OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/certificate_transparency/log_dns_client.h" | 5 #include "components/certificate_transparency/log_dns_client.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 #include <numeric> | 8 #include <numeric> |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
(...skipping 271 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
282 | 282 |
283 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( | 283 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( |
284 base::StringPrintf("%zu.123456.999999.tree.ct.test.", nodes_begin), | 284 base::StringPrintf("%zu.123456.999999.tree.ct.test.", nodes_begin), |
285 audit_proof.begin() + nodes_begin, audit_proof.begin() + nodes_end)); | 285 audit_proof.begin() + nodes_begin, audit_proof.begin() + nodes_end)); |
286 } | 286 } |
287 | 287 |
288 net::ct::MerkleAuditProof proof; | 288 net::ct::MerkleAuditProof proof; |
289 ASSERT_THAT(QueryAuditProof("ct.test", kLeafHashes[0], 999999, &proof), | 289 ASSERT_THAT(QueryAuditProof("ct.test", kLeafHashes[0], 999999, &proof), |
290 IsOk()); | 290 IsOk()); |
291 EXPECT_THAT(proof.leaf_index, Eq(123456u)); | 291 EXPECT_THAT(proof.leaf_index, Eq(123456u)); |
292 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. | 292 EXPECT_THAT(proof.tree_size, Eq(999999u)); |
293 // EXPECT_THAT(proof.tree_size, Eq(999999)); | |
294 EXPECT_THAT(proof.nodes, Eq(audit_proof)); | 293 EXPECT_THAT(proof.nodes, Eq(audit_proof)); |
295 } | 294 } |
296 | 295 |
297 TEST_P(LogDnsClientTest, QueryAuditProofHandlesResponsesWithShortAuditPaths) { | 296 TEST_P(LogDnsClientTest, QueryAuditProofHandlesResponsesWithShortAuditPaths) { |
298 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); | 297 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); |
299 | 298 |
300 // Expect a leaf index query first, to map the leaf hash to a leaf index. | 299 // Expect a leaf index query first, to map the leaf hash to a leaf index. |
301 ASSERT_TRUE( | 300 ASSERT_TRUE( |
302 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], 123456)); | 301 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], 123456)); |
303 | 302 |
(...skipping 14 matching lines...) Expand all Loading... |
318 "10.123456.999999.tree.ct.test.", audit_proof.begin() + 10, | 317 "10.123456.999999.tree.ct.test.", audit_proof.begin() + 10, |
319 audit_proof.begin() + 13)); | 318 audit_proof.begin() + 13)); |
320 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( | 319 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( |
321 "13.123456.999999.tree.ct.test.", audit_proof.begin() + 13, | 320 "13.123456.999999.tree.ct.test.", audit_proof.begin() + 13, |
322 audit_proof.end())); | 321 audit_proof.end())); |
323 | 322 |
324 net::ct::MerkleAuditProof proof; | 323 net::ct::MerkleAuditProof proof; |
325 ASSERT_THAT(QueryAuditProof("ct.test", kLeafHashes[0], 999999, &proof), | 324 ASSERT_THAT(QueryAuditProof("ct.test", kLeafHashes[0], 999999, &proof), |
326 IsOk()); | 325 IsOk()); |
327 EXPECT_THAT(proof.leaf_index, Eq(123456u)); | 326 EXPECT_THAT(proof.leaf_index, Eq(123456u)); |
328 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. | 327 EXPECT_THAT(proof.tree_size, Eq(999999u)); |
329 // EXPECT_THAT(proof.tree_size, Eq(999999)); | |
330 EXPECT_THAT(proof.nodes, Eq(audit_proof)); | 328 EXPECT_THAT(proof.nodes, Eq(audit_proof)); |
331 } | 329 } |
332 | 330 |
333 TEST_P(LogDnsClientTest, | 331 TEST_P(LogDnsClientTest, |
334 QueryAuditProofReportsThatAuditProofQnameDoesNotExist) { | 332 QueryAuditProofReportsThatAuditProofQnameDoesNotExist) { |
335 ASSERT_TRUE( | 333 ASSERT_TRUE( |
336 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], 123456)); | 334 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], 123456)); |
337 ASSERT_TRUE(mock_dns_.ExpectRequestAndErrorResponse( | 335 ASSERT_TRUE(mock_dns_.ExpectRequestAndErrorResponse( |
338 "0.123456.999999.tree.ct.test.", net::dns_protocol::kRcodeNXDOMAIN)); | 336 "0.123456.999999.tree.ct.test.", net::dns_protocol::kRcodeNXDOMAIN)); |
339 | 337 |
(...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
563 config.attempts = 123; | 561 config.attempts = 123; |
564 mock_dns_.SetDnsConfig(config); | 562 mock_dns_.SetDnsConfig(config); |
