d2_cfg_mgr_unittests.cc 49.3 KB
Newer Older
1
// Copyright (C) 2013-2014 Internet Systems Consortium, Inc. ("ISC")
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.

#include <config/module_spec.h>
#include <d2/d2_config.h>
#include <d2/d2_cfg_mgr.h>
#include <d_test_stubs.h>
19
#include <test_data_files_config.h>
20
#include <util/encode/base64.h>
21 22 23 24 25 26 27 28 29 30

#include <boost/foreach.hpp>
#include <gtest/gtest.h>

using namespace std;
using namespace isc;
using namespace isc::d2;

namespace {

31 32 33 34
std::string specfile(const std::string& name) {
    return (std::string(D2_SRC_DIR) + "/" + name);
}

35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56
/// @brief Test fixture class for testing D2CfgMgr class.
/// It maintains an member instance of D2CfgMgr and provides methods for
/// converting JSON strings to configuration element sets, checking parse
/// results, and accessing the configuration context.
class D2CfgMgrTest : public ConfigParseTest {
public:

    /// @brief Constructor
    D2CfgMgrTest():cfg_mgr_(new D2CfgMgr) {
    }

    /// @brief Destructor
    ~D2CfgMgrTest() {
    }

    /// @brief Configuration manager instance.
    D2CfgMgrPtr cfg_mgr_;
};

/// @brief Tests that the spec file is valid.
/// Verifies that the BIND10 DHCP-DDNS configuration specification file
//  is valid.
57
TEST(D2SpecTest, basicSpec) {
58 59
    ASSERT_NO_THROW(isc::config::
                    moduleSpecFromFile(specfile("dhcp-ddns.spec")));
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81
}

/// @brief Convenience function which compares the contents of the given
/// DnsServerInfo against the given set of values.
///
/// It is structured in such a way that each value is checked, and output
/// is generate for all that do not match.
///
/// @param server is a pointer to the server to check against.
/// @param hostname is the value to compare against server's hostname_.
/// @param ip_address is the string value to compare against server's
/// ip_address_.
/// @param port is the value to compare against server's port.
///
/// @return returns true if there is a match across the board, otherwise it
/// returns false.
bool checkServer(DnsServerInfoPtr server, const char* hostname,
                 const char *ip_address, uint32_t port)
{
    // Return value, assume its a match.
    bool result = true;

82
    if (!server) {
83 84 85 86 87 88
        EXPECT_TRUE(server);
        return false;
    }

    // Check hostname.
    if (server->getHostname() != hostname) {
89
        EXPECT_EQ(hostname, server->getHostname());
90 91 92 93 94
        result = false;
    }

    // Check IP address.
    if (server->getIpAddress().toText() != ip_address) {
95
        EXPECT_EQ(ip_address, server->getIpAddress().toText());
96 97 98 99 100
        result = false;
    }

    // Check port.
    if (server->getPort() !=  port) {
101
        EXPECT_EQ (port, server->getPort());
102 103 104 105 106 107
        result = false;
    }

    return (result);
}

108 109 110 111 112 113 114 115 116 117 118 119 120
/// @brief Convenience function which compares the contents of the given
/// TSIGKeyInfo against the given set of values.
///
/// It is structured in such a way that each value is checked, and output
/// is generate for all that do not match.
///
/// @param key is a pointer to the key to check against.
/// @param name is the value to compare against key's name_.
/// @param algorithm is the string value to compare against key's algorithm.
/// @param secret is the value to compare against key's secret.
///
/// @return returns true if there is a match across the board, otherwise it
/// returns false.
121 122
bool checkKey(TSIGKeyInfoPtr key, const std::string& name,
                 const std::string& algorithm, const std::string& secret)
123 124 125
{
    // Return value, assume its a match.
    bool result = true;
126
    if (!key) {
127 128 129 130 131 132
        EXPECT_TRUE(key);
        return false;
    }

    // Check name.
    if (key->getName() != name) {
133
        EXPECT_EQ(name, key->getName());
134 135 136
        result = false;
    }

137
    // Check algorithm.
138
    if (key->getAlgorithm() != algorithm) {
139
        EXPECT_EQ(algorithm, key->getAlgorithm());
140 141 142 143 144
        result = false;
    }

    // Check secret.
    if (key->getSecret() !=  secret) {
145
        EXPECT_EQ (secret, key->getSecret());
146 147 148
        result = false;
    }

149 150 151 152 153
    if (!key->getTSIGKey()) {
        EXPECT_TRUE (key->getTSIGKey());
        return false;
    }

154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183
    return (result);
}

/// @brief Test fixture class for testing DnsServerInfo parsing.
class TSIGKeyInfoTest : public ConfigParseTest {
public:

    /// @brief Constructor
    TSIGKeyInfoTest() {
        reset();
    }

    /// @brief Destructor
    ~TSIGKeyInfoTest() {
    }

    /// @brief Wipe out the current storage and parser and replace
    /// them with new ones.
    void reset() {
        keys_.reset(new TSIGKeyInfoMap());
        parser_.reset(new TSIGKeyInfoParser("test", keys_));
    }

    /// @brief Storage for "committing" keys.
    TSIGKeyInfoMapPtr keys_;

    /// @brief Pointer to the current parser instance.
    isc::dhcp::ParserPtr parser_;
};

