Cleanup SecureDnsMode enum
Move from DnsConfig into its own file in /net/dns/public/. Should remove
all net-external dependency on DnsConfig.
Also, while renaming all the SecureDnsMode references, take the
opportunity to rename the values from MACRO_STYLE to kConstStyle as is
more recently required by the Google C++ style guide.
Bug: 1129993
Change-Id: I1d57bba9cd0e40908c500dcfa9c64365885f27b5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2418806
Reviewed-by: Dan McArdle <[email protected]>
Reviewed-by: Tom Sepez <[email protected]>
Reviewed-by: Esmael Elmoslimany <[email protected]>
Reviewed-by: Ryan Sleevi <[email protected]>
Commit-Queue: Eric Orth <[email protected]>
Cr-Commit-Position: refs/heads/master@{#810332}
diff --git a/chrome/browser/net/dns_over_https_browsertest.cc b/chrome/browser/net/dns_over_https_browsertest.cc
index 0d4ce20..f7123475 100644
--- a/chrome/browser/net/dns_over_https_browsertest.cc
+++ b/chrome/browser/net/dns_over_https_browsertest.cc
@@ -14,6 +14,7 @@
#include "content/public/test/browser_test.h"
#include "content/public/test/test_navigation_observer.h"
#include "net/dns/public/doh_provider_entry.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "url/gurl.h"
@@ -71,7 +72,7 @@
->GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
// Ensure that DoH is enabled in secure mode
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::SECURE, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kSecure, secure_dns_config.mode());
content::TestNavigationObserver nav_observer(
browser()->tab_strip_model()->GetActiveWebContents(), 1);
diff --git a/chrome/browser/net/dns_probe_service_factory.cc b/chrome/browser/net/dns_probe_service_factory.cc
index aca02f2..e369edf2 100644
--- a/chrome/browser/net/dns_probe_service_factory.cc
+++ b/chrome/browser/net/dns_probe_service_factory.cc
@@ -32,6 +32,7 @@
#include "net/base/ip_endpoint.h"
#include "net/dns/public/dns_over_https_server_config.h"
#include "net/dns/public/dns_protocol.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "services/network/public/mojom/network_service.mojom.h"
namespace chrome_browser_net {
@@ -81,7 +82,7 @@
net::IPEndPoint(net::IPAddress(kGooglePublicDns2),
net::dns_protocol::kDefaultPort)};
overrides.attempts = 1;
- overrides.secure_dns_mode = net::DnsConfig::SecureDnsMode::OFF;
+ overrides.secure_dns_mode = net::SecureDnsMode::kOff;
return overrides;
}
@@ -147,8 +148,7 @@
NetworkContextGetter network_context_getter_;
DnsConfigChangeManagerGetter dns_config_change_manager_getter_;
mojo::Receiver<network::mojom::DnsConfigChangeManagerClient> receiver_{this};
- net::DnsConfig::SecureDnsMode current_config_secure_dns_mode_ =
- net::DnsConfig::SecureDnsMode::OFF;
+ net::SecureDnsMode current_config_secure_dns_mode_ = net::SecureDnsMode::kOff;
// DnsProbeRunners for the current DNS configuration and a Google DNS
// configuration. Both runners will have the insecure async resolver enabled
@@ -234,20 +234,17 @@
current_config_overrides.search = std::vector<std::string>();
current_config_overrides.attempts = 1;
- if (current_config_secure_dns_mode_ ==
- net::DnsConfig::SecureDnsMode::SECURE) {
+ if (current_config_secure_dns_mode_ == net::SecureDnsMode::kSecure) {
if (!secure_dns_config.servers().empty()) {
current_config_overrides.dns_over_https_servers.emplace(
secure_dns_config.servers());
}
- current_config_overrides.secure_dns_mode =
- net::DnsConfig::SecureDnsMode::SECURE;
+ current_config_overrides.secure_dns_mode = net::SecureDnsMode::kSecure;
} else {
// A DNS error that occurred in automatic mode must have had an insecure
// DNS failure. For efficiency, probe queries in this case can just be
// issued in OFF mode.
- current_config_overrides.secure_dns_mode =
- net::DnsConfig::SecureDnsMode::OFF;
+ current_config_overrides.secure_dns_mode = net::SecureDnsMode::kOff;
}
current_config_runner_ = std::make_unique<DnsProbeRunner>(
@@ -311,8 +308,7 @@
// current DNS config is in secure mode, return an error indicating that this
// is a secure DNS config issue.
if (google_config_result == DnsProbeRunner::CORRECT) {
- return (current_config_secure_dns_mode_ ==
- net::DnsConfig::SecureDnsMode::SECURE)
+ return (current_config_secure_dns_mode_ == net::SecureDnsMode::kSecure)
? error_page::DNS_PROBE_FINISHED_BAD_SECURE_CONFIG
: error_page::DNS_PROBE_FINISHED_BAD_CONFIG;
}
diff --git a/chrome/browser/net/dns_probe_service_factory_unittest.cc b/chrome/browser/net/dns_probe_service_factory_unittest.cc
index c8574bfb..74f8a4d 100644
--- a/chrome/browser/net/dns_probe_service_factory_unittest.cc
+++ b/chrome/browser/net/dns_probe_service_factory_unittest.cc
@@ -27,6 +27,7 @@
#include "components/prefs/pref_service.h"
#include "content/public/test/browser_task_environment.h"
#include "mojo/public/cpp/bindings/remote.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "testing/gtest/include/gtest/gtest.h"
using base::RunLoop;
@@ -317,8 +318,7 @@
EXPECT_EQ(1, overrides.attempts.value());
EXPECT_TRUE(overrides.secure_dns_mode.has_value());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
- overrides.secure_dns_mode.value());
+ EXPECT_EQ(net::SecureDnsMode::kOff, overrides.secure_dns_mode.value());
EXPECT_FALSE(overrides.dns_over_https_servers.has_value());
}
@@ -341,8 +341,7 @@
EXPECT_EQ(1, overrides.attempts.value());
EXPECT_TRUE(overrides.secure_dns_mode.has_value());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::SECURE,
- overrides.secure_dns_mode.value());
+ EXPECT_EQ(net::SecureDnsMode::kSecure, overrides.secure_dns_mode.value());
EXPECT_TRUE(overrides.dns_over_https_servers.has_value());
ASSERT_EQ(2u, overrides.dns_over_https_servers->size());
EXPECT_EQ(kDohTemplateGet,
diff --git a/chrome/browser/net/secure_dns_config.cc b/chrome/browser/net/secure_dns_config.cc
index 7f1390dd..350e856 100644
--- a/chrome/browser/net/secure_dns_config.cc
+++ b/chrome/browser/net/secure_dns_config.cc
@@ -10,7 +10,7 @@
constexpr char SecureDnsConfig::kModeSecure[];
SecureDnsConfig::SecureDnsConfig(
- net::DnsConfig::SecureDnsMode mode,
+ net::SecureDnsMode mode,
std::vector<net::DnsOverHttpsServerConfig> servers,
ManagementMode management_mode)
: mode_(mode),
@@ -21,26 +21,26 @@
SecureDnsConfig::~SecureDnsConfig() = default;
// static
-base::Optional<net::DnsConfig::SecureDnsMode> SecureDnsConfig::ParseMode(
+base::Optional<net::SecureDnsMode> SecureDnsConfig::ParseMode(
base::StringPiece name) {
if (name == kModeSecure) {
- return net::DnsConfig::SecureDnsMode::SECURE;
+ return net::SecureDnsMode::kSecure;
} else if (name == kModeAutomatic) {
- return net::DnsConfig::SecureDnsMode::AUTOMATIC;
+ return net::SecureDnsMode::kAutomatic;
} else if (name == kModeOff) {
- return net::DnsConfig::SecureDnsMode::OFF;
+ return net::SecureDnsMode::kOff;
}
return base::nullopt;
}
// static
-const char* SecureDnsConfig::ModeToString(net::DnsConfig::SecureDnsMode mode) {
+const char* SecureDnsConfig::ModeToString(net::SecureDnsMode mode) {
switch (mode) {
- case net::DnsConfig::SecureDnsMode::SECURE:
+ case net::SecureDnsMode::kSecure:
return kModeSecure;
- case net::DnsConfig::SecureDnsMode::AUTOMATIC:
+ case net::SecureDnsMode::kAutomatic:
return kModeAutomatic;
- case net::DnsConfig::SecureDnsMode::OFF:
+ case net::SecureDnsMode::kOff:
return kModeOff;
}
}
diff --git a/chrome/browser/net/secure_dns_config.h b/chrome/browser/net/secure_dns_config.h
index 3a65827a..4e884cf 100644
--- a/chrome/browser/net/secure_dns_config.h
+++ b/chrome/browser/net/secure_dns_config.h
@@ -9,11 +9,8 @@
#include "base/optional.h"
#include "base/strings/string_piece.h"
-#include "net/dns/dns_config.h"
-
-namespace net {
-struct DnsOverHttpsServerConfig;
-} // namespace net
+#include "net/dns/public/dns_over_https_server_config.h"
+#include "net/dns/public/secure_dns_mode.h"
// Representation of a complete Secure DNS configuration.
class SecureDnsConfig {
@@ -31,13 +28,13 @@
kDisabledParentalControls,
};
- // String representations for net::DnsConfig::SecureDnsMode. Used for both
- // configuration storage and UI state.
+ // String representations for net::SecureDnsMode. Used for both configuration
+ // storage and UI state.
static constexpr char kModeOff[] = "off";
static constexpr char kModeAutomatic[] = "automatic";
static constexpr char kModeSecure[] = "secure";
- SecureDnsConfig(net::DnsConfig::SecureDnsMode mode,
+ SecureDnsConfig(net::SecureDnsMode mode,
std::vector<net::DnsOverHttpsServerConfig> servers,
ManagementMode management_mode);
// This class is move-only to avoid any accidental copying.
@@ -47,19 +44,18 @@
// Identifies the SecureDnsMode corresponding to one of the above names, or
// returns nullopt if the name is unrecognized.
- static base::Optional<net::DnsConfig::SecureDnsMode> ParseMode(
- base::StringPiece name);
+ static base::Optional<net::SecureDnsMode> ParseMode(base::StringPiece name);
// Converts a secure DNS mode to one of the above names.
- static const char* ModeToString(net::DnsConfig::SecureDnsMode mode);
+ static const char* ModeToString(net::SecureDnsMode mode);
- net::DnsConfig::SecureDnsMode mode() { return mode_; }
+ net::SecureDnsMode mode() { return mode_; }
const std::vector<net::DnsOverHttpsServerConfig>& servers() {
return servers_;
}
ManagementMode management_mode() { return management_mode_; }
private:
- net::DnsConfig::SecureDnsMode mode_;
+ net::SecureDnsMode mode_;
std::vector<net::DnsOverHttpsServerConfig> servers_;
ManagementMode management_mode_;
};
diff --git a/chrome/browser/net/secure_dns_config_unittest.cc b/chrome/browser/net/secure_dns_config_unittest.cc
index d950956d..1b5feaa 100644
--- a/chrome/browser/net/secure_dns_config_unittest.cc
+++ b/chrome/browser/net/secure_dns_config_unittest.cc
@@ -8,11 +8,11 @@
#include "testing/gtest/include/gtest/gtest.h"
TEST(SecureDnsConfig, ParseMode) {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
SecureDnsConfig::ParseMode("off").value());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC,
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic,
SecureDnsConfig::ParseMode("automatic").value());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::SECURE,
+ EXPECT_EQ(net::SecureDnsMode::kSecure,
SecureDnsConfig::ParseMode("secure").value());
EXPECT_FALSE(SecureDnsConfig::ParseMode("foo").has_value());
@@ -21,21 +21,20 @@
TEST(SecureDnsConfig, ModeToString) {
EXPECT_EQ(std::string("off"),
- SecureDnsConfig::ModeToString(net::DnsConfig::SecureDnsMode::OFF));
- EXPECT_EQ(
- std::string("automatic"),
- SecureDnsConfig::ModeToString(net::DnsConfig::SecureDnsMode::AUTOMATIC));
- EXPECT_EQ(std::string("secure"), SecureDnsConfig::ModeToString(
- net::DnsConfig::SecureDnsMode::SECURE));
+ SecureDnsConfig::ModeToString(net::SecureDnsMode::kOff));
+ EXPECT_EQ(std::string("automatic"),
+ SecureDnsConfig::ModeToString(net::SecureDnsMode::kAutomatic));
+ EXPECT_EQ(std::string("secure"),
+ SecureDnsConfig::ModeToString(net::SecureDnsMode::kSecure));
}
TEST(SecureDnsConfig, Constructor) {
std::vector<net::DnsOverHttpsServerConfig> servers{
{{"https://template1", false}, {"https://template2", true}}};
SecureDnsConfig config(
- net::DnsConfig::SecureDnsMode::SECURE, servers,
+ net::SecureDnsMode::kSecure, servers,
SecureDnsConfig::ManagementMode::kDisabledParentalControls);
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::SECURE, config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kSecure, config.mode());
EXPECT_THAT(config.servers(), testing::ElementsAreArray(servers));
EXPECT_EQ(SecureDnsConfig::ManagementMode::kDisabledParentalControls,
config.management_mode());
diff --git a/chrome/browser/net/stub_resolver_config_reader.cc b/chrome/browser/net/stub_resolver_config_reader.cc
index fd6f5bf..2bddf0be 100644
--- a/chrome/browser/net/stub_resolver_config_reader.cc
+++ b/chrome/browser/net/stub_resolver_config_reader.cc
@@ -30,6 +30,7 @@
#include "components/prefs/pref_registry_simple.h"
#include "components/prefs/pref_service.h"
#include "content/public/browser/network_service_instance.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/dns/public/util.h"
#include "services/network/public/mojom/host_resolver.mojom.h"
#include "services/network/public/mojom/network_service.mojom.h"
@@ -125,14 +126,13 @@
if (set_up_pref_defaults) {
local_state_->SetDefaultPrefValue(prefs::kBuiltInDnsClientEnabled,
base::Value(ShouldEnableAsyncDns()));
- net::DnsConfig::SecureDnsMode default_secure_dns_mode =
- net::DnsConfig::SecureDnsMode::OFF;
+ net::SecureDnsMode default_secure_dns_mode = net::SecureDnsMode::kOff;
std::string default_doh_templates;
if (base::FeatureList::IsEnabled(features::kDnsOverHttps)) {
if (features::kDnsOverHttpsFallbackParam.Get()) {
- default_secure_dns_mode = net::DnsConfig::SecureDnsMode::AUTOMATIC;
+ default_secure_dns_mode = net::SecureDnsMode::kAutomatic;
} else {
- default_secure_dns_mode = net::DnsConfig::SecureDnsMode::SECURE;
+ default_secure_dns_mode = net::SecureDnsMode::kSecure;
}
default_doh_templates = features::kDnsOverHttpsTemplatesParam.Get();
}
@@ -265,23 +265,23 @@
bool update_network_service) {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
- net::DnsConfig::SecureDnsMode secure_dns_mode;
+ net::SecureDnsMode secure_dns_mode;
SecureDnsModeDetailsForHistogram mode_details;
SecureDnsConfig::ManagementMode forced_management_mode =
SecureDnsConfig::ManagementMode::kNoOverride;
bool is_managed =
local_state_->FindPreference(prefs::kDnsOverHttpsMode)->IsManaged();
if (!is_managed && ShouldDisableDohForManaged()) {
- secure_dns_mode = net::DnsConfig::SecureDnsMode::OFF;
+ secure_dns_mode = net::SecureDnsMode::kOff;
forced_management_mode = SecureDnsConfig::ManagementMode::kDisabledManaged;
} else {
secure_dns_mode = SecureDnsConfig::ParseMode(
local_state_->GetString(prefs::kDnsOverHttpsMode))
- .value_or(net::DnsConfig::SecureDnsMode::OFF);
+ .value_or(net::SecureDnsMode::kOff);
}
bool check_parental_controls = false;
- if (secure_dns_mode == net::DnsConfig::SecureDnsMode::SECURE) {
+ if (secure_dns_mode == net::SecureDnsMode::kSecure) {
mode_details =
is_managed ? SecureDnsModeDetailsForHistogram::kSecureByEnterprisePolicy
: SecureDnsModeDetailsForHistogram::kSecureByUser;
@@ -290,7 +290,7 @@
// enabled through policy, which takes precedence over parental controls)
// because the mode allows sending DoH requests immediately.
check_parental_controls = !is_managed;
- } else if (secure_dns_mode == net::DnsConfig::SecureDnsMode::AUTOMATIC) {
+ } else if (secure_dns_mode == net::SecureDnsMode::kAutomatic) {
mode_details =
is_managed
? SecureDnsModeDetailsForHistogram::kAutomaticByEnterprisePolicy
@@ -333,7 +333,7 @@
if (ShouldDisableDohForParentalControls()) {
forced_management_mode =
SecureDnsConfig::ManagementMode::kDisabledParentalControls;
- secure_dns_mode = net::DnsConfig::SecureDnsMode::OFF;
+ secure_dns_mode = net::SecureDnsMode::kOff;
mode_details =
SecureDnsModeDetailsForHistogram::kOffByDetectedParentalControls;
@@ -356,8 +356,7 @@
std::vector<net::DnsOverHttpsServerConfig> dns_over_https_servers;
base::Optional<std::vector<network::mojom::DnsOverHttpsServerPtr>>
servers_mojo;
- if (!doh_templates.empty() &&
- secure_dns_mode != net::DnsConfig::SecureDnsMode::OFF) {
+ if (!doh_templates.empty() && secure_dns_mode != net::SecureDnsMode::kOff) {
for (base::StringPiece server_template :
chrome_browser_net::secure_dns::SplitGroup(doh_templates)) {
if (!net::dns_util::IsValidDohTemplate(server_template, &server_method)) {
diff --git a/chrome/browser/net/stub_resolver_config_reader_unittest.cc b/chrome/browser/net/stub_resolver_config_reader_unittest.cc
index 3952d2e..5c5aa75 100644
--- a/chrome/browser/net/stub_resolver_config_reader_unittest.cc
+++ b/chrome/browser/net/stub_resolver_config_reader_unittest.cc
@@ -15,8 +15,8 @@
#include "components/prefs/pref_service.h"
#include "components/prefs/testing_pref_service.h"
#include "content/public/test/browser_task_environment.h"
-#include "net/dns/dns_config.h"
#include "net/dns/public/dns_over_https_server_config.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
@@ -75,7 +75,7 @@
true /* force_check_parental_controls_for_automatic_mode */);
EXPECT_FALSE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
// Parental controls should not be checked when DoH otherwise disabled.
@@ -94,7 +94,7 @@
true /* force_check_parental_controls_for_automatic_mode */);
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
EXPECT_THAT(secure_dns_config.servers(),
testing::ElementsAre(
net::DnsOverHttpsServerConfig("https://doh1.test",
@@ -117,7 +117,7 @@
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::SECURE, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kSecure, secure_dns_config.mode());
EXPECT_THAT(secure_dns_config.servers(),
testing::ElementsAre(
net::DnsOverHttpsServerConfig("https://doh1.test",
@@ -142,7 +142,7 @@
true /* force_check_parental_controls_for_automatic_mode */);
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
// Parental controls should not be checked when DoH otherwise disabled.
@@ -161,7 +161,7 @@
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
// Parental controls should not be checked when DoH otherwise disabled.
@@ -182,7 +182,7 @@
true /* force_check_parental_controls_for_automatic_mode */);
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
EXPECT_TRUE(config_reader_->parental_controls_checked());
@@ -202,7 +202,7 @@
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
EXPECT_TRUE(config_reader_->parental_controls_checked());
@@ -221,7 +221,7 @@
// Parental controls check initially skipped.
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
EXPECT_THAT(secure_dns_config.servers(),
testing::ElementsAre(
net::DnsOverHttpsServerConfig("https://doh1.test",
@@ -240,7 +240,7 @@
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
}
@@ -262,7 +262,7 @@
// Parental controls check initially skipped, and managed prefs take
// precedence over disables.
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
EXPECT_THAT(secure_dns_config.servers(),
testing::ElementsAre(
net::DnsOverHttpsServerConfig("https://doh1.test",
@@ -283,7 +283,7 @@
// Expect DoH still enabled after parental controls check because managed
// prefs have precedence.
EXPECT_TRUE(config_reader_->GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
EXPECT_THAT(secure_dns_config.servers(),
testing::ElementsAre(
net::DnsOverHttpsServerConfig("https://doh1.test",
diff --git a/chrome/browser/net/system_network_context_manager_browsertest.cc b/chrome/browser/net/system_network_context_manager_browsertest.cc
index 2cc046d..859e4bd 100644
--- a/chrome/browser/net/system_network_context_manager_browsertest.cc
+++ b/chrome/browser/net/system_network_context_manager_browsertest.cc
@@ -24,6 +24,7 @@
#include "content/public/browser/network_service_instance.h"
#include "content/public/common/user_agent.h"
#include "content/public/test/browser_test.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "services/cert_verifier/test_cert_verifier_service_factory.h"
#include "services/network/public/cpp/features.h"
#include "services/network/public/cpp/network_service_buildflags.h"
@@ -72,10 +73,9 @@
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
if (base::FeatureList::IsEnabled(features::kDnsOverHttps)) {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC,
- secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
} else {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
}
EXPECT_TRUE(secure_dns_config.servers().empty());
@@ -94,14 +94,14 @@
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::SECURE, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kSecure, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
local_state->SetString(prefs::kDnsOverHttpsTemplates, good_post_template);
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::SECURE, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kSecure, secure_dns_config.mode());
ASSERT_EQ(1u, secure_dns_config.servers().size());
EXPECT_EQ(good_post_template,
secure_dns_config.servers().at(0).server_template);
@@ -113,14 +113,14 @@
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
local_state->SetString(prefs::kDnsOverHttpsTemplates, good_then_bad_template);
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
ASSERT_EQ(1u, secure_dns_config.servers().size());
EXPECT_EQ(good_get_template,
secure_dns_config.servers().at(0).server_template);
@@ -130,7 +130,7 @@
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
ASSERT_EQ(1u, secure_dns_config.servers().size());
EXPECT_EQ(good_get_template,
secure_dns_config.servers().at(0).server_template);
@@ -141,7 +141,7 @@
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic, secure_dns_config.mode());
ASSERT_EQ(2u, secure_dns_config.servers().size());
EXPECT_EQ(good_get_template,
secure_dns_config.servers().at(0).server_template);
@@ -155,14 +155,14 @@
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
local_state->SetString(prefs::kDnsOverHttpsMode, "no_match");
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
// Test case with policy BuiltInDnsClientEnabled enabled. The DoH fields
@@ -172,7 +172,7 @@
secure_dns_config = GetSecureDnsConfiguration(
false /* force_check_parental_controls_for_automatic_mode */);
EXPECT_EQ(!async_dns_feature_enabled, GetInsecureStubResolverEnabled());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF, secure_dns_config.mode());
+ EXPECT_EQ(net::SecureDnsMode::kOff, secure_dns_config.mode());
EXPECT_TRUE(secure_dns_config.servers().empty());
}
diff --git a/chrome/browser/privacy/BUILD.gn b/chrome/browser/privacy/BUILD.gn
index 1b21a762..b5d03ba 100644
--- a/chrome/browser/privacy/BUILD.gn
+++ b/chrome/browser/privacy/BUILD.gn
@@ -27,7 +27,7 @@
"//chrome/browser/settings:java",
"//components/browser_ui/settings/android:java",
"//components/browser_ui/widget/android:java",
- "//net/dns:secure_dns_mode_generated_enum",
+ "//net/dns/public:secure_dns_mode_generated_enum",
"//third_party/android_deps:androidx_annotation_annotation_java",
"//third_party/android_deps:androidx_fragment_fragment_java",
"//third_party/android_deps:androidx_preference_preference_java",
@@ -35,7 +35,7 @@
]
srcjar_deps = [
"//chrome/browser/net:secure_dns_management_mode_generated_enum",
- "//net/dns:secure_dns_mode_generated_enum",
+ "//net/dns/public:secure_dns_mode_generated_enum",
]
annotation_processor_deps = [ "//base/android/jni_generator:jni_processor" ]
resources_package = "org.chromium.chrome.browser.privacy.secure_dns"
diff --git a/chrome/browser/privacy/secure_dns_bridge.cc b/chrome/browser/privacy/secure_dns_bridge.cc
index 15ea13b..d42c607 100644
--- a/chrome/browser/privacy/secure_dns_bridge.cc
+++ b/chrome/browser/privacy/secure_dns_bridge.cc
@@ -20,6 +20,7 @@
#include "components/country_codes/country_codes.h"
#include "components/prefs/pref_service.h"
#include "net/dns/public/doh_provider_entry.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/dns/public/util.h"
#include "base/bind.h"
@@ -79,9 +80,9 @@
static void JNI_SecureDnsBridge_SetMode(JNIEnv* env, jint mode) {
PrefService* local_state = g_browser_process->local_state();
- local_state->SetString(prefs::kDnsOverHttpsMode,
- SecureDnsConfig::ModeToString(
- static_cast<net::DnsConfig::SecureDnsMode>(mode)));
+ local_state->SetString(
+ prefs::kDnsOverHttpsMode,
+ SecureDnsConfig::ModeToString(static_cast<net::SecureDnsMode>(mode)));
}
static jboolean JNI_SecureDnsBridge_IsModeManaged(JNIEnv* env) {
@@ -167,7 +168,7 @@
net::DnsConfigOverrides overrides;
overrides.search = std::vector<std::string>();
overrides.attempts = 1;
- overrides.secure_dns_mode = net::DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = net::SecureDnsMode::kSecure;
secure_dns::ApplyTemplate(&overrides,
base::android::ConvertJavaStringToUTF8(jtemplate));
diff --git a/chrome/browser/ssl/chrome_security_blocking_page_factory.cc b/chrome/browser/ssl/chrome_security_blocking_page_factory.cc
index 368caa8b..2762202e 100644
--- a/chrome/browser/ssl/chrome_security_blocking_page_factory.cc
+++ b/chrome/browser/ssl/chrome_security_blocking_page_factory.cc
@@ -51,7 +51,7 @@
#include "chrome/browser/ui/tabs/tab_strip_model.h"
#include "components/captive_portal/content/captive_portal_tab_helper.h"
#include "net/base/net_errors.h"
-#include "net/dns/dns_config.h"
+#include "net/dns/public/secure_dns_mode.h"
#endif
namespace {
@@ -338,7 +338,7 @@
// If the DNS mode is SECURE, captive portal login tabs should be opened in
// new popup windows where secure DNS will be disabled.
- if (secure_dns_config.mode() == net::DnsConfig::SecureDnsMode::SECURE) {
+ if (secure_dns_config.mode() == net::SecureDnsMode::kSecure) {
// If there is already a captive portal popup window, do not create another.
for (auto* contents : AllTabContentses()) {
captive_portal::CaptivePortalTabHelper* captive_portal_tab_helper =
diff --git a/chrome/browser/ui/webui/settings/settings_secure_dns_handler.cc b/chrome/browser/ui/webui/settings/settings_secure_dns_handler.cc
index 299fdea..4731bc7 100644
--- a/chrome/browser/ui/webui/settings/settings_secure_dns_handler.cc
+++ b/chrome/browser/ui/webui/settings/settings_secure_dns_handler.cc
@@ -24,6 +24,7 @@
#include "content/public/browser/web_ui.h"
#include "net/dns/public/dns_over_https_server_config.h"
#include "net/dns/public/doh_provider_entry.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/dns/public/util.h"
#include "ui/base/l10n/l10n_util.h"
@@ -205,7 +206,7 @@
net::DnsConfigOverrides overrides;
overrides.search = std::vector<std::string>();
overrides.attempts = 1;
- overrides.secure_dns_mode = net::DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = net::SecureDnsMode::kSecure;
secure_dns::ApplyTemplate(&overrides, server_template);
DCHECK(!runner_);
runner_ = std::make_unique<chrome_browser_net::DnsProbeRunner>(
diff --git a/net/dns/BUILD.gn b/net/dns/BUILD.gn
index b8da0cde..ce93723f 100644
--- a/net/dns/BUILD.gn
+++ b/net/dns/BUILD.gn
@@ -5,10 +5,6 @@
import("//net/features.gni")
import("//testing/libfuzzer/fuzzer_test.gni")
-if (is_android) {
- import("//build/config/android/rules.gni")
-}
-
# Reset sources_assignment_filter for the BUILD.gn file to prevent
# regression during the migration of Chromium away from the feature.
# See docs/no_sources_assignment_filter.md for more information.
@@ -396,12 +392,6 @@
public_deps = [ "//net:net_public_deps" ]
}
-if (is_android) {
- java_cpp_enum("secure_dns_mode_generated_enum") {
- sources = [ "dns_config.h" ]
- }
-}
-
source_set("tests") {
testonly = true
sources = [
diff --git a/net/dns/README.md b/net/dns/README.md
index 7bb8b07..4f88fea 100644
--- a/net/dns/README.md
+++ b/net/dns/README.md
@@ -241,7 +241,7 @@
* Requests with the `HOST_RESOLVER_CANONNAME` flag
* For hostnames ending in ".local"
-* When the Secure DNS mode is `net::DnsConfig::SecureDnsMode::OFF` and
+* When the Secure DNS mode is `net::SecureDnsMode::OFF` and
`net::HostResolverSource::DNS` is not enabled via
`net::HostResolverManager::SetInsecureDnsClientEnabled(true)`
* When a system DNS configuration could not be determined
@@ -282,7 +282,7 @@
* DnsClient is enabled for insecure requests enabled via
`net::HostResolverManager::SetInsecureDnsClientEnabled(true)` or
- the Secure DNS mode is not `net::DnsConfig::SecureDnsMode::OFF`.
+ the Secure DNS mode is not `net::SecureDnsMode::OFF`.
* The system DNS configuration could be determined successfully
* The request hostname does not end in ".local"
* The request is not an address query with the `HOST_RESOLVER_CANONNAME` flag
diff --git a/net/dns/dns_client.cc b/net/dns/dns_client.cc
index bc626a1..dfb6407 100644
--- a/net/dns/dns_client.cc
+++ b/net/dns/dns_client.cc
@@ -15,6 +15,7 @@
#include "net/dns/dns_socket_allocator.h"
#include "net/dns/dns_transaction.h"
#include "net/dns/dns_util.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/dns/resolve_context.h"
#include "net/log/net_log.h"
#include "net/log/net_log_event_type.h"
@@ -48,7 +49,7 @@
// when there are aspects of the system DNS config that are unhandled.
if (!config->unhandled_options && config->allow_dns_over_https_upgrade &&
!has_doh_servers &&
- config->secure_dns_mode == DnsConfig::SecureDnsMode::AUTOMATIC) {
+ config->secure_dns_mode == SecureDnsMode::kAutomatic) {
// If we're in strict mode on Android, only attempt to upgrade the
// specified DoT hostname.
if (!config->dns_over_tls_hostname.empty()) {
diff --git a/net/dns/dns_config.cc b/net/dns/dns_config.cc
index 937c7a9..3265807 100644
--- a/net/dns/dns_config.cc
+++ b/net/dns/dns_config.cc
@@ -30,7 +30,7 @@
doh_attempts(1),
rotate(false),
use_local_ipv6(false),
- secure_dns_mode(SecureDnsMode::OFF),
+ secure_dns_mode(SecureDnsMode::kOff),
allow_dns_over_https_upgrade(false) {}
DnsConfig::~DnsConfig() = default;
diff --git a/net/dns/dns_config.h b/net/dns/dns_config.h
index b165a655..96e8540 100644
--- a/net/dns/dns_config.h
+++ b/net/dns/dns_config.h
@@ -14,6 +14,7 @@
#include "net/base/net_export.h"
#include "net/dns/dns_hosts.h"
#include "net/dns/public/dns_over_https_server_config.h"
+#include "net/dns/public/secure_dns_mode.h"
namespace base {
class Value;
@@ -51,20 +52,6 @@
return !nameservers.empty() || !dns_over_https_servers.empty();
}
- // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.net
- // The SecureDnsMode specifies what types of lookups (secure/insecure) should
- // be performed and in what order when resolving a specific query. The int
- // values should not be changed as they are logged.
- enum class SecureDnsMode : int {
- // In OFF mode, no DoH lookups should be performed.
- OFF = 0,
- // In AUTOMATIC mode, DoH lookups should be performed first if DoH is
- // available, and insecure DNS lookups should be performed as a fallback.
- AUTOMATIC = 1,
- // In SECURE mode, only DoH lookups should be performed.
- SECURE = 2,
- };
-
// List of name server addresses.
std::vector<IPEndPoint> nameservers;
diff --git a/net/dns/dns_config_overrides.cc b/net/dns/dns_config_overrides.cc
index fa0437e..594e178e 100644
--- a/net/dns/dns_config_overrides.cc
+++ b/net/dns/dns_config_overrides.cc
@@ -4,6 +4,8 @@
#include "net/dns/dns_config_overrides.h"
+#include "net/dns/dns_config.h"
+
namespace net {
DnsConfigOverrides::DnsConfigOverrides() = default;
diff --git a/net/dns/dns_config_overrides.h b/net/dns/dns_config_overrides.h
index a87d0e5..b1fcdc1 100644
--- a/net/dns/dns_config_overrides.h
+++ b/net/dns/dns_config_overrides.h
@@ -12,12 +12,14 @@
#include "base/time/time.h"
#include "net/base/ip_endpoint.h"
#include "net/base/net_export.h"
-#include "net/dns/dns_config.h"
#include "net/dns/dns_hosts.h"
#include "net/dns/public/dns_over_https_server_config.h"
+#include "net/dns/public/secure_dns_mode.h"
namespace net {
+struct DnsConfig;
+
// Overriding values to be applied over a DnsConfig struct.
struct NET_EXPORT DnsConfigOverrides {
DnsConfigOverrides();
@@ -57,7 +59,7 @@
base::Optional<bool> rotate;
base::Optional<bool> use_local_ipv6;
base::Optional<std::vector<DnsOverHttpsServerConfig>> dns_over_https_servers;
- base::Optional<DnsConfig::SecureDnsMode> secure_dns_mode;
+ base::Optional<SecureDnsMode> secure_dns_mode;
base::Optional<bool> allow_dns_over_https_upgrade;
base::Optional<std::vector<std::string>> disabled_upgrade_providers;
diff --git a/net/dns/dns_server_iterator.cc b/net/dns/dns_server_iterator.cc
index d04d28b..9d25870 100644
--- a/net/dns/dns_server_iterator.cc
+++ b/net/dns/dns_server_iterator.cc
@@ -6,7 +6,6 @@
#include "base/optional.h"
#include "base/time/time.h"
-#include "net/dns/dns_config.h"
#include "net/dns/dns_session.h"
#include "net/dns/resolve_context.h"
@@ -48,7 +47,7 @@
// If the DoH mode is "secure" then don't check GetDohServerAvailability()
// because we try every server regardless of availability.
bool secure_or_available_server =
- secure_dns_mode_ == DnsConfig::SecureDnsMode::SECURE ||
+ secure_dns_mode_ == SecureDnsMode::kSecure ||
resolve_context_->GetDohServerAvailability(curr_index, session_);
// If we've tried this server |max_times_returned_| already, then we're done
@@ -72,7 +71,6 @@
least_recently_failed_time = curr_index_failure_time;
least_recently_failed_index = curr_index;
}
-
} while (next_index_ != previous_index);
// At this point the only available servers we haven't attempted
@@ -92,7 +90,7 @@
// If the DoH mode is "secure" then don't check GetDohServerAvailability()
// because we try every server regardless of availability.
bool secure_or_available_server =
- secure_dns_mode_ == DnsConfig::SecureDnsMode::SECURE ||
+ secure_dns_mode_ == SecureDnsMode::kSecure ||
resolve_context_->GetDohServerAvailability(i, session_);
if (times_returned_[i] < max_times_returned_ && secure_or_available_server)
@@ -139,7 +137,6 @@
least_recently_failed_time = curr_index_failure_time;
least_recently_failed_index = curr_index;
}
-
} while (next_index_ != previous_index);
// At this point the only servers we haven't attempted |max_times_returned_|
diff --git a/net/dns/dns_server_iterator.h b/net/dns/dns_server_iterator.h
index 532297f3..97c42f7 100644
--- a/net/dns/dns_server_iterator.h
+++ b/net/dns/dns_server_iterator.h
@@ -5,8 +5,10 @@
#ifndef NET_DNS_DNS_SERVER_ITERATOR_H_
#define NET_DNS_DNS_SERVER_ITERATOR_H_
+#include <vector>
+
#include "net/base/net_export.h"
-#include "net/dns/dns_config.h"
+#include "net/dns/public/secure_dns_mode.h"
namespace net {
@@ -81,7 +83,7 @@
size_t starting_index,
int max_times_returned,
int max_failures,
- const DnsConfig::SecureDnsMode& secure_dns_mode,
+ const SecureDnsMode& secure_dns_mode,
const ResolveContext* resolve_context,
const DnsSession* session)
: DnsServerIterator(nameservers_size,
@@ -107,7 +109,7 @@
bool AttemptAvailable() override;
private:
- DnsConfig::SecureDnsMode secure_dns_mode_;
+ SecureDnsMode secure_dns_mode_;
};
// Iterator used to get the next server to try for a classic DNS transaction.
diff --git a/net/dns/dns_test_util.cc b/net/dns/dns_test_util.cc
index 0ced88c..6a39447c 100644
--- a/net/dns/dns_test_util.cc
+++ b/net/dns/dns_test_util.cc
@@ -370,7 +370,7 @@
uint16_t qtype,
bool secure,
bool force_doh_server_available,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
ResolveContext* resolve_context,
DnsTransactionFactory::CallbackType callback)
: result_(MockDnsClientRule::FAIL),
@@ -544,7 +544,7 @@
DnsTransactionFactory::CallbackType callback,
const NetLogWithSource&,
bool secure,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
ResolveContext* resolve_context) {
std::unique_ptr<MockTransaction> transaction =
std::make_unique<MockTransaction>(
@@ -562,8 +562,8 @@
void MockDnsTransactionFactory::AddEDNSOption(const OptRecordRdata::Opt& opt) {}
-DnsConfig::SecureDnsMode MockDnsTransactionFactory::GetSecureDnsModeForTest() {
- return DnsConfig::SecureDnsMode::AUTOMATIC;
+SecureDnsMode MockDnsTransactionFactory::GetSecureDnsModeForTest() {
+ return SecureDnsMode::kAutomatic;
}
void MockDnsTransactionFactory::CompleteDelayedTransactions() {
diff --git a/net/dns/dns_test_util.h b/net/dns/dns_test_util.h
index 3944541..7d79a35 100644
--- a/net/dns/dns_test_util.h
+++ b/net/dns/dns_test_util.h
@@ -24,6 +24,7 @@
#include "net/dns/dns_transaction.h"
#include "net/dns/dns_util.h"
#include "net/dns/public/dns_protocol.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/socket/socket_test_util.h"
namespace net {
@@ -286,7 +287,7 @@
DnsTransactionFactory::CallbackType callback,
const NetLogWithSource&,
bool secure,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
ResolveContext* resolve_context) override;
std::unique_ptr<DnsProbeRunner> CreateDohProbeRunner(
@@ -294,7 +295,7 @@
void AddEDNSOption(const OptRecordRdata::Opt& opt) override;
- DnsConfig::SecureDnsMode GetSecureDnsModeForTest() override;
+ SecureDnsMode GetSecureDnsModeForTest() override;
void CompleteDelayedTransactions();
// If there are any pending transactions of the given type,
diff --git a/net/dns/dns_transaction.cc b/net/dns/dns_transaction.cc
index 52e4eaee..cb3e48b 100644
--- a/net/dns/dns_transaction.cc
+++ b/net/dns/dns_transaction.cc
@@ -1044,7 +1044,7 @@
const NetLogWithSource& net_log,
const OptRecordRdata* opt_rdata,
bool secure,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
ResolveContext* resolve_context)
: session_(session),
hostname_(hostname),
@@ -1530,7 +1530,7 @@
uint16_t qtype_;
const OptRecordRdata* opt_rdata_;
const bool secure_;
- const DnsConfig::SecureDnsMode secure_dns_mode_;
+ const SecureDnsMode secure_dns_mode_;
// Cleared in DoCallback.
DnsTransactionFactory::CallbackType callback_;
@@ -1578,7 +1578,7 @@
CallbackType callback,
const NetLogWithSource& net_log,
bool secure,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
ResolveContext* resolve_context) override {
return std::make_unique<DnsTransactionImpl>(
session_.get(), hostname, qtype, std::move(callback), net_log,
@@ -1598,7 +1598,7 @@
opt_rdata_->AddOpt(opt);
}
- DnsConfig::SecureDnsMode GetSecureDnsModeForTest() override {
+ SecureDnsMode GetSecureDnsModeForTest() override {
return session_->config().secure_dns_mode;
}
diff --git a/net/dns/dns_transaction.h b/net/dns/dns_transaction.h
index bc182ff..aa866b9 100644
--- a/net/dns/dns_transaction.h
+++ b/net/dns/dns_transaction.h
@@ -14,7 +14,7 @@
#include "base/memory/weak_ptr.h"
#include "base/time/time.h"
#include "net/base/request_priority.h"
-#include "net/dns/dns_config.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/dns/record_rdata.h"
#include "url/gurl.h"
@@ -109,7 +109,7 @@
CallbackType callback,
const NetLogWithSource& net_log,
bool secure,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
ResolveContext* resolve_context) WARN_UNUSED_RESULT = 0;
// Creates a runner to run the DoH probe sequence for all configured DoH
@@ -122,7 +122,7 @@
virtual void AddEDNSOption(const OptRecordRdata::Opt& opt) = 0;
// Returns the default SecureDnsMode in the config.
- virtual DnsConfig::SecureDnsMode GetSecureDnsModeForTest() = 0;
+ virtual SecureDnsMode GetSecureDnsModeForTest() = 0;
// Creates a DnsTransactionFactory which creates DnsTransactionImpl using the
// |session|.
diff --git a/net/dns/dns_transaction_unittest.cc b/net/dns/dns_transaction_unittest.cc
index 3816b918..6154eb3 100644
--- a/net/dns/dns_transaction_unittest.cc
+++ b/net/dns/dns_transaction_unittest.cc
@@ -1852,9 +1852,8 @@
resolve_context_->GetClassicDnsIterator(session_->config(),
session_.get());
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_TRUE(classic_itr->AttemptAvailable());
EXPECT_EQ(classic_itr->GetNextAttemptIndex(), 0u);
ASSERT_TRUE(doh_itr->AttemptAvailable());
@@ -1880,9 +1879,8 @@
resolve_context_->GetClassicDnsIterator(session_->config(),
session_.get());
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_EQ(classic_itr->GetNextAttemptIndex(), 0u);
ASSERT_TRUE(doh_itr->AttemptAvailable());
@@ -1947,9 +1945,8 @@
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -1967,9 +1964,8 @@
CheckServerOrder(kOrder0, base::size(kOrder0));
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -1979,7 +1975,7 @@
// Fail first DoH server, then no fallbacks marked available in AUTOMATIC mode.
TEST_F(DnsTransactionTest, HttpsFailureThenNotAvailable_Automatic) {
- config_.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ config_.secure_dns_mode = SecureDnsMode::kAutomatic;
ConfigureDohServers(true /* use_post */, 3 /* num_doh_servers */,
false /* make_available */);
@@ -1989,9 +1985,8 @@
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2014,9 +2009,8 @@
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2027,7 +2021,7 @@
// Test a secure transaction failure in SECURE mode when other DoH servers are
// only available for fallback because of
TEST_F(DnsTransactionTest, HttpsFailureThenNotAvailable_Secure) {
- config_.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ config_.secure_dns_mode = SecureDnsMode::kSecure;
ConfigureDohServers(true /* use_post */, 3 /* num_doh_servers */,
false /* make_available */);
@@ -2037,9 +2031,8 @@
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::SECURE,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kSecure, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2076,9 +2069,8 @@
// Expect server 0 to be preferred due to least recent failure.
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::SECURE,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kSecure, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2090,9 +2082,8 @@
ConfigureDohServers(false /* use_post */);
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2109,9 +2100,8 @@
EXPECT_TRUE(failure.RunUntilDone(transaction_factory_.get()));
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2128,9 +2118,8 @@
EXPECT_TRUE(success.RunUntilDone(transaction_factory_.get()));
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2148,9 +2137,8 @@
EXPECT_TRUE(last_failure.RunUntilDone(transaction_factory_.get()));
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2162,9 +2150,8 @@
ConfigureDohServers(false /* use_post */);
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2180,9 +2167,8 @@
ERR_CONNECTION_REFUSED, resolve_context_.get());
EXPECT_TRUE(failure.RunUntilDone(transaction_factory_.get()));
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2200,9 +2186,8 @@
EXPECT_TRUE(last_failure.RunUntilDone(transaction_factory_.get()));
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
}
@@ -2214,9 +2199,8 @@
ConfigureDohServers(false /* use_post */);
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -2846,7 +2830,7 @@
// The first probe happens without any delay.
RunUntilIdle();
std::unique_ptr<DnsServerIterator> doh_itr = resolve_context_->GetDohIterator(
- session_->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session_.get());
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
@@ -2989,9 +2973,8 @@
RunUntilIdle();
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -3045,17 +3028,15 @@
RunUntilIdle();
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
}
{
std::unique_ptr<DnsServerIterator> doh_itr2 = context2.GetDohIterator(
- session_->config(), DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_FALSE(doh_itr2->AttemptAvailable());
}
@@ -3068,8 +3049,7 @@
FastForwardBy(runner2->GetDelayUntilNextProbeForTest(0));
{
std::unique_ptr<DnsServerIterator> doh_itr2 = context2.GetDohIterator(
- session_->config(), DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr2->AttemptAvailable());
EXPECT_EQ(doh_itr2->GetNextAttemptIndex(), 0u);
@@ -3099,7 +3079,7 @@
// The first probe happens without any delay.
RunUntilIdle();
std::unique_ptr<DnsServerIterator> doh_itr = resolve_context_->GetDohIterator(
- session_->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session_.get());
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
@@ -3148,7 +3128,7 @@
// The first two probes (one for each runner) happen without any delay.
RunUntilIdle();
std::unique_ptr<DnsServerIterator> doh_itr = resolve_context_->GetDohIterator(
- session_->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session_.get());
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
EXPECT_GT(runner1->GetDelayUntilNextProbeForTest(0), base::TimeDelta());
@@ -3190,7 +3170,7 @@
// The first two probes (one for each runner) happen without any delay.
RunUntilIdle();
std::unique_ptr<DnsServerIterator> doh_itr = resolve_context_->GetDohIterator(
- session_->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session_.get());
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
EXPECT_GT(runner1->GetDelayUntilNextProbeForTest(0), base::TimeDelta());
@@ -3224,9 +3204,8 @@
RunUntilIdle();
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -3238,9 +3217,8 @@
RunUntilIdle();
{
std::unique_ptr<DnsServerIterator> doh_itr =
- resolve_context_->GetDohIterator(session_->config(),
- DnsConfig::SecureDnsMode::AUTOMATIC,
- session_.get());
+ resolve_context_->GetDohIterator(
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -3263,7 +3241,7 @@
// The first probe happens without any delay.
RunUntilIdle();
std::unique_ptr<DnsServerIterator> doh_itr = resolve_context_->GetDohIterator(
- session_->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session_.get());
+ session_->config(), SecureDnsMode::kAutomatic, session_.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
diff --git a/net/dns/dns_util.cc b/net/dns/dns_util.cc
index 9ad7d536..2883a07 100644
--- a/net/dns/dns_util.cc
+++ b/net/dns/dns_util.cc
@@ -365,14 +365,13 @@
return entries.empty() ? "Other" : entries[0]->provider;
}
-std::string SecureDnsModeToString(
- const DnsConfig::SecureDnsMode secure_dns_mode) {
+std::string SecureDnsModeToString(const SecureDnsMode secure_dns_mode) {
switch (secure_dns_mode) {
- case DnsConfig::SecureDnsMode::OFF:
+ case SecureDnsMode::kOff:
return "Off";
- case DnsConfig::SecureDnsMode::AUTOMATIC:
+ case SecureDnsMode::kAutomatic:
return "Automatic";
- case DnsConfig::SecureDnsMode::SECURE:
+ case SecureDnsMode::kSecure:
return "Secure";
}
}
diff --git a/net/dns/dns_util.h b/net/dns/dns_util.h
index ae1620016..00b5ff59 100644
--- a/net/dns/dns_util.h
+++ b/net/dns/dns_util.h
@@ -14,9 +14,9 @@
#include "net/base/ip_endpoint.h"
#include "net/base/net_export.h"
#include "net/base/network_change_notifier.h"
-#include "net/dns/dns_config.h"
#include "net/dns/public/dns_over_https_server_config.h"
#include "net/dns/public/dns_query_type.h"
+#include "net/dns/public/secure_dns_mode.h"
namespace net {
@@ -140,7 +140,7 @@
const IPEndPoint& nameserver);
NET_EXPORT_PRIVATE std::string SecureDnsModeToString(
- const DnsConfig::SecureDnsMode secure_dns_mode);
+ const SecureDnsMode secure_dns_mode);
} // namespace net
diff --git a/net/dns/host_resolver.h b/net/dns/host_resolver.h
index 9468c62..5abb6265 100644
--- a/net/dns/host_resolver.h
+++ b/net/dns/host_resolver.h
@@ -19,12 +19,12 @@
#include "net/base/completion_once_callback.h"
#include "net/base/host_port_pair.h"
#include "net/base/request_priority.h"
-#include "net/dns/dns_config.h"
#include "net/dns/dns_config_overrides.h"
#include "net/dns/host_cache.h"
#include "net/dns/host_resolver_source.h"
#include "net/dns/public/dns_query_type.h"
#include "net/dns/public/resolve_error_info.h"
+#include "net/dns/public/secure_dns_mode.h"
namespace base {
class Value;
@@ -245,8 +245,7 @@
bool is_speculative = false;
// Set to override the resolver's default secure dns mode for this request.
- base::Optional<DnsConfig::SecureDnsMode> secure_dns_mode_override =
- base::nullopt;
+ base::Optional<SecureDnsMode> secure_dns_mode_override = base::nullopt;
};
// Handler for an ongoing MDNS listening operation. Created by
diff --git a/net/dns/host_resolver_manager.cc b/net/dns/host_resolver_manager.cc
index ee1ec4d..9a78419 100644
--- a/net/dns/host_resolver_manager.cc
+++ b/net/dns/host_resolver_manager.cc
@@ -1090,7 +1090,7 @@
DnsQueryType query_type,
ResolveContext* resolve_context,
bool secure,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
Delegate* delegate,
const NetLogWithSource& job_net_log,
const base::TickClock* tick_clock)
@@ -1749,7 +1749,7 @@
// Whether lookups in this DnsTask should occur using DoH or plaintext.
const bool secure_;
- const DnsConfig::SecureDnsMode secure_dns_mode_;
+ const SecureDnsMode secure_dns_mode_;
// The listener to the results of this DnsTask.
Delegate* delegate_;
@@ -1795,7 +1795,7 @@
DnsQueryType query_type;
HostResolverFlags flags;
HostResolverSource source;
- DnsConfig::SecureDnsMode secure_dns_mode;
+ SecureDnsMode secure_dns_mode;
// TODO([email protected]): Use base::UnownedPtr once available.
ResolveContext* resolve_context;
};
@@ -1814,7 +1814,7 @@
HostResolverFlags host_resolver_flags,
HostResolverSource requested_source,
ResolveHostParameters::CacheUsage cache_usage,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
ResolveContext* resolve_context,
HostCache* host_cache,
std::deque<TaskType> tasks,
@@ -2319,12 +2319,11 @@
bool secure) {
DCHECK_NE(OK, failure_results.error());
- if (secure_dns_mode_ == DnsConfig::SecureDnsMode::SECURE) {
+ if (secure_dns_mode_ == SecureDnsMode::kSecure) {
DCHECK(secure);
UMA_HISTOGRAM_LONG_TIMES_100(
"Net.DNS.SecureDnsTask.DnsModeSecure.FailureTime", duration);
- } else if (secure_dns_mode_ == DnsConfig::SecureDnsMode::AUTOMATIC &&
- secure) {
+ } else if (secure_dns_mode_ == SecureDnsMode::kAutomatic && secure) {
UMA_HISTOGRAM_LONG_TIMES_100(
"Net.DNS.SecureDnsTask.DnsModeAutomatic.FailureTime", duration);
} else {
@@ -2667,7 +2666,7 @@
const HostResolverFlags host_resolver_flags_;
const HostResolverSource requested_source_;
const ResolveHostParameters::CacheUsage cache_usage_;
- const DnsConfig::SecureDnsMode secure_dns_mode_;
+ const SecureDnsMode secure_dns_mode_;
// TODO([email protected]): Use base::UnownedPtr once available.
ResolveContext* const resolve_context_;
// TODO(crbug.com/969847): Consider allowing requests within a single Job to
@@ -2993,7 +2992,7 @@
DnsQueryType effective_query_type;
HostResolverFlags effective_host_resolver_flags;
- DnsConfig::SecureDnsMode effective_secure_dns_mode;
+ SecureDnsMode effective_secure_dns_mode;
std::deque<TaskType> tasks;
base::Optional<HostCache::EntryStaleness> stale_info;
HostCache::Entry results = ResolveLocally(
@@ -3030,14 +3029,14 @@
DnsQueryType dns_query_type,
HostResolverSource source,
HostResolverFlags flags,
- base::Optional<DnsConfig::SecureDnsMode> secure_dns_mode_override,
+ base::Optional<SecureDnsMode> secure_dns_mode_override,
ResolveHostParameters::CacheUsage cache_usage,
const NetLogWithSource& source_net_log,
HostCache* cache,
ResolveContext* resolve_context,
DnsQueryType* out_effective_query_type,
HostResolverFlags* out_effective_host_resolver_flags,
- DnsConfig::SecureDnsMode* out_effective_secure_dns_mode,
+ SecureDnsMode* out_effective_secure_dns_mode,
std::deque<TaskType>* out_tasks,
base::Optional<HostCache::EntryStaleness>* out_stale_info) {
DCHECK(out_stale_info);
@@ -3144,7 +3143,7 @@
void HostResolverManager::CreateAndStartJob(
DnsQueryType effective_query_type,
HostResolverFlags effective_host_resolver_flags,
- DnsConfig::SecureDnsMode effective_secure_dns_mode,
+ SecureDnsMode effective_secure_dns_mode,
std::deque<TaskType> tasks,
RequestImpl* request) {
DCHECK(!tasks.empty());
@@ -3347,13 +3346,13 @@
return job;
}
-DnsConfig::SecureDnsMode HostResolverManager::GetEffectiveSecureDnsMode(
+SecureDnsMode HostResolverManager::GetEffectiveSecureDnsMode(
const std::string& hostname,
- base::Optional<DnsConfig::SecureDnsMode> secure_dns_mode_override) {
+ base::Optional<SecureDnsMode> secure_dns_mode_override) {
const DnsConfig* config =
dns_client_ ? dns_client_->GetEffectiveConfig() : nullptr;
- DnsConfig::SecureDnsMode secure_dns_mode = DnsConfig::SecureDnsMode::OFF;
+ SecureDnsMode secure_dns_mode = SecureDnsMode::kOff;
if (secure_dns_mode_override) {
secure_dns_mode = secure_dns_mode_override.value();
} else if (config) {
@@ -3367,7 +3366,7 @@
}
void HostResolverManager::PushDnsTasks(bool proc_task_allowed,
- DnsConfig::SecureDnsMode secure_dns_mode,
+ SecureDnsMode secure_dns_mode,
bool insecure_tasks_allowed,
bool allow_cache,
bool prioritize_local_lookups,
@@ -3382,14 +3381,14 @@
bool dns_tasks_allowed = !HaveTestProcOverride();
// Upgrade the insecure DnsTask depending on the secure dns mode.
switch (secure_dns_mode) {
- case DnsConfig::SecureDnsMode::SECURE:
+ case SecureDnsMode::kSecure:
DCHECK(!allow_cache ||
out_tasks->front() == TaskType::SECURE_CACHE_LOOKUP);
DCHECK(dns_client_->CanUseSecureDnsTransactions());
if (dns_tasks_allowed)
out_tasks->push_back(TaskType::SECURE_DNS);
break;
- case DnsConfig::SecureDnsMode::AUTOMATIC:
+ case SecureDnsMode::kAutomatic:
DCHECK(!allow_cache || out_tasks->front() == TaskType::CACHE_LOOKUP);
if (dns_client_->FallbackFromSecureTransactionPreferred(
resolve_context)) {
@@ -3420,7 +3419,7 @@
out_tasks->push_back(TaskType::DNS);
}
break;
- case DnsConfig::SecureDnsMode::OFF:
+ case SecureDnsMode::kOff:
DCHECK(!allow_cache || out_tasks->front() == TaskType::CACHE_LOOKUP);
if (dns_tasks_allowed && insecure_tasks_allowed)
out_tasks->push_back(TaskType::DNS);
@@ -3448,10 +3447,10 @@
DnsQueryType dns_query_type,
HostResolverSource source,
HostResolverFlags flags,
- base::Optional<DnsConfig::SecureDnsMode> secure_dns_mode_override,
+ base::Optional<SecureDnsMode> secure_dns_mode_override,
ResolveHostParameters::CacheUsage cache_usage,
ResolveContext* resolve_context,
- DnsConfig::SecureDnsMode* out_effective_secure_dns_mode,
+ SecureDnsMode* out_effective_secure_dns_mode,
std::deque<TaskType>* out_tasks) {
DCHECK(out_tasks->empty());
*out_effective_secure_dns_mode =
@@ -3462,7 +3461,7 @@
bool allow_cache =
cache_usage != ResolveHostParameters::CacheUsage::DISALLOWED;
if (allow_cache) {
- if (*out_effective_secure_dns_mode == DnsConfig::SecureDnsMode::SECURE) {
+ if (*out_effective_secure_dns_mode == SecureDnsMode::kSecure) {
out_tasks->push_front(TaskType::SECURE_CACHE_LOOKUP);
} else {
out_tasks->push_front(TaskType::CACHE_LOOKUP);
@@ -3487,7 +3486,7 @@
} else if (!ResemblesMulticastDNSName(hostname)) {
bool proc_task_allowed =
IsAddressType(dns_query_type) &&
- *out_effective_secure_dns_mode != DnsConfig::SecureDnsMode::SECURE;
+ *out_effective_secure_dns_mode != SecureDnsMode::kSecure;
if (dns_client_ && dns_client_->GetEffectiveConfig()) {
bool insecure_allowed =
dns_client_->CanUseInsecureDnsTransactions() &&
@@ -3532,14 +3531,14 @@
DnsQueryType dns_query_type,
HostResolverSource source,
HostResolverFlags flags,
- base::Optional<DnsConfig::SecureDnsMode> secure_dns_mode_override,
+ base::Optional<SecureDnsMode> secure_dns_mode_override,
ResolveHostParameters::CacheUsage cache_usage,
const IPAddress* ip_address,
const NetLogWithSource& net_log,
ResolveContext* resolve_context,
DnsQueryType* out_effective_type,
HostResolverFlags* out_effective_flags,
- DnsConfig::SecureDnsMode* out_effective_secure_dns_mode,
+ SecureDnsMode* out_effective_secure_dns_mode,
std::deque<TaskType>* out_tasks) {
*out_effective_flags = flags | additional_resolver_flags_;
*out_effective_type = dns_query_type;
diff --git a/net/dns/host_resolver_manager.h b/net/dns/host_resolver_manager.h
index dd64a18..7d86fcd2 100644
--- a/net/dns/host_resolver_manager.h
+++ b/net/dns/host_resolver_manager.h
@@ -31,6 +31,7 @@
#include "net/dns/host_resolver.h"
#include "net/dns/host_resolver_proc.h"
#include "net/dns/public/dns_query_type.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/dns/resolve_context.h"
#include "net/dns/system_dns_config_change_notifier.h"
#include "url/gurl.h"
@@ -93,7 +94,6 @@
public:
using MdnsListener = HostResolver::MdnsListener;
using ResolveHostParameters = HostResolver::ResolveHostParameters;
- using SecureDnsMode = DnsConfig::SecureDnsMode;
// A request that allows explicit cancellation before destruction. Enables
// callers (e.g. ContextHostResolver) to implement cancellation of requests on
@@ -295,7 +295,7 @@
ResolveContext* resolve_context,
DnsQueryType* out_effective_query_type,
HostResolverFlags* out_effective_host_resolver_flags,
- DnsConfig::SecureDnsMode* out_effective_secure_dns_mode,
+ SecureDnsMode* out_effective_secure_dns_mode,
std::deque<TaskType>* out_tasks,
base::Optional<HostCache::EntryStaleness>* out_stale_info);
@@ -303,7 +303,7 @@
// |request|.
void CreateAndStartJob(DnsQueryType effective_query_type,
HostResolverFlags effective_host_resolver_flags,
- DnsConfig::SecureDnsMode effective_secure_dns_mode,
+ SecureDnsMode effective_secure_dns_mode,
std::deque<TaskType> tasks,
RequestImpl* request);
@@ -373,7 +373,7 @@
base::Optional<SecureDnsMode> secure_dns_mode_override,
ResolveHostParameters::CacheUsage cache_usage,
ResolveContext* resolve_context,
- DnsConfig::SecureDnsMode* out_effective_secure_dns_mode,
+ SecureDnsMode* out_effective_secure_dns_mode,
std::deque<TaskType>* out_tasks);
// Determines "effective" request parameters using manager properties and IPv6
@@ -390,7 +390,7 @@
ResolveContext* resolve_context,
DnsQueryType* out_effective_type,
HostResolverFlags* out_effective_flags,
- DnsConfig::SecureDnsMode* out_effective_secure_dns_mode,
+ SecureDnsMode* out_effective_secure_dns_mode,
std::deque<TaskType>* out_tasks);
// Probes IPv6 support and returns true if IPv6 support is enabled.
diff --git a/net/dns/host_resolver_manager_unittest.cc b/net/dns/host_resolver_manager_unittest.cc
index 21727a7..32feedf 100644
--- a/net/dns/host_resolver_manager_unittest.cc
+++ b/net/dns/host_resolver_manager_unittest.cc
@@ -3488,14 +3488,14 @@
config.nameservers.push_back(IPEndPoint(dns_ip, dns_protocol::kDefaultPort));
config.dns_over_https_servers.push_back({DnsOverHttpsServerConfig(
"https://dns.example.com/", true /* use_post */)});
- config.secure_dns_mode = DnsConfig::SecureDnsMode::OFF;
+ config.secure_dns_mode = SecureDnsMode::kOff;
EXPECT_TRUE(config.IsValid());
return config;
}
DnsConfig CreateUpgradableDnsConfig() {
DnsConfig config;
- config.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ config.secure_dns_mode = SecureDnsMode::kAutomatic;
config.allow_dns_over_https_upgrade = true;
// Cloudflare upgradeable IPs
IPAddress dns_ip0(1, 0, 0, 1);
@@ -4438,8 +4438,7 @@
ChangeDnsConfig(CreateValidDnsConfig());
HostResolver::ResolveHostParameters secure_parameters;
- secure_parameters.secure_dns_mode_override =
- DnsConfig::SecureDnsMode::AUTOMATIC;
+ secure_parameters.secure_dns_mode_override = SecureDnsMode::kAutomatic;
ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
HostPortPair("automatic", 80), NetworkIsolationKey(), NetLogWithSource(),
secure_parameters, resolve_context_.get(),
@@ -4809,8 +4808,7 @@
// Secure DnsTasks should not be affected.
HostResolver::ResolveHostParameters secure_parameters;
- secure_parameters.secure_dns_mode_override =
- DnsConfig::SecureDnsMode::AUTOMATIC;
+ secure_parameters.secure_dns_mode_override = SecureDnsMode::kAutomatic;
ResolveHostResponseHelper secure_response(resolver_->CreateRequest(
HostPortPair("automatic", 80), NetworkIsolationKey(), NetLogWithSource(),
secure_parameters, resolve_context_.get(),
@@ -4986,15 +4984,14 @@
false /* delay */);
UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
// Create three requests. One with a SECURE mode override, one with no
// mode override, and one with an AUTOMATIC mode override (which is a no-op
// since the DnsConfig uses AUTOMATIC).
HostResolver::ResolveHostParameters parameters_secure_override;
- parameters_secure_override.secure_dns_mode_override =
- DnsConfig::SecureDnsMode::SECURE;
+ parameters_secure_override.secure_dns_mode_override = SecureDnsMode::kSecure;
ResolveHostResponseHelper secure_response(resolver_->CreateRequest(
HostPortPair("a", 80), NetworkIsolationKey(), NetLogWithSource(),
parameters_secure_override, resolve_context_.get(),
@@ -5008,7 +5005,7 @@
HostResolver::ResolveHostParameters parameters_automatic_override;
parameters_automatic_override.secure_dns_mode_override =
- DnsConfig::SecureDnsMode::AUTOMATIC;
+ SecureDnsMode::kAutomatic;
ResolveHostResponseHelper automatic_response1(resolver_->CreateRequest(
HostPortPair("a", 80), NetworkIsolationKey(), NetLogWithSource(),
parameters_automatic_override, resolve_context_.get(),
@@ -5117,7 +5114,7 @@
TEST_F(HostResolverManagerDnsTest, DeleteWithSecureTransactions) {
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
ResolveHostResponseHelper response(resolver_->CreateRequest(
@@ -5255,7 +5252,7 @@
UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
ResolveHostResponseHelper response0(resolver_->CreateRequest(
@@ -5370,7 +5367,7 @@
false /* delay */);
UseMockDnsClient(CreateValidDnsConfig(), std::move(rules));
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
ResolveHostResponseHelper response(resolver_->CreateRequest(
@@ -5403,7 +5400,7 @@
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
@@ -5459,7 +5456,7 @@
TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_SecureCache) {
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
// Populate cache with a secure entry.
@@ -5490,7 +5487,7 @@
TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_InsecureCache) {
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
// Populate cache with an insecure entry.
@@ -5525,7 +5522,7 @@
DnsConfigOverrides overrides;
std::vector<DnsOverHttpsServerConfig> doh_servers;
overrides.dns_over_https_servers = doh_servers;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
@@ -5586,7 +5583,7 @@
TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Unavailable) {
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
dns_client_->SetForceDohServerAvailable(false);
@@ -5622,7 +5619,7 @@
set_allow_fallback_to_proctask(false);
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
dns_client_->SetForceDohServerAvailable(false);
@@ -5668,7 +5665,7 @@
set_allow_fallback_to_proctask(false);
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
dns_client_->SetForceDohServerAvailable(false);
@@ -5701,7 +5698,7 @@
TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Automatic_Stale) {
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
// Populate cache with insecure entry.
@@ -5736,7 +5733,7 @@
ChangeDnsConfig(CreateValidDnsConfig());
resolver_->SetInsecureDnsClientEnabled(false);
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
@@ -5802,7 +5799,7 @@
config.dns_over_tls_active = true;
ChangeDnsConfig(config);
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
@@ -5873,7 +5870,7 @@
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
@@ -5920,7 +5917,7 @@
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
const std::pair<const HostCache::Key, HostCache::Entry>* cache_result;
@@ -5940,7 +5937,7 @@
TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure_Local_CacheMiss) {
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
HostResolver::ResolveHostParameters source_none_parameters;
@@ -5971,7 +5968,7 @@
TEST_F(HostResolverManagerDnsTest, SecureDnsMode_Secure_Local_CacheHit) {
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
HostResolver::ResolveHostParameters source_none_parameters;
@@ -6227,8 +6224,7 @@
// Secure DnsTasks should not be affected.
HostResolver::ResolveHostParameters secure_parameters;
- secure_parameters.secure_dns_mode_override =
- DnsConfig::SecureDnsMode::AUTOMATIC;
+ secure_parameters.secure_dns_mode_override = SecureDnsMode::kAutomatic;
ResolveHostResponseHelper response_secure(resolver_->CreateRequest(
HostPortPair("automatic", 80), NetworkIsolationKey(),
NetLogWithSource(), secure_parameters, resolve_context_.get(),
@@ -6563,7 +6559,7 @@
// Switch to automatic mode.
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
HostCache::Key insecure_key =
@@ -6605,7 +6601,7 @@
// Switch to secure mode.
