blob: 2e19bf82c783da5e36aa654898fe777887270404 [file] [log] [blame]
Ken Chenb9fa2062018-11-13 21:51:13 +08001/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
Lorenzo Colitti0a8b4aa2019-06-26 22:31:03 +090010 * Unless required by applicable law or agreed to in writing, software
Ken Chenb9fa2062018-11-13 21:51:13 +080011 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 *
16 */
17
Bernie Innocenti3952ccc2019-03-03 19:39:53 +090018#define LOG_TAG "resolv_integration_test"
Ken Chenb9fa2062018-11-13 21:51:13 +080019
Hungming Chen5bf09772019-04-25 11:16:13 +080020#include <android-base/logging.h>
Bernie Innocenti41b82c42019-06-05 22:38:25 +090021#include <android-base/parseint.h>
Mike Yu40e67072019-10-09 21:14:09 +080022#include <android-base/properties.h>
Bernie Innocenti41b82c42019-06-05 22:38:25 +090023#include <android-base/stringprintf.h>
24#include <android-base/unique_fd.h>
25#include <android/multinetwork.h> // ResNsendFlags
Ken Chenb9fa2062018-11-13 21:51:13 +080026#include <arpa/inet.h>
Luke Huang94b10b92018-11-21 20:13:38 +080027#include <arpa/nameser.h>
Hungming Chene8f970c2019-04-10 17:34:06 +080028#include <binder/ProcessState.h>
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +090029#include <bpf/BpfUtils.h>
Bernie Innocenti41b82c42019-06-05 22:38:25 +090030#include <cutils/sockets.h>
31#include <gmock/gmock-matchers.h>
32#include <gtest/gtest.h>
Ken Chenb9fa2062018-11-13 21:51:13 +080033#include <netdb.h>
Luke Huang9d2d25b2019-06-14 00:34:05 +080034#include <netdutils/InternetAddresses.h>
Luke Huang579ddc72019-06-14 00:59:39 +080035#include <netdutils/NetworkConstants.h> // SHA256_SIZE
Luke Huang9d2d25b2019-06-14 00:34:05 +080036#include <netdutils/ResponseCode.h>
Hungming Chen63779052019-10-30 15:06:13 +080037#include <netdutils/Slice.h>
Luke Huang9d2d25b2019-06-14 00:34:05 +080038#include <netdutils/SocketOption.h>
Mike Yu40e67072019-10-09 21:14:09 +080039#include <netdutils/Stopwatch.h>
Luke Huang94b10b92018-11-21 20:13:38 +080040#include <netinet/in.h>
41#include <poll.h> /* poll */
Bernie Innocenti41b82c42019-06-05 22:38:25 +090042#include <private/android_filesystem_config.h>
Luke Huang94b10b92018-11-21 20:13:38 +080043#include <resolv.h>
Ken Chenb9fa2062018-11-13 21:51:13 +080044#include <stdarg.h>
Ken Chenb9fa2062018-11-13 21:51:13 +080045#include <stdlib.h>
Luke Huang94b10b92018-11-21 20:13:38 +080046#include <sys/socket.h>
47#include <sys/un.h>
Ken Chenb9fa2062018-11-13 21:51:13 +080048#include <unistd.h>
49
50#include <algorithm>
51#include <chrono>
52#include <iterator>
53#include <numeric>
54#include <thread>
55
Luke Huang27616fe2020-05-26 17:31:15 +080056#include <DnsProxydProtocol.h> // NETID_USE_LOCAL_NAMESERVERS
Luke Huangf8215372019-11-22 11:53:41 +080057#include <aidl/android/net/IDnsResolver.h>
58#include <android/binder_manager.h>
59#include <android/binder_process.h>
Bernie Innocenti41b82c42019-06-05 22:38:25 +090060#include "NetdClient.h"
Bernie Innocenti41b82c42019-06-05 22:38:25 +090061#include "ResolverStats.h"
Luke Huangf8215372019-11-22 11:53:41 +080062#include "netid_client.h" // NETID_UNSET
63#include "params.h" // MAXNS
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +090064#include "test_utils.h"
Hungming Chene8f970c2019-04-10 17:34:06 +080065#include "tests/dns_metrics_listener/dns_metrics_listener.h"
chenbruceb43ec752019-07-24 20:19:41 +080066#include "tests/dns_responder/dns_responder.h"
Luke Huangf8215372019-11-22 11:53:41 +080067#include "tests/dns_responder/dns_responder_client_ndk.h"
Hungming Chenc6556622019-10-02 16:01:07 +080068#include "tests/dns_responder/dns_tls_certificate.h"
chenbruceb43ec752019-07-24 20:19:41 +080069#include "tests/dns_responder/dns_tls_frontend.h"
Luke Huangfde82482019-06-04 01:04:53 +080070#include "tests/resolv_test_utils.h"
Ken Chenb9fa2062018-11-13 21:51:13 +080071
Luke Huang0d592bc2019-05-25 18:24:03 +080072// Valid VPN netId range is 100 ~ 65535
73constexpr int TEST_VPN_NETID = 65502;
Luke Huang94b10b92018-11-21 20:13:38 +080074constexpr int MAXPACKET = (8 * 1024);
Ken Chenb9fa2062018-11-13 21:51:13 +080075
Sehee Park2c118782019-05-07 13:02:45 +090076// Use maximum reserved appId for applications to avoid conflict with existing uids.
77static const int TEST_UID = 99999;
78
Ken Chenb9fa2062018-11-13 21:51:13 +080079// Semi-public Bionic hook used by the NDK (frameworks/base/native/android/net.c)
80// Tested here for convenience.
81extern "C" int android_getaddrinfofornet(const char* hostname, const char* servname,
82 const addrinfo* hints, unsigned netid, unsigned mark,
83 struct addrinfo** result);
84
Mike Yuc0000252020-03-19 07:14:23 +000085using namespace std::chrono_literals;
86
Luke Huang70070852019-11-25 18:25:50 +080087using aidl::android::net::IDnsResolver;
Luke Huangf8215372019-11-22 11:53:41 +080088using aidl::android::net::INetd;
Mike Yu8ac63402019-12-02 15:28:38 +080089using aidl::android::net::ResolverParamsParcel;
Luke Huang9807e6b2019-05-20 16:17:12 +080090using android::base::ParseInt;
Ken Chenb9fa2062018-11-13 21:51:13 +080091using android::base::StringPrintf;
Luke Huang9807e6b2019-05-20 16:17:12 +080092using android::base::unique_fd;
Ken Chenb9fa2062018-11-13 21:51:13 +080093using android::net::ResolverStats;
Hungming Chene8f970c2019-04-10 17:34:06 +080094using android::net::metrics::DnsMetricsListener;
Ken Chenb9fa2062018-11-13 21:51:13 +080095using android::netdutils::enableSockopt;
Hungming Chen63779052019-10-30 15:06:13 +080096using android::netdutils::makeSlice;
Luke Huang9807e6b2019-05-20 16:17:12 +080097using android::netdutils::ResponseCode;
Luke Huang9d2d25b2019-06-14 00:34:05 +080098using android::netdutils::ScopedAddrinfo;
Mike Yu40e67072019-10-09 21:14:09 +080099using android::netdutils::Stopwatch;
Hungming Chen63779052019-10-30 15:06:13 +0800100using android::netdutils::toHex;
Ken Chenb9fa2062018-11-13 21:51:13 +0800101
102// TODO: move into libnetdutils?
103namespace {
Luke Huangfde82482019-06-04 01:04:53 +0800104
Ken Chenb9fa2062018-11-13 21:51:13 +0800105ScopedAddrinfo safe_getaddrinfo(const char* node, const char* service,
106 const struct addrinfo* hints) {
107 addrinfo* result = nullptr;
108 if (getaddrinfo(node, service, hints, &result) != 0) {
109 result = nullptr; // Should already be the case, but...
110 }
111 return ScopedAddrinfo(result);
112}
Luke Huangfde82482019-06-04 01:04:53 +0800113
Mike Yu40e67072019-10-09 21:14:09 +0800114std::pair<ScopedAddrinfo, int> safe_getaddrinfo_time_taken(const char* node, const char* service,
115 const addrinfo& hints) {
116 Stopwatch s;
117 ScopedAddrinfo result = safe_getaddrinfo(node, service, &hints);
118 return {std::move(result), s.timeTakenUs() / 1000};
119}
120
Mike Yuc0000252020-03-19 07:14:23 +0000121struct NameserverStats {
122 NameserverStats() = delete;
123 NameserverStats(const std::string server) : server(server) {}
124 NameserverStats& setSuccesses(int val) {
125 successes = val;
126 return *this;
127 }
128 NameserverStats& setErrors(int val) {
129 errors = val;
130 return *this;
131 }
132 NameserverStats& setTimeouts(int val) {
133 timeouts = val;
134 return *this;
135 }
136 NameserverStats& setInternalErrors(int val) {
137 internal_errors = val;
138 return *this;
139 }
140
141 const std::string server;
142 int successes = 0;
143 int errors = 0;
144 int timeouts = 0;
145 int internal_errors = 0;
146};
147
Ken Chenb9fa2062018-11-13 21:51:13 +0800148} // namespace
149
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +0900150class ResolverTest : public ::testing::Test {
Hungming Chene8f970c2019-04-10 17:34:06 +0800151 public:
Automerger Merge Worker19a291b2020-03-17 02:41:30 +0000152 static void SetUpTestSuite() {
Hungming Chen5bf09772019-04-25 11:16:13 +0800153 // Get binder service.
154 // Note that |mDnsClient| is not used for getting binder service in this static function.
155 // The reason is that wants to keep |mDnsClient| as a non-static data member. |mDnsClient|
156 // which sets up device network configuration could be independent from every test.
Luke Huangf8215372019-11-22 11:53:41 +0800157 // TODO: Perhaps add a static function in resolv_test_binder_utils.{cpp,h} to get binder
158 // service.
159
160 AIBinder* binder = AServiceManager_getService("dnsresolver");
161 ndk::SpAIBinder resolvBinder = ndk::SpAIBinder(binder);
162 auto resolvService = aidl::android::net::IDnsResolver::fromBinder(resolvBinder);
Hungming Chen5bf09772019-04-25 11:16:13 +0800163 ASSERT_NE(nullptr, resolvService.get());
164
165 // Subscribe the death recipient to the service IDnsResolver for detecting Netd death.
Luke Huang70070852019-11-25 18:25:50 +0800166 // GTEST assertion macros are not invoked for generating a test failure in the death
167 // recipient because the macros can't indicate failed test if Netd died between tests.
168 // Moreover, continuing testing may have no meaningful after Netd death. Therefore, the
169 // death recipient aborts process by GTEST_LOG_(FATAL) once Netd died.
Luke Huangf8215372019-11-22 11:53:41 +0800170 sResolvDeathRecipient = AIBinder_DeathRecipient_new([](void*) {
171 constexpr char errorMessage[] = "Netd died";
172 LOG(ERROR) << errorMessage;
173 GTEST_LOG_(FATAL) << errorMessage;
174 });
175 ASSERT_EQ(STATUS_OK, AIBinder_linkToDeath(binder, sResolvDeathRecipient, nullptr));
Hungming Chen5bf09772019-04-25 11:16:13 +0800176
177 // Subscribe the DNS listener for verifying DNS metrics event contents.
Luke Huangf8215372019-11-22 11:53:41 +0800178 sDnsMetricsListener = ndk::SharedRefBase::make<DnsMetricsListener>(
179 TEST_NETID /*monitor specific network*/);
Hungming Chen5bf09772019-04-25 11:16:13 +0800180 ASSERT_TRUE(resolvService->registerEventListener(sDnsMetricsListener).isOk());
181
182 // Start the binder thread pool for listening DNS metrics events and receiving death
183 // recipient.
Luke Huangf8215372019-11-22 11:53:41 +0800184 ABinderProcess_startThreadPool();
Hungming Chene8f970c2019-04-10 17:34:06 +0800185 }
Automerger Merge Worker19a291b2020-03-17 02:41:30 +0000186 static void TearDownTestSuite() { AIBinder_DeathRecipient_delete(sResolvDeathRecipient); }
Hungming Chene8f970c2019-04-10 17:34:06 +0800187
Ken Chenb9fa2062018-11-13 21:51:13 +0800188 protected:
Lorenzo Colitti5be8bf22020-05-26 10:55:21 +0000189 void SetUp() {
190 mDnsClient.SetUp();
191 sDnsMetricsListener->reset();
192 }
193
Mike Yu960243d2020-01-17 19:02:15 +0800194 void TearDown() {
195 // Ensure the dump works at the end of each test.
196 DumpResolverService();
197
198 mDnsClient.TearDown();
199 }
nuccachena26cc2a2018-07-17 18:07:23 +0800200
Luke Huang68fa5002020-04-23 15:48:47 +0000201 void resetNetwork() {
202 mDnsClient.TearDown();
203 mDnsClient.SetupOemNetwork();
204 }
205
Xiao Ma09b71022018-12-11 17:56:32 +0900206 void StartDns(test::DNSResponder& dns, const std::vector<DnsRecord>& records) {
207 for (const auto& r : records) {
208 dns.addMapping(r.host_name, r.type, r.addr);
209 }
210
211 ASSERT_TRUE(dns.startServer());
212 dns.clearQueries();
213 }
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +0900214
Mike Yu960243d2020-01-17 19:02:15 +0800215 void DumpResolverService() {
216 unique_fd fd(open("/dev/null", O_WRONLY));
217 EXPECT_EQ(mDnsClient.resolvService()->dump(fd, nullptr, 0), 0);
218
219 const char* querylogCmd[] = {"querylog"}; // Keep it sync with DnsQueryLog::DUMP_KEYWORD.
220 EXPECT_EQ(mDnsClient.resolvService()->dump(fd, querylogCmd, std::size(querylogCmd)), 0);
221 }
222
Hungming Chene8f970c2019-04-10 17:34:06 +0800223 bool WaitForNat64Prefix(ExpectNat64PrefixStatus status,
224 std::chrono::milliseconds timeout = std::chrono::milliseconds(1000)) {
Hungming Chen5bf09772019-04-25 11:16:13 +0800225 return sDnsMetricsListener->waitForNat64Prefix(status, timeout);
Hungming Chene8f970c2019-04-10 17:34:06 +0800226 }
227
Mike Yu724f77d2019-08-16 11:14:50 +0800228 bool WaitForPrivateDnsValidation(std::string serverAddr, bool validated) {
229 return sDnsMetricsListener->waitForPrivateDnsValidation(serverAddr, validated);
230 }
231
Mike Yuc0000252020-03-19 07:14:23 +0000232 bool hasUncaughtPrivateDnsValidation(const std::string& serverAddr) {
233 return sDnsMetricsListener->findValidationRecord(serverAddr);
234 }
235
236 bool expectStatsFromGetResolverInfo(const std::vector<NameserverStats>& nameserversStats) {
237 std::vector<std::string> res_servers;
238 std::vector<std::string> res_domains;
239 std::vector<std::string> res_tls_servers;
240 res_params res_params;
241 std::vector<ResolverStats> res_stats;
242 int wait_for_pending_req_timeout_count;
243
244 if (!DnsResponderClient::GetResolverInfo(mDnsClient.resolvService(), TEST_NETID,
245 &res_servers, &res_domains, &res_tls_servers,
246 &res_params, &res_stats,
247 &wait_for_pending_req_timeout_count)) {
248 ADD_FAILURE() << "GetResolverInfo failed";
249 return false;
250 }
251
252 if (res_servers.size() != res_stats.size()) {
253 ADD_FAILURE() << fmt::format("res_servers.size() != res_stats.size(): {} != {}",
254 res_servers.size(), res_stats.size());
255 return false;
256 }
257 if (res_servers.size() != nameserversStats.size()) {
258 ADD_FAILURE() << fmt::format("res_servers.size() != nameserversStats.size(): {} != {}",
259 res_servers.size(), nameserversStats.size());
260 return false;
261 }
262
263 for (const auto& stats : nameserversStats) {
264 SCOPED_TRACE(stats.server);
265 const auto it = std::find(res_servers.begin(), res_servers.end(), stats.server);
266 if (it == res_servers.end()) {
267 ADD_FAILURE() << fmt::format("nameserver {} not found in the list {{{}}}",
268 stats.server, fmt::join(res_servers, ", "));
269 return false;
270 }
271 const int index = std::distance(res_servers.begin(), it);
272
273 // The check excludes rtt_avg, last_sample_time, and usable since they will be obsolete
274 // after |res_stats| is retrieved from NetConfig.dnsStats rather than NetConfig.nsstats.
275 EXPECT_EQ(res_stats[index].successes, stats.successes);
276 EXPECT_EQ(res_stats[index].errors, stats.errors);
277 EXPECT_EQ(res_stats[index].timeouts, stats.timeouts);
278 EXPECT_EQ(res_stats[index].internal_errors, stats.internal_errors);
279 }
280
281 return true;
282 }
283
284 // Since there's no way to terminate private DNS validation threads at any time. Tests that
285 // focus on the results of private DNS validation can interfere with each other if they use the
286 // same IP address for test servers. getUniqueIPv4Address() is a workaround to reduce the
287 // possibility of tests being flaky. A feasible solution is to forbid the validation threads,
288 // which are considered as outdated (e.g. switch the resolver to private DNS OFF mode), updating
289 // the result to the PrivateDnsConfiguration instance.
290 static std::string getUniqueIPv4Address() {
291 static int counter = 0;
292 return fmt::format("127.0.100.{}", (++counter & 0xff));
293 }
294
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +0900295 DnsResponderClient mDnsClient;
Xiao Ma09b71022018-12-11 17:56:32 +0900296
Hungming Chen5bf09772019-04-25 11:16:13 +0800297 // Use a shared static DNS listener for all tests to avoid registering lots of listeners
298 // which may be released late until process terminated. Currently, registered DNS listener
299 // is removed by binder death notification which is fired when the process hosting an
300 // IBinder has gone away. If every test in ResolverTest registers its DNS listener, Netd
301 // may temporarily hold lots of dead listeners until the unit test process terminates.
302 // TODO: Perhaps add an unregistering listener binder call or fork a listener process which
303 // could be terminated earlier.
Luke Huangf8215372019-11-22 11:53:41 +0800304 static std::shared_ptr<DnsMetricsListener>
Automerger Merge Worker19a291b2020-03-17 02:41:30 +0000305 sDnsMetricsListener; // Initialized in SetUpTestSuite.
Hungming Chen5bf09772019-04-25 11:16:13 +0800306
307 // Use a shared static death recipient to monitor the service death. The static death
308 // recipient could monitor the death not only during the test but also between tests.
Automerger Merge Worker19a291b2020-03-17 02:41:30 +0000309 static AIBinder_DeathRecipient* sResolvDeathRecipient; // Initialized in SetUpTestSuite.
Ken Chenb9fa2062018-11-13 21:51:13 +0800310};
311
Hungming Chen5bf09772019-04-25 11:16:13 +0800312// Initialize static member of class.
Luke Huangf8215372019-11-22 11:53:41 +0800313std::shared_ptr<DnsMetricsListener> ResolverTest::sDnsMetricsListener;
314AIBinder_DeathRecipient* ResolverTest::sResolvDeathRecipient;
Hungming Chen5bf09772019-04-25 11:16:13 +0800315
Ken Chenb9fa2062018-11-13 21:51:13 +0800316TEST_F(ResolverTest, GetHostByName) {
Xiao Ma09b71022018-12-11 17:56:32 +0900317 constexpr char nonexistent_host_name[] = "nonexistent.example.com.";
318
319 test::DNSResponder dns;
320 StartDns(dns, {{kHelloExampleCom, ns_type::ns_t_a, "1.2.3.3"}});
321 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +0800322
323 const hostent* result;
Ken Chenb9fa2062018-11-13 21:51:13 +0800324 result = gethostbyname("nonexistent");
325 EXPECT_EQ(1U, GetNumQueriesForType(dns, ns_type::ns_t_a, nonexistent_host_name));
326 ASSERT_TRUE(result == nullptr);
327 ASSERT_EQ(HOST_NOT_FOUND, h_errno);
328
329 dns.clearQueries();
330 result = gethostbyname("hello");
Xiao Ma09b71022018-12-11 17:56:32 +0900331 EXPECT_EQ(1U, GetNumQueriesForType(dns, ns_type::ns_t_a, kHelloExampleCom));
Ken Chenb9fa2062018-11-13 21:51:13 +0800332 ASSERT_FALSE(result == nullptr);
333 ASSERT_EQ(4, result->h_length);
334 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
335 EXPECT_EQ("1.2.3.3", ToString(result));
336 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
Ken Chenb9fa2062018-11-13 21:51:13 +0800337}
338
lifr4e4a2e02019-01-29 16:53:51 +0800339TEST_F(ResolverTest, GetHostByName_cnames) {
340 constexpr char host_name[] = "host.example.com.";
341 size_t cnamecount = 0;
342 test::DNSResponder dns;
343
344 const std::vector<DnsRecord> records = {
345 {kHelloExampleCom, ns_type::ns_t_cname, "a.example.com."},
346 {"a.example.com.", ns_type::ns_t_cname, "b.example.com."},
347 {"b.example.com.", ns_type::ns_t_cname, "c.example.com."},
348 {"c.example.com.", ns_type::ns_t_cname, "d.example.com."},
349 {"d.example.com.", ns_type::ns_t_cname, "e.example.com."},
350 {"e.example.com.", ns_type::ns_t_cname, host_name},
351 {host_name, ns_type::ns_t_a, "1.2.3.3"},
352 {host_name, ns_type::ns_t_aaaa, "2001:db8::42"},
353 };
354 StartDns(dns, records);
355 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
356
357 // using gethostbyname2() to resolve ipv4 hello.example.com. to 1.2.3.3
358 // Ensure the v4 address and cnames are correct
359 const hostent* result;
360 result = gethostbyname2("hello", AF_INET);
361 ASSERT_FALSE(result == nullptr);
362
363 for (int i = 0; result != nullptr && result->h_aliases[i] != nullptr; i++) {
364 std::string domain_name = records[i].host_name.substr(0, records[i].host_name.size() - 1);
365 EXPECT_EQ(result->h_aliases[i], domain_name);
366 cnamecount++;
367 }
368 // The size of "Non-cname type" record in DNS records is 2
369 ASSERT_EQ(cnamecount, records.size() - 2);
370 ASSERT_EQ(4, result->h_length);
371 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
372 EXPECT_EQ("1.2.3.3", ToString(result));
373 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
374 EXPECT_EQ(1U, dns.queries().size()) << dns.dumpQueries();
375
376 // using gethostbyname2() to resolve ipv6 hello.example.com. to 2001:db8::42
377 // Ensure the v6 address and cnames are correct
378 cnamecount = 0;
379 dns.clearQueries();
380 result = gethostbyname2("hello", AF_INET6);
381 for (unsigned i = 0; result != nullptr && result->h_aliases[i] != nullptr; i++) {
382 std::string domain_name = records[i].host_name.substr(0, records[i].host_name.size() - 1);
383 EXPECT_EQ(result->h_aliases[i], domain_name);
384 cnamecount++;
385 }
386 // The size of "Non-cname type" DNS record in records is 2
387 ASSERT_EQ(cnamecount, records.size() - 2);
388 ASSERT_FALSE(result == nullptr);
389 ASSERT_EQ(16, result->h_length);
390 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
391 EXPECT_EQ("2001:db8::42", ToString(result));
392 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
393}
394
395TEST_F(ResolverTest, GetHostByName_cnamesInfiniteLoop) {
396 test::DNSResponder dns;
397 const std::vector<DnsRecord> records = {
398 {kHelloExampleCom, ns_type::ns_t_cname, "a.example.com."},
399 {"a.example.com.", ns_type::ns_t_cname, kHelloExampleCom},
400 };
401 StartDns(dns, records);
402 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
403
404 const hostent* result;
405 result = gethostbyname2("hello", AF_INET);
406 ASSERT_TRUE(result == nullptr);
407
408 dns.clearQueries();
409 result = gethostbyname2("hello", AF_INET6);
410 ASSERT_TRUE(result == nullptr);
411}
412
Ken Chenb9fa2062018-11-13 21:51:13 +0800413TEST_F(ResolverTest, GetHostByName_localhost) {
Ken Chenb9fa2062018-11-13 21:51:13 +0800414 constexpr char name_camelcase[] = "LocalHost";
Ken Chenb9fa2062018-11-13 21:51:13 +0800415 constexpr char name_ip6_dot[] = "ip6-localhost.";
416 constexpr char name_ip6_fqdn[] = "ip6-localhost.example.com.";
417
418 // Add a dummy nameserver which shouldn't receive any queries
Xiao Ma09b71022018-12-11 17:56:32 +0900419 test::DNSResponder dns;
420 StartDns(dns, {});
421 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +0800422
423 // Expect no DNS queries; localhost is resolved via /etc/hosts
Xiao Ma09b71022018-12-11 17:56:32 +0900424 const hostent* result = gethostbyname(kLocalHost);
Ken Chenb9fa2062018-11-13 21:51:13 +0800425 EXPECT_TRUE(dns.queries().empty()) << dns.dumpQueries();
426 ASSERT_FALSE(result == nullptr);
427 ASSERT_EQ(4, result->h_length);
428 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
Xiao Ma09b71022018-12-11 17:56:32 +0900429 EXPECT_EQ(kLocalHostAddr, ToString(result));
Ken Chenb9fa2062018-11-13 21:51:13 +0800430 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
431
432 // Ensure the hosts file resolver ignores case of hostnames
433 result = gethostbyname(name_camelcase);
434 EXPECT_TRUE(dns.queries().empty()) << dns.dumpQueries();
435 ASSERT_FALSE(result == nullptr);
436 ASSERT_EQ(4, result->h_length);
437 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
Xiao Ma09b71022018-12-11 17:56:32 +0900438 EXPECT_EQ(kLocalHostAddr, ToString(result));
Ken Chenb9fa2062018-11-13 21:51:13 +0800439 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
440
441 // The hosts file also contains ip6-localhost, but gethostbyname() won't
chenbruce018fdb22019-06-12 18:08:04 +0800442 // return it. This would be easy to
Ken Chenb9fa2062018-11-13 21:51:13 +0800443 // change, but there's no point in changing the legacy behavior; new code
444 // should be calling getaddrinfo() anyway.
445 // So we check the legacy behavior, which results in amusing A-record
446 // lookups for ip6-localhost, with and without search domains appended.
447 dns.clearQueries();
Xiao Ma09b71022018-12-11 17:56:32 +0900448 result = gethostbyname(kIp6LocalHost);
Sehee Parkbbca0202018-11-16 10:53:16 +0900449 EXPECT_EQ(2U, dns.queries().size()) << dns.dumpQueries();
450 EXPECT_EQ(1U, GetNumQueriesForType(dns, ns_type::ns_t_a, name_ip6_dot)) << dns.dumpQueries();
451 EXPECT_EQ(1U, GetNumQueriesForType(dns, ns_type::ns_t_a, name_ip6_fqdn)) << dns.dumpQueries();
Ken Chenb9fa2062018-11-13 21:51:13 +0800452 ASSERT_TRUE(result == nullptr);
453
454 // Finally, use gethostbyname2() to resolve ip6-localhost to ::1 from
455 // the hosts file.
456 dns.clearQueries();
Xiao Ma09b71022018-12-11 17:56:32 +0900457 result = gethostbyname2(kIp6LocalHost, AF_INET6);
Ken Chenb9fa2062018-11-13 21:51:13 +0800458 EXPECT_TRUE(dns.queries().empty()) << dns.dumpQueries();
459 ASSERT_FALSE(result == nullptr);
460 ASSERT_EQ(16, result->h_length);
461 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
Xiao Ma09b71022018-12-11 17:56:32 +0900462 EXPECT_EQ(kIp6LocalHostAddr, ToString(result));
Ken Chenb9fa2062018-11-13 21:51:13 +0800463 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
Ken Chenb9fa2062018-11-13 21:51:13 +0800464}
465
466TEST_F(ResolverTest, GetHostByName_numeric) {
467 // Add a dummy nameserver which shouldn't receive any queries
Xiao Ma09b71022018-12-11 17:56:32 +0900468 test::DNSResponder dns;
469 StartDns(dns, {});
470 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +0800471
472 // Numeric v4 address: expect no DNS queries
473 constexpr char numeric_v4[] = "192.168.0.1";
Ken Chenb9fa2062018-11-13 21:51:13 +0800474 const hostent* result = gethostbyname(numeric_v4);
Sehee Parkbbca0202018-11-16 10:53:16 +0900475 EXPECT_EQ(0U, dns.queries().size());
Ken Chenb9fa2062018-11-13 21:51:13 +0800476 ASSERT_FALSE(result == nullptr);
477 ASSERT_EQ(4, result->h_length); // v4
478 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
479 EXPECT_EQ(numeric_v4, ToString(result));
480 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
481
482 // gethostbyname() recognizes a v6 address, and fails with no DNS queries
483 constexpr char numeric_v6[] = "2001:db8::42";
484 dns.clearQueries();
485 result = gethostbyname(numeric_v6);
Sehee Parkbbca0202018-11-16 10:53:16 +0900486 EXPECT_EQ(0U, dns.queries().size());
Ken Chenb9fa2062018-11-13 21:51:13 +0800487 EXPECT_TRUE(result == nullptr);
488
489 // Numeric v6 address with gethostbyname2(): succeeds with no DNS queries
490 dns.clearQueries();
491 result = gethostbyname2(numeric_v6, AF_INET6);
Sehee Parkbbca0202018-11-16 10:53:16 +0900492 EXPECT_EQ(0U, dns.queries().size());
Ken Chenb9fa2062018-11-13 21:51:13 +0800493 ASSERT_FALSE(result == nullptr);
494 ASSERT_EQ(16, result->h_length); // v6
495 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
496 EXPECT_EQ(numeric_v6, ToString(result));
497 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
498
499 // Numeric v6 address with scope work with getaddrinfo(),
500 // but gethostbyname2() does not understand them; it issues two dns
501 // queries, then fails. This hardly ever happens, there's no point
502 // in fixing this. This test simply verifies the current (bogus)
503 // behavior to avoid further regressions (like crashes, or leaks).
504 constexpr char numeric_v6_scope[] = "fe80::1%lo";
505 dns.clearQueries();
506 result = gethostbyname2(numeric_v6_scope, AF_INET6);
Sehee Parkbbca0202018-11-16 10:53:16 +0900507 EXPECT_EQ(2U, dns.queries().size()); // OUCH!
Ken Chenb9fa2062018-11-13 21:51:13 +0800508 ASSERT_TRUE(result == nullptr);
Ken Chenb9fa2062018-11-13 21:51:13 +0800509}
510
511TEST_F(ResolverTest, BinderSerialization) {
Ken Chenb9fa2062018-11-13 21:51:13 +0800512 std::vector<int> params_offsets = {
Luke Huang5bd827c2019-03-14 16:10:04 +0800513 IDnsResolver::RESOLVER_PARAMS_SAMPLE_VALIDITY,
514 IDnsResolver::RESOLVER_PARAMS_SUCCESS_THRESHOLD,
515 IDnsResolver::RESOLVER_PARAMS_MIN_SAMPLES,
516 IDnsResolver::RESOLVER_PARAMS_MAX_SAMPLES,
517 IDnsResolver::RESOLVER_PARAMS_BASE_TIMEOUT_MSEC,
518 IDnsResolver::RESOLVER_PARAMS_RETRY_COUNT,
Ken Chenb9fa2062018-11-13 21:51:13 +0800519 };
Bernie Innocentib102dd22018-12-04 14:57:48 +0900520 const int size = static_cast<int>(params_offsets.size());
Luke Huang5bd827c2019-03-14 16:10:04 +0800521 EXPECT_EQ(size, IDnsResolver::RESOLVER_PARAMS_COUNT);
Ken Chenb9fa2062018-11-13 21:51:13 +0800522 std::sort(params_offsets.begin(), params_offsets.end());
Bernie Innocentib102dd22018-12-04 14:57:48 +0900523 for (int i = 0; i < size; ++i) {
Ken Chenb9fa2062018-11-13 21:51:13 +0800524 EXPECT_EQ(params_offsets[i], i);
525 }
526}
527
528TEST_F(ResolverTest, GetHostByName_Binder) {
Luke Huangf8215372019-11-22 11:53:41 +0800529 std::vector<std::string> domains = {"example.com"};
Ken Chenb9fa2062018-11-13 21:51:13 +0800530 std::vector<std::unique_ptr<test::DNSResponder>> dns;
531 std::vector<std::string> servers;
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +0900532 std::vector<DnsResponderClient::Mapping> mappings;
533 ASSERT_NO_FATAL_FAILURE(mDnsClient.SetupMappings(1, domains, &mappings));
534 ASSERT_NO_FATAL_FAILURE(mDnsClient.SetupDNSServers(4, mappings, &dns, &servers));
Ken Chenb9fa2062018-11-13 21:51:13 +0800535 ASSERT_EQ(1U, mappings.size());
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +0900536 const DnsResponderClient::Mapping& mapping = mappings[0];
Ken Chenb9fa2062018-11-13 21:51:13 +0800537
Xiao Ma09b71022018-12-11 17:56:32 +0900538 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers, domains, kDefaultParams));
Ken Chenb9fa2062018-11-13 21:51:13 +0800539
540 const hostent* result = gethostbyname(mapping.host.c_str());
Bernie Innocentib102dd22018-12-04 14:57:48 +0900541 const size_t total_queries =
Luke Huangfde82482019-06-04 01:04:53 +0800542 std::accumulate(dns.begin(), dns.end(), 0, [&mapping](size_t total, auto& d) {
Ken Chenb9fa2062018-11-13 21:51:13 +0800543 return total + GetNumQueriesForType(*d, ns_type::ns_t_a, mapping.entry.c_str());
544 });
545
546 EXPECT_LE(1U, total_queries);
547 ASSERT_FALSE(result == nullptr);
548 ASSERT_EQ(4, result->h_length);
549 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
550 EXPECT_EQ(mapping.ip4, ToString(result));
551 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
552
553 std::vector<std::string> res_servers;
554 std::vector<std::string> res_domains;
Mike Yu0a1c53d2018-11-26 13:26:21 +0900555 std::vector<std::string> res_tls_servers;
Bernie Innocenti758005f2019-02-19 18:08:36 +0900556 res_params res_params;
Ken Chenb9fa2062018-11-13 21:51:13 +0800557 std::vector<ResolverStats> res_stats;
Ken Chen92bed612018-12-22 21:46:55 +0800558 int wait_for_pending_req_timeout_count;
Luke Huangf8215372019-11-22 11:53:41 +0800559 ASSERT_TRUE(DnsResponderClient::GetResolverInfo(
560 mDnsClient.resolvService(), TEST_NETID, &res_servers, &res_domains, &res_tls_servers,
561 &res_params, &res_stats, &wait_for_pending_req_timeout_count));
Ken Chenb9fa2062018-11-13 21:51:13 +0800562 EXPECT_EQ(servers.size(), res_servers.size());
563 EXPECT_EQ(domains.size(), res_domains.size());
Mike Yu0a1c53d2018-11-26 13:26:21 +0900564 EXPECT_EQ(0U, res_tls_servers.size());
Luke Huang5bd827c2019-03-14 16:10:04 +0800565 ASSERT_EQ(static_cast<size_t>(IDnsResolver::RESOLVER_PARAMS_COUNT), kDefaultParams.size());
566 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_SAMPLE_VALIDITY],
567 res_params.sample_validity);
568 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_SUCCESS_THRESHOLD],
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +0900569 res_params.success_threshold);
Luke Huang5bd827c2019-03-14 16:10:04 +0800570 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_MIN_SAMPLES], res_params.min_samples);
571 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_MAX_SAMPLES], res_params.max_samples);
572 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_BASE_TIMEOUT_MSEC],
Ken Chenb9fa2062018-11-13 21:51:13 +0800573 res_params.base_timeout_msec);
574 EXPECT_EQ(servers.size(), res_stats.size());
575
Bernie Innocenti0c067e42019-04-01 15:33:16 +0900576 EXPECT_THAT(res_servers, testing::UnorderedElementsAreArray(servers));
577 EXPECT_THAT(res_domains, testing::UnorderedElementsAreArray(domains));
Ken Chenb9fa2062018-11-13 21:51:13 +0800578}
579
580TEST_F(ResolverTest, GetAddrInfo) {
Xiao Ma09b71022018-12-11 17:56:32 +0900581 constexpr char listen_addr[] = "127.0.0.4";
582 constexpr char listen_addr2[] = "127.0.0.5";
583 constexpr char host_name[] = "howdy.example.com.";
Ken Chenb9fa2062018-11-13 21:51:13 +0800584
Xiao Ma09b71022018-12-11 17:56:32 +0900585 const std::vector<DnsRecord> records = {
586 {host_name, ns_type::ns_t_a, "1.2.3.4"},
587 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
588 };
589 test::DNSResponder dns(listen_addr);
590 test::DNSResponder dns2(listen_addr2);
591 StartDns(dns, records);
592 StartDns(dns2, records);
Ken Chenb9fa2062018-11-13 21:51:13 +0800593
Xiao Ma09b71022018-12-11 17:56:32 +0900594 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr}));
Ken Chenb9fa2062018-11-13 21:51:13 +0800595 dns.clearQueries();
596 dns2.clearQueries();
597
598 ScopedAddrinfo result = safe_getaddrinfo("howdy", nullptr, nullptr);
599 EXPECT_TRUE(result != nullptr);
600 size_t found = GetNumQueries(dns, host_name);
601 EXPECT_LE(1U, found);
602 // Could be A or AAAA
603 std::string result_str = ToString(result);
604 EXPECT_TRUE(result_str == "1.2.3.4" || result_str == "::1.2.3.4")
Luke Huangf8215372019-11-22 11:53:41 +0800605 << ", result_str='" << result_str << "'";
Ken Chenb9fa2062018-11-13 21:51:13 +0800606
607 // Verify that the name is cached.