184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210
/// @brief Test fixture class for testing DnsServerInfo parsing.
class DnsServerInfoTest : public ConfigParseTest {
public:

    /// @brief Constructor
    DnsServerInfoTest() {
        reset();
    }

    /// @brief Destructor
    ~DnsServerInfoTest() {
    }

    /// @brief Wipe out the current storage and parser and replace
    /// them with new ones.
    void reset() {
        servers_.reset(new DnsServerInfoStorage());
        parser_.reset(new DnsServerInfoParser("test", servers_));
    }

    /// @brief Storage for "committing" servers.
    DnsServerInfoStoragePtr servers_;

    /// @brief Pointer to the current parser instance.
    isc::dhcp::ParserPtr parser_;
};

211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240

/// @brief Test fixture class for testing DDnsDomain parsing.
class DdnsDomainTest : public ConfigParseTest {
public:

    /// @brief Constructor
    DdnsDomainTest() {
        reset();
    }

    /// @brief Destructor
    ~DdnsDomainTest() {
    }

    /// @brief Wipe out the current storage and parser and replace
    /// them with new ones.
    void reset() {
        keys_.reset(new TSIGKeyInfoMap());
        domains_.reset(new DdnsDomainMap());
        parser_.reset(new DdnsDomainParser("test", domains_, keys_));
    }

    /// @brief Add TSIGKeyInfos to the key map
    ///
    /// @param name the name of the key
    /// @param algorithm the algorithm of the key
    /// @param secret the secret value of the key
    void addKey(const std::string& name, const std::string& algorithm,
                const std::string& secret) {
        TSIGKeyInfoPtr key_info(new TSIGKeyInfo(name, algorithm, secret));
241
        (*keys_)[name]=key_info;
242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257
    }

    /// @brief Storage for "committing" domains.
    DdnsDomainMapPtr domains_;

    /// @brief Storage for TSIGKeys
    TSIGKeyInfoMapPtr keys_;

    /// @brief Pointer to the current parser instance.
    isc::dhcp::ParserPtr parser_;
};

/// @brief Tests the enforcement of data validation when parsing TSIGKeyInfos.
/// It verifies that:
/// 1. Name cannot be blank.
/// 2. Algorithm cannot be blank.
258
/// 3. Secret cannot be blank.
259
TEST_F(TSIGKeyInfoTest, invalidEntry) {
260 261 262
    // Config with a blank name entry.
    std::string config = "{"
                         " \"name\": \"\" , "
263
                         " \"algorithm\": \"MD5\" , "
264
                         "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
265
                         "}";
266
    ASSERT_TRUE(fromJSON(config));
267

268 269
    // Verify that build fails on blank name.
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
270 271 272 273 274

    // Config with a blank algorithm entry.
    config = "{"
                         " \"name\": \"d2_key_one\" , "
                         " \"algorithm\": \"\" , "
275
                         "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
276 277
                         "}";

278
    ASSERT_TRUE(fromJSON(config));
279

280 281
    // Verify that build fails on blank algorithm.
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
282

283 284 285 286
    // Config with an invalid algorithm entry.
    config = "{"
                         " \"name\": \"d2_key_one\" , "
                         " \"algorithm\": \"bogus\" , "
287
                         "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
288 289 290 291 292 293 294
                         "}";

    ASSERT_TRUE(fromJSON(config));

    // Verify that build fails on blank algorithm.
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);

295 296 297
    // Config with a blank secret entry.
    config = "{"
                         " \"name\": \"d2_key_one\" , "
298
                         " \"algorithm\": \"MD5\" , "
299 300 301
                         " \"secret\": \"\" "
                         "}";

302
    ASSERT_TRUE(fromJSON(config));
303

304 305
    // Verify that build fails blank secret
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
306 307 308 309 310 311 312 313 314 315 316 317

    // Config with an invalid secret entry.
    config = "{"
                         " \"name\": \"d2_key_one\" , "
                         " \"algorithm\": \"MD5\" , "
                         " \"secret\": \"bogus\" "
                         "}";

    ASSERT_TRUE(fromJSON(config));

    // Verify that build fails an invalid secret
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
318 319 320 321
}

/// @brief Verifies that TSIGKeyInfo parsing creates a proper TSIGKeyInfo
/// when given a valid combination of entries.
322
TEST_F(TSIGKeyInfoTest, validEntry) {
323 324 325
    // Valid entries for TSIG key, all items are required.
    std::string config = "{"
                         " \"name\": \"d2_key_one\" , "
326
                         " \"algorithm\": \"MD5\" , "
327
                         " \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
328
                         "}";
329
    ASSERT_TRUE(fromJSON(config));
330 331

    // Verify that it builds and commits without throwing.
332 333
    //ASSERT_NO_THROW(parser_->build(config_set_));
    (parser_->build(config_set_));
334 335 336 337
    ASSERT_NO_THROW(parser_->commit());

    // Verify the correct number of keys are present
    int count =  keys_->size();
338
    EXPECT_EQ(1, count);
339 340 341 342 343 344 345

    // Find the key and retrieve it.
    TSIGKeyInfoMap::iterator gotit = keys_->find("d2_key_one");
    ASSERT_TRUE(gotit != keys_->end());
    TSIGKeyInfoPtr& key = gotit->second;