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
HostCache::Key insecure_key =
@@ -6862,7 +6858,7 @@
DnsConfigOverrides overrides;
overrides.dns_over_https_servers.emplace(
{DnsOverHttpsServerConfig(server, true)});
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
base::Value config = resolver_->GetDnsConfigAsValue();
base::Value* doh_servers = config.FindListKey("doh_servers");
@@ -6879,7 +6875,7 @@
EXPECT_TRUE(server_template);
EXPECT_EQ(*server_template, server);
EXPECT_EQ(config.FindKey("secure_dns_mode")->GetInt(),
- static_cast<int>(DnsConfig::SecureDnsMode::AUTOMATIC));
+ static_cast<int>(SecureDnsMode::kAutomatic));
}
TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerBeforeConfig) {
@@ -6890,7 +6886,7 @@
DnsConfigOverrides overrides;
overrides.dns_over_https_servers.emplace(
{DnsOverHttpsServerConfig(server, true)});
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
notifier.mock_network_change_notifier()->SetConnectionType(
@@ -6912,7 +6908,7 @@
EXPECT_TRUE(server_template);
EXPECT_EQ(*server_template, server);
EXPECT_EQ(config.FindKey("secure_dns_mode")->GetInt(),
- static_cast<int>(DnsConfig::SecureDnsMode::AUTOMATIC));
+ static_cast<int>(SecureDnsMode::kAutomatic));
}
TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerBeforeClient) {
@@ -6923,7 +6919,7 @@
DnsConfigOverrides overrides;
overrides.dns_over_https_servers.emplace(
{DnsOverHttpsServerConfig(server, true)});
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
notifier.mock_network_change_notifier()->SetConnectionType(
@@ -6945,7 +6941,7 @@
EXPECT_TRUE(server_template);
EXPECT_EQ(*server_template, server);
EXPECT_EQ(config.FindKey("secure_dns_mode")->GetInt(),
- static_cast<int>(DnsConfig::SecureDnsMode::AUTOMATIC));
+ static_cast<int>(SecureDnsMode::kAutomatic));
}
TEST_F(HostResolverManagerDnsTest, AddDnsOverHttpsServerAndThenRemove) {
@@ -6956,7 +6952,7 @@
DnsConfigOverrides overrides;
overrides.dns_over_https_servers.emplace(
{DnsOverHttpsServerConfig(server, true)});
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ overrides.secure_dns_mode = SecureDnsMode::kAutomatic;
resolver_->SetDnsConfigOverrides(overrides);
notifier.mock_network_change_notifier()->SetConnectionType(
@@ -6980,7 +6976,7 @@
EXPECT_TRUE(server_template);
EXPECT_EQ(*server_template, server);
EXPECT_EQ(config.FindKey("secure_dns_mode")->GetInt(),
- static_cast<int>(DnsConfig::SecureDnsMode::AUTOMATIC));
+ static_cast<int>(SecureDnsMode::kAutomatic));
resolver_->SetDnsConfigOverrides(DnsConfigOverrides());
config = resolver_->GetDnsConfigAsValue();
@@ -6990,7 +6986,7 @@
return;
EXPECT_EQ(doh_servers->GetList().size(), 0u);
EXPECT_EQ(config.FindKey("secure_dns_mode")->GetInt(),
- static_cast<int>(DnsConfig::SecureDnsMode::OFF));
+ static_cast<int>(SecureDnsMode::kOff));
}
// Basic test socket factory that allows creation of UDP sockets, but those
@@ -7059,8 +7055,7 @@
const std::vector<DnsOverHttpsServerConfig> dns_over_https_servers = {
DnsOverHttpsServerConfig("dns.example.com", true)};
overrides.dns_over_https_servers = dns_over_https_servers;
- const DnsConfig::SecureDnsMode secure_dns_mode =
- DnsConfig::SecureDnsMode::SECURE;
+ const SecureDnsMode secure_dns_mode = SecureDnsMode::kSecure;
overrides.secure_dns_mode = secure_dns_mode;
overrides.allow_dns_over_https_upgrade = true;
const std::vector<std::string> disabled_upgrade_providers = {"provider_name"};
@@ -7388,7 +7383,7 @@
// SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
// not associated with hardcoded DoH services.
DnsConfig original_config = CreateUpgradableDnsConfig();
- original_config.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ original_config.secure_dns_mode = SecureDnsMode::kSecure;
ChangeDnsConfig(original_config);
const DnsConfig* fetched_config = client_ptr->GetEffectiveConfig();
@@ -7542,7 +7537,7 @@
// SafeBrowsing family filter, SafeBrowsing security filter, and other IPs
// not associated with hardcoded DoH services.
DnsConfig original_config = CreateUpgradableDnsConfig();
- original_config.secure_dns_mode = DnsConfig::SecureDnsMode::AUTOMATIC;
+ original_config.secure_dns_mode = SecureDnsMode::kAutomatic;
original_config.dns_over_tls_active = true;
// Google DoT hostname
@@ -8703,7 +8698,7 @@
std::unique_ptr<ResolveHostResponseHelper> DoIntegrityQuery(bool use_secure) {
if (use_secure) {
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
}
@@ -9301,7 +9296,7 @@
set_allow_fallback_to_proctask(false);
ChangeDnsConfig(CreateValidDnsConfig());
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
ASSERT_TRUE(dns_client_->GetCurrentSession());
@@ -9334,7 +9329,7 @@
set_allow_fallback_to_proctask(false);
InvalidateDnsConfig();
DnsConfigOverrides overrides;
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
resolver_->SetDnsConfigOverrides(overrides);
ASSERT_FALSE(dns_client_->GetCurrentSession());
diff --git a/net/dns/mock_host_resolver.h b/net/dns/mock_host_resolver.h
index 2be07a23..24a9eb8 100644
--- a/net/dns/mock_host_resolver.h
+++ b/net/dns/mock_host_resolver.h
@@ -21,11 +21,11 @@
#include "base/threading/thread_checker.h"
#include "net/base/completion_once_callback.h"
#include "net/base/network_isolation_key.h"
-#include "net/dns/dns_config.h"
#include "net/dns/host_resolver.h"
#include "net/dns/host_resolver_proc.h"
#include "net/dns/host_resolver_source.h"
#include "net/dns/public/dns_query_type.h"
+#include "net/dns/public/secure_dns_mode.h"
namespace base {
class TickClock;
@@ -200,8 +200,7 @@
// Returns the SecureDnsMode override of the last call to Resolve() (or
// base::nullopt if Resolve() hasn't been called yet).
- const base::Optional<DnsConfig::SecureDnsMode>&
- last_secure_dns_mode_override() const {
+ const base::Optional<SecureDnsMode>& last_secure_dns_mode_override() const {
return last_secure_dns_mode_override_;
}
@@ -270,7 +269,7 @@
RequestPriority last_request_priority_;
base::Optional<NetworkIsolationKey> last_request_network_isolation_key_;
- base::Optional<DnsConfig::SecureDnsMode> last_secure_dns_mode_override_;
+ base::Optional<SecureDnsMode> last_secure_dns_mode_override_;
bool synchronous_mode_;
bool ondemand_mode_;
std::map<HostResolverSource, scoped_refptr<RuleBasedHostResolverProc>>
diff --git a/net/dns/public/BUILD.gn b/net/dns/public/BUILD.gn
index 832312d..a8f56f6 100644
--- a/net/dns/public/BUILD.gn
+++ b/net/dns/public/BUILD.gn
@@ -2,6 +2,10 @@
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
+if (is_android) {
+ import("//build/config/android/rules.gni")
+}
+
source_set("public") {
# Due to circular dependencies, should only be depended on through //net.
# Limit visibility to //net and other source_sets with the same access
@@ -23,6 +27,7 @@
"doh_provider_entry.h",
"resolve_error_info.cc",
"resolve_error_info.h",
+ "secure_dns_mode.h",
"util.cc",
"util.h",
]
@@ -32,6 +37,12 @@
public_deps = [ "//net:net_public_deps" ]
}
+if (is_android) {
+ java_cpp_enum("secure_dns_mode_generated_enum") {
+ sources = [ "secure_dns_mode.h" ]
+ }
+}
+
source_set("tests") {
testonly = true
sources = [
diff --git a/net/dns/public/secure_dns_mode.h b/net/dns/public/secure_dns_mode.h
new file mode 100644
index 0000000..96a6977
--- /dev/null
+++ b/net/dns/public/secure_dns_mode.h
@@ -0,0 +1,26 @@
+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_DNS_PUBLIC_SECURE_DNS_MODE_H_
+#define NET_DNS_PUBLIC_SECURE_DNS_MODE_H_
+
+namespace net {
+
+// GENERATED_JAVA_ENUM_PACKAGE: org.chromium.net
+// The SecureDnsMode specifies what types of lookups (secure/insecure) should
+// be performed and in what order when resolving a specific query. The int
+// values should not be changed as they are logged.
+enum class SecureDnsMode : int {
+ // In OFF mode, no DoH lookups should be performed.
+ kOff = 0,
+ // In AUTOMATIC mode, DoH lookups should be performed first if DoH is
+ // available, and insecure DNS lookups should be performed as a fallback.
+ kAutomatic = 1,
+ // In SECURE mode, only DoH lookups should be performed.
+ kSecure = 2,
+};
+
+} // namespace net
+
+#endif // NET_DNS_PUBLIC_SECURE_DNS_MODE_H_
diff --git a/net/dns/resolve_context.cc b/net/dns/resolve_context.cc
index 57b75f656..1a2b7fb 100644
--- a/net/dns/resolve_context.cc
+++ b/net/dns/resolve_context.cc
@@ -108,7 +108,7 @@
std::unique_ptr<DnsServerIterator> ResolveContext::GetDohIterator(
const DnsConfig& config,
- const DnsConfig::SecureDnsMode& mode,
+ const SecureDnsMode& mode,
const DnsSession* session) {
// Make the iterator even if the session differs. The first call to the member
// functions will catch the out of date session.
diff --git a/net/dns/resolve_context.h b/net/dns/resolve_context.h
index bcbac64..1a96eff1 100644
--- a/net/dns/resolve_context.h
+++ b/net/dns/resolve_context.h
@@ -18,6 +18,7 @@
#include "net/base/isolation_info.h"
#include "net/base/net_export.h"
#include "net/dns/dns_config.h"
+#include "net/dns/public/secure_dns_mode.h"
namespace net {
@@ -68,10 +69,9 @@
~ResolveContext() override;
// Returns an iterator for DoH DNS servers.
- std::unique_ptr<DnsServerIterator> GetDohIterator(
- const DnsConfig& config,
- const DnsConfig::SecureDnsMode& mode,
- const DnsSession* session);
+ std::unique_ptr<DnsServerIterator> GetDohIterator(const DnsConfig& config,
+ const SecureDnsMode& mode,
+ const DnsSession* session);
// Returns an iterator for classic DNS servers.
std::unique_ptr<DnsServerIterator> GetClassicDnsIterator(
diff --git a/net/dns/resolve_context_unittest.cc b/net/dns/resolve_context_unittest.cc
index 2b432fc..c246b34 100644
--- a/net/dns/resolve_context_unittest.cc
+++ b/net/dns/resolve_context_unittest.cc
@@ -122,7 +122,7 @@
EXPECT_EQ(context.NumAvailableDohServers(session.get()), 0u);
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
}
@@ -143,7 +143,7 @@
session.get());
EXPECT_EQ(context.NumAvailableDohServers(session.get()), 1u);
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -161,7 +161,7 @@
session.get());
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
EXPECT_EQ(0u, context.NumAvailableDohServers(session.get()));
@@ -187,7 +187,7 @@
session2.get());
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session1->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session1.get());
+ session1->config(), SecureDnsMode::kAutomatic, session1.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
EXPECT_EQ(0u, context.NumAvailableDohServers(session1.get()));
@@ -216,7 +216,7 @@
session.get());
EXPECT_EQ(context.NumAvailableDohServers(session.get()), 1u);
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -234,7 +234,7 @@
false /* network_change */);
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
}
@@ -250,7 +250,7 @@
false /* network_change */);
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::SECURE, session.get());
+ session->config(), SecureDnsMode::kSecure, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -660,7 +660,7 @@
for (size_t i = 0; i < ResolveContext::kAutomaticModeFailureLimit; i++) {
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -670,7 +670,7 @@
ERR_FAILED, session.get());
}
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
EXPECT_FALSE(doh_itr->AttemptAvailable());
EXPECT_EQ(0u, context.NumAvailableDohServers(session.get()));
@@ -696,7 +696,7 @@
for (size_t i = 0; i < ResolveContext::kAutomaticModeFailureLimit - 1; i++) {
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -706,7 +706,7 @@
}
{
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -717,7 +717,7 @@
session.get());
{
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -730,7 +730,7 @@
ERR_FAILED, session.get());
{
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -768,7 +768,7 @@
session.get());
{
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 1u);
@@ -845,7 +845,7 @@
// Expect server preference to change after |config.attempts| failures.
