2020-11-16 16:45:31 +00:00
|
|
|
package dnsforward
|
|
|
|
|
|
|
|
import (
|
2021-04-07 18:16:06 +01:00
|
|
|
"bytes"
|
|
|
|
"encoding/json"
|
2021-05-21 12:55:42 +01:00
|
|
|
"io"
|
2021-02-04 17:35:13 +00:00
|
|
|
"net"
|
2020-11-16 16:45:31 +00:00
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
2021-04-07 18:16:06 +01:00
|
|
|
"os"
|
|
|
|
"path/filepath"
|
2021-04-13 11:44:29 +01:00
|
|
|
"strings"
|
2020-11-16 16:45:31 +00:00
|
|
|
"testing"
|
|
|
|
|
2021-06-01 12:28:34 +01:00
|
|
|
"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
|
2021-05-21 14:15:47 +01:00
|
|
|
"github.com/AdguardTeam/AdGuardHome/internal/filtering"
|
2020-11-16 16:45:31 +00:00
|
|
|
"github.com/stretchr/testify/assert"
|
2021-03-11 14:32:58 +00:00
|
|
|
"github.com/stretchr/testify/require"
|
2020-11-16 16:45:31 +00:00
|
|
|
)
|
|
|
|
|
2021-06-15 15:36:49 +01:00
|
|
|
// fakeSystemResolvers is a mock aghnet.SystemResolvers implementation for
|
|
|
|
// tests.
|
2021-06-01 12:28:34 +01:00
|
|
|
type fakeSystemResolvers struct {
|
|
|
|
// SystemResolvers is embedded here simply to make *fakeSystemResolvers
|
|
|
|
// an aghnet.SystemResolvers without actually implementing all methods.
|
|
|
|
aghnet.SystemResolvers
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get implements the aghnet.SystemResolvers interface for *fakeSystemResolvers.
|
|
|
|
// It always returns nil.
|
|
|
|
func (fsr *fakeSystemResolvers) Get() (rs []string) {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-04-07 18:16:06 +01:00
|
|
|
func loadTestData(t *testing.T, casesFileName string, cases interface{}) {
|
|
|
|
t.Helper()
|
|
|
|
|
|
|
|
var f *os.File
|
|
|
|
f, err := os.Open(filepath.Join("testdata", casesFileName))
|
|
|
|
require.NoError(t, err)
|
|
|
|
t.Cleanup(func() {
|
|
|
|
require.NoError(t, f.Close())
|
|
|
|
})
|
|
|
|
|
|
|
|
err = json.NewDecoder(f).Decode(cases)
|
|
|
|
require.NoError(t, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
const jsonExt = ".json"
|
|
|
|
|
2020-11-16 16:45:31 +00:00
|
|
|
func TestDNSForwardHTTTP_handleGetConfig(t *testing.T) {
|
2021-05-21 14:15:47 +01:00
|
|
|
filterConf := &filtering.Config{
|
2021-02-04 17:35:13 +00:00
|
|
|
SafeBrowsingEnabled: true,
|
|
|
|
SafeBrowsingCacheSize: 1000,
|
|
|
|
SafeSearchEnabled: true,
|
|
|
|
SafeSearchCacheSize: 1000,
|
|
|
|
ParentalCacheSize: 1000,
|
|
|
|
CacheTime: 30,
|
|
|
|
}
|
|
|
|
forwardConf := ServerConfig{
|
2021-03-23 09:32:07 +00:00
|
|
|
UDPListenAddrs: []*net.UDPAddr{},
|
|
|
|
TCPListenAddrs: []*net.TCPAddr{},
|
2021-02-04 17:35:13 +00:00
|
|
|
FilteringConfig: FilteringConfig{
|
|
|
|
ProtectionEnabled: true,
|
|
|
|
UpstreamDNS: []string{"8.8.8.8:53", "8.8.4.4:53"},
|
|
|
|
},
|
|
|
|
ConfigModified: func() {},
|
|
|
|
}
