tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_https_rr_ech_prefs.js (15849B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 "use strict";
      6 
      7 let trrServer;
      8 
      9 function setup() {
     10  trr_test_setup();
     11 
     12  Services.prefs.setBoolPref("network.dns.upgrade_with_https_rr", true);
     13  Services.prefs.setBoolPref("network.dns.use_https_rr_as_altsvc", true);
     14  Services.prefs.setBoolPref("network.dns.echconfig.enabled", true);
     15 }
     16 
     17 setup();
     18 registerCleanupFunction(async () => {
     19  trr_clear_prefs();
     20  Services.prefs.clearUserPref("network.dns.upgrade_with_https_rr");
     21  Services.prefs.clearUserPref("network.dns.use_https_rr_as_altsvc");
     22  Services.prefs.clearUserPref("network.dns.echconfig.enabled");
     23  Services.prefs.clearUserPref("network.dns.http3_echconfig.enabled");
     24  Services.prefs.clearUserPref("network.http.http3.enable");
     25  Services.prefs.clearUserPref("network.http.http2.enabled");
     26  if (trrServer) {
     27    await trrServer.stop();
     28  }
     29 });
     30 
     31 function checkResult(inRecord, noHttp2, noHttp3, result) {
     32  if (!result) {
     33    Assert.throws(
     34      () => {
     35        inRecord
     36          .QueryInterface(Ci.nsIDNSHTTPSSVCRecord)
     37          .GetServiceModeRecord(noHttp2, noHttp3);
     38      },
     39      /NS_ERROR_NOT_AVAILABLE/,
     40      "Should get an error"
     41    );
     42    return;
     43  }
     44 
     45  let record = inRecord
     46    .QueryInterface(Ci.nsIDNSHTTPSSVCRecord)
     47    .GetServiceModeRecord(noHttp2, noHttp3);
     48  Assert.equal(record.priority, result.expectedPriority);
     49  Assert.equal(record.name, result.expectedName);
     50  Assert.equal(record.selectedAlpn, result.expectedAlpn);
     51 }
     52 
     53 // Test configuration:
     54 //   There are two records: one has a echConfig and the other doesn't.
     55 // We want to test if the record with echConfig is preferred.
     56 add_task(async function testEchConfigEnabled() {
     57  trrServer = new TRRServer();
     58  await trrServer.start();
     59 
     60  Services.prefs.setIntPref("network.trr.mode", 3);
     61  Services.prefs.setCharPref(
     62    "network.trr.uri",
     63    `https://foo.example.com:${trrServer.port()}/dns-query`
     64  );
     65  Services.prefs.setBoolPref("network.dns.echconfig.enabled", false);
     66 
     67  await trrServer.registerDoHAnswers("test.bar.com", "HTTPS", {
     68    answers: [
     69      {
     70        name: "test.bar.com",
     71        ttl: 55,
     72        type: "HTTPS",
     73        flush: false,
     74        data: {
     75          priority: 1,
     76          name: "test.bar_1.com",
     77          values: [{ key: "alpn", value: ["h3"] }, { key: "no-default-alpn" }],
     78        },
     79      },
     80      {
     81        name: "test.bar.com",
     82        ttl: 55,
     83        type: "HTTPS",
     84        flush: false,
     85        data: {
     86          priority: 2,
     87          name: "test.bar_2.com",
     88          values: [
     89            { key: "alpn", value: ["h2"] },
     90            { key: "echconfig", value: "456..." },
     91          ],
     92        },
     93      },
     94    ],
     95  });
     96 
     97  let { inRecord } = await new TRRDNSListener("test.bar.com", {
     98    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
     99  });
    100 
    101  checkResult(inRecord, false, false, {
    102    expectedPriority: 1,
    103    expectedName: "test.bar_1.com",
    104    expectedAlpn: "h3",
    105  });
    106  checkResult(inRecord, false, true, {
    107    expectedPriority: 2,
    108    expectedName: "test.bar_2.com",
    109    expectedAlpn: "",
    110  });
    111  checkResult(inRecord, true, false, {
    112    expectedPriority: 1,
    113    expectedName: "test.bar_1.com",
    114    expectedAlpn: "h3",
    115  });
    116  checkResult(inRecord, true, true, {
    117    expectedPriority: 2,
    118    expectedName: "test.bar_2.com",
    119    expectedAlpn: "",
    120  });
    121 
    122  Services.prefs.setBoolPref("network.dns.echconfig.enabled", true);
    123  Services.dns.clearCache(true);
    124 
    125  ({ inRecord } = await new TRRDNSListener("test.bar.com", {
    126    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
    127  }));
    128 
    129  checkResult(inRecord, false, false, {
    130    expectedPriority: 2,
