resolv_integration_test: Retrieve NAT64 prefix through DNS event listener

    ],

}

cc_test_library {

    name: "libnetd_test_metrics_listener",

    defaults: ["netd_defaults"],

    srcs: [

        "tests/BaseTestMetricsListener.cpp",

        "tests/TestMetrics.cpp",

    ],

    include_dirs: [

        "system/netd/include",

    ],

    shared_libs: [

        "libbinder",

        "libutils",

        "netd_event_listener_interface-V1-cpp",

    ],

}

cc_library {

    name: "libnetd_resolv",

    version_script: "libnetd_resolv.map.txt",

#include <gtest/gtest.h>

#include <netdutils/Stopwatch.h>

#include <openssl/base64.h>

#include "tests/BaseTestMetricsListener.h"

#include "tests/TestMetrics.h"

#include "tests/dns_metrics_listener/base_metrics_listener.h"

#include "tests/dns_metrics_listener/test_metrics.h"

#include "NetdConstants.h"  // SHA256_SIZE

#include "ResolverStats.h"

}

TEST_F(DnsResolverBinderTest, RegisterEventListener_DuplicateSubscription) {

    class DummyListener : public android::net::metrics::BaseTestMetricsListener {

        bool isVerified() override { return true; }  // unused

    };

    class DummyListener : public android::net::metrics::BaseMetricsListener {};

    // Expect to subscribe successfully.

    android::sp<DummyListener> dummyListener = new DummyListener();

#include <android/multinetwork.h>  // ResNsendFlags

#include <arpa/inet.h>

#include <arpa/nameser.h>

#include <binder/ProcessState.h>

#include <cutils/sockets.h>

#include <gmock/gmock-matchers.h>

#include <gtest/gtest.h>

#include "netdutils/ResponseCode.h"

#include "netdutils/SocketOption.h"

#include "netid_client.h"  // NETID_UNSET

#include "tests/dns_metrics_listener/dns_metrics_listener.h"

#include "tests/resolv_test_utils.h"

// Valid VPN netId range is 100 ~ 65535

using android::base::StringPrintf;

using android::base::unique_fd;

using android::net::ResolverStats;

using android::net::metrics::DnsMetricsListener;

using android::netdutils::enableSockopt;

using android::netdutils::ResponseCode;

}  // namespace

class ResolverTest : public ::testing::Test {

  public:

    ResolverTest() {

        // Use a shared static DNS listener for all tests to avoid registering lots of listeners

        // which may be released late until process terminated. Currently, registered DNS listener

        // is removed by binder death notification which is fired when the process hosting an

        // IBinder has gone away. If every test in ResolverTest registers its DNS listener, Netd

        // may temporarily hold lots of dead listeners until the unit test process terminates.

        // TODO: Perhaps add an unregistering listener binder call or fork a listener process which

        // could be terminated earlier.

        static android::sp<DnsMetricsListener> listener =

                new DnsMetricsListener(TEST_NETID /*monitor specific network*/);

        mDnsMetricsListener = listener;

    }

  protected:

    struct DnsRecord {

        std::string host_name;  // host name

        std::string addr;       // ipv4/v6 address

    };

    void SetUp() { mDnsClient.SetUp(); }

    void TearDown() {

        mDnsClient.TearDown();

    }

    void SetUp() {

        mDnsClient.SetUp();

    bool WaitForPrefix64Detected(int netId, int timeoutMs) {

        constexpr int intervalMs = 2;

        const int limit = timeoutMs / intervalMs;

        for (int count = 0; count <= limit; ++count) {

            std::string prefix;

            auto rv = mDnsClient.resolvService()->getPrefix64(netId, &prefix);

            if (rv.isOk()) {

                return true;

            }

            usleep(intervalMs * 1000);

        }

        return false;

        // Register the shared static DNS listener which may have been registered in previous test

        // ResolverTest.