|
2021-04-09 19:01:21 +01:00
|
|
|
s := createTestServer(t, filterConf, forwardConf, nil)
|
2021-06-01 12:28:34 +01:00
|
|
|
s.sysResolvers = &fakeSystemResolvers{}
|
|
|
|
|
2021-03-11 14:32:58 +00:00
|
|
|
require.Nil(t, s.Start())
|
|
|
|
t.Cleanup(func() {
|
|
|
|
require.Nil(t, s.Stop())
|
|
|
|
})
|
2020-11-16 16:45:31 +00:00
|
|
|
|
|
|
|
defaultConf := s.conf
|
|
|
|
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
|
|
|
|
testCases := []struct {
|
|
|
|
conf func() ServerConfig
|
2021-04-07 18:16:06 +01:00
|
|
|
name string
|
2020-11-16 16:45:31 +00:00
|
|
|
}{{
|
|
|
|
conf: func() ServerConfig {
|
|
|
|
return defaultConf
|
|
|
|
},
|
2021-04-07 18:16:06 +01:00
|
|
|
name: "all_right",
|
2020-11-16 16:45:31 +00:00
|
|
|
}, {
|
|
|
|
conf: func() ServerConfig {
|
|
|
|
conf := defaultConf
|
|
|
|
conf.FastestAddr = true
|
2021-02-04 17:35:13 +00:00
|
|
|
|
2020-11-16 16:45:31 +00:00
|
|
|
return conf
|
|
|
|
},
|
2021-04-07 18:16:06 +01:00
|
|
|
name: "fastest_addr",
|
2020-11-16 16:45:31 +00:00
|
|
|
}, {
|
|
|
|
conf: func() ServerConfig {
|
|
|
|
conf := defaultConf
|
|
|
|
conf.AllServers = true
|
2021-02-04 17:35:13 +00:00
|
|
|
|
2020-11-16 16:45:31 +00:00
|
|
|
return conf
|
|
|
|
},
|
2021-04-07 18:16:06 +01:00
|
|
|
name: "parallel",
|
2020-11-16 16:45:31 +00:00
|
|
|
}}
|
|
|
|
|
2021-04-07 18:16:06 +01:00
|
|
|
var data map[string]json.RawMessage
|
|
|
|
loadTestData(t, t.Name()+jsonExt, &data)
|
|
|
|
|
2020-11-16 16:45:31 +00:00
|
|
|
for _, tc := range testCases {
|
2021-04-07 18:16:06 +01:00
|
|
|
caseWant, ok := data[tc.name]
|
|
|
|
require.True(t, ok)
|
|
|
|
|
2020-11-16 16:45:31 +00:00
|
|
|
t.Run(tc.name, func(t *testing.T) {
|
2021-03-11 14:32:58 +00:00
|
|
|
t.Cleanup(w.Body.Reset)
|
|
|
|
|
2020-11-16 16:45:31 +00:00
|
|
|
s.conf = tc.conf()
|
|
|
|
s.handleGetConfig(w, nil)
|
|
|
|
|
|
|
|
assert.Equal(t, "application/json", w.Header().Get("Content-Type"))
|
2021-04-07 18:16:06 +01:00
|
|
|
assert.JSONEq(t, string(caseWant), w.Body.String())
|
2020-11-16 16:45:31 +00:00
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestDNSForwardHTTTP_handleSetConfig(t *testing.T) {
|
2021-05-21 14:15:47 +01:00
|
|
|
filterConf := &filtering.Config{
|
2021-02-04 17:35:13 +00:00
|
|
|
SafeBrowsingEnabled: true,
|
|
|
|
SafeBrowsingCacheSize: 1000,
|
|
|
|
SafeSearchEnabled: true,
|
|
|
|
SafeSearchCacheSize: 1000,
|
|
|
|
ParentalCacheSize: 1000,
|
|
|
|
CacheTime: 30,
|
|
|
|
}
|
|
|
|
forwardConf := ServerConfig{
|
2021-03-23 09:32:07 +00:00
|
|
|
UDPListenAddrs: []*net.UDPAddr{},
|
|
|
|
TCPListenAddrs: []*net.TCPAddr{},
|
2021-02-04 17:35:13 +00:00
|
|
|
FilteringConfig: FilteringConfig{
|
|
|
|
ProtectionEnabled: true,
|
|
|
|
UpstreamDNS: []string{"8.8.8.8:53", "8.8.4.4:53"},
|
|
|
|
},
|
|
|
|
ConfigModified: func() {},
|
|
|
|
}
|
2021-04-09 19:01:21 +01:00
|
|
|
s := createTestServer(t, filterConf, forwardConf, nil)
|
2021-06-01 12:28:34 +01:00
|
|
|
s.sysResolvers = &fakeSystemResolvers{}
|
2020-11-16 16:45:31 +00:00
|
|
|
|
|
|
|
defaultConf := s.conf
|
|
|
|
|
|
|
|
err := s.Start()
|
|
|
|
assert.Nil(t, err)
|
2021-04-07 18:16:06 +01:00
|
|
|
t.Cleanup(func() {
|
2020-11-16 16:45:31 +00:00
|
|
|
assert.Nil(t, s.Stop())
|
2021-04-07 18:16:06 +01:00
|
|
|
})
|
2020-11-16 16:45:31 +00:00
|
|
|
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
|
|
|
|
testCases := []struct {
|
|
|
|
name string
|
|
|
|
wantSet string
|
|
|
|
}{{
|
|
|
|
name: "upstream_dns",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "bootstraps",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "blocking_mode_good",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "blocking_mode_bad",
|
2021-04-13 11:44:29 +01:00
|
|
|
wantSet: "blocking_mode: incorrect value",
|
2020-11-16 16:45:31 +00:00
|
|
|
}, {
|
|
|
|
name: "ratelimit",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "edns_cs_enabled",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "dnssec_enabled",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "cache_size",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "upstream_mode_parallel",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "upstream_mode_fastest_addr",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
2021-04-13 11:44:29 +01:00
|
|
|
name: "upstream_dns_bad",
|
|
|
|
wantSet: `wrong upstreams specification: address !!!: ` +
|
|
|
|
`missing port in address`,
|
2020-11-16 16:45:31 +00:00
|
|
|
}, {
|
2021-04-13 11:44:29 +01:00
|
|
|
name: "bootstraps_bad",
|
|
|
|
wantSet: `a can not be used as bootstrap dns cause: ` +
|
|
|
|
`invalid bootstrap server address: ` +
|
|
|
|
`Resolver a is not eligible to be a bootstrap DNS server`,
|
2020-11-16 16:45:31 +00:00
|
|
|
}, {
|
|
|
|
name: "cache_bad_ttl",
|
2021-04-13 11:44:29 +01:00
|
|
|
wantSet: `cache_ttl_min must be less or equal than cache_ttl_max`,
|
2020-11-16 16:45:31 +00:00
|
|
|
}, {
|
|
|
|
name: "upstream_mode_bad",
|
2021-04-13 11:44:29 +01:00
|
|
|
wantSet: `upstream_mode: incorrect value`,
|
2021-04-07 18:16:06 +01:00
|
|
|
}, {
|
|
|
|
name: "local_ptr_upstreams_good",
|
|
|
|
wantSet: "",
|
|
|
|
}, {
|
|
|
|
name: "local_ptr_upstreams_null",
|
|
|
|
wantSet: "",
|
2020-11-16 16:45:31 +00:00
|
|
|
}}
|
|
|
|
|
2021-04-07 18:16:06 +01:00
|
|
|
var data map[string]struct {
|
|
|
|
Req json.RawMessage `json:"req"`
|
|
|
|
Want json.RawMessage `json:"want"`
|
|
|
|
}
|
|
|
|
loadTestData(t, t.Name()+jsonExt, &data)
|
|
|
|
|
2020-11-16 16:45:31 +00:00
|
|
|
for _, tc := range testCases {
|
2021-04-07 18:16:06 +01:00
|
|
|
caseData, ok := data[tc.name]
|
|
|
|
require.True(t, ok)
|
|
|
|
|
2020-11-16 16:45:31 +00:00
|
|
|
t.Run(tc.name, func(t *testing.T) {
|
2021-03-11 14:32:58 +00:00
|
|
|
t.Cleanup(func() {
|
|
|
|
s.conf = defaultConf
|
|
|
|
})
|
|
|
|
|
2021-05-21 12:55:42 +01:00
|
|
|
rBody := io.NopCloser(bytes.NewReader(caseData.Req))
|
2021-03-11 18:30:52 +00:00
|
|
|
var r *http.Request
|
|
|
|
r, err = http.NewRequest(http.MethodPost, "http://example.com", rBody)
|
2021-03-11 14:32:58 +00:00
|
|
|
require.Nil(t, err)
|
2020-11-16 16:45:31 +00:00
|
|
|
|
|
|
|
s.handleSetConfig(w, r)
|
2021-04-13 11:44:29 +01:00
|
|
|
assert.Equal(t, tc.wantSet, strings.TrimSuffix(w.Body.String(), "\n"))
|
2020-11-16 16:45:31 +00:00
|
|
|
w.Body.Reset()
|
|
|
|
|
|
|
|
s.handleGetConfig(w, nil)
|
2021-04-07 18:16:06 +01:00
|
|
|
assert.JSONEq(t, string(caseData.Want), w.Body.String())
|
2020-11-16 16:45:31 +00:00
|
|
|
w.Body.Reset()
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
2021-04-07 14:36:38 +01:00
|
|
|
|
|
|
|
// TODO(a.garipov): Rewrite to check the actual error messages.
|
|
|
|
func TestValidateUpstream(t *testing.T) {
|
|
|
|
testCases := []struct {
|
|
|
|
name string
|
|
|
|
upstream string
|
|
|
|
valid bool
|
|
|
|
wantDef bool
|
|
|
|
}{{
|
|
|
|
name: "invalid",
|
|
|
|
upstream: "1.2.3.4.5",
|
|
|
|
valid: false,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "invalid",
|
|
|
|
upstream: "123.3.7m",
|
|
|
|
valid: false,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "invalid",
|
|
|
|
upstream: "htttps://google.com/dns-query",
|
|
|
|
valid: false,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "invalid",
|
|
|
|
upstream: "[/host.com]tls://dns.adguard.com",
|
|
|
|
valid: false,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "invalid",
|
|
|
|
upstream: "[host.ru]#",
|
|
|
|
valid: false,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "valid_default",
|
|
|
|
upstream: "1.1.1.1",
|
|
|
|
valid: true,
|
|
|
|
wantDef: true,
|
|
|
|
}, {
|
|
|
|
name: "valid_default",
|
|
|
|
upstream: "tls://1.1.1.1",
|
|
|
|
valid: true,
|
|
|
|
wantDef: true,
|
|
|
|
}, {
|
|
|
|
name: "valid_default",
|
|
|
|
upstream: "https://dns.adguard.com/dns-query",
|
|
|
|
valid: true,
|
|
|
|
wantDef: true,
|
|
|
|
}, {
|
|
|
|
name: "valid_default",
|
|
|
|
upstream: "sdns://AQMAAAAAAAAAFDE3Ni4xMDMuMTMwLjEzMDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20",
|
|
|
|
valid: true,
|
|
|
|
wantDef: true,
|
|
|
|
}, {
|
|
|
|
name: "valid",
|
|
|
|
upstream: "[/host.com/]1.1.1.1",
|
|
|
|
valid: true,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "valid",
|
|
|
|
upstream: "[//]tls://1.1.1.1",
|
|
|
|
valid: true,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "valid",
|
|
