)); 332 // EXPECT_THAT(callback.proof()->tree_size, Eq(999999));
390 EXPECT_THAT(callback.proof()->nodes, Eq(audit_proof)); 333 EXPECT_THAT(callback.proof()->nodes, Eq(audit_proof));
391 } 334 }
392 335
393 TEST_P(LogDnsClientTest, QueryAuditProofHandlesResponsesWithShortAuditPaths) { 336 TEST_P(LogDnsClientTest, QueryAuditProofHandlesResponsesWithShortAuditPaths) {
394 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); 337 const std::vector<std::string> audit_proof = GetSampleAuditProof(20);
395 338
339 // Expect a leaf index query first, to map the leaf hash to a leaf index.
340 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
341
396 // Make some of the responses contain fewer proof nodes than they can hold. 342 // Make some of the responses contain fewer proof nodes than they can hold.
397 mock_dns_.ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", 343 mock_dns_.ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.",
398 audit_proof.begin(), 344 audit_proof.begin(),
399 audit_proof.begin() + 1); 345 audit_proof.begin() + 1);
400 mock_dns_.ExpectAuditProofRequestAndResponse("1.123456.999999.tree.ct.test.", 346 mock_dns_.ExpectAuditProofRequestAndResponse("1.123456.999999.tree.ct.test.",
401 audit_proof.begin() + 1, 347 audit_proof.begin() + 1,
402 audit_proof.begin() + 3); 348 audit_proof.begin() + 3);
403 mock_dns_.ExpectAuditProofRequestAndResponse("3.123456.999999.tree.ct.test.", 349 mock_dns_.ExpectAuditProofRequestAndResponse("3.123456.999999.tree.ct.test.",
404 audit_proof.begin() + 3, 350 audit_proof.begin() + 3,
405 audit_proof.begin() + 6); 351 audit_proof.begin() + 6);
406 mock_dns_.ExpectAuditProofRequestAndResponse("6.123456.999999.tree.ct.test.", 352 mock_dns_.ExpectAuditProofRequestAndResponse("6.123456.999999.tree.ct.test.",
407 audit_proof.begin() + 6, 353 audit_proof.begin() + 6,
408 audit_proof.begin() + 10); 354 audit_proof.begin() + 10);
409 mock_dns_.ExpectAuditProofRequestAndResponse("10.123456.999999.tree.ct.test.", 355 mock_dns_.ExpectAuditProofRequestAndResponse("10.123456.999999.tree.ct.test.",
410 audit_proof.begin() + 10, 356 audit_proof.begin() + 10,
411 audit_proof.begin() + 13); 357 audit_proof.begin() + 13);
412 mock_dns_.ExpectAuditProofRequestAndResponse("13.123456.999999.tree.ct.test.", 358 mock_dns_.ExpectAuditProofRequestAndResponse("13.123456.999999.tree.ct.test.",
413 audit_proof.begin() + 13, 359 audit_proof.begin() + 13,
414 audit_proof.end()); 360 audit_proof.end());
415 361
416 MockAuditProofCallback callback; 362 MockAuditProofCallback callback;
417 QueryAuditProof("ct.test", 123456, 999999, &callback); 363 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
418 ASSERT_TRUE(callback.called()); 364 ASSERT_TRUE(callback.called());
419 EXPECT_THAT(callback.net_error(), IsOk()); 365 EXPECT_THAT(callback.net_error(), IsOk());
420 ASSERT_THAT(callback.proof(), NotNull()); 366 ASSERT_THAT(callback.proof(), NotNull());
421 EXPECT_THAT(callback.proof()->leaf_index, Eq(123456u)); 367 EXPECT_THAT(callback.proof()->leaf_index, Eq(123456u));
422 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. 368 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size.