    // Verify the key contents.
346 347
    EXPECT_TRUE(checkKey(key, "d2_key_one", "MD5",
                         "dGhpcyBrZXkgd2lsbCBtYXRjaA=="));
348 349 350 351 352 353 354 355 356
}

/// @brief Verifies that attempting to parse an invalid list of TSIGKeyInfo
/// entries is detected.
TEST_F(TSIGKeyInfoTest, invalidTSIGKeyList) {
    // Construct a list of keys with an invalid key entry.
    std::string config = "["

                         " { \"name\": \"key1\" , "
357
                         "   \"algorithm\": \"MD5\" ,"
358
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
359
                         " },"
360
                         // this entry has an invalid algorithm
361 362
                         " { \"name\": \"key2\" , "
                         "   \"algorithm\": \"\" ,"
363
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
364 365
                         " },"
                         " { \"name\": \"key3\" , "
366
                         "   \"algorithm\": \"MD5\" ,"
367
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
368 369 370
                         " }"
                         " ]";

371
    ASSERT_TRUE(fromJSON(config));
372 373 374 375 376 377

    // Create the list parser.
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new TSIGKeyInfoListParser("test", keys_)));

    // Verify that the list builds without errors.
378
    EXPECT_THROW(parser->build(config_set_), D2CfgError);
379 380 381 382 383 384 385 386 387
}

/// @brief Verifies that attempting to parse an invalid list of TSIGKeyInfo
/// entries is detected.
TEST_F(TSIGKeyInfoTest, duplicateTSIGKey) {
    // Construct a list of keys with an invalid key entry.
    std::string config = "["

                         " { \"name\": \"key1\" , "
388
                         "   \"algorithm\": \"MD5\" ,"
389
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
390 391
                         " },"
                         " { \"name\": \"key2\" , "
392
                         "   \"algorithm\": \"MD5\" ,"
393
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
394 395
                         " },"
                         " { \"name\": \"key1\" , "
396
                         "   \"algorithm\": \"MD5\" ,"
397
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
398 399 400
                         " }"
                         " ]";

401
    ASSERT_TRUE(fromJSON(config));
402 403 404 405 406 407

    // Create the list parser.
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new TSIGKeyInfoListParser("test", keys_)));

    // Verify that the list builds without errors.
408
    EXPECT_THROW(parser->build(config_set_), D2CfgError);
409 410 411
}

/// @brief Verifies a valid list of TSIG Keys parses correctly.
412
/// Also verifies that all of the supported algorithm names work.
413
TEST_F(TSIGKeyInfoTest, validTSIGKeyList) {
414
    // Construct a valid list of keys.
415 416 417
    std::string config = "["

                         " { \"name\": \"key1\" , "
418
                         "   \"algorithm\": \"MD5\" ,"
419
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
420 421
                         " },"
                         " { \"name\": \"key2\" , "
422
                         "   \"algorithm\": \"SHA1\" ,"
423
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
424 425
                         " },"
                         " { \"name\": \"key3\" , "
426
                         "   \"algorithm\": \"SHA256\" ,"
427
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
428 429 430
                         " },"
                         " { \"name\": \"key4\" , "
                         "   \"algorithm\": \"SHA224\" ,"
431
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
432 433 434
                         " },"
                         " { \"name\": \"key5\" , "
                         "   \"algorithm\": \"SHA384\" ,"
435
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
436 437 438
                         " },"
                         " { \"name\": \"key6\" , "
                         "   \"algorithm\": \"SHA512\" ,"
439
                         "   \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
440 441 442
                         " }"
                         " ]";

443
    ASSERT_TRUE(fromJSON(config));
444 445 446 447 448 449 450 451

    // Verify that the list builds and commits without errors.
    // Create the list parser.
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new TSIGKeyInfoListParser("test", keys_)));
    ASSERT_NO_THROW(parser->build(config_set_));
    ASSERT_NO_THROW(parser->commit());

452
    std::string ref_secret = "dGhpcyBrZXkgd2lsbCBtYXRjaA==";
453 454
    // Verify the correct number of keys are present
    int count =  keys_->size();
455
    ASSERT_EQ(6, count);
456 457 458 459 460 461 462

    // Find the 1st key and retrieve it.
    TSIGKeyInfoMap::iterator gotit = keys_->find("key1");
    ASSERT_TRUE(gotit != keys_->end());
    TSIGKeyInfoPtr& key = gotit->second;

    // Verify the key contents.
463
    EXPECT_TRUE(checkKey(key, "key1", TSIGKeyInfo::MD5_STR, ref_secret));
464 465 466 467 468 469 470

    // Find the 2nd key and retrieve it.
    gotit = keys_->find("key2");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
471
    EXPECT_TRUE(checkKey(key, "key2", TSIGKeyInfo::SHA1_STR, ref_secret));
472 473 474 475 476 477 478

    // Find the 3rd key and retrieve it.
    gotit = keys_->find("key3");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
479
    EXPECT_TRUE(checkKey(key, "key3", TSIGKeyInfo::SHA256_STR, ref_secret));
480 481 482 483 484 485 486

    // Find the 4th key and retrieve it.
    gotit = keys_->find("key4");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
487
    EXPECT_TRUE(checkKey(key, "key4", TSIGKeyInfo::SHA224_STR, ref_secret));
488 489 490 491 492 493 494

