auth_srv_unittest.cc 32.6 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
// Copyright (C) 2010  Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.

// $Id$

17
18
#include <config.h>

19
20
21
22
23
24
#include <gtest/gtest.h>

#include <dns/buffer.h>
#include <dns/name.h>
#include <dns/message.h>
#include <dns/messagerenderer.h>
25
#include <dns/opcode.h>
26
#include <dns/rcode.h>
27
28
29
#include <dns/rrclass.h>
#include <dns/rrtype.h>

30
#include <cc/data.h>
31
#include <cc/session.h>
32

33
#include <xfr/xfrout_client.h>
34

35
#include <auth/auth_srv.h>
36
#include <auth/asio_link.h>
37
#include <auth/statistics.h>
38
39
40
41
42

#include <dns/tests/unittest_util.h>

using isc::UnitTestUtil;
using namespace std;
43
using namespace isc::cc;
44
using namespace isc::dns;
45
using namespace isc::data;
46
using namespace isc::xfr;
47
using namespace asio_link;
48
49

namespace {
50
const char* const CONFIG_TESTDB =
51
    "{\"database_file\": \"" TEST_DATA_DIR "/example.sqlite3\"}";
52
53
// The following file must be non existent and must be non"creatable" (see
// the sqlite3 test).
54
const char* const BADCONFIG_TESTDB =
55
    "{ \"database_file\": \"" TEST_DATA_DIR "/nodir/notexist\"}";
56
const char* const DEFAULT_REMOTE_ADDRESS = "192.0.2.1";
57

58
class AuthSrvTest : public ::testing::Test {
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
private:
    class MockXfroutClient : public AbstractXfroutClient {
    public:
        MockXfroutClient() :
            is_connected_(false), connect_ok_(true), send_ok_(true),
            disconnect_ok_(true)
        {}
        virtual void connect();
        virtual void disconnect();
        virtual int sendXfroutRequestInfo(int tcp_sock, const void* msg_data,
                                          uint16_t msg_len);
        bool isConnected() const { return (is_connected_); }
        void disableConnect() { connect_ok_ = false; }
        void disableDisconnect() { disconnect_ok_ = false; }
        void enableDisconnect() { disconnect_ok_ = true; }
        void disableSend() { send_ok_ = false; }
    private:
        bool is_connected_;
        bool connect_ok_;
        bool send_ok_;
        bool disconnect_ok_;
    };
81
82
83
84
85

    class MockSession : public AbstractSession {
    public:
        MockSession() :
            // by default we return a simple "success" message.
86
            msg_(Element::fromJSON("{\"result\": [0, \"SUCCESS\"]}")),
87
            send_ok_(true), receive_ok_(true)
88
89
90
        {}
        virtual void establish(const char* socket_file);
        virtual void disconnect();
91
        virtual int group_sendmsg(ConstElementPtr msg, string group,
92
                                  string instance, string to);
93
94
        virtual bool group_recvmsg(ConstElementPtr& envelope,
                                   ConstElementPtr& msg,
95
                                   bool nonblock, int seq);
96
97
98
        virtual void subscribe(string group, string instance);
        virtual void unsubscribe(string group, string instance);
        virtual void startRead(boost::function<void()> read_callback);
99
100
        virtual int reply(ConstElementPtr envelope, ConstElementPtr newmsg);
        virtual bool hasQueuedMsgs() const;
101
        virtual void setTimeout(size_t) {}
102
        virtual size_t getTimeout() const { return 0; };
103

104
        void setMessage(ConstElementPtr msg) { msg_ = msg; }
105
106
        void disableSend() { send_ok_ = false; }
        void disableReceive() { receive_ok_ = false; }
107

108
        ConstElementPtr sent_msg;
109
        string msg_destination;
110
    private:
111
        ConstElementPtr msg_;
112
113
        bool send_ok_;
        bool receive_ok_;
114
115
    };

