Backed out 3 changesets (bug 1684040) for causing bustages in DNSPacket.cpp

CLOSED TREE

Backed out changeset 3c771d45563a (bug 1684040)
Backed out changeset 76e79151d53c (bug 1684040)
Backed out changeset 7a993eb7bfde (bug 1684040)
This commit is contained in:
Mihai Alexandru Michis 2021-01-26 16:15:12 +02:00
parent 84cab1d99c
commit 51b7d9634a
23 changed files with 173 additions and 1284 deletions

View File

@ -8765,30 +8765,6 @@
value: true
mirror: always
# Whether to enable odoh.
- name: network.trr.odoh.enabled
type: RelaxedAtomicBool
value: false
mirror: always
# The uri of Oblivious Proxy.
- name: network.trr.odoh.proxy_uri
type: String
value: ""
mirror: never
# The host name of Oblivious Target.
- name: network.trr.odoh.target_host
type: String
value: ""
mirror: never
# The uri path of the odoh uri.
- name: network.trr.odoh.target_path
type: String
value: ""
mirror: never
# Allow the network changed event to get sent when a network topology or setup
# change is noticed while running.
- name: network.notify.changed

View File

@ -151,38 +151,6 @@ union NetAddr {
bool ToStringBuffer(char* buf, uint32_t bufSize) const;
};
#define ODOH_VERSION 0xff03
static const char kODoHQuery[] = "odoh query";
static const char hODoHConfigID[] = "odoh key id";
static const char kODoHSecret[] = "odoh secret";
static const char kODoHKey[] = "odoh key";
static const char kODoHNonce[] = "odoh nonce";
struct ObliviousDoHConfigContents {
uint16_t mKemId;
uint16_t mKdfId;
uint16_t mAeadId;
nsTArray<uint8_t> mPublicKey;
};
struct ObliviousDoHConfig {
uint16_t mVersion;
uint16_t mLength;
ObliviousDoHConfigContents mContents;
nsTArray<uint8_t> mConfigId;
};
enum ObliviousDoHMessageType : uint8_t {
ODOH_QUERY = 1,
ODOH_RESPONSE = 2,
};
struct ObliviousDoHMessage {
ObliviousDoHMessageType mType;
nsTArray<uint8_t> mKeyId;
nsTArray<uint8_t> mEncryptedMessage;
};
class AddrInfo {
NS_INLINE_DECL_THREADSAFE_REFCOUNTING(AddrInfo)

File diff suppressed because it is too large Load Diff

View File

@ -7,8 +7,6 @@
#include "mozilla/Result.h"
#include "nsHostResolver.h"
#include "pk11pub.h"
#include "ScopedNSSTypes.h"
namespace mozilla {
namespace net {
@ -34,78 +32,39 @@ enum TrrType {
class DNSPacket {
public:
DNSPacket() = default;
virtual ~DNSPacket() = default;
// Called in order to feed data into the buffer.
nsresult OnDataAvailable(nsIRequest* aRequest, nsIInputStream* aInputStream,
uint64_t aOffset, const uint32_t aCount);
// Encodes the name request into a buffer that represents a DNS packet
virtual nsresult EncodeRequest(nsCString& aBody, const nsACString& aHost,
uint16_t aType, bool aDisableECS);
static nsresult EncodeRequest(nsCString& aBody, const nsACString& aHost,
uint16_t aType, bool aDisableECS);
// Decodes the DNS response and extracts the responses, additional records,
// etc. XXX: This should probably be refactored to reduce the number of
// output parameters and have a common format for different record types.
virtual nsresult Decode(
nsresult Decode(
nsCString& aHost, enum TrrType aType, nsCString& aCname,
bool aAllowRFC1918, nsHostRecord::TRRSkippedReason& reason,
DOHresp& aResp, TypeRecordResultType& aTypeResult,
nsClassHashtable<nsCStringHashKey, DOHresp>& aAdditionalRecords,
uint32_t& aTTL);
protected:
private:
// Never accept larger DOH responses than this as that would indicate
// something is wrong. Typical ones are much smaller.
static const unsigned int MAX_SIZE = 3200;
nsresult PassQName(unsigned int& index, const unsigned char* aBuffer);
nsresult GetQname(nsACString& aQname, unsigned int& aIndex,
const unsigned char* aBuffer);
nsresult PassQName(unsigned int& index);
nsresult GetQname(nsACString& aQname, unsigned int& aIndex);
nsresult ParseSvcParam(unsigned int svcbIndex, uint16_t key,
SvcFieldValue& field, uint16_t length,
const unsigned char* aBuffer);
nsresult DecodeInternal(
nsCString& aHost, enum TrrType aType, nsCString& aCname,
bool aAllowRFC1918, nsHostRecord::TRRSkippedReason& reason,
DOHresp& aResp, TypeRecordResultType& aTypeResult,
nsClassHashtable<nsCStringHashKey, DOHresp>& aAdditionalRecords,
uint32_t& aTTL, const unsigned char* aBuffer, uint32_t aLen);
SvcFieldValue& field, uint16_t length);
// The response buffer.
unsigned char mResponse[MAX_SIZE]{};
unsigned int mBodySize = 0;
};
class ODoHDNSPacket final : public DNSPacket {
public:
ODoHDNSPacket() {}
virtual ~ODoHDNSPacket();
static bool ParseODoHConfigs(const nsCString& aRawODoHConfig,
nsTArray<ObliviousDoHConfig>& aOut);
virtual nsresult EncodeRequest(nsCString& aBody, const nsACString& aHost,
uint16_t aType, bool aDisableECS) override;
virtual nsresult Decode(
nsCString& aHost, enum TrrType aType, nsCString& aCname,
bool aAllowRFC1918, nsHostRecord::TRRSkippedReason& reason,
DOHresp& aResp, TypeRecordResultType& aTypeResult,
nsClassHashtable<nsCStringHashKey, DOHresp>& aAdditionalRecords,
uint32_t& aTTL) override;
protected:
bool EncryptDNSQuery(const nsACString& aQuery, uint16_t aPaddingLen,
const ObliviousDoHConfig& aConfig,
ObliviousDoHMessage& aOut);
bool DecryptDNSResponse();
HpkeContext* mContext = nullptr;
UniqueSECItem mPlainQuery;
};
} // namespace net
} // namespace mozilla