608 size_t old_found = found;
609 result = safe_getaddrinfo("howdy", nullptr, nullptr);
610 EXPECT_TRUE(result != nullptr);
611 found = GetNumQueries(dns, host_name);
612 EXPECT_LE(1U, found);
613 EXPECT_EQ(old_found, found);
614 result_str = ToString(result);
Luke Huangf8215372019-11-22 11:53:41 +0800615 EXPECT_TRUE(result_str == "1.2.3.4" || result_str == "::1.2.3.4") << result_str;
Ken Chenb9fa2062018-11-13 21:51:13 +0800616
617 // Change the DNS resolver, ensure that queries are still cached.
Xiao Ma09b71022018-12-11 17:56:32 +0900618 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr2}));
Ken Chenb9fa2062018-11-13 21:51:13 +0800619 dns.clearQueries();
620 dns2.clearQueries();
621
622 result = safe_getaddrinfo("howdy", nullptr, nullptr);
623 EXPECT_TRUE(result != nullptr);
624 found = GetNumQueries(dns, host_name);
625 size_t found2 = GetNumQueries(dns2, host_name);
626 EXPECT_EQ(0U, found);
627 EXPECT_LE(0U, found2);
628
629 // Could be A or AAAA
630 result_str = ToString(result);
631 EXPECT_TRUE(result_str == "1.2.3.4" || result_str == "::1.2.3.4")
Luke Huangf8215372019-11-22 11:53:41 +0800632 << ", result_str='" << result_str << "'";
Ken Chenb9fa2062018-11-13 21:51:13 +0800633}
634
635TEST_F(ResolverTest, GetAddrInfoV4) {
Xiao Ma09b71022018-12-11 17:56:32 +0900636 test::DNSResponder dns;
637 StartDns(dns, {{kHelloExampleCom, ns_type::ns_t_a, "1.2.3.5"}});
638 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +0800639
Xiao Ma09b71022018-12-11 17:56:32 +0900640 const addrinfo hints = {.ai_family = AF_INET};
641 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
Ken Chenb9fa2062018-11-13 21:51:13 +0800642 EXPECT_TRUE(result != nullptr);
Xiao Ma09b71022018-12-11 17:56:32 +0900643 EXPECT_EQ(1U, GetNumQueries(dns, kHelloExampleCom));
Ken Chenb9fa2062018-11-13 21:51:13 +0800644 EXPECT_EQ("1.2.3.5", ToString(result));
645}
646
647TEST_F(ResolverTest, GetAddrInfo_localhost) {
Ken Chenb9fa2062018-11-13 21:51:13 +0800648 // Add a dummy nameserver which shouldn't receive any queries
Xiao Ma09b71022018-12-11 17:56:32 +0900649 test::DNSResponder dns;
650 StartDns(dns, {});
651 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +0800652
Xiao Ma09b71022018-12-11 17:56:32 +0900653 ScopedAddrinfo result = safe_getaddrinfo(kLocalHost, nullptr, nullptr);
Ken Chenb9fa2062018-11-13 21:51:13 +0800654 EXPECT_TRUE(result != nullptr);
655 // Expect no DNS queries; localhost is resolved via /etc/hosts
656 EXPECT_TRUE(dns.queries().empty()) << dns.dumpQueries();
Xiao Ma09b71022018-12-11 17:56:32 +0900657 EXPECT_EQ(kLocalHostAddr, ToString(result));
Ken Chenb9fa2062018-11-13 21:51:13 +0800658
Xiao Ma09b71022018-12-11 17:56:32 +0900659 result = safe_getaddrinfo(kIp6LocalHost, nullptr, nullptr);
Ken Chenb9fa2062018-11-13 21:51:13 +0800660 EXPECT_TRUE(result != nullptr);
661 // Expect no DNS queries; ip6-localhost is resolved via /etc/hosts
662 EXPECT_TRUE(dns.queries().empty()) << dns.dumpQueries();
Xiao Ma09b71022018-12-11 17:56:32 +0900663 EXPECT_EQ(kIp6LocalHostAddr, ToString(result));
Ken Chenb9fa2062018-11-13 21:51:13 +0800664}
665
Luke Huangd8ac4752019-06-18 17:05:47 +0800666TEST_F(ResolverTest, GetAddrInfo_InvalidSocketType) {
667 test::DNSResponder dns;
668 StartDns(dns, {{kHelloExampleCom, ns_type::ns_t_a, "1.2.3.5"}});
669 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
670
671 // TODO: Test other invalid socket types.
672 const addrinfo hints = {
673 .ai_family = AF_UNSPEC,
Luke Huangd8ac4752019-06-18 17:05:47 +0800674 .ai_socktype = SOCK_PACKET,
675 };
676 addrinfo* result = nullptr;
677 // This is a valid hint, but the query won't be sent because the socket type is
678 // not supported.
679 EXPECT_EQ(EAI_NODATA, getaddrinfo("hello", nullptr, &hints, &result));
680 ScopedAddrinfo result_cleanup(result);
681 EXPECT_EQ(nullptr, result);
682}
683
Ken Chen92bed612018-12-22 21:46:55 +0800684// Verify if the resolver correctly handle multiple queries simultaneously
685// step 1: set dns server#1 into deferred responding mode.
686// step 2: thread#1 query "hello.example.com." --> resolver send query to server#1.
687// step 3: thread#2 query "hello.example.com." --> resolver hold the request and wait for
688// response of previous pending query sent by thread#1.
689// step 4: thread#3 query "konbanha.example.com." --> resolver send query to server#3. Server
690// respond to resolver immediately.
691// step 5: check if server#1 get 1 query by thread#1, server#2 get 0 query, server#3 get 1 query.
692// step 6: resume dns server#1 to respond dns query in step#2.
693// step 7: thread#1 and #2 should get returned from DNS query after step#6. Also, check the
694// number of queries in server#2 is 0 to ensure thread#2 does not wake up unexpectedly
695// before signaled by thread#1.
696TEST_F(ResolverTest, GetAddrInfoV4_deferred_resp) {
697 const char* listen_addr1 = "127.0.0.9";
698 const char* listen_addr2 = "127.0.0.10";
699 const char* listen_addr3 = "127.0.0.11";
700 const char* listen_srv = "53";
701 const char* host_name_deferred = "hello.example.com.";
702 const char* host_name_normal = "konbanha.example.com.";
Mike Yufc125e42019-05-15 20:41:28 +0800703 test::DNSResponder dns1(listen_addr1, listen_srv, ns_rcode::ns_r_servfail);
704 test::DNSResponder dns2(listen_addr2, listen_srv, ns_rcode::ns_r_servfail);
705 test::DNSResponder dns3(listen_addr3, listen_srv, ns_rcode::ns_r_servfail);
Ken Chen92bed612018-12-22 21:46:55 +0800706 dns1.addMapping(host_name_deferred, ns_type::ns_t_a, "1.2.3.4");
707 dns2.addMapping(host_name_deferred, ns_type::ns_t_a, "1.2.3.4");
708 dns3.addMapping(host_name_normal, ns_type::ns_t_a, "1.2.3.5");
709 ASSERT_TRUE(dns1.startServer());
710 ASSERT_TRUE(dns2.startServer());
711 ASSERT_TRUE(dns3.startServer());
712 const std::vector<std::string> servers_for_t1 = {listen_addr1};
713 const std::vector<std::string> servers_for_t2 = {listen_addr2};
714 const std::vector<std::string> servers_for_t3 = {listen_addr3};
715 addrinfo hints = {.ai_family = AF_INET};
716 const std::vector<int> params = {300, 25, 8, 8, 5000};
717 bool t3_task_done = false;
718
719 dns1.setDeferredResp(true);
720 std::thread t1([&, this]() {
721 ASSERT_TRUE(
722 mDnsClient.SetResolversForNetwork(servers_for_t1, kDefaultSearchDomains, params));
723 ScopedAddrinfo result = safe_getaddrinfo(host_name_deferred, nullptr, &hints);
724 // t3's dns query should got returned first
725 EXPECT_TRUE(t3_task_done);
726 EXPECT_EQ(1U, GetNumQueries(dns1, host_name_deferred));
727 EXPECT_TRUE(result != nullptr);
728 EXPECT_EQ("1.2.3.4", ToString(result));
729 });
730
731 // ensuring t1 and t2 handler functions are processed in order
732 usleep(100 * 1000);
733 std::thread t2([&, this]() {
734 ASSERT_TRUE(
735 mDnsClient.SetResolversForNetwork(servers_for_t2, kDefaultSearchDomains, params));
736 ScopedAddrinfo result = safe_getaddrinfo(host_name_deferred, nullptr, &hints);
737 EXPECT_TRUE(t3_task_done);
738 EXPECT_EQ(0U, GetNumQueries(dns2, host_name_deferred));
739 EXPECT_TRUE(result != nullptr);
740 EXPECT_EQ("1.2.3.4", ToString(result));
741
742 std::vector<std::string> res_servers;
743 std::vector<std::string> res_domains;
744 std::vector<std::string> res_tls_servers;
Bernie Innocenti758005f2019-02-19 18:08:36 +0900745 res_params res_params;
Ken Chen92bed612018-12-22 21:46:55 +0800746 std::vector<ResolverStats> res_stats;
747 int wait_for_pending_req_timeout_count;
Luke Huangf8215372019-11-22 11:53:41 +0800748 ASSERT_TRUE(DnsResponderClient::GetResolverInfo(
749 mDnsClient.resolvService(), TEST_NETID, &res_servers, &res_domains,
750 &res_tls_servers, &res_params, &res_stats, &wait_for_pending_req_timeout_count));
Ken Chen92bed612018-12-22 21:46:55 +0800751 EXPECT_EQ(0, wait_for_pending_req_timeout_count);
752 });
753
754 // ensuring t2 and t3 handler functions are processed in order
755 usleep(100 * 1000);
756 std::thread t3([&, this]() {
757 ASSERT_TRUE(
758 mDnsClient.SetResolversForNetwork(servers_for_t3, kDefaultSearchDomains, params));
759 ScopedAddrinfo result = safe_getaddrinfo(host_name_normal, nullptr, &hints);
760 EXPECT_EQ(1U, GetNumQueries(dns1, host_name_deferred));
761 EXPECT_EQ(0U, GetNumQueries(dns2, host_name_deferred));
762 EXPECT_EQ(1U, GetNumQueries(dns3, host_name_normal));
763 EXPECT_TRUE(result != nullptr);
764 EXPECT_EQ("1.2.3.5", ToString(result));
765
766 t3_task_done = true;
767 dns1.setDeferredResp(false);
768 });
769 t3.join();
770 t1.join();
771 t2.join();
772}
773
lifr4e4a2e02019-01-29 16:53:51 +0800774TEST_F(ResolverTest, GetAddrInfo_cnames) {
775 constexpr char host_name[] = "host.example.com.";
776 test::DNSResponder dns;
777 const std::vector<DnsRecord> records = {
778 {kHelloExampleCom, ns_type::ns_t_cname, "a.example.com."},
779 {"a.example.com.", ns_type::ns_t_cname, "b.example.com."},
780 {"b.example.com.", ns_type::ns_t_cname, "c.example.com."},
781 {"c.example.com.", ns_type::ns_t_cname, "d.example.com."},
782 {"d.example.com.", ns_type::ns_t_cname, "e.example.com."},
783 {"e.example.com.", ns_type::ns_t_cname, host_name},
784 {host_name, ns_type::ns_t_a, "1.2.3.3"},
785 {host_name, ns_type::ns_t_aaaa, "2001:db8::42"},
786 };
787 StartDns(dns, records);
788 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
789
790 addrinfo hints = {.ai_family = AF_INET};
791 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
792 EXPECT_TRUE(result != nullptr);
793 EXPECT_EQ("1.2.3.3", ToString(result));
794
795 dns.clearQueries();
796 hints = {.ai_family = AF_INET6};
797 result = safe_getaddrinfo("hello", nullptr, &hints);
798 EXPECT_TRUE(result != nullptr);
799 EXPECT_EQ("2001:db8::42", ToString(result));
800}
801
802TEST_F(ResolverTest, GetAddrInfo_cnamesNoIpAddress) {
803 test::DNSResponder dns;
804 const std::vector<DnsRecord> records = {
805 {kHelloExampleCom, ns_type::ns_t_cname, "a.example.com."},
806 };
807 StartDns(dns, records);
808 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
809
810 addrinfo hints = {.ai_family = AF_INET};
811 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
812 EXPECT_TRUE(result == nullptr);
813
814 dns.clearQueries();
815 hints = {.ai_family = AF_INET6};
816 result = safe_getaddrinfo("hello", nullptr, &hints);
817 EXPECT_TRUE(result == nullptr);
818}
819
820TEST_F(ResolverTest, GetAddrInfo_cnamesIllegalRdata) {
821 test::DNSResponder dns;
822 const std::vector<DnsRecord> records = {
823 {kHelloExampleCom, ns_type::ns_t_cname, ".!#?"},
824 };
825 StartDns(dns, records);
826 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
827
828 addrinfo hints = {.ai_family = AF_INET};
829 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
830 EXPECT_TRUE(result == nullptr);
831
832 dns.clearQueries();
833 hints = {.ai_family = AF_INET6};
834 result = safe_getaddrinfo("hello", nullptr, &hints);
835 EXPECT_TRUE(result == nullptr);
836}
837
Ken Chenb9fa2062018-11-13 21:51:13 +0800838TEST_F(ResolverTest, MultidomainResolution) {
Xiao Ma09b71022018-12-11 17:56:32 +0900839 constexpr char host_name[] = "nihao.example2.com.";
Luke Huangf8215372019-11-22 11:53:41 +0800840 std::vector<std::string> searchDomains = {"example1.com", "example2.com", "example3.com"};
Ken Chenb9fa2062018-11-13 21:51:13 +0800841
Xiao Ma09b71022018-12-11 17:56:32 +0900842 test::DNSResponder dns("127.0.0.6");
843 StartDns(dns, {{host_name, ns_type::ns_t_a, "1.2.3.3"}});
844 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({"127.0.0.6"}, searchDomains));
845
Ken Chenb9fa2062018-11-13 21:51:13 +0800846 const hostent* result = gethostbyname("nihao");
Xiao Ma09b71022018-12-11 17:56:32 +0900847
Ken Chenb9fa2062018-11-13 21:51:13 +0800848 EXPECT_EQ(1U, GetNumQueriesForType(dns, ns_type::ns_t_a, host_name));
849 ASSERT_FALSE(result == nullptr);
850 ASSERT_EQ(4, result->h_length);
851 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
852 EXPECT_EQ("1.2.3.3", ToString(result));
853 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
Ken Chenb9fa2062018-11-13 21:51:13 +0800854}
855
856TEST_F(ResolverTest, GetAddrInfoV6_numeric) {
Ken Chenb9fa2062018-11-13 21:51:13 +0800857 constexpr char host_name[] = "ohayou.example.com.";
858 constexpr char numeric_addr[] = "fe80::1%lo";
859
Xiao Ma09b71022018-12-11 17:56:32 +0900860 test::DNSResponder dns;
Ken Chenb9fa2062018-11-13 21:51:13 +0800861 dns.setResponseProbability(0.0);
Xiao Ma09b71022018-12-11 17:56:32 +0900862 StartDns(dns, {{host_name, ns_type::ns_t_aaaa, "2001:db8::5"}});
863 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +0800864
865 addrinfo hints = {.ai_family = AF_INET6};
866 ScopedAddrinfo result = safe_getaddrinfo(numeric_addr, nullptr, &hints);
867 EXPECT_TRUE(result != nullptr);
868 EXPECT_EQ(numeric_addr, ToString(result));
869 EXPECT_TRUE(dns.queries().empty()); // Ensure no DNS queries were sent out
870
871 // Now try a non-numeric hostname query with the AI_NUMERICHOST flag set.
872 // We should fail without sending out a DNS query.
873 hints.ai_flags |= AI_NUMERICHOST;
874 result = safe_getaddrinfo(host_name, nullptr, &hints);
875 EXPECT_TRUE(result == nullptr);
876 EXPECT_TRUE(dns.queries().empty()); // Ensure no DNS queries were sent out
877}
878
879TEST_F(ResolverTest, GetAddrInfoV6_failing) {
Xiao Ma09b71022018-12-11 17:56:32 +0900880 constexpr char listen_addr0[] = "127.0.0.7";
881 constexpr char listen_addr1[] = "127.0.0.8";
Ken Chenb9fa2062018-11-13 21:51:13 +0800882 const char* host_name = "ohayou.example.com.";
Xiao Ma09b71022018-12-11 17:56:32 +0900883
884 test::DNSResponder dns0(listen_addr0);
885 test::DNSResponder dns1(listen_addr1);
Ken Chenb9fa2062018-11-13 21:51:13 +0800886 dns0.setResponseProbability(0.0);
Xiao Ma09b71022018-12-11 17:56:32 +0900887 StartDns(dns0, {{host_name, ns_type::ns_t_aaaa, "2001:db8::5"}});
888 StartDns(dns1, {{host_name, ns_type::ns_t_aaaa, "2001:db8::6"}});
889
Luke Huangf8215372019-11-22 11:53:41 +0800890 std::vector<std::string> servers = {listen_addr0, listen_addr1};
Ken Chenb9fa2062018-11-13 21:51:13 +0800891 // <sample validity in s> <success threshold in percent> <min samples> <max samples>
892 int sample_count = 8;
Luke Huangf8215372019-11-22 11:53:41 +0800893 const std::vector<int> params = {300, 25, sample_count, sample_count};
Xiao Ma09b71022018-12-11 17:56:32 +0900894 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers, kDefaultSearchDomains, params));
Ken Chenb9fa2062018-11-13 21:51:13 +0800895
896 // Repeatedly perform resolutions for non-existing domains until MAXNSSAMPLES resolutions have
897 // reached the dns0, which is set to fail. No more requests should then arrive at that server
898 // for the next sample_lifetime seconds.
899 // TODO: This approach is implementation-dependent, change once metrics reporting is available.
Xiao Ma09b71022018-12-11 17:56:32 +0900900 const addrinfo hints = {.ai_family = AF_INET6};
Bernie Innocentib102dd22018-12-04 14:57:48 +0900901 for (int i = 0; i < sample_count; ++i) {
Ken Chenb9fa2062018-11-13 21:51:13 +0800902 std::string domain = StringPrintf("nonexistent%d", i);
903 ScopedAddrinfo result = safe_getaddrinfo(domain.c_str(), nullptr, &hints);
904 }
905 // Due to 100% errors for all possible samples, the server should be ignored from now on and
906 // only the second one used for all following queries, until NSSAMPLE_VALIDITY is reached.
907 dns0.clearQueries();
908 dns1.clearQueries();
909 ScopedAddrinfo result = safe_getaddrinfo("ohayou", nullptr, &hints);
910 EXPECT_TRUE(result != nullptr);
911 EXPECT_EQ(0U, GetNumQueries(dns0, host_name));
912 EXPECT_EQ(1U, GetNumQueries(dns1, host_name));
913}
914
915TEST_F(ResolverTest, GetAddrInfoV6_nonresponsive) {
Xiao Ma09b71022018-12-11 17:56:32 +0900916 constexpr char listen_addr0[] = "127.0.0.7";
917 constexpr char listen_addr1[] = "127.0.0.8";
918 constexpr char listen_srv[] = "53";
919 constexpr char host_name1[] = "ohayou.example.com.";
920 constexpr char host_name2[] = "ciao.example.com.";
Luke Huang483cf332019-06-03 17:24:51 +0800921 const std::vector<std::string> defaultSearchDomain = {"example.com"};
922 // The minimal timeout is 1000ms, so we can't decrease timeout
923 // So reduce retry count.
924 const std::vector<int> reduceRetryParams = {
925 300, // sample validity in seconds
926 25, // success threshod in percent
927 8, 8, // {MIN,MAX}_SAMPLES
928 1000, // BASE_TIMEOUT_MSEC
929 1, // retry count
930 };
Xiao Ma09b71022018-12-11 17:56:32 +0900931 const std::vector<DnsRecord> records0 = {
932 {host_name1, ns_type::ns_t_aaaa, "2001:db8::5"},
933 {host_name2, ns_type::ns_t_aaaa, "2001:db8::5"},
934 };
935 const std::vector<DnsRecord> records1 = {
936 {host_name1, ns_type::ns_t_aaaa, "2001:db8::6"},
937 {host_name2, ns_type::ns_t_aaaa, "2001:db8::6"},
938 };
Ken Chenb9fa2062018-11-13 21:51:13 +0800939
940 // dns0 does not respond with 100% probability, while
941 // dns1 responds normally, at least initially.
Mike Yufc125e42019-05-15 20:41:28 +0800942 test::DNSResponder dns0(listen_addr0, listen_srv, static_cast<ns_rcode>(-1));
943 test::DNSResponder dns1(listen_addr1, listen_srv, static_cast<ns_rcode>(-1));
Ken Chenb9fa2062018-11-13 21:51:13 +0800944 dns0.setResponseProbability(0.0);
Xiao Ma09b71022018-12-11 17:56:32 +0900945 StartDns(dns0, records0);
946 StartDns(dns1, records1);
Luke Huang483cf332019-06-03 17:24:51 +0800947 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr0, listen_addr1}, defaultSearchDomain,
948 reduceRetryParams));
Ken Chenb9fa2062018-11-13 21:51:13 +0800949
Luke Huang483cf332019-06-03 17:24:51 +0800950 // Specify ai_socktype to make getaddrinfo will only query 1 time
951 const addrinfo hints = {.ai_family = AF_INET6, .ai_socktype = SOCK_STREAM};
Ken Chenb9fa2062018-11-13 21:51:13 +0800952
953 // dns0 will ignore the request, and we'll fallback to dns1 after the first
954 // retry.
955 ScopedAddrinfo result = safe_getaddrinfo(host_name1, nullptr, &hints);
956 EXPECT_TRUE(result != nullptr);
957 EXPECT_EQ(1U, GetNumQueries(dns0, host_name1));
958 EXPECT_EQ(1U, GetNumQueries(dns1, host_name1));
959
960 // Now make dns1 also ignore 100% requests... The resolve should alternate
Luke Huang483cf332019-06-03 17:24:51 +0800961 // queries between the nameservers and fail
Ken Chenb9fa2062018-11-13 21:51:13 +0800962 dns1.setResponseProbability(0.0);
963 addrinfo* result2 = nullptr;
964 EXPECT_EQ(EAI_NODATA, getaddrinfo(host_name2, nullptr, &hints, &result2));
965 EXPECT_EQ(nullptr, result2);
Luke Huang483cf332019-06-03 17:24:51 +0800966 EXPECT_EQ(1U, GetNumQueries(dns0, host_name2));
967 EXPECT_EQ(1U, GetNumQueries(dns1, host_name2));
Ken Chenb9fa2062018-11-13 21:51:13 +0800968}
969
970TEST_F(ResolverTest, GetAddrInfoV6_concurrent) {
Xiao Ma09b71022018-12-11 17:56:32 +0900971 constexpr char listen_addr0[] = "127.0.0.9";
972 constexpr char listen_addr1[] = "127.0.0.10";
973 constexpr char listen_addr2[] = "127.0.0.11";
974 constexpr char host_name[] = "konbanha.example.com.";
975
976 test::DNSResponder dns0(listen_addr0);
977 test::DNSResponder dns1(listen_addr1);
978 test::DNSResponder dns2(listen_addr2);
979 StartDns(dns0, {{host_name, ns_type::ns_t_aaaa, "2001:db8::5"}});
980 StartDns(dns1, {{host_name, ns_type::ns_t_aaaa, "2001:db8::6"}});
981 StartDns(dns2, {{host_name, ns_type::ns_t_aaaa, "2001:db8::7"}});
982
Luke Huangf8215372019-11-22 11:53:41 +0800983 const std::vector<std::string> servers = {listen_addr0, listen_addr1, listen_addr2};
Ken Chenb9fa2062018-11-13 21:51:13 +0800984 std::vector<std::thread> threads(10);
985 for (std::thread& thread : threads) {
Luke Huangf8215372019-11-22 11:53:41 +0800986 thread = std::thread([this, &servers]() {
987 unsigned delay = arc4random_uniform(1 * 1000 * 1000); // <= 1s
Ken Chenb9fa2062018-11-13 21:51:13 +0800988 usleep(delay);
989 std::vector<std::string> serverSubset;
990 for (const auto& server : servers) {
991 if (arc4random_uniform(2)) {
992 serverSubset.push_back(server);
993 }
994 }
995 if (serverSubset.empty()) serverSubset = servers;
Xiao Ma09b71022018-12-11 17:56:32 +0900996 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(serverSubset));
997 const addrinfo hints = {.ai_family = AF_INET6};
Ken Chenb9fa2062018-11-13 21:51:13 +0800998 addrinfo* result = nullptr;
999 int rv = getaddrinfo("konbanha", nullptr, &hints, &result);
1000 EXPECT_EQ(0, rv) << "error [" << rv << "] " << gai_strerror(rv);
1001 if (result) {
1002 freeaddrinfo(result);
1003 result = nullptr;
1004 }
1005 });
1006 }
1007 for (std::thread& thread : threads) {
1008 thread.join();
1009 }
Ken Chen92bed612018-12-22 21:46:55 +08001010
1011 std::vector<std::string> res_servers;
1012 std::vector<std::string> res_domains;
1013 std::vector<std::string> res_tls_servers;
Bernie Innocenti758005f2019-02-19 18:08:36 +09001014 res_params res_params;
Ken Chen92bed612018-12-22 21:46:55 +08001015 std::vector<ResolverStats> res_stats;
1016 int wait_for_pending_req_timeout_count;
Luke Huangf8215372019-11-22 11:53:41 +08001017 ASSERT_TRUE(DnsResponderClient::GetResolverInfo(
1018 mDnsClient.resolvService(), TEST_NETID, &res_servers, &res_domains, &res_tls_servers,
1019 &res_params, &res_stats, &wait_for_pending_req_timeout_count));
Ken Chen92bed612018-12-22 21:46:55 +08001020 EXPECT_EQ(0, wait_for_pending_req_timeout_count);
Ken Chenb9fa2062018-11-13 21:51:13 +08001021}
1022
Mike Yu8ac63402019-12-02 15:28:38 +08001023TEST_F(ResolverTest, SkipBadServersDueToInternalError) {
1024 constexpr char listen_addr1[] = "fe80::1";
1025 constexpr char listen_addr2[] = "255.255.255.255";
1026 constexpr char listen_addr3[] = "127.0.0.3";
1027
1028 test::DNSResponder dns(listen_addr3);
1029 ASSERT_TRUE(dns.startServer());
1030
1031 ResolverParamsParcel parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
1032 parcel.servers = {listen_addr1, listen_addr2, listen_addr3};
1033
1034 // Bad servers can be distinguished after two attempts.
1035 parcel.minSamples = 2;
1036 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
1037
1038 // Start querying five times.
1039 for (int i = 0; i < 5; i++) {
1040 std::string hostName = StringPrintf("hello%d.com.", i);
1041 dns.addMapping(hostName, ns_type::ns_t_a, "1.2.3.4");
1042 const addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
1043 EXPECT_TRUE(safe_getaddrinfo(hostName.c_str(), nullptr, &hints) != nullptr);
1044 }
1045
Mike Yuc0000252020-03-19 07:14:23 +00001046 const std::vector<NameserverStats> expectedCleartextDnsStats = {
1047 NameserverStats(listen_addr1).setInternalErrors(2),
1048 NameserverStats(listen_addr2).setInternalErrors(2),
1049 NameserverStats(listen_addr3).setSuccesses(5),
1050 };
1051 EXPECT_TRUE(expectStatsFromGetResolverInfo(expectedCleartextDnsStats));
Mike Yu8ac63402019-12-02 15:28:38 +08001052}
1053
1054TEST_F(ResolverTest, SkipBadServersDueToTimeout) {
1055 constexpr char listen_addr1[] = "127.0.0.3";
1056 constexpr char listen_addr2[] = "127.0.0.4";
1057
1058 // Set dns1 non-responsive and dns2 workable.
1059 test::DNSResponder dns1(listen_addr1, test::kDefaultListenService, static_cast<ns_rcode>(-1));
1060 test::DNSResponder dns2(listen_addr2);
1061 dns1.setResponseProbability(0.0);
1062 ASSERT_TRUE(dns1.startServer());
1063 ASSERT_TRUE(dns2.startServer());
1064
1065 ResolverParamsParcel parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
1066 parcel.servers = {listen_addr1, listen_addr2};
1067
1068 // Bad servers can be distinguished after two attempts.
1069 parcel.minSamples = 2;
1070 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
1071
1072 // Start querying five times.
1073 for (int i = 0; i < 5; i++) {
1074 std::string hostName = StringPrintf("hello%d.com.", i);
1075 dns1.addMapping(hostName, ns_type::ns_t_a, "1.2.3.4");
1076 dns2.addMapping(hostName, ns_type::ns_t_a, "1.2.3.5");
1077 const addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
1078 EXPECT_TRUE(safe_getaddrinfo(hostName.c_str(), nullptr, &hints) != nullptr);
1079 }
1080
Mike Yuc0000252020-03-19 07:14:23 +00001081 const std::vector<NameserverStats> expectedCleartextDnsStats = {
1082 NameserverStats(listen_addr1).setTimeouts(2),
1083 NameserverStats(listen_addr2).setSuccesses(5),
1084 };
1085 EXPECT_TRUE(expectStatsFromGetResolverInfo(expectedCleartextDnsStats));
Mike Yu8ac63402019-12-02 15:28:38 +08001086 EXPECT_EQ(dns1.queries().size(), 2U);
1087 EXPECT_EQ(dns2.queries().size(), 5U);
1088}
1089
chenbrucefd837fa2019-10-29 18:35:36 +08001090TEST_F(ResolverTest, GetAddrInfoFromCustTable_InvalidInput) {
1091 constexpr char hostnameNoip[] = "noip.example.com.";
1092 constexpr char hostnameInvalidip[] = "invalidip.example.com.";
1093 const std::vector<aidl::android::net::ResolverHostsParcel> invalidCustHosts = {
1094 {"", hostnameNoip},
1095 {"wrong IP", hostnameInvalidip},
1096 };
1097 test::DNSResponder dns;
1098 StartDns(dns, {});
1099 auto resolverParams = DnsResponderClient::GetDefaultResolverParamsParcel();
Ken Chen05420812020-04-07 18:58:38 +00001100 resolverParams.resolverOptions.hosts = invalidCustHosts;
chenbrucefd837fa2019-10-29 18:35:36 +08001101 ASSERT_TRUE(mDnsClient.resolvService()->setResolverConfiguration(resolverParams).isOk());
1102 for (const auto& hostname : {hostnameNoip, hostnameInvalidip}) {
1103 // The query won't get data from customized table because of invalid customized table
1104 // and DNSResponder also has no records. hostnameNoip has never registered and
1105 // hostnameInvalidip has registered but wrong IP.