    131    expectedName: "test.bar_2.com",
    132    expectedAlpn: "",
    133  });
    134  checkResult(inRecord, false, true, {
    135    expectedPriority: 2,
    136    expectedName: "test.bar_2.com",
    137    expectedAlpn: "",
    138  });
    139  checkResult(inRecord, true, false, {
    140    expectedPriority: 2,
    141    expectedName: "test.bar_2.com",
    142    expectedAlpn: "",
    143  });
    144  checkResult(inRecord, true, true, {
    145    expectedPriority: 2,
    146    expectedName: "test.bar_2.com",
    147    expectedAlpn: "",
    148  });
    149 
    150  await trrServer.stop();
    151  trrServer = null;
    152 });
    153 
    154 // Test configuration:
    155 //   There are two records: both have echConfigs, and only one supports h3.
    156 // This test is about testing which record should we get when
    157 // network.dns.http3_echconfig.enabled is true and false.
    158 // When network.dns.http3_echconfig.enabled is false, we should try to
    159 // connect with h2 and echConfig.
    160 add_task(async function testTwoRecordsHaveEchConfig() {
    161  Services.dns.clearCache(true);
    162 
    163  trrServer = new TRRServer();
    164  await trrServer.start();
    165 
    166  Services.prefs.setBoolPref("network.dns.echconfig.enabled", true);
    167  Services.prefs.setBoolPref("network.dns.http3_echconfig.enabled", false);
    168  Services.prefs.setIntPref("network.trr.mode", 3);
    169  Services.prefs.setCharPref(
    170    "network.trr.uri",
    171    `https://foo.example.com:${trrServer.port()}/dns-query`
    172  );
    173 
    174  await trrServer.registerDoHAnswers("test.foo.com", "HTTPS", {
    175    answers: [
    176      {
    177        name: "test.foo.com",
    178        ttl: 55,
    179        type: "HTTPS",
    180        flush: false,
    181        data: {
    182          priority: 1,
    183          name: "test.foo_h3.com",
    184          values: [
    185            { key: "alpn", value: ["h3"] },
    186            { key: "no-default-alpn" },
    187            { key: "echconfig", value: "456..." },
    188          ],
    189        },
    190      },
    191      {
    192        name: "test.foo.com",
    193        ttl: 55,
    194        type: "HTTPS",
    195        flush: false,
    196        data: {
    197          priority: 2,
    198          name: "test.foo_h2.com",
    199          values: [
    200            { key: "alpn", value: ["h2"] },
    201            { key: "echconfig", value: "456..." },
    202          ],
    203        },
    204      },
    205    ],
    206  });
    207 
    208  let { inRecord } = await new TRRDNSListener("test.foo.com", {
    209    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
    210  });
    211 
    212  checkResult(inRecord, false, false, {
    213    expectedPriority: 2,
    214    expectedName: "test.foo_h2.com",
    215    expectedAlpn: "",
    216  });
    217  checkResult(inRecord, false, true, {
    218    expectedPriority: 2,
    219    expectedName: "test.foo_h2.com",
    220    expectedAlpn: "",
    221  });
    222  checkResult(inRecord, true, false, {
    223    expectedPriority: 2,
    224    expectedName: "test.foo_h2.com",
    225    expectedAlpn: "",
    226  });
    227  checkResult(inRecord, true, true, {
    228    expectedPriority: 2,
    229    expectedName: "test.foo_h2.com",
    230    expectedAlpn: "",
    231  });
    232 
    233  Services.prefs.setBoolPref("network.dns.http3_echconfig.enabled", true);
    234  Services.dns.clearCache(true);
    235  ({ inRecord } = await new TRRDNSListener("test.foo.com", {
    236    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
    237  }));
    238 
    239  checkResult(inRecord, false, false, {
    240    expectedPriority: 1,
    241    expectedName: "test.foo_h3.com",
    242    expectedAlpn: "h3",
    243  });
    244  checkResult(inRecord, false, true, {
    245    expectedPriority: 2,
    246    expectedName: "test.foo_h2.com",
    247    expectedAlpn: "",
    248  });
    249  checkResult(inRecord, true, false, {
    250    expectedPriority: 1,
    251    expectedName: "test.foo_h3.com",
    252    expectedAlpn: "h3",
    253  });
    254  checkResult(inRecord, true, true, {
    255    expectedPriority: 2,
    256    expectedName: "test.foo_h2.com",
    257    expectedAlpn: "",
    258  });
    259 
    260  await trrServer.stop();
    261  trrServer = null;
    262 });
    263 
    264 // Test configuration:
    265 //   There are two records: both have echConfigs, and one supports h3 and h2.
