tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

nsITRRSkipReason.idl (6806B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 #include "nsISupports.idl"
      6 
      7 [scriptable, uuid(e61b5d39-f6d6-4ed3-aead-1213b24c6f27)]
      8 interface nsITRRSkipReason: nsISupports
      9 {
     10  // IMPORTANT: when adding new values, always add them to the end, otherwise
     11  // it will mess up telemetry.
     12  // When adding a reason here, make sure it is documented in
     13  // netwerk/docs/dns/trr-skip-reasons.md
     14  cenum value: 32 {
     15    TRR_UNSET = 0,
     16    TRR_OK = 1,           // Only set when we actually got a positive TRR result
     17    TRR_NO_GSERVICE = 2,  // no gService
     18    TRR_PARENTAL_CONTROL = 3,         // parental control is on
     19    TRR_OFF_EXPLICIT = 4,             // user has set mode5
     20    TRR_REQ_MODE_DISABLED = 5,        // request  has disabled flags set
     21    TRR_MODE_NOT_ENABLED = 6,         // mode0
     22    TRR_FAILED = 7,                   // unknown failure
     23    TRR_MODE_UNHANDLED_DEFAULT = 8,   // Unhandled case in ComputeEffectiveMode
     24    TRR_MODE_UNHANDLED_DISABLED = 9,  // Unhandled case in ComputeEffectiveMode
     25    TRR_DISABLED_FLAG = 10,           // the DISABLE_TRR flag was set
     26    TRR_TIMEOUT = 11,                 // the TRR channel timed out
     27    TRR_CHANNEL_DNS_FAIL = 12,        // DoH server name failed to resolve
     28    TRR_BROWSER_IS_OFFLINE = 13,      // The browser is offline/no interfaces up
     29    TRR_NOT_CONFIRMED = 14,           // TRR confirmation is not done yet
     30    TRR_DID_NOT_MAKE_QUERY = 15,  // TrrLookup exited without doing a TRR query
     31    TRR_UNKNOWN_CHANNEL_FAILURE = 16,  // unknown channel failure reason
     32    TRR_HOST_BLOCKED_TEMPORARY = 17,   // host blocklisted
     33    TRR_SEND_FAILED = 18,              // The call to TRR::SendHTTPRequest failed
     34    TRR_NET_RESET = 19,                // NS_ERROR_NET_RESET
     35    TRR_NET_TIMEOUT = 20,              // NS_ERROR_NET_TIMEOUT
     36    TRR_NET_REFUSED = 21,              // NS_ERROR_CONNECTION_REFUSED
     37    TRR_NET_INTERRUPT = 22,            // NS_ERROR_NET_INTERRUPT
     38    TRR_NET_INADEQ_SEQURITY = 23,      // NS_ERROR_NET_INADEQUATE_SECURITY
     39    TRR_NO_ANSWERS = 24,               // TRR returned no answers
     40    TRR_DECODE_FAILED = 25,            // DohDecode failed
     41    TRR_EXCLUDED = 26,                 // ExcludedFromTRR
     42    TRR_SERVER_RESPONSE_ERR = 27,      // Server responded with non-200 code
     43    TRR_RCODE_FAIL = 28,          // DNS response contains a non-NOERROR rcode
     44    TRR_NO_CONNECTIVITY = 29,     // Not confirmed because of no connectivity
     45    TRR_NXDOMAIN = 30,            // DNS response contains NXDOMAIN rcode (0x03)
     46    TRR_REQ_CANCELLED = 31,       // The request has been cancelled
     47    ODOH_KEY_NOT_USABLE = 32,     // We don't have a valid ODoHConfig to use.
     48    ODOH_UPDATE_KEY_FAILED = 33,  // Failed to update the ODoHConfigs.
     49    ODOH_KEY_NOT_AVAILABLE = 34,  // ODoH requests timeout because of no key.
     50    ODOH_ENCRYPTION_FAILED = 35,  // Failed to encrypt DNS packets.
     51    ODOH_DECRYPTION_FAILED = 36,  // Failed to decrypt DNS packets.
     52    TRR_HEURISTIC_TRIPPED_GOOGLE_SAFESEARCH = 37,  // The google safesearch heuristic was tripped
     53    TRR_HEURISTIC_TRIPPED_YOUTUBE_SAFESEARCH = 38, // The youtube safesearch heuristic was tripped
     54    TRR_HEURISTIC_TRIPPED_ZSCALER_CANARY = 39,     // The zscaler canary heuristic was tripped
     55    TRR_HEURISTIC_TRIPPED_CANARY = 40,             // The global canary heuristic was tripped
     56    TRR_HEURISTIC_TRIPPED_MODIFIED_ROOTS = 41,     // The modified roots (enterprise_roots cert pref) heuristic was tripped
     57    TRR_HEURISTIC_TRIPPED_PARENTAL_CONTROLS = 42,  // The parental controls heuristic was tripped
     58    TRR_HEURISTIC_TRIPPED_THIRD_PARTY_ROOTS = 43,  // The third party roots heuristic was tripped
     59    TRR_HEURISTIC_TRIPPED_ENTERPRISE_POLICY = 44,  // The enterprise policy heuristic was tripped
     60    TRR_HEURISTIC_TRIPPED_VPN = 45,                // The heuristic was tripped due to a vpn being detected
     61    TRR_HEURISTIC_TRIPPED_PROXY = 46,              // The heuristic was tripped due to a proxy being detected
     62    TRR_HEURISTIC_TRIPPED_NRPT = 47,               // The heuristic was tripped due to a NRPT being detected
     63    TRR_BAD_URL = 48,           // We attempted to use a bad URL (doesn't parse or is not https).
     64    TRR_SYSTEM_SLEEP_MODE = 49, // The system is in sleep mode.
     65    eLAST_VALUE = TRR_SYSTEM_SLEEP_MODE, // This entry should always hold the last and largest value in the enum
     66  };
     67 };
     68 
     69 %{ C++
     70 namespace mozilla {
     71 namespace net {
     72 
     73 using TRRSkippedReason = nsITRRSkipReason::value;
     74 
     75 inline bool IsRelevantTRRSkipReason(TRRSkippedReason aReason) {
     76  // - TRR_REQ_MODE_DISABLED - these requests are intentionally skipping TRR.
     77  //     These include DNS queries used to bootstrap the TRR connection,
     78  //     captive portal checks, connectivity checks, etc.
     79  //     Since we don't want to use TRR for these connections, we don't need
     80  //     to include them with other relevant skip reasons.
     81  // - TRR_DISABLED_FLAG - This reason is used when retrying failed connections,
     82  //    sync DNS resolves on the main thread, or requests coming from
     83  //    webextensions that choose to skip TRR
     84  // - TRR_EXCLUDED - This reason is used when a certain domain is excluded
     85  //    from TRR because it is explicitly set by the user, or because it
     86  //    is part of the user's DNS suffix list, indicating a host that is likely
     87  //    to be on the local network.
     88  if (aReason == TRRSkippedReason::TRR_REQ_MODE_DISABLED ||
     89      aReason == TRRSkippedReason::TRR_DISABLED_FLAG ||
     90      aReason == TRRSkippedReason::TRR_EXCLUDED) {
     91    return false;
     92  }
     93  return true;
     94 }
     95 
     96 inline bool IsBlockedTRRRequest(TRRSkippedReason aReason) {
     97  // See TRR::MaybeBlockRequest. These are the reasons that could block sending
     98  // TRR requests.
     99  return (aReason == TRRSkippedReason::TRR_EXCLUDED ||
    100          aReason == TRRSkippedReason::TRR_MODE_NOT_ENABLED ||
    101          aReason == TRRSkippedReason::TRR_HOST_BLOCKED_TEMPORARY);
    102 }
    103 
    104 inline bool IsNonRecoverableTRRSkipReason(TRRSkippedReason aReason) {
    105  // These are non-recoverable reasons and we'll fallback to native without
    106  // retrying.
    107  return (aReason == TRRSkippedReason::TRR_NXDOMAIN ||
    108          aReason == TRRSkippedReason::TRR_NO_ANSWERS ||
    109          aReason == TRRSkippedReason::TRR_DISABLED_FLAG ||
    110          aReason == TRRSkippedReason::TRR_RCODE_FAIL);
    111 }
    112 
    113 inline bool IsFailedConfirmationOrNoConnectivity(TRRSkippedReason aReason) {
    114  // TRR is in non-confirmed state now, so we don't try to use TRR at all.
    115  return (aReason == TRRSkippedReason::TRR_NOT_CONFIRMED ||
    116          aReason == TRRSkippedReason::TRR_NO_CONNECTIVITY);
    117 }
    118 
    119 extern nsresult GetTRRSkipReasonName(TRRSkippedReason aReason, nsACString& aName);
    120 
    121 } // net
    122 } // mozilla
    123 %}