    // Find the 5th key and retrieve it.
    gotit = keys_->find("key5");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
495
    EXPECT_TRUE(checkKey(key, "key5", TSIGKeyInfo::SHA384_STR, ref_secret));
496 497 498 499 500 501 502

    // Find the 6th key and retrieve it.
    gotit = keys_->find("key6");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
503
    EXPECT_TRUE(checkKey(key, "key6", TSIGKeyInfo::SHA512_STR, ref_secret));
504 505
}

506 507 508 509 510
/// @brief Tests the enforcement of data validation when parsing DnsServerInfos.
/// It verifies that:
/// 1. Specifying both a hostname and an ip address is not allowed.
/// 2. Specifying both blank a hostname and blank ip address is not allowed.
/// 3. Specifying a negative port number is not allowed.
511
TEST_F(DnsServerInfoTest, invalidEntry) {
512
    // Create a config in which both host and ip address are supplied.
513
    // Verify that build fails.
514 515
    std::string config = "{ \"hostname\": \"pegasus.tmark\", "
                         "  \"ip_address\": \"127.0.0.1\" } ";
516
    ASSERT_TRUE(fromJSON(config));
517
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
518 519

    // Neither host nor ip address supplied
520
    // Verify that builds fails.
521 522
    config = "{ \"hostname\": \"\", "
             "  \"ip_address\": \"\" } ";
523
    ASSERT_TRUE(fromJSON(config));
524
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
525 526 527 528 529

    // Create a config with a negative port number.
    // Verify that build fails.
    config = "{ \"ip_address\": \"192.168.5.6\" ,"
             "  \"port\": -100 }";
530
    ASSERT_TRUE(fromJSON(config));
531 532 533
    EXPECT_THROW (parser_->build(config_set_), isc::BadValue);
}

534

535 536 537 538 539 540
/// @brief Verifies that DnsServerInfo parsing creates a proper DnsServerInfo
/// when given a valid combination of entries.
/// It verifies that:
/// 1. A DnsServerInfo entry is correctly made, when given only a hostname.
/// 2. A DnsServerInfo entry is correctly made, when given ip address and port.
/// 3. A DnsServerInfo entry is correctly made, when given only an ip address.
541
TEST_F(DnsServerInfoTest, validEntry) {
542 543
    // Valid entries for dynamic host
    std::string config = "{ \"hostname\": \"pegasus.tmark\" }";
544
    ASSERT_TRUE(fromJSON(config));
545 546 547 548 549 550 551

    // Verify that it builds and commits without throwing.
    ASSERT_NO_THROW(parser_->build(config_set_));
    ASSERT_NO_THROW(parser_->commit());

    // Verify the correct number of servers are present
    int count =  servers_->size();
552
    EXPECT_EQ(1, count);
553 554 555 556

    // Verify the server exists and has the correct values.
    DnsServerInfoPtr server = (*servers_)[0];
    EXPECT_TRUE(checkServer(server, "pegasus.tmark",
557 558
                            DnsServerInfo::EMPTY_IP_STR,
                            DnsServerInfo::STANDARD_DNS_PORT));
559 560 561 562 563 564 565

    // Start over for a new test.
    reset();

    // Valid entries for static ip
    config = " { \"ip_address\": \"127.0.0.1\" , "
             "  \"port\": 100 }";
566
    ASSERT_TRUE(fromJSON(config));
567 568 569 570 571 572 573

    // Verify that it builds and commits without throwing.
    ASSERT_NO_THROW(parser_->build(config_set_));
    ASSERT_NO_THROW(parser_->commit());

    // Verify the correct number of servers are present
    count =  servers_->size();
574
    EXPECT_EQ(1, count);
575 576 577 578 579 580 581 582 583 584

    // Verify the server exists and has the correct values.
    server = (*servers_)[0];
    EXPECT_TRUE(checkServer(server, "", "127.0.0.1", 100));

    // Start over for a new test.
    reset();

    // Valid entries for static ip, no port
    config = " { \"ip_address\": \"192.168.2.5\" }";
585
    ASSERT_TRUE(fromJSON(config));
586 587 588 589 590 591 592

    // Verify that it builds and commits without throwing.
    ASSERT_NO_THROW(parser_->build(config_set_));
    ASSERT_NO_THROW(parser_->commit());

    // Verify the correct number of servers are present
    count =  servers_->size();
593
    EXPECT_EQ(1, count);
594 595 596 597

    // Verify the server exists and has the correct values.
    server = (*servers_)[0];
    EXPECT_TRUE(checkServer(server, "", "192.168.2.5",
598
                            DnsServerInfo::STANDARD_DNS_PORT));
599 600 601 602 603 604 605 606 607
}

/// @brief Verifies that attempting to parse an invalid list of DnsServerInfo
/// entries is detected.
TEST_F(ConfigParseTest, invalidServerList) {
    // Construct a list of servers with an invalid server entry.
    std::string config = "[ { \"hostname\": \"one.tmark\" }, "
                        "{ \"hostname\": \"\" }, "
                        "{ \"hostname\": \"three.tmark\" } ]";
608
    ASSERT_TRUE(fromJSON(config));
609 610 611 612 613 614