1106 const addrinfo hints = {.ai_family = AF_UNSPEC};
1107 ScopedAddrinfo result = safe_getaddrinfo(hostname, nullptr, &hints);
1108 ASSERT_TRUE(result == nullptr);
1109 EXPECT_EQ(4U, GetNumQueries(dns, hostname));
1110 }
1111}
1112
1113TEST_F(ResolverTest, GetAddrInfoFromCustTable) {
1114 constexpr char hostnameV4[] = "v4only.example.com.";
1115 constexpr char hostnameV6[] = "v6only.example.com.";
1116 constexpr char hostnameV4V6[] = "v4v6.example.com.";
1117 constexpr char custAddrV4[] = "1.2.3.4";
1118 constexpr char custAddrV6[] = "::1.2.3.4";
1119 constexpr char dnsSvAddrV4[] = "1.2.3.5";
1120 constexpr char dnsSvAddrV6[] = "::1.2.3.5";
1121 const std::vector<aidl::android::net::ResolverHostsParcel> custHostV4 = {
1122 {custAddrV4, hostnameV4},
1123 };
1124 const std::vector<aidl::android::net::ResolverHostsParcel> custHostV6 = {
1125 {custAddrV6, hostnameV6},
1126 };
1127 const std::vector<aidl::android::net::ResolverHostsParcel> custHostV4V6 = {
1128 {custAddrV4, hostnameV4V6},
1129 {custAddrV6, hostnameV4V6},
1130 };
1131 const std::vector<DnsRecord> dnsSvHostV4 = {
1132 {hostnameV4, ns_type::ns_t_a, dnsSvAddrV4},
1133 };
1134 const std::vector<DnsRecord> dnsSvHostV6 = {
1135 {hostnameV6, ns_type::ns_t_aaaa, dnsSvAddrV6},
1136 };
1137 const std::vector<DnsRecord> dnsSvHostV4V6 = {
1138 {hostnameV4V6, ns_type::ns_t_a, dnsSvAddrV4},
1139 {hostnameV4V6, ns_type::ns_t_aaaa, dnsSvAddrV6},
1140 };
1141 struct TestConfig {
1142 const std::string name;
1143 const std::vector<aidl::android::net::ResolverHostsParcel> customizedHosts;
1144 const std::vector<DnsRecord> dnsserverHosts;
1145 const std::vector<std::string> queryResult;
1146 std::string asParameters() const {
1147 return StringPrintf("name: %s, customizedHosts: %s, dnsserverHosts: %s", name.c_str(),
1148 customizedHosts.empty() ? "No" : "Yes",
1149 dnsserverHosts.empty() ? "No" : "Yes");
1150 }
1151 } testConfigs[]{
1152 // clang-format off
1153 {hostnameV4, {}, {}, {}},
1154 {hostnameV4, {}, dnsSvHostV4, {dnsSvAddrV4}},
1155 {hostnameV4, custHostV4, {}, {custAddrV4}},
1156 {hostnameV4, custHostV4, dnsSvHostV4, {custAddrV4}},
1157 {hostnameV6, {}, {}, {}},
1158 {hostnameV6, {}, dnsSvHostV6, {dnsSvAddrV6}},
1159 {hostnameV6, custHostV6, {}, {custAddrV6}},
1160 {hostnameV6, custHostV6, dnsSvHostV6, {custAddrV6}},
1161 {hostnameV4V6, {}, {}, {}},
1162 {hostnameV4V6, {}, dnsSvHostV4V6, {dnsSvAddrV4, dnsSvAddrV6}},
1163 {hostnameV4V6, custHostV4V6, {}, {custAddrV4, custAddrV6}},
1164 {hostnameV4V6, custHostV4V6, dnsSvHostV4V6, {custAddrV4, custAddrV6}},
1165 // clang-format on
1166 };
1167
1168 for (const auto& config : testConfigs) {
1169 SCOPED_TRACE(config.asParameters());
1170
1171 test::DNSResponder dns;
1172 StartDns(dns, config.dnsserverHosts);
1173
1174 auto resolverParams = DnsResponderClient::GetDefaultResolverParamsParcel();
Ken Chen05420812020-04-07 18:58:38 +00001175 resolverParams.resolverOptions.hosts = config.customizedHosts;
chenbrucefd837fa2019-10-29 18:35:36 +08001176 ASSERT_TRUE(mDnsClient.resolvService()->setResolverConfiguration(resolverParams).isOk());
1177 const addrinfo hints = {.ai_family = AF_UNSPEC, .ai_socktype = SOCK_STREAM};
1178 ScopedAddrinfo result = safe_getaddrinfo(config.name.c_str(), nullptr, &hints);
1179 if (config.customizedHosts.empty() && config.dnsserverHosts.empty()) {
1180 ASSERT_TRUE(result == nullptr);
1181 EXPECT_EQ(2U, GetNumQueries(dns, config.name.c_str()));
1182 } else {
1183 ASSERT_TRUE(result != nullptr);
1184 EXPECT_THAT(ToStrings(result), testing::UnorderedElementsAreArray(config.queryResult));
1185 EXPECT_EQ(config.customizedHosts.empty() ? 2U : 0U,
1186 GetNumQueries(dns, config.name.c_str()));
1187 }
1188
1189 EXPECT_TRUE(mDnsClient.resolvService()->flushNetworkCache(TEST_NETID).isOk());
1190 }
1191}
1192
1193TEST_F(ResolverTest, GetAddrInfoFromCustTable_Modify) {
1194 constexpr char hostnameV4V6[] = "v4v6.example.com.";
1195 constexpr char custAddrV4[] = "1.2.3.4";
1196 constexpr char custAddrV6[] = "::1.2.3.4";
1197 constexpr char dnsSvAddrV4[] = "1.2.3.5";
1198 constexpr char dnsSvAddrV6[] = "::1.2.3.5";
1199 const std::vector<DnsRecord> dnsSvHostV4V6 = {
1200 {hostnameV4V6, ns_type::ns_t_a, dnsSvAddrV4},
1201 {hostnameV4V6, ns_type::ns_t_aaaa, dnsSvAddrV6},
1202 };
1203 const std::vector<aidl::android::net::ResolverHostsParcel> custHostV4V6 = {
1204 {custAddrV4, hostnameV4V6},
1205 {custAddrV6, hostnameV4V6},
1206 };
1207 test::DNSResponder dns;
1208 StartDns(dns, dnsSvHostV4V6);
1209 auto resolverParams = DnsResponderClient::GetDefaultResolverParamsParcel();
1210
Ken Chen05420812020-04-07 18:58:38 +00001211 resolverParams.resolverOptions.hosts = custHostV4V6;
chenbrucefd837fa2019-10-29 18:35:36 +08001212 ASSERT_TRUE(mDnsClient.resolvService()->setResolverConfiguration(resolverParams).isOk());
1213 const addrinfo hints = {.ai_family = AF_UNSPEC, .ai_socktype = SOCK_STREAM};
1214 ScopedAddrinfo result = safe_getaddrinfo(hostnameV4V6, nullptr, &hints);
1215 ASSERT_TRUE(result != nullptr);
1216 EXPECT_THAT(ToStrings(result), testing::UnorderedElementsAreArray({custAddrV4, custAddrV6}));
1217 EXPECT_EQ(0U, GetNumQueries(dns, hostnameV4V6));
1218
Ken Chen05420812020-04-07 18:58:38 +00001219 resolverParams.resolverOptions.hosts = {};
chenbrucefd837fa2019-10-29 18:35:36 +08001220 ASSERT_TRUE(mDnsClient.resolvService()->setResolverConfiguration(resolverParams).isOk());
1221 result = safe_getaddrinfo(hostnameV4V6, nullptr, &hints);
1222 ASSERT_TRUE(result != nullptr);
1223 EXPECT_THAT(ToStrings(result), testing::UnorderedElementsAreArray({dnsSvAddrV4, dnsSvAddrV6}));
1224 EXPECT_EQ(2U, GetNumQueries(dns, hostnameV4V6));
1225}
1226
Ken Chenb9fa2062018-11-13 21:51:13 +08001227TEST_F(ResolverTest, EmptySetup) {
Ken Chenb9fa2062018-11-13 21:51:13 +08001228 std::vector<std::string> servers;
1229 std::vector<std::string> domains;
Xiao Ma09b71022018-12-11 17:56:32 +09001230 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers, domains));
Ken Chenb9fa2062018-11-13 21:51:13 +08001231 std::vector<std::string> res_servers;
1232 std::vector<std::string> res_domains;
Mike Yu0a1c53d2018-11-26 13:26:21 +09001233 std::vector<std::string> res_tls_servers;
Bernie Innocenti758005f2019-02-19 18:08:36 +09001234 res_params res_params;
Ken Chenb9fa2062018-11-13 21:51:13 +08001235 std::vector<ResolverStats> res_stats;
Ken Chen92bed612018-12-22 21:46:55 +08001236 int wait_for_pending_req_timeout_count;
Luke Huangf8215372019-11-22 11:53:41 +08001237 ASSERT_TRUE(DnsResponderClient::GetResolverInfo(
1238 mDnsClient.resolvService(), TEST_NETID, &res_servers, &res_domains, &res_tls_servers,
1239 &res_params, &res_stats, &wait_for_pending_req_timeout_count));
Ken Chenb9fa2062018-11-13 21:51:13 +08001240 EXPECT_EQ(0U, res_servers.size());
1241 EXPECT_EQ(0U, res_domains.size());
Mike Yu0a1c53d2018-11-26 13:26:21 +09001242 EXPECT_EQ(0U, res_tls_servers.size());
Luke Huang5bd827c2019-03-14 16:10:04 +08001243 ASSERT_EQ(static_cast<size_t>(IDnsResolver::RESOLVER_PARAMS_COUNT), kDefaultParams.size());
1244 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_SAMPLE_VALIDITY],
1245 res_params.sample_validity);
1246 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_SUCCESS_THRESHOLD],
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +09001247 res_params.success_threshold);
Luke Huang5bd827c2019-03-14 16:10:04 +08001248 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_MIN_SAMPLES], res_params.min_samples);
1249 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_MAX_SAMPLES], res_params.max_samples);
1250 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_BASE_TIMEOUT_MSEC],
Ken Chenb9fa2062018-11-13 21:51:13 +08001251 res_params.base_timeout_msec);
Luke Huang5bd827c2019-03-14 16:10:04 +08001252 EXPECT_EQ(kDefaultParams[IDnsResolver::RESOLVER_PARAMS_RETRY_COUNT], res_params.retry_count);
Ken Chenb9fa2062018-11-13 21:51:13 +08001253}
1254
1255TEST_F(ResolverTest, SearchPathChange) {
Xiao Ma09b71022018-12-11 17:56:32 +09001256 constexpr char listen_addr[] = "127.0.0.13";
1257 constexpr char host_name1[] = "test13.domain1.org.";
1258 constexpr char host_name2[] = "test13.domain2.org.";
Luke Huangf8215372019-11-22 11:53:41 +08001259 std::vector<std::string> servers = {listen_addr};
1260 std::vector<std::string> domains = {"domain1.org"};
Xiao Ma09b71022018-12-11 17:56:32 +09001261
1262 const std::vector<DnsRecord> records = {
1263 {host_name1, ns_type::ns_t_aaaa, "2001:db8::13"},
1264 {host_name2, ns_type::ns_t_aaaa, "2001:db8::1:13"},
1265 };
1266 test::DNSResponder dns(listen_addr);
1267 StartDns(dns, records);
1268 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers, domains));
Ken Chenb9fa2062018-11-13 21:51:13 +08001269
1270 const addrinfo hints = {.ai_family = AF_INET6};
1271 ScopedAddrinfo result = safe_getaddrinfo("test13", nullptr, &hints);
1272 EXPECT_TRUE(result != nullptr);
1273 EXPECT_EQ(1U, dns.queries().size());
1274 EXPECT_EQ(1U, GetNumQueries(dns, host_name1));
1275 EXPECT_EQ("2001:db8::13", ToString(result));
1276
1277 // Test that changing the domain search path on its own works.
Luke Huangf8215372019-11-22 11:53:41 +08001278 domains = {"domain2.org"};
Xiao Ma09b71022018-12-11 17:56:32 +09001279 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers, domains));
Ken Chenb9fa2062018-11-13 21:51:13 +08001280 dns.clearQueries();
1281
1282 result = safe_getaddrinfo("test13", nullptr, &hints);
1283 EXPECT_TRUE(result != nullptr);
1284 EXPECT_EQ(1U, dns.queries().size());
1285 EXPECT_EQ(1U, GetNumQueries(dns, host_name2));
1286 EXPECT_EQ("2001:db8::1:13", ToString(result));
1287}
1288
Luke Huang2dac4382019-06-24 13:28:44 +08001289namespace {
1290
Luke Huangf8215372019-11-22 11:53:41 +08001291std::vector<std::string> getResolverDomains(aidl::android::net::IDnsResolver* dnsResolverService,
Luke Huang2dac4382019-06-24 13:28:44 +08001292 unsigned netId) {
1293 std::vector<std::string> res_servers;
1294 std::vector<std::string> res_domains;
1295 std::vector<std::string> res_tls_servers;
1296 res_params res_params;
1297 std::vector<ResolverStats> res_stats;
1298 int wait_for_pending_req_timeout_count;
Luke Huangf8215372019-11-22 11:53:41 +08001299 DnsResponderClient::GetResolverInfo(dnsResolverService, netId, &res_servers, &res_domains,
1300 &res_tls_servers, &res_params, &res_stats,
1301 &wait_for_pending_req_timeout_count);
Luke Huang2dac4382019-06-24 13:28:44 +08001302 return res_domains;
1303}
1304
1305} // namespace
1306
1307TEST_F(ResolverTest, SearchPathPrune) {
1308 constexpr size_t DUPLICATED_DOMAIN_NUM = 3;
1309 constexpr char listen_addr[] = "127.0.0.13";
1310 constexpr char domian_name1[] = "domain13.org.";
1311 constexpr char domian_name2[] = "domain14.org.";
1312 constexpr char host_name1[] = "test13.domain13.org.";
1313 constexpr char host_name2[] = "test14.domain14.org.";
1314 std::vector<std::string> servers = {listen_addr};
1315
1316 std::vector<std::string> testDomains1;
1317 std::vector<std::string> testDomains2;
1318 // Domain length should be <= 255
1319 // Max number of domains in search path is 6
1320 for (size_t i = 0; i < MAXDNSRCH + 1; i++) {
1321 // Fill up with invalid domain
1322 testDomains1.push_back(std::string(300, i + '0'));
1323 // Fill up with valid but duplicated domain
1324 testDomains2.push_back(StringPrintf("domain%zu.org", i % DUPLICATED_DOMAIN_NUM));
1325 }
1326
1327 // Add valid domain used for query.
1328 testDomains1.push_back(domian_name1);
1329
1330 // Add valid domain twice used for query.
1331 testDomains2.push_back(domian_name2);
1332 testDomains2.push_back(domian_name2);
1333
1334 const std::vector<DnsRecord> records = {
1335 {host_name1, ns_type::ns_t_aaaa, "2001:db8::13"},
1336 {host_name2, ns_type::ns_t_aaaa, "2001:db8::1:13"},
1337 };
1338 test::DNSResponder dns(listen_addr);
1339 StartDns(dns, records);
1340 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers, testDomains1));
1341
1342 const addrinfo hints = {.ai_family = AF_INET6};
1343 ScopedAddrinfo result = safe_getaddrinfo("test13", nullptr, &hints);
1344
1345 EXPECT_TRUE(result != nullptr);
1346
1347 EXPECT_EQ(1U, dns.queries().size());
1348 EXPECT_EQ(1U, GetNumQueries(dns, host_name1));
1349 EXPECT_EQ("2001:db8::13", ToString(result));
1350
1351 const auto& res_domains1 = getResolverDomains(mDnsClient.resolvService(), TEST_NETID);
1352 // Expect 1 valid domain, invalid domains are removed.
1353 ASSERT_EQ(1U, res_domains1.size());
1354 EXPECT_EQ(domian_name1, res_domains1[0]);
1355
1356 dns.clearQueries();
1357
1358 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers, testDomains2));
1359
1360 result = safe_getaddrinfo("test14", nullptr, &hints);
1361 EXPECT_TRUE(result != nullptr);
1362
1363 // (3 domains * 2 retries) + 1 success query = 7
1364 EXPECT_EQ(7U, dns.queries().size());
1365 EXPECT_EQ(1U, GetNumQueries(dns, host_name2));
1366 EXPECT_EQ("2001:db8::1:13", ToString(result));
1367
1368 const auto& res_domains2 = getResolverDomains(mDnsClient.resolvService(), TEST_NETID);
1369 // Expect 4 valid domain, duplicate domains are removed.
1370 EXPECT_EQ(DUPLICATED_DOMAIN_NUM + 1U, res_domains2.size());
1371 EXPECT_THAT(
1372 std::vector<std::string>({"domain0.org", "domain1.org", "domain2.org", domian_name2}),
1373 testing::ElementsAreArray(res_domains2));
1374}
1375
Mike Yu0a1c53d2018-11-26 13:26:21 +09001376// If we move this function to dns_responder_client, it will complicate the dependency need of
1377// dns_tls_frontend.h.
1378static void setupTlsServers(const std::vector<std::string>& servers,
waynema0e73c2e2019-07-31 15:04:08 +08001379 std::vector<std::unique_ptr<test::DnsTlsFrontend>>* tls) {
Xiao Ma09b71022018-12-11 17:56:32 +09001380 constexpr char listen_udp[] = "53";
1381 constexpr char listen_tls[] = "853";
Mike Yu0a1c53d2018-11-26 13:26:21 +09001382
1383 for (const auto& server : servers) {
1384 auto t = std::make_unique<test::DnsTlsFrontend>(server, listen_tls, server, listen_udp);
1385 t = std::make_unique<test::DnsTlsFrontend>(server, listen_tls, server, listen_udp);
1386 t->startServer();
Mike Yu0a1c53d2018-11-26 13:26:21 +09001387 tls->push_back(std::move(t));
1388 }
1389}
1390
Mike Yu0a1c53d2018-11-26 13:26:21 +09001391TEST_F(ResolverTest, MaxServerPrune_Binder) {
Mike Yu0a1c53d2018-11-26 13:26:21 +09001392 std::vector<std::string> domains;
1393 std::vector<std::unique_ptr<test::DNSResponder>> dns;
1394 std::vector<std::unique_ptr<test::DnsTlsFrontend>> tls;
1395 std::vector<std::string> servers;
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +09001396 std::vector<DnsResponderClient::Mapping> mappings;
Mike Yu0a1c53d2018-11-26 13:26:21 +09001397
1398 for (unsigned i = 0; i < MAXDNSRCH + 1; i++) {
1399 domains.push_back(StringPrintf("example%u.com", i));
1400 }
Bernie Innocentia5c7b7b2019-01-17 21:28:24 +09001401 ASSERT_NO_FATAL_FAILURE(mDnsClient.SetupMappings(1, domains, &mappings));
1402 ASSERT_NO_FATAL_FAILURE(mDnsClient.SetupDNSServers(MAXNS + 1, mappings, &dns, &servers));
waynema0e73c2e2019-07-31 15:04:08 +08001403 ASSERT_NO_FATAL_FAILURE(setupTlsServers(servers, &tls));
Mike Yu0a1c53d2018-11-26 13:26:21 +09001404
waynema0e73c2e2019-07-31 15:04:08 +08001405 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, domains, kDefaultParams,
1406 kDefaultPrivateDnsHostName));
Mike Yu0a1c53d2018-11-26 13:26:21 +09001407
Mike Yu383855b2019-01-15 17:53:27 +08001408 // If the private DNS validation hasn't completed yet before backend DNS servers stop,
1409 // TLS servers will get stuck in handleOneRequest(), which causes this test stuck in
1410 // ~DnsTlsFrontend() because the TLS server loop threads can't be terminated.
1411 // So, wait for private DNS validation done before stopping backend DNS servers.
1412 for (int i = 0; i < MAXNS; i++) {
chenbruceaff85842019-05-31 15:46:42 +08001413 LOG(INFO) << "Waiting for private DNS validation on " << tls[i]->listen_address() << ".";
Mike Yu724f77d2019-08-16 11:14:50 +08001414 EXPECT_TRUE(WaitForPrivateDnsValidation(tls[i]->listen_address(), true));
chenbruceaff85842019-05-31 15:46:42 +08001415 LOG(INFO) << "private DNS validation on " << tls[i]->listen_address() << " done.";
Mike Yu383855b2019-01-15 17:53:27 +08001416 }
1417
Mike Yu0a1c53d2018-11-26 13:26:21 +09001418 std::vector<std::string> res_servers;
1419 std::vector<std::string> res_domains;
1420 std::vector<std::string> res_tls_servers;
Bernie Innocenti758005f2019-02-19 18:08:36 +09001421 res_params res_params;
Mike Yu0a1c53d2018-11-26 13:26:21 +09001422 std::vector<ResolverStats> res_stats;
Ken Chen92bed612018-12-22 21:46:55 +08001423 int wait_for_pending_req_timeout_count;
Luke Huangf8215372019-11-22 11:53:41 +08001424 ASSERT_TRUE(DnsResponderClient::GetResolverInfo(
1425 mDnsClient.resolvService(), TEST_NETID, &res_servers, &res_domains, &res_tls_servers,
1426 &res_params, &res_stats, &wait_for_pending_req_timeout_count));
Mike Yu0a1c53d2018-11-26 13:26:21 +09001427
1428 // Check the size of the stats and its contents.
1429 EXPECT_EQ(static_cast<size_t>(MAXNS), res_servers.size());
1430 EXPECT_EQ(static_cast<size_t>(MAXNS), res_tls_servers.size());
1431 EXPECT_EQ(static_cast<size_t>(MAXDNSRCH), res_domains.size());
1432 EXPECT_TRUE(std::equal(servers.begin(), servers.begin() + MAXNS, res_servers.begin()));
1433 EXPECT_TRUE(std::equal(servers.begin(), servers.begin() + MAXNS, res_tls_servers.begin()));
1434 EXPECT_TRUE(std::equal(domains.begin(), domains.begin() + MAXDNSRCH, res_domains.begin()));
Mike Yu0a1c53d2018-11-26 13:26:21 +09001435}
1436
1437TEST_F(ResolverTest, ResolverStats) {
Xiao Ma09b71022018-12-11 17:56:32 +09001438 constexpr char listen_addr1[] = "127.0.0.4";
1439 constexpr char listen_addr2[] = "127.0.0.5";
1440 constexpr char listen_addr3[] = "127.0.0.6";
Mike Yu0a1c53d2018-11-26 13:26:21 +09001441
1442 // Set server 1 timeout.
Mike Yufc125e42019-05-15 20:41:28 +08001443 test::DNSResponder dns1(listen_addr1, "53", static_cast<ns_rcode>(-1));
Mike Yu0a1c53d2018-11-26 13:26:21 +09001444 dns1.setResponseProbability(0.0);
1445 ASSERT_TRUE(dns1.startServer());
1446
1447 // Set server 2 responding server failure.
Xiao Ma09b71022018-12-11 17:56:32 +09001448 test::DNSResponder dns2(listen_addr2);
Mike Yu0a1c53d2018-11-26 13:26:21 +09001449 dns2.setResponseProbability(0.0);
1450 ASSERT_TRUE(dns2.startServer());
1451
1452 // Set server 3 workable.
Xiao Ma09b71022018-12-11 17:56:32 +09001453 test::DNSResponder dns3(listen_addr3);
1454 dns3.addMapping(kHelloExampleCom, ns_type::ns_t_a, "1.2.3.4");
Mike Yu0a1c53d2018-11-26 13:26:21 +09001455 ASSERT_TRUE(dns3.startServer());
1456
1457 std::vector<std::string> servers = {listen_addr1, listen_addr2, listen_addr3};
Xiao Ma09b71022018-12-11 17:56:32 +09001458 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
Mike Yu0a1c53d2018-11-26 13:26:21 +09001459
1460 dns3.clearQueries();
Xiao Ma09b71022018-12-11 17:56:32 +09001461 const addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
Mike Yu0a1c53d2018-11-26 13:26:21 +09001462 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
Xiao Ma09b71022018-12-11 17:56:32 +09001463 size_t found = GetNumQueries(dns3, kHelloExampleCom);
Mike Yu0a1c53d2018-11-26 13:26:21 +09001464 EXPECT_LE(1U, found);
1465 std::string result_str = ToString(result);
1466 EXPECT_TRUE(result_str == "1.2.3.4") << ", result_str='" << result_str << "'";
1467
Mike Yuc0000252020-03-19 07:14:23 +00001468 const std::vector<NameserverStats> expectedCleartextDnsStats = {
1469 NameserverStats(listen_addr1).setTimeouts(1),
1470 NameserverStats(listen_addr2).setErrors(1),
1471 NameserverStats(listen_addr3).setSuccesses(1),
1472 };
1473 EXPECT_TRUE(expectStatsFromGetResolverInfo(expectedCleartextDnsStats));
Mike Yu0a1c53d2018-11-26 13:26:21 +09001474}
1475
Mike Yu15791832020-02-11 13:38:48 +08001476TEST_F(ResolverTest, AlwaysUseLatestSetupParamsInLookups) {
1477 constexpr char listen_addr1[] = "127.0.0.3";
1478 constexpr char listen_addr2[] = "255.255.255.255";
1479 constexpr char listen_addr3[] = "127.0.0.4";
1480 constexpr char hostname[] = "hello";
1481 constexpr char fqdn_with_search_domain[] = "hello.domain2.com.";
1482
1483 test::DNSResponder dns1(listen_addr1, test::kDefaultListenService, static_cast<ns_rcode>(-1));
1484 dns1.setResponseProbability(0.0);
1485 ASSERT_TRUE(dns1.startServer());
1486
1487 test::DNSResponder dns3(listen_addr3);
1488 StartDns(dns3, {{fqdn_with_search_domain, ns_type::ns_t_a, "1.2.3.4"}});
1489
1490 ResolverParamsParcel parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
1491 parcel.tlsServers.clear();
1492 parcel.servers = {listen_addr1, listen_addr2};
1493 parcel.domains = {"domain1.com", "domain2.com"};
1494 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
1495
1496 // Expect the things happening in t1:
1497 // 1. The lookup starts using the first domain for query. It sends queries to the populated
1498 // nameserver list {listen_addr1, listen_addr2} for the hostname "hello.domain1.com".
1499 // 2. A different list of nameservers is updated to the resolver. Revision ID is incremented.
1500 // 3. The query for the hostname times out. The lookup fails to add the timeout record to the
1501 // the stats because of the unmatched revision ID.
1502 // 4. The lookup starts using the second domain for query. It sends queries to the populated
1503 // nameserver list {listen_addr3, listen_addr1, listen_addr2} for another hostname
1504 // "hello.domain2.com".
1505 // 5. The lookup gets the answer and updates a success record to the stats.
1506 std::thread t1([&hostname]() {
1507 const addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
1508 ScopedAddrinfo result = safe_getaddrinfo(hostname, nullptr, &hints);
1509 EXPECT_NE(result.get(), nullptr);
1510 EXPECT_EQ(ToString(result), "1.2.3.4");
1511 });
1512
1513 // Wait for t1 to start the step 1.
1514 while (dns1.queries().size() == 0) {
1515 usleep(1000);
1516 }
1517
1518 // Update the resolver with three nameservers. This will increment the revision ID.
1519 parcel.servers = {listen_addr3, listen_addr1, listen_addr2};
1520 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
1521
1522 t1.join();
1523 EXPECT_EQ(0U, GetNumQueriesForType(dns3, ns_type::ns_t_aaaa, fqdn_with_search_domain));
1524 EXPECT_EQ(1U, GetNumQueriesForType(dns3, ns_type::ns_t_a, fqdn_with_search_domain));
1525
Mike Yuc0000252020-03-19 07:14:23 +00001526 const std::vector<NameserverStats> expectedCleartextDnsStats = {
1527 NameserverStats(listen_addr1),
1528 NameserverStats(listen_addr2),
1529 NameserverStats(listen_addr3).setSuccesses(1),
1530 };
1531 EXPECT_TRUE(expectStatsFromGetResolverInfo(expectedCleartextDnsStats));
Mike Yu15791832020-02-11 13:38:48 +08001532}
1533
Ken Chenb9fa2062018-11-13 21:51:13 +08001534// Test what happens if the specified TLS server is nonexistent.
1535TEST_F(ResolverTest, GetHostByName_TlsMissing) {
Xiao Ma09b71022018-12-11 17:56:32 +09001536 constexpr char listen_addr[] = "127.0.0.3";
1537 constexpr char host_name[] = "tlsmissing.example.com.";
1538
1539 test::DNSResponder dns;
1540 StartDns(dns, {{host_name, ns_type::ns_t_a, "1.2.3.3"}});
Luke Huangf8215372019-11-22 11:53:41 +08001541 std::vector<std::string> servers = {listen_addr};
Ken Chenb9fa2062018-11-13 21:51:13 +08001542
1543 // There's nothing listening on this address, so validation will either fail or
1544 /// hang. Either way, queries will continue to flow to the DNSResponder.
waynema0e73c2e2019-07-31 15:04:08 +08001545 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams, ""));
Ken Chenb9fa2062018-11-13 21:51:13 +08001546
1547 const hostent* result;
1548
1549 result = gethostbyname("tlsmissing");
1550 ASSERT_FALSE(result == nullptr);
1551 EXPECT_EQ("1.2.3.3", ToString(result));
1552
1553 // Clear TLS bit.
Xiao Ma09b71022018-12-11 17:56:32 +09001554 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +08001555}
1556
1557// Test what happens if the specified TLS server replies with garbage.
1558TEST_F(ResolverTest, GetHostByName_TlsBroken) {
Xiao Ma09b71022018-12-11 17:56:32 +09001559 constexpr char listen_addr[] = "127.0.0.3";
1560 constexpr char host_name1[] = "tlsbroken1.example.com.";
1561 constexpr char host_name2[] = "tlsbroken2.example.com.";
1562 const std::vector<DnsRecord> records = {
1563 {host_name1, ns_type::ns_t_a, "1.2.3.1"},
1564 {host_name2, ns_type::ns_t_a, "1.2.3.2"},
1565 };
1566
1567 test::DNSResponder dns;
1568 StartDns(dns, records);
Luke Huangf8215372019-11-22 11:53:41 +08001569 std::vector<std::string> servers = {listen_addr};
Ken Chenb9fa2062018-11-13 21:51:13 +08001570
1571 // Bind the specified private DNS socket but don't respond to any client sockets yet.
1572 int s = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, IPPROTO_TCP);
1573 ASSERT_TRUE(s >= 0);
1574 struct sockaddr_in tlsServer = {
Luke Huangf8215372019-11-22 11:53:41 +08001575 .sin_family = AF_INET,
1576 .sin_port = htons(853),
Ken Chenb9fa2062018-11-13 21:51:13 +08001577 };
1578 ASSERT_TRUE(inet_pton(AF_INET, listen_addr, &tlsServer.sin_addr));
1579 ASSERT_TRUE(enableSockopt(s, SOL_SOCKET, SO_REUSEPORT).ok());
1580 ASSERT_TRUE(enableSockopt(s, SOL_SOCKET, SO_REUSEADDR).ok());
1581 ASSERT_FALSE(bind(s, reinterpret_cast<struct sockaddr*>(&tlsServer), sizeof(tlsServer)));
1582 ASSERT_FALSE(listen(s, 1));
1583
1584 // Trigger TLS validation.
waynema0e73c2e2019-07-31 15:04:08 +08001585 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams, ""));
Ken Chenb9fa2062018-11-13 21:51:13 +08001586
1587 struct sockaddr_storage cliaddr;
1588 socklen_t sin_size = sizeof(cliaddr);
Luke Huangf8215372019-11-22 11:53:41 +08001589 int new_fd = accept4(s, reinterpret_cast<struct sockaddr*>(&cliaddr), &sin_size, SOCK_CLOEXEC);
Ken Chenb9fa2062018-11-13 21:51:13 +08001590 ASSERT_TRUE(new_fd > 0);
1591
1592 // We've received the new file descriptor but not written to it or closed, so the
1593 // validation is still pending. Queries should still flow correctly because the
1594 // server is not used until validation succeeds.
1595 const hostent* result;
1596 result = gethostbyname("tlsbroken1");
1597 ASSERT_FALSE(result == nullptr);
1598 EXPECT_EQ("1.2.3.1", ToString(result));
1599
1600 // Now we cause the validation to fail.
1601 std::string garbage = "definitely not a valid TLS ServerHello";
1602 write(new_fd, garbage.data(), garbage.size());
1603 close(new_fd);
1604
1605 // Validation failure shouldn't interfere with lookups, because lookups won't be sent
1606 // to the TLS server unless validation succeeds.
1607 result = gethostbyname("tlsbroken2");
1608 ASSERT_FALSE(result == nullptr);
1609 EXPECT_EQ("1.2.3.2", ToString(result));
1610
1611 // Clear TLS bit.
Xiao Ma09b71022018-12-11 17:56:32 +09001612 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +08001613 close(s);
1614}
1615
1616TEST_F(ResolverTest, GetHostByName_Tls) {
Xiao Ma09b71022018-12-11 17:56:32 +09001617 constexpr char listen_addr[] = "127.0.0.3";
1618 constexpr char listen_udp[] = "53";
1619 constexpr char listen_tls[] = "853";
1620 constexpr char host_name1[] = "tls1.example.com.";
1621 constexpr char host_name2[] = "tls2.example.com.";
1622 constexpr char host_name3[] = "tls3.example.com.";
1623 const std::vector<DnsRecord> records = {
1624 {host_name1, ns_type::ns_t_a, "1.2.3.1"},
1625 {host_name2, ns_type::ns_t_a, "1.2.3.2"},
1626 {host_name3, ns_type::ns_t_a, "1.2.3.3"},
1627 };
1628
1629 test::DNSResponder dns;
1630 StartDns(dns, records);
Luke Huangf8215372019-11-22 11:53:41 +08001631 std::vector<std::string> servers = {listen_addr};
Ken Chenb9fa2062018-11-13 21:51:13 +08001632
1633 test::DnsTlsFrontend tls(listen_addr, listen_tls, listen_addr, listen_udp);
1634 ASSERT_TRUE(tls.startServer());
waynema0e73c2e2019-07-31 15:04:08 +08001635 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams, ""));
Mike Yu724f77d2019-08-16 11:14:50 +08001636 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
Ken Chenb9fa2062018-11-13 21:51:13 +08001637
Mike Yu724f77d2019-08-16 11:14:50 +08001638 const hostent* result = gethostbyname("tls1");
Ken Chenb9fa2062018-11-13 21:51:13 +08001639 ASSERT_FALSE(result == nullptr);
1640 EXPECT_EQ("1.2.3.1", ToString(result));
1641
1642 // Wait for query to get counted.
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09001643 EXPECT_TRUE(tls.waitForQueries(2));
Ken Chenb9fa2062018-11-13 21:51:13 +08001644
1645 // Stop the TLS server. Since we're in opportunistic mode, queries will
1646 // fall back to the locally-assigned (clear text) nameservers.
1647 tls.stopServer();
1648
1649 dns.clearQueries();
1650 result = gethostbyname("tls2");
1651 EXPECT_FALSE(result == nullptr);
1652 EXPECT_EQ("1.2.3.2", ToString(result));
1653 const auto queries = dns.queries();
1654 EXPECT_EQ(1U, queries.size());
waynema29253052019-08-20 11:26:08 +08001655 EXPECT_EQ("tls2.example.com.", queries[0].name);
1656 EXPECT_EQ(ns_t_a, queries[0].type);
Ken Chenb9fa2062018-11-13 21:51:13 +08001657
1658 // Reset the resolvers without enabling TLS. Queries should still be routed
1659 // to the UDP endpoint.
Xiao Ma09b71022018-12-11 17:56:32 +09001660 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +08001661
1662 result = gethostbyname("tls3");
1663 ASSERT_FALSE(result == nullptr);
1664 EXPECT_EQ("1.2.3.3", ToString(result));
Ken Chenb9fa2062018-11-13 21:51:13 +08001665}
1666
Ken Chenb9fa2062018-11-13 21:51:13 +08001667TEST_F(ResolverTest, GetHostByName_TlsFailover) {
Xiao Ma09b71022018-12-11 17:56:32 +09001668 constexpr char listen_addr1[] = "127.0.0.3";
1669 constexpr char listen_addr2[] = "127.0.0.4";
1670 constexpr char listen_udp[] = "53";
1671 constexpr char listen_tls[] = "853";
1672 constexpr char host_name1[] = "tlsfailover1.example.com.";
1673 constexpr char host_name2[] = "tlsfailover2.example.com.";
1674 const std::vector<DnsRecord> records1 = {
1675 {host_name1, ns_type::ns_t_a, "1.2.3.1"},
1676 {host_name2, ns_type::ns_t_a, "1.2.3.2"},
1677 };
1678 const std::vector<DnsRecord> records2 = {
1679 {host_name1, ns_type::ns_t_a, "1.2.3.3"},
1680 {host_name2, ns_type::ns_t_a, "1.2.3.4"},
1681 };
1682
1683 test::DNSResponder dns1(listen_addr1);
1684 test::DNSResponder dns2(listen_addr2);
1685 StartDns(dns1, records1);
1686 StartDns(dns2, records2);
1687
Luke Huangf8215372019-11-22 11:53:41 +08001688 std::vector<std::string> servers = {listen_addr1, listen_addr2};
Ken Chenb9fa2062018-11-13 21:51:13 +08001689
1690 test::DnsTlsFrontend tls1(listen_addr1, listen_tls, listen_addr1, listen_udp);
1691 test::DnsTlsFrontend tls2(listen_addr2, listen_tls, listen_addr2, listen_udp);
1692 ASSERT_TRUE(tls1.startServer());
1693 ASSERT_TRUE(tls2.startServer());
waynema0e73c2e2019-07-31 15:04:08 +08001694 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams,
1695 kDefaultPrivateDnsHostName));
Mike Yu724f77d2019-08-16 11:14:50 +08001696 EXPECT_TRUE(WaitForPrivateDnsValidation(tls1.listen_address(), true));
1697 EXPECT_TRUE(WaitForPrivateDnsValidation(tls2.listen_address(), true));
Ken Chenb9fa2062018-11-13 21:51:13 +08001698
Mike Yu724f77d2019-08-16 11:14:50 +08001699 const hostent* result = gethostbyname("tlsfailover1");
Ken Chenb9fa2062018-11-13 21:51:13 +08001700 ASSERT_FALSE(result == nullptr);
1701 EXPECT_EQ("1.2.3.1", ToString(result));
1702
1703 // Wait for query to get counted.
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09001704 EXPECT_TRUE(tls1.waitForQueries(2));
Ken Chenb9fa2062018-11-13 21:51:13 +08001705 // No new queries should have reached tls2.
Luke Huang3caa42b2020-04-23 14:18:04 +00001706 EXPECT_TRUE(tls2.waitForQueries(1));
Ken Chenb9fa2062018-11-13 21:51:13 +08001707
1708 // Stop tls1. Subsequent queries should attempt to reach tls1, fail, and retry to tls2.
1709 tls1.stopServer();
1710
1711 result = gethostbyname("tlsfailover2");
1712 EXPECT_EQ("1.2.3.4", ToString(result));
1713
1714 // Wait for query to get counted.
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09001715 EXPECT_TRUE(tls2.waitForQueries(2));
Ken Chenb9fa2062018-11-13 21:51:13 +08001716
1717 // No additional queries should have reached the insecure servers.
1718 EXPECT_EQ(2U, dns1.queries().size());
1719 EXPECT_EQ(2U, dns2.queries().size());
1720
1721 // Clear TLS bit.
Xiao Ma09b71022018-12-11 17:56:32 +09001722 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
Ken Chenb9fa2062018-11-13 21:51:13 +08001723}
1724
1725TEST_F(ResolverTest, GetHostByName_BadTlsName) {
Xiao Ma09b71022018-12-11 17:56:32 +09001726 constexpr char listen_addr[] = "127.0.0.3";
1727 constexpr char listen_udp[] = "53";
1728 constexpr char listen_tls[] = "853";
1729 constexpr char host_name[] = "badtlsname.example.com.";
1730
1731 test::DNSResponder dns;
1732 StartDns(dns, {{host_name, ns_type::ns_t_a, "1.2.3.1"}});
Luke Huangf8215372019-11-22 11:53:41 +08001733 std::vector<std::string> servers = {listen_addr};
Ken Chenb9fa2062018-11-13 21:51:13 +08001734
1735 test::DnsTlsFrontend tls(listen_addr, listen_tls, listen_addr, listen_udp);
1736 ASSERT_TRUE(tls.startServer());
Xiao Ma09b71022018-12-11 17:56:32 +09001737 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams,
waynema0e73c2e2019-07-31 15:04:08 +08001738 kDefaultIncorrectPrivateDnsHostName));
Ken Chenb9fa2062018-11-13 21:51:13 +08001739
waynema0e73c2e2019-07-31 15:04:08 +08001740 // The TLS handshake would fail because the name of TLS server doesn't
1741 // match with TLS server's certificate.
Mike Yu724f77d2019-08-16 11:14:50 +08001742 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), false));
Ken Chenb9fa2062018-11-13 21:51:13 +08001743
1744 // The query should fail hard, because a name was specified.
