diff options
| author | Mike Yu <yumike@google.com> | 2023-07-27 11:05:58 +0000 |
|---|---|---|
| committer | Mike Yu <yumike@google.com> | 2023-08-01 07:27:45 +0000 |
| commit | 56d66769c78e3181fa5475116f8036956b8b78ce (patch) | |
| tree | 87bf0bd93ee5b3ab28670898d69b0fbcf4811cff | |
| parent | a687b69a83a58cb9542c8bd13fa20f9981509a11 (diff) | |
| download | DnsResolver-56d66769c78e3181fa5475116f8036956b8b78ce.tar.gz | |
Test: add test UseDohAsLongAsHostnameMatch
This is a test for aosp/2598287 that DnsResolver can use the
DoH servers of an allowed DoH provider even if the servers
are not listed in the DoH list.
Bug: 286969157
Test: test passed
Change-Id: I68a381b6ef57ad01300a5f5492eca794efdec785
| -rw-r--r-- | tests/resolv_private_dns_test.cpp | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/tests/resolv_private_dns_test.cpp b/tests/resolv_private_dns_test.cpp index 569b74af..ecd68dd1 100644 --- a/tests/resolv_private_dns_test.cpp +++ b/tests/resolv_private_dns_test.cpp @@ -1175,3 +1175,32 @@ TEST_F(PrivateDnsDohTest, ReceiveResetStream) { expectAnswersValid(fd, AF_INET6, kQueryAnswerAAAA); EXPECT_NO_FAILURE(expectQueries(0 /* dns */, 1 /* dot */, 2 /* doh */)); } + +// Tests that, given an IP address with an allowed DoH provider name, PrivateDnsConfiguration +// attempts to probe the server for DoH. +TEST_F(PrivateDnsDohTest, UseDohAsLongAsHostnameMatch) { + // "example.com" is an allowed DoH provider name defined in + // PrivateDnsConfiguration::mAvailableDoHProviders. + constexpr char allowedDohName[] = "example.com"; + constexpr char someOtherIp[] = "127.99.99.99"; + + // The test currently doesn't support testing DoH in private DNS strict mode, so DnsResolver + // can't connect to the testing DoH servers. We use onPrivateDnsValidationEvent() to check + // whether DoT/DoH probes are performed. + // Without an allowed private DNS provider hostname, expect PrivateDnsConfiguration to probe + // the server for DoT only. + ASSERT_TRUE(mDnsClient.SetResolversFromParcel( + ResolverParams::Builder().setDotServers({someOtherIp}).build())); + EXPECT_TRUE(WaitForDotValidation(someOtherIp, false)); + EXPECT_FALSE(hasUncaughtPrivateDnsValidation(someOtherIp)); + + // With an allowed private DNS provider hostname, expect PrivateDnsConfiguration to probe the + // server for both DoT and DoH. + ASSERT_TRUE(mDnsClient.SetResolversFromParcel(ResolverParams::Builder() + .setDotServers({someOtherIp}) + .setPrivateDnsProvider(allowedDohName) + .build())); + EXPECT_TRUE(WaitForDotValidation(someOtherIp, false)); + EXPECT_TRUE(WaitForDohValidation(someOtherIp, false)); + EXPECT_FALSE(hasUncaughtPrivateDnsValidation(someOtherIp)); +} |