116
protected:
117
    AuthSrvTest() : server(true, xfrout),
118
                    request_message(Message::RENDER),
119
                    parse_message(Message::PARSE), default_qid(0x1035),
120
                    opcode(Opcode::QUERY()), qname("www.example.com"),
121
                    qclass(RRClass::IN()), qtype(RRType::A()),
122
                    io_message(NULL), endpoint(NULL), request_obuffer(0),
123
                    request_renderer(request_obuffer),
124
                    response_obuffer(0), response_renderer(response_obuffer)
125
    {
126
        server.setXfrinSession(&notify_session);
127
        server.setStatisticsSession(&statistics_session);
128
    }
129
130
    ~AuthSrvTest() {
        delete io_message;
131
        delete endpoint;
132
    }
133
    MockSession notify_session;
134
    MockSession statistics_session;
135
    MockXfroutClient xfrout;
136
137
138
    AuthSrv server;
    Message request_message;
    Message parse_message;
139
140
141
142
143
    const qid_t default_qid;
    const Opcode opcode;
    const Name qname;
    const RRClass qclass;
    const RRType qtype;
144
145
    IOMessage* io_message;
    const IOEndpoint* endpoint;
146
147
148
149
150
    OutputBuffer request_obuffer;
    MessageRenderer request_renderer;
    OutputBuffer response_obuffer;
    MessageRenderer response_renderer;
    vector<uint8_t> data;
151

JINMEI Tatuya's avatar
JINMEI Tatuya committed
152
    void createDataFromFile(const char* const datafile, int protocol);
153
154
155
156
157
158
    void createRequestMessage(const Opcode& opcode, const Name& request_name,
                              const RRClass& rrclass, const RRType& rrtype);
    void createRequestPacket(const Opcode& opcode, const Name& request_name,
                             const RRClass& rrclass, const RRType& rrtype,
                             int protocol);
    void createRequestPacket(int protocol);
159
160
};

161
void
162
AuthSrvTest::MockSession::establish(const char*) {}
163
164

void
165
AuthSrvTest::MockSession::disconnect() {}
166

167
void
168
AuthSrvTest::MockSession::subscribe(string, string)
169
170
171
{}

void
172
AuthSrvTest::MockSession::unsubscribe(string, string)
173
174
175
{}

void
176
AuthSrvTest::MockSession::startRead(boost::function<void()>)
177
178
179
{}

int
180
AuthSrvTest::MockSession::reply(ConstElementPtr, ConstElementPtr) {
181
182
183
184
    return (-1);
}

bool
185
AuthSrvTest::MockSession::hasQueuedMsgs() const {
186
187
188
    return (false);
}

189
int
190
AuthSrvTest::MockSession::group_sendmsg(ConstElementPtr msg, string group,
191
                                        string, string)
192
{
193
194
195
    if (!send_ok_) {
        isc_throw(XfroutError, "mock session send is disabled for test");
    }
196
197
198

    sent_msg = msg;
    msg_destination = group;
199
200
201
202
    return (0);
}

bool
203
204
AuthSrvTest::MockSession::group_recvmsg(ConstElementPtr&,
                                        ConstElementPtr& msg, bool, int)
205
{
206
207
208
209
    if (!receive_ok_) {
        isc_throw(XfroutError, "mock session receive is disabled for test");
    }

210
211
212
213
    msg = msg_;
    return (true);
}

214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
void
AuthSrvTest::MockXfroutClient::connect() {
    if (!connect_ok_) {
        isc_throw(XfroutError, "xfrout connection disabled for test");
    }
    is_connected_ = true;
}

void
AuthSrvTest::MockXfroutClient::disconnect() {
    if (!disconnect_ok_) {
        isc_throw(XfroutError,
                  "closing xfrout connection is disabled for test");
    }
    is_connected_ = false;
}

int
232
233
234
AuthSrvTest::MockXfroutClient::sendXfroutRequestInfo(const int,
                                                     const void*,
                                                     const uint16_t)
235
236
{
    if (!send_ok_) {
237
        isc_throw(XfroutError, "xfrout connection send is disabled for test");
238
239
240
241
    }
    return (0);
}

242

243
244
245
246
247
248
249
250
251
252
253
254
// These are flags to indicate whether the corresponding flag bit of the
// DNS header is to be set in the test cases.  (Note that the flag values
// is irrelevant to their wire-format values)
const unsigned int QR_FLAG = 0x1;
const unsigned int AA_FLAG = 0x2;
const unsigned int TC_FLAG = 0x4;
const unsigned int RD_FLAG = 0x8;
const unsigned int RA_FLAG = 0x10;
const unsigned int AD_FLAG = 0x20;
const unsigned int CD_FLAG = 0x40;

void
JINMEI Tatuya's avatar
JINMEI Tatuya committed
255
256
257
AuthSrvTest::createDataFromFile(const char* const datafile,
                                const int protocol = IPPROTO_UDP)
{
258
    delete io_message;
259
260
    data.clear();