        // TODO: Move the registration to SetUpTestCase which is called once before the first test.

        auto status = mDnsClient.resolvService()->registerEventListener(mDnsMetricsListener);

        ASSERT_TRUE(status.isOk() || status.serviceSpecificErrorCode() == EEXIST /*ignore*/);

        // Start the binder thread pool for listening DNS metrics events.

        android::ProcessState::self()->startThreadPool();

    }

    void TearDown() { mDnsClient.TearDown(); }

    void StartDns(test::DNSResponder& dns, const std::vector<DnsRecord>& records) {

        for (const auto& r : records) {

            dns.addMapping(r.host_name, r.type, r.addr);

        dns.clearQueries();

    }

    bool WaitForNat64Prefix(ExpectNat64PrefixStatus status,

                            std::chrono::milliseconds timeout = std::chrono::milliseconds(1000)) {

        return mDnsMetricsListener->waitForNat64Prefix(status, timeout);

    }

    DnsResponderClient mDnsClient;

    android::sp<DnsMetricsListener> mDnsMetricsListener;  // Initialized in constructor.

    static constexpr char kLocalHost[] = "localhost";

    static constexpr char kLocalHostAddr[] = "127.0.0.1";

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // hints are necessary in order to let netd know which type of addresses the caller is

    // interested in.

    // Stopping NAT64 prefix discovery disables synthesis.

    EXPECT_TRUE(mDnsClient.resolvService()->stopPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_FALSE(WaitForPrefix64Detected(TEST_NETID, 300));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_NOT_FOUND));

    dns.clearQueries();

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Ensure to synthesize AAAA if AF_INET6 is specified, and not to synthesize AAAA

    // in AF_INET case.

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    const addrinfo hints = {.ai_family = AF_UNSPEC};

    ScopedAddrinfo result = safe_getaddrinfo("v4v6", nullptr, &hints);

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    const addrinfo hints = {.ai_family = AF_UNSPEC};

    ScopedAddrinfo result = safe_getaddrinfo("v4v6", nullptr, &hints);

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    static const struct TestConfig {

        std::string name;

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Assign argument hints of getaddrinfo() as null is equivalent to set ai_family AF_UNSPEC.

    // In AF_UNSPEC case, synthesize AAAA if there has A answer only.

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // If node is null, return address is listed by libc/getaddrinfo.c as follows.

    // - passive socket -> anyaddr (0.0.0.0 or ::)

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Reverse IPv4 DNS query. Prefix should have no effect on it.

    inet_pton(AF_INET, "1.2.3.4", &v4addr);

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Synthesized PTR record doesn't exist on DNS server

    // Reverse IPv6 DNS64 query while DNS server doesn't have an answer for synthesized address.

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Using synthesized "localhost" address to be a trick for resolving host name

    // from host file /etc/hosts and "localhost" is the only name in /etc/hosts. Note that this is

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    static const struct TestConfig {

        int flag;

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    static const struct TestConfig {

        bool hasSynthesizedPtrRecord;

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Using synthesized "localhost" address to be a trick for resolving host name

    // from host file /etc/hosts and "localhost" is the only name in /etc/hosts. Note that this is

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Query an IPv4-only hostname. Expect that gets a synthesized address.

    struct hostent* result = gethostbyname2("ipv4only", AF_INET6);

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // IPv4 DNS query. Prefix should have no effect on it.

    struct hostent* result = gethostbyname2("v4v6", AF_INET);

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    static const struct TestConfig {

        std::string name;

    // Start NAT64 prefix discovery and wait for it complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Verify it bypassed TLS even though there's a TLS server available.

    EXPECT_EQ(0, tls.queries());

    // Start NAT64 prefix discovery and wait for it to complete.

    EXPECT_TRUE(mDnsClient.resolvService()->startPrefix64Discovery(TEST_NETID).isOk());

    EXPECT_TRUE(WaitForPrefix64Detected(TEST_NETID, 1000));

    EXPECT_TRUE(WaitForNat64Prefix(EXPECT_FOUND));

    // Verify it bypassed TLS despite STRICT mode.