View File

@ -1,69 +0,0 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set sw=2 ts=8 et tw=80 : */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "ODoH.h"
#include "mozilla/Base64.h"
#include "nsIURIMutator.h"
#include "ODoHService.h"
#include "TRRService.h"
namespace mozilla {
namespace net {
#undef LOG
#undef LOG_ENABLED
extern mozilla::LazyLogModule gHostResolverLog;
#define LOG(args) MOZ_LOG(gHostResolverLog, mozilla::LogLevel::Debug, args)
#define LOG_ENABLED() \
MOZ_LOG_TEST(mozilla::net::gHostResolverLog, mozilla::LogLevel::Debug)
NS_IMETHODIMP
ODoH::Run() {
if (!gODoHService) {
RecordReason(nsHostRecord::TRR_SEND_FAILED);
FailData(NS_ERROR_FAILURE);
return NS_OK;
}
if (!gODoHService->ODoHConfigs()) {
LOG(("ODoH::Run ODoHConfigs is not available\n"));
if (NS_SUCCEEDED(gODoHService->UpdateODoHConfig())) {
gODoHService->AppendPendingODoHRequest(this);
} else {
FailData(NS_ERROR_FAILURE);
return NS_OK;
}
return NS_OK;
}
return TRR::Run();
}
DNSPacket* ODoH::GetOrCreateDNSPacket() {
if (!mPacket) {
mPacket = MakeUnique<ODoHDNSPacket>();
}
return mPacket.get();
}
nsresult ODoH::CreateQueryURI(nsIURI** aOutURI) {
nsAutoCString uri;
nsCOMPtr<nsIURI> dnsURI;
gODoHService->GetRequestURI(uri);
nsresult rv = NS_NewURI(getter_AddRefs(dnsURI), uri);
if (NS_FAILED(rv)) {
return rv;
}
dnsURI.forget(aOutURI);
return NS_OK;
}
} // namespace net
} // namespace mozilla

View File

@ -1,38 +0,0 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set sw=2 ts=8 et tw=80 : */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_net_ODoH_h
#define mozilla_net_ODoH_h
#include "TRR.h"
namespace mozilla {
namespace net {
class ODoH final : public TRR {
public:
explicit ODoH(AHostResolver* aResolver, nsHostRecord* aRec,
enum TrrType aType)
: TRR(aResolver, aRec, aType) {}
NS_IMETHOD Run() override;
// ODoH should not support push.
NS_IMETHOD GetInterface(const nsIID&, void**) override {
return NS_ERROR_NO_INTERFACE;
}
protected:
virtual ~ODoH() = default;
virtual DNSPacket* GetOrCreateDNSPacket() override;
virtual nsresult CreateQueryURI(nsIURI** aOutURI) override;
virtual const char* ContentType() const override {
return "application/oblivious-dns-message";
}
};
} // namespace net
} // namespace mozilla
#endif

