Bug 1507139 - Fix h2 push for esni r=bagder

Differential Revision: https://phabricator.services.mozilla.com/D11881 --HG-- extra : moz-landing-system : lando
2018-11-15 13:10:54 +00:00 · 2018-11-15 13:10:54 +00:00 · 694ce65937
--- a/netwerk/dns/TRR.cpp
+++ b/netwerk/dns/TRR.cpp
@ -431,10 +431,15 @@ TRR::ReceivePush(nsIHttpChannel *pushed, nsHostRecord *pushedRec)
    return NS_ERROR_UNEXPECTED;
  }

+  if ((mType != TRRTYPE_A) && (mType != TRRTYPE_AAAA) && (mType != TRRTYPE_TXT)) {
+    LOG(("TRR::ReceivePush unknown type %d\n", mType));
+    return NS_ERROR_UNEXPECTED;
+  }
+
  RefPtr<nsHostRecord> hostRecord;
  nsresult rv;
  rv = mHostResolver->GetHostRecord(mHost,
-                                    pushedRec->type,
+                                    (mType != TRRTYPE_TXT) ? 0 : nsIDNSService::RESOLVE_TYPE_TXT,
                                    pushedRec->flags, pushedRec->af,
                                    pushedRec->pb,
                                    pushedRec->originSuffix,
--- a/netwerk/test/unit/test_esni_dns_fetch.js
+++ b/netwerk/test/unit/test_esni_dns_fetch.js
@ -20,14 +20,12 @@ function run_test() {
  do_get_profile();
  prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);

-  prefs.setBoolPref("network.security.esni.enabled", true);
+  prefs.setBoolPref("network.security.esni.enabled", false);
  prefs.setBoolPref("network.http.spdy.enabled", true);
  prefs.setBoolPref("network.http.spdy.enabled.http2", true);
  // the TRR server is on 127.0.0.1
  prefs.setCharPref("network.trr.bootstrapAddress", "127.0.0.1");

-  // use the h2 server as DOH provider
-  prefs.setCharPref("network.trr.uri", "https://foo.example.com:" + h2Port + "/esni-dns");
  // make all native resolve calls "secretly" resolve localhost instead
  prefs.setBoolPref("network.dns.native-is-localhost", true);

@ -43,9 +41,7 @@ function run_test() {
      .getService(Ci.nsIX509CertDB);
  addCertFromFile(certdb, "CA.cert.der", "CTu,u,u");
  do_test_pending();
-
-
-  listen = dns.asyncResolveByType("_esni.example.com", dns.RESOLVE_TYPE_TXT, 0, listenerFine, mainThread, defaultOriginAttributes);
+  run_dns_tests();
 }

 registerCleanupFunction(() => {
@ -83,23 +79,91 @@ function addCertFromFile(certdb, filename, trustString) {
 }

 var test_answer="bXkgdm9pY2UgaXMgbXkgcGFzc3dvcmQ=";
+var test_answer_addr="127.0.0.1";

 // check that we do lookup by type fine
-var listenerFine = {
+var listenerEsni = {
  onLookupByTypeComplete: function(inRequest, inRecord, inStatus) {
    if (inRequest == listen) {
      Assert.ok(!inStatus);
      var answer = inRecord.getRecordsAsOneString();
      Assert.equal(answer, test_answer);
      do_test_finished();
+      run_dns_tests();
    }
  },
  QueryInterface: function(aIID) {
    if (aIID.equals(Ci.nsIDNSListener) ||
-        aIID.equals(Ci.nsISupports)) {
+      aIID.equals(Ci.nsISupports)) {
      return this;
    }
    throw Cr.NS_ERROR_NO_INTERFACE;
  }
 };