565 // The new config is distributed asynchronously via NetworkChangeNotifier. | 563 // The new config is distributed asynchronously via NetworkChangeNotifier. |
566 // Config change shouldn't have taken effect yet. | 564 // Config change shouldn't have taken effect yet. |
567 ASSERT_NE(123, dns_client->GetConfig()->attempts); | 565 ASSERT_NE(123, dns_client->GetConfig()->attempts); |
568 | 566 |
569 // Wait for the query to complete, then check that it was successful. | 567 // Wait for the query to complete, then check that it was successful. |
570 // The DNS config should be updated during this time. | 568 // The DNS config should be updated during this time. |
571 ASSERT_THAT(callback.WaitForResult(), IsOk()); | 569 ASSERT_THAT(callback.WaitForResult(), IsOk()); |
572 EXPECT_THAT(proof.leaf_index, Eq(123456u)); | 570 EXPECT_THAT(proof.leaf_index, Eq(123456u)); |
573 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. | 571 EXPECT_THAT(proof.tree_size, Eq(999999u)); |
574 // EXPECT_THAT(proof.tree_size, Eq(999999)); | |
575 EXPECT_THAT(proof.nodes, Eq(audit_proof)); | 572 EXPECT_THAT(proof.nodes, Eq(audit_proof)); |
576 | 573 |
577 // Check that the DNS config change was adopted. | 574 // Check that the DNS config change was adopted. |
578 ASSERT_EQ(123, dns_client->GetConfig()->attempts); | 575 ASSERT_EQ(123, dns_client->GetConfig()->attempts); |
579 } | 576 } |
580 | 577 |
581 TEST_P(LogDnsClientTest, CanPerformQueriesInParallel) { | 578 TEST_P(LogDnsClientTest, CanPerformQueriesInParallel) { |
582 // Check that 3 queries can be performed in parallel. | 579 // Check that 3 queries can be performed in parallel. |
583 constexpr size_t kNumOfParallelQueries = 3; | 580 constexpr size_t kNumOfParallelQueries = 3; |
584 ASSERT_THAT(kNumOfParallelQueries, | 581 ASSERT_THAT(kNumOfParallelQueries, |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
647 << "query #" << i; | 644 << "query #" << i; |
648 } | 645 } |
649 | 646 |
650 // Wait for each query to complete and check its results. | 647 // Wait for each query to complete and check its results. |
651 for (size_t i = 0; i < kNumOfParallelQueries; ++i) { | 648 for (size_t i = 0; i < kNumOfParallelQueries; ++i) { |
652 net::TestCompletionCallback& callback = callbacks[i]; | 649 net::TestCompletionCallback& callback = callbacks[i]; |
653 | 650 |
654 SCOPED_TRACE(testing::Message() << "callbacks[" << i << "]"); | 651 SCOPED_TRACE(testing::Message() << "callbacks[" << i << "]"); |
655 EXPECT_THAT(callback.WaitForResult(), IsOk()); | 652 EXPECT_THAT(callback.WaitForResult(), IsOk()); |
656 EXPECT_THAT(proofs[i].leaf_index, Eq(kLeafIndices[i])); | 653 EXPECT_THAT(proofs[i].leaf_index, Eq(kLeafIndices[i])); |
657 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. | 654 EXPECT_THAT(proofs[i].tree_size, Eq(kTreeSizes[i])); |
658 // EXPECT_THAT(proofs[i].tree_size, kTreeSizes[i]); | |
659 EXPECT_THAT(proofs[i].nodes, Eq(audit_proofs[i])); | 655 EXPECT_THAT(proofs[i].nodes, Eq(audit_proofs[i])); |
660 } | 656 } |
661 } | 657 } |
662 | 658 |
663 TEST_P(LogDnsClientTest, CanBeThrottledToOneQueryAtATime) { | 659 TEST_P(LogDnsClientTest, CanBeThrottledToOneQueryAtATime) { |
664 // Check that queries can be rate-limited to one at a time. | 660 // Check that queries can be rate-limited to one at a time. |
665 // The second query, initiated while the first is in progress, should fail. | 661 // The second query, initiated while the first is in progress, should fail. |
666 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); | 662 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); |
667 | 663 |
668 // Expect the first query to send leaf index and audit proof requests, but the | 664 // Expect the first query to send leaf index and audit proof requests, but the |
(...skipping 28 matching lines...) Expand all Loading... |
697 | 693 |
698 net::ct::MerkleAuditProof proof2; | 694 net::ct::MerkleAuditProof proof2; |
699 net::TestCompletionCallback callback2; | 695 net::TestCompletionCallback callback2; |
700 ASSERT_THAT(log_client->QueryAuditProof("ct.test", kLeafHashes[1], 999999, | 696 ASSERT_THAT(log_client->QueryAuditProof("ct.test", kLeafHashes[1], 999999, |
701 &proof2, callback2.callback()), | 697 &proof2, callback2.callback()), |
702 IsError(net::ERR_TEMPORARILY_THROTTLED)); | 698 IsError(net::ERR_TEMPORARILY_THROTTLED)); |
703 | 699 |