    // Create the server storage and list parser.
    DnsServerInfoStoragePtr servers(new DnsServerInfoStorage());
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new DnsServerInfoListParser("test", servers)));

615 616
    // Verify that build fails.
    EXPECT_THROW(parser->build(config_set_), D2CfgError);
617 618 619 620 621 622 623 624 625
}

/// @brief Verifies that a list of DnsServerInfo entries parses correctly given
/// a valid configuration.
TEST_F(ConfigParseTest, validServerList) {
    // Create a valid list of servers.
    std::string config = "[ { \"hostname\": \"one.tmark\" }, "
                        "{ \"hostname\": \"two.tmark\" }, "
                        "{ \"hostname\": \"three.tmark\" } ]";
626
    ASSERT_TRUE(fromJSON(config));
627 628 629 630 631 632 633 634 635 636 637 638

    // Create the server storage and list parser.
    DnsServerInfoStoragePtr servers(new DnsServerInfoStorage());
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new DnsServerInfoListParser("test", servers)));

    // Verfiy that the list builds and commits without error.
    ASSERT_NO_THROW(parser->build(config_set_));
    ASSERT_NO_THROW(parser->commit());

    // Verify that the server storage contains the correct number of servers.
    int count =  servers->size();
639
    EXPECT_EQ(3, count);
640 641 642

    // Verify the first server exists and has the correct values.
    DnsServerInfoPtr server = (*servers)[0];
643 644
    EXPECT_TRUE(checkServer(server, "one.tmark", DnsServerInfo::EMPTY_IP_STR,
                            DnsServerInfo::STANDARD_DNS_PORT));
645 646 647

    // Verify the second server exists and has the correct values.
    server = (*servers)[1];
648 649
    EXPECT_TRUE(checkServer(server, "two.tmark", DnsServerInfo::EMPTY_IP_STR,
                            DnsServerInfo::STANDARD_DNS_PORT));
650 651 652

    // Verify the third server exists and has the correct values.
    server = (*servers)[2];
653 654
    EXPECT_TRUE(checkServer(server, "three.tmark", DnsServerInfo::EMPTY_IP_STR,
                            DnsServerInfo::STANDARD_DNS_PORT));
655 656 657 658 659 660 661 662
}

/// @brief Tests the enforcement of data validation when parsing DdnsDomains.
/// It verifies that:
/// 1. Domain storage cannot be null when constructing a DdnsDomainParser.
/// 2. The name entry is not optional.
/// 3. The server list man not be empty.
/// 4. That a mal-formed server entry is detected.
663 664
/// 5. That an undefined key name is detected.
TEST_F(DdnsDomainTest, invalidDdnsDomainEntry) {
665
    // Verify that attempting to construct the parser with null storage fails.
666 667 668
    DdnsDomainMapPtr domains;
    ASSERT_THROW(isc::dhcp::ParserPtr(
                 new DdnsDomainParser("test", domains, keys_)), D2CfgError);
669 670 671 672 673 674 675 676 677 678

    // Create a domain configuration without a name
    std::string config = "{  \"key_name\": \"d2_key.tmark.org\" , "
                         "  \"dns_servers\" : [ "
                         "  {  \"ip_address\": \"127.0.0.1\" , "
                         "    \"port\": 100 },"
                         "  { \"ip_address\": \"127.0.0.2\" , "
                         "    \"port\": 200 },"
                         "  {  \"ip_address\": \"127.0.0.3\" , "
                         "    \"port\": 300 } ] } ";
679
    ASSERT_TRUE(fromJSON(config));
680

681 682
    // Verify that the domain configuration builds fails.
    EXPECT_THROW(parser_->build(config_set_), isc::dhcp::DhcpConfigError);
683 684 685 686 687 688

    // Create a domain configuration with an empty server list.
    config = "{ \"name\": \"tmark.org\" , "
             "  \"key_name\": \"d2_key.tmark.org\" , "
             "  \"dns_servers\" : [ "
             "   ] } ";
689
    ASSERT_TRUE(fromJSON(config));
690 691

    // Verify that the domain configuration build fails.
692
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
693 694 695 696 697 698 699

    // Create a domain configuration with a mal-formed server entry.
    config = "{ \"name\": \"tmark.org\" , "
             "  \"key_name\": \"d2_key.tmark.org\" , "
             "  \"dns_servers\" : [ "
             "  {  \"ip_address\": \"127.0.0.3\" , "
             "    \"port\": -1 } ] } ";
700
    ASSERT_TRUE(fromJSON(config));
701 702

    // Verify that the domain configuration build fails.
703
    EXPECT_THROW(parser_->build(config_set_), isc::BadValue);
704

705 706 707 708 709 710
    // Create a domain configuration without an defined key name
    config = "{ \"name\": \"tmark.org\" , "
             "  \"key_name\": \"d2_key.tmark.org\" , "
             "  \"dns_servers\" : [ "
             "  {  \"ip_address\": \"127.0.0.3\" , "
             "    \"port\": 300 } ] } ";
711
    ASSERT_TRUE(fromJSON(config));
712

713 714
    // Verify that the domain configuration build fails.
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
715
}
716 717 718 719 720 721