1745 EXPECT_EQ(nullptr, gethostbyname("badtlsname"));
1746
1747 // Clear TLS bit.
Xiao Ma09b71022018-12-11 17:56:32 +09001748 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +08001749}
1750
1751TEST_F(ResolverTest, GetAddrInfo_Tls) {
Xiao Ma09b71022018-12-11 17:56:32 +09001752 constexpr char listen_addr[] = "127.0.0.3";
1753 constexpr char listen_udp[] = "53";
1754 constexpr char listen_tls[] = "853";
1755 constexpr char host_name[] = "addrinfotls.example.com.";
1756 const std::vector<DnsRecord> records = {
1757 {host_name, ns_type::ns_t_a, "1.2.3.4"},
1758 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
1759 };
1760
1761 test::DNSResponder dns;
1762 StartDns(dns, records);
Luke Huangf8215372019-11-22 11:53:41 +08001763 std::vector<std::string> servers = {listen_addr};
Ken Chenb9fa2062018-11-13 21:51:13 +08001764
1765 test::DnsTlsFrontend tls(listen_addr, listen_tls, listen_addr, listen_udp);
1766 ASSERT_TRUE(tls.startServer());
waynema0e73c2e2019-07-31 15:04:08 +08001767 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams,
1768 kDefaultPrivateDnsHostName));
Mike Yu724f77d2019-08-16 11:14:50 +08001769 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
Ken Chenb9fa2062018-11-13 21:51:13 +08001770
1771 dns.clearQueries();
1772 ScopedAddrinfo result = safe_getaddrinfo("addrinfotls", nullptr, nullptr);
1773 EXPECT_TRUE(result != nullptr);
1774 size_t found = GetNumQueries(dns, host_name);
1775 EXPECT_LE(1U, found);
1776 // Could be A or AAAA
1777 std::string result_str = ToString(result);
1778 EXPECT_TRUE(result_str == "1.2.3.4" || result_str == "::1.2.3.4")
Luke Huangf8215372019-11-22 11:53:41 +08001779 << ", result_str='" << result_str << "'";
Ken Chenb9fa2062018-11-13 21:51:13 +08001780 // Wait for both A and AAAA queries to get counted.
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09001781 EXPECT_TRUE(tls.waitForQueries(3));
Ken Chenb9fa2062018-11-13 21:51:13 +08001782
1783 // Clear TLS bit.
Xiao Ma09b71022018-12-11 17:56:32 +09001784 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
Ken Chenb9fa2062018-11-13 21:51:13 +08001785}
1786
1787TEST_F(ResolverTest, TlsBypass) {
1788 const char OFF[] = "off";
1789 const char OPPORTUNISTIC[] = "opportunistic";
1790 const char STRICT[] = "strict";
1791
1792 const char GETHOSTBYNAME[] = "gethostbyname";
1793 const char GETADDRINFO[] = "getaddrinfo";
1794 const char GETADDRINFOFORNET[] = "getaddrinfofornet";
1795
1796 const unsigned BYPASS_NETID = NETID_USE_LOCAL_NAMESERVERS | TEST_NETID;
1797
Ken Chenb9fa2062018-11-13 21:51:13 +08001798 const char ADDR4[] = "192.0.2.1";
1799 const char ADDR6[] = "2001:db8::1";
1800
1801 const char cleartext_addr[] = "127.0.0.53";
1802 const char cleartext_port[] = "53";
1803 const char tls_port[] = "853";
Luke Huangf8215372019-11-22 11:53:41 +08001804 const std::vector<std::string> servers = {cleartext_addr};
Ken Chenb9fa2062018-11-13 21:51:13 +08001805
Xiao Ma09b71022018-12-11 17:56:32 +09001806 test::DNSResponder dns(cleartext_addr);
Ken Chenb9fa2062018-11-13 21:51:13 +08001807 ASSERT_TRUE(dns.startServer());
1808
1809 test::DnsTlsFrontend tls(cleartext_addr, tls_port, cleartext_addr, cleartext_port);
Mike Yudd4ac2d2019-05-31 16:52:11 +08001810 ASSERT_TRUE(tls.startServer());
Ken Chenb9fa2062018-11-13 21:51:13 +08001811
Luke Huangf8215372019-11-22 11:53:41 +08001812 // clang-format off
Ken Chenb9fa2062018-11-13 21:51:13 +08001813 struct TestConfig {
1814 const std::string mode;
1815 const bool withWorkingTLS;
1816 const std::string method;
1817
1818 std::string asHostName() const {
Luke Huangf8215372019-11-22 11:53:41 +08001819 return StringPrintf("%s.%s.%s.", mode.c_str(), withWorkingTLS ? "tlsOn" : "tlsOff",
Ken Chenb9fa2062018-11-13 21:51:13 +08001820 method.c_str());
1821 }
1822 } testConfigs[]{
Ken Chenb9fa2062018-11-13 21:51:13 +08001823 {OFF, true, GETHOSTBYNAME},
1824 {OPPORTUNISTIC, true, GETHOSTBYNAME},
1825 {STRICT, true, GETHOSTBYNAME},
Ken Chenb9fa2062018-11-13 21:51:13 +08001826 {OFF, true, GETADDRINFO},
1827 {OPPORTUNISTIC, true, GETADDRINFO},
1828 {STRICT, true, GETADDRINFO},
Ken Chenb9fa2062018-11-13 21:51:13 +08001829 {OFF, true, GETADDRINFOFORNET},
1830 {OPPORTUNISTIC, true, GETADDRINFOFORNET},
1831 {STRICT, true, GETADDRINFOFORNET},
Mike Yudd4ac2d2019-05-31 16:52:11 +08001832 {OFF, false, GETHOSTBYNAME},
1833 {OPPORTUNISTIC, false, GETHOSTBYNAME},
1834 {STRICT, false, GETHOSTBYNAME},
1835 {OFF, false, GETADDRINFO},
1836 {OPPORTUNISTIC, false, GETADDRINFO},
1837 {STRICT, false, GETADDRINFO},
1838 {OFF, false, GETADDRINFOFORNET},
1839 {OPPORTUNISTIC, false, GETADDRINFOFORNET},
1840 {STRICT, false, GETADDRINFOFORNET},
Ken Chenb9fa2062018-11-13 21:51:13 +08001841 };
Luke Huangf8215372019-11-22 11:53:41 +08001842 // clang-format on
Ken Chenb9fa2062018-11-13 21:51:13 +08001843
1844 for (const auto& config : testConfigs) {
1845 const std::string testHostName = config.asHostName();
1846 SCOPED_TRACE(testHostName);
1847
1848 // Don't tempt test bugs due to caching.
1849 const char* host_name = testHostName.c_str();
1850 dns.addMapping(host_name, ns_type::ns_t_a, ADDR4);
1851 dns.addMapping(host_name, ns_type::ns_t_aaaa, ADDR6);
1852
Mike Yudd4ac2d2019-05-31 16:52:11 +08001853 if (config.withWorkingTLS) {
1854 if (!tls.running()) {
1855 ASSERT_TRUE(tls.startServer());
1856 }
1857 } else {
1858 if (tls.running()) {
1859 ASSERT_TRUE(tls.stopServer());
1860 }
1861 }
Ken Chenb9fa2062018-11-13 21:51:13 +08001862
1863 if (config.mode == OFF) {
Xiao Ma09b71022018-12-11 17:56:32 +09001864 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers, kDefaultSearchDomains,
1865 kDefaultParams));
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09001866 } else /* OPPORTUNISTIC or STRICT */ {
1867 const char* tls_hostname = (config.mode == STRICT) ? kDefaultPrivateDnsHostName : "";
Xiao Ma09b71022018-12-11 17:56:32 +09001868 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains,
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09001869 kDefaultParams, tls_hostname));
Mike Yu724f77d2019-08-16 11:14:50 +08001870
1871 // Wait for the validation event. If the server is running, the validation should
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09001872 // succeed; otherwise, the validation should fail.
Mike Yu724f77d2019-08-16 11:14:50 +08001873 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), config.withWorkingTLS));
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09001874 if (config.withWorkingTLS) {
1875 EXPECT_TRUE(tls.waitForQueries(1));
1876 tls.clearQueries();
1877 }
Ken Chenb9fa2062018-11-13 21:51:13 +08001878 }
Ken Chenb9fa2062018-11-13 21:51:13 +08001879
1880 const hostent* h_result = nullptr;
1881 ScopedAddrinfo ai_result;
1882
1883 if (config.method == GETHOSTBYNAME) {
1884 ASSERT_EQ(0, setNetworkForResolv(BYPASS_NETID));
1885 h_result = gethostbyname(host_name);
1886
1887 EXPECT_EQ(1U, GetNumQueriesForType(dns, ns_type::ns_t_a, host_name));
1888 ASSERT_FALSE(h_result == nullptr);
1889 ASSERT_EQ(4, h_result->h_length);
1890 ASSERT_FALSE(h_result->h_addr_list[0] == nullptr);
1891 EXPECT_EQ(ADDR4, ToString(h_result));
1892 EXPECT_TRUE(h_result->h_addr_list[1] == nullptr);
1893 } else if (config.method == GETADDRINFO) {
1894 ASSERT_EQ(0, setNetworkForResolv(BYPASS_NETID));
1895 ai_result = safe_getaddrinfo(host_name, nullptr, nullptr);
1896 EXPECT_TRUE(ai_result != nullptr);
1897
1898 EXPECT_LE(1U, GetNumQueries(dns, host_name));
1899 // Could be A or AAAA
1900 const std::string result_str = ToString(ai_result);
1901 EXPECT_TRUE(result_str == ADDR4 || result_str == ADDR6)
Luke Huangf8215372019-11-22 11:53:41 +08001902 << ", result_str='" << result_str << "'";
Ken Chenb9fa2062018-11-13 21:51:13 +08001903 } else if (config.method == GETADDRINFOFORNET) {
1904 addrinfo* raw_ai_result = nullptr;
1905 EXPECT_EQ(0, android_getaddrinfofornet(host_name, /*servname=*/nullptr,
1906 /*hints=*/nullptr, BYPASS_NETID, MARK_UNSET,
1907 &raw_ai_result));
1908 ai_result.reset(raw_ai_result);
1909
1910 EXPECT_LE(1U, GetNumQueries(dns, host_name));
1911 // Could be A or AAAA
1912 const std::string result_str = ToString(ai_result);
1913 EXPECT_TRUE(result_str == ADDR4 || result_str == ADDR6)
Luke Huangf8215372019-11-22 11:53:41 +08001914 << ", result_str='" << result_str << "'";
Ken Chenb9fa2062018-11-13 21:51:13 +08001915 }
1916
Mike Yudd4ac2d2019-05-31 16:52:11 +08001917 EXPECT_EQ(0, tls.queries());
Ken Chenb9fa2062018-11-13 21:51:13 +08001918
1919 // Clear per-process resolv netid.
1920 ASSERT_EQ(0, setNetworkForResolv(NETID_UNSET));
Ken Chenb9fa2062018-11-13 21:51:13 +08001921 dns.clearQueries();
1922 }
Ken Chenb9fa2062018-11-13 21:51:13 +08001923}
1924
1925TEST_F(ResolverTest, StrictMode_NoTlsServers) {
Xiao Ma09b71022018-12-11 17:56:32 +09001926 constexpr char cleartext_addr[] = "127.0.0.53";
Luke Huangf8215372019-11-22 11:53:41 +08001927 const std::vector<std::string> servers = {cleartext_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09001928 constexpr char host_name[] = "strictmode.notlsips.example.com.";
1929 const std::vector<DnsRecord> records = {
1930 {host_name, ns_type::ns_t_a, "1.2.3.4"},
1931 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
1932 };
Ken Chenb9fa2062018-11-13 21:51:13 +08001933
Xiao Ma09b71022018-12-11 17:56:32 +09001934 test::DNSResponder dns(cleartext_addr);
1935 StartDns(dns, records);
Ken Chenb9fa2062018-11-13 21:51:13 +08001936
waynema0e73c2e2019-07-31 15:04:08 +08001937 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams,
1938 kDefaultIncorrectPrivateDnsHostName));
Ken Chenb9fa2062018-11-13 21:51:13 +08001939
1940 addrinfo* ai_result = nullptr;
1941 EXPECT_NE(0, getaddrinfo(host_name, nullptr, nullptr, &ai_result));
1942 EXPECT_EQ(0U, GetNumQueries(dns, host_name));
1943}
Luke Huang94b10b92018-11-21 20:13:38 +08001944
1945namespace {
1946
Luke Huang70931aa2019-01-31 11:57:41 +08001947int getAsyncResponse(int fd, int* rcode, uint8_t* buf, int bufLen) {
Luke Huang94b10b92018-11-21 20:13:38 +08001948 struct pollfd wait_fd[1];
1949 wait_fd[0].fd = fd;
1950 wait_fd[0].events = POLLIN;
1951 short revents;
1952 int ret;
1953
1954 ret = poll(wait_fd, 1, -1);
1955 revents = wait_fd[0].revents;
1956 if (revents & POLLIN) {
1957 int n = resNetworkResult(fd, rcode, buf, bufLen);
Luke Huangba7bef92018-12-26 16:53:03 +08001958 // Verify that resNetworkResult() closed the fd
1959 char dummy;
1960 EXPECT_EQ(-1, read(fd, &dummy, sizeof dummy));
1961 EXPECT_EQ(EBADF, errno);
Luke Huang94b10b92018-11-21 20:13:38 +08001962 return n;
1963 }
1964 return -1;
1965}
1966
Luke Huang70931aa2019-01-31 11:57:41 +08001967std::string toString(uint8_t* buf, int bufLen, int ipType) {
Luke Huang94b10b92018-11-21 20:13:38 +08001968 ns_msg handle;
1969 int ancount, n = 0;
1970 ns_rr rr;
1971
Luke Huangf8215372019-11-22 11:53:41 +08001972 if (ns_initparse((const uint8_t*)buf, bufLen, &handle) >= 0) {
Luke Huang94b10b92018-11-21 20:13:38 +08001973 ancount = ns_msg_count(handle, ns_s_an);
1974 if (ns_parserr(&handle, ns_s_an, n, &rr) == 0) {
Luke Huang70931aa2019-01-31 11:57:41 +08001975 const uint8_t* rdata = ns_rr_rdata(rr);
Luke Huang94b10b92018-11-21 20:13:38 +08001976 char buffer[INET6_ADDRSTRLEN];
Luke Huangf8215372019-11-22 11:53:41 +08001977 if (inet_ntop(ipType, (const char*)rdata, buffer, sizeof(buffer))) {
Luke Huang94b10b92018-11-21 20:13:38 +08001978 return buffer;
1979 }
1980 }
1981 }
1982 return "";
1983}
1984
1985int dns_open_proxy() {
1986 int s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
1987 if (s == -1) {
1988 return -1;
1989 }
1990 const int one = 1;
1991 setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1992
1993 static const struct sockaddr_un proxy_addr = {
1994 .sun_family = AF_UNIX,
1995 .sun_path = "/dev/socket/dnsproxyd",
1996 };
1997
Luke Huangf8215372019-11-22 11:53:41 +08001998 if (TEMP_FAILURE_RETRY(connect(s, (const struct sockaddr*)&proxy_addr, sizeof(proxy_addr))) !=
Luke Huang94b10b92018-11-21 20:13:38 +08001999 0) {
2000 close(s);
2001 return -1;
2002 }
2003
2004 return s;
2005}
2006
Luke Huangba7bef92018-12-26 16:53:03 +08002007void expectAnswersValid(int fd, int ipType, const std::string& expectedAnswer) {
2008 int rcode = -1;
2009 uint8_t buf[MAXPACKET] = {};
2010
2011 int res = getAsyncResponse(fd, &rcode, buf, MAXPACKET);
2012 EXPECT_GT(res, 0);
2013 EXPECT_EQ(expectedAnswer, toString(buf, res, ipType));
2014}
2015
2016void expectAnswersNotValid(int fd, int expectedErrno) {
2017 int rcode = -1;
2018 uint8_t buf[MAXPACKET] = {};
2019
2020 int res = getAsyncResponse(fd, &rcode, buf, MAXPACKET);
2021 EXPECT_EQ(expectedErrno, res);
2022}
2023
Luke Huang94b10b92018-11-21 20:13:38 +08002024} // namespace
2025
2026TEST_F(ResolverTest, Async_NormalQueryV4V6) {
Xiao Ma09b71022018-12-11 17:56:32 +09002027 constexpr char listen_addr[] = "127.0.0.4";
2028 constexpr char host_name[] = "howdy.example.com.";
2029 const std::vector<DnsRecord> records = {
2030 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2031 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
2032 };
2033
2034 test::DNSResponder dns(listen_addr);
2035 StartDns(dns, records);
Luke Huang94b10b92018-11-21 20:13:38 +08002036 std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002037 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
Luke Huang94b10b92018-11-21 20:13:38 +08002038
Luke Huangba7bef92018-12-26 16:53:03 +08002039 int fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
2040 int fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa, 0);
Luke Huang94b10b92018-11-21 20:13:38 +08002041 EXPECT_TRUE(fd1 != -1);
2042 EXPECT_TRUE(fd2 != -1);
2043
Luke Huang70931aa2019-01-31 11:57:41 +08002044 uint8_t buf[MAXPACKET] = {};
Luke Huang94b10b92018-11-21 20:13:38 +08002045 int rcode;
2046 int res = getAsyncResponse(fd2, &rcode, buf, MAXPACKET);
2047 EXPECT_GT(res, 0);
2048 EXPECT_EQ("::1.2.3.4", toString(buf, res, AF_INET6));
2049
2050 res = getAsyncResponse(fd1, &rcode, buf, MAXPACKET);
2051 EXPECT_GT(res, 0);
2052 EXPECT_EQ("1.2.3.4", toString(buf, res, AF_INET));
2053
2054 EXPECT_EQ(2U, GetNumQueries(dns, host_name));
2055
2056 // Re-query verify cache works
Luke Huangba7bef92018-12-26 16:53:03 +08002057 fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
2058 fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa, 0);
Luke Huang94b10b92018-11-21 20:13:38 +08002059
2060 EXPECT_TRUE(fd1 != -1);
2061 EXPECT_TRUE(fd2 != -1);
2062
2063 res = getAsyncResponse(fd2, &rcode, buf, MAXPACKET);
2064 EXPECT_GT(res, 0);
2065 EXPECT_EQ("::1.2.3.4", toString(buf, res, AF_INET6));
2066
2067 res = getAsyncResponse(fd1, &rcode, buf, MAXPACKET);
2068 EXPECT_GT(res, 0);
2069 EXPECT_EQ("1.2.3.4", toString(buf, res, AF_INET));
2070
2071 EXPECT_EQ(2U, GetNumQueries(dns, host_name));
2072}
2073
2074TEST_F(ResolverTest, Async_BadQuery) {
Xiao Ma09b71022018-12-11 17:56:32 +09002075 constexpr char listen_addr[] = "127.0.0.4";
2076 constexpr char host_name[] = "howdy.example.com.";
2077 const std::vector<DnsRecord> records = {
2078 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2079 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
2080 };
2081
2082 test::DNSResponder dns(listen_addr);
2083 StartDns(dns, records);
Luke Huang94b10b92018-11-21 20:13:38 +08002084 std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002085 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
Luke Huang94b10b92018-11-21 20:13:38 +08002086
2087 static struct {
2088 int fd;
2089 const char* dname;
2090 const int queryType;
2091 const int expectRcode;
2092 } kTestData[] = {
Luke Huangba7bef92018-12-26 16:53:03 +08002093 {-1, "", ns_t_aaaa, 0},
2094 {-1, "as65ass46", ns_t_aaaa, 0},
2095 {-1, "454564564564", ns_t_aaaa, 0},
2096 {-1, "h645235", ns_t_a, 0},
2097 {-1, "www.google.com", ns_t_a, 0},
Luke Huang94b10b92018-11-21 20:13:38 +08002098 };
2099
2100 for (auto& td : kTestData) {
2101 SCOPED_TRACE(td.dname);
Luke Huangba7bef92018-12-26 16:53:03 +08002102 td.fd = resNetworkQuery(TEST_NETID, td.dname, ns_c_in, td.queryType, 0);
Luke Huang94b10b92018-11-21 20:13:38 +08002103 EXPECT_TRUE(td.fd != -1);
2104 }
2105
2106 // dns_responder return empty resp(packet only contains query part) with no error currently
2107 for (const auto& td : kTestData) {
Luke Huang70931aa2019-01-31 11:57:41 +08002108 uint8_t buf[MAXPACKET] = {};
Luke Huang94b10b92018-11-21 20:13:38 +08002109 int rcode;
2110 SCOPED_TRACE(td.dname);
2111 int res = getAsyncResponse(td.fd, &rcode, buf, MAXPACKET);
2112 EXPECT_GT(res, 0);
2113 EXPECT_EQ(rcode, td.expectRcode);
2114 }
2115}
2116
2117TEST_F(ResolverTest, Async_EmptyAnswer) {
Xiao Ma09b71022018-12-11 17:56:32 +09002118 constexpr char listen_addr[] = "127.0.0.4";
2119 constexpr char host_name[] = "howdy.example.com.";
2120 const std::vector<DnsRecord> records = {
2121 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2122 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
2123 };
2124
2125 test::DNSResponder dns(listen_addr);
2126 StartDns(dns, records);
Luke Huang94b10b92018-11-21 20:13:38 +08002127 std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002128 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
Luke Huang94b10b92018-11-21 20:13:38 +08002129
Luke Huang9c264bb2018-12-18 16:44:41 +08002130 // TODO: Disable retry to make this test explicit.
2131 auto& cv = dns.getCv();
2132 auto& cvMutex = dns.getCvMutex();
2133 int fd1;
2134 // Wait on the condition variable to ensure that the DNS server has handled our first query.
2135 {
2136 std::unique_lock lk(cvMutex);
Luke Huangba7bef92018-12-26 16:53:03 +08002137 fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa, 0);
Luke Huang9c264bb2018-12-18 16:44:41 +08002138 EXPECT_TRUE(fd1 != -1);
2139 EXPECT_EQ(std::cv_status::no_timeout, cv.wait_for(lk, std::chrono::seconds(1)));
2140 }
Luke Huang94b10b92018-11-21 20:13:38 +08002141
Luke Huang94b10b92018-11-21 20:13:38 +08002142 dns.setResponseProbability(0.0);
Luke Huang94b10b92018-11-21 20:13:38 +08002143
Luke Huangba7bef92018-12-26 16:53:03 +08002144 int fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
Luke Huang94b10b92018-11-21 20:13:38 +08002145 EXPECT_TRUE(fd2 != -1);
2146
Luke Huangba7bef92018-12-26 16:53:03 +08002147 int fd3 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
Luke Huang94b10b92018-11-21 20:13:38 +08002148 EXPECT_TRUE(fd3 != -1);
2149
Luke Huang9c264bb2018-12-18 16:44:41 +08002150 uint8_t buf[MAXPACKET] = {};
Luke Huang94b10b92018-11-21 20:13:38 +08002151 int rcode;
2152
Luke Huang9c264bb2018-12-18 16:44:41 +08002153 // expect no response
2154 int res = getAsyncResponse(fd3, &rcode, buf, MAXPACKET);
2155 EXPECT_EQ(-ETIMEDOUT, res);
Luke Huang94b10b92018-11-21 20:13:38 +08002156
Luke Huang9c264bb2018-12-18 16:44:41 +08002157 // expect no response
Luke Huang94b10b92018-11-21 20:13:38 +08002158 memset(buf, 0, MAXPACKET);
Luke Huang9c264bb2018-12-18 16:44:41 +08002159 res = getAsyncResponse(fd2, &rcode, buf, MAXPACKET);
2160 EXPECT_EQ(-ETIMEDOUT, res);
Luke Huang94b10b92018-11-21 20:13:38 +08002161
Luke Huang94b10b92018-11-21 20:13:38 +08002162 dns.setResponseProbability(1.0);
Luke Huang94b10b92018-11-21 20:13:38 +08002163
Luke Huangba7bef92018-12-26 16:53:03 +08002164 int fd4 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
Luke Huang94b10b92018-11-21 20:13:38 +08002165 EXPECT_TRUE(fd4 != -1);
2166
2167 memset(buf, 0, MAXPACKET);
2168 res = getAsyncResponse(fd4, &rcode, buf, MAXPACKET);
2169 EXPECT_GT(res, 0);
2170 EXPECT_EQ("1.2.3.4", toString(buf, res, AF_INET));
2171
2172 memset(buf, 0, MAXPACKET);
2173 res = getAsyncResponse(fd1, &rcode, buf, MAXPACKET);
2174 EXPECT_GT(res, 0);
2175 EXPECT_EQ("::1.2.3.4", toString(buf, res, AF_INET6));
2176}
2177
2178TEST_F(ResolverTest, Async_MalformedQuery) {
Xiao Ma09b71022018-12-11 17:56:32 +09002179 constexpr char listen_addr[] = "127.0.0.4";
2180 constexpr char host_name[] = "howdy.example.com.";
2181 const std::vector<DnsRecord> records = {
2182 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2183 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
2184 };
2185
2186 test::DNSResponder dns(listen_addr);
2187 StartDns(dns, records);
Luke Huang94b10b92018-11-21 20:13:38 +08002188 std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002189 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
Luke Huang94b10b92018-11-21 20:13:38 +08002190
2191 int fd = dns_open_proxy();
2192 EXPECT_TRUE(fd > 0);
2193
2194 const std::string badMsg = "16-52512#";
Xiao Ma09b71022018-12-11 17:56:32 +09002195 static const struct {
Luke Huang94b10b92018-11-21 20:13:38 +08002196 const std::string cmd;
2197 const int expectErr;
2198 } kTestData[] = {
Luke Huangba7bef92018-12-26 16:53:03 +08002199 // Too few arguments
Luke Huang94b10b92018-11-21 20:13:38 +08002200 {"resnsend " + badMsg + '\0', -EINVAL},
2201 // Bad netId
Luke Huangba7bef92018-12-26 16:53:03 +08002202 {"resnsend badnetId 0 " + badMsg + '\0', -EINVAL},
Luke Huang94b10b92018-11-21 20:13:38 +08002203 // Bad raw data
Luke Huangba7bef92018-12-26 16:53:03 +08002204 {"resnsend " + std::to_string(TEST_NETID) + " 0 " + badMsg + '\0', -EILSEQ},
Luke Huang94b10b92018-11-21 20:13:38 +08002205 };
2206
2207 for (unsigned int i = 0; i < std::size(kTestData); i++) {
2208 auto& td = kTestData[i];
2209 SCOPED_TRACE(td.cmd);
2210 ssize_t rc = TEMP_FAILURE_RETRY(write(fd, td.cmd.c_str(), td.cmd.size()));
2211 EXPECT_EQ(rc, static_cast<ssize_t>(td.cmd.size()));
2212
2213 int32_t tmp;
2214 rc = TEMP_FAILURE_RETRY(read(fd, &tmp, sizeof(tmp)));
2215 EXPECT_TRUE(rc > 0);
2216 EXPECT_EQ(static_cast<int>(ntohl(tmp)), td.expectErr);
2217 }
2218 // Normal query with answer buffer
2219 // This is raw data of query "howdy.example.com" type 1 class 1
2220 std::string query = "81sBAAABAAAAAAAABWhvd2R5B2V4YW1wbGUDY29tAAABAAE=";
Luke Huangba7bef92018-12-26 16:53:03 +08002221 std::string cmd = "resnsend " + std::to_string(TEST_NETID) + " 0 " + query + '\0';
Luke Huang94b10b92018-11-21 20:13:38 +08002222 ssize_t rc = TEMP_FAILURE_RETRY(write(fd, cmd.c_str(), cmd.size()));
2223 EXPECT_EQ(rc, static_cast<ssize_t>(cmd.size()));
2224
Luke Huang70931aa2019-01-31 11:57:41 +08002225 uint8_t smallBuf[1] = {};
Luke Huang94b10b92018-11-21 20:13:38 +08002226 int rcode;
2227 rc = getAsyncResponse(fd, &rcode, smallBuf, 1);
Luke Huangba7bef92018-12-26 16:53:03 +08002228 EXPECT_EQ(-EMSGSIZE, rc);
Luke Huang94b10b92018-11-21 20:13:38 +08002229
2230 // Do the normal test with large buffer again
2231 fd = dns_open_proxy();
2232 EXPECT_TRUE(fd > 0);
2233 rc = TEMP_FAILURE_RETRY(write(fd, cmd.c_str(), cmd.size()));
2234 EXPECT_EQ(rc, static_cast<ssize_t>(cmd.size()));
Luke Huang70931aa2019-01-31 11:57:41 +08002235 uint8_t buf[MAXPACKET] = {};
Luke Huang94b10b92018-11-21 20:13:38 +08002236 rc = getAsyncResponse(fd, &rcode, buf, MAXPACKET);
2237 EXPECT_EQ("1.2.3.4", toString(buf, rc, AF_INET));
Mike Yu4f3747b2018-12-02 17:54:29 +09002238}
2239
Luke Huangba7bef92018-12-26 16:53:03 +08002240TEST_F(ResolverTest, Async_CacheFlags) {
Xiao Ma09b71022018-12-11 17:56:32 +09002241 constexpr char listen_addr[] = "127.0.0.4";
2242 constexpr char host_name[] = "howdy.example.com.";
Luke Huang40f5f492019-05-09 19:37:35 +08002243 constexpr char another_host_name[] = "howdy.example2.com.";
Xiao Ma09b71022018-12-11 17:56:32 +09002244 const std::vector<DnsRecord> records = {
2245 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2246 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
Luke Huang40f5f492019-05-09 19:37:35 +08002247 {another_host_name, ns_type::ns_t_a, "1.2.3.5"},
2248 {another_host_name, ns_type::ns_t_aaaa, "::1.2.3.5"},
Xiao Ma09b71022018-12-11 17:56:32 +09002249 };
2250
2251 test::DNSResponder dns(listen_addr);
2252 StartDns(dns, records);
Luke Huangba7bef92018-12-26 16:53:03 +08002253 std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002254 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
Luke Huangba7bef92018-12-26 16:53:03 +08002255
2256 // ANDROID_RESOLV_NO_CACHE_STORE
2257 int fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a,
2258 ANDROID_RESOLV_NO_CACHE_STORE);
2259 EXPECT_TRUE(fd1 != -1);
2260 int fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a,
2261 ANDROID_RESOLV_NO_CACHE_STORE);
2262 EXPECT_TRUE(fd2 != -1);
2263 int fd3 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a,
2264 ANDROID_RESOLV_NO_CACHE_STORE);
2265 EXPECT_TRUE(fd3 != -1);
2266
2267 expectAnswersValid(fd3, AF_INET, "1.2.3.4");
2268 expectAnswersValid(fd2, AF_INET, "1.2.3.4");
2269 expectAnswersValid(fd1, AF_INET, "1.2.3.4");
2270
2271 // No cache exists, expect 3 queries
2272 EXPECT_EQ(3U, GetNumQueries(dns, host_name));
2273
2274 // Re-query and cache
2275 fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
2276
2277 EXPECT_TRUE(fd1 != -1);
2278
2279 expectAnswersValid(fd1, AF_INET, "1.2.3.4");
2280
2281 // Now we have cache, expect 4 queries
2282 EXPECT_EQ(4U, GetNumQueries(dns, host_name));
2283
2284 // ANDROID_RESOLV_NO_CACHE_LOOKUP
2285 fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a,
2286 ANDROID_RESOLV_NO_CACHE_LOOKUP);
2287 fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a,
2288 ANDROID_RESOLV_NO_CACHE_LOOKUP);
2289
2290 EXPECT_TRUE(fd1 != -1);
2291 EXPECT_TRUE(fd2 != -1);
2292
2293 expectAnswersValid(fd2, AF_INET, "1.2.3.4");
2294 expectAnswersValid(fd1, AF_INET, "1.2.3.4");
2295
2296 // Skip cache, expect 6 queries
2297 EXPECT_EQ(6U, GetNumQueries(dns, host_name));
2298
2299 // Re-query verify cache works
2300 fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a,
2301 ANDROID_RESOLV_NO_CACHE_STORE);
2302 EXPECT_TRUE(fd1 != -1);
2303 expectAnswersValid(fd1, AF_INET, "1.2.3.4");
2304
2305 // Cache hits, expect still 6 queries
2306 EXPECT_EQ(6U, GetNumQueries(dns, host_name));
Luke Huanga1d74182019-03-19 17:30:36 +08002307
2308 // Start to verify if ANDROID_RESOLV_NO_CACHE_LOOKUP does write response into cache
2309 dns.clearQueries();
2310
2311 fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa,
2312 ANDROID_RESOLV_NO_CACHE_LOOKUP);
2313 fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa,
2314 ANDROID_RESOLV_NO_CACHE_LOOKUP);
2315
2316 EXPECT_TRUE(fd1 != -1);
2317 EXPECT_TRUE(fd2 != -1);
2318
2319 expectAnswersValid(fd2, AF_INET6, "::1.2.3.4");
2320 expectAnswersValid(fd1, AF_INET6, "::1.2.3.4");
2321
2322 // Skip cache, expect 2 queries
2323 EXPECT_EQ(2U, GetNumQueries(dns, host_name));
2324
2325 // Re-query without flags
2326 fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa, 0);
2327 fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa, 0);
2328
2329 EXPECT_TRUE(fd1 != -1);
2330 EXPECT_TRUE(fd2 != -1);
2331
2332 expectAnswersValid(fd2, AF_INET6, "::1.2.3.4");
2333 expectAnswersValid(fd1, AF_INET6, "::1.2.3.4");
2334
2335 // Cache hits, expect still 2 queries
2336 EXPECT_EQ(2U, GetNumQueries(dns, host_name));
Luke Huang40f5f492019-05-09 19:37:35 +08002337
2338 // Test both ANDROID_RESOLV_NO_CACHE_STORE and ANDROID_RESOLV_NO_CACHE_LOOKUP are set
2339 dns.clearQueries();
2340
2341 // Make sure that the cache of "howdy.example2.com" exists.
2342 fd1 = resNetworkQuery(TEST_NETID, "howdy.example2.com", ns_c_in, ns_t_aaaa, 0);
2343 EXPECT_TRUE(fd1 != -1);
2344 expectAnswersValid(fd1, AF_INET6, "::1.2.3.5");
2345 EXPECT_EQ(1U, GetNumQueries(dns, another_host_name));
2346
2347 // Re-query with testFlags
2348 const int testFlag = ANDROID_RESOLV_NO_CACHE_STORE | ANDROID_RESOLV_NO_CACHE_LOOKUP;
2349 fd1 = resNetworkQuery(TEST_NETID, "howdy.example2.com", ns_c_in, ns_t_aaaa, testFlag);
2350 EXPECT_TRUE(fd1 != -1);
2351 expectAnswersValid(fd1, AF_INET6, "::1.2.3.5");
2352 // Expect cache lookup is skipped.
2353 EXPECT_EQ(2U, GetNumQueries(dns, another_host_name));
2354
2355 // Do another query with testFlags
2356 fd1 = resNetworkQuery(TEST_NETID, "howdy.example2.com", ns_c_in, ns_t_a, testFlag);
2357 EXPECT_TRUE(fd1 != -1);
2358 expectAnswersValid(fd1, AF_INET, "1.2.3.5");
2359 // Expect cache lookup is skipped.
2360 EXPECT_EQ(3U, GetNumQueries(dns, another_host_name));
2361
2362 // Re-query with no flags
2363 fd1 = resNetworkQuery(TEST_NETID, "howdy.example2.com", ns_c_in, ns_t_a, 0);
2364 EXPECT_TRUE(fd1 != -1);
2365 expectAnswersValid(fd1, AF_INET, "1.2.3.5");
2366 // Expect no cache hit because cache storing is also skipped in previous query.
2367 EXPECT_EQ(4U, GetNumQueries(dns, another_host_name));
Luke Huangba7bef92018-12-26 16:53:03 +08002368}
2369
Luke Huang08b13d22020-02-05 14:46:21 +08002370TEST_F(ResolverTest, Async_NoCacheStoreFlagDoesNotRefreshStaleCacheEntry) {
2371 constexpr char listen_addr[] = "127.0.0.4";
2372 constexpr char host_name[] = "howdy.example.com.";
2373 const std::vector<DnsRecord> records = {
2374 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2375 };
2376
2377 test::DNSResponder dns(listen_addr);
2378 StartDns(dns, records);
2379 std::vector<std::string> servers = {listen_addr};
2380 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
2381
2382 const unsigned SHORT_TTL_SEC = 1;
2383 dns.setTtl(SHORT_TTL_SEC);
2384
2385 // Refer to b/148842821 for the purpose of below test steps.