for (int i = 0; i < config.attempts; i++) {
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 0u);
@@ -861,7 +861,7 @@
}
std::unique_ptr<DnsServerIterator> doh_itr = context.GetDohIterator(
- session->config(), DnsConfig::SecureDnsMode::AUTOMATIC, session.get());
+ session->config(), SecureDnsMode::kAutomatic, session.get());
ASSERT_TRUE(doh_itr->AttemptAvailable());
EXPECT_EQ(doh_itr->GetNextAttemptIndex(), 2u);
diff --git a/net/http/http_proxy_connect_job_unittest.cc b/net/http/http_proxy_connect_job_unittest.cc
index 1a049b1..395322f0 100644
--- a/net/http/http_proxy_connect_job_unittest.cc
+++ b/net/http/http_proxy_connect_job_unittest.cc
@@ -24,6 +24,7 @@
#include "net/base/network_isolation_key.h"
#include "net/base/test_proxy_delegate.h"
#include "net/dns/mock_host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/http/http_network_session.h"
#include "net/nqe/network_quality_estimator_test_util.h"
#include "net/socket/client_socket_handle.h"
@@ -886,7 +887,7 @@
.has_value());
if (disable_secure_dns) {
EXPECT_EQ(
- net::DnsConfig::SecureDnsMode::OFF,
+ net::SecureDnsMode::kOff,
session_deps_.host_resolver->last_secure_dns_mode_override().value());
}
}
diff --git a/net/http/http_stream_factory_unittest.cc b/net/http/http_stream_factory_unittest.cc
index 527ac742..c6f6e0f51 100644
--- a/net/http/http_stream_factory_unittest.cc
+++ b/net/http/http_stream_factory_unittest.cc
@@ -32,6 +32,7 @@
#include "net/cert/mock_cert_verifier.h"
#include "net/cert/multi_log_ct_verifier.h"
#include "net/dns/mock_host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/http/bidirectional_stream_impl.h"
#include "net/http/bidirectional_stream_request_info.h"
#include "net/http/http_auth_handler_factory.h"
@@ -1204,7 +1205,7 @@
waiter.WaitForStream();
EXPECT_EQ(
- net::DnsConfig::SecureDnsMode::OFF,
+ net::SecureDnsMode::kOff,
session_deps.host_resolver->last_secure_dns_mode_override().value());
EXPECT_EQ(GetSocketPoolGroupCount(ssl_pool), 2);
}
diff --git a/net/quic/quic_stream_factory.cc b/net/quic/quic_stream_factory.cc
index 0767433..ad845cb 100644
--- a/net/quic/quic_stream_factory.cc
+++ b/net/quic/quic_stream_factory.cc
@@ -34,6 +34,7 @@
#include "net/cert/cert_verifier.h"
#include "net/cert/ct_verifier.h"
#include "net/dns/host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/log/net_log.h"
#include "net/log/net_log_capture_mode.h"
#include "net/log/net_log_event_type.h"
@@ -677,7 +678,7 @@
HostResolver::ResolveHostParameters::CacheUsage::STALE_ALLOWED;
}
if (key_.session_key().disable_secure_dns())
- parameters.secure_dns_mode_override = DnsConfig::SecureDnsMode::OFF;
+ parameters.secure_dns_mode_override = SecureDnsMode::kOff;
resolve_host_request_ = host_resolver_->CreateRequest(
key_.destination(), key_.session_key().network_isolation_key(), net_log_,
parameters);
diff --git a/net/quic/quic_stream_factory_test.cc b/net/quic/quic_stream_factory_test.cc
index 9f0d098..73894530 100644
--- a/net/quic/quic_stream_factory_test.cc
+++ b/net/quic/quic_stream_factory_test.cc
@@ -29,6 +29,7 @@
#include "net/dns/host_resolver_source.h"
#include "net/dns/mock_host_resolver.h"
#include "net/dns/public/dns_query_type.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/http/http_response_headers.h"
#include "net/http/http_response_info.h"
#include "net/http/http_server_properties.h"
@@ -12178,7 +12179,7 @@
EXPECT_TRUE(stream.get());
ASSERT_TRUE(host_resolver_->last_secure_dns_mode_override().has_value());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
host_resolver_->last_secure_dns_mode_override().value());
ASSERT_TRUE(host_resolver_->last_request_network_isolation_key().has_value());
EXPECT_EQ(kNetworkIsolationKey,
diff --git a/net/socket/socks_client_socket.cc b/net/socket/socks_client_socket.cc
index b6cd391..1108b50 100644
--- a/net/socket/socks_client_socket.cc
+++ b/net/socket/socks_client_socket.cc
@@ -13,6 +13,7 @@
#include "base/sys_byteorder.h"
#include "net/base/io_buffer.h"
#include "net/dns/public/dns_query_type.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/log/net_log.h"
#include "net/log/net_log_event_type.h"
#include "net/traffic_annotation/network_traffic_annotation.h"
@@ -310,7 +311,7 @@
parameters.dns_query_type = DnsQueryType::A;
parameters.initial_priority = priority_;
if (disable_secure_dns_)
- parameters.secure_dns_mode_override = DnsConfig::SecureDnsMode::OFF;
+ parameters.secure_dns_mode_override = SecureDnsMode::kOff;
resolve_host_request_ = host_resolver_->CreateRequest(
destination_, network_isolation_key_, net_log_, parameters);
diff --git a/net/socket/socks_client_socket_unittest.cc b/net/socket/socks_client_socket_unittest.cc
index 2095aa1..c5fd4ab 100644
--- a/net/socket/socks_client_socket_unittest.cc
+++ b/net/socket/socks_client_socket_unittest.cc
@@ -16,6 +16,7 @@
#include "net/base/winsock_init.h"
#include "net/dns/host_resolver.h"
#include "net/dns/mock_host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/log/net_log_event_type.h"
#include "net/log/test_net_log.h"
#include "net/log/test_net_log_util.h"
@@ -464,7 +465,7 @@
EXPECT_EQ(disable_secure_dns,
host_resolver.last_secure_dns_mode_override().has_value());
if (disable_secure_dns) {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
host_resolver.last_secure_dns_mode_override().value());
}
}
diff --git a/net/socket/socks_connect_job_unittest.cc b/net/socket/socks_connect_job_unittest.cc
index b3e23f6..0167484 100644
--- a/net/socket/socks_connect_job_unittest.cc
+++ b/net/socket/socks_connect_job_unittest.cc
@@ -16,6 +16,7 @@
#include "net/base/net_errors.h"
#include "net/base/network_isolation_key.h"
#include "net/dns/mock_host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/log/net_log.h"
#include "net/socket/client_socket_factory.h"
#include "net/socket/client_socket_handle.h"
@@ -392,7 +393,7 @@
EXPECT_EQ(disable_secure_dns,
host_resolver_.last_secure_dns_mode_override().has_value());
if (disable_secure_dns) {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
host_resolver_.last_secure_dns_mode_override().value());
}
}
diff --git a/net/socket/ssl_connect_job_unittest.cc b/net/socket/ssl_connect_job_unittest.cc
index 0d6d834..94932d4 100644
--- a/net/socket/ssl_connect_job_unittest.cc
+++ b/net/socket/ssl_connect_job_unittest.cc
@@ -25,6 +25,7 @@
#include "net/cert/mock_cert_verifier.h"
#include "net/cert/multi_log_ct_verifier.h"
#include "net/dns/mock_host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/http/http_auth_handler_factory.h"
#include "net/http/http_network_session.h"
#include "net/http/http_proxy_connect_job.h"
@@ -445,7 +446,7 @@
EXPECT_EQ(disable_secure_dns,
host_resolver_.last_secure_dns_mode_override().has_value());
if (disable_secure_dns) {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
host_resolver_.last_secure_dns_mode_override().value());
}
}
diff --git a/net/socket/transport_client_socket_pool_unittest.cc b/net/socket/transport_client_socket_pool_unittest.cc
index d7d14a6..89cc8a4 100644
--- a/net/socket/transport_client_socket_pool_unittest.cc
+++ b/net/socket/transport_client_socket_pool_unittest.cc
@@ -29,6 +29,7 @@
#include "net/cert/ct_policy_enforcer.h"
#include "net/cert/mock_cert_verifier.h"
#include "net/dns/mock_host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/http/http_network_session.h"
#include "net/http/http_proxy_connect_job.h"
#include "net/http/transport_security_state.h"
@@ -275,7 +276,7 @@
.has_value());
if (disable_secure_dns) {
EXPECT_EQ(
- net::DnsConfig::SecureDnsMode::OFF,
+ net::SecureDnsMode::kOff,
session_deps_.host_resolver->last_secure_dns_mode_override().value());
}
}
diff --git a/net/socket/transport_connect_job.cc b/net/socket/transport_connect_job.cc
index 8d25667e..1576493 100644
--- a/net/socket/transport_connect_job.cc
+++ b/net/socket/transport_connect_job.cc
@@ -19,6 +19,7 @@
#include "net/base/ip_endpoint.h"
#include "net/base/net_errors.h"
#include "net/base/trace_constants.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/log/net_log.h"
#include "net/log/net_log_event_type.h"
#include "net/log/net_log_source_type.h"
@@ -269,7 +270,7 @@
HostResolver::ResolveHostParameters parameters;
parameters.initial_priority = priority();
if (params_->disable_secure_dns())
- parameters.secure_dns_mode_override = DnsConfig::SecureDnsMode::OFF;
+ parameters.secure_dns_mode_override = SecureDnsMode::kOff;
request_ = host_resolver()->CreateRequest(params_->destination(),
params_->network_isolation_key(),
net_log(), parameters);
diff --git a/net/socket/transport_connect_job_unittest.cc b/net/socket/transport_connect_job_unittest.cc
index a94d60e..9def530 100644
--- a/net/socket/transport_connect_job_unittest.cc
+++ b/net/socket/transport_connect_job_unittest.cc
@@ -16,6 +16,7 @@
#include "net/base/net_errors.h"
#include "net/base/test_completion_callback.h"
#include "net/dns/mock_host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/log/test_net_log.h"
#include "net/socket/connect_job_test_util.h"
#include "net/socket/connection_attempts.h"
@@ -273,7 +274,7 @@
EXPECT_EQ(disable_secure_dns,
host_resolver_.last_secure_dns_mode_override().has_value());
if (disable_secure_dns) {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
host_resolver_.last_secure_dns_mode_override().value());
}
}
diff --git a/net/url_request/http_with_dns_over_https_unittest.cc b/net/url_request/http_with_dns_over_https_unittest.cc
index 4e21e25..8f574cd9 100644
--- a/net/url_request/http_with_dns_over_https_unittest.cc
+++ b/net/url_request/http_with_dns_over_https_unittest.cc
@@ -17,6 +17,7 @@
#include "net/dns/host_resolver_manager.h"
#include "net/dns/host_resolver_proc.h"
#include "net/dns/public/dns_over_https_server_config.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/http/http_stream_factory_test_util.h"
#include "net/log/net_log.h"
#include "net/socket/transport_client_socket_pool.h"
@@ -96,7 +97,7 @@
DnsConfigOverrides overrides;
overrides.dns_over_https_servers.emplace(
{DnsOverHttpsServerConfig(url.spec(), true /* use_post */)});
- overrides.secure_dns_mode = DnsConfig::SecureDnsMode::SECURE;
+ overrides.secure_dns_mode = SecureDnsMode::kSecure;
overrides.use_local_ipv6 = true;
resolver_->GetManagerForTesting()->SetDnsConfigOverrides(
std::move(overrides));
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc
index 2f92038..a0c62cc 100644
--- a/net/url_request/url_request_unittest.cc
+++ b/net/url_request/url_request_unittest.cc
@@ -93,6 +93,7 @@
#include "net/cookies/test_cookie_access_delegate.h"
#include "net/disk_cache/disk_cache.h"
#include "net/dns/mock_host_resolver.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/http/http_byte_range.h"
#include "net/http/http_cache.h"
#include "net/http/http_network_layer.h"
@@ -1355,7 +1356,7 @@
req->Start();
d.RunUntilComplete();
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
host_resolver.last_secure_dns_mode_override().value());
}
diff --git a/services/network/host_resolver_unittest.cc b/services/network/host_resolver_unittest.cc
index a7ba3ed9..c74df377 100644
--- a/services/network/host_resolver_unittest.cc
+++ b/services/network/host_resolver_unittest.cc
@@ -30,6 +30,7 @@
#include "net/dns/host_resolver_manager.h"
#include "net/dns/mock_host_resolver.h"
#include "net/dns/public/dns_protocol.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/log/net_log.h"
#include "net/net_buildflags.h"
#include "testing/gmock/include/gmock/gmock.h"
@@ -729,7 +730,7 @@
EXPECT_EQ(net::OK, response_client.result_error());
EXPECT_THAT(response_client.result_addresses().value().endpoints(),
testing::ElementsAre(CreateExpectedEndPoint("127.0.0.1", 80)));
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::SECURE,
+ EXPECT_EQ(net::SecureDnsMode::kSecure,
inner_resolver->last_secure_dns_mode_override().value());
}
diff --git a/services/network/network_context_unittest.cc b/services/network/network_context_unittest.cc
index df66f69..e7b3686 100644
--- a/services/network/network_context_unittest.cc
+++ b/services/network/network_context_unittest.cc
@@ -78,6 +78,7 @@
#include "net/dns/host_resolver_source.h"
#include "net/dns/mock_host_resolver.h"
#include "net/dns/public/dns_query_type.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/dns/resolve_context.h"
#include "net/http/http_auth.h"
#include "net/http/http_cache.h"
@@ -4476,7 +4477,7 @@
EXPECT_EQ(disable_secure_dns,
resolver->last_secure_dns_mode_override().has_value());
if (disable_secure_dns) {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
resolver->last_secure_dns_mode_override().value());
}
}
@@ -4522,7 +4523,7 @@
EXPECT_EQ(disable_secure_dns,
resolver.last_secure_dns_mode_override().has_value());
if (disable_secure_dns) {
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
resolver.last_secure_dns_mode_override().value());
}
}
diff --git a/services/network/network_service.cc b/services/network/network_service.cc
index dd365ae..6eceac36 100644
--- a/services/network/network_service.cc
+++ b/services/network/network_service.cc
@@ -508,7 +508,7 @@
void NetworkService::ConfigureStubHostResolver(
bool insecure_dns_client_enabled,
- net::DnsConfig::SecureDnsMode secure_dns_mode,
+ net::SecureDnsMode secure_dns_mode,
base::Optional<std::vector<mojom::DnsOverHttpsServerPtr>>
dns_over_https_servers) {
DCHECK(!dns_over_https_servers || !dns_over_https_servers->empty());
@@ -538,7 +538,7 @@
// a quick hack to increase the timeout for these requests.
