Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 40f4c9d3 authored by Android Build Coastguard Worker's avatar Android Build Coastguard Worker
Browse files

Snap for 10631079 from 228f7767 to mainline-tethering-release

Change-Id: Iced4f162dbefc116db5bbcd1492fefde7ff54dc1
parents adabcf99 228f7767
Loading
Loading
Loading
Loading
+0 −3
Original line number Diff line number Diff line
@@ -630,9 +630,6 @@ class ResolvCacheParameterizedTest : public ResolvCacheTest,
INSTANTIATE_TEST_SUITE_P(MaxCacheEntries, ResolvCacheParameterizedTest,
                         testing::Values(MAX_ENTRIES_LOWER_BOUND - 1, MAX_ENTRIES_UPPER_BOUND + 1),
                         [](const testing::TestParamInfo<int>& info) {
                             if (info.param < 0) {  // '-' is an invalid character in test name
                                 return "negative_" + std::to_string(abs(info.param));
                             }
                             return std::to_string(info.param);
                         });

+28 −36
Original line number Diff line number Diff line
@@ -4099,54 +4099,46 @@ TEST_F(ResolverTest, GetHostByName2_Dns64QuerySpecialUseIPv4Addresses) {

TEST_F(ResolverTest, PrefixDiscoveryBypassTls) {
    constexpr char listen_addr[] = "::1";
    constexpr char cleartext_port[] = "53";
    constexpr char tls_port[] = "853";
    constexpr char dns64_name[] = "ipv4only.arpa.";
    const std::vector<std::string> servers = {listen_addr};

    test::DNSResponder dns(listen_addr);
    StartDns(dns, {{dns64_name, ns_type::ns_t_aaaa, "64:ff9b::192.0.0.170"}});
    test::DnsTlsFrontend tls(listen_addr, tls_port, listen_addr, cleartext_port);
    test::DnsTlsFrontend tls(listen_addr, "853", listen_addr, "53");
    ASSERT_TRUE(tls.startServer());

    // Setup OPPORTUNISTIC mode and wait for the validation complete.
    ASSERT_TRUE(mDnsClient.SetResolversFromParcel(
            ResolverParams::Builder().setDnsServers(servers).setDotServers(servers).build()));
    for (const std::string_view dnsMode : {"OPPORTUNISTIC", "STRICT"}) {
        SCOPED_TRACE(fmt::format("testConfig: [{}]", dnsMode));
        auto builder = ResolverParams::Builder().setDnsServers(servers).setDotServers(servers);
        if (dnsMode == "STRICT") {
            builder.setPrivateDnsProvider(kDefaultPrivateDnsHostName);
        }
        ASSERT_TRUE(mDnsClient.SetResolversFromParcel(builder.build()));
        EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
        EXPECT_TRUE(tls.waitForQueries(1));
        tls.clearQueries();

    // Start NAT64 prefix discovery and wait for it complete.
        // Start NAT64 prefix discovery.
        EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
        EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Verify it bypassed TLS even though there's a TLS server available.
        // Verify that the DNS query for the NAT64 prefix bypassed private DNS.
        EXPECT_EQ(0, tls.queries()) << dns.dumpQueries();
        EXPECT_EQ(1U, GetNumQueries(dns, dns64_name)) << dns.dumpQueries();

    // Restart the testing network to reset the cache.
    mDnsClient.TearDown();
    mDnsClient.SetUp();
    dns.clearQueries();

    // Setup STRICT mode and wait for the validation complete.
    ASSERT_TRUE(mDnsClient.SetResolversFromParcel(
            ResolverParams::Builder()
                    .setDnsServers(servers)
                    .setDotServers(servers)
                    .setPrivateDnsProvider(kDefaultPrivateDnsHostName)
                    .build()));
    EXPECT_TRUE(WaitForPrivateDnsValidation(tls.listen_address(), true));
    EXPECT_TRUE(tls.waitForQueries(1));
    tls.clearQueries();
        // Stop the prefix discovery to make DnsResolver send the prefix-removed event
        // earlier. Without this, DnsResolver still sends the event once the network
        // is destroyed; however, it will fail the next test if the test unexpectedly
        // receives the event that it doesn't want.
        EXPECT_TRUE(mDnsClient.resolvService()->stopPrefix64Discovery(TEST_NETID).isOk());
        EXPECT_TRUE(WaitForNat64Prefix(EXPECT_NOT_FOUND));

    // Start NAT64 prefix discovery and wait for it to complete.
    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());
    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));
        dns.clearQueries();
        EXPECT_TRUE(mDnsClient.resolvService()->flushNetworkCache(TEST_NETID).isOk());
    }

    // Verify it bypassed TLS despite STRICT mode.
    EXPECT_EQ(0, tls.queries()) << dns.dumpQueries();
    EXPECT_EQ(1U, GetNumQueries(dns, dns64_name)) << dns.dumpQueries();
    EXPECT_EQ(0, sDnsMetricsListener->getUnexpectedNat64PrefixUpdates());
    EXPECT_EQ(0, sUnsolicitedEventListener->getUnexpectedNat64PrefixUpdates());
}

TEST_F(ResolverTest, SetAndClearNat64Prefix) {