2386 // Basically, this test is used to ensure stale cache case is handled
2387 // correctly with ANDROID_RESOLV_NO_CACHE_STORE.
2388 int fd = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
2389 EXPECT_TRUE(fd != -1);
2390 expectAnswersValid(fd, AF_INET, "1.2.3.4");
2391
2392 EXPECT_EQ(1U, GetNumQueries(dns, host_name));
2393 dns.clearQueries();
2394
2395 // Wait until cache expired
2396 sleep(SHORT_TTL_SEC + 0.5);
2397
2398 // Now request the same hostname again.
2399 // We should see a new DNS query because the entry in cache has become stale.
2400 // Due to ANDROID_RESOLV_NO_CACHE_STORE, this query must *not* refresh that stale entry.
2401 fd = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a,
2402 ANDROID_RESOLV_NO_CACHE_STORE);
2403 EXPECT_TRUE(fd != -1);
2404 expectAnswersValid(fd, AF_INET, "1.2.3.4");
2405 EXPECT_EQ(1U, GetNumQueries(dns, host_name));
2406 dns.clearQueries();
2407
2408 // If the cache is still stale, we expect to see one more DNS query
2409 // (this time the cache will be refreshed, but we're not checking for it).
2410 fd = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
2411 EXPECT_TRUE(fd != -1);
2412 expectAnswersValid(fd, AF_INET, "1.2.3.4");
2413 EXPECT_EQ(1U, GetNumQueries(dns, host_name));
2414}
2415
Luke Huangba7bef92018-12-26 16:53:03 +08002416TEST_F(ResolverTest, Async_NoRetryFlag) {
Luke Huang70931aa2019-01-31 11:57:41 +08002417 constexpr char listen_addr0[] = "127.0.0.4";
2418 constexpr char listen_addr1[] = "127.0.0.6";
Xiao Ma09b71022018-12-11 17:56:32 +09002419 constexpr char host_name[] = "howdy.example.com.";
2420 const std::vector<DnsRecord> records = {
2421 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2422 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
2423 };
2424
Luke Huang70931aa2019-01-31 11:57:41 +08002425 test::DNSResponder dns0(listen_addr0);
2426 test::DNSResponder dns1(listen_addr1);
2427 StartDns(dns0, records);
2428 StartDns(dns1, records);
2429 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr0, listen_addr1}));
Luke Huangba7bef92018-12-26 16:53:03 +08002430
Luke Huang70931aa2019-01-31 11:57:41 +08002431 dns0.clearQueries();
2432 dns1.clearQueries();
2433
2434 dns0.setResponseProbability(0.0);
2435 dns1.setResponseProbability(0.0);
Luke Huangba7bef92018-12-26 16:53:03 +08002436
2437 int fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a,
2438 ANDROID_RESOLV_NO_RETRY);
2439 EXPECT_TRUE(fd1 != -1);
2440
2441 int fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa,
2442 ANDROID_RESOLV_NO_RETRY);
2443 EXPECT_TRUE(fd2 != -1);
2444
2445 // expect no response
2446 expectAnswersNotValid(fd1, -ETIMEDOUT);
2447 expectAnswersNotValid(fd2, -ETIMEDOUT);
2448
Luke Huang70931aa2019-01-31 11:57:41 +08002449 // No retry case, expect total 2 queries. The server is selected randomly.
2450 EXPECT_EQ(2U, GetNumQueries(dns0, host_name) + GetNumQueries(dns1, host_name));
Luke Huangba7bef92018-12-26 16:53:03 +08002451
Luke Huang70931aa2019-01-31 11:57:41 +08002452 dns0.clearQueries();
2453 dns1.clearQueries();
Luke Huangba7bef92018-12-26 16:53:03 +08002454
2455 fd1 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_a, 0);
2456 EXPECT_TRUE(fd1 != -1);
2457
2458 fd2 = resNetworkQuery(TEST_NETID, "howdy.example.com", ns_c_in, ns_t_aaaa, 0);
2459 EXPECT_TRUE(fd2 != -1);
2460
2461 // expect no response
2462 expectAnswersNotValid(fd1, -ETIMEDOUT);
2463 expectAnswersNotValid(fd2, -ETIMEDOUT);
2464
2465 // Retry case, expect 4 queries
Luke Huang70931aa2019-01-31 11:57:41 +08002466 EXPECT_EQ(4U, GetNumQueries(dns0, host_name));
2467 EXPECT_EQ(4U, GetNumQueries(dns1, host_name));
2468}
2469
2470TEST_F(ResolverTest, Async_VerifyQueryID) {
2471 constexpr char listen_addr[] = "127.0.0.4";
2472 constexpr char host_name[] = "howdy.example.com.";
2473 const std::vector<DnsRecord> records = {
2474 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2475 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
2476 };
2477
2478 test::DNSResponder dns(listen_addr);
2479 StartDns(dns, records);
2480 std::vector<std::string> servers = {listen_addr};
2481 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
2482
2483 const uint8_t queryBuf1[] = {
2484 /* Header */
2485 0x55, 0x66, /* Transaction ID */
2486 0x01, 0x00, /* Flags */
2487 0x00, 0x01, /* Questions */
2488 0x00, 0x00, /* Answer RRs */
2489 0x00, 0x00, /* Authority RRs */
2490 0x00, 0x00, /* Additional RRs */
2491 /* Queries */
2492 0x05, 0x68, 0x6f, 0x77, 0x64, 0x79, 0x07, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65,
2493 0x03, 0x63, 0x6f, 0x6d, 0x00, /* Name */
2494 0x00, 0x01, /* Type */
2495 0x00, 0x01 /* Class */
2496 };
2497
2498 int fd = resNetworkSend(TEST_NETID, queryBuf1, sizeof(queryBuf1), 0);
2499 EXPECT_TRUE(fd != -1);
2500
2501 uint8_t buf[MAXPACKET] = {};
2502 int rcode;
2503
2504 int res = getAsyncResponse(fd, &rcode, buf, MAXPACKET);
2505 EXPECT_GT(res, 0);
2506 EXPECT_EQ("1.2.3.4", toString(buf, res, AF_INET));
2507
2508 auto hp = reinterpret_cast<HEADER*>(buf);
2509 EXPECT_EQ(21862U, htons(hp->id));
2510
2511 EXPECT_EQ(1U, GetNumQueries(dns, host_name));
2512
2513 const uint8_t queryBuf2[] = {
2514 /* Header */
2515 0x00, 0x53, /* Transaction ID */
2516 0x01, 0x00, /* Flags */
2517 0x00, 0x01, /* Questions */
2518 0x00, 0x00, /* Answer RRs */
2519 0x00, 0x00, /* Authority RRs */
2520 0x00, 0x00, /* Additional RRs */
2521 /* Queries */
2522 0x05, 0x68, 0x6f, 0x77, 0x64, 0x79, 0x07, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65,
2523 0x03, 0x63, 0x6f, 0x6d, 0x00, /* Name */
2524 0x00, 0x01, /* Type */
2525 0x00, 0x01 /* Class */
2526 };
2527
2528 // Re-query verify cache works and query id is correct
2529 fd = resNetworkSend(TEST_NETID, queryBuf2, sizeof(queryBuf2), 0);
2530
2531 EXPECT_TRUE(fd != -1);
2532
2533 res = getAsyncResponse(fd, &rcode, buf, MAXPACKET);
2534 EXPECT_GT(res, 0);
2535 EXPECT_EQ("1.2.3.4", toString(buf, res, AF_INET));
2536
2537 EXPECT_EQ(0x0053U, htons(hp->id));
2538
2539 EXPECT_EQ(1U, GetNumQueries(dns, host_name));
Luke Huangba7bef92018-12-26 16:53:03 +08002540}
2541
Mike Yu4f3747b2018-12-02 17:54:29 +09002542// This test checks that the resolver should not generate the request containing OPT RR when using
Ken Chen0a015532019-01-02 14:59:38 +08002543// cleartext DNS. If we query the DNS server not supporting EDNS0 and it reponds with
2544// FORMERR_ON_EDNS, we will fallback to no EDNS0 and try again. If the server does no response, we
2545// won't retry so that we get no answer.
Mike Yu4f3747b2018-12-02 17:54:29 +09002546TEST_F(ResolverTest, BrokenEdns) {
2547 typedef test::DNSResponder::Edns Edns;
2548 enum ExpectResult { EXPECT_FAILURE, EXPECT_SUCCESS };
2549
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002550 // Perform cleartext query in off mode.
Mike Yu4f3747b2018-12-02 17:54:29 +09002551 const char OFF[] = "off";
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002552
2553 // Perform cleartext query when there's no private DNS server validated in opportunistic mode.
Mike Yu4f3747b2018-12-02 17:54:29 +09002554 const char OPPORTUNISTIC_UDP[] = "opportunistic_udp";
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002555
2556 // Perform cleartext query when there is a private DNS server validated in opportunistic mode.
2557 const char OPPORTUNISTIC_FALLBACK_UDP[] = "opportunistic_fallback_udp";
2558
2559 // Perform cyphertext query in opportunistic mode.
Mike Yu4f3747b2018-12-02 17:54:29 +09002560 const char OPPORTUNISTIC_TLS[] = "opportunistic_tls";
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002561
2562 // Perform cyphertext query in strict mode.
Mike Yu4f3747b2018-12-02 17:54:29 +09002563 const char STRICT[] = "strict";
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002564
Mike Yu4f3747b2018-12-02 17:54:29 +09002565 const char GETHOSTBYNAME[] = "gethostbyname";
2566 const char GETADDRINFO[] = "getaddrinfo";
Mike Yu4f3747b2018-12-02 17:54:29 +09002567 const char ADDR4[] = "192.0.2.1";
2568 const char CLEARTEXT_ADDR[] = "127.0.0.53";
2569 const char CLEARTEXT_PORT[] = "53";
2570 const char TLS_PORT[] = "853";
Luke Huangf8215372019-11-22 11:53:41 +08002571 const std::vector<std::string> servers = {CLEARTEXT_ADDR};
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002572 ResolverParamsParcel paramsForCleanup = DnsResponderClient::GetDefaultResolverParamsParcel();
2573 paramsForCleanup.servers.clear();
2574 paramsForCleanup.tlsServers.clear();
Mike Yu4f3747b2018-12-02 17:54:29 +09002575
Mike Yufc125e42019-05-15 20:41:28 +08002576 test::DNSResponder dns(CLEARTEXT_ADDR, CLEARTEXT_PORT, ns_rcode::ns_r_servfail);
Mike Yu4f3747b2018-12-02 17:54:29 +09002577 ASSERT_TRUE(dns.startServer());
2578
2579 test::DnsTlsFrontend tls(CLEARTEXT_ADDR, TLS_PORT, CLEARTEXT_ADDR, CLEARTEXT_PORT);
2580
Luke Huangf8215372019-11-22 11:53:41 +08002581 // clang-format off
Mike Yu4f3747b2018-12-02 17:54:29 +09002582 static const struct TestConfig {
2583 std::string mode;
2584 std::string method;
2585 Edns edns;
2586 ExpectResult expectResult;
2587
2588 std::string asHostName() const {
2589 const char* ednsString;
2590 switch (edns) {
2591 case Edns::ON:
2592 ednsString = "ednsOn";
2593 break;
Ken Chen0a015532019-01-02 14:59:38 +08002594 case Edns::FORMERR_ON_EDNS:
Mike Yu4f3747b2018-12-02 17:54:29 +09002595 ednsString = "ednsFormerr";
2596 break;
2597 case Edns::DROP:
2598 ednsString = "ednsDrop";
2599 break;
2600 default:
2601 ednsString = "";
2602 break;
2603 }
2604 return StringPrintf("%s.%s.%s.", mode.c_str(), method.c_str(), ednsString);
2605 }
2606 } testConfigs[] = {
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002607 // In OPPORTUNISTIC_TLS, if the DNS server doesn't support EDNS0 but TLS, the lookup
2608 // fails. Could such server exist? if so, we might need to fix it to fallback to
2609 // cleartext query. If the server still make no response for the queries with EDNS0, we
2610 // might also need to fix it to retry without EDNS0.
Mike Yu4f3747b2018-12-02 17:54:29 +09002611 // Another thing is that {OPPORTUNISTIC_TLS, Edns::DROP} and {STRICT, Edns::DROP} are
2612 // commented out since TLS timeout is not configurable.
2613 // TODO: Uncomment them after TLS timeout is configurable.
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002614 {OFF, GETHOSTBYNAME, Edns::ON, EXPECT_SUCCESS},
2615 {OPPORTUNISTIC_UDP, GETHOSTBYNAME, Edns::ON, EXPECT_SUCCESS},
2616 {OPPORTUNISTIC_FALLBACK_UDP, GETHOSTBYNAME, Edns::ON, EXPECT_SUCCESS},
2617 {OPPORTUNISTIC_TLS, GETHOSTBYNAME, Edns::ON, EXPECT_SUCCESS},
2618 {STRICT, GETHOSTBYNAME, Edns::ON, EXPECT_SUCCESS},
2619 {OFF, GETHOSTBYNAME, Edns::FORMERR_ON_EDNS, EXPECT_SUCCESS},
2620 {OPPORTUNISTIC_UDP, GETHOSTBYNAME, Edns::FORMERR_ON_EDNS, EXPECT_SUCCESS},
2621 {OPPORTUNISTIC_FALLBACK_UDP, GETHOSTBYNAME, Edns::FORMERR_ON_EDNS, EXPECT_SUCCESS},
2622 {OPPORTUNISTIC_TLS, GETHOSTBYNAME, Edns::FORMERR_ON_EDNS, EXPECT_FAILURE},
2623 {STRICT, GETHOSTBYNAME, Edns::FORMERR_ON_EDNS, EXPECT_FAILURE},
2624 {OFF, GETHOSTBYNAME, Edns::DROP, EXPECT_SUCCESS},
2625 {OPPORTUNISTIC_UDP, GETHOSTBYNAME, Edns::DROP, EXPECT_SUCCESS},
2626
2627 // The failure is due to no retry on timeout. Maybe fix it?
2628 {OPPORTUNISTIC_FALLBACK_UDP, GETHOSTBYNAME, Edns::DROP, EXPECT_FAILURE},
2629
2630 //{OPPORTUNISTIC_TLS, GETHOSTBYNAME, Edns::DROP, EXPECT_FAILURE},
2631 //{STRICT, GETHOSTBYNAME, Edns::DROP, EXPECT_FAILURE},
2632 {OFF, GETADDRINFO, Edns::ON, EXPECT_SUCCESS},
2633 {OPPORTUNISTIC_UDP, GETADDRINFO, Edns::ON, EXPECT_SUCCESS},
2634 {OPPORTUNISTIC_FALLBACK_UDP, GETADDRINFO, Edns::ON, EXPECT_SUCCESS},
2635 {OPPORTUNISTIC_TLS, GETADDRINFO, Edns::ON, EXPECT_SUCCESS},
2636 {STRICT, GETADDRINFO, Edns::ON, EXPECT_SUCCESS},
2637 {OFF, GETADDRINFO, Edns::FORMERR_ON_EDNS, EXPECT_SUCCESS},
2638 {OPPORTUNISTIC_UDP, GETADDRINFO, Edns::FORMERR_ON_EDNS, EXPECT_SUCCESS},
2639 {OPPORTUNISTIC_FALLBACK_UDP, GETADDRINFO, Edns::FORMERR_ON_EDNS, EXPECT_SUCCESS},
2640 {OPPORTUNISTIC_TLS, GETADDRINFO, Edns::FORMERR_ON_EDNS, EXPECT_FAILURE},
2641 {STRICT, GETADDRINFO, Edns::FORMERR_ON_EDNS, EXPECT_FAILURE},
2642 {OFF, GETADDRINFO, Edns::DROP, EXPECT_SUCCESS},
2643 {OPPORTUNISTIC_UDP, GETADDRINFO, Edns::DROP, EXPECT_SUCCESS},
2644
2645 // The failure is due to no retry on timeout. Maybe fix it?
2646 {OPPORTUNISTIC_FALLBACK_UDP, GETADDRINFO, Edns::DROP, EXPECT_FAILURE},
2647
Mike Yu4f3747b2018-12-02 17:54:29 +09002648 //{OPPORTUNISTIC_TLS, GETADDRINFO, Edns::DROP, EXPECT_FAILURE},
2649 //{STRICT, GETADDRINFO, Edns::DROP, EXPECT_FAILURE},
2650 };
Luke Huangf8215372019-11-22 11:53:41 +08002651 // clang-format on
Mike Yu4f3747b2018-12-02 17:54:29 +09002652
2653 for (const auto& config : testConfigs) {
2654 const std::string testHostName = config.asHostName();
2655 SCOPED_TRACE(testHostName);
2656
2657 const char* host_name = testHostName.c_str();
2658 dns.addMapping(host_name, ns_type::ns_t_a, ADDR4);
2659 dns.setEdns(config.edns);
2660
2661 if (config.mode == OFF) {
Mike Yu0f20cdd2019-06-11 11:52:37 +08002662 if (tls.running()) {
2663 ASSERT_TRUE(tls.stopServer());
2664 }
Xiao Ma09b71022018-12-11 17:56:32 +09002665 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
Mike Yu4f3747b2018-12-02 17:54:29 +09002666 } else if (config.mode == OPPORTUNISTIC_UDP) {
Mike Yu0f20cdd2019-06-11 11:52:37 +08002667 if (tls.running()) {
2668 ASSERT_TRUE(tls.stopServer());
2669 }
Xiao Ma09b71022018-12-11 17:56:32 +09002670 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains,
waynema0e73c2e2019-07-31 15:04:08 +08002671 kDefaultParams, ""));
Mike Yu724f77d2019-08-16 11:14:50 +08002672 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), false));
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002673 } else if (config.mode == OPPORTUNISTIC_TLS || config.mode == OPPORTUNISTIC_FALLBACK_UDP) {
Mike Yu0f20cdd2019-06-11 11:52:37 +08002674 if (!tls.running()) {
2675 ASSERT_TRUE(tls.startServer());
2676 }
Xiao Ma09b71022018-12-11 17:56:32 +09002677 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains,
waynema0e73c2e2019-07-31 15:04:08 +08002678 kDefaultParams, ""));
Mike Yu724f77d2019-08-16 11:14:50 +08002679 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002680
2681 if (config.mode == OPPORTUNISTIC_FALLBACK_UDP) {
2682 // Force the resolver to fallback to cleartext queries.
2683 ASSERT_TRUE(tls.stopServer());
2684 }
Mike Yu4f3747b2018-12-02 17:54:29 +09002685 } else if (config.mode == STRICT) {
Mike Yu0f20cdd2019-06-11 11:52:37 +08002686 if (!tls.running()) {
2687 ASSERT_TRUE(tls.startServer());
2688 }
Xiao Ma09b71022018-12-11 17:56:32 +09002689 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains,
waynema0e73c2e2019-07-31 15:04:08 +08002690 kDefaultParams, kDefaultPrivateDnsHostName));
Mike Yu724f77d2019-08-16 11:14:50 +08002691 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
Mike Yu4f3747b2018-12-02 17:54:29 +09002692 }
2693
2694 if (config.method == GETHOSTBYNAME) {
2695 const hostent* h_result = gethostbyname(host_name);
2696 if (config.expectResult == EXPECT_SUCCESS) {
2697 EXPECT_LE(1U, GetNumQueries(dns, host_name));
2698 ASSERT_TRUE(h_result != nullptr);
2699 ASSERT_EQ(4, h_result->h_length);
2700 ASSERT_FALSE(h_result->h_addr_list[0] == nullptr);
2701 EXPECT_EQ(ADDR4, ToString(h_result));
2702 EXPECT_TRUE(h_result->h_addr_list[1] == nullptr);
2703 } else {
2704 EXPECT_EQ(0U, GetNumQueriesForType(dns, ns_type::ns_t_a, host_name));
2705 ASSERT_TRUE(h_result == nullptr);
2706 ASSERT_EQ(HOST_NOT_FOUND, h_errno);
2707 }
2708 } else if (config.method == GETADDRINFO) {
2709 ScopedAddrinfo ai_result;
2710 addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
2711 ai_result = safe_getaddrinfo(host_name, nullptr, &hints);
2712 if (config.expectResult == EXPECT_SUCCESS) {
2713 EXPECT_TRUE(ai_result != nullptr);
2714 EXPECT_EQ(1U, GetNumQueries(dns, host_name));
2715 const std::string result_str = ToString(ai_result);
2716 EXPECT_EQ(ADDR4, result_str);
2717 } else {
2718 EXPECT_TRUE(ai_result == nullptr);
2719 EXPECT_EQ(0U, GetNumQueries(dns, host_name));
2720 }
2721 } else {
2722 FAIL() << "Unsupported query method: " << config.method;
2723 }
2724
Mike Yudd4ac2d2019-05-31 16:52:11 +08002725 tls.clearQueries();
Mike Yu4f3747b2018-12-02 17:54:29 +09002726 dns.clearQueries();
Automerger Merge Worker9a495be2020-03-05 14:07:09 +00002727
2728 // Clear the setup to force the resolver to validate private DNS servers in every test.
2729 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(paramsForCleanup));
Mike Yu4f3747b2018-12-02 17:54:29 +09002730 }
Mike Yu4f3747b2018-12-02 17:54:29 +09002731}
nuccachena26cc2a2018-07-17 18:07:23 +08002732
Ken Chen0a015532019-01-02 14:59:38 +08002733// DNS-over-TLS validation success, but server does not respond to TLS query after a while.
2734// Resolver should have a reasonable number of retries instead of spinning forever. We don't have
2735// an efficient way to know if resolver is stuck in an infinite loop. However, test case will be
2736// failed due to timeout.
2737TEST_F(ResolverTest, UnstableTls) {
2738 const char CLEARTEXT_ADDR[] = "127.0.0.53";
2739 const char CLEARTEXT_PORT[] = "53";
2740 const char TLS_PORT[] = "853";
2741 const char* host_name1 = "nonexistent1.example.com.";
2742 const char* host_name2 = "nonexistent2.example.com.";
2743 const std::vector<std::string> servers = {CLEARTEXT_ADDR};
2744
Mike Yufc125e42019-05-15 20:41:28 +08002745 test::DNSResponder dns(CLEARTEXT_ADDR, CLEARTEXT_PORT, ns_rcode::ns_r_servfail);
Ken Chen0a015532019-01-02 14:59:38 +08002746 ASSERT_TRUE(dns.startServer());
2747 dns.setEdns(test::DNSResponder::Edns::FORMERR_ON_EDNS);
2748 test::DnsTlsFrontend tls(CLEARTEXT_ADDR, TLS_PORT, CLEARTEXT_ADDR, CLEARTEXT_PORT);
2749 ASSERT_TRUE(tls.startServer());
waynema0e73c2e2019-07-31 15:04:08 +08002750 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams, ""));
Mike Yu724f77d2019-08-16 11:14:50 +08002751 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
2752
Ken Chen0a015532019-01-02 14:59:38 +08002753 // Shutdown TLS server to get an error. It's similar to no response case but without waiting.
2754 tls.stopServer();
2755
2756 const hostent* h_result = gethostbyname(host_name1);
2757 EXPECT_EQ(1U, GetNumQueries(dns, host_name1));
2758 ASSERT_TRUE(h_result == nullptr);
2759 ASSERT_EQ(HOST_NOT_FOUND, h_errno);
2760
2761 addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
2762 ScopedAddrinfo ai_result = safe_getaddrinfo(host_name2, nullptr, &hints);
2763 EXPECT_TRUE(ai_result == nullptr);
2764 EXPECT_EQ(1U, GetNumQueries(dns, host_name2));
2765}
2766
2767// DNS-over-TLS validation success, but server does not respond to TLS query after a while.
2768// Moreover, server responds RCODE=FORMERR even on non-EDNS query.
2769TEST_F(ResolverTest, BogusDnsServer) {
2770 const char CLEARTEXT_ADDR[] = "127.0.0.53";
2771 const char CLEARTEXT_PORT[] = "53";
2772 const char TLS_PORT[] = "853";
2773 const char* host_name1 = "nonexistent1.example.com.";
2774 const char* host_name2 = "nonexistent2.example.com.";
2775 const std::vector<std::string> servers = {CLEARTEXT_ADDR};
2776
Mike Yufc125e42019-05-15 20:41:28 +08002777 test::DNSResponder dns(CLEARTEXT_ADDR, CLEARTEXT_PORT, ns_rcode::ns_r_servfail);
Ken Chen0a015532019-01-02 14:59:38 +08002778 ASSERT_TRUE(dns.startServer());
2779 test::DnsTlsFrontend tls(CLEARTEXT_ADDR, TLS_PORT, CLEARTEXT_ADDR, CLEARTEXT_PORT);
2780 ASSERT_TRUE(tls.startServer());
waynema0e73c2e2019-07-31 15:04:08 +08002781 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams, ""));
Mike Yu724f77d2019-08-16 11:14:50 +08002782 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
2783
Ken Chen0a015532019-01-02 14:59:38 +08002784 // Shutdown TLS server to get an error. It's similar to no response case but without waiting.
2785 tls.stopServer();
2786 dns.setEdns(test::DNSResponder::Edns::FORMERR_UNCOND);
2787
2788 const hostent* h_result = gethostbyname(host_name1);
2789 EXPECT_EQ(0U, GetNumQueries(dns, host_name1));
2790 ASSERT_TRUE(h_result == nullptr);
2791 ASSERT_EQ(HOST_NOT_FOUND, h_errno);
2792
2793 addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
2794 ScopedAddrinfo ai_result = safe_getaddrinfo(host_name2, nullptr, &hints);
2795 EXPECT_TRUE(ai_result == nullptr);
2796 EXPECT_EQ(0U, GetNumQueries(dns, host_name2));
2797}
2798
nuccachena26cc2a2018-07-17 18:07:23 +08002799TEST_F(ResolverTest, GetAddrInfo_Dns64Synthesize) {
2800 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08002801 constexpr char dns64_name[] = "ipv4only.arpa.";
2802 constexpr char host_name[] = "v4only.example.com.";
Xiao Ma09b71022018-12-11 17:56:32 +09002803 const std::vector<DnsRecord> records = {
2804 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
2805 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2806 };
nuccachena26cc2a2018-07-17 18:07:23 +08002807
Xiao Ma09b71022018-12-11 17:56:32 +09002808 test::DNSResponder dns(listen_addr);
Xiao Ma09b71022018-12-11 17:56:32 +09002809 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08002810
2811 std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002812 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08002813
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002814 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08002815 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08002816 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08002817
2818 // hints are necessary in order to let netd know which type of addresses the caller is
2819 // interested in.
Xiao Ma09b71022018-12-11 17:56:32 +09002820 const addrinfo hints = {.ai_family = AF_UNSPEC};
nuccachena26cc2a2018-07-17 18:07:23 +08002821 ScopedAddrinfo result = safe_getaddrinfo("v4only", nullptr, &hints);
2822 EXPECT_TRUE(result != nullptr);
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002823 // TODO: BUG: there should only be two queries, one AAAA (which returns no records) and one A
2824 // (which returns 1.2.3.4). But there is an extra AAAA.
2825 EXPECT_EQ(3U, GetNumQueries(dns, host_name));
nuccachena26cc2a2018-07-17 18:07:23 +08002826
2827 std::string result_str = ToString(result);
2828 EXPECT_EQ(result_str, "64:ff9b::102:304");
2829
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002830 // Stopping NAT64 prefix discovery disables synthesis.
Luke Huang5bd827c2019-03-14 16:10:04 +08002831 EXPECT_TRUE(mDnsClient.resolvService()->stopPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08002832 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_NOT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08002833
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002834 dns.clearQueries();
nuccachena26cc2a2018-07-17 18:07:23 +08002835
2836 result = safe_getaddrinfo("v4only", nullptr, &hints);
2837 EXPECT_TRUE(result != nullptr);
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002838 // TODO: BUG: there should only be one query, an AAAA (which returns no records), because the
2839 // A is already cached. But there is an extra AAAA.
2840 EXPECT_EQ(2U, GetNumQueries(dns, host_name));
nuccachena26cc2a2018-07-17 18:07:23 +08002841
2842 result_str = ToString(result);
2843 EXPECT_EQ(result_str, "1.2.3.4");
2844}
2845
nuccachena26cc2a2018-07-17 18:07:23 +08002846TEST_F(ResolverTest, GetAddrInfo_Dns64QuerySpecified) {
2847 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08002848 constexpr char dns64_name[] = "ipv4only.arpa.";
2849 constexpr char host_name[] = "v4only.example.com.";
Xiao Ma09b71022018-12-11 17:56:32 +09002850 const std::vector<DnsRecord> records = {
2851 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
2852 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2853 };
nuccachena26cc2a2018-07-17 18:07:23 +08002854
Xiao Ma09b71022018-12-11 17:56:32 +09002855 test::DNSResponder dns(listen_addr);
2856 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08002857 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002858 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08002859
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002860 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08002861 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08002862 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08002863
2864 // Ensure to synthesize AAAA if AF_INET6 is specified, and not to synthesize AAAA
2865 // in AF_INET case.
2866 addrinfo hints;
2867 memset(&hints, 0, sizeof(hints));
2868 hints.ai_family = AF_INET6;
2869 ScopedAddrinfo result = safe_getaddrinfo("v4only", nullptr, &hints);
2870 EXPECT_TRUE(result != nullptr);
2871 std::string result_str = ToString(result);
2872 EXPECT_EQ(result_str, "64:ff9b::102:304");
2873
2874 hints.ai_family = AF_INET;
2875 result = safe_getaddrinfo("v4only", nullptr, &hints);
2876 EXPECT_TRUE(result != nullptr);
2877 EXPECT_LE(2U, GetNumQueries(dns, host_name));
2878 result_str = ToString(result);
2879 EXPECT_EQ(result_str, "1.2.3.4");
2880}
nuccachena26cc2a2018-07-17 18:07:23 +08002881
2882TEST_F(ResolverTest, GetAddrInfo_Dns64QueryUnspecifiedV6) {
2883 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08002884 constexpr char dns64_name[] = "ipv4only.arpa.";
2885 constexpr char host_name[] = "v4v6.example.com.";
Xiao Ma09b71022018-12-11 17:56:32 +09002886 const std::vector<DnsRecord> records = {
2887 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
2888 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2889 {host_name, ns_type::ns_t_aaaa, "2001:db8::1.2.3.4"},
2890 };
nuccachena26cc2a2018-07-17 18:07:23 +08002891
Xiao Ma09b71022018-12-11 17:56:32 +09002892 test::DNSResponder dns(listen_addr);
2893 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08002894 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002895 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08002896
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002897 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08002898 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08002899 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08002900
Xiao Ma09b71022018-12-11 17:56:32 +09002901 const addrinfo hints = {.ai_family = AF_UNSPEC};
nuccachena26cc2a2018-07-17 18:07:23 +08002902 ScopedAddrinfo result = safe_getaddrinfo("v4v6", nullptr, &hints);
2903 EXPECT_TRUE(result != nullptr);
2904 EXPECT_LE(2U, GetNumQueries(dns, host_name));
2905
2906 // In AF_UNSPEC case, do not synthesize AAAA if there's at least one AAAA answer.
Xiao Ma09b71022018-12-11 17:56:32 +09002907 const std::vector<std::string> result_strs = ToStrings(result);
nuccachena26cc2a2018-07-17 18:07:23 +08002908 for (const auto& str : result_strs) {
2909 EXPECT_TRUE(str == "1.2.3.4" || str == "2001:db8::102:304")
2910 << ", result_str='" << str << "'";
2911 }
2912}
2913
2914TEST_F(ResolverTest, GetAddrInfo_Dns64QueryUnspecifiedNoV6) {
2915 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08002916 constexpr char dns64_name[] = "ipv4only.arpa.";
2917 constexpr char host_name[] = "v4v6.example.com.";
Xiao Ma09b71022018-12-11 17:56:32 +09002918 const std::vector<DnsRecord> records = {
2919 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
2920 {host_name, ns_type::ns_t_a, "1.2.3.4"},
2921 };
nuccachena26cc2a2018-07-17 18:07:23 +08002922
Xiao Ma09b71022018-12-11 17:56:32 +09002923 test::DNSResponder dns(listen_addr);
2924 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08002925 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002926 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08002927
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002928 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08002929 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08002930 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08002931
Xiao Ma09b71022018-12-11 17:56:32 +09002932 const addrinfo hints = {.ai_family = AF_UNSPEC};
nuccachena26cc2a2018-07-17 18:07:23 +08002933 ScopedAddrinfo result = safe_getaddrinfo("v4v6", nullptr, &hints);
2934 EXPECT_TRUE(result != nullptr);
2935 EXPECT_LE(2U, GetNumQueries(dns, host_name));
2936
2937 // In AF_UNSPEC case, synthesize AAAA if there's no AAAA answer.
2938 std::string result_str = ToString(result);
2939 EXPECT_EQ(result_str, "64:ff9b::102:304");
2940}
2941
2942TEST_F(ResolverTest, GetAddrInfo_Dns64QuerySpecialUseIPv4Addresses) {
2943 constexpr char THIS_NETWORK[] = "this_network";
2944 constexpr char LOOPBACK[] = "loopback";
2945 constexpr char LINK_LOCAL[] = "link_local";
2946 constexpr char MULTICAST[] = "multicast";
2947 constexpr char LIMITED_BROADCAST[] = "limited_broadcast";
2948
2949 constexpr char ADDR_THIS_NETWORK[] = "0.0.0.1";
2950 constexpr char ADDR_LOOPBACK[] = "127.0.0.1";
2951 constexpr char ADDR_LINK_LOCAL[] = "169.254.0.1";
2952 constexpr char ADDR_MULTICAST[] = "224.0.0.1";
2953 constexpr char ADDR_LIMITED_BROADCAST[] = "255.255.255.255";
2954
2955 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08002956 constexpr char dns64_name[] = "ipv4only.arpa.";
2957
Xiao Ma09b71022018-12-11 17:56:32 +09002958 test::DNSResponder dns(listen_addr);
2959 StartDns(dns, {{dns64_name, ns_type::ns_t_aaaa, "64:ff9b::"}});
nuccachena26cc2a2018-07-17 18:07:23 +08002960 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09002961 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08002962
Lorenzo Colittid39345c2019-02-18 10:59:29 +09002963 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08002964 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08002965 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08002966
Luke Huangf8215372019-11-22 11:53:41 +08002967 // clang-format off
nuccachena26cc2a2018-07-17 18:07:23 +08002968 static const struct TestConfig {
2969 std::string name;
2970 std::string addr;
2971
2972 std::string asHostName() const { return StringPrintf("%s.example.com.", name.c_str()); }
2973 } testConfigs[]{
2974 {THIS_NETWORK, ADDR_THIS_NETWORK},
2975 {LOOPBACK, ADDR_LOOPBACK},
2976 {LINK_LOCAL, ADDR_LINK_LOCAL},
2977 {MULTICAST, ADDR_MULTICAST},
2978 {LIMITED_BROADCAST, ADDR_LIMITED_BROADCAST}
2979 };
Luke Huangf8215372019-11-22 11:53:41 +08002980 // clang-format on
nuccachena26cc2a2018-07-17 18:07:23 +08002981
2982 for (const auto& config : testConfigs) {
2983 const std::string testHostName = config.asHostName();
2984 SCOPED_TRACE(testHostName);
2985
2986 const char* host_name = testHostName.c_str();
2987 dns.addMapping(host_name, ns_type::ns_t_a, config.addr.c_str());
2988
2989 addrinfo hints;
2990 memset(&hints, 0, sizeof(hints));
2991 hints.ai_family = AF_INET6;
2992 ScopedAddrinfo result = safe_getaddrinfo(config.name.c_str(), nullptr, &hints);
2993 // In AF_INET6 case, don't return IPv4 answers
2994 EXPECT_TRUE(result == nullptr);
2995 EXPECT_LE(2U, GetNumQueries(dns, host_name));
2996 dns.clearQueries();
2997
2998 memset(&hints, 0, sizeof(hints));
2999 hints.ai_family = AF_UNSPEC;
3000 result = safe_getaddrinfo(config.name.c_str(), nullptr, &hints);
3001 EXPECT_TRUE(result != nullptr);
3002 // Expect IPv6 query only. IPv4 answer has been cached in previous query.
3003 EXPECT_LE(1U, GetNumQueries(dns, host_name));
3004 // In AF_UNSPEC case, don't synthesize special use IPv4 address.
