AdGuardHome/internal/dnsforward/dns64_test.go

305 lines
7.4 KiB
Go
Raw Normal View History

Pull request: 5117-dns64 Merge in DNS/adguard-home from 5117-dns64 to master Updates #5117. Squashed commit of the following: commit 757d689134b85bdac9a6f5e43249866ec09ab7e3 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 19:06:18 2023 +0300 all: imp fmt commit b7a73c68c0b40bd3bda520c045c8110975c1827a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 17:49:21 2023 +0300 all: rm unused, imp code commit 548feb6bd27b9774a9453d0570d37cdf557d4c3a Merge: de3e84b5 54a141ab Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 14:08:12 2023 +0300 Merge branch 'master' into 5117-dns64 commit de3e84b52b8dbff70df3ca0ac3315c3d33576334 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 12:04:48 2023 +0300 dnsforward: imp code commit a580e92119e3dbadc8b1a6572dbecc679f69db40 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 18:24:33 2023 +0400 dnsforward: try again commit 67b7a365194939fe15e4907a3dc2fee44b019d08 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 18:08:23 2023 +0400 dnsforward: fix test on linux commit ca83e4178a3383e326bf528d209d8766fb3c60d3 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:37:48 2023 +0400 dnsforward: imp naming commit c4e477c7a12af4966cbcd4e5f003a72966dc5d61 Merge: 42aa42a8 6e803375 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:30:03 2023 +0400 Merge branch 'master' into 5117-dns64 commit 42aa42a8149b6bb42eb0da6e88ede4b5065bbf2f Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:26:54 2023 +0400 dnsforward: imp test commit 4e91c675703f1453456ef9eea08157009ce6237a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Wed Jan 18 12:32:55 2023 +0400 dnsforward: imp code, docs, add test commit 766ef757f61e7a555b8151b4783fa7aba5f566f7 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Jan 17 16:36:35 2023 +0400 dnsforward: imp docs commit 6825f372389988597d1879cf66342c410f3cfd47 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Jan 17 14:33:33 2023 +0400 internal: imp code, docs commit 1215316a338496b5bea2b20d697c7451bfbcc84b Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 13 21:24:50 2023 +0400 all: add dns64 support
2023-01-23 16:10:56 +00:00
package dnsforward
import (
"net"
"testing"
"time"
"github.com/AdguardTeam/AdGuardHome/internal/aghtest"
"github.com/AdguardTeam/AdGuardHome/internal/filtering"
"github.com/AdguardTeam/dnsproxy/proxy"
"github.com/AdguardTeam/dnsproxy/upstream"
"github.com/AdguardTeam/golibs/netutil"
"github.com/AdguardTeam/golibs/testutil"
"github.com/miekg/dns"
"github.com/stretchr/testify/require"
)
// maxDNS64SynTTL is the maximum TTL for synthesized DNS64 responses with no SOA
// records in seconds.
//
// If the SOA RR was not delivered with the negative response to the AAAA query,
// then the DNS64 SHOULD use the TTL of the original A RR or 600 seconds,
// whichever is shorter.
//
// See https://datatracker.ietf.org/doc/html/rfc6147#section-5.1.7.