    266 // When network.dns.http3_echconfig.enabled is false, we should use the record
    267 // that supports h3 and h2 (the alpn is h2).
    268 add_task(async function testTwoRecordsHaveEchConfig1() {
    269  Services.dns.clearCache(true);
    270 
    271  trrServer = new TRRServer();
    272  await trrServer.start();
    273 
    274  Services.prefs.setBoolPref("network.dns.echconfig.enabled", true);
    275  Services.prefs.setBoolPref("network.dns.http3_echconfig.enabled", false);
    276  Services.prefs.setIntPref("network.trr.mode", 3);
    277  Services.prefs.setCharPref(
    278    "network.trr.uri",
    279    `https://foo.example.com:${trrServer.port()}/dns-query`
    280  );
    281 
    282  await trrServer.registerDoHAnswers("test.foo.com", "HTTPS", {
    283    answers: [
    284      {
    285        name: "test.foo.com",
    286        ttl: 55,
    287        type: "HTTPS",
    288        flush: false,
    289        data: {
    290          priority: 1,
    291          name: "test.foo_h3.com",
    292          values: [
    293            { key: "alpn", value: ["h3", "h2"] },
    294            { key: "no-default-alpn" },
    295            { key: "echconfig", value: "456..." },
    296          ],
    297        },
    298      },
    299      {
    300        name: "test.foo.com",
    301        ttl: 55,
    302        type: "HTTPS",
    303        flush: false,
    304        data: {
    305          priority: 2,
    306          name: "test.foo_h2.com",
    307          values: [
    308            { key: "alpn", value: ["h2", "http/1.1"] },
    309            { key: "echconfig", value: "456..." },
    310          ],
    311        },
    312      },
    313    ],
    314  });
    315 
    316  let { inRecord } = await new TRRDNSListener("test.foo.com", {
    317    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
    318  });
    319 
    320  checkResult(inRecord, false, false, {
    321    expectedPriority: 1,
    322    expectedName: "test.foo_h3.com",
    323    expectedAlpn: "h2",
    324  });
    325  checkResult(inRecord, false, true, {
    326    expectedPriority: 1,
    327    expectedName: "test.foo_h3.com",
    328    expectedAlpn: "h2",
    329  });
    330  checkResult(inRecord, true, false, {
    331    expectedPriority: 2,
    332    expectedName: "test.foo_h2.com",
    333    expectedAlpn: "http/1.1",
    334  });
    335  checkResult(inRecord, true, true, {
    336    expectedPriority: 2,
    337    expectedName: "test.foo_h2.com",
    338    expectedAlpn: "http/1.1",
    339  });
    340 
    341  Services.prefs.setBoolPref("network.dns.http3_echconfig.enabled", true);
    342  Services.dns.clearCache(true);
    343  ({ inRecord } = await new TRRDNSListener("test.foo.com", {
    344    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
    345  }));
    346 
    347  checkResult(inRecord, false, false, {
    348    expectedPriority: 1,
    349    expectedName: "test.foo_h3.com",
    350    expectedAlpn: "h3",
    351  });
    352  checkResult(inRecord, false, true, {
    353    expectedPriority: 1,
    354    expectedName: "test.foo_h3.com",
    355    expectedAlpn: "h2",
    356  });
    357  checkResult(inRecord, true, false, {
    358    expectedPriority: 1,
    359    expectedName: "test.foo_h3.com",
    360    expectedAlpn: "h3",
    361  });
    362  checkResult(inRecord, true, true, {
    363    expectedPriority: 2,
    364    expectedName: "test.foo_h2.com",
    365    expectedAlpn: "http/1.1",
    366  });
    367 
    368  await trrServer.stop();
    369  trrServer = null;
    370 });
    371 
    372 // Test configuration:
    373 //   There are two records: only one support h3 and only one has echConfig.