3005 std::string result_str = ToString(result);
3006 EXPECT_EQ(result_str, config.addr.c_str());
3007 dns.clearQueries();
3008 }
3009}
3010
3011TEST_F(ResolverTest, GetAddrInfo_Dns64QueryWithNullArgumentHints) {
3012 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08003013 constexpr char dns64_name[] = "ipv4only.arpa.";
3014 constexpr char host_name[] = "v4only.example.com.";
3015 constexpr char host_name2[] = "v4v6.example.com.";
Xiao Ma09b71022018-12-11 17:56:32 +09003016 const std::vector<DnsRecord> records = {
3017 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
3018 {host_name, ns_type::ns_t_a, "1.2.3.4"},
3019 {host_name2, ns_type::ns_t_a, "1.2.3.4"},
3020 {host_name2, ns_type::ns_t_aaaa, "2001:db8::1.2.3.4"},
3021 };
nuccachena26cc2a2018-07-17 18:07:23 +08003022
Xiao Ma09b71022018-12-11 17:56:32 +09003023 test::DNSResponder dns(listen_addr);
3024 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08003025 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003026 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003027
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003028 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003029 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003030 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003031
3032 // Assign argument hints of getaddrinfo() as null is equivalent to set ai_family AF_UNSPEC.
3033 // In AF_UNSPEC case, synthesize AAAA if there has A answer only.
3034 ScopedAddrinfo result = safe_getaddrinfo("v4only", nullptr, nullptr);
3035 EXPECT_TRUE(result != nullptr);
3036 EXPECT_LE(2U, GetNumQueries(dns, host_name));
3037 std::string result_str = ToString(result);
3038 EXPECT_EQ(result_str, "64:ff9b::102:304");
3039 dns.clearQueries();
3040
3041 // In AF_UNSPEC case, do not synthesize AAAA if there's at least one AAAA answer.
3042 result = safe_getaddrinfo("v4v6", nullptr, nullptr);
3043 EXPECT_TRUE(result != nullptr);
3044 EXPECT_LE(2U, GetNumQueries(dns, host_name2));
3045 std::vector<std::string> result_strs = ToStrings(result);
3046 for (const auto& str : result_strs) {
3047 EXPECT_TRUE(str == "1.2.3.4" || str == "2001:db8::102:304")
3048 << ", result_str='" << str << "'";
3049 }
3050}
3051
3052TEST_F(ResolverTest, GetAddrInfo_Dns64QueryNullArgumentNode) {
3053 constexpr char ADDR_ANYADDR_V4[] = "0.0.0.0";
3054 constexpr char ADDR_ANYADDR_V6[] = "::";
3055 constexpr char ADDR_LOCALHOST_V4[] = "127.0.0.1";
3056 constexpr char ADDR_LOCALHOST_V6[] = "::1";
3057
3058 constexpr char PORT_NAME_HTTP[] = "http";
3059 constexpr char PORT_NUMBER_HTTP[] = "80";
3060
3061 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08003062 constexpr char dns64_name[] = "ipv4only.arpa.";
3063
Xiao Ma09b71022018-12-11 17:56:32 +09003064 test::DNSResponder dns(listen_addr);
3065 StartDns(dns, {{dns64_name, ns_type::ns_t_aaaa, "64:ff9b::"}});
nuccachena26cc2a2018-07-17 18:07:23 +08003066 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003067 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003068
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003069 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003070 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003071 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003072
Luke Huangf8215372019-11-22 11:53:41 +08003073 // clang-format off
nuccachena26cc2a2018-07-17 18:07:23 +08003074 // If node is null, return address is listed by libc/getaddrinfo.c as follows.
3075 // - passive socket -> anyaddr (0.0.0.0 or ::)
3076 // - non-passive socket -> localhost (127.0.0.1 or ::1)
3077 static const struct TestConfig {
3078 int flag;
3079 std::string addr_v4;
3080 std::string addr_v6;
3081
3082 std::string asParameters() const {
3083 return StringPrintf("flag=%d, addr_v4=%s, addr_v6=%s", flag, addr_v4.c_str(),
3084 addr_v6.c_str());
3085 }
3086 } testConfigs[]{
3087 {0 /* non-passive */, ADDR_LOCALHOST_V4, ADDR_LOCALHOST_V6},
3088 {AI_PASSIVE, ADDR_ANYADDR_V4, ADDR_ANYADDR_V6}
3089 };
Luke Huangf8215372019-11-22 11:53:41 +08003090 // clang-format on
nuccachena26cc2a2018-07-17 18:07:23 +08003091
3092 for (const auto& config : testConfigs) {
3093 SCOPED_TRACE(config.asParameters());
3094
Xiao Ma09b71022018-12-11 17:56:32 +09003095 addrinfo hints = {
Nick Desaulnierscd6395a2019-10-11 09:15:24 -07003096 .ai_flags = config.flag,
Xiao Ma09b71022018-12-11 17:56:32 +09003097 .ai_family = AF_UNSPEC, // any address family
3098 .ai_socktype = 0, // any type
3099 .ai_protocol = 0, // any protocol
Xiao Ma09b71022018-12-11 17:56:32 +09003100 };
nuccachena26cc2a2018-07-17 18:07:23 +08003101
3102 // Assign hostname as null and service as port name.
3103 ScopedAddrinfo result = safe_getaddrinfo(nullptr, PORT_NAME_HTTP, &hints);
3104 ASSERT_TRUE(result != nullptr);
3105
3106 // Can't be synthesized because it should not get into Netd.
3107 std::vector<std::string> result_strs = ToStrings(result);
3108 for (const auto& str : result_strs) {
3109 EXPECT_TRUE(str == config.addr_v4 || str == config.addr_v6)
3110 << ", result_str='" << str << "'";
3111 }
3112
3113 // Assign hostname as null and service as numeric port number.
3114 hints.ai_flags = config.flag | AI_NUMERICSERV;
3115 result = safe_getaddrinfo(nullptr, PORT_NUMBER_HTTP, &hints);
3116 ASSERT_TRUE(result != nullptr);
3117
3118 // Can't be synthesized because it should not get into Netd.
3119 result_strs = ToStrings(result);
3120 for (const auto& str : result_strs) {
3121 EXPECT_TRUE(str == config.addr_v4 || str == config.addr_v6)
3122 << ", result_str='" << str << "'";
3123 }
3124 }
3125}
3126
3127TEST_F(ResolverTest, GetHostByAddr_ReverseDnsQueryWithHavingNat64Prefix) {
3128 struct hostent* result = nullptr;
3129 struct in_addr v4addr;
3130 struct in6_addr v6addr;
3131
3132 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08003133 constexpr char dns64_name[] = "ipv4only.arpa.";
3134 constexpr char ptr_name[] = "v4v6.example.com.";
3135 // PTR record for IPv4 address 1.2.3.4
3136 constexpr char ptr_addr_v4[] = "4.3.2.1.in-addr.arpa.";
3137 // PTR record for IPv6 address 2001:db8::102:304
3138 constexpr char ptr_addr_v6[] =
3139 "4.0.3.0.2.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.";
Xiao Ma09b71022018-12-11 17:56:32 +09003140 const std::vector<DnsRecord> records = {
3141 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
3142 {ptr_addr_v4, ns_type::ns_t_ptr, ptr_name},
3143 {ptr_addr_v6, ns_type::ns_t_ptr, ptr_name},
3144 };
nuccachena26cc2a2018-07-17 18:07:23 +08003145
Xiao Ma09b71022018-12-11 17:56:32 +09003146 test::DNSResponder dns(listen_addr);
3147 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08003148 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003149 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003150
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003151 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003152 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003153 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003154
3155 // Reverse IPv4 DNS query. Prefix should have no effect on it.
3156 inet_pton(AF_INET, "1.2.3.4", &v4addr);
3157 result = gethostbyaddr(&v4addr, sizeof(v4addr), AF_INET);
3158 ASSERT_TRUE(result != nullptr);
3159 std::string result_str = result->h_name ? result->h_name : "null";
3160 EXPECT_EQ(result_str, "v4v6.example.com");
3161
3162 // Reverse IPv6 DNS query. Prefix should have no effect on it.
3163 inet_pton(AF_INET6, "2001:db8::102:304", &v6addr);
3164 result = gethostbyaddr(&v6addr, sizeof(v6addr), AF_INET6);
3165 ASSERT_TRUE(result != nullptr);
3166 result_str = result->h_name ? result->h_name : "null";
3167 EXPECT_EQ(result_str, "v4v6.example.com");
3168}
3169
3170TEST_F(ResolverTest, GetHostByAddr_ReverseDns64Query) {
3171 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08003172 constexpr char dns64_name[] = "ipv4only.arpa.";
3173 constexpr char ptr_name[] = "v4only.example.com.";
3174 // PTR record for IPv4 address 1.2.3.4
3175 constexpr char ptr_addr_v4[] = "4.3.2.1.in-addr.arpa.";
3176 // PTR record for IPv6 address 64:ff9b::1.2.3.4
3177 constexpr char ptr_addr_v6_nomapping[] =
3178 "4.0.3.0.2.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa.";
3179 constexpr char ptr_name_v6_synthesis[] = "v6synthesis.example.com.";
3180 // PTR record for IPv6 address 64:ff9b::5.6.7.8
3181 constexpr char ptr_addr_v6_synthesis[] =
3182 "8.0.7.0.6.0.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa.";
Xiao Ma09b71022018-12-11 17:56:32 +09003183 const std::vector<DnsRecord> records = {
3184 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
3185 {ptr_addr_v4, ns_type::ns_t_ptr, ptr_name},
3186 {ptr_addr_v6_synthesis, ns_type::ns_t_ptr, ptr_name_v6_synthesis},
3187 };
nuccachena26cc2a2018-07-17 18:07:23 +08003188
Xiao Ma09b71022018-12-11 17:56:32 +09003189 test::DNSResponder dns(listen_addr);
3190 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08003191 // "ptr_addr_v6_nomapping" is not mapped in DNS server
nuccachena26cc2a2018-07-17 18:07:23 +08003192 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003193 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003194
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003195 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003196 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003197 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003198
3199 // Synthesized PTR record doesn't exist on DNS server
3200 // Reverse IPv6 DNS64 query while DNS server doesn't have an answer for synthesized address.
3201 // After querying synthesized address failed, expect that prefix is removed from IPv6
3202 // synthesized address and do reverse IPv4 query instead.
3203 struct in6_addr v6addr;
3204 inet_pton(AF_INET6, "64:ff9b::1.2.3.4", &v6addr);
3205 struct hostent* result = gethostbyaddr(&v6addr, sizeof(v6addr), AF_INET6);
3206 ASSERT_TRUE(result != nullptr);
3207 EXPECT_LE(1U, GetNumQueries(dns, ptr_addr_v6_nomapping)); // PTR record not exist
3208 EXPECT_LE(1U, GetNumQueries(dns, ptr_addr_v4)); // PTR record exist
3209 std::string result_str = result->h_name ? result->h_name : "null";
3210 EXPECT_EQ(result_str, "v4only.example.com");
3211 // Check that return address has been mapped from IPv4 to IPv6 address because Netd
3212 // removes NAT64 prefix and does IPv4 DNS reverse lookup in this case. Then, Netd
3213 // fakes the return IPv4 address as original queried IPv6 address.
3214 result_str = ToString(result);
3215 EXPECT_EQ(result_str, "64:ff9b::102:304");
3216 dns.clearQueries();
3217
3218 // Synthesized PTR record exists on DNS server
3219 // Reverse IPv6 DNS64 query while DNS server has an answer for synthesized address.
3220 // Expect to Netd pass through synthesized address for DNS queries.
3221 inet_pton(AF_INET6, "64:ff9b::5.6.7.8", &v6addr);
3222 result = gethostbyaddr(&v6addr, sizeof(v6addr), AF_INET6);
3223 ASSERT_TRUE(result != nullptr);
3224 EXPECT_LE(1U, GetNumQueries(dns, ptr_addr_v6_synthesis));
3225 result_str = result->h_name ? result->h_name : "null";
3226 EXPECT_EQ(result_str, "v6synthesis.example.com");
3227}
3228
3229TEST_F(ResolverTest, GetHostByAddr_ReverseDns64QueryFromHostFile) {
3230 constexpr char dns64_name[] = "ipv4only.arpa.";
3231 constexpr char host_name[] = "localhost";
3232 // The address is synthesized by prefix64:localhost.
3233 constexpr char host_addr[] = "64:ff9b::7f00:1";
nuccachena26cc2a2018-07-17 18:07:23 +08003234 constexpr char listen_addr[] = "::1";
Xiao Ma09b71022018-12-11 17:56:32 +09003235
3236 test::DNSResponder dns(listen_addr);
3237 StartDns(dns, {{dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"}});
nuccachena26cc2a2018-07-17 18:07:23 +08003238 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003239 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003240
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003241 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003242 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003243 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003244
3245 // Using synthesized "localhost" address to be a trick for resolving host name
3246 // from host file /etc/hosts and "localhost" is the only name in /etc/hosts. Note that this is
3247 // not realistic: the code never synthesizes AAAA records for addresses in 127.0.0.0/8.
3248 struct in6_addr v6addr;
3249 inet_pton(AF_INET6, host_addr, &v6addr);
3250 struct hostent* result = gethostbyaddr(&v6addr, sizeof(v6addr), AF_INET6);
3251 ASSERT_TRUE(result != nullptr);
3252 // Expect no DNS queries; localhost is resolved via /etc/hosts.
3253 EXPECT_EQ(0U, GetNumQueries(dns, host_name));
3254
Luke Huangf8215372019-11-22 11:53:41 +08003255 ASSERT_EQ(sizeof(in6_addr), (unsigned)result->h_length);
nuccachena26cc2a2018-07-17 18:07:23 +08003256 ASSERT_EQ(AF_INET6, result->h_addrtype);
3257 std::string result_str = ToString(result);
3258 EXPECT_EQ(result_str, host_addr);
3259 result_str = result->h_name ? result->h_name : "null";
3260 EXPECT_EQ(result_str, host_name);
3261}
3262
Hungming Chen9e6185a2019-06-04 16:09:19 +08003263TEST_F(ResolverTest, GetHostByAddr_cnamesClasslessReverseDelegation) {
3264 // IPv4 addresses in the subnet with notation '/' or '-'.
3265 constexpr char addr_slash[] = "192.0.2.1";
3266 constexpr char addr_hyphen[] = "192.0.3.1";
3267
3268 // Used to verify DNS reverse query for classless reverse lookup zone. See detail in RFC 2317
3269 // section 4.
3270 const static std::vector<DnsRecord> records = {
3271 // The records for reverse querying "192.0.2.1" in the subnet with notation '/'.
3272 {"1.2.0.192.in-addr.arpa.", ns_type::ns_t_cname, "1.0/25.2.0.192.in-addr.arpa."},
3273 {"1.0/25.2.0.192.in-addr.arpa.", ns_type::ns_t_ptr, kHelloExampleCom},
3274
3275 // The records for reverse querying "192.0.3.1" in the subnet with notation '-'.
3276 {"1.3.0.192.in-addr.arpa.", ns_type::ns_t_cname, "1.0-127.3.0.192.in-addr.arpa."},
3277 {"1.0-127.3.0.192.in-addr.arpa.", ns_type::ns_t_ptr, kHelloExampleCom},
3278 };
3279
3280 test::DNSResponder dns;
3281 StartDns(dns, records);
3282 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
3283
3284 for (const auto& address : {addr_slash, addr_hyphen}) {
3285 SCOPED_TRACE(address);
3286
3287 in_addr v4addr;
3288 ASSERT_TRUE(inet_pton(AF_INET, address, &v4addr));
3289 hostent* result = gethostbyaddr(&v4addr, sizeof(v4addr), AF_INET);
3290 ASSERT_TRUE(result != nullptr);
3291 EXPECT_STREQ("hello.example.com", result->h_name);
3292 }
3293}
3294
nuccachena26cc2a2018-07-17 18:07:23 +08003295TEST_F(ResolverTest, GetNameInfo_ReverseDnsQueryWithHavingNat64Prefix) {
3296 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08003297 constexpr char dns64_name[] = "ipv4only.arpa.";
3298 constexpr char ptr_name[] = "v4v6.example.com.";
3299 // PTR record for IPv4 address 1.2.3.4
3300 constexpr char ptr_addr_v4[] = "4.3.2.1.in-addr.arpa.";
3301 // PTR record for IPv6 address 2001:db8::102:304
3302 constexpr char ptr_addr_v6[] =
3303 "4.0.3.0.2.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.";
Xiao Ma09b71022018-12-11 17:56:32 +09003304 const std::vector<DnsRecord> records = {
3305 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
3306 {ptr_addr_v4, ns_type::ns_t_ptr, ptr_name},
3307 {ptr_addr_v6, ns_type::ns_t_ptr, ptr_name},
3308 };
nuccachena26cc2a2018-07-17 18:07:23 +08003309
Xiao Ma09b71022018-12-11 17:56:32 +09003310 test::DNSResponder dns(listen_addr);
3311 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08003312 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003313 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003314
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003315 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003316 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003317 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003318
Luke Huangf8215372019-11-22 11:53:41 +08003319 // clang-format off
nuccachena26cc2a2018-07-17 18:07:23 +08003320 static const struct TestConfig {
3321 int flag;
3322 int family;
3323 std::string addr;
3324 std::string host;
3325
3326 std::string asParameters() const {
3327 return StringPrintf("flag=%d, family=%d, addr=%s, host=%s", flag, family, addr.c_str(),
3328 host.c_str());
3329 }
3330 } testConfigs[]{
3331 {NI_NAMEREQD, AF_INET, "1.2.3.4", "v4v6.example.com"},
3332 {NI_NUMERICHOST, AF_INET, "1.2.3.4", "1.2.3.4"},
3333 {0, AF_INET, "1.2.3.4", "v4v6.example.com"},
3334 {0, AF_INET, "5.6.7.8", "5.6.7.8"}, // unmapped
3335 {NI_NAMEREQD, AF_INET6, "2001:db8::102:304", "v4v6.example.com"},
3336 {NI_NUMERICHOST, AF_INET6, "2001:db8::102:304", "2001:db8::102:304"},
3337 {0, AF_INET6, "2001:db8::102:304", "v4v6.example.com"},
3338 {0, AF_INET6, "2001:db8::506:708", "2001:db8::506:708"}, // unmapped
3339 };
Luke Huangf8215372019-11-22 11:53:41 +08003340 // clang-format on
nuccachena26cc2a2018-07-17 18:07:23 +08003341
3342 // Reverse IPv4/IPv6 DNS query. Prefix should have no effect on it.
3343 for (const auto& config : testConfigs) {
3344 SCOPED_TRACE(config.asParameters());
3345
3346 int rv;
3347 char host[NI_MAXHOST];
3348 struct sockaddr_in sin;
3349 struct sockaddr_in6 sin6;
3350 if (config.family == AF_INET) {
3351 memset(&sin, 0, sizeof(sin));
3352 sin.sin_family = AF_INET;
3353 inet_pton(AF_INET, config.addr.c_str(), &sin.sin_addr);
Luke Huangf8215372019-11-22 11:53:41 +08003354 rv = getnameinfo((const struct sockaddr*)&sin, sizeof(sin), host, sizeof(host), nullptr,
3355 0, config.flag);
nuccachena26cc2a2018-07-17 18:07:23 +08003356 if (config.flag == NI_NAMEREQD) EXPECT_LE(1U, GetNumQueries(dns, ptr_addr_v4));
3357 } else if (config.family == AF_INET6) {
3358 memset(&sin6, 0, sizeof(sin6));
3359 sin6.sin6_family = AF_INET6;
3360 inet_pton(AF_INET6, config.addr.c_str(), &sin6.sin6_addr);
Luke Huangf8215372019-11-22 11:53:41 +08003361 rv = getnameinfo((const struct sockaddr*)&sin6, sizeof(sin6), host, sizeof(host),
nuccachena26cc2a2018-07-17 18:07:23 +08003362 nullptr, 0, config.flag);
3363 if (config.flag == NI_NAMEREQD) EXPECT_LE(1U, GetNumQueries(dns, ptr_addr_v6));
3364 }
3365 ASSERT_EQ(0, rv);
3366 std::string result_str = host;
3367 EXPECT_EQ(result_str, config.host);
3368 dns.clearQueries();
3369 }
3370}
3371
3372TEST_F(ResolverTest, GetNameInfo_ReverseDns64Query) {
3373 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08003374 constexpr char dns64_name[] = "ipv4only.arpa.";
3375 constexpr char ptr_name[] = "v4only.example.com.";
3376 // PTR record for IPv4 address 1.2.3.4
3377 constexpr char ptr_addr_v4[] = "4.3.2.1.in-addr.arpa.";
3378 // PTR record for IPv6 address 64:ff9b::1.2.3.4
3379 constexpr char ptr_addr_v6_nomapping[] =
3380 "4.0.3.0.2.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa.";
3381 constexpr char ptr_name_v6_synthesis[] = "v6synthesis.example.com.";
3382 // PTR record for IPv6 address 64:ff9b::5.6.7.8
3383 constexpr char ptr_addr_v6_synthesis[] =
3384 "8.0.7.0.6.0.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa.";
Xiao Ma09b71022018-12-11 17:56:32 +09003385 const std::vector<DnsRecord> records = {
3386 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
3387 {ptr_addr_v4, ns_type::ns_t_ptr, ptr_name},
3388 {ptr_addr_v6_synthesis, ns_type::ns_t_ptr, ptr_name_v6_synthesis},
3389 };
nuccachena26cc2a2018-07-17 18:07:23 +08003390
Xiao Ma09b71022018-12-11 17:56:32 +09003391 test::DNSResponder dns(listen_addr);
3392 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08003393 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003394 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003395
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003396 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003397 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003398 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003399
Luke Huangf8215372019-11-22 11:53:41 +08003400 // clang-format off
nuccachena26cc2a2018-07-17 18:07:23 +08003401 static const struct TestConfig {
3402 bool hasSynthesizedPtrRecord;
3403 int flag;
3404 std::string addr;
3405 std::string host;
3406
3407 std::string asParameters() const {
3408 return StringPrintf("hasSynthesizedPtrRecord=%d, flag=%d, addr=%s, host=%s",
3409 hasSynthesizedPtrRecord, flag, addr.c_str(), host.c_str());
3410 }
3411 } testConfigs[]{
3412 {false, NI_NAMEREQD, "64:ff9b::102:304", "v4only.example.com"},
3413 {false, NI_NUMERICHOST, "64:ff9b::102:304", "64:ff9b::102:304"},
3414 {false, 0, "64:ff9b::102:304", "v4only.example.com"},
3415 {true, NI_NAMEREQD, "64:ff9b::506:708", "v6synthesis.example.com"},
3416 {true, NI_NUMERICHOST, "64:ff9b::506:708", "64:ff9b::506:708"},
3417 {true, 0, "64:ff9b::506:708", "v6synthesis.example.com"}
3418 };
Luke Huangf8215372019-11-22 11:53:41 +08003419 // clang-format on
nuccachena26cc2a2018-07-17 18:07:23 +08003420
3421 // hasSynthesizedPtrRecord = false
3422 // Synthesized PTR record doesn't exist on DNS server
3423 // Reverse IPv6 DNS64 query while DNS server doesn't have an answer for synthesized address.
3424 // After querying synthesized address failed, expect that prefix is removed from IPv6
3425 // synthesized address and do reverse IPv4 query instead.
3426 //
3427 // hasSynthesizedPtrRecord = true
3428 // Synthesized PTR record exists on DNS server
3429 // Reverse IPv6 DNS64 query while DNS server has an answer for synthesized address.
3430 // Expect to just pass through synthesized address for DNS queries.
3431 for (const auto& config : testConfigs) {
3432 SCOPED_TRACE(config.asParameters());
3433
3434 char host[NI_MAXHOST];
3435 struct sockaddr_in6 sin6;
3436 memset(&sin6, 0, sizeof(sin6));
3437 sin6.sin6_family = AF_INET6;
3438 inet_pton(AF_INET6, config.addr.c_str(), &sin6.sin6_addr);
Luke Huangf8215372019-11-22 11:53:41 +08003439 int rv = getnameinfo((const struct sockaddr*)&sin6, sizeof(sin6), host, sizeof(host),
nuccachena26cc2a2018-07-17 18:07:23 +08003440 nullptr, 0, config.flag);
3441 ASSERT_EQ(0, rv);
3442 if (config.flag == NI_NAMEREQD) {
3443 if (config.hasSynthesizedPtrRecord) {
3444 EXPECT_LE(1U, GetNumQueries(dns, ptr_addr_v6_synthesis));
3445 } else {
3446 EXPECT_LE(1U, GetNumQueries(dns, ptr_addr_v6_nomapping)); // PTR record not exist.
3447 EXPECT_LE(1U, GetNumQueries(dns, ptr_addr_v4)); // PTR record exist.
3448 }
3449 }
3450 std::string result_str = host;
3451 EXPECT_EQ(result_str, config.host);
3452 dns.clearQueries();
3453 }
3454}
3455
3456TEST_F(ResolverTest, GetNameInfo_ReverseDns64QueryFromHostFile) {
3457 constexpr char dns64_name[] = "ipv4only.arpa.";
3458 constexpr char host_name[] = "localhost";
3459 // The address is synthesized by prefix64:localhost.
3460 constexpr char host_addr[] = "64:ff9b::7f00:1";
nuccachena26cc2a2018-07-17 18:07:23 +08003461 constexpr char listen_addr[] = "::1";
Xiao Ma09b71022018-12-11 17:56:32 +09003462
3463 test::DNSResponder dns(listen_addr);
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09003464
Xiao Ma09b71022018-12-11 17:56:32 +09003465 StartDns(dns, {{dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"}});
nuccachena26cc2a2018-07-17 18:07:23 +08003466 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003467 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003468
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003469 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003470 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003471 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003472
3473 // Using synthesized "localhost" address to be a trick for resolving host name
3474 // from host file /etc/hosts and "localhost" is the only name in /etc/hosts. Note that this is
3475 // not realistic: the code never synthesizes AAAA records for addresses in 127.0.0.0/8.
3476 char host[NI_MAXHOST];
Xiao Ma09b71022018-12-11 17:56:32 +09003477 struct sockaddr_in6 sin6 = {.sin6_family = AF_INET6};
nuccachena26cc2a2018-07-17 18:07:23 +08003478 inet_pton(AF_INET6, host_addr, &sin6.sin6_addr);
Luke Huangf8215372019-11-22 11:53:41 +08003479 int rv = getnameinfo((const struct sockaddr*)&sin6, sizeof(sin6), host, sizeof(host), nullptr,
nuccachena26cc2a2018-07-17 18:07:23 +08003480 0, NI_NAMEREQD);
3481 ASSERT_EQ(0, rv);
3482 // Expect no DNS queries; localhost is resolved via /etc/hosts.
3483 EXPECT_EQ(0U, GetNumQueries(dns, host_name));
3484
3485 std::string result_str = host;
3486 EXPECT_EQ(result_str, host_name);
3487}
3488
Hungming Chen9e6185a2019-06-04 16:09:19 +08003489TEST_F(ResolverTest, GetNameInfo_cnamesClasslessReverseDelegation) {
3490 // IPv4 addresses in the subnet with notation '/' or '-'.
3491 constexpr char addr_slash[] = "192.0.2.1";
3492 constexpr char addr_hyphen[] = "192.0.3.1";
3493
3494 // Used to verify DNS reverse query for classless reverse lookup zone. See detail in RFC 2317
3495 // section 4.
3496 const static std::vector<DnsRecord> records = {
3497 // The records for reverse querying "192.0.2.1" in the subnet with notation '/'.
3498 {"1.2.0.192.in-addr.arpa.", ns_type::ns_t_cname, "1.0/25.2.0.192.in-addr.arpa."},
3499 {"1.0/25.2.0.192.in-addr.arpa.", ns_type::ns_t_ptr, kHelloExampleCom},
3500
3501 // The records for reverse querying "192.0.3.1" in the subnet with notation '-'.
3502 {"1.3.0.192.in-addr.arpa.", ns_type::ns_t_cname, "1.0-127.3.0.192.in-addr.arpa."},
3503 {"1.0-127.3.0.192.in-addr.arpa.", ns_type::ns_t_ptr, kHelloExampleCom},
3504 };
3505
3506 test::DNSResponder dns;
3507 StartDns(dns, records);
3508 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
3509
3510 for (const auto& address : {addr_slash, addr_hyphen}) {
3511 SCOPED_TRACE(address);
3512
3513 char host[NI_MAXHOST];
3514 sockaddr_in sin = {.sin_family = AF_INET};
3515 ASSERT_TRUE(inet_pton(AF_INET, address, &sin.sin_addr));
3516 int rv = getnameinfo((const sockaddr*)&sin, sizeof(sin), host, sizeof(host), nullptr, 0,
3517 NI_NAMEREQD);
3518 ASSERT_EQ(0, rv);
3519 EXPECT_STREQ("hello.example.com", host);
3520 }
3521}
3522
nuccachena26cc2a2018-07-17 18:07:23 +08003523TEST_F(ResolverTest, GetHostByName2_Dns64Synthesize) {
Xiao Ma09b71022018-12-11 17:56:32 +09003524 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08003525 constexpr char dns64_name[] = "ipv4only.arpa.";
3526 constexpr char host_name[] = "ipv4only.example.com.";
Xiao Ma09b71022018-12-11 17:56:32 +09003527 const std::vector<DnsRecord> records = {
3528 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
3529 {host_name, ns_type::ns_t_a, "1.2.3.4"},
3530 };
nuccachena26cc2a2018-07-17 18:07:23 +08003531
Xiao Ma09b71022018-12-11 17:56:32 +09003532 test::DNSResponder dns(listen_addr);
3533 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08003534 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003535 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003536
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003537 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003538 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003539 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003540
3541 // Query an IPv4-only hostname. Expect that gets a synthesized address.
3542 struct hostent* result = gethostbyname2("ipv4only", AF_INET6);
3543 ASSERT_TRUE(result != nullptr);
3544 EXPECT_LE(1U, GetNumQueries(dns, host_name));
3545 std::string result_str = ToString(result);
3546 EXPECT_EQ(result_str, "64:ff9b::102:304");
3547}
nuccachena26cc2a2018-07-17 18:07:23 +08003548
3549TEST_F(ResolverTest, GetHostByName2_DnsQueryWithHavingNat64Prefix) {
3550 constexpr char dns64_name[] = "ipv4only.arpa.";
3551 constexpr char host_name[] = "v4v6.example.com.";
nuccachena26cc2a2018-07-17 18:07:23 +08003552 constexpr char listen_addr[] = "::1";
Xiao Ma09b71022018-12-11 17:56:32 +09003553 const std::vector<DnsRecord> records = {
3554 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
3555 {host_name, ns_type::ns_t_a, "1.2.3.4"},
3556 {host_name, ns_type::ns_t_aaaa, "2001:db8::1.2.3.4"},
3557 };
3558
3559 test::DNSResponder dns(listen_addr);
3560 StartDns(dns, records);
nuccachena26cc2a2018-07-17 18:07:23 +08003561 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003562 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003563
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003564 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003565 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003566 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003567
3568 // IPv4 DNS query. Prefix should have no effect on it.
3569 struct hostent* result = gethostbyname2("v4v6", AF_INET);
3570 ASSERT_TRUE(result != nullptr);
3571 EXPECT_LE(1U, GetNumQueries(dns, host_name));
3572 std::string result_str = ToString(result);
3573 EXPECT_EQ(result_str, "1.2.3.4");
3574 dns.clearQueries();
3575
3576 // IPv6 DNS query. Prefix should have no effect on it.
3577 result = gethostbyname2("v4v6", AF_INET6);
3578 ASSERT_TRUE(result != nullptr);
3579 EXPECT_LE(1U, GetNumQueries(dns, host_name));
3580 result_str = ToString(result);
3581 EXPECT_EQ(result_str, "2001:db8::102:304");
3582}
3583
3584TEST_F(ResolverTest, GetHostByName2_Dns64QuerySpecialUseIPv4Addresses) {
3585 constexpr char THIS_NETWORK[] = "this_network";
3586 constexpr char LOOPBACK[] = "loopback";
3587 constexpr char LINK_LOCAL[] = "link_local";
3588 constexpr char MULTICAST[] = "multicast";
3589 constexpr char LIMITED_BROADCAST[] = "limited_broadcast";
3590
3591 constexpr char ADDR_THIS_NETWORK[] = "0.0.0.1";
3592 constexpr char ADDR_LOOPBACK[] = "127.0.0.1";
3593 constexpr char ADDR_LINK_LOCAL[] = "169.254.0.1";
3594 constexpr char ADDR_MULTICAST[] = "224.0.0.1";
3595 constexpr char ADDR_LIMITED_BROADCAST[] = "255.255.255.255";
3596
3597 constexpr char listen_addr[] = "::1";
nuccachena26cc2a2018-07-17 18:07:23 +08003598 constexpr char dns64_name[] = "ipv4only.arpa.";
3599
Xiao Ma09b71022018-12-11 17:56:32 +09003600 test::DNSResponder dns(listen_addr);
3601 StartDns(dns, {{dns64_name, ns_type::ns_t_aaaa, "64:ff9b::"}});
nuccachena26cc2a2018-07-17 18:07:23 +08003602 const std::vector<std::string> servers = {listen_addr};
Xiao Ma09b71022018-12-11 17:56:32 +09003603 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
nuccachena26cc2a2018-07-17 18:07:23 +08003604
Lorenzo Colittid39345c2019-02-18 10:59:29 +09003605 // Start NAT64 prefix discovery and wait for it to complete.
Luke Huang5bd827c2019-03-14 16:10:04 +08003606 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003607 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
nuccachena26cc2a2018-07-17 18:07:23 +08003608
Luke Huangf8215372019-11-22 11:53:41 +08003609 // clang-format off
nuccachena26cc2a2018-07-17 18:07:23 +08003610 static const struct TestConfig {
3611 std::string name;
3612 std::string addr;
3613
3614 std::string asHostName() const {
Luke Huangf8215372019-11-22 11:53:41 +08003615 return StringPrintf("%s.example.com.", name.c_str());
nuccachena26cc2a2018-07-17 18:07:23 +08003616 }
3617 } testConfigs[]{
3618 {THIS_NETWORK, ADDR_THIS_NETWORK},
3619 {LOOPBACK, ADDR_LOOPBACK},
3620 {LINK_LOCAL, ADDR_LINK_LOCAL},
3621 {MULTICAST, ADDR_MULTICAST},
3622 {LIMITED_BROADCAST, ADDR_LIMITED_BROADCAST}
3623 };
Luke Huangf8215372019-11-22 11:53:41 +08003624 // clang-format on
nuccachena26cc2a2018-07-17 18:07:23 +08003625
3626 for (const auto& config : testConfigs) {
3627 const std::string testHostName = config.asHostName();
3628 SCOPED_TRACE(testHostName);
3629
3630 const char* host_name = testHostName.c_str();
3631 dns.addMapping(host_name, ns_type::ns_t_a, config.addr.c_str());
3632
3633 struct hostent* result = gethostbyname2(config.name.c_str(), AF_INET6);
3634 EXPECT_LE(1U, GetNumQueries(dns, host_name));
3635
3636 // In AF_INET6 case, don't synthesize special use IPv4 address.
3637 // Expect to have no answer
3638 EXPECT_EQ(nullptr, result);
3639
3640 dns.clearQueries();
3641 }
Bernie Innocenti2fef2b82018-12-20 15:56:40 +09003642}
Mike Yuf14e1a92019-05-10 13:54:58 +08003643
3644TEST_F(ResolverTest, PrefixDiscoveryBypassTls) {
3645 constexpr char listen_addr[] = "::1";
3646 constexpr char cleartext_port[] = "53";
3647 constexpr char tls_port[] = "853";
3648 constexpr char dns64_name[] = "ipv4only.arpa.";
3649 const std::vector<std::string> servers = {listen_addr};
3650
3651 test::DNSResponder dns(listen_addr);
3652 StartDns(dns, {{dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"}});
3653 test::DnsTlsFrontend tls(listen_addr, tls_port, listen_addr, cleartext_port);
3654 ASSERT_TRUE(tls.startServer());
3655
3656 // Setup OPPORTUNISTIC mode and wait for the validation complete.
waynema0e73c2e2019-07-31 15:04:08 +08003657 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams, ""));
Mike Yu724f77d2019-08-16 11:14:50 +08003658 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09003659 EXPECT_TRUE(tls.waitForQueries(1));
Mike Yuf14e1a92019-05-10 13:54:58 +08003660 tls.clearQueries();
3661
3662 // Start NAT64 prefix discovery and wait for it complete.
3663 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003664 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
Mike Yuf14e1a92019-05-10 13:54:58 +08003665
3666 // Verify it bypassed TLS even though there's a TLS server available.
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09003667 EXPECT_EQ(0, tls.queries()) << dns.dumpQueries();
3668 EXPECT_EQ(1U, GetNumQueries(dns, dns64_name)) << dns.dumpQueries();
Mike Yuf14e1a92019-05-10 13:54:58 +08003669
3670 // Restart the testing network to reset the cache.