const maxDNS64SynTTL uint32 = 600
Pull request: 5117-dns64 Merge in DNS/adguard-home from 5117-dns64 to master Updates #5117. Squashed commit of the following: commit 757d689134b85bdac9a6f5e43249866ec09ab7e3 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 19:06:18 2023 +0300 all: imp fmt commit b7a73c68c0b40bd3bda520c045c8110975c1827a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 17:49:21 2023 +0300 all: rm unused, imp code commit 548feb6bd27b9774a9453d0570d37cdf557d4c3a Merge: de3e84b5 54a141ab Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 14:08:12 2023 +0300 Merge branch 'master' into 5117-dns64 commit de3e84b52b8dbff70df3ca0ac3315c3d33576334 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 12:04:48 2023 +0300 dnsforward: imp code commit a580e92119e3dbadc8b1a6572dbecc679f69db40 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 18:24:33 2023 +0400 dnsforward: try again commit 67b7a365194939fe15e4907a3dc2fee44b019d08 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 18:08:23 2023 +0400 dnsforward: fix test on linux commit ca83e4178a3383e326bf528d209d8766fb3c60d3 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:37:48 2023 +0400 dnsforward: imp naming commit c4e477c7a12af4966cbcd4e5f003a72966dc5d61 Merge: 42aa42a8 6e803375 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:30:03 2023 +0400 Merge branch 'master' into 5117-dns64 commit 42aa42a8149b6bb42eb0da6e88ede4b5065bbf2f Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:26:54 2023 +0400 dnsforward: imp test commit 4e91c675703f1453456ef9eea08157009ce6237a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Wed Jan 18 12:32:55 2023 +0400 dnsforward: imp code, docs, add test commit 766ef757f61e7a555b8151b4783fa7aba5f566f7 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Jan 17 16:36:35 2023 +0400 dnsforward: imp docs commit 6825f372389988597d1879cf66342c410f3cfd47 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Jan 17 14:33:33 2023 +0400 internal: imp code, docs commit 1215316a338496b5bea2b20d697c7451bfbcc84b Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 13 21:24:50 2023 +0400 all: add dns64 support
2023-01-23 16:10:56 +00:00
// newRR is a helper that creates a new dns.RR with the given name, qtype, ttl
// and value. It fails the test if the qtype is not supported or the type of
// value doesn't match the qtype.
func newRR(t *testing.T, name string, qtype uint16, ttl uint32, val any) (rr dns.RR) {
t.Helper()
switch qtype {
case dns.TypeA:
rr = &dns.A{A: testutil.RequireTypeAssert[net.IP](t, val)}
case dns.TypeAAAA:
rr = &dns.AAAA{AAAA: testutil.RequireTypeAssert[net.IP](t, val)}
case dns.TypeCNAME:
rr = &dns.CNAME{Target: testutil.RequireTypeAssert[string](t, val)}
case dns.TypeSOA:
rr = &dns.SOA{
Ns: "ns." + name,
Mbox: "hostmaster." + name,
Serial: 1,
Refresh: 1,
Retry: 1,
Expire: 1,
Minttl: 1,
}
case dns.TypePTR:
rr = &dns.PTR{Ptr: testutil.RequireTypeAssert[string](t, val)}
default:
t.Fatalf("unsupported qtype: %d", qtype)
}
*rr.Header() = dns.RR_Header{
Name: name,
Rrtype: qtype,
Class: dns.ClassINET,
Ttl: ttl,
}
return rr
}
func TestServer_HandleDNSRequest_dns64(t *testing.T) {
const (
ipv4Domain = "ipv4.only."
ipv6Domain = "ipv6.only."
soaDomain = "ipv4.soa."
mappedDomain = "filterable.ipv6."
anotherDomain = "another.domain."
pointedDomain = "local1234.ipv4."
globDomain = "real1234.ipv4."
)
someIPv4 := net.IP{1, 2, 3, 4}
someIPv6 := net.IP{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16}
mappedIPv6 := net.ParseIP("64:ff9b::102:304")
ptr64Domain, err := netutil.IPToReversedAddr(mappedIPv6)
require.NoError(t, err)
ptr64Domain = dns.Fqdn(ptr64Domain)
ptrGlobDomain, err := netutil.IPToReversedAddr(someIPv4)
require.NoError(t, err)
ptrGlobDomain = dns.Fqdn(ptrGlobDomain)
const (
sectionAnswer = iota
sectionAuthority
sectionAdditional
sectionsNum
)
// answerMap is a convenience alias for describing the upstream response for
// a given question type.