View File

@ -1,255 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "ODoHService.h"
#include "mozilla/Preferences.h"
#include "mozilla/StaticPrefs_network.h"
#include "nsIDNSService.h"
#include "nsIDNSByTypeRecord.h"
#include "nsIOService.h"
#include "ODoH.h"
#include "TRRService.h"
#include "nsURLHelper.h"
static const char kODoHProxyURIPref[] = "network.trr.odoh.proxy_uri";
static const char kODoHTargetHostPref[] = "network.trr.odoh.target_host";
static const char kODoHTargetPathPref[] = "network.trr.odoh.target_path";
namespace mozilla {
namespace net {
ODoHService* gODoHService = nullptr;
extern mozilla::LazyLogModule gHostResolverLog;
#define LOG(args) MOZ_LOG(gHostResolverLog, mozilla::LogLevel::Debug, args)
NS_IMPL_ISUPPORTS(ODoHService, nsIDNSListener, nsIObserver,
nsISupportsWeakReference)
ODoHService::ODoHService()
: mLock("net::ODoHService"), mQueryODoHConfigInProgress(false) {
gODoHService = this;
}
ODoHService::~ODoHService() { gODoHService = nullptr; }
bool ODoHService::Init() {
MOZ_ASSERT(NS_IsMainThread(), "wrong thread");
nsCOMPtr<nsIPrefBranch> prefBranch(do_GetService(NS_PREFSERVICE_CONTRACTID));
if (!prefBranch) {
return false;
}
prefBranch->AddObserver(kODoHProxyURIPref, this, true);
prefBranch->AddObserver(kODoHTargetHostPref, this, true);
prefBranch->AddObserver(kODoHTargetPathPref, this, true);
ReadPrefs(nullptr);
return true;
}
bool ODoHService::Enabled() const {
return StaticPrefs::network_trr_odoh_enabled();
}
NS_IMETHODIMP
ODoHService::Observe(nsISupports* aSubject, const char* aTopic,
const char16_t* aData) {
MOZ_ASSERT(NS_IsMainThread(), "wrong thread");
if (!strcmp(aTopic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID)) {
ReadPrefs(NS_ConvertUTF16toUTF8(aData).get());
}
return NS_OK;
}
nsresult ODoHService::ReadPrefs(const char* aName) {
if (!aName || !strcmp(aName, kODoHProxyURIPref) ||
!strcmp(aName, kODoHTargetHostPref) ||
!strcmp(aName, kODoHTargetPathPref)) {
OnODoHPrefsChange();
}
return NS_OK;
}
void ODoHService::OnODoHPrefsChange() {
nsAutoCString proxyURI;
Preferences::GetCString(kODoHProxyURIPref, proxyURI);
nsAutoCString targetHost;
Preferences::GetCString(kODoHTargetHostPref, targetHost);
nsAutoCString targetPath;
Preferences::GetCString(kODoHTargetPathPref, targetPath);
bool updateODoHConfig = false;
{
MutexAutoLock lock(mLock);
mODoHProxyURI = proxyURI;
// Only update ODoHConfig when the host is really changed.
if (!mODoHTargetHost.Equals(targetHost)) {
updateODoHConfig = true;
}
mODoHTargetHost = targetHost;
mODoHTargetPath = targetPath;
BuildODoHRequestURI();
}
if (updateODoHConfig) {
UpdateODoHConfig();
}
}
void ODoHService::BuildODoHRequestURI() {
mLock.AssertCurrentThreadOwns();
mODoHRequestURI.Truncate();
if (mODoHTargetHost.IsEmpty() || mODoHTargetPath.IsEmpty()) {
return;
}
if (mODoHProxyURI.IsEmpty()) {
mODoHRequestURI.Append(mODoHTargetHost);
mODoHRequestURI.AppendLiteral("/");
mODoHRequestURI.Append(mODoHTargetPath);
} else {
mODoHRequestURI.Append(mODoHProxyURI);
mODoHRequestURI.AppendLiteral("?targethost=");
mODoHRequestURI.Append(mODoHTargetHost);
mODoHRequestURI.AppendLiteral("&targetpath=/");
mODoHRequestURI.Append(mODoHTargetPath);
}
}
void ODoHService::GetRequestURI(nsACString& aResult) {
MutexAutoLock lock(mLock);
aResult = mODoHRequestURI;
}
nsresult ODoHService::UpdateODoHConfig() {
LOG(("ODoHService::UpdateODoHConfig"));
if (mQueryODoHConfigInProgress) {
return NS_OK;
}
nsAutoCString uri;
{
MutexAutoLock lock(mLock);
uri = mODoHProxyURI.IsEmpty() ? mODoHTargetHost : mODoHProxyURI;
}
nsCOMPtr<nsIDNSService> dns(
do_GetService("@mozilla.org/network/dns-service;1"));
if (!dns) {
return NS_ERROR_NOT_AVAILABLE;
}
if (!gTRRService) {
return NS_ERROR_NOT_AVAILABLE;
}
nsCOMPtr<nsIURI> queryURI;
nsresult rv = NS_NewURI(getter_AddRefs(queryURI), uri);
if (NS_FAILED(rv)) {
return rv;
}
nsAutoCString scheme;
queryURI->GetScheme(scheme);
if (!scheme.Equals("https")) {
LOG(("ODoHService::UpdateODoHConfig uri is not https"));
return NS_ERROR_FAILURE;
}
nsAutoCString hostStr;
rv = queryURI->GetAsciiHost(hostStr);
if (NS_FAILED(rv)) {
return rv;
}
nsCOMPtr<nsICancelable> tmpOutstanding;
nsCOMPtr<nsIEventTarget> target = gTRRService->MainThreadOrTRRThread();
uint32_t flags = nsIDNSService::RESOLVE_DISABLE_ODOH;
rv = dns->AsyncResolveNative(hostStr, nsIDNSService::RESOLVE_TYPE_HTTPSSVC,
flags, nullptr, this, target, OriginAttributes(),
getter_AddRefs(tmpOutstanding));
LOG(("ODoHService::UpdateODoHConfig [host=%s rv=%" PRIx32 "]", hostStr.get(),
static_cast<uint32_t>(rv)));
if (NS_SUCCEEDED(rv)) {
mQueryODoHConfigInProgress = true;
}
return rv;
}
NS_IMETHODIMP
ODoHService::OnLookupComplete(nsICancelable* aRequest, nsIDNSRecord* aRec,
nsresult aStatus) {
MOZ_ASSERT_IF(XRE_IsParentProcess() && gTRRService,
NS_IsMainThread() || gTRRService->IsOnTRRThread());
MOZ_ASSERT_IF(XRE_IsSocketProcess(), NS_IsMainThread());
mQueryODoHConfigInProgress = false;
LOG(("ODoHService::OnLookupComplete [aStatus=%" PRIx32 "]",
static_cast<uint32_t>(aStatus)));
if (NS_FAILED(aStatus)) {
return NS_OK;
}
nsCOMPtr<nsIDNSHTTPSSVCRecord> httpsRecord = do_QueryInterface(aRec);
if (!httpsRecord) {
return NS_OK;
}
nsCString rawODoHConfig;
nsTArray<RefPtr<nsISVCBRecord>> svcbRecords;
httpsRecord->GetRecords(svcbRecords);
for (const auto& record : svcbRecords) {
Unused << record->GetODoHConfig(rawODoHConfig);
if (!rawODoHConfig.IsEmpty()) {
break;
}
}
nsTArray<ObliviousDoHConfig> configs;
if (!ODoHDNSPacket::ParseODoHConfigs(rawODoHConfig, configs)) {
return NS_OK;
}
mODoHConfigs.emplace(std::move(configs));
if (!mPendingRequests.IsEmpty()) {
nsTArray<RefPtr<ODoH>> requests = std::move(mPendingRequests);
nsCOMPtr<nsIEventTarget> target = gTRRService->MainThreadOrTRRThread();
for (auto& query : requests) {
target->Dispatch(query.forget());
}
}
return NS_OK;
}
const Maybe<nsTArray<ObliviousDoHConfig>>& ODoHService::ODoHConfigs() {
MOZ_ASSERT_IF(XRE_IsParentProcess() && gTRRService,
NS_IsMainThread() || gTRRService->IsOnTRRThread());
MOZ_ASSERT_IF(XRE_IsSocketProcess(), NS_IsMainThread());
return mODoHConfigs;
}
void ODoHService::AppendPendingODoHRequest(ODoH* aRequest) {
LOG(("ODoHService::AppendPendingODoHQuery\n"));
MOZ_ASSERT_IF(XRE_IsParentProcess() && gTRRService,
NS_IsMainThread() || gTRRService->IsOnTRRThread());
MOZ_ASSERT_IF(XRE_IsSocketProcess(), NS_IsMainThread());
mPendingRequests.AppendElement(aRequest);
}
} // namespace net
} // namespace mozilla

