1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/
*/
"use strict";
const TEST_DOMAIN = "doh.test.";
const AUTO_TRR_URI = "https://example.com/dns-query";
add_task(setup);
add_task(async function testProviderSteering() {
setPassingHeuristics();
let prefPromise = TestUtils.waitForPrefChange(prefs.BREADCRUMB_PREF);
Preferences.set(prefs.ENABLED_PREF, true);
await prefPromise;
is(Preferences.get(prefs.BREADCRUMB_PREF), true, "Breadcrumb saved.");
await checkHeuristicsTelemetry("enable_doh", "startup");
let providerTestcases = [
{
id: "provider1",
canonicalName: "foo.provider1.com",
uri: "https://foo.provider1.com/query",
},
{
id: "provider2",
canonicalName: "bar.provider2.com",
uri: "https://bar.provider2.com/query",
},
];
let configFlushPromise = DoHTestUtils.waitForConfigFlush();
Preferences.set(
prefs.PROVIDER_STEERING_LIST_PREF,
JSON.stringify(providerTestcases)
);
await configFlushPromise;
await checkHeuristicsTelemetry("enable_doh", "startup");
let testNetChangeResult = async (
expectedURI,
heuristicsDecision,
providerName
) => {
let trrURIChanged = TestUtils.topicObserved(
"network:trr-uri-changed",
() => {
// We need this check because this topic is observed once immediately
// after the network change when the URI is reset, and then when the
// provider steering heuristic runs and sets it to our uri.
return Services.dns.currentTrrURI == expectedURI;
}
);
simulateNetworkChange();
await trrURIChanged;
is(
Services.dns.currentTrrURI,
expectedURI,
`TRR URI set to ${expectedURI}`
);
await checkHeuristicsTelemetry(
heuristicsDecision,
"netchange",
providerName
);
};
for (let { id, canonicalName, uri } of providerTestcases) {
gDNSOverride.addIPOverride(TEST_DOMAIN, "9.9.9.9");
gDNSOverride.setCnameOverride(TEST_DOMAIN, canonicalName);
await testNetChangeResult(uri, "enable_doh", id);
gDNSOverride.clearHostOverride(TEST_DOMAIN);
}
await testNetChangeResult(AUTO_TRR_URI, "enable_doh");
// Just use the first provider for the remaining checks.
let provider = providerTestcases[0];
gDNSOverride.addIPOverride(TEST_DOMAIN, "9.9.9.9");
gDNSOverride.setCnameOverride(TEST_DOMAIN, provider.canonicalName);
await testNetChangeResult(provider.uri, "enable_doh", provider.id);
// Set enterprise roots enabled and ensure provider steering is disabled.
Preferences.set("security.enterprise_roots.enabled", true);
await testNetChangeResult(AUTO_TRR_URI, "disable_doh");
Preferences.reset("security.enterprise_roots.enabled");
// Check that provider steering is enabled again after we reset above.
await testNetChangeResult(provider.uri, "enable_doh", provider.id);
// Trigger safesearch heuristics and ensure provider steering is disabled.
let googleDomain = "google.com.";
let googleIP = "1.1.1.1";
let googleSafeSearchIP = "1.1.1.2";
gDNSOverride.clearHostOverride(googleDomain);
gDNSOverride.addIPOverride(googleDomain, googleSafeSearchIP);
await testNetChangeResult(AUTO_TRR_URI, "disable_doh");
gDNSOverride.clearHostOverride(googleDomain);
gDNSOverride.addIPOverride(googleDomain, googleIP);
// Check that provider steering is enabled again after we reset above.
await testNetChangeResult(provider.uri, "enable_doh", provider.id);
// Finally, provider steering should be disabled once we clear the override.
gDNSOverride.clearHostOverride(TEST_DOMAIN);
await testNetChangeResult(AUTO_TRR_URI, "enable_doh");
});
|