    374 // This test is about never usng the record without echConfig.
    375 add_task(async function testOneRecordsHasEchConfig() {
    376  Services.dns.clearCache(true);
    377 
    378  trrServer = new TRRServer();
    379  await trrServer.start();
    380 
    381  Services.prefs.setBoolPref("network.dns.echconfig.enabled", true);
    382  Services.prefs.setBoolPref("network.dns.http3_echconfig.enabled", false);
    383  Services.prefs.setIntPref("network.trr.mode", 3);
    384  Services.prefs.setCharPref(
    385    "network.trr.uri",
    386    `https://foo.example.com:${trrServer.port()}/dns-query`
    387  );
    388 
    389  await trrServer.registerDoHAnswers("test.foo.com", "HTTPS", {
    390    answers: [
    391      {
    392        name: "test.foo.com",
    393        ttl: 55,
    394        type: "HTTPS",
    395        flush: false,
    396        data: {
    397          priority: 1,
    398          name: "test.foo_h3.com",
    399          values: [
    400            { key: "alpn", value: ["h3"] },
    401            { key: "no-default-alpn" },
    402            { key: "echconfig", value: "456..." },
    403          ],
    404        },
    405      },
    406      {
    407        name: "test.foo.com",
    408        ttl: 55,
    409        type: "HTTPS",
    410        flush: false,
    411        data: {
    412          priority: 2,
    413          name: "test.foo_h2.com",
    414          values: [{ key: "alpn", value: ["h2"] }],
    415        },
    416      },
    417    ],
    418  });
    419 
    420  let { inRecord } = await new TRRDNSListener("test.foo.com", {
    421    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
    422  });
    423 
    424  checkResult(inRecord, false, false, {
    425    expectedPriority: 1,
    426    expectedName: "test.foo_h3.com",
    427    expectedAlpn: "h3",
    428  });
    429  checkResult(inRecord, false, true, {
    430    expectedPriority: 2,
    431    expectedName: "test.foo_h2.com",
    432    expectedAlpn: "",
    433  });
    434  checkResult(inRecord, true, false, {
    435    expectedPriority: 1,
    436    expectedName: "test.foo_h3.com",
    437    expectedAlpn: "h3",
    438  });
    439  checkResult(inRecord, true, true, {
    440    expectedPriority: 2,
    441    expectedName: "test.foo_h2.com",
    442    expectedAlpn: "",
    443  });
    444 
    445  Services.prefs.setBoolPref("network.dns.http3_echconfig.enabled", true);
    446  Services.dns.clearCache(true);
    447  ({ inRecord } = await new TRRDNSListener("test.foo.com", {
    448    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
    449  }));
    450 
    451  checkResult(inRecord, false, false, {
    452    expectedPriority: 1,
    453    expectedName: "test.foo_h3.com",
    454    expectedAlpn: "h3",
    455  });
    456  checkResult(inRecord, false, true, {
    457    expectedPriority: 2,
    458    expectedName: "test.foo_h2.com",
    459    expectedAlpn: "",
    460  });
    461  checkResult(inRecord, true, false, {
    462    expectedPriority: 1,
    463    expectedName: "test.foo_h3.com",
    464    expectedAlpn: "h3",
    465  });
    466  checkResult(inRecord, true, true, {
    467    expectedPriority: 2,
    468    expectedName: "test.foo_h2.com",
    469    expectedAlpn: "",
    470  });
    471 
    472  await trrServer.stop();
    473  trrServer = null;
    474 });
    475 
    476 // Test the case that "network.http.http3.enable" and
    477 // "network.http.http2.enabled" are true/false.