423 // EXPECT_THAT(callback.proof()->tree_size, Eq(999999)); 369 // EXPECT_THAT(callback.proof()->tree_size, Eq(999999));
424 EXPECT_THAT(callback.proof()->nodes, Eq(audit_proof)); 370 EXPECT_THAT(callback.proof()->nodes, Eq(audit_proof));
425 } 371 }
426 372
427 TEST_P(LogDnsClientTest, QueryAuditProofReportsThatLogDomainDoesNotExist) { 373 TEST_P(LogDnsClientTest,
374 QueryAuditProofReportsThatAuditProofQnameDoesNotExist) {
375 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
428 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", 376 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.",
429 net::dns_protocol::kRcodeNXDOMAIN); 377 net::dns_protocol::kRcodeNXDOMAIN);
430 378
431 MockAuditProofCallback callback; 379 MockAuditProofCallback callback;
432 QueryAuditProof("ct.test", 123456, 999999, &callback); 380 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
433 ASSERT_TRUE(callback.called()); 381 ASSERT_TRUE(callback.called());
434 EXPECT_THAT(callback.net_error(), IsError(net::ERR_NAME_NOT_RESOLVED)); 382 EXPECT_THAT(callback.net_error(), IsError(net::ERR_NAME_NOT_RESOLVED));
435 EXPECT_THAT(callback.proof(), IsNull()); 383 EXPECT_THAT(callback.proof(), IsNull());
436 } 384 }
437 385
438 TEST_P(LogDnsClientTest, QueryAuditProofReportsServerFailure) { 386 TEST_P(LogDnsClientTest,
387 QueryAuditProofReportsServerFailureDuringAuditProofRequests) {
388 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
439 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", 389 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.",
440 net::dns_protocol::kRcodeSERVFAIL); 390 net::dns_protocol::kRcodeSERVFAIL);
441 391
442 MockAuditProofCallback callback; 392 MockAuditProofCallback callback;
443 QueryAuditProof("ct.test", 123456, 999999, &callback); 393 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
444 ASSERT_TRUE(callback.called()); 394 ASSERT_TRUE(callback.called());
445 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); 395 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED));
446 EXPECT_THAT(callback.proof(), IsNull()); 396 EXPECT_THAT(callback.proof(), IsNull());
447 } 397 }
448 398
449 TEST_P(LogDnsClientTest, QueryAuditProofReportsServerRefusal) { 399 TEST_P(LogDnsClientTest,
400 QueryAuditProofReportsServerRefusalDuringAuditProofRequests) {
401 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
450 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.", 402 mock_dns_.ExpectRequestAndErrorResponse("0.123456.999999.tree.ct.test.",
451 net::dns_protocol::kRcodeREFUSED); 403 net::dns_protocol::kRcodeREFUSED);
452 404
453 MockAuditProofCallback callback; 405 MockAuditProofCallback callback;
454 QueryAuditProof("ct.test", 123456, 999999, &callback); 406 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
455 ASSERT_TRUE(callback.called()); 407 ASSERT_TRUE(callback.called());
456 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED)); 408 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_SERVER_FAILED));
457 EXPECT_THAT(callback.proof(), IsNull()); 409 EXPECT_THAT(callback.proof(), IsNull());
458 } 410 }
459 411
460 TEST_P(LogDnsClientTest, 412 TEST_P(LogDnsClientTest,
461 QueryAuditProofReportsResponseMalformedIfNodeTooShort) { 413 QueryAuditProofReportsResponseMalformedIfNodeTooShort) {
462 // node is shorter than a SHA-256 hash (31 vs 32 bytes) 414 // node is shorter than a SHA-256 hash (31 vs 32 bytes)
463 const std::vector<std::string> audit_proof(1, std::string(31, 'a')); 415 const std::vector<std::string> audit_proof(1, std::string(31, 'a'));
464 416
417 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
465 mock_dns_.ExpectAuditProofRequestAndResponse( 418 mock_dns_.ExpectAuditProofRequestAndResponse(
466 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end()); 419 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end());
467 420
468 MockAuditProofCallback callback; 421 MockAuditProofCallback callback;
469 QueryAuditProof("ct.test", 123456, 999999, &callback); 422 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
470 ASSERT_TRUE(callback.called()); 423 ASSERT_TRUE(callback.called());
471 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); 424 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE));
472 EXPECT_THAT(callback.proof(), IsNull()); 425 EXPECT_THAT(callback.proof(), IsNull());
473 } 426 }
474 427
475 TEST_P(LogDnsClientTest, QueryAuditProofReportsResponseMalformedIfNodeTooLong) { 428 TEST_P(LogDnsClientTest, QueryAuditProofReportsResponseMalformedIfNodeTooLong) {
476 // node is longer than a SHA-256 hash (33 vs 32 bytes) 429 // node is longer than a SHA-256 hash (33 vs 32 bytes)
477 const std::vector<std::string> audit_proof(1, std::string(33, 'a')); 430 const std::vector<std::string> audit_proof(1, std::string(33, 'a'));
478 431
432 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
479 mock_dns_.ExpectAuditProofRequestAndResponse( 433 mock_dns_.ExpectAuditProofRequestAndResponse(
480 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end()); 434 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end());
481 435
482 MockAuditProofCallback callback; 436 MockAuditProofCallback callback;
483 QueryAuditProof("ct.test", 123456, 999999, &callback); 437 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
484 ASSERT_TRUE(callback.called()); 438 ASSERT_TRUE(callback.called());
485 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); 439 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE));
486 EXPECT_THAT(callback.proof(), IsNull()); 440 EXPECT_THAT(callback.proof(), IsNull());
487 } 441 }
488 442
489 TEST_P(LogDnsClientTest, QueryAuditProofReportsResponseMalformedIfEmpty) { 443 TEST_P(LogDnsClientTest, QueryAuditProofReportsResponseMalformedIfEmpty) {
490 const std::vector<std::string> audit_proof; 444 const std::vector<std::string> audit_proof;
491 445
446 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
492 mock_dns_.ExpectAuditProofRequestAndResponse( 447 mock_dns_.ExpectAuditProofRequestAndResponse(
493 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end()); 448 "0.123456.999999.tree.ct.test.", audit_proof.begin(), audit_proof.end());
494 449
495 MockAuditProofCallback callback; 450 MockAuditProofCallback callback;
496 QueryAuditProof("ct.test", 123456, 999999, &callback); 451 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
497 ASSERT_TRUE(callback.called()); 452 ASSERT_TRUE(callback.called());
498 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE)); 453 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_MALFORMED_RESPONSE));
499 EXPECT_THAT(callback.proof(), IsNull()); 454 EXPECT_THAT(callback.proof(), IsNull());
500 } 455 }
501 456
502 TEST_P(LogDnsClientTest, QueryAuditProofReportsInvalidArgIfLogDomainIsEmpty) {
503 MockAuditProofCallback callback;
504 QueryAuditProof("", 123456, 999999, &callback);
505 ASSERT_TRUE(callback.called());
506 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT));
507 EXPECT_THAT(callback.proof(), IsNull());
508 }
509
510 TEST_P(LogDnsClientTest, QueryAuditProofReportsInvalidArgIfLogDomainIsNull) {
511 MockAuditProofCallback callback;
512 QueryAuditProof(nullptr, 123456, 999999, &callback);
513 ASSERT_TRUE(callback.called());
514 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT));
515 EXPECT_THAT(callback.proof(), IsNull());
516 }
517
518 TEST_P(LogDnsClientTest, 457 TEST_P(LogDnsClientTest,
519 QueryAuditProofReportsInvalidArgIfLeafIndexEqualToTreeSize) { 458 QueryAuditProofReportsInvalidArgIfLeafIndexEqualToTreeSize) {
459 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
460
520 MockAuditProofCallback callback; 461 MockAuditProofCallback callback;
521 QueryAuditProof("ct.test", 123456, 123456, &callback); 462 QueryAuditProof("ct.test", kLeafHashes[0], 123456, &callback);
522 ASSERT_TRUE(callback.called()); 463 ASSERT_TRUE(callback.called());
523 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); 464 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT));
524 EXPECT_THAT(callback.proof(), IsNull()); 465 EXPECT_THAT(callback.proof(), IsNull());
525 } 466 }
526 467
527 TEST_P(LogDnsClientTest, 468 TEST_P(LogDnsClientTest,
528 QueryAuditProofReportsInvalidArgIfLeafIndexGreaterThanTreeSize) { 469 QueryAuditProofReportsInvalidArgIfLeafIndexGreaterThanTreeSize) {
470 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "999999");
471
529 MockAuditProofCallback callback; 472 MockAuditProofCallback callback;
530 QueryAuditProof("ct.test", 999999, 123456, &callback); 473 QueryAuditProof("ct.test", kLeafHashes[0], 123456, &callback);
531 ASSERT_TRUE(callback.called()); 474 ASSERT_TRUE(callback.called());
532 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT)); 475 EXPECT_THAT(callback.net_error(), IsError(net::ERR_INVALID_ARGUMENT));
533 EXPECT_THAT(callback.proof(), IsNull()); 476 EXPECT_THAT(callback.proof(), IsNull());
534 } 477 }
535 478
536 TEST_P(LogDnsClientTest, QueryAuditProofReportsSocketError) { 479 TEST_P(LogDnsClientTest,
480 QueryAuditProofReportsSocketErrorsDuringAuditProofRequests) {
481 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
537 mock_dns_.ExpectRequestAndSocketError("0.123456.999999.tree.ct.test.", 482 mock_dns_.ExpectRequestAndSocketError("0.123456.999999.tree.ct.test.",
538 net::ERR_CONNECTION_REFUSED); 483 net::ERR_CONNECTION_REFUSED);
539 484
540 MockAuditProofCallback callback; 485 MockAuditProofCallback callback;
541 QueryAuditProof("ct.test", 123456, 999999, &callback); 486 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
542 ASSERT_TRUE(callback.called()); 487 ASSERT_TRUE(callback.called());
543 EXPECT_THAT(callback.net_error(), IsError(net::ERR_CONNECTION_REFUSED)); 488 EXPECT_THAT(callback.net_error(), IsError(net::ERR_CONNECTION_REFUSED));
544 EXPECT_THAT(callback.proof(), IsNull()); 489 EXPECT_THAT(callback.proof(), IsNull());
545 } 490 }
546 491
547 TEST_P(LogDnsClientTest, QueryAuditProofReportsTimeout) { 492 TEST_P(LogDnsClientTest,
493 QueryAuditProofReportsTimeoutsDuringAuditProofRequests) {
494 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
548 mock_dns_.ExpectRequestAndTimeout("0.123456.999999.tree.ct.test."); 495 mock_dns_.ExpectRequestAndTimeout("0.123456.999999.tree.ct.test.");
549 496
550 MockAuditProofCallback callback; 497 MockAuditProofCallback callback;
551 QueryAuditProof("ct.test", 123456, 999999, &callback); 498 QueryAuditProof("ct.test", kLeafHashes[0], 999999, &callback);
552 ASSERT_TRUE(callback.called()); 499 ASSERT_TRUE(callback.called());
553 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_TIMED_OUT)); 500 EXPECT_THAT(callback.net_error(), IsError(net::ERR_DNS_TIMED_OUT));
554 EXPECT_THAT(callback.proof(), IsNull()); 501 EXPECT_THAT(callback.proof(), IsNull());
555 } 502 }
556 503
557 TEST_P(LogDnsClientTest, AdoptsLatestDnsConfigIfValid) { 504 TEST_P(LogDnsClientTest, AdoptsLatestDnsConfigIfValid) {
558 std::unique_ptr<net::DnsClient> tmp = mock_dns_.CreateDnsClient(); 505 std::unique_ptr<net::DnsClient> tmp = mock_dns_.CreateDnsClient();
559 net::DnsClient* dns_client = tmp.get(); 506 net::DnsClient* dns_client = tmp.get();
560 LogDnsClient log_client(std::move(tmp), net::NetLogWithSource(), 0); 507 LogDnsClient log_client(std::move(tmp), net::NetLogWithSource(), 0);
561 508
(...skipping 17 matching lines...) Expand all
579 net::DnsConfig config(*dns_client->GetConfig()); 526 net::DnsConfig config(*dns_client->GetConfig());
580 ASSERT_THAT(config.nameservers, Not(IsEmpty())); 527 ASSERT_THAT(config.nameservers, Not(IsEmpty()));
581 config.nameservers.clear(); // Makes config invalid 528 config.nameservers.clear(); // Makes config invalid
582 mock_dns_.SetDnsConfig(config); 529 mock_dns_.SetDnsConfig(config);
583 530
584 // Let the DNS config change propogate. 531 // Let the DNS config change propogate.