    EXPECT_EQ(0, tls.queries());

/**

 * Copyright (c) 2019, The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#ifndef _BASE_TEST_METRICS_LISTENER_H_

#define _BASE_TEST_METRICS_LISTENER_H_

#include <string>

#include <vector>

#include <binder/BinderService.h>

#include "android/net/metrics/BnNetdEventListener.h"

enum EventFlag : uint32_t {

    onDnsEvent = 1 << 0,

    onPrivateDnsValidationEvent = 1 << 1,

    onConnectEvent = 1 << 2,

    onWakeupEvent = 1 << 3,

    onTcpSocketStatsEvent = 1 << 4,

    onNat64PrefixEvent = 1 << 5,

};

namespace android {

namespace net {

namespace metrics {

class BaseTestMetricsListener : public BnNetdEventListener {

  public:

    BaseTestMetricsListener() = default;

    ~BaseTestMetricsListener() = default;

    // Returns TRUE if the verification was successful. Otherwise, returns FALSE.

    virtual bool isVerified() = 0;

    std::condition_variable& getCv() { return mCv; }

    std::mutex& getCvMutex() { return mCvMutex; }

    android::binder::Status onDnsEvent(int32_t /*netId*/, int32_t /*eventType*/,

                                       int32_t /*returnCode*/, int32_t /*latencyMs*/,

                                       const std::string& /*hostname*/,

                                       const ::std::vector<std::string>& /*ipAddresses*/,

                                       int32_t /*ipAddressesCount*/, int32_t /*uid*/) override;

    android::binder::Status onPrivateDnsValidationEvent(int32_t /*netId*/,

                                                        const ::android::String16& /*ipAddress*/,

                                                        const ::android::String16& /*hostname*/,

                                                        bool /*validated*/) override;

    android::binder::Status onConnectEvent(int32_t /*netId*/, int32_t /*error*/,

                                           int32_t /*latencyMs*/,

                                           const ::android::String16& /*ipAddr*/, int32_t /*port*/,

                                           int32_t /*uid*/) override;

    android::binder::Status onWakeupEvent(const ::android::String16& /*prefix*/, int32_t /*uid*/,

                                          int32_t /*ethertype*/, int32_t /*ipNextHeader*/,

                                          const ::std::vector<uint8_t>& /*dstHw*/,

                                          const ::android::String16& /*srcIp*/,

                                          const ::android::String16& /*dstIp*/, int32_t /*srcPort*/,

                                          int32_t /*dstPort*/, int64_t /*timestampNs*/) override;

    android::binder::Status onTcpSocketStatsEvent(

            const ::std::vector<int32_t>& /*networkIds*/,

            const ::std::vector<int32_t>& /*sentPackets*/,

            const ::std::vector<int32_t>& /*lostPackets*/, const ::std::vector<int32_t>& /*rttUs*/,

            const ::std::vector<int32_t>& /*sentAckDiffMs*/) override;

    android::binder::Status onNat64PrefixEvent(int32_t /*netId*/, bool /*added*/,

                                               const ::std::string& /*prefixString*/,

                                               int32_t /*prefixLength*/) override;

  private:

    // The verified event(s) as a bitwise-OR combination of enum EventFlag flags.

    uint32_t mVerified{};

    // This lock prevents racing condition between signaling thread(s) and waiting thread(s).

    std::mutex mCvMutex;

    // Condition variable signaled when notify() is called.

    std::condition_variable mCv;

  protected:

    // Notify who is waiting for test results. See also mCvMutex and mCv.

    void notify();

    // Get current verified event(s).

    uint32_t getVerified() const { return mVerified; }

    // Set the specific event as verified if its verification was successful.

    void setVerified(EventFlag event);

};

}  // namespace metrics

}  // namespace net

}  // namespace android

#endif  // _BASE_TEST_METRICS_LISTENER_H_

cc_test_library {

    name: "libnetd_test_metrics_listener",

    defaults: ["netd_defaults"],

    srcs: [

        "base_metrics_listener.cpp",

        "dns_metrics_listener.cpp",

        "test_metrics.cpp",

    ],

    shared_libs: [

        "libbase",

        "libbinder",

        "libutils",

    ],

    static_libs: [

        "netd_event_listener_interface-V1-cpp",

    ],

}

 No newline at end of file