// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "chrome/browser/net/stub_resolver_config_reader.h" #include <string> #include "base/enterprise_util.h" #include "base/feature_list.h" #include "base/memory/raw_ptr.h" #include "base/test/scoped_feature_list.h" #include "base/values.h" #include "build/build_config.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/net/secure_dns_config.h" #include "chrome/browser/net/system_network_context_manager.h" #include "chrome/browser/profiles/profile.h" #include "chrome/browser/ui/browser.h" #include "chrome/common/chrome_features.h" #include "chrome/common/pref_names.h" #include "chrome/test/base/in_process_browser_test.h" #include "chrome/test/base/ui_test_utils.h" #include "components/policy/core/browser/browser_policy_connector.h" #include "components/policy/core/common/mock_configuration_policy_provider.h" #include "components/policy/core/common/policy_map.h" #include "components/policy/core/common/policy_types.h" #include "components/policy/policy_constants.h" #include "components/prefs/pref_service.h" #include "content/public/test/browser_test.h" #include "net/base/features.h" #include "net/dns/public/secure_dns_mode.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #if BUILDFLAG(IS_WIN) #include "base/win/win_util.h" #endif #if BUILDFLAG(IS_CHROMEOS_ASH) #include "chrome/browser/ash/net/secure_dns_manager.h" #endif // TODO([email protected]): Consider validating that the expected // configuration makes it all the way to the net::HostResolverManager in the // network service, rather than just testing StubResolverConfigReader output. namespace { #if BUILDFLAG(IS_CHROMEOS_LACROS) const std::string kDnsOverHttpsTemplatesPrefName = prefs::kDnsOverHttpsEffectiveTemplatesChromeOS; #else const std::string kDnsOverHttpsTemplatesPrefName = …; #endif class StubResolverConfigReaderBrowsertest : public InProcessBrowserTest, public testing::WithParamInterface<bool> { … }; // Set various DoH modes and DoH template strings and make sure the settings are // respected. IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, ConfigFromPrefs) { … } IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, DefaultNonSetPolicies) { … } // ChromeOS includes its own special functionality to set default policies if // any policies are set. This function is not declared and cannot be invoked // in non-CrOS builds. Expect these enterprise user defaults to disable DoH. #if BUILDFLAG(IS_CHROMEOS) IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, SpecialPolicies) { // Applies the special ChromeOS defaults to `policy_map_`. policy::SetEnterpriseUsersDefaults(&policy_map_); // Send the PolicyMap to the mock policy provider. policy_provider_.UpdateChromePolicy(policy_map_); SecureDnsConfig secure_dns_config = config_reader_->GetSecureDnsConfiguration( /*force_check_parental_controls_for_automatic_mode=*/false); EXPECT_EQ(secure_dns_config.mode(), net::SecureDnsMode::kOff); EXPECT_THAT(secure_dns_config.doh_servers().servers(), testing::IsEmpty()); } #endif // BUILDFLAG(IS_CHROMEOS) IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, DisableDohByPolicy) { … } IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, AutomaticModeByPolicy) { … } IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, SecureModeByPolicy) { … } IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, InvalidTemplatePolicy) { … } IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, InvalidModePolicy) { … } // Test that parental controls detection interacts correctly with prefs and // policies. IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, ConfigFromParentalControls) { … } #if BUILDFLAG(IS_CHROMEOS_ASH) constexpr char kTemplateIdentifiers[] = "https://dns.google.alternativeuri/" "${USER_EMAIL}"; constexpr char kEffectiveTemplateIdentifiers[] = "https://dns.google.alternativeuri/" "8E71AF9783B71B6996DAE103B28BC55882BD5CB93B29260D000D8121D9D10977"; IN_PROC_BROWSER_TEST_P(StubResolverConfigReaderBrowsertest, DohWithIdentifiers) { PrefService* local_state = g_browser_process->local_state(); std::unique_ptr<ash::SecureDnsManager> secure_dns_manager = std::make_unique<ash::SecureDnsManager>(local_state, /*is_profile_managed=*/true); local_state->SetString(prefs::kDnsOverHttpsMode, SecureDnsConfig::kModeSecure); local_state->SetString(prefs::kDnsOverHttpsTemplatesWithIdentifiers, kTemplateIdentifiers); local_state->SetString(prefs::kDnsOverHttpsSalt, "test-salt"); SecureDnsConfig secure_dns_config = config_reader_->GetSecureDnsConfiguration( false /* force_check_parental_controls_for_automatic_mode */); EXPECT_EQ(secure_dns_config.doh_servers().ToString(), kEffectiveTemplateIdentifiers); } #endif // BUILDFLAG(IS_CHROMEOS_ASH) INSTANTIATE_TEST_SUITE_P(…); } // namespace
Codebase Browser
chromium