    478 add_task(async function testHttp3AndHttp2Pref() {
    479  Services.dns.clearCache(true);
    480 
    481  trrServer = new TRRServer();
    482  await trrServer.start();
    483 
    484  Services.prefs.setBoolPref("network.http.http3.enable", false);
    485  Services.prefs.setBoolPref("network.dns.echconfig.enabled", false);
    486  Services.prefs.setBoolPref("network.dns.http3_echconfig.enabled", false);
    487  Services.prefs.setIntPref("network.trr.mode", 3);
    488  Services.prefs.setCharPref(
    489    "network.trr.uri",
    490    `https://foo.example.com:${trrServer.port()}/dns-query`
    491  );
    492 
    493  await trrServer.registerDoHAnswers("test.foo.com", "HTTPS", {
    494    answers: [
    495      {
    496        name: "test.foo.com",
    497        ttl: 55,
    498        type: "HTTPS",
    499        flush: false,
    500        data: {
    501          priority: 1,
    502          name: "test.foo_h3.com",
    503          values: [
    504            { key: "alpn", value: ["h3", "h2"] },
    505            { key: "no-default-alpn" },
    506            { key: "echconfig", value: "456..." },
    507          ],
    508        },
    509      },
    510      {
    511        name: "test.foo.com",
    512        ttl: 55,
    513        type: "HTTPS",
    514        flush: false,
    515        data: {
    516          priority: 2,
    517          name: "test.foo_h2.com",
    518          values: [
    519            { key: "alpn", value: ["h2"] },
    520            { key: "echconfig", value: "456..." },
    521          ],
    522        },
    523      },
    524    ],
    525  });
    526 
    527  let { inRecord } = await new TRRDNSListener("test.foo.com", {
    528    type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
    529  });
    530 
    531  checkResult(inRecord, false, false, {
    532    expectedPriority: 1,
    533    expectedName: "test.foo_h3.com",
    534    expectedAlpn: "h2",
    535  });
    536  checkResult(inRecord, false, true, {
    537    expectedPriority: 1,
    538    expectedName: "test.foo_h3.com",
    539    expectedAlpn: "h2",
    540  });
    541  checkResult(inRecord, true, false, {
    542    expectedPriority: 2,
    543    expectedName: "test.foo_h2.com",
    544    expectedAlpn: "",
    545  });
    546  checkResult(inRecord, true, true, {
    547    expectedPriority: 2,
    548    expectedName: "test.foo_h2.com",
    549    expectedAlpn: "",
    550  });
    551 
    552  Services.prefs.setBoolPref("network.http.http2.enabled", false);
    553  checkResult(inRecord, false, false, {
    554    expectedPriority: 2,
    555    expectedName: "test.foo_h2.com",
    556    expectedAlpn: "",
    557  });
    558 
    559  Services.prefs.setBoolPref("network.http.http3.enable", true);
    560  checkResult(inRecord, false, false, {
    561    expectedPriority: 1,
    562    expectedName: "test.foo_h3.com",
    563    expectedAlpn: "h3",
    564  });
    565  checkResult(inRecord, false, true, {
    566    expectedPriority: 2,
    567    expectedName: "test.foo_h2.com",
    568    expectedAlpn: "",
    569  });
    570  checkResult(inRecord, true, false, {
    571    expectedPriority: 1,
    572    expectedName: "test.foo_h3.com",
    573    expectedAlpn: "h3",
    574  });
    575  checkResult(inRecord, true, true, {
    576    expectedPriority: 2,
    577    expectedName: "test.foo_h2.com",
    578    expectedAlpn: "",
    579  });
    580 
    581  await trrServer.stop();
    582  trrServer = null;
    583 });