/// @brief Verifies the basics of parsing DdnsDomains.
/// It verifies that:
/// 1. Valid construction of DdnsDomainParser functions.
/// 2. Given a valid, configuration entry, DdnsDomainParser parses
/// correctly.
722 723
/// (It indirectly verifies the operation of DdnsDomainMap).
TEST_F(DdnsDomainTest, ddnsDomainParsing) {
724 725 726 727 728 729 730 731 732 733 734 735
    // Create a valid domain configuration entry containing three valid
    // servers.
    std::string config =
                        "{ \"name\": \"tmark.org\" , "
                        "  \"key_name\": \"d2_key.tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  {  \"ip_address\": \"127.0.0.1\" , "
                        "    \"port\": 100 },"
                        "  { \"ip_address\": \"127.0.0.2\" , "
                        "    \"port\": 200 },"
                        "  {  \"ip_address\": \"127.0.0.3\" , "
                        "    \"port\": 300 } ] } ";
736
    ASSERT_TRUE(fromJSON(config));
737

738
    // Add a TSIG key to the test key map, so key validation will pass.
739
    addKey("d2_key.tmark.org", "md5", "GWG/Xfbju4O2iXGqkSu4PQ==");
740 741

    // Verify that the domain configuration builds and commits without error.
742 743
    ASSERT_NO_THROW(parser_->build(config_set_));
    ASSERT_NO_THROW(parser_->commit());
744 745

    // Verify that the domain storage contains the correct number of domains.
746
    int count =  domains_->size();
747
    EXPECT_EQ(1, count);
748 749 750

    // Verify that the expected domain exists and can be retrieved from
    // the storage.
751 752
    DdnsDomainMap::iterator gotit = domains_->find("tmark.org");
    ASSERT_TRUE(gotit != domains_->end());
753 754 755
    DdnsDomainPtr& domain = gotit->second;

    // Verify the name and key_name values.
756 757
    EXPECT_EQ("tmark.org", domain->getName());
    EXPECT_EQ("d2_key.tmark.org", domain->getKeyName());
758 759
    ASSERT_TRUE(domain->getTSIGKeyInfo());
    ASSERT_TRUE(domain->getTSIGKeyInfo()->getTSIGKey());
760 761 762 763 764 765

    // Verify that the server list exists and contains the correct number of
    // servers.
    const DnsServerInfoStoragePtr& servers = domain->getServers();
    EXPECT_TRUE(servers);
    count =  servers->size();
766
    EXPECT_EQ(3, count);
767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787

    // Fetch each server and verify its contents.
    DnsServerInfoPtr server = (*servers)[0];
    EXPECT_TRUE(server);

    EXPECT_TRUE(checkServer(server, "", "127.0.0.1", 100));

    server = (*servers)[1];
    EXPECT_TRUE(server);

    EXPECT_TRUE(checkServer(server, "", "127.0.0.2", 200));

    server = (*servers)[2];
    EXPECT_TRUE(server);

    EXPECT_TRUE(checkServer(server, "", "127.0.0.3", 300));
}

/// @brief Tests the fundamentals of parsing DdnsDomain lists.
/// This test verifies that given a valid domain list configuration
/// it will accurately parse and populate each domain in the list.
788
TEST_F(DdnsDomainTest, DdnsDomainListParsing) {
789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813
    // Create a valid domain list configuration, with two domains
    // that have three servers each.
    std::string config =
                        "[ "
                        "{ \"name\": \"tmark.org\" , "
                        "  \"key_name\": \"d2_key.tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"ip_address\": \"127.0.0.1\" , "
                        "    \"port\": 100 },"
                        "  { \"ip_address\": \"127.0.0.2\" , "
                        "    \"port\": 200 },"
                        "  { \"ip_address\": \"127.0.0.3\" , "
                        "    \"port\": 300 } ] } "
                        ", "
                        "{ \"name\": \"billcat.net\" , "
                        "  \"key_name\": \"d2_key.billcat.net\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"ip_address\": \"127.0.0.4\" , "
                        "    \"port\": 400 },"
                        "  { \"ip_address\": \"127.0.0.5\" , "
                        "    \"port\": 500 },"
                        "  { \"ip_address\": \"127.0.0.6\" , "
                        "    \"port\": 600 } ] } "
                        "] ";

814
    ASSERT_TRUE(fromJSON(config));
815

816
    // Add keys to key map so key validation passes.
817 818
    addKey("d2_key.tmark.org", "MD5", "GWG/Xfbju4O2iXGqkSu4PQ==");
    addKey("d2_key.billcat.net", "MD5", "GWG/Xfbju4O2iXGqkSu4PQ==");
819 820

    // Create the list parser
821
    isc::dhcp::ParserPtr list_parser;
822 823
    ASSERT_NO_THROW(list_parser.reset(
                    new DdnsDomainListParser("test", domains_, keys_)));
824 825

    // Verify that the domain configuration builds and commits without error.
826 827
    ASSERT_NO_THROW(list_parser->build(config_set_));
    ASSERT_NO_THROW(list_parser->commit());
828 829

    // Verify that the domain storage contains the correct number of domains.
830
    int count =  domains_->size();
831
    EXPECT_EQ(2, count);
832 833

    // Verify that the first domain exists and can be retrieved.
834 835
    DdnsDomainMap::iterator gotit = domains_->find("tmark.org");
    ASSERT_TRUE(gotit != domains_->end());
836 837 838
    DdnsDomainPtr& domain = gotit->second;

