1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
"use strict";
let h2Port;
let prefs;
function setup() {
h2Port = Services.env.get("MOZHTTP2_PORT");
Assert.notEqual(h2Port, null);
Assert.notEqual(h2Port, "");
// Set to allow the cert presented by our H2 server
do_get_profile();
prefs = Services.prefs;
prefs.setBoolPref("network.security.esni.enabled", false);
prefs.setBoolPref("network.http.http2.enabled", true);
// the TRR server is on 127.0.0.1
prefs.setCharPref("network.trr.bootstrapAddr", "127.0.0.1");
// make all native resolve calls "secretly" resolve localhost instead
prefs.setBoolPref("network.dns.native-is-localhost", true);
// 0 - off, 1 - race, 2 TRR first, 3 TRR only, 4 shadow
prefs.setIntPref("network.trr.mode", 3); // TRR first
prefs.setBoolPref("network.trr.wait-for-portal", false);
// don't confirm that TRR is working, just go!
prefs.setCharPref("network.trr.confirmationNS", "skip");
// So we can change the pref without clearing the cache to check a pushed
// record with a TRR path that fails.
prefs.setBoolPref("network.trr.clear-cache-on-pref-change", false);
// The moz-http2 cert is for foo.example.com and is signed by http2-ca.pem
// so add that cert to the trust list as a signing cert. // the foo.example.com domain name.
const certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(
Ci.nsIX509CertDB
);
addCertFromFile(certdb, "../unit/http2-ca.pem", "CTu,u,u");
}
setup();
registerCleanupFunction(() => {
prefs.clearUserPref("network.security.esni.enabled");
prefs.clearUserPref("network.http.http2.enabled");
prefs.clearUserPref("network.dns.localDomains");
prefs.clearUserPref("network.dns.native-is-localhost");
prefs.clearUserPref("network.trr.mode");
prefs.clearUserPref("network.trr.uri");
prefs.clearUserPref("network.trr.credentials");
prefs.clearUserPref("network.trr.wait-for-portal");
prefs.clearUserPref("network.trr.allow-rfc1918");
prefs.clearUserPref("network.trr.useGET");
prefs.clearUserPref("network.trr.confirmationNS");
prefs.clearUserPref("network.trr.bootstrapAddr");
prefs.clearUserPref("network.trr.temp_blocklist_duration_sec");
prefs.clearUserPref("network.trr.request-timeout");
prefs.clearUserPref("network.trr.clear-cache-on-pref-change");
prefs.clearUserPref("network.dns.port_prefixed_qname_https_rr");
});
function run_test() {
prefs.setIntPref("network.trr.mode", 3);
prefs.setCharPref(
"network.trr.uri",
"https://foo.example.com:" + h2Port + "/httpssvc"
);
do_await_remote_message("mode3-port").then(port => {
prefs.setIntPref("network.trr.mode", 3);
prefs.setCharPref(
"network.trr.uri",
`https://foo.example.com:${port}/dns-query`
);
do_send_remote_message("mode3-port-done");
});
do_await_remote_message("clearCache").then(() => {
Services.dns.clearCache(true);
do_send_remote_message("clearCache-done");
});
do_await_remote_message("set-port-prefixed-pref").then(() => {
prefs.setBoolPref("network.dns.port_prefixed_qname_https_rr", true);
do_send_remote_message("set-port-prefixed-pref-done");
});
run_test_in_child("../unit/test_trr_httpssvc.js");
}
|