585 base::RunLoop().RunUntilIdle(); 532 base::RunLoop().RunUntilIdle();
586 EXPECT_THAT(dns_client->GetConfig()->nameservers, Not(IsEmpty())); 533 EXPECT_THAT(dns_client->GetConfig()->nameservers, Not(IsEmpty()));
587 } 534 }
588 535
589 TEST_P(LogDnsClientTest, CanPerformLeafIndexQueriesInParallel) { 536 // Test that changes to the DNS config after starting a query are adopted and
590 // Test that leaf index queries can be performed in parallel. 537 // that the query is not disrupted.
591 constexpr size_t kNumOfParallelQueries = 3; 538 TEST_P(LogDnsClientTest, AdoptsLatestDnsConfigMidQuery) {
592 ASSERT_THAT(kNumOfParallelQueries, AllOf(Le(arraysize(kLeafHashes)), 539 const std::vector<std::string> audit_proof = GetSampleAuditProof(20);
593 Le(arraysize(kBase32LeafHashes))))
594 << "Not enough test data for this many parallel queries";
595 540
596 std::unique_ptr<LogDnsClient> log_client = 541 // Expect a leaf index query first, to map the leaf hash to a leaf index.
597 CreateLogDnsClient(kNumOfParallelQueries); 542 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
598 MockLeafIndexCallback callbacks[kNumOfParallelQueries];
599 543
600 // Expect multiple queries. 544 // It takes a number of DNS requests to retrieve the entire |audit_proof|
601 for (size_t i = 0; i < kNumOfParallelQueries; ++i) { 545 // (see |kMaxProofNodesPerDnsResponse|).
602 mock_dns_.ExpectLeafIndexRequestAndResponse( 546 for (size_t nodes_begin = 0; nodes_begin < audit_proof.size();
603 kBase32LeafHashes[i], base::Uint64ToString(kLeafIndices[i])); 547 nodes_begin += kMaxProofNodesPerDnsResponse) {
548 const size_t nodes_end = std::min(
549 nodes_begin + kMaxProofNodesPerDnsResponse, audit_proof.size());
550
551 mock_dns_.ExpectAuditProofRequestAndResponse(
552 base::StringPrintf("%zu.123456.999999.tree.ct.test.", nodes_begin),
553 audit_proof.begin() + nodes_begin, audit_proof.begin() + nodes_end);
604 } 554 }
605 555
606 // Start the queries. 556 std::unique_ptr<net::DnsClient> tmp = mock_dns_.CreateDnsClient();
607 for (size_t i = 0; i < kNumOfParallelQueries; ++i) { 557 net::DnsClient* dns_client = tmp.get();
608 QueryLeafIndexAsync(log_client.get(), "ct.test", kLeafHashes[i], 558 LogDnsClient log_client(std::move(tmp), net::NetLogWithSource(), 0);
609 callbacks[i].AsCallback());
610 }
611 559
612 // Wait for each query to complete and check its results. 560 // Start query.
613 for (size_t i = 0; i < kNumOfParallelQueries; ++i) { 561 MockAuditProofCallback callback;
614 MockLeafIndexCallback& callback = callbacks[i]; 562 QueryAuditProofAsync(&log_client, "ct.test", kLeafHashes[0], 999999,
615 callback.WaitUntilRun(); 563 callback.AsCallback());
616 564
617 SCOPED_TRACE(testing::Message() << "callbacks[" << i << "]"); 565 // Get the current DNS config, modify it and broadcast the update.
618 ASSERT_TRUE(callback.called()); 566 net::DnsConfig config(*dns_client->GetConfig());
619 EXPECT_THAT(callback.net_error(), IsOk()); 567 ASSERT_NE(123, config.attempts);
620 EXPECT_THAT(callback.leaf_index(), Eq(kLeafIndices[i])); 568 config.attempts = 123;
621 } 569 mock_dns_.SetDnsConfig(config);
570
571 callback.WaitUntilRun();
572 // Check that the DNS changes propogated before the query completed.
573 EXPECT_EQ(123, dns_client->GetConfig()->attempts);
574
575 ASSERT_TRUE(callback.called());
576 EXPECT_THAT(callback.net_error(), IsOk());
577 ASSERT_THAT(callback.proof(), NotNull());
578 EXPECT_THAT(callback.proof()->leaf_index, Eq(123456u));
579 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size.