    // Verify the name and key_name values of the first domain.
839 840
    EXPECT_EQ("tmark.org", domain->getName());
    EXPECT_EQ("d2_key.tmark.org", domain->getKeyName());
841 842
    ASSERT_TRUE(domain->getTSIGKeyInfo());
    ASSERT_TRUE(domain->getTSIGKeyInfo()->getTSIGKey());
843 844 845 846 847

    // Verify the each of the first domain's servers
    DnsServerInfoStoragePtr servers = domain->getServers();
    EXPECT_TRUE(servers);
    count =  servers->size();
848
    EXPECT_EQ(3, count);
849 850 851 852 853 854 855 856 857 858 859 860 861 862

    DnsServerInfoPtr server = (*servers)[0];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.1", 100));

    server = (*servers)[1];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.2", 200));

    server = (*servers)[2];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.3", 300));

    // Verify second domain
863 864
    gotit = domains_->find("billcat.net");
    ASSERT_TRUE(gotit != domains_->end());
865 866 867
    domain = gotit->second;

    // Verify the name and key_name values of the second domain.
868 869
    EXPECT_EQ("billcat.net", domain->getName());
    EXPECT_EQ("d2_key.billcat.net", domain->getKeyName());
870 871
    ASSERT_TRUE(domain->getTSIGKeyInfo());
    ASSERT_TRUE(domain->getTSIGKeyInfo()->getTSIGKey());
872 873 874 875 876

    // Verify the each of second domain's servers
    servers = domain->getServers();
    EXPECT_TRUE(servers);
    count =  servers->size();
877
    EXPECT_EQ(3, count);
878 879 880 881 882 883 884 885 886 887 888 889 890 891 892

    server = (*servers)[0];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.4", 400));

    server = (*servers)[1];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.5", 500));

    server = (*servers)[2];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.6", 600));
}

/// @brief Tests that a domain list configuration cannot contain duplicates.
893
TEST_F(DdnsDomainTest, duplicateDomain) {
894 895 896 897 898 899 900 901 902 903 904 905 906 907
    // Create a domain list configuration that contains two domains with
    // the same name.
    std::string config =
                        "[ "
                        "{ \"name\": \"tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"ip_address\": \"127.0.0.3\" , "
                        "    \"port\": 300 } ] } "
                        ", "
                        "{ \"name\": \"tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"ip_address\": \"127.0.0.3\" , "
                        "    \"port\": 300 } ] } "
                        "] ";
908
    ASSERT_TRUE(fromJSON(config));
909

910
    // Create the list parser
911
    isc::dhcp::ParserPtr list_parser;
912 913
    ASSERT_NO_THROW(list_parser.reset(
                    new DdnsDomainListParser("test", domains_, keys_)));
914

915 916
    // Verify that the parse build fails.
    EXPECT_THROW(list_parser->build(config_set_), D2CfgError);
917 918 919 920 921 922 923 924
}

/// @brief Tests construction of D2CfgMgr
/// This test verifies that a D2CfgMgr constructs properly.
TEST(D2CfgMgr, construction) {
    D2CfgMgr *cfg_mgr = NULL;

    // Verify that configuration manager constructions without error.
925
    ASSERT_NO_THROW(cfg_mgr = new D2CfgMgr());
926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945

    // Verify that the context can be retrieved and is not null.
    D2CfgContextPtr context;
    ASSERT_NO_THROW(context = cfg_mgr->getD2CfgContext());
    EXPECT_TRUE(context);

    // Verify that the forward manager can be retrieved and is not null.
    EXPECT_TRUE(context->getForwardMgr());

    // Verify that the reverse manager can be retrieved and is not null.
    EXPECT_TRUE(context->getReverseMgr());

    // Verify that the manager can be destructed without error.
    EXPECT_NO_THROW(delete cfg_mgr);
}

/// @brief Tests the parsing of a complete, valid DHCP-DDNS configuration.
/// This tests passes the configuration into an instance of D2CfgMgr just
/// as it would be done by d2_process in response to a configuration update
/// event.
946
TEST_F(D2CfgMgrTest, fullConfig) {
947 948 949 950 951 952 953
    // Create a configuration with all of application level parameters, plus
    // both the forward and reverse ddns managers.  Both managers have two
    // domains with three servers per domain.
    std::string config = "{ "
                        "\"interface\" : \"eth1\" , "
                        "\"ip_address\" : \"192.168.1.33\" , "
                        "\"port\" : 88 , "
954 955 956 957
                        "\"tsig_keys\": ["
                        "{"
                        "  \"name\": \"d2_key.tmark.org\" , "
                        "  \"algorithm\": \"md5\" , "
958
                        "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
959 960 961 962
                        "},"
                        "{"
                        "  \"name\": \"d2_key.billcat.net\" , "
                        "  \"algorithm\": \"md5\" , "
963
                        "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
964 965
                        "}"
                        "],"
966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001
                        "\"forward_ddns\" : {"
                        "\"ddns_domains\": [ "
                        "{ \"name\": \"tmark.org\" , "
                        "  \"key_name\": \"d2_key.tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"hostname\": \"one.tmark\" } , "
                        "  { \"hostname\": \"two.tmark\" } , "
                        "  { \"hostname\": \"three.tmark\"} "
                        "  ] } "
                        ", "
                        "{ \"name\": \"billcat.net\" , "
                        "  \"key_name\": \"d2_key.billcat.net\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"hostname\": \"four.billcat\" } , "
                        "  { \"hostname\": \"five.billcat\" } , "
                        "  { \"hostname\": \"six.billcat\" } "
                        "  ] } "
                        "] },"
                        "\"reverse_ddns\" : {"
                        "\"ddns_domains\": [ "
                        "{ \"name\": \" 0.168.192.in.addr.arpa.\" , "
                        "  \"key_name\": \"d2_key.tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"hostname\": \"one.rev\" } , "
                        "  { \"hostname\": \"two.rev\" } , "
                        "  { \"hostname\": \"three.rev\" } "
                        "  ] } "
                        ", "
                        "{ \"name\": \" 0.247.106.in.addr.arpa.\" , "
                        "  \"key_name\": \"d2_key.billcat.net\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"hostname\": \"four.rev\" }, "
                        "  { \"hostname\": \"five.rev\" } , "
                        "  { \"hostname\": \"six.rev\" } "
                        "  ] } "
                        "] } }";
1002
    ASSERT_TRUE(fromJSON(config));
1003 1004 1005