704 // Check that the first query succeeded. | 700 // Check that the first query succeeded. |
705 EXPECT_THAT(callback1.WaitForResult(), IsOk()); | 701 EXPECT_THAT(callback1.WaitForResult(), IsOk()); |
706 EXPECT_THAT(proof1.leaf_index, Eq(123456u)); | 702 EXPECT_THAT(proof1.leaf_index, Eq(123456u)); |
707 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. | 703 EXPECT_THAT(proof1.tree_size, Eq(999999u)); |
708 // EXPECT_THAT(proof1.tree_size, Eq(999999)); | |
709 EXPECT_THAT(proof1.nodes, Eq(audit_proof)); | 704 EXPECT_THAT(proof1.nodes, Eq(audit_proof)); |
710 | 705 |
711 // Try a third query, which should succeed now that the first is finished. | 706 // Try a third query, which should succeed now that the first is finished. |
712 ASSERT_TRUE( | 707 ASSERT_TRUE( |
713 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[2], 666)); | 708 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[2], 666)); |
714 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( | 709 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( |
715 "0.666.999999.tree.ct.test.", audit_proof.begin(), | 710 "0.666.999999.tree.ct.test.", audit_proof.begin(), |
716 audit_proof.begin() + 7)); | 711 audit_proof.begin() + 7)); |
717 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( | 712 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( |
718 "7.666.999999.tree.ct.test.", audit_proof.begin() + 7, | 713 "7.666.999999.tree.ct.test.", audit_proof.begin() + 7, |
719 audit_proof.begin() + 14)); | 714 audit_proof.begin() + 14)); |
720 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( | 715 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( |
721 "14.666.999999.tree.ct.test.", audit_proof.begin() + 14, | 716 "14.666.999999.tree.ct.test.", audit_proof.begin() + 14, |
722 audit_proof.end())); | 717 audit_proof.end())); |
723 | 718 |
724 net::ct::MerkleAuditProof proof3; | 719 net::ct::MerkleAuditProof proof3; |
725 net::TestCompletionCallback callback3; | 720 net::TestCompletionCallback callback3; |
726 ASSERT_THAT(log_client->QueryAuditProof("ct.test", kLeafHashes[2], 999999, | 721 ASSERT_THAT(log_client->QueryAuditProof("ct.test", kLeafHashes[2], 999999, |
727 &proof3, callback3.callback()), | 722 &proof3, callback3.callback()), |
728 IsError(net::ERR_IO_PENDING)); | 723 IsError(net::ERR_IO_PENDING)); |
729 | 724 |
730 // Check that the third query succeeded. | 725 // Check that the third query succeeded. |
731 EXPECT_THAT(callback3.WaitForResult(), IsOk()); | 726 EXPECT_THAT(callback3.WaitForResult(), IsOk()); |
732 EXPECT_THAT(proof3.leaf_index, Eq(666u)); | 727 EXPECT_THAT(proof3.leaf_index, Eq(666u)); |
733 // TODO(robpercival): Enable this once MerkleAuditProof has tree_size. | 728 EXPECT_THAT(proof3.tree_size, Eq(999999u)); |
734 // EXPECT_THAT(proof3.tree_size, Eq(999999)); | |
735 EXPECT_THAT(proof3.nodes, Eq(audit_proof)); | 729 EXPECT_THAT(proof3.nodes, Eq(audit_proof)); |
736 } | 730 } |
737 | 731 |
738 TEST_P(LogDnsClientTest, NotifiesWhenNoLongerThrottled) { | 732 TEST_P(LogDnsClientTest, NotifiesWhenNoLongerThrottled) { |
739 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); | 733 const std::vector<std::string> audit_proof = GetSampleAuditProof(20); |
740 | 734 |
741 ASSERT_TRUE( | 735 ASSERT_TRUE( |
742 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], 123456)); | 736 mock_dns_.ExpectLeafIndexRequestAndResponse(kLeafIndexQnames[0], 123456)); |
743 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( | 737 ASSERT_TRUE(mock_dns_.ExpectAuditProofRequestAndResponse( |
744 "0.123456.999999.tree.ct.test.", audit_proof.begin(), | 738 "0.123456.999999.tree.ct.test.", audit_proof.begin(), |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
792 base::RunLoop().RunUntilIdle(); | 786 base::RunLoop().RunUntilIdle(); |
793 ASSERT_FALSE(not_throttled_callback.have_result()); | 787 ASSERT_FALSE(not_throttled_callback.have_result()); |
794 } | 788 } |
795 | 789 |
796 INSTANTIATE_TEST_CASE_P(ReadMode, | 790 INSTANTIATE_TEST_CASE_P(ReadMode, |
797 LogDnsClientTest, | 791 LogDnsClientTest, |
798 ::testing::Values(net::IoMode::ASYNC, | 792 ::testing::Values(net::IoMode::ASYNC, |
799 net::IoMode::SYNCHRONOUS)); | 793 net::IoMode::SYNCHRONOUS)); |
800 | 794 |
801 } // namespace certificate_transparency | 795 } // namespace certificate_transparency |
OLD | NEW |