580 // EXPECT_THAT(callback.proof()->tree_size, Eq(999999));
581 EXPECT_THAT(callback.proof()->nodes, Eq(audit_proof));
622 } 582 }
623 583
624 TEST_P(LogDnsClientTest, CanPerformAuditProofQueriesInParallel) { 584 TEST_P(LogDnsClientTest, CanPerformQueriesInParallel) {
625 // Check that 3 audit proof queries can be performed in parallel. 585 // Check that 3 queries can be performed in parallel.
626 constexpr size_t kNumOfParallelQueries = 3; 586 constexpr size_t kNumOfParallelQueries = 3;
627 ASSERT_THAT(kNumOfParallelQueries, 587 ASSERT_THAT(kNumOfParallelQueries,
628 AllOf(Le(arraysize(kLeafIndices)), Le(arraysize(kTreeSizes)))) 588 AllOf(Le(arraysize(kLeafIndexQnames)),
589 Le(arraysize(kLeafIndices)), Le(arraysize(kTreeSizes))))
629 << "Not enough test data for this many parallel queries"; 590 << "Not enough test data for this many parallel queries";
630 591
631 std::unique_ptr<LogDnsClient> log_client = 592 std::unique_ptr<LogDnsClient> log_client =
632 CreateLogDnsClient(kNumOfParallelQueries); 593 CreateLogDnsClient(kNumOfParallelQueries);
633 MockAuditProofCallback callbacks[kNumOfParallelQueries]; 594 MockAuditProofCallback callbacks[kNumOfParallelQueries];
634 595
635 // Each query should require one more DNS request than the last. 596 // Expect multiple leaf index requests.
636 // This helps to test that parallel queries do not intefere with each other, 597 for (size_t i = 0; i < kNumOfParallelQueries; ++i) {
637 // e.g. one query causing another to end prematurely. 598 mock_dns_.ExpectLeafIndexRequestAndResponse(
599 kLeafIndexQnames[i], base::Uint64ToString(kLeafIndices[i]));
600 }
601
602 // Make each query require one more audit proof request than the last, by
603 // increasing the number of nodes in the audit proof by
604 // kMaxProofNodesPerDnsResponse for each query. This helps to test that
605 // parallel queries do not intefere with each other, e.g. one query causing
606 // another to end prematurely.
638 std::vector<std::string> audit_proofs[kNumOfParallelQueries]; 607 std::vector<std::string> audit_proofs[kNumOfParallelQueries];
639 for (size_t query_i = 0; query_i < kNumOfParallelQueries; ++query_i) { 608 for (size_t query_i = 0; query_i < kNumOfParallelQueries; ++query_i) {
640 const size_t dns_requests_required = query_i + 1; 609 const size_t dns_requests_required = query_i + 1;
641 audit_proofs[query_i] = GetSampleAuditProof(dns_requests_required * 610 audit_proofs[query_i] = GetSampleAuditProof(dns_requests_required *
642 kMaxProofNodesPerDnsResponse); 611 kMaxProofNodesPerDnsResponse);
643 } 612 }
644 // The most DNS requests that are made by any of the above N queries is N. 613 // The most DNS requests that are made by any of the above N queries is N.
645 const size_t kMaxDnsRequestsPerQuery = kNumOfParallelQueries; 614 const size_t kMaxDnsRequestsPerQuery = kNumOfParallelQueries;
646 615
647 // Setup expectations for up to N DNS requests per query performed. 616 // Setup expectations for up to N DNS requests per query performed.
(...skipping 17 matching lines...) Expand all
665 base::StringPrintf("%zu.%" PRIu64 ".%" PRIu64 ".tree.ct.test.", 634 base::StringPrintf("%zu.%" PRIu64 ".%" PRIu64 ".tree.ct.test.",
666 start_node, kLeafIndices[query_i], 635 start_node, kLeafIndices[query_i],
667 kTreeSizes[query_i]), 636 kTreeSizes[query_i]),
668 proof.begin() + start_node, proof.begin() + end_node); 637 proof.begin() + start_node, proof.begin() + end_node);
669 } 638 }
670 } 639 }
671 } 640 }
672 641
673 // Start the queries. 642 // Start the queries.
674 for (size_t i = 0; i < kNumOfParallelQueries; ++i) { 643 for (size_t i = 0; i < kNumOfParallelQueries; ++i) {
675 QueryAuditProofAsync(log_client.get(), "ct.test", kLeafIndices[i], 644 QueryAuditProofAsync(log_client.get(), "ct.test", kLeafHashes[i],
676 kTreeSizes[i], callbacks[i].AsCallback()); 645 kTreeSizes[i], callbacks[i].AsCallback());
677 } 646 }
678 647
679 // Wait for each query to complete and check its results. 648 // Wait for each query to complete and check its results.
680 for (size_t i = 0; i < kNumOfParallelQueries; ++i) { 649 for (size_t i = 0; i < kNumOfParallelQueries; ++i) {
681 MockAuditProofCallback& callback = callbacks[i]; 650 MockAuditProofCallback& callback = callbacks[i];
682 callbacks[i].WaitUntilRun(); 651 callbacks[i].WaitUntilRun();
683 652
684 SCOPED_TRACE(testing::Message() << "callbacks[" << i << "]"); 653 SCOPED_TRACE(testing::Message() << "callbacks[" << i << "]");
685 ASSERT_TRUE(callback.called()); 654 ASSERT_TRUE(callback.called());
686 EXPECT_THAT(callback.net_error(), IsOk()); 655 EXPECT_THAT(callback.net_error(), IsOk());
687 ASSERT_THAT(callback.proof(), NotNull()); 656 ASSERT_THAT(callback.proof(), NotNull());
688 EXPECT_THAT(callback.proof()->leaf_index, Eq(kLeafIndices[i])); 657 EXPECT_THAT(callback.proof()->leaf_index, Eq(kLeafIndices[i]));
689 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. 658 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size.
