mirrors/dns
1
0
Fork 0
mirror of https://github.com/miekg/dns.git synced 2025-08-06 17:46:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
master
dns/xfr_test.go

275 lines
5.9 KiB
Go
Raw Permalink Blame History

package dns
import (
"crypto/tls"
"errors"
"testing"
"time"
)
var (
tsigSecret = map[string]string{"axfr.": "so6ZGir4GPAqINNh9U5c3A=="}
xfrSoa = testRR(`miek.nl. 0 IN SOA linode.atoom.net. miek.miek.nl. 2009032802 21600 7200 604800 3600`)
xfrA = testRR(`x.miek.nl. 1792 IN A 10.0.0.1`)
xfrMX = testRR(`miek.nl. 1800 IN MX 1 x.miek.nl.`)
xfrTestData = []RR{xfrSoa, xfrA, xfrMX, xfrSoa}
)
func InvalidXfrServer(w ResponseWriter, req *Msg) {
ch := make(chan *Envelope)
tr := new(Transfer)
go tr.Out(w, req, ch)
ch <- &Envelope{RR: []RR{}}
close(ch)
w.Hijack()
}
func SingleEnvelopeXfrServer(w ResponseWriter, req *Msg) {
ch := make(chan *Envelope)
tr := new(Transfer)
go tr.Out(w, req, ch)
ch <- &Envelope{RR: xfrTestData}
close(ch)
w.Hijack()
}
func MultipleEnvelopeXfrServer(w ResponseWriter, req *Msg) {
ch := make(chan *Envelope)
tr := new(Transfer)
go tr.Out(w, req, ch)
for _, rr := range xfrTestData {
ch <- &Envelope{RR: []RR{rr}}
}
close(ch)
w.Hijack()
}
func TestInvalidXfr(t *testing.T) {
HandleFunc("miek.nl.", InvalidXfrServer)
defer HandleRemove("miek.nl.")
s, addrstr, _, err := RunLocalTCPServer(":0")
if err != nil {
t.Fatalf("unable to run test server: %s", err)
}
defer s.Shutdown()
tr := new(Transfer)
m := new(Msg)
m.SetAxfr("miek.nl.")
c, err := tr.In(m, addrstr)
if err != nil {
t.Fatal("failed to zone transfer in", err)
}
for msg := range c {
if msg.Error == nil {
t.Fatal("failed to catch 'no SOA' error")
}
}
}
func TestSingleEnvelopeXfr(t *testing.T) {
HandleFunc("miek.nl.", SingleEnvelopeXfrServer)
defer HandleRemove("miek.nl.")
s, addrstr, _, err := RunLocalTCPServer(":0", func(srv *Server) {
srv.TsigSecret = tsigSecret
})
if err != nil {
t.Fatalf("unable to run test server: %s", err)
}
defer s.Shutdown()
axfrTestingSuite(t, addrstr)
}
func TestSingleEnvelopeXfrTLS(t *testing.T) {
HandleFunc("miek.nl.", SingleEnvelopeXfrServer)
defer HandleRemove("miek.nl.")
cert, err := tls.X509KeyPair(CertPEMBlock, KeyPEMBlock)
if err != nil {
t.Fatalf("unable to build certificate: %v", err)
}
tlsConfig := tls.Config{
Certificates: []tls.Certificate{cert},
}
s, addrstr, _, err := RunLocalTLSServer(":0", &tlsConfig)
if err != nil {
t.Fatalf("unable to run test server: %s", err)
}
defer s.Shutdown()
axfrTestingSuiteTLS(t, addrstr)
}
func TestMultiEnvelopeXfr(t *testing.T) {
HandleFunc("miek.nl.", MultipleEnvelopeXfrServer)
defer HandleRemove("miek.nl.")
s, addrstr, _, err := RunLocalTCPServer(":0", func(srv *Server) {
srv.TsigSecret = tsigSecret
})
if err != nil {
t.Fatalf("unable to run test server: %s", err)
}
defer s.Shutdown()
axfrTestingSuite(t, addrstr)
}
func axfrTestingSuite(t *testing.T, addrstr string) {
tr := new(Transfer)
m := new(Msg)
m.SetAxfr("miek.nl.")
c, err := tr.In(m, addrstr)
if err != nil {
t.Fatal("failed to zone transfer in", err)
}
var records []RR
for msg := range c {
if msg.Error != nil {
t.Fatal(msg.Error)
}
records = append(records, msg.RR...)