    // Verify that we can parse the configuration.
    answer_ = cfg_mgr_->parseConfig(config_set_);
1006
    ASSERT_TRUE(checkAnswer(0));
1007 1008 1009 1010 1011 1012 1013 1014

    // Verify that the D2 context can be retrieved and is not null.
    D2CfgContextPtr context;
    ASSERT_NO_THROW(context = cfg_mgr_->getD2CfgContext());

    // Verify that the application level scalars have the proper values.
    std::string interface;
    EXPECT_NO_THROW (context->getParam("interface", interface));
1015
    EXPECT_EQ("eth1", interface);
1016 1017 1018

    std::string ip_address;
    EXPECT_NO_THROW (context->getParam("ip_address", ip_address));
1019
    EXPECT_EQ("192.168.1.33", ip_address);
1020 1021 1022

    uint32_t port = 0;
    EXPECT_NO_THROW (context->getParam("port", port));
1023
    EXPECT_EQ(88, port);
1024 1025 1026 1027 1028 1029

    // Verify that the forward manager can be retrieved.
    DdnsDomainListMgrPtr mgr = context->getForwardMgr();
    ASSERT_TRUE(mgr);

    // Verify that the forward manager has the correct number of domains.
1030
    DdnsDomainMapPtr domains = mgr->getDomains();
1031 1032
    ASSERT_TRUE(domains);
    int count =  domains->size();
1033
    EXPECT_EQ(2, count);
1034 1035 1036 1037 1038

    // Verify that the server count in each of the forward manager domains.
    // NOTE that since prior tests have validated server parsing, we are are
    // assuming that the servers did in fact parse correctly if the correct
    // number of them are there.
1039
    DdnsDomainMapPair domain_pair;
1040 1041 1042 1043 1044
    BOOST_FOREACH(domain_pair, (*domains)) {
        DdnsDomainPtr domain = domain_pair.second;
        DnsServerInfoStoragePtr servers = domain->getServers();
        count = servers->size();
        EXPECT_TRUE(servers);
1045
        EXPECT_EQ(3, count);
1046 1047 1048 1049 1050 1051 1052 1053 1054
    }

    // Verify that the reverse manager can be retrieved.
    mgr = context->getReverseMgr();
    ASSERT_TRUE(mgr);

    // Verify that the reverse manager has the correct number of domains.
    domains = mgr->getDomains();
    count =  domains->size();
1055
    EXPECT_EQ(2, count);
1056 1057 1058 1059 1060 1061 1062 1063 1064 1065

    // Verify that the server count in each of the reverse manager domains.
    // NOTE that since prior tests have validated server parsing, we are are
    // assuming that the servers did in fact parse correctly if the correct
    // number of them are there.
    BOOST_FOREACH(domain_pair, (*domains)) {
        DdnsDomainPtr domain = domain_pair.second;
        DnsServerInfoStoragePtr servers = domain->getServers();
        count = servers->size();
        EXPECT_TRUE(servers);
1066
        EXPECT_EQ(3, count);
1067
    }
1068

1069 1070 1071 1072
    // Test directional update flags.
    EXPECT_TRUE(cfg_mgr_->forwardUpdatesEnabled());
    EXPECT_TRUE(cfg_mgr_->reverseUpdatesEnabled());

1073
    // Verify that parsing the exact same configuration a second time
1074
    // does not cause a duplicate value errors.
1075 1076
    answer_ = cfg_mgr_->parseConfig(config_set_);
    ASSERT_TRUE(checkAnswer(0));
1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087
}

/// @brief Tests the basics of the D2CfgMgr FQDN-domain matching
/// This test uses a valid configuration to exercise the D2CfgMgr
/// forward FQDN-to-domain matching.
/// It verifies that:
/// 1. Given an FQDN which exactly matches a domain's name, that domain is
/// returned as match.
/// 2. Given a FQDN for sub-domain in the list, returns the proper match.
/// 3. Given a FQDN that matches no domain name, returns the wild card domain
/// as a match.
1088