690 // EXPECT_THAT(callback.proof()->tree_size, kTreeSizes[i]); 659 // EXPECT_THAT(callback.proof()->tree_size, kTreeSizes[i]);
691 EXPECT_THAT(callback.proof()->nodes, Eq(audit_proofs[i])); 660 EXPECT_THAT(callback.proof()->nodes, Eq(audit_proofs[i]));
692 } 661 }
693 } 662 }
694 663
695 TEST_P(LogDnsClientTest, CanPerformLeafIndexAndAuditProofQueriesInParallel) { 664 TEST_P(LogDnsClientTest, CanBeThrottledToOneQueryAtATime) {
696 // Check that a leaf index and audit proof query can be performed in parallel. 665 // Check that queries can be rate-limited to one at a time.
697 constexpr size_t kNumOfParallelQueries = 2; 666 // The second query, initiated while the first is in progress, should fail.
698 std::unique_ptr<LogDnsClient> log_client =
699 CreateLogDnsClient(kNumOfParallelQueries);
700 MockLeafIndexCallback leaf_index_callback;
701 MockAuditProofCallback audit_proof_callback;
702 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); 667 const std::vector<std::string> audit_proof = GetSampleAuditProof(20);
703 668
704 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[0], "123456"); 669 // Expect the first query to send leaf index and audit proof requests, but the
705 670 // second should not due to throttling.
706 // It should require 3 requests to collect the entire audit proof, as there is 671 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], "123456");
707 // only space for 7 nodes per TXT record. One node is 32 bytes long and the
708 // TXT RDATA can have a maximum length of 255 bytes (255 / 32).
709 mock_dns_.ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.",
710 audit_proof.begin(),
711 audit_proof.begin() + 7);
712 mock_dns_.ExpectAuditProofRequestAndResponse("7.123456.999999.tree.ct.test.",
713 audit_proof.begin() + 7,
714 audit_proof.begin() + 14);
715 mock_dns_.ExpectAuditProofRequestAndResponse("14.123456.999999.tree.ct.test.",
716 audit_proof.begin() + 14,
717 audit_proof.end());
718
719 // Start the queries.
720 QueryLeafIndexAsync(log_client.get(), "ct.test", kLeafHashes[0],
721 leaf_index_callback.AsCallback());
722 QueryAuditProofAsync(log_client.get(), "ct.test", 123456, 999999,
723 audit_proof_callback.AsCallback());
724
725 // Wait for the queries to complete, then check their results.
726 leaf_index_callback.WaitUntilRun();
727 audit_proof_callback.WaitUntilRun();
728
729 ASSERT_TRUE(leaf_index_callback.called());
730 EXPECT_THAT(leaf_index_callback.net_error(), IsOk());
731 EXPECT_THAT(leaf_index_callback.leaf_index(), Eq(123456u));
732
733 ASSERT_TRUE(audit_proof_callback.called());
734 EXPECT_THAT(audit_proof_callback.net_error(), IsOk());
735 ASSERT_THAT(audit_proof_callback.proof(), NotNull());
736 EXPECT_THAT(audit_proof_callback.proof()->leaf_index, Eq(123456u));
737 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size.
738 // EXPECT_THAT(audit_proof_callback.proof()->tree_size, Eq(999999));
739 EXPECT_THAT(audit_proof_callback.proof()->nodes, Eq(audit_proof));
740 }
741
742 TEST_P(LogDnsClientTest, CanBeThrottledToOneLeafIndexQueryAtATime) {
743 // Check that leaf index queries can be rate-limited to one at a time.
744 // The second query, initiated while the first is in progress, should fail.
745 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[0], "123456");
746
747 const size_t max_concurrent_queries = 1;
748 std::unique_ptr<LogDnsClient> log_client =
749 CreateLogDnsClient(max_concurrent_queries);
750
751 // Start the queries.
752 MockLeafIndexCallback callback1;
753 QueryLeafIndexAsync(log_client.get(), "ct.test", kLeafHashes[0],
754 callback1.AsCallback());
755 MockLeafIndexCallback callback2;
756 QueryLeafIndexAsync(log_client.get(), "ct.test", kLeafHashes[1],
757 callback2.AsCallback());
758
759 callback1.WaitUntilRun();
760 callback2.WaitUntilRun();
761
762 // Check that the first query succeeded.
763 ASSERT_TRUE(callback1.called());
764 EXPECT_THAT(callback1.net_error(), IsOk());
765 EXPECT_THAT(callback1.leaf_index(), Eq(123456u));
766
767 // Check that the second query failed.
768 ASSERT_TRUE(callback2.called());
769 EXPECT_THAT(callback2.net_error(), IsError(net::ERR_TEMPORARILY_THROTTLED));
770 EXPECT_THAT(callback2.leaf_index(), Eq(0u));
771
772 // Try a third query, which should succeed now that the first is finished.