}
if len(records) != len(xfrTestData) {
t.Fatalf("bad axfr: expected %v, got %v", records, xfrTestData)
}
for i, rr := range records {
if !IsDuplicate(rr, xfrTestData[i]) {
t.Fatalf("bad axfr: expected %v, got %v", records, xfrTestData)
}
}
}
func axfrTestingSuiteTLS(t *testing.T, addrstr string) {
tr := new(Transfer)
m := new(Msg)
m.SetAxfr("miek.nl.")
tr.TLS = &tls.Config{
InsecureSkipVerify: true,
}
c, err := tr.In(m, addrstr)
if err != nil {
t.Fatal("failed to zone transfer in", err)
}
var records []RR
for msg := range c {
if msg.Error != nil {
t.Fatal(msg.Error)
}
records = append(records, msg.RR...)
}
if len(records) != len(xfrTestData) {
t.Fatalf("bad axfr: expected %v, got %v", records, xfrTestData)
}
for i, rr := range records {
if !IsDuplicate(rr, xfrTestData[i]) {
t.Fatalf("bad axfr: expected %v, got %v", records, xfrTestData)
}
}
}
func axfrTestingSuiteWithCustomTsig(t *testing.T, addrstr string, provider TsigProvider) {
tr := new(Transfer)
m := new(Msg)
var err error
tr.Conn, err = Dial("tcp", addrstr)
if err != nil {
t.Fatal("failed to dial", err)
}
tr.TsigProvider = provider
m.SetAxfr("miek.nl.")
m.SetTsig("axfr.", HmacSHA256, 300, time.Now().Unix())
c, err := tr.In(m, addrstr)
if err != nil {
t.Fatal("failed to zone transfer in", err)
}
var records []RR
for msg := range c {
if msg.Error != nil {
t.Fatal(msg.Error)
}
records = append(records, msg.RR...)
}
if len(records) != len(xfrTestData) {
t.Fatalf("bad axfr: expected %v, got %v", records, xfrTestData)
}
for i, rr := range records {
if !IsDuplicate(rr, xfrTestData[i]) {
t.Errorf("bad axfr: expected %v, got %v", records, xfrTestData)
}
}
}
func axfrTestingSuiteWithMsgNotSigned(t *testing.T, addrstr string, provider TsigProvider) {
tr := new(Transfer)
m := new(Msg)
var err error
tr.Conn, err = Dial("tcp", addrstr)
if err != nil {
t.Fatal("failed to dial", err)
}
tr.TsigProvider = provider
m.SetAxfr("miek.nl.")
c, err := tr.In(m, addrstr)
if err != nil {
t.Fatal("failed to zone transfer in", err)
}
for msg := range c {
if !errors.Is(msg.Error, ErrNoSig) {
t.Fatal("expecting ErrNoSig error")
}
}
}
func TestCustomTsigProvider(t *testing.T) {
HandleFunc("miek.nl.", SingleEnvelopeXfrServer)
defer HandleRemove("miek.nl.")
s, addrstr, _, err := RunLocalTCPServer(":0", func(srv *Server) {
srv.TsigProvider = tsigSecretProvider(tsigSecret)
})
if err != nil {
t.Fatalf("unable to run test server: %s", err)
}
defer s.Shutdown()
axfrTestingSuiteWithCustomTsig(t, addrstr, tsigSecretProvider(tsigSecret))
}
func TestTSIGNotSigned(t *testing.T) {
HandleFunc("miek.nl.", SingleEnvelopeXfrServer)
defer HandleRemove("miek.nl.")
s, addrstr, _, err := RunLocalTCPServer(":0")
if err != nil {
t.Fatalf("unable to run test server: %s", err)
}
defer s.Shutdown()
axfrTestingSuiteWithMsgNotSigned(t, addrstr, tsigSecretProvider(tsigSecret))
}
Reference in New Issue View Git Blame Copy Permalink