View File

@ -1,61 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef ODoHService_h_
#define ODoHService_h_
#include "DNS.h"
#include "mozilla/Atomics.h"
#include "mozilla/Maybe.h"
#include "nsString.h"
#include "nsIDNSListener.h"
#include "nsIObserver.h"
#include "nsWeakReference.h"
namespace mozilla {
namespace net {
class ODoH;
class ODoHService : public nsIDNSListener,
public nsIObserver,
public nsSupportsWeakReference {
public:
NS_DECL_THREADSAFE_ISUPPORTS
NS_DECL_NSIDNSLISTENER
NS_DECL_NSIOBSERVER
ODoHService();
bool Init();
bool Enabled() const;
const Maybe<nsTArray<ObliviousDoHConfig>>& ODoHConfigs();
void AppendPendingODoHRequest(ODoH* aRequest);
void GetRequestURI(nsACString& aResult);
nsresult UpdateODoHConfig();
private:
virtual ~ODoHService();
nsresult ReadPrefs(const char* aName);
void OnODoHPrefsChange();
// Send a DNS query to reterive the ODoHConfig.
void BuildODoHRequestURI();
Mutex mLock;
Atomic<bool, Relaxed> mQueryODoHConfigInProgress;
nsCString mODoHProxyURI;
nsCString mODoHTargetHost;
nsCString mODoHTargetPath;
nsCString mODoHRequestURI;
Maybe<nsTArray<ObliviousDoHConfig>> mODoHConfigs;
nsTArray<RefPtr<ODoH>> mPendingRequests;
};
extern ODoHService* gODoHService;
} // namespace net
} // namespace mozilla
#endif

View File

@ -134,32 +134,6 @@ nsresult TRR::CreateChannelHelper(nsIURI* aUri, nsIChannel** aResult) {
aResult);
}
DNSPacket* TRR::GetOrCreateDNSPacket() {
if (!mPacket) {
mPacket = MakeUnique<DNSPacket>();
}
return mPacket.get();
}
nsresult TRR::CreateQueryURI(nsIURI** aOutURI) {
nsAutoCString uri;
nsCOMPtr<nsIURI> dnsURI;
if (UseDefaultServer()) {
gTRRService->GetURI(uri);
} else {
uri = mRec->mTrrServer;
}
nsresult rv = NS_NewURI(getter_AddRefs(dnsURI), uri);
if (NS_FAILED(rv)) {
return rv;
}
dnsURI.forget(aOutURI);
return NS_OK;
}
nsresult TRR::SendHTTPRequest() {
// This is essentially the "run" method - created from nsHostResolver
@ -201,31 +175,39 @@ nsresult TRR::SendHTTPRequest() {
}
}
bool useGet = StaticPrefs::network_trr_useGET();
nsAutoCString body;
nsCOMPtr<nsIURI> dnsURI;
bool disableECS = StaticPrefs::network_trr_disable_ECS();
nsresult rv;
LOG(("TRR::SendHTTPRequest resolve %s type %u\n", mHost.get(), mType));
nsAutoCString body;
bool disableECS = StaticPrefs::network_trr_disable_ECS();
nsresult rv =
GetOrCreateDNSPacket()->EncodeRequest(body, mHost, mType, disableECS);
NS_ENSURE_SUCCESS(rv, rv);
bool useGet = StaticPrefs::network_trr_useGET();
nsCOMPtr<nsIURI> dnsURI;
rv = CreateQueryURI(getter_AddRefs(dnsURI));
if (NS_FAILED(rv)) {
LOG(("TRR:SendHTTPRequest: NewURI failed!\n"));
return rv;
}
if (useGet) {
nsAutoCString tmp;
rv = DNSPacket::EncodeRequest(tmp, mHost, mType, disableECS);
NS_ENSURE_SUCCESS(rv, rv);
/* For GET requests, the outgoing packet needs to be Base64url-encoded and
then appended to the end of the URI. */
nsAutoCString encoded;
rv = Base64URLEncode(body.Length(),
reinterpret_cast<const unsigned char*>(body.get()),
Base64URLEncodePaddingPolicy::Omit, encoded);
rv = Base64URLEncode(tmp.Length(),
reinterpret_cast<const unsigned char*>(tmp.get()),
Base64URLEncodePaddingPolicy::Omit, body);
NS_ENSURE_SUCCESS(rv, rv);
nsAutoCString uri;
if (UseDefaultServer()) {
gTRRService->GetURI(uri);
} else {
uri = mRec->mTrrServer;
}
rv = NS_NewURI(getter_AddRefs(dnsURI), uri);
if (NS_FAILED(rv)) {
LOG(("TRR:SendHTTPRequest: NewURI failed!\n"));
return rv;
}
nsAutoCString query;
rv = dnsURI->GetQuery(query);
if (NS_FAILED(rv)) {
@ -237,10 +219,25 @@ nsresult TRR::SendHTTPRequest() {
} else {
query.Append("&dns="_ns);
}
query.Append(encoded);
query.Append(body);
rv = NS_MutateURI(dnsURI).SetQuery(query).Finalize(dnsURI);
LOG(("TRR::SendHTTPRequest GET dns=%s\n", body.get()));
} else {
rv = DNSPacket::EncodeRequest(body, mHost, mType, disableECS);
NS_ENSURE_SUCCESS(rv, rv);
nsAutoCString uri;
if (UseDefaultServer()) {
gTRRService->GetURI(uri);
} else {
uri = mRec->mTrrServer;
}
rv = NS_NewURI(getter_AddRefs(dnsURI), uri);
}
if (NS_FAILED(rv)) {
LOG(("TRR:SendHTTPRequest: NewURI failed!\n"));
return rv;
}
nsCOMPtr<nsIChannel> channel;
@ -267,8 +264,8 @@ nsresult TRR::SendHTTPRequest() {
rv = httpChannel->SetTRRMode(nsIRequest::TRR_DISABLED_MODE);
NS_ENSURE_SUCCESS(rv, rv);
nsCString contentType(ContentType());
rv = httpChannel->SetRequestHeader("Accept"_ns, contentType, false);
rv = httpChannel->SetRequestHeader("Accept"_ns, "application/dns-message"_ns,
false);
NS_ENSURE_SUCCESS(rv, rv);
nsAutoCString cred;
@ -306,12 +303,13 @@ nsresult TRR::SendHTTPRequest() {
NS_NewCStringInputStream(getter_AddRefs(uploadStream), std::move(body));
NS_ENSURE_SUCCESS(rv, rv);
rv = uploadChannel->ExplicitSetUploadStream(uploadStream, contentType,
rv = uploadChannel->ExplicitSetUploadStream(uploadStream,
"application/dns-message"_ns,
streamLength, "POST"_ns, false);
NS_ENSURE_SUCCESS(rv, rv);
}
rv = SetupTRRServiceChannelInternal(httpChannel, useGet, contentType);
rv = SetupTRRServiceChannelInternal(httpChannel, useGet);
if (NS_FAILED(rv)) {
return rv;
}
@ -338,8 +336,7 @@ nsresult TRR::SendHTTPRequest() {
// static
nsresult TRR::SetupTRRServiceChannelInternal(nsIHttpChannel* aChannel,
bool aUseGet,
const nsACString& aContentType) {
bool aUseGet) {
nsCOMPtr<nsIHttpChannel> httpChannel = aChannel;
MOZ_ASSERT(httpChannel);
@ -369,7 +366,7 @@ nsresult TRR::SetupTRRServiceChannelInternal(nsIHttpChannel* aChannel,
}
// set the *default* response content type
if (NS_FAILED(httpChannel->SetContentType(aContentType))) {
if (NS_FAILED(httpChannel->SetContentType("application/dns-message"_ns))) {
LOG(("TRR::SetupTRRServiceChannelInternal: couldn't set content-type!\n"));
}
@ -751,7 +748,7 @@ nsresult TRR::FollowCname(nsIChannel* aChannel) {
LOG(("TRR: check for CNAME record for %s within previous response\n",
cname.get()));
nsClassHashtable<nsCStringHashKey, DOHresp> additionalRecords;
rv = GetOrCreateDNSPacket()->Decode(
rv = mPacket.Decode(
cname, mType, mCname, StaticPrefs::network_trr_allow_rfc1918(),
mTRRSkippedReason, mDNS, mResult, additionalRecords, mTTL);
if (NS_FAILED(rv)) {
@ -784,7 +781,7 @@ nsresult TRR::FollowCname(nsIChannel* aChannel) {
nsresult TRR::On200Response(nsIChannel* aChannel) {
// decode body and create an AddrInfo struct for the response
nsClassHashtable<nsCStringHashKey, DOHresp> additionalRecords;
nsresult rv = GetOrCreateDNSPacket()->Decode(
nsresult rv = mPacket.Decode(
mHost, mType, mCname, StaticPrefs::network_trr_allow_rfc1918(),
mTRRSkippedReason, mDNS, mResult, additionalRecords, mTTL);
@ -867,7 +864,7 @@ TRR::OnStopRequest(nsIRequest* aRequest, nsresult aStatusCode) {
nsAutoCString contentType;
httpChannel->GetContentType(contentType);
if (contentType.Length() &&
!contentType.LowerCaseEqualsASCII(ContentType())) {
!contentType.LowerCaseEqualsLiteral("application/dns-message")) {
LOG(("TRR:OnStopRequest %p %s %d wrong content type %s\n", this,
mHost.get(), mType, contentType.get()));
FailData(NS_ERROR_UNEXPECTED);
@ -906,8 +903,8 @@ TRR::OnDataAvailable(nsIRequest* aRequest, nsIInputStream* aInputStream,
return NS_ERROR_FAILURE;
}
nsresult rv = GetOrCreateDNSPacket()->OnDataAvailable(aRequest, aInputStream,
aOffset, aCount);
nsresult rv =
mPacket.OnDataAvailable(aRequest, aInputStream, aOffset, aCount);
if (NS_FAILED(rv)) {
LOG(("TRR::OnDataAvailable:%d fail\n", __LINE__));
mFailed = true;

View File

@ -101,11 +101,8 @@ class TRR : public Runnable,
RefPtr<nsHostRecord> mRec;
RefPtr<AHostResolver> mHostResolver;
protected:
virtual ~TRR() = default;
virtual DNSPacket* GetOrCreateDNSPacket();
virtual nsresult CreateQueryURI(nsIURI** aOutURI);
virtual const char* ContentType() const { return "application/dns-message"; }
private:
~TRR() = default;
nsresult SendHTTPRequest();
nsresult ReturnData(nsIChannel* aChannel);
@ -129,14 +126,14 @@ class TRR : public Runnable,
nsresult CreateChannelHelper(nsIURI* aUri, nsIChannel** aResult);
friend class TRRServiceChannel;
static nsresult SetupTRRServiceChannelInternal(
nsIHttpChannel* aChannel, bool aUseGet, const nsACString& aContentType);
static nsresult SetupTRRServiceChannelInternal(nsIHttpChannel* aChannel,
bool aUseGet);
void StoreIPHintAsDNSRecord(const struct SVCB& aSVCBRecord);
nsCOMPtr<nsIChannel> mChannel;
enum TrrType mType;
UniquePtr<DNSPacket> mPacket;
DNSPacket mPacket;
bool mFailed = false;
bool mPB;
DOHresp mDNS;

View File

@ -4,7 +4,6 @@
#include "TRRQuery.h"
#include "TRR.h"
#include "ODoH.h"
namespace mozilla {
namespace net {
@ -50,12 +49,7 @@ void TRRQuery::Cancel() {
}
}
nsresult TRRQuery::DispatchLookup(TRR* pushedTRR, bool aUseODoH) {
if (aUseODoH && pushedTRR) {
MOZ_ASSERT(false, "ODoH should not support push");
return NS_ERROR_UNKNOWN_HOST;
}
nsresult TRRQuery::DispatchLookup(TRR* pushedTRR) {
mTrrStart = TimeStamp::Now();
RefPtr<AddrHostRecord> addrRec;
@ -97,12 +91,7 @@ nsresult TRRQuery::DispatchLookup(TRR* pushedTRR, bool aUseODoH) {
}
LOG(("TRR Resolve %s type %d\n", addrRec->host.get(), (int)rectype));
RefPtr<TRR> trr;
if (aUseODoH) {
trr = new ODoH(this, mRecord, rectype);
} else {
trr = pushedTRR ? pushedTRR : new TRR(this, mRecord, rectype);
}
trr = pushedTRR ? pushedTRR : new TRR(this, mRecord, rectype);
if (pushedTRR || NS_SUCCEEDED(gTRRService->DispatchTRRRequest(trr))) {
MutexAutoLock trrlock(mTrrLock);
if (rectype == TRRTYPE_A) {
@ -143,12 +132,8 @@ nsresult TRRQuery::DispatchLookup(TRR* pushedTRR, bool aUseODoH) {
LOG(("TRR Resolve %s type %d\n", typeRec->host.get(), (int)rectype));
RefPtr<TRR> trr;
if (aUseODoH) {
trr = new ODoH(this, mRecord, rectype);
} else {
trr = pushedTRR ? pushedTRR : new TRR(this, mRecord, rectype);
}
trr = pushedTRR ? pushedTRR : new TRR(this, mRecord, rectype);
RefPtr<TRR> trrRequest = trr;
if (pushedTRR || NS_SUCCEEDED(gTRRService->DispatchTRRRequest(trr))) {
MutexAutoLock trrlock(mTrrLock);
MOZ_ASSERT(!mTrrByType);

View File

@ -19,7 +19,7 @@ class TRRQuery : public AHostResolver {
mRecord(aHostRecord),
mTrrLock("TRRQuery.mTrrLock") {}
nsresult DispatchLookup(TRR* pushedTRR = nullptr, bool aUseODoHProxy = false);
nsresult DispatchLookup(TRR* pushedTRR = nullptr);
void Cancel();

View File

@ -32,6 +32,8 @@ static const char kOpenCaptivePortalLoginEvent[] = "captive-portal-login";
static const char kClearPrivateData[] = "clear-private-data";
static const char kPurge[] = "browser:purge-session-history";
static const char kDisableIpv6Pref[] = "network.dns.disableIPv6";
static const char kRolloutURIPref[] = "doh-rollout.uri";
static const char kRolloutModePref[] = "doh-rollout.mode";
#define TRR_PREF_PREFIX "network.trr."
#define TRR_PREF(x) TRR_PREF_PREFIX x
@ -198,11 +200,6 @@ nsresult TRRService::Init() {
}
}
mODoHService = new ODoHService();
if (!mODoHService->Init()) {
return NS_ERROR_FAILURE;
}
LOG(("Initialized TRRService\n"));
return NS_OK;
}
@ -495,26 +492,20 @@ nsresult TRRService::DispatchTRRRequest(TRR* aTrrRequest) {
nsresult TRRService::DispatchTRRRequestInternal(TRR* aTrrRequest,
bool aWithLock) {
NS_ENSURE_ARG_POINTER(aTrrRequest);
if (!StaticPrefs::network_trr_fetch_off_main_thread() ||
XRE_IsSocketProcess()) {
return NS_DispatchToMainThread(aTrrRequest);
}
nsCOMPtr<nsIThread> thread = MainThreadOrTRRThread(aWithLock);
RefPtr<TRR> trr = aTrrRequest;
nsCOMPtr<nsIThread> thread = aWithLock ? TRRThread() : TRRThread_locked();
if (!thread) {
return NS_ERROR_FAILURE;
}
RefPtr<TRR> trr = aTrrRequest;
return thread->Dispatch(trr.forget());
}
already_AddRefed<nsIThread> TRRService::MainThreadOrTRRThread(bool aWithLock) {
if (!StaticPrefs::network_trr_fetch_off_main_thread() ||
XRE_IsSocketProcess()) {
return do_GetMainThread();
}
nsCOMPtr<nsIThread> thread = aWithLock ? TRRThread() : TRRThread_locked();
return thread.forget();
}
already_AddRefed<nsIThread> TRRService::TRRThread() {
MutexAutoLock lock(mLock);
return TRRThread_locked();

View File

@ -11,7 +11,6 @@
#include "nsIObserver.h"
#include "nsITimer.h"
#include "nsWeakReference.h"
#include "ODoHService.h"
#include "TRRServiceBase.h"
class nsDNSService;
@ -76,7 +75,6 @@ class TRRService : public TRRServiceBase,
friend class TRRServiceChild;
friend class TRRServiceParent;
friend class ODoHService;
static void AddObserver(nsIObserver* aObserver,
nsIObserverService* aObserverService = nullptr);
static bool CheckCaptivePortalIsPassed();
@ -98,7 +96,6 @@ class TRRService : public TRRServiceBase,
nsresult DispatchTRRRequestInternal(TRR* aTrrRequest, bool aWithLock);
already_AddRefed<nsIThread> TRRThread_locked();
already_AddRefed<nsIThread> MainThreadOrTRRThread(bool aWithLock = true);
// This method will process the URI and try to set mPrivateURI to that value.
// Will return true if performed the change (if the value was different)
@ -145,7 +142,6 @@ class TRRService : public TRRServiceBase,
uint32_t mRetryConfirmInterval; // milliseconds until retry
Atomic<uint32_t, Relaxed> mTRRFailures;
bool mParentalControlEnabled;
RefPtr<ODoHService> mODoHService;
};
extern TRRService* gTRRService;