type answerMap = map[uint16][sectionsNum][]dns.RR
pt := testutil.PanicT{}
newUps := func(answers answerMap) (u upstream.Upstream) {
return aghtest.NewUpstreamMock(func(req *dns.Msg) (resp *dns.Msg, err error) {
q := req.Question[0]
require.Contains(pt, answers, q.Qtype)
answer := answers[q.Qtype]
resp = (&dns.Msg{}).SetReply(req)
resp.Answer = answer[sectionAnswer]
resp.Ns = answer[sectionAuthority]
resp.Extra = answer[sectionAdditional]
return resp, nil
})
}
testCases := []struct {
name string
qname string
upsAns answerMap
wantAns []dns.RR
qtype uint16
}{{
name: "simple_a",
qname: ipv4Domain,
upsAns: answerMap{
dns.TypeA: {
sectionAnswer: {newRR(t, ipv4Domain, dns.TypeA, 3600, someIPv4)},
},
dns.TypeAAAA: {},
},
wantAns: []dns.RR{&dns.A{
Hdr: dns.RR_Header{
Name: ipv4Domain,
Rrtype: dns.TypeA,
Class: dns.ClassINET,
Ttl: 3600,
Rdlength: 4,
},
A: someIPv4,
}},
qtype: dns.TypeA,
}, {
name: "simple_aaaa",
qname: ipv6Domain,
upsAns: answerMap{
dns.TypeA: {},
dns.TypeAAAA: {
sectionAnswer: {newRR(t, ipv6Domain, dns.TypeAAAA, 3600, someIPv6)},
},
},
wantAns: []dns.RR{&dns.AAAA{
Hdr: dns.RR_Header{
Name: ipv6Domain,
Rrtype: dns.TypeAAAA,
Class: dns.ClassINET,
Ttl: 3600,
Rdlength: 16,
},
AAAA: someIPv6,
}},
qtype: dns.TypeAAAA,
}, {
name: "actual_dns64",
qname: ipv4Domain,
upsAns: answerMap{
dns.TypeA: {
sectionAnswer: {newRR(t, ipv4Domain, dns.TypeA, 3600, someIPv4)},
},
dns.TypeAAAA: {},
},
wantAns: []dns.RR{&dns.AAAA{
Hdr: dns.RR_Header{
Name: ipv4Domain,
Rrtype: dns.TypeAAAA,
Class: dns.ClassINET,
Ttl: maxDNS64SynTTL,
Rdlength: 16,
},
AAAA: mappedIPv6,
}},
qtype: dns.TypeAAAA,
}, {
name: "actual_dns64_soattl",
qname: soaDomain,
upsAns: answerMap{
dns.TypeA: {
sectionAnswer: {newRR(t, soaDomain, dns.TypeA, 3600, someIPv4)},
},
dns.TypeAAAA: {
sectionAuthority: {newRR(t, soaDomain, dns.TypeSOA, maxDNS64SynTTL+50, nil)},
},
},
wantAns: []dns.RR{&dns.AAAA{
Hdr: dns.RR_Header{
Name: soaDomain,
Rrtype: dns.TypeAAAA,
Class: dns.ClassINET,
Ttl: maxDNS64SynTTL + 50,
Rdlength: 16,
},
AAAA: mappedIPv6,
}},
qtype: dns.TypeAAAA,
}, {
name: "filtered",
qname: mappedDomain,
upsAns: answerMap{
dns.TypeA: {},
dns.TypeAAAA: {
sectionAnswer: {
newRR(t, mappedDomain, dns.TypeAAAA, 3600, net.ParseIP("64:ff9b::506:708")),
newRR(t, mappedDomain, dns.TypeCNAME, 3600, anotherDomain),
},
},
},
wantAns: []dns.RR{&dns.CNAME{
Hdr: dns.RR_Header{
Name: mappedDomain,
Rrtype: dns.TypeCNAME,
Class: dns.ClassINET,
Ttl: 3600,
Rdlength: 16,
},
Target: anotherDomain,
}},
qtype: dns.TypeAAAA,
}, {
name: "ptr",
qname: ptr64Domain,
upsAns: nil,
wantAns: []dns.RR{&dns.PTR{
Hdr: dns.RR_Header{
Name: ptr64Domain,
Rrtype: dns.TypePTR,
Class: dns.ClassINET,
Ttl: 3600,
Rdlength: 16,
},
Ptr: pointedDomain,
}},
qtype: dns.TypePTR,
}, {
name: "ptr_glob",
qname: ptrGlobDomain,
upsAns: answerMap{
dns.TypePTR: {
sectionAnswer: {newRR(t, ptrGlobDomain, dns.TypePTR, 3600, globDomain)},
},
},
wantAns: []dns.RR{&dns.PTR{
Hdr: dns.RR_Header{
Name: ptrGlobDomain,
Rrtype: dns.TypePTR,
Class: dns.ClassINET,
Ttl: 3600,
Rdlength: 15,
},
Ptr: globDomain,
}},
qtype: dns.TypePTR,
}}
localRR := newRR(t, ptr64Domain, dns.TypePTR, 3600, pointedDomain)
localUps := aghtest.NewUpstreamMock(func(req *dns.Msg) (resp *dns.Msg, err error) {
require.Equal(pt, req.Question[0].Name, ptr64Domain)
resp = (&dns.Msg{}).SetReply(req)
resp.Answer = []dns.RR{localRR}
return resp, nil
})
client := &dns.Client{
Net: "tcp",
Timeout: 1 * time.Second,
}
for _, tc := range testCases {
// TODO(e.burkov): It seems [proxy.Proxy] isn't intended to be reused
// right after stop, due to a data race in [proxy.Proxy.Init] method
// when setting an OOB size. As a temporary workaround, recreate the
// whole server for each test case.
s := createTestServer(t, &filtering.Config{}, ServerConfig{
UDPListenAddrs: []*net.UDPAddr{{}},
TCPListenAddrs: []*net.TCPAddr{{}},
UseDNS64: true,
}, localUps)
Pull request: 5117-dns64 Merge in DNS/adguard-home from 5117-dns64 to master Updates #5117. Squashed commit of the following: commit 757d689134b85bdac9a6f5e43249866ec09ab7e3 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 19:06:18 2023 +0300 all: imp fmt commit b7a73c68c0b40bd3bda520c045c8110975c1827a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 17:49:21 2023 +0300 all: rm unused, imp code commit 548feb6bd27b9774a9453d0570d37cdf557d4c3a Merge: de3e84b5 54a141ab Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 14:08:12 2023 +0300 Merge branch 'master' into 5117-dns64 commit de3e84b52b8dbff70df3ca0ac3315c3d33576334 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Jan 23 12:04:48 2023 +0300 dnsforward: imp code commit a580e92119e3dbadc8b1a6572dbecc679f69db40 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 18:24:33 2023 +0400 dnsforward: try again commit 67b7a365194939fe15e4907a3dc2fee44b019d08 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 18:08:23 2023 +0400 dnsforward: fix test on linux commit ca83e4178a3383e326bf528d209d8766fb3c60d3 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:37:48 2023 +0400 dnsforward: imp naming commit c4e477c7a12af4966cbcd4e5f003a72966dc5d61 Merge: 42aa42a8 6e803375 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:30:03 2023 +0400 Merge branch 'master' into 5117-dns64 commit 42aa42a8149b6bb42eb0da6e88ede4b5065bbf2f Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 20 17:26:54 2023 +0400 dnsforward: imp test commit 4e91c675703f1453456ef9eea08157009ce6237a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Wed Jan 18 12:32:55 2023 +0400 dnsforward: imp code, docs, add test commit 766ef757f61e7a555b8151b4783fa7aba5f566f7 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Jan 17 16:36:35 2023 +0400 dnsforward: imp docs commit 6825f372389988597d1879cf66342c410f3cfd47 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Jan 17 14:33:33 2023 +0400 internal: imp code, docs commit 1215316a338496b5bea2b20d697c7451bfbcc84b Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Jan 13 21:24:50 2023 +0400 all: add dns64 support
2023-01-23 16:10:56 +00:00
t.Run(tc.name, func(t *testing.T) {
s.conf.UpstreamConfig.Upstreams = []upstream.Upstream{newUps(tc.upsAns)}
startDeferStop(t, s)
req := (&dns.Msg{}).SetQuestion(tc.qname, tc.qtype)
resp, _, excErr := client.Exchange(req, s.dnsProxy.Addr(proxy.ProtoTCP).String())
require.NoError(t, excErr)
require.Equal(t, tc.wantAns, resp.Answer)
})
}
}