3671 mDnsClient.TearDown();
3672 mDnsClient.SetUp();
3673 dns.clearQueries();
3674
3675 // Setup STRICT mode and wait for the validation complete.
waynema0e73c2e2019-07-31 15:04:08 +08003676 ASSERT_TRUE(mDnsClient.SetResolversWithTls(servers, kDefaultSearchDomains, kDefaultParams,
3677 kDefaultPrivateDnsHostName));
Mike Yu724f77d2019-08-16 11:14:50 +08003678 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09003679 EXPECT_TRUE(tls.waitForQueries(1));
Mike Yuf14e1a92019-05-10 13:54:58 +08003680 tls.clearQueries();
3681
3682 // Start NAT64 prefix discovery and wait for it to complete.
3683 EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
Hungming Chene8f970c2019-04-10 17:34:06 +08003684 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
Mike Yuf14e1a92019-05-10 13:54:58 +08003685
3686 // Verify it bypassed TLS despite STRICT mode.
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09003687 EXPECT_EQ(0, tls.queries()) << dns.dumpQueries();
3688 EXPECT_EQ(1U, GetNumQueries(dns, dns64_name)) << dns.dumpQueries();
Mike Yuf14e1a92019-05-10 13:54:58 +08003689}
Luke Huang9807e6b2019-05-20 16:17:12 +08003690
Lorenzo Colitti346737c2020-05-21 13:56:22 +00003691TEST_F(ResolverTest, SetAndClearNat64Prefix) {
3692 constexpr char host_name[] = "v4.example.com.";
3693 constexpr char listen_addr[] = "::1";
3694 const std::vector<DnsRecord> records = {
3695 {host_name, ns_type::ns_t_a, "1.2.3.4"},
3696 };
3697 const std::string kNat64Prefix1 = "64:ff9b::/96";
3698 const std::string kNat64Prefix2 = "2001:db8:6464::/96";
3699
3700 test::DNSResponder dns(listen_addr);
3701 StartDns(dns, records);
3702 const std::vector<std::string> servers = {listen_addr};
3703 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
3704
3705 auto resolvService = mDnsClient.resolvService();
3706 addrinfo hints = {.ai_family = AF_INET6};
3707
3708 // No NAT64 prefix, no AAAA record.
3709 ScopedAddrinfo result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3710 ASSERT_TRUE(result == nullptr);
3711
3712 // Set the prefix, and expect to get a synthesized AAAA record.
3713 EXPECT_TRUE(resolvService->setPrefix64(TEST_NETID, kNat64Prefix2).isOk());
3714 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3715 ASSERT_FALSE(result == nullptr);
3716 EXPECT_EQ("2001:db8:6464::102:304", ToString(result));
3717
3718 // Update the prefix, expect to see AAAA records from the new prefix.
3719 EXPECT_TRUE(resolvService->setPrefix64(TEST_NETID, kNat64Prefix1).isOk());
3720 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3721 ASSERT_FALSE(result == nullptr);
3722 EXPECT_EQ("64:ff9b::102:304", ToString(result));
3723
3724 // Non-/96 prefixes are ignored.
3725 auto status = resolvService->setPrefix64(TEST_NETID, "64:ff9b::/64");
3726 EXPECT_FALSE(status.isOk());
3727 EXPECT_EQ(EX_SERVICE_SPECIFIC, status.getExceptionCode());
3728 EXPECT_EQ(EINVAL, status.getServiceSpecificError());
3729
3730 // Invalid prefixes are ignored.
3731 status = resolvService->setPrefix64(TEST_NETID, "192.0.2.0/24");
3732 EXPECT_FALSE(status.isOk());
3733 EXPECT_EQ(EX_SERVICE_SPECIFIC, status.getExceptionCode());
3734 EXPECT_EQ(EINVAL, status.getServiceSpecificError());
3735
3736 status = resolvService->setPrefix64(TEST_NETID, "192.0.2.1");
3737 EXPECT_FALSE(status.isOk());
3738 EXPECT_EQ(EX_SERVICE_SPECIFIC, status.getExceptionCode());
3739 EXPECT_EQ(EINVAL, status.getServiceSpecificError());
3740
3741 status = resolvService->setPrefix64(TEST_NETID, "hello");
3742 EXPECT_FALSE(status.isOk());
3743 EXPECT_EQ(EX_SERVICE_SPECIFIC, status.getExceptionCode());
3744 EXPECT_EQ(EINVAL, status.getServiceSpecificError());
3745
3746 // DNS64 synthesis is still working.
3747 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3748 ASSERT_FALSE(result == nullptr);
3749 EXPECT_EQ("64:ff9b::102:304", ToString(result));
3750
3751 // Clear the prefix. No AAAA records any more.
3752 EXPECT_TRUE(resolvService->setPrefix64(TEST_NETID, "").isOk());
3753 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3754 EXPECT_TRUE(result == nullptr);
3755
3756 // Calling startPrefix64Discovery clears the prefix.
3757 EXPECT_TRUE(resolvService->setPrefix64(TEST_NETID, kNat64Prefix1).isOk());
3758 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3759 ASSERT_FALSE(result == nullptr);
3760 EXPECT_EQ("64:ff9b::102:304", ToString(result));
3761
3762 EXPECT_TRUE(resolvService->startPrefix64Discovery(TEST_NETID).isOk());
3763 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3764 ASSERT_TRUE(result == nullptr);
3765
3766 // setPrefix64 fails if prefix discovery is started, even if no prefix is yet discovered...
3767 status = resolvService->setPrefix64(TEST_NETID, kNat64Prefix1);
3768 EXPECT_FALSE(status.isOk());
3769 EXPECT_EQ(EX_SERVICE_SPECIFIC, status.getExceptionCode());
3770 EXPECT_EQ(EEXIST, status.getServiceSpecificError());
3771
3772 // .. and clearing the prefix also has no effect.
3773 status = resolvService->setPrefix64(TEST_NETID, "");
3774 EXPECT_FALSE(status.isOk());
3775 EXPECT_EQ(EX_SERVICE_SPECIFIC, status.getExceptionCode());
3776 EXPECT_EQ(ENOENT, status.getServiceSpecificError());
3777
3778 // setPrefix64 succeeds again when prefix discovery is stopped.
3779 EXPECT_TRUE(resolvService->stopPrefix64Discovery(TEST_NETID).isOk());
3780 EXPECT_TRUE(resolvService->setPrefix64(TEST_NETID, kNat64Prefix1).isOk());
3781 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3782 ASSERT_FALSE(result == nullptr);
3783 EXPECT_EQ("64:ff9b::102:304", ToString(result));
3784
3785 // Calling stopPrefix64Discovery clears the prefix.
3786 EXPECT_TRUE(resolvService->stopPrefix64Discovery(TEST_NETID).isOk());
3787 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3788 ASSERT_TRUE(result == nullptr);
3789
3790 // Set up NAT64 prefix discovery.
3791 constexpr char dns64_name[] = "ipv4only.arpa.";
3792 const std::vector<DnsRecord> newRecords = {
3793 {host_name, ns_type::ns_t_a, "1.2.3.4"},
3794 {dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"},
3795 };
3796 dns.stopServer();
3797 StartDns(dns, newRecords);
3798
3799 EXPECT_TRUE(resolvService->startPrefix64Discovery(TEST_NETID).isOk());
3800 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
3801 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3802 ASSERT_FALSE(result == nullptr);
3803 EXPECT_EQ("64:ff9b::102:304", ToString(result));
3804
3805 // setPrefix64 fails if NAT64 prefix discovery has succeeded, and the discovered prefix
3806 // continues to be used.
3807 status = resolvService->setPrefix64(TEST_NETID, kNat64Prefix2);
3808 EXPECT_FALSE(status.isOk());
3809 EXPECT_EQ(EX_SERVICE_SPECIFIC, status.getExceptionCode());
3810 EXPECT_EQ(EEXIST, status.getServiceSpecificError());
3811
3812 // Clearing the prefix also has no effect if discovery is started.
3813 status = resolvService->setPrefix64(TEST_NETID, "");
3814 EXPECT_FALSE(status.isOk());
3815 EXPECT_EQ(EX_SERVICE_SPECIFIC, status.getExceptionCode());
3816 EXPECT_EQ(ENOENT, status.getServiceSpecificError());
3817
3818 result = safe_getaddrinfo("v4.example.com", nullptr, &hints);
3819 ASSERT_FALSE(result == nullptr);
3820 EXPECT_EQ("64:ff9b::102:304", ToString(result));
3821
3822 EXPECT_TRUE(resolvService->stopPrefix64Discovery(TEST_NETID).isOk());
3823 EXPECT_TRUE(WaitForNat64Prefix(EXPECT_NOT_FOUND));
Lorenzo Colitti5be8bf22020-05-26 10:55:21 +00003824
3825 EXPECT_EQ(0, sDnsMetricsListener->getUnexpectedNat64PrefixUpdates());
Lorenzo Colitti346737c2020-05-21 13:56:22 +00003826}
3827
Luke Huang9807e6b2019-05-20 16:17:12 +08003828namespace {
3829
Luke Huang0d592bc2019-05-25 18:24:03 +08003830class ScopedSetNetworkForProcess {
3831 public:
3832 explicit ScopedSetNetworkForProcess(unsigned netId) {
3833 mStoredNetId = getNetworkForProcess();
3834 if (netId == mStoredNetId) return;
3835 EXPECT_EQ(0, setNetworkForProcess(netId));
3836 }
3837 ~ScopedSetNetworkForProcess() { EXPECT_EQ(0, setNetworkForProcess(mStoredNetId)); }
3838
3839 private:
3840 unsigned mStoredNetId;
3841};
3842
3843class ScopedSetNetworkForResolv {
3844 public:
3845 explicit ScopedSetNetworkForResolv(unsigned netId) { EXPECT_EQ(0, setNetworkForResolv(netId)); }
3846 ~ScopedSetNetworkForResolv() { EXPECT_EQ(0, setNetworkForResolv(NETID_UNSET)); }
3847};
3848
Luke Huang9807e6b2019-05-20 16:17:12 +08003849void sendCommand(int fd, const std::string& cmd) {
3850 ssize_t rc = TEMP_FAILURE_RETRY(write(fd, cmd.c_str(), cmd.size() + 1));
3851 EXPECT_EQ(rc, static_cast<ssize_t>(cmd.size() + 1));
3852}
3853
3854int32_t readBE32(int fd) {
3855 int32_t tmp;
3856 int n = TEMP_FAILURE_RETRY(read(fd, &tmp, sizeof(tmp)));
3857 EXPECT_TRUE(n > 0);
3858 return ntohl(tmp);
3859}
3860
Luke Huang0d592bc2019-05-25 18:24:03 +08003861int readResponseCode(int fd) {
Luke Huang9807e6b2019-05-20 16:17:12 +08003862 char buf[4];
3863 int n = TEMP_FAILURE_RETRY(read(fd, &buf, sizeof(buf)));
3864 EXPECT_TRUE(n > 0);
3865 // The format of response code is that 4 bytes for the code & null.
3866 buf[3] = '\0';
3867 int result;
3868 EXPECT_TRUE(ParseInt(buf, &result));
3869 return result;
3870}
3871
Luke Huang0d592bc2019-05-25 18:24:03 +08003872bool checkAndClearUseLocalNameserversFlag(unsigned* netid) {
3873 if (netid == nullptr || ((*netid) & NETID_USE_LOCAL_NAMESERVERS) == 0) {
3874 return false;
3875 }
3876 *netid = (*netid) & ~NETID_USE_LOCAL_NAMESERVERS;
3877 return true;
3878}
3879
Luke Huangf8215372019-11-22 11:53:41 +08003880aidl::android::net::UidRangeParcel makeUidRangeParcel(int start, int stop) {
3881 aidl::android::net::UidRangeParcel res;
Luke Huang0d592bc2019-05-25 18:24:03 +08003882 res.start = start;
3883 res.stop = stop;
3884
3885 return res;
3886}
3887
3888void expectNetIdWithLocalNameserversFlag(unsigned netId) {
3889 unsigned dnsNetId = 0;
3890 EXPECT_EQ(0, getNetworkForDns(&dnsNetId));
3891 EXPECT_TRUE(checkAndClearUseLocalNameserversFlag(&dnsNetId));
3892 EXPECT_EQ(netId, static_cast<unsigned>(dnsNetId));
3893}
3894
3895void expectDnsNetIdEquals(unsigned netId) {
3896 unsigned dnsNetId = 0;
3897 EXPECT_EQ(0, getNetworkForDns(&dnsNetId));
3898 EXPECT_EQ(netId, static_cast<unsigned>(dnsNetId));
3899}
3900
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +09003901void expectDnsNetIdIsDefaultNetwork(INetd* netdService) {
Luke Huang0d592bc2019-05-25 18:24:03 +08003902 int currentNetid;
3903 EXPECT_TRUE(netdService->networkGetDefault(&currentNetid).isOk());
3904 expectDnsNetIdEquals(currentNetid);
3905}
3906
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +09003907void expectDnsNetIdWithVpn(INetd* netdService, unsigned vpnNetId, unsigned expectedNetId) {
Luke Huang0d592bc2019-05-25 18:24:03 +08003908 EXPECT_TRUE(netdService->networkCreateVpn(vpnNetId, false /* secure */).isOk());
3909 uid_t uid = getuid();
3910 // Add uid to VPN
3911 EXPECT_TRUE(netdService->networkAddUidRanges(vpnNetId, {makeUidRangeParcel(uid, uid)}).isOk());
3912 expectDnsNetIdEquals(expectedNetId);
3913 EXPECT_TRUE(netdService->networkDestroy(vpnNetId).isOk());
3914}
3915
Luke Huang9807e6b2019-05-20 16:17:12 +08003916} // namespace
3917
3918TEST_F(ResolverTest, getDnsNetId) {
3919 // We've called setNetworkForProcess in SetupOemNetwork, so reset to default first.
3920 setNetworkForProcess(NETID_UNSET);
Luke Huang0d592bc2019-05-25 18:24:03 +08003921
3922 expectDnsNetIdIsDefaultNetwork(mDnsClient.netdService());
3923 expectDnsNetIdWithVpn(mDnsClient.netdService(), TEST_VPN_NETID, TEST_VPN_NETID);
Luke Huang9807e6b2019-05-20 16:17:12 +08003924
3925 // Test with setNetworkForProcess
Luke Huang0d592bc2019-05-25 18:24:03 +08003926 {
3927 ScopedSetNetworkForProcess scopedSetNetworkForProcess(TEST_NETID);
3928 expectDnsNetIdEquals(TEST_NETID);
3929 }
3930
3931 // Test with setNetworkForProcess with NETID_USE_LOCAL_NAMESERVERS
3932 {
3933 ScopedSetNetworkForProcess scopedSetNetworkForProcess(TEST_NETID |
3934 NETID_USE_LOCAL_NAMESERVERS);
3935 expectNetIdWithLocalNameserversFlag(TEST_NETID);
3936 }
Luke Huang9807e6b2019-05-20 16:17:12 +08003937
3938 // Test with setNetworkForResolv
Luke Huang0d592bc2019-05-25 18:24:03 +08003939 {
3940 ScopedSetNetworkForResolv scopedSetNetworkForResolv(TEST_NETID);
3941 expectDnsNetIdEquals(TEST_NETID);
3942 }
3943
3944 // Test with setNetworkForResolv with NETID_USE_LOCAL_NAMESERVERS
3945 {
3946 ScopedSetNetworkForResolv scopedSetNetworkForResolv(TEST_NETID |
3947 NETID_USE_LOCAL_NAMESERVERS);
3948 expectNetIdWithLocalNameserversFlag(TEST_NETID);
3949 }
3950
3951 // Test with setNetworkForResolv under bypassable vpn
3952 {
3953 ScopedSetNetworkForResolv scopedSetNetworkForResolv(TEST_NETID);
3954 expectDnsNetIdWithVpn(mDnsClient.netdService(), TEST_VPN_NETID, TEST_NETID);
3955 }
Luke Huang9807e6b2019-05-20 16:17:12 +08003956
3957 // Create socket connected to DnsProxyListener
3958 int fd = dns_open_proxy();
3959 EXPECT_TRUE(fd > 0);
3960 unique_fd ufd(fd);
3961
3962 // Test command with wrong netId
3963 sendCommand(fd, "getdnsnetid abc");
Luke Huang0d592bc2019-05-25 18:24:03 +08003964 EXPECT_EQ(ResponseCode::DnsProxyQueryResult, readResponseCode(fd));
Luke Huang9807e6b2019-05-20 16:17:12 +08003965 EXPECT_EQ(-EINVAL, readBE32(fd));
3966
3967 // Test unsupported command
3968 sendCommand(fd, "getdnsnetidNotSupported");
3969 // Keep in sync with FrameworkListener.cpp (500, "Command not recognized")
Luke Huang0d592bc2019-05-25 18:24:03 +08003970 EXPECT_EQ(500, readResponseCode(fd));
Luke Huang9807e6b2019-05-20 16:17:12 +08003971}
Sehee Park2c118782019-05-07 13:02:45 +09003972
3973TEST_F(ResolverTest, BlockDnsQueryWithUidRule) {
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +09003974 // This test relies on blocking traffic on loopback, which xt_qtaguid does not do.
3975 // See aosp/358413 and b/34444781 for why.
3976 SKIP_IF_BPF_NOT_SUPPORTED;
3977
Sehee Park2c118782019-05-07 13:02:45 +09003978 constexpr char listen_addr1[] = "127.0.0.4";
3979 constexpr char listen_addr2[] = "::1";
3980 constexpr char host_name[] = "howdy.example.com.";
3981 const std::vector<DnsRecord> records = {
3982 {host_name, ns_type::ns_t_a, "1.2.3.4"},
3983 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
3984 };
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +09003985 INetd* netdService = mDnsClient.netdService();
Sehee Park2c118782019-05-07 13:02:45 +09003986
3987 test::DNSResponder dns1(listen_addr1);
3988 test::DNSResponder dns2(listen_addr2);
3989 StartDns(dns1, records);
3990 StartDns(dns2, records);
3991
3992 std::vector<std::string> servers = {listen_addr1, listen_addr2};
3993 ASSERT_TRUE(mDnsClient.SetResolversForNetwork(servers));
3994 dns1.clearQueries();
3995 dns2.clearQueries();
3996
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +09003997 // Add drop rule for TEST_UID. Also enable the standby chain because it might not be enabled.
3998 // Unfortunately we cannot use FIREWALL_CHAIN_NONE, or custom iptables rules, for this purpose
3999 // because netd calls fchown() on the DNS query sockets, and "iptables -m owner" matches the
4000 // UID of the socket creator, not the UID set by fchown().
4001 //
4002 // TODO: migrate FIREWALL_CHAIN_NONE to eBPF as well.
4003 EXPECT_TRUE(netdService->firewallEnableChildChain(INetd::FIREWALL_CHAIN_STANDBY, true).isOk());
4004 EXPECT_TRUE(netdService
Sehee Park2c118782019-05-07 13:02:45 +09004005 ->firewallSetUidRule(INetd::FIREWALL_CHAIN_STANDBY, TEST_UID,
4006 INetd::FIREWALL_RULE_DENY)
4007 .isOk());
4008
4009 // Save uid
4010 int suid = getuid();
4011
4012 // Switch to TEST_UID
4013 EXPECT_TRUE(seteuid(TEST_UID) == 0);
4014
4015 // Dns Query
4016 int fd1 = resNetworkQuery(TEST_NETID, host_name, ns_c_in, ns_t_a, 0);
4017 int fd2 = resNetworkQuery(TEST_NETID, host_name, ns_c_in, ns_t_aaaa, 0);
4018 EXPECT_TRUE(fd1 != -1);
4019 EXPECT_TRUE(fd2 != -1);
4020
4021 uint8_t buf[MAXPACKET] = {};
4022 int rcode;
4023 int res = getAsyncResponse(fd2, &rcode, buf, MAXPACKET);
4024 EXPECT_EQ(-ECONNREFUSED, res);
4025
4026 memset(buf, 0, MAXPACKET);
4027 res = getAsyncResponse(fd1, &rcode, buf, MAXPACKET);
4028 EXPECT_EQ(-ECONNREFUSED, res);
4029
4030 // Restore uid
4031 EXPECT_TRUE(seteuid(suid) == 0);
4032
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +09004033 // Remove drop rule for TEST_UID, and disable the standby chain.
4034 EXPECT_TRUE(netdService
Sehee Park2c118782019-05-07 13:02:45 +09004035 ->firewallSetUidRule(INetd::FIREWALL_CHAIN_STANDBY, TEST_UID,
4036 INetd::FIREWALL_RULE_ALLOW)
4037 .isOk());
Lorenzo Colittieb9aeec2019-06-26 19:53:55 +09004038 EXPECT_TRUE(netdService->firewallEnableChildChain(INetd::FIREWALL_CHAIN_STANDBY, false).isOk());
Sehee Park2c118782019-05-07 13:02:45 +09004039}
Mike Yua772c202019-09-23 17:47:21 +08004040
Mike Yu40e67072019-10-09 21:14:09 +08004041namespace {
4042
4043const std::string kDotConnectTimeoutMsFlag(
4044 "persist.device_config.netd_native.dot_connect_timeout_ms");
4045
4046class ScopedSystemProperties {
4047 public:
4048 explicit ScopedSystemProperties(const std::string& key, const std::string& value)
4049 : mStoredKey(key) {
4050 mStoredValue = android::base::GetProperty(key, "");
4051 android::base::SetProperty(key, value);
4052 }
4053 ~ScopedSystemProperties() { android::base::SetProperty(mStoredKey, mStoredValue); }
4054
4055 private:
4056 std::string mStoredKey;
4057 std::string mStoredValue;
4058};
4059
4060} // namespace
4061
Mike Yua772c202019-09-23 17:47:21 +08004062TEST_F(ResolverTest, ConnectTlsServerTimeout) {
Mike Yu40e67072019-10-09 21:14:09 +08004063 constexpr int expectedTimeout = 1000;
4064 constexpr char hostname1[] = "query1.example.com.";
4065 constexpr char hostname2[] = "query2.example.com.";
Mike Yua772c202019-09-23 17:47:21 +08004066 const std::vector<DnsRecord> records = {
Mike Yu40e67072019-10-09 21:14:09 +08004067 {hostname1, ns_type::ns_t_a, "1.2.3.4"},
4068 {hostname2, ns_type::ns_t_a, "1.2.3.5"},
Mike Yua772c202019-09-23 17:47:21 +08004069 };
4070
4071 test::DNSResponder dns;
4072 StartDns(dns, records);
Mike Yu40e67072019-10-09 21:14:09 +08004073 test::DnsTlsFrontend tls;
Mike Yua772c202019-09-23 17:47:21 +08004074 ASSERT_TRUE(tls.startServer());
4075
Mike Yu40e67072019-10-09 21:14:09 +08004076 // The resolver will adjust the timeout value to 1000ms since the value is too small.
4077 ScopedSystemProperties scopedSystemProperties(kDotConnectTimeoutMsFlag, "100");
Mike Yua772c202019-09-23 17:47:21 +08004078
Mike Yu40e67072019-10-09 21:14:09 +08004079 // Set up resolver to opportunistic mode with the default configuration.
Mike Yu8ac63402019-12-02 15:28:38 +08004080 const ResolverParamsParcel parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
Mike Yu40e67072019-10-09 21:14:09 +08004081 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
Mike Yua772c202019-09-23 17:47:21 +08004082 EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09004083 EXPECT_TRUE(tls.waitForQueries(1));
Mike Yua772c202019-09-23 17:47:21 +08004084 tls.clearQueries();
Bernie Innocenti0ad80e92020-01-23 22:20:44 +09004085 dns.clearQueries();
Mike Yua772c202019-09-23 17:47:21 +08004086
4087 // The server becomes unresponsive to the handshake request.
4088 tls.setHangOnHandshakeForTesting(true);
4089
4090 // Expect the things happening in getaddrinfo():
4091 // 1. Connect to the private DNS server.
4092 // 2. SSL handshake times out.
4093 // 3. Fallback to UDP transport, and then get the answer.
Mike Yu40e67072019-10-09 21:14:09 +08004094 const addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
4095 auto [result, timeTakenMs] = safe_getaddrinfo_time_taken(hostname1, nullptr, hints);
Mike Yua772c202019-09-23 17:47:21 +08004096
Mike Yu40e67072019-10-09 21:14:09 +08004097 EXPECT_NE(nullptr, result);
Mike Yua772c202019-09-23 17:47:21 +08004098 EXPECT_EQ(0, tls.queries());
Mike Yu40e67072019-10-09 21:14:09 +08004099 EXPECT_EQ(1U, GetNumQueries(dns, hostname1));
4100 EXPECT_EQ(records.at(0).addr, ToString(result));
Mike Yua772c202019-09-23 17:47:21 +08004101
Mike Yu40e67072019-10-09 21:14:09 +08004102 // A loose upper bound is set by adding 2000ms buffer time. Theoretically, getaddrinfo()
4103 // should just take a bit more than expetTimeout milliseconds.
4104 EXPECT_GE(timeTakenMs, expectedTimeout);
4105 EXPECT_LE(timeTakenMs, expectedTimeout + 2000);
4106
4107 // Set the server to be responsive. Verify that the resolver will attempt to reconnect
4108 // to the server and then get the result within the timeout.
4109 tls.setHangOnHandshakeForTesting(false);
4110 std::tie(result, timeTakenMs) = safe_getaddrinfo_time_taken(hostname2, nullptr, hints);
4111
4112 EXPECT_NE(nullptr, result);
Luke Huang3caa42b2020-04-23 14:18:04 +00004113 EXPECT_TRUE(tls.waitForQueries(1));
Mike Yu40e67072019-10-09 21:14:09 +08004114 EXPECT_EQ(1U, GetNumQueries(dns, hostname2));
4115 EXPECT_EQ(records.at(1).addr, ToString(result));
4116
4117 EXPECT_LE(timeTakenMs, expectedTimeout);
Mike Yua772c202019-09-23 17:47:21 +08004118}
Hungming Chenbb90ab32019-10-28 18:20:31 +08004119
Ken Chen766feae2019-10-30 15:13:44 +08004120TEST_F(ResolverTest, FlushNetworkCache) {
Luke Huang0b5a76c2019-11-23 03:00:00 +08004121 SKIP_IF_REMOTE_VERSION_LESS_THAN(mDnsClient.resolvService(), 4);
Ken Chen766feae2019-10-30 15:13:44 +08004122 test::DNSResponder dns;
4123 StartDns(dns, {{kHelloExampleCom, ns_type::ns_t_a, kHelloExampleComAddrV4}});
4124 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
4125
4126 const hostent* result = gethostbyname("hello");
4127 EXPECT_EQ(1U, GetNumQueriesForType(dns, ns_type::ns_t_a, kHelloExampleCom));
4128
4129 // get result from cache
4130 result = gethostbyname("hello");
4131 EXPECT_EQ(1U, GetNumQueriesForType(dns, ns_type::ns_t_a, kHelloExampleCom));
4132
4133 EXPECT_TRUE(mDnsClient.resolvService()->flushNetworkCache(TEST_NETID).isOk());
4134
4135 result = gethostbyname("hello");
4136 EXPECT_EQ(2U, GetNumQueriesForType(dns, ns_type::ns_t_a, kHelloExampleCom));
4137}
4138
4139TEST_F(ResolverTest, FlushNetworkCache_random) {
Luke Huang0b5a76c2019-11-23 03:00:00 +08004140 SKIP_IF_REMOTE_VERSION_LESS_THAN(mDnsClient.resolvService(), 4);
Ken Chen766feae2019-10-30 15:13:44 +08004141 constexpr int num_flush = 10;
4142 constexpr int num_queries = 20;
4143 test::DNSResponder dns;
4144 StartDns(dns, {{kHelloExampleCom, ns_type::ns_t_a, kHelloExampleComAddrV4}});
4145 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
4146 const addrinfo hints = {.ai_family = AF_INET};
4147
4148 std::thread t([this]() {
4149 for (int i = 0; i < num_flush; ++i) {
4150 unsigned delay = arc4random_uniform(10 * 1000); // 10ms
4151 usleep(delay);
4152 EXPECT_TRUE(mDnsClient.resolvService()->flushNetworkCache(TEST_NETID).isOk());
4153 }
4154 });
4155
4156 for (int i = 0; i < num_queries; ++i) {
4157 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
4158 EXPECT_TRUE(result != nullptr);
4159 EXPECT_EQ(kHelloExampleComAddrV4, ToString(result));
4160 }
4161 t.join();
4162}
4163
4164// flush cache while one query is wait-for-response, another is pending.
4165TEST_F(ResolverTest, FlushNetworkCache_concurrent) {
Luke Huang0b5a76c2019-11-23 03:00:00 +08004166 SKIP_IF_REMOTE_VERSION_LESS_THAN(mDnsClient.resolvService(), 4);
Ken Chen766feae2019-10-30 15:13:44 +08004167 const char* listen_addr1 = "127.0.0.9";
4168 const char* listen_addr2 = "127.0.0.10";
4169 test::DNSResponder dns1(listen_addr1);
4170 test::DNSResponder dns2(listen_addr2);
4171 StartDns(dns1, {{kHelloExampleCom, ns_type::ns_t_a, kHelloExampleComAddrV4}});
4172 StartDns(dns2, {{kHelloExampleCom, ns_type::ns_t_a, kHelloExampleComAddrV4}});
4173 addrinfo hints = {.ai_family = AF_INET};
4174
4175 // step 1: set server#1 into deferred responding mode
4176 dns1.setDeferredResp(true);
4177 std::thread t1([&listen_addr1, &hints, this]() {
4178 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr1}));
4179 // step 3: query
4180 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
4181 // step 9: check result
4182 EXPECT_TRUE(result != nullptr);
4183 EXPECT_EQ(kHelloExampleComAddrV4, ToString(result));
4184 });
4185
4186 // step 2: wait for the query to reach the server
4187 while (GetNumQueries(dns1, kHelloExampleCom) == 0) {
4188 usleep(1000); // 1ms
4189 }
4190
4191 std::thread t2([&listen_addr2, &hints, &dns2, this]() {
4192 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr2}));
4193 // step 5: query (should be blocked in resolver)
4194 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
4195 // step 7: check result
4196 EXPECT_TRUE(result != nullptr);
4197 EXPECT_EQ(kHelloExampleComAddrV4, ToString(result));
4198 EXPECT_EQ(1U, GetNumQueriesForType(dns2, ns_type::ns_t_a, kHelloExampleCom));
4199 });
4200
4201 // step 4: wait a bit for the 2nd query to enter pending state
4202 usleep(100 * 1000); // 100ms
4203 // step 6: flush cache (will unblock pending queries)
4204 EXPECT_TRUE(mDnsClient.resolvService()->flushNetworkCache(TEST_NETID).isOk());
4205 t2.join();
4206
4207 // step 8: resume server#1
4208 dns1.setDeferredResp(false);
4209 t1.join();
4210
4211 // step 10: verify if result is correctly cached
4212 dns2.clearQueries();
4213 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
4214 EXPECT_EQ(0U, GetNumQueries(dns2, kHelloExampleCom));
4215 EXPECT_EQ(kHelloExampleComAddrV4, ToString(result));
4216}
4217
waynema29253052019-08-20 11:26:08 +08004218// TODO: Perhaps to have a boundary conditions test for TCP and UDP.
4219TEST_F(ResolverTest, TcpQueryWithOversizePayload) {
4220 test::DNSResponder dns;
4221 StartDns(dns, {{kHelloExampleCom, ns_type::ns_t_a, kHelloExampleComAddrV4}});
4222 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
4223
4224 int fd = dns_open_proxy();
4225 ASSERT_TRUE(fd > 0);
4226
4227 // Sending DNS query over TCP once the packet sizes exceed 512 bytes.
4228 // The raw data is combined with Question section and Additional section
4229 // Question section : query "hello.example.com", type A, class IN
4230 // Additional section : type OPT (41), Option PADDING, Option Length 546
4231 // Padding option which allows DNS clients and servers to artificially
4232 // increase the size of a DNS message by a variable number of bytes.
4233 // See also RFC7830, section 3
4234 const std::string query =
4235 "+c0BAAABAAAAAAABBWhlbGxvB2V4YW1wbGUDY29tAAABAAEAACkgAAAAgAACJgAMAiIAAAAAAAAAAAAAAAAAA"
4236 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
4237 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
4238 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
4239 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
4240 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
4241 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
4242 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
4243 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
4244 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
4245 const std::string cmd =
4246 "resnsend " + std::to_string(TEST_NETID) + " 0 " /* ResNsendFlags */ + query + '\0';
4247 ssize_t rc = TEMP_FAILURE_RETRY(write(fd, cmd.c_str(), cmd.size()));
4248 EXPECT_EQ(rc, static_cast<ssize_t>(cmd.size()));
4249 expectAnswersValid(fd, AF_INET, kHelloExampleComAddrV4);
4250 EXPECT_EQ(1U, GetNumQueriesForProtocol(dns, IPPROTO_TCP, kHelloExampleCom));
4251 EXPECT_EQ(0U, GetNumQueriesForProtocol(dns, IPPROTO_UDP, kHelloExampleCom));
4252}
4253
Ken Chen99344882020-01-01 14:59:38 +08004254TEST_F(ResolverTest, TruncatedRspMode) {
4255 constexpr char listen_addr[] = "127.0.0.4";
4256 constexpr char listen_addr2[] = "127.0.0.5";
4257 constexpr char listen_srv[] = "53";
4258
4259 test::DNSResponder dns(listen_addr, listen_srv, static_cast<ns_rcode>(-1));
4260 test::DNSResponder dns2(listen_addr2, listen_srv, static_cast<ns_rcode>(-1));
4261 // dns supports UDP only, dns2 support UDP and TCP
4262 dns.setResponseProbability(0.0, IPPROTO_TCP);
4263 StartDns(dns, kLargeCnameChainRecords);
4264 StartDns(dns2, kLargeCnameChainRecords);
4265
4266 const struct TestConfig {
4267 const std::optional<int32_t> tcMode;
4268 const bool ret;
4269 const unsigned numQueries;
4270 std::string asParameters() const {
4271 return StringPrintf("tcMode: %d, ret: %s, numQueries: %u", tcMode.value_or(-1),
4272 ret ? "true" : "false", numQueries);
4273 }
4274 } testConfigs[]{
4275 // clang-format off
4276 {std::nullopt, true, 0}, /* mode unset */
4277 {aidl::android::net::IDnsResolver::TC_MODE_DEFAULT, true, 0}, /* default mode */
4278 {aidl::android::net::IDnsResolver::TC_MODE_UDP_TCP, true, 1}, /* alternative mode */
4279 {-666, false, 1}, /* invalid input */
4280 // clang-format on
4281 };
4282
4283 for (const auto& config : testConfigs) {
4284 SCOPED_TRACE(config.asParameters());
4285
4286 ResolverParamsParcel parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
4287 parcel.servers = {listen_addr, listen_addr2};
4288 if (config.tcMode) {
Ken Chen05420812020-04-07 18:58:38 +00004289 parcel.resolverOptions.tcMode = config.tcMode.value();
Ken Chen99344882020-01-01 14:59:38 +08004290 }
4291 ASSERT_EQ(mDnsClient.resolvService()->setResolverConfiguration(parcel).isOk(), config.ret);
4292
4293 const addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
4294 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
4295 ASSERT_TRUE(result != nullptr);
4296 EXPECT_EQ(ToString(result), kHelloExampleComAddrV4);
4297 // TC_MODE_DEFAULT: resolver retries on TCP-only on each name server.
4298 // TC_MODE_UDP_TCP: resolver retries on TCP on the same server, falls back to UDP from next.
4299 ASSERT_EQ(GetNumQueriesForProtocol(dns, IPPROTO_UDP, kHelloExampleCom), 1U);
4300 ASSERT_EQ(GetNumQueriesForProtocol(dns, IPPROTO_TCP, kHelloExampleCom), 1U);
4301 ASSERT_EQ(GetNumQueriesForProtocol(dns2, IPPROTO_UDP, kHelloExampleCom), config.numQueries);
4302 ASSERT_EQ(GetNumQueriesForProtocol(dns2, IPPROTO_TCP, kHelloExampleCom), 1U);
4303
4304 dns.clearQueries();
4305 dns2.clearQueries();
4306 ASSERT_TRUE(mDnsClient.resolvService()->flushNetworkCache(TEST_NETID).isOk());
4307 }
4308}
4309
Mike Yuc0000252020-03-19 07:14:23 +00004310TEST_F(ResolverTest, RepeatedSetup_ResolverStatusRemains) {
4311 constexpr char unusable_listen_addr[] = "127.0.0.3";
4312 constexpr char listen_addr[] = "127.0.0.4";
4313 constexpr char hostname[] = "a.hello.query.";
4314 const auto repeatedSetResolversFromParcel = [&](const ResolverParamsParcel& parcel) {
4315 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4316 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4317 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4318 };
4319
4320 test::DNSResponder dns(listen_addr);
4321 StartDns(dns, {{hostname, ns_type::ns_t_a, "1.2.3.3"}});
4322 test::DnsTlsFrontend tls1(listen_addr, "853", listen_addr, "53");
4323 ASSERT_TRUE(tls1.startServer());
4324
4325 // Private DNS off mode.