773 mock_dns_.ExpectLeafIndexRequestAndResponse(kBase32LeafHashes[2], "666");
774
775 MockLeafIndexCallback callback3;
776 QueryLeafIndexAsync(log_client.get(), "ct.test", kLeafHashes[2],
777 callback3.AsCallback());
778
779 callback3.WaitUntilRun();
780
781 // Check that the third query succeeded.
782 ASSERT_TRUE(callback3.called());
783 EXPECT_THAT(callback3.net_error(), IsOk());
784 EXPECT_THAT(callback3.leaf_index(), Eq(666u));
785 }
786
787 TEST_P(LogDnsClientTest, CanBeThrottledToOneAuditProofQueryAtATime) {
788 // Check that audit proof queries can be rate-limited to one at a time.
789 // The second query, initiated while the first is in progress, should fail.
790 const std::vector<std::string> audit_proof = GetSampleAuditProof(20);
791 672
792 // It should require 3 requests to collect the entire audit proof, as there is 673 // It should require 3 requests to collect the entire audit proof, as there is
793 // only space for 7 nodes per TXT record. One node is 32 bytes long and the 674 // only space for 7 nodes per TXT record. One node is 32 bytes long and the
794 // TXT RDATA can have a maximum length of 255 bytes (255 / 32). 675 // TXT RDATA can have a maximum length of 255 bytes (255 / 32).
795 // Rate limiting should not interfere with these requests. 676 // Rate limiting should not interfere with these requests.
796 mock_dns_.ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", 677 mock_dns_.ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.",
797 audit_proof.begin(), 678 audit_proof.begin(),
798 audit_proof.begin() + 7); 679 audit_proof.begin() + 7);
799 mock_dns_.ExpectAuditProofRequestAndResponse("7.123456.999999.tree.ct.test.", 680 mock_dns_.ExpectAuditProofRequestAndResponse("7.123456.999999.tree.ct.test.",
800 audit_proof.begin() + 7, 681 audit_proof.begin() + 7,
801 audit_proof.begin() + 14); 682 audit_proof.begin() + 14);
802 mock_dns_.ExpectAuditProofRequestAndResponse("14.123456.999999.tree.ct.test.", 683 mock_dns_.ExpectAuditProofRequestAndResponse("14.123456.999999.tree.ct.test.",
803 audit_proof.begin() + 14, 684 audit_proof.begin() + 14,
804 audit_proof.end()); 685 audit_proof.end());
805 686
806 const size_t max_concurrent_queries = 1; 687 const size_t kMaxConcurrentQueries = 1;
807 std::unique_ptr<LogDnsClient> log_client = 688 std::unique_ptr<LogDnsClient> log_client =
808 CreateLogDnsClient(max_concurrent_queries); 689 CreateLogDnsClient(kMaxConcurrentQueries);
809 690
810 // Start the queries. 691 // Start the queries.
811 MockAuditProofCallback callback1; 692 MockAuditProofCallback callback1;
812 QueryAuditProofAsync(log_client.get(), "ct.test", 123456, 999999, 693 QueryAuditProofAsync(log_client.get(), "ct.test", kLeafHashes[0], 999999,
813 callback1.AsCallback()); 694 callback1.AsCallback());
814 MockAuditProofCallback callback2; 695 MockAuditProofCallback callback2;
815 QueryAuditProofAsync(log_client.get(), "ct.test", 123456, 999999, 696 QueryAuditProofAsync(log_client.get(), "ct.test", kLeafHashes[1], 999999,
816 callback2.AsCallback()); 697 callback2.AsCallback());
817 698
818 callback1.WaitUntilRun(); 699 callback1.WaitUntilRun();
819 callback2.WaitUntilRun(); 700 callback2.WaitUntilRun();
820 701
821 // Check that the first query succeeded. 702 // Check that the first query succeeded.
822 ASSERT_TRUE(callback1.called()); 703 ASSERT_TRUE(callback1.called());
823 EXPECT_THAT(callback1.net_error(), IsOk()); 704 EXPECT_THAT(callback1.net_error(), IsOk());
824 ASSERT_THAT(callback1.proof(), NotNull()); 705 ASSERT_THAT(callback1.proof(), NotNull());
825 EXPECT_THAT(callback1.proof()->leaf_index, Eq(123456u)); 706 EXPECT_THAT(callback1.proof()->leaf_index, Eq(123456u));
826 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. 707 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size.
827 // EXPECT_THAT(callback1.proof()->tree_size, Eq(999999)); 708 // EXPECT_THAT(callback1.proof()->tree_size, Eq(999999));
828 EXPECT_THAT(callback1.proof()->nodes, Eq(audit_proof)); 709 EXPECT_THAT(callback1.proof()->nodes, Eq(audit_proof));
829 710
830 // Check that the second query failed. 711 // Check that the second query failed.
831 ASSERT_TRUE(callback2.called()); 712 ASSERT_TRUE(callback2.called());
832 EXPECT_THAT(callback2.net_error(), IsError(net::ERR_TEMPORARILY_THROTTLED)); 713 EXPECT_THAT(callback2.net_error(), IsError(net::ERR_TEMPORARILY_THROTTLED));
833 EXPECT_THAT(callback2.proof(), IsNull()); 714 EXPECT_THAT(callback2.proof(), IsNull());
834 715
835 // Try a third query, which should succeed now that the first is finished. 716 // Try a third query, which should succeed now that the first is finished.