|
|
upstream: "[/www.host.com/]#",
|
|
|
|
valid: true,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "valid",
|
|
|
|
upstream: "[/host.com/google.com/]8.8.8.8",
|
|
|
|
valid: true,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "valid",
|
|
|
|
upstream: "[/host/]sdns://AQMAAAAAAAAAFDE3Ni4xMDMuMTMwLjEzMDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20",
|
|
|
|
valid: true,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "idna",
|
|
|
|
upstream: "[/пример.рф/]8.8.8.8",
|
|
|
|
valid: true,
|
|
|
|
wantDef: false,
|
|
|
|
}, {
|
|
|
|
name: "bad_domain",
|
|
|
|
upstream: "[/!/]8.8.8.8",
|
|
|
|
valid: false,
|
|
|
|
wantDef: false,
|
|
|
|
}}
|
|
|
|
|
|
|
|
for _, tc := range testCases {
|
|
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
|
|
defaultUpstream, err := validateUpstream(tc.upstream)
|
|
|
|
require.Equal(t, tc.valid, err == nil)
|
|
|
|
if tc.valid {
|
|
|
|
assert.Equal(t, tc.wantDef, defaultUpstream)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestValidateUpstreamsSet(t *testing.T) {
|
|
|
|
testCases := []struct {
|
|
|
|
name string
|
|
|
|
msg string
|
|
|
|
set []string
|
|
|
|
wantNil bool
|
|
|
|
}{{
|
|
|
|
name: "empty",
|
|
|
|
msg: "empty upstreams array should be valid",
|
|
|
|
set: nil,
|
|
|
|
wantNil: true,
|
|
|
|
}, {
|
|
|
|
name: "comment",
|
|
|
|
msg: "comments should not be validated",
|
|
|
|
set: []string{"# comment"},
|
|
|
|
wantNil: true,
|
|
|
|
}, {
|
|
|
|
name: "valid_no_default",
|
|
|
|
msg: "there is no default upstream",
|
|
|
|
set: []string{
|
|
|
|
"[/host.com/]1.1.1.1",
|
|
|
|
"[//]tls://1.1.1.1",
|
|
|
|
"[/www.host.com/]#",
|
|
|
|
"[/host.com/google.com/]8.8.8.8",
|
|
|
|
"[/host/]sdns://AQMAAAAAAAAAFDE3Ni4xMDMuMTMwLjEzMDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20",
|
|
|
|
},
|
|
|
|
wantNil: false,
|
|
|
|
}, {
|
|
|
|
name: "valid_with_default",
|
|
|
|
msg: "upstreams set is valid, but doesn't pass through validation cause: %s",
|
|
|
|
set: []string{
|
|
|
|
"[/host.com/]1.1.1.1",
|
|
|
|
"[//]tls://1.1.1.1",
|
|
|
|
"[/www.host.com/]#",
|
|
|
|
"[/host.com/google.com/]8.8.8.8",
|
|
|
|
"[/host/]sdns://AQMAAAAAAAAAFDE3Ni4xMDMuMTMwLjEzMDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20",
|
|
|
|
"8.8.8.8",
|
|
|
|
},
|
|
|
|
wantNil: true,
|
|
|
|
}, {
|
|
|
|
name: "invalid",
|
|
|
|
msg: "there is an invalid upstream in set, but it pass through validation",
|
|
|
|
set: []string{"dhcp://fake.dns"},
|
|
|
|
wantNil: false,
|
|
|
|
}}
|
|
|
|
|
|
|
|
for _, tc := range testCases {
|
|
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
|
|
err := ValidateUpstreams(tc.set)
|
|
|
|
|
|
|
|
assert.Equalf(t, tc.wantNil, err == nil, tc.msg, err)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|