4326 ResolverParamsParcel parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
4327 parcel.servers = {unusable_listen_addr, listen_addr};
4328 parcel.tlsServers.clear();
4329 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4330
4331 // Send a query.
4332 const addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
4333 EXPECT_NE(safe_getaddrinfo(hostname, nullptr, &hints), nullptr);
4334
4335 // Check the stats as expected.
4336 const std::vector<NameserverStats> expectedCleartextDnsStats = {
4337 NameserverStats(unusable_listen_addr).setInternalErrors(1),
4338 NameserverStats(listen_addr).setSuccesses(1),
4339 };
4340 EXPECT_TRUE(expectStatsFromGetResolverInfo(expectedCleartextDnsStats));
4341 EXPECT_EQ(GetNumQueries(dns, hostname), 1U);
4342
4343 // The stats is supposed to remain as long as the list of cleartext DNS servers is unchanged.
4344 static const struct TestConfig {
4345 std::vector<std::string> servers;
4346 std::vector<std::string> tlsServers;
4347 std::string tlsName;
4348 } testConfigs[] = {
4349 // Private DNS opportunistic mode.
4350 {{listen_addr, unusable_listen_addr}, {listen_addr, unusable_listen_addr}, ""},
4351 {{unusable_listen_addr, listen_addr}, {unusable_listen_addr, listen_addr}, ""},
4352
4353 // Private DNS strict mode.
4354 {{listen_addr, unusable_listen_addr}, {"127.0.0.100"}, kDefaultPrivateDnsHostName},
4355 {{unusable_listen_addr, listen_addr}, {"127.0.0.100"}, kDefaultPrivateDnsHostName},
4356
4357 // Private DNS off mode.
4358 {{unusable_listen_addr, listen_addr}, {}, ""},
4359 {{listen_addr, unusable_listen_addr}, {}, ""},
4360 };
4361
4362 for (const auto& config : testConfigs) {
4363 SCOPED_TRACE(fmt::format("testConfig: [{}] [{}] [{}]", fmt::join(config.servers, ","),
4364 fmt::join(config.tlsServers, ","), config.tlsName));
4365 parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
4366 parcel.servers = config.servers;
4367 parcel.tlsServers = config.tlsServers;
4368 parcel.tlsName = config.tlsName;
4369 repeatedSetResolversFromParcel(parcel);
4370 EXPECT_TRUE(expectStatsFromGetResolverInfo(expectedCleartextDnsStats));
4371
4372 // The stats remains when the list of search domains changes.
4373 parcel.domains.push_back("tmp.domains");
4374 repeatedSetResolversFromParcel(parcel);
4375 EXPECT_TRUE(expectStatsFromGetResolverInfo(expectedCleartextDnsStats));
4376
4377 // The stats remains when the parameters change (except maxSamples).
4378 parcel.sampleValiditySeconds++;
4379 parcel.successThreshold++;
4380 parcel.minSamples++;
4381 parcel.baseTimeoutMsec++;
4382 parcel.retryCount++;
4383 repeatedSetResolversFromParcel(parcel);
4384 EXPECT_TRUE(expectStatsFromGetResolverInfo(expectedCleartextDnsStats));
4385 }
4386
4387 // The cache remains.
4388 EXPECT_NE(safe_getaddrinfo(hostname, nullptr, &hints), nullptr);
4389 EXPECT_EQ(GetNumQueries(dns, hostname), 1U);
4390}
4391
4392TEST_F(ResolverTest, RepeatedSetup_NoRedundantPrivateDnsValidation) {
4393 const std::string addr1 = getUniqueIPv4Address(); // For a workable DNS server.
4394 const std::string addr2 = getUniqueIPv4Address(); // For an unresponsive DNS server.
4395 const std::string unusable_addr = getUniqueIPv4Address();
Mike Yu1ec523a2020-03-20 12:22:24 +00004396 const auto waitForPrivateDnsStateUpdated = []() {
4397 // A buffer time for the PrivateDnsConfiguration instance to update its map,
4398 // mPrivateDnsValidateThreads, which is used for tracking validation threads.
4399 // Since there is a time gap between when PrivateDnsConfiguration reports
4400 // onPrivateDnsValidationEvent and when PrivateDnsConfiguration updates the map, this is a
4401 // workaround to avoid the test starts a subsequent resolver setup during the time gap.
4402 // TODO: Report onPrivateDnsValidationEvent after all the relevant updates are complete.
4403 // Reference to b/152009023.
4404 std::this_thread::sleep_for(20ms);
4405 };
Mike Yuc0000252020-03-19 07:14:23 +00004406
4407 test::DNSResponder dns1(addr1);
4408 test::DNSResponder dns2(addr2);
4409 StartDns(dns1, {});
4410 StartDns(dns2, {});
4411 test::DnsTlsFrontend workableTls(addr1, "853", addr1, "53");
4412 test::DnsTlsFrontend unresponsiveTls(addr2, "853", addr2, "53");
4413 unresponsiveTls.setHangOnHandshakeForTesting(true);
4414 ASSERT_TRUE(workableTls.startServer());
4415 ASSERT_TRUE(unresponsiveTls.startServer());
4416
4417 // First setup.
4418 ResolverParamsParcel parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
4419 parcel.servers = {addr1, addr2, unusable_addr};
4420 parcel.tlsServers = {addr1, addr2, unusable_addr};
4421 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4422
4423 // Check the validation results.
4424 EXPECT_TRUE(WaitForPrivateDnsValidation(workableTls.listen_address(), true));
4425 EXPECT_TRUE(WaitForPrivateDnsValidation(unusable_addr, false));
4426 EXPECT_EQ(unresponsiveTls.acceptConnectionsCount(), 1); // The validation is still in progress.
4427
4428 static const struct TestConfig {
4429 std::vector<std::string> tlsServers;
4430 std::string tlsName;
4431 } testConfigs[] = {
4432 {{addr1, addr2, unusable_addr}, ""},
4433 {{unusable_addr, addr1, addr2}, ""},
4434 {{unusable_addr, addr1, addr2}, kDefaultPrivateDnsHostName},
4435 {{addr1, addr2, unusable_addr}, kDefaultPrivateDnsHostName},
4436 };
4437
4438 std::string TlsNameLastTime;
4439 for (const auto& config : testConfigs) {
4440 SCOPED_TRACE(fmt::format("testConfig: [{}] [{}]", fmt::join(config.tlsServers, ","),
4441 config.tlsName));
4442 parcel.servers = config.tlsServers;
4443 parcel.tlsServers = config.tlsServers;
4444 parcel.tlsName = config.tlsName;
4445 parcel.caCertificate = config.tlsName.empty() ? "" : kCaCert;
4446
4447 const bool dnsModeChanged = (TlsNameLastTime != config.tlsName);
Mike Yu1ec523a2020-03-20 12:22:24 +00004448
4449 waitForPrivateDnsStateUpdated();
Mike Yuc0000252020-03-19 07:14:23 +00004450 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4451
4452 for (const auto& serverAddr : parcel.tlsServers) {
4453 SCOPED_TRACE(serverAddr);
4454 if (serverAddr == workableTls.listen_address()) {
4455 if (dnsModeChanged) {
4456 // In despite of the identical IP address, the server is regarded as a different
4457 // server when DnsTlsServer.name is different. The resolver treats it as a
4458 // different object and begins the validation process.
4459 EXPECT_TRUE(WaitForPrivateDnsValidation(serverAddr, true));
4460 }
4461 } else if (serverAddr == unresponsiveTls.listen_address()) {
4462 // No revalidation needed for the server which have been marked as in_progesss.
4463 } else {
4464 // Must be unusable_addr.
4465 // In opportunistic mode, when a validation for a private DNS server fails, the
4466 // resolver just marks the server as failed and doesn't re-evaluate it, but the
4467 // server can be re-evaluated when setResolverConfiguration() is called.
4468 // However, in strict mode, the resolver automatically re-evaluates the server and
4469 // marks the server as in_progress until the validation succeeds, so repeated setup
4470 // makes no effect.
4471 if (dnsModeChanged || config.tlsName.empty() /* not in strict mode */) {
4472 EXPECT_TRUE(WaitForPrivateDnsValidation(serverAddr, false));
4473 }
4474 }
4475 }
4476
4477 // Repeated setups make no effect in strict mode.
Mike Yu1ec523a2020-03-20 12:22:24 +00004478 waitForPrivateDnsStateUpdated();
Mike Yuc0000252020-03-19 07:14:23 +00004479 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4480 if (config.tlsName.empty()) {
4481 EXPECT_TRUE(WaitForPrivateDnsValidation(unusable_addr, false));
4482 }
Mike Yu1ec523a2020-03-20 12:22:24 +00004483 waitForPrivateDnsStateUpdated();
Mike Yuc0000252020-03-19 07:14:23 +00004484 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4485 if (config.tlsName.empty()) {
4486 EXPECT_TRUE(WaitForPrivateDnsValidation(unusable_addr, false));
4487 }
4488
4489 EXPECT_EQ(unresponsiveTls.acceptConnectionsCount(), 1);
4490
4491 TlsNameLastTime = config.tlsName;
4492 }
4493
4494 // Check that all the validation results are caught.
4495 // Note: it doesn't mean no validation being in progress.
4496 EXPECT_FALSE(hasUncaughtPrivateDnsValidation(addr1));
4497 EXPECT_FALSE(hasUncaughtPrivateDnsValidation(addr2));
4498 EXPECT_FALSE(hasUncaughtPrivateDnsValidation(unusable_addr));
4499}
4500
4501TEST_F(ResolverTest, RepeatedSetup_KeepChangingPrivateDnsServers) {
4502 enum TlsServerState { WORKING, UNSUPPORTED, UNRESPONSIVE };
4503 const std::string addr1 = getUniqueIPv4Address();
4504 const std::string addr2 = getUniqueIPv4Address();
Mike Yubad95cf2020-03-26 03:19:38 +00004505 const auto waitForPrivateDnsStateUpdated = []() {
4506 // A buffer time for PrivateDnsConfiguration to update its state. It prevents this test
4507 // being flaky. See b/152009023 for the reason.
4508 std::this_thread::sleep_for(20ms);
4509 };
Mike Yuc0000252020-03-19 07:14:23 +00004510
4511 test::DNSResponder dns1(addr1);
4512 test::DNSResponder dns2(addr2);
4513 StartDns(dns1, {});
4514 StartDns(dns2, {});
4515 test::DnsTlsFrontend tls1(addr1, "853", addr1, "53");
4516 test::DnsTlsFrontend tls2(addr2, "853", addr2, "53");
4517 ASSERT_TRUE(tls1.startServer());
4518 ASSERT_TRUE(tls2.startServer());
4519
4520 static const struct TestConfig {
4521 std::string tlsServer;
4522 std::string tlsName;
4523 bool expectNothingHappenWhenServerUnsupported;
4524 bool expectNothingHappenWhenServerUnresponsive;
4525 std::string asTestName() const {
4526 return fmt::format("{}, {}, {}, {}", tlsServer, tlsName,
4527 expectNothingHappenWhenServerUnsupported,
4528 expectNothingHappenWhenServerUnresponsive);
4529 }
4530 } testConfigs[] = {
4531 {{addr1}, "", false, false},
4532 {{addr2}, "", false, false},
4533 {{addr1}, "", false, true},
4534 {{addr2}, "", false, true},
4535 {{addr1}, kDefaultPrivateDnsHostName, false, true},
4536 {{addr2}, kDefaultPrivateDnsHostName, false, true},
4537 {{addr1}, kDefaultPrivateDnsHostName, true, true},
4538 {{addr2}, kDefaultPrivateDnsHostName, true, true},
4539
4540 // There's no new validation to start because there are already two validation threads
4541 // running (one is for addr1, the other is for addr2). This is because the comparator
4542 // doesn't compare DnsTlsServer.name. Keep the design as-is until it's known to be
4543 // harmful.
4544 {{addr1}, "", true, true},
4545 {{addr2}, "", true, true},
4546 {{addr1}, "", true, true},
4547 {{addr2}, "", true, true},
4548 };
4549
4550 for (const auto& serverState : {WORKING, UNSUPPORTED, UNRESPONSIVE}) {
4551 int testIndex = 0;
4552 for (const auto& config : testConfigs) {
4553 SCOPED_TRACE(fmt::format("serverState:{} testIndex:{} testConfig:[{}]", serverState,
4554 testIndex++, config.asTestName()));
4555 auto& tls = (config.tlsServer == addr1) ? tls1 : tls2;
4556
4557 if (serverState == UNSUPPORTED && tls.running()) ASSERT_TRUE(tls.stopServer());
4558 if (serverState != UNSUPPORTED && !tls.running()) ASSERT_TRUE(tls.startServer());
4559
4560 tls.setHangOnHandshakeForTesting(serverState == UNRESPONSIVE);
4561 const int connectCountsBefore = tls.acceptConnectionsCount();
4562
Mike Yubad95cf2020-03-26 03:19:38 +00004563 waitForPrivateDnsStateUpdated();
Mike Yuc0000252020-03-19 07:14:23 +00004564 ResolverParamsParcel parcel = DnsResponderClient::GetDefaultResolverParamsParcel();
4565 parcel.servers = {config.tlsServer};
4566 parcel.tlsServers = {config.tlsServer};
4567 parcel.tlsName = config.tlsName;
4568 parcel.caCertificate = config.tlsName.empty() ? "" : kCaCert;
4569 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(parcel));
4570
4571 if (serverState == WORKING) {
4572 EXPECT_TRUE(WaitForPrivateDnsValidation(config.tlsServer, true));
4573 } else if (serverState == UNSUPPORTED) {
4574 if (config.expectNothingHappenWhenServerUnsupported) {
4575 // It's possible that the resolver hasn't yet started to
4576 // connect. Wait a while.
4577 // TODO: See if we can get rid of the hard waiting time, such as comparing
4578 // the CountDiff across two tests.
4579 std::this_thread::sleep_for(100ms);
4580 EXPECT_EQ(tls.acceptConnectionsCount(), connectCountsBefore);
4581 } else {
4582 EXPECT_TRUE(WaitForPrivateDnsValidation(config.tlsServer, false));
4583 }
4584 } else {
4585 // Must be UNRESPONSIVE.
4586 // DnsTlsFrontend is the only signal for checking whether or not the resolver starts
4587 // another validation when the server is unresponsive.
4588 const int expectCountDiff =
4589 config.expectNothingHappenWhenServerUnresponsive ? 0 : 1;
4590 if (expectCountDiff == 0) {
4591 // It's possible that the resolver hasn't yet started to
4592 // connect. Wait a while.
4593 std::this_thread::sleep_for(100ms);
4594 }
4595 const auto condition = [&]() {
4596 return tls.acceptConnectionsCount() == connectCountsBefore + expectCountDiff;
4597 };
4598 EXPECT_TRUE(PollForCondition(condition));
4599 }
4600 }
4601
4602 // Set to off mode to reset the PrivateDnsConfiguration state.
4603 ResolverParamsParcel setupOffmode = DnsResponderClient::GetDefaultResolverParamsParcel();
4604 setupOffmode.tlsServers.clear();
4605 ASSERT_TRUE(mDnsClient.SetResolversFromParcel(setupOffmode));
4606 }
4607
4608 // Check that all the validation results are caught.
4609 // Note: it doesn't mean no validation being in progress.
4610 EXPECT_FALSE(hasUncaughtPrivateDnsValidation(addr1));
4611 EXPECT_FALSE(hasUncaughtPrivateDnsValidation(addr2));
4612}
4613
Hungming Chenbb90ab32019-10-28 18:20:31 +08004614// Parameterized tests.
4615// TODO: Merge the existing tests as parameterized test if possible.
4616// TODO: Perhaps move parameterized tests to an independent file.
4617enum class CallType { GETADDRINFO, GETHOSTBYNAME };
4618class ResolverParameterizedTest : public ResolverTest,
Hungming Chen63779052019-10-30 15:06:13 +08004619 public testing::WithParamInterface<CallType> {
4620 protected:
Hungming Chen22617fd2019-12-06 12:15:45 +08004621 void VerifyQueryHelloExampleComV4(const test::DNSResponder& dns, const CallType calltype,
4622 const bool verifyNumQueries = true) {
Hungming Chen63779052019-10-30 15:06:13 +08004623 if (calltype == CallType::GETADDRINFO) {
4624 const addrinfo hints = {.ai_family = AF_INET, .ai_socktype = SOCK_DGRAM};
4625 ScopedAddrinfo result = safe_getaddrinfo("hello", nullptr, &hints);
4626 ASSERT_TRUE(result != nullptr);
4627 EXPECT_EQ(kHelloExampleComAddrV4, ToString(result));
4628 } else if (calltype == CallType::GETHOSTBYNAME) {
4629 const hostent* result = gethostbyname("hello");
4630 ASSERT_TRUE(result != nullptr);
4631 ASSERT_EQ(4, result->h_length);
4632 ASSERT_FALSE(result->h_addr_list[0] == nullptr);
4633 EXPECT_EQ(kHelloExampleComAddrV4, ToString(result));
4634 EXPECT_TRUE(result->h_addr_list[1] == nullptr);
4635 } else {
4636 FAIL() << "Unsupported call type: " << static_cast<uint32_t>(calltype);
4637 }
Hungming Chen22617fd2019-12-06 12:15:45 +08004638 if (verifyNumQueries) EXPECT_EQ(1U, GetNumQueries(dns, kHelloExampleCom));
Hungming Chen63779052019-10-30 15:06:13 +08004639 }
4640};
Hungming Chenbb90ab32019-10-28 18:20:31 +08004641
Hungming Chen63779052019-10-30 15:06:13 +08004642INSTANTIATE_TEST_SUITE_P(QueryCallTest, ResolverParameterizedTest,
Hungming Chenbb90ab32019-10-28 18:20:31 +08004643 testing::Values(CallType::GETADDRINFO, CallType::GETHOSTBYNAME),
4644 [](const testing::TestParamInfo<CallType>& info) {
Hungming Chenbb90ab32019-10-28 18:20:31 +08004645 switch (info.param) {
4646 case CallType::GETADDRINFO:
Hungming Chen63779052019-10-30 15:06:13 +08004647 return "GetAddrInfo";
Hungming Chenbb90ab32019-10-28 18:20:31 +08004648 case CallType::GETHOSTBYNAME:
Hungming Chen63779052019-10-30 15:06:13 +08004649 return "GetHostByName";
Hungming Chenbb90ab32019-10-28 18:20:31 +08004650 default:
Hungming Chen63779052019-10-30 15:06:13 +08004651 return "InvalidParameter"; // Should not happen.
Hungming Chenbb90ab32019-10-28 18:20:31 +08004652 }
Hungming Chenbb90ab32019-10-28 18:20:31 +08004653 });
4654
4655TEST_P(ResolverParameterizedTest, AuthoritySectionAndAdditionalSection) {
4656 // DNS response may have more information in authority section and additional section.
4657 // Currently, getanswer() of packages/modules/DnsResolver/getaddrinfo.cpp doesn't parse the
4658 // content of authority section and additional section. Test these sections if they crash
4659 // the resolver, just in case. See also RFC 1035 section 4.1.
4660 const auto& calltype = GetParam();
4661 test::DNSHeader header(kDefaultDnsHeader);
4662
4663 // Create a DNS response which has a authoritative nameserver record in authority
4664 // section and its relevant address record in additional section.
4665 //
4666 // Question
4667 // hello.example.com. IN A
4668 // Answer
4669 // hello.example.com. IN A 1.2.3.4
4670 // Authority:
4671 // hello.example.com. IN NS ns1.example.com.
4672 // Additional:
4673 // ns1.example.com. IN A 5.6.7.8
4674 //
4675 // A response may have only question, answer, and authority section. Current testing response
4676 // should be able to cover this condition.
4677
4678 // Question section.
4679 test::DNSQuestion question{
4680 .qname = {.name = kHelloExampleCom},
4681 .qtype = ns_type::ns_t_a,
4682 .qclass = ns_c_in,
4683 };
4684 header.questions.push_back(std::move(question));
4685
4686 // Answer section.
4687 test::DNSRecord recordAnswer{
4688 .name = {.name = kHelloExampleCom},
4689 .rtype = ns_type::ns_t_a,
4690 .rclass = ns_c_in,
4691 .ttl = 0, // no cache
4692 };
Hungming Chen63779052019-10-30 15:06:13 +08004693 EXPECT_TRUE(test::DNSResponder::fillRdata(kHelloExampleComAddrV4, recordAnswer));
Hungming Chenbb90ab32019-10-28 18:20:31 +08004694 header.answers.push_back(std::move(recordAnswer));
4695
4696 // Authority section.
4697 test::DNSRecord recordAuthority{
4698 .name = {.name = kHelloExampleCom},
4699 .rtype = ns_type::ns_t_ns,
4700 .rclass = ns_c_in,
4701 .ttl = 0, // no cache
4702 };
4703 EXPECT_TRUE(test::DNSResponder::fillRdata("ns1.example.com.", recordAuthority));
4704 header.authorities.push_back(std::move(recordAuthority));
4705
4706 // Additional section.
4707 test::DNSRecord recordAdditional{
4708 .name = {.name = "ns1.example.com."},
4709 .rtype = ns_type::ns_t_a,
4710 .rclass = ns_c_in,
4711 .ttl = 0, // no cache
4712 };
4713 EXPECT_TRUE(test::DNSResponder::fillRdata("5.6.7.8", recordAdditional));
4714 header.additionals.push_back(std::move(recordAdditional));
4715
4716 // Start DNS server.
4717 test::DNSResponder dns(test::DNSResponder::MappingType::DNS_HEADER);
4718 dns.addMappingDnsHeader(kHelloExampleCom, ns_type::ns_t_a, header);
4719 ASSERT_TRUE(dns.startServer());
4720 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
4721 dns.clearQueries();
4722
4723 // Expect that get the address and the resolver doesn't crash.
Hungming Chen63779052019-10-30 15:06:13 +08004724 VerifyQueryHelloExampleComV4(dns, calltype);
4725}
4726
4727TEST_P(ResolverParameterizedTest, MessageCompression) {
4728 const auto& calltype = GetParam();
4729
4730 // The response with compressed domain name by a pointer. See RFC 1035 section 4.1.4.
4731 //
4732 // Ignoring the other fields of the message, the domain name of question section and answer
4733 // section are presented as:
4734 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4735 // 12 | 5 | h |
4736 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4737 // 14 | e | l |
4738 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4739 // 16 | l | o |
4740 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4741 // 18 | 7 | e |
4742 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4743 // 20 | x | a |
4744 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4745 // 22 | m | p |
4746 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4747 // 24 | l | e |
4748 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4749 // 26 | 3 | c |
4750 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4751 // 28 | o | m |
4752 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4753 // 30 | 0 | ... |
4754 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4755 //
4756 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4757 // 35 | 1 1| 12 |
4758 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4759 const std::vector<uint8_t> kResponseAPointer = {
4760 /* Header */
4761 0x00, 0x00, /* Transaction ID: 0x0000 */
4762 0x81, 0x80, /* Flags: qr rd ra */
4763 0x00, 0x01, /* Questions: 1 */
4764 0x00, 0x01, /* Answer RRs: 1 */
4765 0x00, 0x00, /* Authority RRs: 0 */
4766 0x00, 0x00, /* Additional RRs: 0 */
4767 /* Queries */
4768 0x05, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x07, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65,
4769 0x03, 0x63, 0x6f, 0x6d, 0x00, /* Name: hello.example.com */
4770 0x00, 0x01, /* Type: A */
4771 0x00, 0x01, /* Class: IN */
4772 /* Answers */
4773 0xc0, 0x0c, /* Name: hello.example.com (a pointer) */
4774 0x00, 0x01, /* Type: A */
4775 0x00, 0x01, /* Class: IN */
4776 0x00, 0x00, 0x00, 0x00, /* Time to live: 0 */
4777 0x00, 0x04, /* Data length: 4 */
4778 0x01, 0x02, 0x03, 0x04 /* Address: 1.2.3.4 */
4779 };
4780
4781 // The response with compressed domain name by a sequence of labels ending with a pointer. See
4782 // RFC 1035 section 4.1.4.
4783 //
4784 // Ignoring the other fields of the message, the domain name of question section and answer
4785 // section are presented as:
4786 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4787 // 12 | 5 | h |
4788 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4789 // 14 | e | l |
4790 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4791 // 16 | l | o |
4792 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4793 // 18 | 7 | e |
4794 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4795 // 20 | x | a |
4796 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4797 // 22 | m | p |
4798 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4799 // 24 | l | e |
4800 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4801 // 26 | 3 | c |
4802 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4803 // 28 | o | m |
4804 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4805 // 30 | 0 | ... |
4806 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4807 //
4808 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4809 // 35 | 5 | h |
4810 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4811 // 37 | e | l |
4812 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4813 // 39 | l | o |
4814 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4815 // 41 | 1 1| 18 |
4816 // +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
4817 const std::vector<uint8_t> kResponseLabelEndingWithAPointer = {
4818 /* Header */
4819 0x00, 0x00, /* Transaction ID: 0x0000 */
4820 0x81, 0x80, /* Flags: qr rd ra */
4821 0x00, 0x01, /* Questions: 1 */
4822 0x00, 0x01, /* Answer RRs: 1 */
4823 0x00, 0x00, /* Authority RRs: 0 */
4824 0x00, 0x00, /* Additional RRs: 0 */
4825 /* Queries */
4826 0x05, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x07, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65,
4827 0x03, 0x63, 0x6f, 0x6d, 0x00, /* Name: hello.example.com */
4828 0x00, 0x01, /* Type: A */
4829 0x00, 0x01, /* Class: IN */
4830 /* Answers */
4831 0x05, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0xc0,
4832 0x12, /* Name: hello.example.com (a label ending with a pointer) */
4833 0x00, 0x01, /* Type: A */
4834 0x00, 0x01, /* Class: IN */
4835 0x00, 0x00, 0x00, 0x00, /* Time to live: 0 */
4836 0x00, 0x04, /* Data length: 4 */
4837 0x01, 0x02, 0x03, 0x04 /* Address: 1.2.3.4 */
4838 };
4839
4840 for (const auto& response : {kResponseAPointer, kResponseLabelEndingWithAPointer}) {
4841 SCOPED_TRACE(StringPrintf("Hex dump: %s", toHex(makeSlice(response)).c_str()));
4842
4843 test::DNSResponder dns(test::DNSResponder::MappingType::BINARY_PACKET);
4844 dns.addMappingBinaryPacket(kHelloExampleComQueryV4, response);
4845 StartDns(dns, {});
4846 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
4847
4848 // Expect no cache because the TTL of testing responses are 0.
4849 VerifyQueryHelloExampleComV4(dns, calltype);
Hungming Chenbb90ab32019-10-28 18:20:31 +08004850 }
Mike Yu40e67072019-10-09 21:14:09 +08004851}
Hungming Chen22617fd2019-12-06 12:15:45 +08004852
4853TEST_P(ResolverParameterizedTest, TruncatedResponse) {
4854 const auto& calltype = GetParam();
4855
Hungming Chen22617fd2019-12-06 12:15:45 +08004856 test::DNSResponder dns;
Ken Chen99344882020-01-01 14:59:38 +08004857 StartDns(dns, kLargeCnameChainRecords);
Hungming Chen22617fd2019-12-06 12:15:45 +08004858 ASSERT_TRUE(mDnsClient.SetResolversForNetwork());
4859
4860 // Expect UDP response is truncated. The resolver retries over TCP. See RFC 1035 section 4.2.1.
4861 VerifyQueryHelloExampleComV4(dns, calltype, false);
4862 EXPECT_EQ(1U, GetNumQueriesForProtocol(dns, IPPROTO_UDP, kHelloExampleCom));
4863 EXPECT_EQ(1U, GetNumQueriesForProtocol(dns, IPPROTO_TCP, kHelloExampleCom));
4864}
Luke Huang3caa42b2020-04-23 14:18:04 +00004865
4866TEST_F(ResolverTest, KeepListeningUDP) {
4867 constexpr char listen_addr1[] = "127.0.0.4";
4868 constexpr char listen_addr2[] = "127.0.0.5";
4869 constexpr char host_name[] = "howdy.example.com.";
4870 const std::vector<DnsRecord> records = {
4871 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
4872 };
4873 const std::vector<int> params = {300, 25, 8, 8, 1000 /* BASE_TIMEOUT_MSEC */,
4874 1 /* retry count */};
4875 const int delayTimeMs = 1500;
4876
4877 test::DNSResponder neverRespondDns(listen_addr2, "53", static_cast<ns_rcode>(-1));
4878 neverRespondDns.setResponseProbability(0.0);
4879 StartDns(neverRespondDns, records);
Luke Huang68fa5002020-04-23 15:48:47 +00004880 ScopedSystemProperties scopedSystemProperties(
4881 "persist.device_config.netd_native.keep_listening_udp", "1");
4882 // Re-setup test network to make experiment flag take effect.
4883 resetNetwork();
Luke Huang3caa42b2020-04-23 14:18:04 +00004884
4885 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr1, listen_addr2},
4886 kDefaultSearchDomains, params));
4887 // There are 2 DNS servers for this test.
4888 // |delayedDns| will be blocked for |delayTimeMs|, then start to respond to requests.
4889 // |neverRespondDns| will never respond.
4890 // In the first try, resolver will send query to |delayedDns| but get timeout error
4891 // because |delayTimeMs| > DNS timeout.
4892 // Then it's the second try, resolver will send query to |neverRespondDns| and
4893 // listen on both servers. Resolver will receive the answer coming from |delayedDns|.
Luke Huang3caa42b2020-04-23 14:18:04 +00004894
Luke Huang3caa42b2020-04-23 14:18:04 +00004895 test::DNSResponder delayedDns(listen_addr1);
4896 delayedDns.setResponseDelayMs(delayTimeMs);
4897 StartDns(delayedDns, records);
4898
4899 // Specify hints to ensure resolver doing query only 1 round.
4900 const addrinfo hints = {.ai_family = AF_INET6, .ai_socktype = SOCK_DGRAM};
4901 ScopedAddrinfo result = safe_getaddrinfo(host_name, nullptr, &hints);
4902 EXPECT_TRUE(result != nullptr);
4903
4904 std::string result_str = ToString(result);
4905 EXPECT_TRUE(result_str == "::1.2.3.4") << ", result_str='" << result_str << "'";
4906}
4907
4908TEST_F(ResolverTest, GetAddrInfoParallelLookupTimeout) {
4909 constexpr char listen_addr[] = "127.0.0.4";
4910 constexpr char host_name[] = "howdy.example.com.";
4911 constexpr int TIMING_TOLERANCE_MS = 200;
4912 constexpr int DNS_TIMEOUT_MS = 1000;
4913 const std::vector<DnsRecord> records = {
4914 {host_name, ns_type::ns_t_a, "1.2.3.4"},
4915 {host_name, ns_type::ns_t_aaaa, "::1.2.3.4"},
4916 };
4917 const std::vector<int> params = {300, 25, 8, 8, DNS_TIMEOUT_MS /* BASE_TIMEOUT_MSEC */,
4918 1 /* retry count */};
4919 test::DNSResponder neverRespondDns(listen_addr, "53", static_cast<ns_rcode>(-1));
4920 neverRespondDns.setResponseProbability(0.0);
4921 StartDns(neverRespondDns, records);
Luke Huang68fa5002020-04-23 15:48:47 +00004922 ScopedSystemProperties scopedSystemProperties(
4923 "persist.device_config.netd_native.parallel_lookup", "1");
Luke Huang5b30e712020-05-01 11:09:42 +00004924 // The default value of parallel_lookup_sleep_time should be very small
4925 // that we can ignore in this test case.
Luke Huang68fa5002020-04-23 15:48:47 +00004926 // Re-setup test network to make experiment flag take effect.
4927 resetNetwork();
Luke Huang3caa42b2020-04-23 14:18:04 +00004928
4929 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr}, kDefaultSearchDomains, params));
4930 neverRespondDns.clearQueries();
4931
Luke Huang3caa42b2020-04-23 14:18:04 +00004932 // Use a never respond DNS server to verify if the A/AAAA queries are sent in parallel.
4933 // The resolver parameters are set to timeout 1s and retry 1 times.
4934 // So we expect the safe_getaddrinfo_time_taken() might take ~1s to
4935 // return when parallel lookup is enabled. And the DNS server should receive 2 queries.
4936 const addrinfo hints = {.ai_family = AF_UNSPEC, .ai_socktype = SOCK_DGRAM};
4937 auto [result, timeTakenMs] = safe_getaddrinfo_time_taken(host_name, nullptr, hints);
4938
4939 EXPECT_TRUE(result == nullptr);
4940 EXPECT_NEAR(DNS_TIMEOUT_MS, timeTakenMs, TIMING_TOLERANCE_MS)
4941 << "took time should approximate equal timeout";
4942 EXPECT_EQ(2U, GetNumQueries(neverRespondDns, host_name));
4943}
Luke Huang5b30e712020-05-01 11:09:42 +00004944
4945TEST_F(ResolverTest, GetAddrInfoParallelLookupSleepTime) {
4946 constexpr char listen_addr[] = "127.0.0.4";
4947 constexpr int TIMING_TOLERANCE_MS = 200;
4948 const std::vector<DnsRecord> records = {
4949 {kHelloExampleCom, ns_type::ns_t_a, kHelloExampleComAddrV4},
4950 {kHelloExampleCom, ns_type::ns_t_aaaa, kHelloExampleComAddrV6},
4951 };
4952 const std::vector<int> params = {300, 25, 8, 8, 1000 /* BASE_TIMEOUT_MSEC */,
4953 1 /* retry count */};
4954 test::DNSResponder dns(listen_addr);
4955 StartDns(dns, records);
4956 ScopedSystemProperties scopedSystemProperties1(
4957 "persist.device_config.netd_native.parallel_lookup", "1");
4958 constexpr int PARALLEL_LOOKUP_SLEEP_TIME_MS = 500;
4959 ScopedSystemProperties scopedSystemProperties2(
4960 "persist.device_config.netd_native.parallel_lookup_sleep_time",
4961 std::to_string(PARALLEL_LOOKUP_SLEEP_TIME_MS));
4962 // Re-setup test network to make experiment flag take effect.
4963 resetNetwork();
4964
4965 ASSERT_TRUE(mDnsClient.SetResolversForNetwork({listen_addr}, kDefaultSearchDomains, params));
4966 dns.clearQueries();
4967
4968 // Expect the safe_getaddrinfo_time_taken() might take ~500ms to return because we set
4969 // parallel_lookup_sleep_time to 500ms.
4970 const addrinfo hints = {.ai_family = AF_UNSPEC, .ai_socktype = SOCK_DGRAM};
4971 auto [result, timeTakenMs] = safe_getaddrinfo_time_taken(kHelloExampleCom, nullptr, hints);
4972
4973 EXPECT_NE(nullptr, result);
4974 EXPECT_THAT(ToStrings(result), testing::UnorderedElementsAreArray(
4975 {kHelloExampleComAddrV4, kHelloExampleComAddrV6}));
4976 EXPECT_NEAR(PARALLEL_LOOKUP_SLEEP_TIME_MS, timeTakenMs, TIMING_TOLERANCE_MS)
4977 << "took time should approximate equal timeout";
4978 EXPECT_EQ(2U, GetNumQueries(dns, kHelloExampleCom));
4979
4980 // Expect the PARALLEL_LOOKUP_SLEEP_TIME_MS won't affect the query under cache hit case.
4981 dns.clearQueries();
4982 std::tie(result, timeTakenMs) = safe_getaddrinfo_time_taken(kHelloExampleCom, nullptr, hints);
4983 EXPECT_NE(nullptr, result);
4984 EXPECT_THAT(ToStrings(result), testing::UnorderedElementsAreArray(
4985 {kHelloExampleComAddrV4, kHelloExampleComAddrV6}));
4986 EXPECT_GT(PARALLEL_LOOKUP_SLEEP_TIME_MS, timeTakenMs);
4987 EXPECT_EQ(0U, GetNumQueries(dns, kHelloExampleCom));
4988}