View File

@ -6,10 +6,7 @@
#include "TRRServiceBase.h"
#include "mozilla/Logging.h"
#include "mozilla/Preferences.h"
#include "nsHostResolver.h"
#include "nsNetUtil.h"
#include "nsIOService.h"
#include "nsIDNSService.h"

View File

@ -13,9 +13,6 @@
namespace mozilla {
namespace net {
static const char kRolloutURIPref[] = "doh-rollout.uri";
static const char kRolloutModePref[] = "doh-rollout.mode";
class TRRServiceBase {
public:
TRRServiceBase();

View File

@ -9,7 +9,6 @@
#include "mozilla/StaticPtr.h"
#include "nsIDNService.h"
#include "nsIObserverService.h"
#include "nsServiceManagerUtils.h"
#include "TRRService.h"
namespace mozilla {

View File

@ -22,6 +22,9 @@
namespace mozilla {
namespace net {
static const char kRolloutURIPref[] = "doh-rollout.uri";
static const char kRolloutModePref[] = "doh-rollout.mode";
static const char* gTRRUriCallbackPrefs[] = {
"network.trr.uri", "network.trr.mode", kRolloutURIPref, kRolloutModePref,
nullptr,

View File

@ -71,8 +71,6 @@ UNIFIED_SOURCES += [
"NativeDNSResolverOverrideParent.cpp",
"nsDNSService2.cpp",
"nsIDNService.cpp",
"ODoH.cpp",
"ODoHService.cpp",
"punycode.c",
"TRR.cpp",
"TRRQuery.cpp",

View File

@ -37,7 +37,6 @@
#include "TRR.h"
#include "TRRQuery.h"
#include "TRRService.h"
#include "ODoHService.h"
#include "mozilla/Atomics.h"
#include "mozilla/HashFunctions.h"
@ -1384,9 +1383,7 @@ nsresult nsHostResolver::TrrLookup(nsHostRecord* aRec, TRR* pushedTRR) {
MaybeRenewHostRecordLocked(rec);
RefPtr<TRRQuery> query = new TRRQuery(this, rec);
bool useODoH = gODoHService->Enabled() &&
!((rec->flags & nsIDNSService::RESOLVE_DISABLE_ODOH));
nsresult rv = query->DispatchLookup(pushedTRR, useODoH);
nsresult rv = query->DispatchLookup(pushedTRR);
if (NS_FAILED(rv)) {
rec->RecordReason(nsHostRecord::TRR_DID_NOT_MAKE_QUERY);
return rv;

View File

@ -330,11 +330,6 @@ interface nsIDNSService : nsISupports
* resolve/asyncResolve.
*/
const unsigned long RESOLVE_IP_HINT = 1 << 14;
/**
* If set, do not use ODoH for resolving the host name.
*/
const unsigned long RESOLVE_DISABLE_ODOH = 1 << 15;
};
%{C++

View File

@ -1170,16 +1170,10 @@ nsresult TRRServiceChannel::SetupReplacementChannel(nsIURI* aNewURI,
encodedChannel->SetApplyConversion(LoadApplyConversion());
}
// Make sure we set content-type on the old channel properly.
MOZ_ASSERT(mContentTypeHint.Equals("application/dns-message") ||
mContentTypeHint.Equals("application/oblivious-dns-message"));
// Apply TRR specific settings. Note that we already know mContentTypeHint is
// "application/dns-message" or "application/oblivious-dns-message" here.
// Apply TRR specific settings.
return TRR::SetupTRRServiceChannelInternal(
httpChannel,
mRequestHead.ParsedMethod() == nsHttpRequestHead::kMethod_Get,
mContentTypeHint);
mRequestHead.ParsedMethod() == nsHttpRequestHead::kMethod_Get);
}
NS_IMETHODIMP

View File

@ -299,7 +299,6 @@ PK11_DeleteTokenPublicKey
PK11_DeleteTokenSymKey
PK11_DEREncodePublicKey
PK11_Derive
PK11_DeriveWithFlags
PK11_DeriveWithTemplate
PK11_DestroyContext
PK11_DestroyGenericObject
@ -371,21 +370,9 @@ PK11_GetTokenURI
PK11_HasAttributeSet
PK11_HashBuf
PK11_HasRootCerts
PK11_HPKE_DestroyContext
PK11_HPKE_Deserialize
PK11_HPKE_ExportSecret
PK11_HPKE_GetEncapPubKey
PK11_HPKE_NewContext
PK11_HPKE_Open
PK11_HPKE_Seal
PK11_HPKE_Serialize
PK11_HPKE_SetupS
PK11_HPKE_SetupR
PK11_HPKE_ValidateParameters
PK11_ImportCert
PK11_ImportCertForKey
PK11_ImportCRL
PK11_ImportDataKey
PK11_ImportDERPrivateKeyInfoAndReturnKey
PK11_ImportEncryptedPrivateKeyInfoAndReturnKey
PK11_ImportPublicKey