+// check that we do lookup for A record is fine
+var listenerAddr = {
+  onLookupComplete: function(inRequest, inRecord, inStatus) {
+    if (inRequest == listen) {
+      Assert.ok(!inStatus);
+      var answer = inRecord.getNextAddrAsString();
+      Assert.equal(answer, test_answer_addr);
+      do_test_finished();
+      run_dns_tests();
+    }
+  },
+  QueryInterface: function(aIID) {
+    if (aIID.equals(Ci.nsIDNSListener) ||
+      aIID.equals(Ci.nsISupports)) {
+      return this;
+    }
+    throw Cr.NS_ERROR_NO_INTERFACE;
+  }
+};
+
+function testEsniRequest()
+{
+  // use the h2 server as DOH provider
+  prefs.setCharPref("network.trr.uri", "https://foo.example.com:" + h2Port + "/esni-dns");
+  listen = dns.asyncResolveByType("_esni.example.com", dns.RESOLVE_TYPE_TXT, 0, listenerEsni, mainThread, defaultOriginAttributes);
+}
+
+// verify esni record pushed on a A record request
+function testEsniPushPart1()
+{
+  prefs.setCharPref("network.trr.uri", "https://foo.example.com:" + h2Port + "/esni-dns-push");
+  listen = dns.asyncResolve("_esni_push.example.com", 0, listenerAddr, mainThread, defaultOriginAttributes);
+}
+
+// verify the esni pushed record
+function testEsniPushPart2()
+{
+  // At this point the second host name should've been pushed and we can resolve it using
+  // cache only. Set back the URI to a path that fails.
+  prefs.setCharPref("network.trr.uri", "https://foo.example.com:" + h2Port + "/404");
+  listen = dns.asyncResolveByType("_esni_push.example.com", dns.RESOLVE_TYPE_TXT, 0, listenerEsni, mainThread, defaultOriginAttributes);
+}
+
+function testsDone()
+{
+  do_test_finished();
+  do_test_finished();
+}
+
+var tests = [testEsniRequest,
+             testEsniPushPart1,
+             testEsniPushPart2,
+             testsDone
+            ];
+var current_test = 0;
+
+function run_dns_tests()
+{
+  if (current_test < tests.length) {
+    dump("starting test " + current_test + "\n");
+    do_test_pending();
+    tests[current_test++]();
+  }
+}
+
+
--- a/testing/xpcshell/moz-http2/moz-http2.js
+++ b/testing/xpcshell/moz-http2/moz-http2.js
@ -765,7 +765,7 @@ function handleRequest(req, res) {
                         "0001" + // QDCOUNT
                         "0001" + // ANCOUNT
                         "00000000" + // NSCOUNT + ARCOUNT
-                         "055F65736E69076578616D706C6503636F6D00" + // esni.example.com
+                         "055F65736E69076578616D706C6503636F6D00" + // _esni.example.com
                         "00100001" + // question type (TXT) + question class (IN)

                         "C00C" + // name pointer to .example.com
@ -784,6 +784,38 @@ function handleRequest(req, res) {
    return;
  }

+  // for use with test_esni_dns_fetch.js
+  else if (u.pathname === "/esni-dns-push") {
+    // _esni_push.example.com has A entry 127.0.0.1
+    var content= new Buffer("0000010000010001000000000A5F65736E695F70757368076578616D706C6503636F6D0000010001C00C000100010000003700047F000001", "hex");
+
+    // _esni_push.example.com has TXT entry 2062586B67646D39705932556761584D6762586B676347467A63336476636D513D
+    var pcontent= new Buffer("0000818000010001000000000A5F65736E695F70757368076578616D706C6503636F6D0000100001C00C001000010000003700212062586B67646D39705932556761584D6762586B676347467A63336476636D513D", "hex");
+
+    push = res.push({
+      hostname: 'foo.example.com:' + serverPort,
+      port: serverPort,
+      path: '/dns-pushed-response?dns=AAABAAABAAAAAAABCl9lc25pX3B1c2gHZXhhbXBsZQNjb20AABAAAQAAKRAAAAAAAAAIAAgABAABAAA',
+      method: 'GET',
+      headers: {
+        'accept' : 'application/dns-message'
+      }
+    });
+    push.writeHead(200, {
+      'content-type': 'application/dns-message',
+      'pushed' : 'yes',
+      'content-length' : pcontent.length,
+      'X-Connection-Http2': 'yes'
+    });
+    push.end(pcontent);
+    res.setHeader('Content-Type', 'application/dns-message');
+    res.setHeader('Content-Length', content.length);
+    res.writeHead(200);
+    res.write(content);
+    res.end("");
+    return;
+  }
+
  else if (u.pathname === "/.well-known/http-opportunistic") {
    res.setHeader('Cache-Control', 'no-cache');
    res.setHeader('Content-Type', 'application/json');