[ tor-browser ].git.dasho

test_trr_blocklist.js (4137B)
      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 "use strict";
      6 
      7 const override = Cc["@mozilla.org/network/native-dns-override;1"].getService(
      8  Ci.nsINativeDNSResolverOverride
      9 );
     10 
     11 function setup() {
     12  trr_test_setup();
     13  Services.prefs.setBoolPref("network.trr.temp_blocklist", true);
     14 }
     15 setup();
     16 
     17 // Waits until a predicate returns true or re-tries the predicate calls
     18 // |retry| times, we wait for 100ms between each calls.
     19 async function waitUntil(predicate, retry = 20) {
     20  let count = 0;
     21  while (count++ < retry) {
     22    if (await predicate()) {
     23      return true;
     24    }
     25    // Wait for 100 milliseconds.
     26    await new Promise(resolve => do_timeout(100, resolve));
     27  }
     28  // Timed out after trying too many times.
     29  return false;
     30 }
     31 
     32 add_task(async function checkBlocklisting() {
     33  let trrServer = new TRRServer();
     34  registerCleanupFunction(async () => {
     35    await trrServer.stop();
     36  });
     37  await trrServer.start();
     38  info(`port = ${trrServer.port()}\n`);
     39 
     40  Services.dns.clearCache(true);
     41  Services.prefs.setCharPref(
     42    "network.trr.uri",
     43    `https://foo.example.com:${trrServer.port()}/dns-query`
     44  );
     45  Services.prefs.setIntPref("network.trr.mode", Ci.nsIDNSService.MODE_TRRFIRST);
     46 
     47  await trrServer.registerDoHAnswers("top.test.com", "NS", {});
     48 
     49  override.addIPOverride("sub.top.test.com", "2.2.2.2");
     50  override.addIPOverride("sub2.top.test.com", "2.2.2.2");
     51  await new TRRDNSListener("sub.top.test.com", {
     52    expectedAnswer: "2.2.2.2",
     53  });
     54  equal(await trrServer.requestCount("sub.top.test.com", "A"), 1);
     55 
     56  // Clear the cache so that we need to consult the blocklist and not simply
     57  // return the cached DNS record.
     58  Services.dns.clearCache(true);
     59  await new TRRDNSListener("sub.top.test.com", {
     60    expectedAnswer: "2.2.2.2",
     61  });
     62  equal(
     63    await trrServer.requestCount("sub.top.test.com", "A"),
     64    1,
     65    "Request should go directly to native because result is still in blocklist"
     66  );
     67 
     68  // XXX(valentin): if this ever starts intermittently failing we need to add
     69  // a sleep here. But the check for the parent NS should normally complete
     70  // before the second subdomain request.
     71  equal(
     72    await trrServer.requestCount("top.test.com", "NS"),
     73    1,
     74    "Should have checked parent domain"
     75  );
     76  await new TRRDNSListener("sub2.top.test.com", {
     77    expectedAnswer: "2.2.2.2",
     78  });
     79  equal(await trrServer.requestCount("sub2.top.test.com", "A"), 0);
     80 
     81  // The blocklist should instantly expire.
     82  Services.prefs.setIntPref("network.trr.temp_blocklist_duration_sec", 0);
     83  Services.dns.clearCache(true);
     84  await new TRRDNSListener("sub.top.test.com", {
     85    expectedAnswer: "2.2.2.2",
     86  });
     87  // blocklist expired. Do another check.
     88  equal(
     89    await trrServer.requestCount("sub.top.test.com", "A"),
     90    2,
     91    "We should do another TRR request because the bloclist expired"
     92  );
     93 });
     94 
     95 add_task(async function test_blocklist_cname() {
     96  let trrServer = new TRRServer();
     97  registerCleanupFunction(async () => {
     98    await trrServer.stop();
     99  });
    100  await trrServer.start();
    101  info(`port = ${trrServer.port()}\n`);
    102 
    103  Services.dns.clearCache(true);
    104  Services.prefs.setCharPref(
    105    "network.trr.uri",
    106    `https://foo.example.com:${trrServer.port()}/dns-query`
    107  );
    108  Services.prefs.setIntPref("network.trr.mode", Ci.nsIDNSService.MODE_TRRFIRST);
    109 
    110  await trrServer.registerDoHAnswers(`top.test.com`, "NS", {
    111    answers: [
    112      {
    113        name: "top.test.com",
    114        ttl: 55,
    115        type: "CNAME",
    116        flush: false,
    117        data: "other.foo",
    118      },
    119    ],
    120  });
    121 
    122  await trrServer.registerDoHAnswers(`other.foo`, "NS", {
    123    answers: [
    124      {
    125        name: "other.foo",
    126        ttl: 55,
    127        type: "NS",
    128        flush: false,
    129        data: "ns.other.foo",
    130      },
    131    ],
    132  });
    133 
    134  override.addIPOverride("sub.top.test.com", "2.2.2.2");
    135  await new TRRDNSListener("sub.top.test.com", {
    136    expectedAnswer: "2.2.2.2",
    137  });
    138 
    139  await waitUntil(async () => {
    140    return (await trrServer.requestCount("top.test.com", "NS")) == 1;
    141  });
    142 });
	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE