tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_ip_space_glean.js (4626B)

      1 "use strict";
      2 
      3 const override = Cc["@mozilla.org/network/native-dns-override;1"].getService(
      4  Ci.nsINativeDNSResolverOverride
      5 );
      6 const mockNetwork = Cc[
      7  "@mozilla.org/network/mock-network-controller;1"
      8 ].getService(Ci.nsIMockNetworkLayerController);
      9 const certOverrideService = Cc[
     10  "@mozilla.org/security/certoverride;1"
     11 ].getService(Ci.nsICertOverrideService);
     12 
     13 const { NodeHTTPServer, NodeHTTPSServer } = ChromeUtils.importESModule(
     14  "resource://testing-common/NodeServer.sys.mjs"
     15 );
     16 
     17 const DOMAIN = "example.org";
     18 
     19 function makeChan(url) {
     20  let chan = NetUtil.newChannel({
     21    uri: url,
     22    loadUsingSystemPrincipal: true,
     23    contentPolicyType: Ci.nsIContentPolicy.TYPE_DOCUMENT,
     24  }).QueryInterface(Ci.nsIHttpChannel);
     25  return chan;
     26 }
     27 
     28 function channelOpenPromise(chan, flags) {
     29  return new Promise(resolve => {
     30    function finish(req, buffer) {
     31      resolve([req, buffer]);
     32      certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(
     33        false
     34      );
     35    }
     36    certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(
     37      true
     38    );
     39    chan.asyncOpen(new ChannelListener(finish, null, flags));
     40  });
     41 }
     42 
     43 let server;
     44 
     45 add_setup(async function setup() {
     46  Services.prefs.setBoolPref("network.socket.attach_mock_network_layer", true);
     47 
     48  Services.fog.initializeFOG();
     49 
     50  server = new NodeHTTPServer();
     51  await server.start();
     52  registerCleanupFunction(async () => {
     53    Services.prefs.clearUserPref("network.disable-localhost-when-offline");
     54    Services.prefs.clearUserPref("network.dns.use_override_as_peer_address");
     55    Services.prefs.clearUserPref("dom.security.https_only_mode");
     56    Services.prefs.clearUserPref("dom.security.https_first");
     57    Services.prefs.clearUserPref("dom.security.https_first_schemeless");
     58    Services.prefs.clearUserPref("network.socket.attach_mock_network_layer");
     59    await server.stop();
     60  });
     61 });
     62 
     63 function verifyGleanValues(aDescription, aExpected) {
     64  info(aDescription);
     65 
     66  let loadIsHttps = aExpected.loadIsHttps || null;
     67  let loadIsHttp = aExpected.loadIsHttp || null;
     68  let loadIsHttpForLocalDomain = aExpected.loadIsHttpForLocalDomain || null;
     69 
     70  let glean = Glean.networking.httpsHttpOrLocal;
     71  Assert.equal(
     72    glean.load_is_https.testGetValue(),
     73    loadIsHttps,
     74    "verify load_is_https"
     75  );
     76  Assert.equal(
     77    glean.load_is_http.testGetValue(),
     78    loadIsHttp,
     79    "verify load_is_http"
     80  );
     81  Assert.equal(
     82    glean.load_is_http_for_local_domain.testGetValue(),
     83    loadIsHttpForLocalDomain,
     84    "verify load_is_http_for_local_domain"
     85  );
     86 }
     87 
     88 async function do_test(ip, expected, srcPort, dstPort) {
     89  Services.fog.testResetFOG();
     90 
     91  override.addIPOverride(DOMAIN, ip);
     92  let fromAddr = mockNetwork.createScriptableNetAddr(ip, srcPort ?? 80);
     93  let toAddr = mockNetwork.createScriptableNetAddr(
     94    fromAddr.family == Ci.nsINetAddr.FAMILY_INET ? "127.0.0.1" : "::1",
     95    dstPort ?? server.port()
     96  );
     97 
     98  mockNetwork.addNetAddrOverride(fromAddr, toAddr);
     99 
    100  let chan = makeChan(`http://${DOMAIN}`);
    101  let [req] = await channelOpenPromise(chan);
    102  info(
    103    "req.remoteAddress=" +
    104      req.QueryInterface(Ci.nsIHttpChannelInternal).remoteAddress
    105  );
    106  verifyGleanValues(`test ip=${ip}`, expected);
    107 
    108  Services.dns.clearCache(false);
    109  override.clearOverrides();
    110  mockNetwork.clearNetAddrOverrides();
    111  Services.obs.notifyObservers(null, "net:prune-all-connections");
    112 }
    113 
    114 add_task(async function test_ipv4_local() {
    115  Services.prefs.setBoolPref("dom.security.https_only_mode", false);
    116  Services.prefs.setBoolPref("dom.security.https_first", false);
    117  Services.prefs.setBoolPref("dom.security.https_first_schemeless", false);
    118 
    119  await do_test("10.0.0.1", { loadIsHttpForLocalDomain: 1 });
    120  await do_test("172.16.0.1", { loadIsHttpForLocalDomain: 1 });
    121  await do_test("192.168.0.1", { loadIsHttpForLocalDomain: 1 });
    122  await do_test("169.254.0.1", { loadIsHttpForLocalDomain: 1 });
    123  await do_test("127.0.0.1", { loadIsHttpForLocalDomain: 1 });
    124 });
    125 
    126 add_task(async function test_ipv6_local() {
    127  await do_test("::1", { loadIsHttpForLocalDomain: 1 });
    128  await do_test("fc00::1", { loadIsHttpForLocalDomain: 1 });
    129  await do_test("fe80::1", { loadIsHttpForLocalDomain: 1 });
    130 });
    131 
    132 add_task(async function test_http() {
    133  await do_test("1.1.1.1", { loadIsHttp: 1 });
    134 });
    135 
    136 add_task(async function test_https() {
    137  Services.prefs.setBoolPref("dom.security.https_only_mode", true);
    138  let httpsServer = new NodeHTTPSServer();
    139  await httpsServer.start();
    140  registerCleanupFunction(async () => {
    141    await httpsServer.stop();
    142  });
    143  await do_test("1.1.1.1", { loadIsHttps: 1 }, 443, httpsServer.port());
    144 });