// TODO(crbug.com/1105138): Rethink the timeout logic to be less aggressive in
// cases where there is no fallback, without needing to make so many retries.
- if (secure_dns_mode == net::DnsConfig::SecureDnsMode::SECURE)
+ if (secure_dns_mode == net::SecureDnsMode::kSecure)
overrides.doh_attempts = 3;
host_resolver_manager_->SetDnsConfigOverrides(overrides);
diff --git a/services/network/network_service.h b/services/network/network_service.h
index 85dcae8..21a0a6e 100644
--- a/services/network/network_service.h
+++ b/services/network/network_service.h
@@ -27,7 +27,7 @@
#include "mojo/public/cpp/bindings/pending_remote.h"
#include "mojo/public/cpp/bindings/receiver.h"
#include "mojo/public/cpp/bindings/remote.h"
-#include "net/dns/dns_config.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "net/log/net_log.h"
#include "net/log/trace_net_log_observer.h"
#include "services/network/keepalive_statistics_recorder.h"
@@ -163,7 +163,7 @@
mojom::NetworkContextParamsPtr params) override;
void ConfigureStubHostResolver(
bool insecure_dns_client_enabled,
- net::DnsConfig::SecureDnsMode secure_dns_mode,
+ net::SecureDnsMode secure_dns_mode,
base::Optional<std::vector<mojom::DnsOverHttpsServerPtr>>
dns_over_https_servers) override;
void DisableQuic() override;
diff --git a/services/network/network_service_unittest.cc b/services/network/network_service_unittest.cc
index 542e895..d2d032a5 100644
--- a/services/network/network_service_unittest.cc
+++ b/services/network/network_service_unittest.cc
@@ -470,27 +470,24 @@
std::move(dns_client));
service()->ConfigureStubHostResolver(
- true /* insecure_dns_client_enabled */,
- net::DnsConfig::SecureDnsMode::OFF,
+ true /* insecure_dns_client_enabled */, net::SecureDnsMode::kOff,
base::nullopt /* dns_over_https_servers */);
EXPECT_TRUE(dns_client_ptr->CanUseInsecureDnsTransactions());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
dns_client_ptr->GetEffectiveConfig()->secure_dns_mode);
service()->ConfigureStubHostResolver(
- false /* insecure_dns_client_enabled */,
- net::DnsConfig::SecureDnsMode::OFF,
+ false /* insecure_dns_client_enabled */, net::SecureDnsMode::kOff,
base::nullopt /* dns_over_https_servers */);
EXPECT_FALSE(dns_client_ptr->CanUseInsecureDnsTransactions());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::OFF,
+ EXPECT_EQ(net::SecureDnsMode::kOff,
dns_client_ptr->GetEffectiveConfig()->secure_dns_mode);
service()->ConfigureStubHostResolver(
- false /* insecure_dns_client_enabled */,
- net::DnsConfig::SecureDnsMode::AUTOMATIC,
+ false /* insecure_dns_client_enabled */, net::SecureDnsMode::kAutomatic,
base::nullopt /* dns_over_https_servers */);
EXPECT_FALSE(dns_client_ptr->CanUseInsecureDnsTransactions());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC,
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic,
dns_client_ptr->GetEffectiveConfig()->secure_dns_mode);
std::vector<mojom::DnsOverHttpsServerPtr> dns_over_https_servers_ptr;
@@ -500,10 +497,10 @@
dns_over_https_server->use_post = true;
dns_over_https_servers_ptr.emplace_back(std::move(dns_over_https_server));
service()->ConfigureStubHostResolver(false /* insecure_dns_client_enabled */,
- net::DnsConfig::SecureDnsMode::AUTOMATIC,
+ net::SecureDnsMode::kAutomatic,
std::move(dns_over_https_servers_ptr));
EXPECT_FALSE(dns_client_ptr->CanUseInsecureDnsTransactions());
- EXPECT_EQ(net::DnsConfig::SecureDnsMode::AUTOMATIC,
+ EXPECT_EQ(net::SecureDnsMode::kAutomatic,
dns_client_ptr->GetEffectiveConfig()->secure_dns_mode);
}
@@ -536,7 +533,7 @@
dns_over_https_servers_ptr.emplace_back(std::move(dns_over_https_server));
service()->ConfigureStubHostResolver(false /* insecure_dns_client_enabled */,
- net::DnsConfig::SecureDnsMode::AUTOMATIC,
+ net::SecureDnsMode::kAutomatic,
std::move(dns_over_https_servers_ptr));
EXPECT_TRUE(
service()->host_resolver_manager()->GetDnsConfigAsValue().is_dict());
@@ -560,7 +557,7 @@
dns_over_https_servers_ptr.emplace_back(std::move(dns_over_https_server));
service()->ConfigureStubHostResolver(true /* insecure_dns_client_enabled */,
- net::DnsConfig::SecureDnsMode::SECURE,
+ net::SecureDnsMode::kSecure,
std::move(dns_over_https_servers_ptr));
EXPECT_TRUE(
service()->host_resolver_manager()->GetDnsConfigAsValue().is_dict());
@@ -579,8 +576,7 @@
features::kDnsOverHttpsUpgrade,
{{"DisabledProviders", "CleanBrowsingSecure, , Cloudflare,Unexpected"}});
service()->ConfigureStubHostResolver(
- true /* insecure_dns_client_enabled */,
- net::DnsConfig::SecureDnsMode::AUTOMATIC,
+ true /* insecure_dns_client_enabled */, net::SecureDnsMode::kAutomatic,
base::nullopt /* dns_over_https_servers */);
// Set valid DnsConfig.
diff --git a/services/network/public/cpp/host_resolver_mojom_traits.cc b/services/network/public/cpp/host_resolver_mojom_traits.cc
index c2126c1..f8914dc 100644
--- a/services/network/public/cpp/host_resolver_mojom_traits.cc
+++ b/services/network/public/cpp/host_resolver_mojom_traits.cc
@@ -111,32 +111,32 @@
}
OptionalSecureDnsMode ToOptionalSecureDnsMode(
- base::Optional<net::DnsConfig::SecureDnsMode> optional) {
+ base::Optional<net::SecureDnsMode> optional) {
if (!optional)
return OptionalSecureDnsMode::NO_OVERRIDE;
switch (optional.value()) {
- case net::DnsConfig::SecureDnsMode::OFF:
+ case net::SecureDnsMode::kOff:
return OptionalSecureDnsMode::OFF;
- case net::DnsConfig::SecureDnsMode::AUTOMATIC:
+ case net::SecureDnsMode::kAutomatic:
return OptionalSecureDnsMode::AUTOMATIC;
- case net::DnsConfig::SecureDnsMode::SECURE:
+ case net::SecureDnsMode::kSecure:
return OptionalSecureDnsMode::SECURE;
}
}
} // namespace
-base::Optional<net::DnsConfig::SecureDnsMode> FromOptionalSecureDnsMode(
+base::Optional<net::SecureDnsMode> FromOptionalSecureDnsMode(
OptionalSecureDnsMode mode) {
switch (mode) {
case OptionalSecureDnsMode::NO_OVERRIDE:
return base::nullopt;
case OptionalSecureDnsMode::OFF:
- return net::DnsConfig::SecureDnsMode::OFF;
+ return net::SecureDnsMode::kOff;
case OptionalSecureDnsMode::AUTOMATIC:
- return net::DnsConfig::SecureDnsMode::AUTOMATIC;
+ return net::SecureDnsMode::kAutomatic;
case OptionalSecureDnsMode::SECURE:
- return net::DnsConfig::SecureDnsMode::SECURE;
+ return net::SecureDnsMode::kSecure;
}
}
@@ -383,14 +383,14 @@
// static
network::mojom::SecureDnsMode
-EnumTraits<network::mojom::SecureDnsMode, net::DnsConfig::SecureDnsMode>::
- ToMojom(net::DnsConfig::SecureDnsMode secure_dns_mode) {
+EnumTraits<network::mojom::SecureDnsMode, net::SecureDnsMode>::ToMojom(
+ net::SecureDnsMode secure_dns_mode) {
switch (secure_dns_mode) {
- case net::DnsConfig::SecureDnsMode::OFF:
+ case net::SecureDnsMode::kOff:
return network::mojom::SecureDnsMode::OFF;
- case net::DnsConfig::SecureDnsMode::AUTOMATIC:
+ case net::SecureDnsMode::kAutomatic:
return network::mojom::SecureDnsMode::AUTOMATIC;
- case net::DnsConfig::SecureDnsMode::SECURE:
+ case net::SecureDnsMode::kSecure:
return network::mojom::SecureDnsMode::SECURE;
}
NOTREACHED();
@@ -398,18 +398,18 @@
}
// static
-bool EnumTraits<network::mojom::SecureDnsMode, net::DnsConfig::SecureDnsMode>::
- FromMojom(network::mojom::SecureDnsMode in,
- net::DnsConfig::SecureDnsMode* out) {
+bool EnumTraits<network::mojom::SecureDnsMode, net::SecureDnsMode>::FromMojom(
+ network::mojom::SecureDnsMode in,
+ net::SecureDnsMode* out) {
switch (in) {
case network::mojom::SecureDnsMode::OFF:
- *out = net::DnsConfig::SecureDnsMode::OFF;
+ *out = net::SecureDnsMode::kOff;
return true;
case network::mojom::SecureDnsMode::AUTOMATIC:
- *out = net::DnsConfig::SecureDnsMode::AUTOMATIC;
+ *out = net::SecureDnsMode::kAutomatic;
return true;
case network::mojom::SecureDnsMode::SECURE:
- *out = net::DnsConfig::SecureDnsMode::SECURE;
+ *out = net::SecureDnsMode::kSecure;
return true;
}
return false;
diff --git a/services/network/public/cpp/host_resolver_mojom_traits.h b/services/network/public/cpp/host_resolver_mojom_traits.h
index 9591057..1d30f3e 100644
--- a/services/network/public/cpp/host_resolver_mojom_traits.h
+++ b/services/network/public/cpp/host_resolver_mojom_traits.h
@@ -18,11 +18,11 @@
#include "net/base/address_family.h"
#include "net/base/ip_address.h"
#include "net/base/ip_endpoint.h"
-#include "net/dns/dns_config.h"
#include "net/dns/dns_config_overrides.h"
#include "net/dns/dns_hosts.h"
#include "net/dns/host_resolver.h"
#include "net/dns/public/dns_query_type.h"
+#include "net/dns/public/secure_dns_mode.h"
#include "services/network/public/mojom/host_resolver.mojom-forward.h"
#include "services/network/public/mojom/host_resolver.mojom-shared.h"
@@ -30,7 +30,7 @@
// This is made visible for use by network::HostResolver. Not intended to be
// used elsewhere.
-base::Optional<net::DnsConfig::SecureDnsMode> FromOptionalSecureDnsMode(
+base::Optional<net::SecureDnsMode> FromOptionalSecureDnsMode(
network::mojom::OptionalSecureDnsMode mode);
template <>
@@ -115,12 +115,11 @@
};
template <>
-struct EnumTraits<network::mojom::SecureDnsMode,
- net::DnsConfig::SecureDnsMode> {
+struct EnumTraits<network::mojom::SecureDnsMode, net::SecureDnsMode> {
static network::mojom::SecureDnsMode ToMojom(
- net::DnsConfig::SecureDnsMode secure_dns_mode);
+ net::SecureDnsMode secure_dns_mode);
static bool FromMojom(network::mojom::SecureDnsMode in,
- net::DnsConfig::SecureDnsMode* out);
+ net::SecureDnsMode* out);
};
template <>
diff --git a/services/network/public/cpp/host_resolver_mojom_traits_unittest.cc b/services/network/public/cpp/host_resolver_mojom_traits_unittest.cc
index 448f384..e58f2f90 100644
--- a/services/network/public/cpp/host_resolver_mojom_traits_unittest.cc
+++ b/services/network/public/cpp/host_resolver_mojom_traits_unittest.cc
@@ -44,7 +44,7 @@
original.use_local_ipv6 = false;
original.dns_over_https_servers.emplace(
{net::DnsOverHttpsServerConfig("example.com", false)});
- original.secure_dns_mode = net::DnsConfig::SecureDnsMode::SECURE;
+ original.secure_dns_mode = net::SecureDnsMode::kSecure;
original.allow_dns_over_https_upgrade = true;
original.disabled_upgrade_providers.emplace({std::string("provider_name")});
diff --git a/services/network/public/mojom/BUILD.gn b/services/network/public/mojom/BUILD.gn
index 47cc972..9a260665 100644
--- a/services/network/public/mojom/BUILD.gn
+++ b/services/network/public/mojom/BUILD.gn
@@ -750,7 +750,7 @@
},
{
mojom = "network.mojom.SecureDnsMode"
- cpp = "::net::DnsConfig::SecureDnsMode"
+ cpp = "::net::SecureDnsMode"
},
]
traits_headers =
diff --git a/services/network/public/mojom/host_resolver.mojom b/services/network/public/mojom/host_resolver.mojom
index 7d48d2a..3b7041c 100644
--- a/services/network/public/mojom/host_resolver.mojom
+++ b/services/network/public/mojom/host_resolver.mojom
@@ -31,9 +31,8 @@
// The secure DNS mode specifies what types of lookups (secure/insecure) should
// be performed and in what order when resolving a specific query. This is
-// an expanded version of DnsConfig::SecureDnsMode that includes representation
-// of an optional SecureDnsMode. Needed because Mojo does not support optional
-// enums.
+// an expanded version of net::SecureDnsMode that includes representation of an
+// optional SecureDnsMode. Needed because Mojo does not support optional enums.
enum OptionalSecureDnsMode {
NO_OVERRIDE,
OFF,
@@ -41,7 +40,7 @@
SECURE,
};
-// This enum corresponds to DnsConfig::SecureDnsMode.
+// This enum corresponds to net::SecureDnsMode.
enum SecureDnsMode {
OFF,
AUTOMATIC,