836 mock_dns_.ExpectAuditProofRequestAndResponse("0.123456.999999.tree.ct.test.", 717 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[2], "666");
718 mock_dns_.ExpectAuditProofRequestAndResponse("0.666.999999.tree.ct.test.",
837 audit_proof.begin(), 719 audit_proof.begin(),
838 audit_proof.begin() + 7); 720 audit_proof.begin() + 7);
839 mock_dns_.ExpectAuditProofRequestAndResponse("7.123456.999999.tree.ct.test.", 721 mock_dns_.ExpectAuditProofRequestAndResponse("7.666.999999.tree.ct.test.",
840 audit_proof.begin() + 7, 722 audit_proof.begin() + 7,
841 audit_proof.begin() + 14); 723 audit_proof.begin() + 14);
842 mock_dns_.ExpectAuditProofRequestAndResponse("14.123456.999999.tree.ct.test.", 724 mock_dns_.ExpectAuditProofRequestAndResponse("14.666.999999.tree.ct.test.",
843 audit_proof.begin() + 14, 725 audit_proof.begin() + 14,
844 audit_proof.end()); 726 audit_proof.end());
845 727
846 MockAuditProofCallback callback3; 728 MockAuditProofCallback callback3;
847 QueryAuditProofAsync(log_client.get(), "ct.test", 123456, 999999, 729 QueryAuditProofAsync(log_client.get(), "ct.test", kLeafHashes[2], 999999,
848 callback3.AsCallback()); 730 callback3.AsCallback());
849 731
850 callback3.WaitUntilRun(); 732 callback3.WaitUntilRun();
851 733
852 // Check that the third query succeeded. 734 // Check that the third query succeeded.
853 ASSERT_TRUE(callback3.called()); 735 ASSERT_TRUE(callback3.called());
854 EXPECT_THAT(callback3.net_error(), IsOk()); 736 EXPECT_THAT(callback3.net_error(), IsOk());
855 ASSERT_THAT(callback3.proof(), NotNull()); 737 ASSERT_THAT(callback3.proof(), NotNull());
856 EXPECT_THAT(callback3.proof()->leaf_index, Eq(123456u)); 738 EXPECT_THAT(callback3.proof()->leaf_index, Eq(666u));
857 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. 739 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size.
858 // EXPECT_THAT(callback3.proof()->tree_size, Eq(999999)); 740 // EXPECT_THAT(callback3.proof()->tree_size, Eq(999999));
859 EXPECT_THAT(callback3.proof()->nodes, Eq(audit_proof)); 741 EXPECT_THAT(callback3.proof()->nodes, Eq(audit_proof));
860 } 742 }
861 743
862 TEST_P(LogDnsClientTest, ThrottlingAppliesAcrossQueryTypes) {
863 // Check that queries can be rate-limited to one at a time, regardless of the
864 // type of query. The second query, initiated while the first is in progress,
865 // should fail.
866 mock_dns_.ExpectLeafIndexRequestAndResponse(
867 "D4S6DSV2J743QJZEQMH4UYHEYK7KRQ5JIQOCPMFUHZVJNFGHXACA.hash.ct.test.",
868 "123456");
869
870 const size_t max_concurrent_queries = 1;
871 std::unique_ptr<LogDnsClient> log_client =
872 CreateLogDnsClient(max_concurrent_queries);
873
874 // Start the queries.
875 MockLeafIndexCallback leaf_index_callback;
876 QueryLeafIndexAsync(log_client.get(), "ct.test", kLeafHashes[0],
877 leaf_index_callback.AsCallback());
878 MockAuditProofCallback audit_proof_callback;
879 QueryAuditProofAsync(log_client.get(), "ct.test", 123456, 999999,
880 audit_proof_callback.AsCallback());
881
882 leaf_index_callback.WaitUntilRun();
883 audit_proof_callback.WaitUntilRun();
884
885 // Check that the first query succeeded.
886 ASSERT_TRUE(leaf_index_callback.called());
887 EXPECT_THAT(leaf_index_callback.net_error(), IsOk());
888 EXPECT_THAT(leaf_index_callback.leaf_index(), Eq(123456u));
889
890 // Check that the second query failed.
891 ASSERT_TRUE(audit_proof_callback.called());
892 EXPECT_THAT(audit_proof_callback.net_error(),
893 IsError(net::ERR_TEMPORARILY_THROTTLED));
894 EXPECT_THAT(audit_proof_callback.proof(), IsNull());
895 }
896
897 INSTANTIATE_TEST_CASE_P(ReadMode, 744 INSTANTIATE_TEST_CASE_P(ReadMode,
898 LogDnsClientTest, 745 LogDnsClientTest,
899 ::testing::Values(net::IoMode::ASYNC, 746 ::testing::Values(net::IoMode::ASYNC,
900 net::IoMode::SYNCHRONOUS)); 747 net::IoMode::SYNCHRONOUS));
901 748
902 } // namespace 749 } // namespace
903 } // namespace certificate_transparency 750 } // namespace certificate_transparency
OLDNEW
« components/certificate_transparency/log_dns_client.cc ('K') | « components/certificate_transparency/log_dns_client.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698