261
    delete endpoint;
262
263
    endpoint = IOEndpoint::create(protocol,
                                  IOAddress(DEFAULT_REMOTE_ADDRESS), 5300);
264
    UnitTestUtil::readWireData(datafile, data);
265
    io_message = new IOMessage(&data[0], data.size(),
266
267
268
                               protocol == IPPROTO_UDP ?
                               IOSocket::getDummyUDPSocket() :
                               IOSocket::getDummyTCPSocket(), *endpoint);
269
270
}

271
void
272
273
274
275
AuthSrvTest::createRequestMessage(const Opcode& opcode,
                                  const Name& request_name,
                                  const RRClass& rrclass,
                                  const RRType& rrtype)
276
{
277
    request_message.clear(Message::RENDER);
278
    request_message.setOpcode(opcode);
279
    request_message.setRcode(Rcode::NOERROR());
JINMEI Tatuya's avatar
JINMEI Tatuya committed
280
    request_message.setQid(default_qid);
281
    request_message.addQuestion(Question(request_name, rrclass, rrtype));
282
283
284
285
286
287
288
289
290
291
292
293
294
295
}

void
AuthSrvTest::createRequestPacket(const Opcode& opcode,
                                 const Name& request_name,
                                 const RRClass& rrclass, const RRType& rrtype,
                                 const int protocol = IPPROTO_UDP)
{
    createRequestMessage(opcode, request_name, rrclass, rrtype);
    createRequestPacket(protocol);
}

void
AuthSrvTest::createRequestPacket(const int protocol = IPPROTO_UDP) {
296
297
298
    request_message.toWire(request_renderer);

    delete io_message;
299
300
    endpoint = IOEndpoint::create(protocol,
                                  IOAddress(DEFAULT_REMOTE_ADDRESS), 5300);
301
302
    io_message = new IOMessage(request_renderer.getData(),
                               request_renderer.getLength(),
303
304
305
                               protocol == IPPROTO_UDP ?
                               IOSocket::getDummyUDPSocket() :
                               IOSocket::getDummyTCPSocket(), *endpoint);
306
307
}

308
309
310
311
312
313
314
315
316
317
void
headerCheck(const Message& message, const qid_t qid, const Rcode& rcode,
            const uint16_t opcodeval, const unsigned int flags,
            const unsigned int qdcount,
            const unsigned int ancount, const unsigned int nscount,
            const unsigned int arcount)
{
    EXPECT_EQ(qid, message.getQid());
    EXPECT_EQ(rcode, message.getRcode());
    EXPECT_EQ(opcodeval, message.getOpcode().getCode());
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
    EXPECT_EQ((flags & QR_FLAG) != 0,
              message.getHeaderFlag(Message::HEADERFLAG_QR));
    EXPECT_EQ((flags & AA_FLAG) != 0,
              message.getHeaderFlag(Message::HEADERFLAG_AA));
    EXPECT_EQ((flags & TC_FLAG) != 0,
              message.getHeaderFlag(Message::HEADERFLAG_TC));
    EXPECT_EQ((flags & RA_FLAG) != 0,
              message.getHeaderFlag(Message::HEADERFLAG_RA));
    EXPECT_EQ((flags & RD_FLAG) != 0,
              message.getHeaderFlag(Message::HEADERFLAG_RD));
    EXPECT_EQ((flags & AD_FLAG) != 0,
              message.getHeaderFlag(Message::HEADERFLAG_AD));
    EXPECT_EQ((flags & CD_FLAG) != 0,
              message.getHeaderFlag(Message::HEADERFLAG_CD));

    EXPECT_EQ(qdcount, message.getRRCount(Message::SECTION_QUESTION));
    EXPECT_EQ(ancount, message.getRRCount(Message::SECTION_ANSWER));
    EXPECT_EQ(nscount, message.getRRCount(Message::SECTION_AUTHORITY));
    EXPECT_EQ(arcount, message.getRRCount(Message::SECTION_ADDITIONAL));
337
338
339
340
}

// Unsupported requests.  Should result in NOTIMP.
TEST_F(AuthSrvTest, unsupportedRequest) {
341
    for (unsigned int i = 0; i < 16; ++i) {
342
        // set Opcode to 'i', which iterators over all possible codes except
343
344
345
        // the standard query and notify
        if (i == Opcode::QUERY().getCode() ||
            i == Opcode::NOTIFY().getCode()) {
Han Feng's avatar
Han Feng committed
346
            continue;
347
        }
348
        createDataFromFile("simplequery_fromWire.wire");
349
350
351
        data[2] = ((i << 3) & 0xff);

        parse_message.clear(Message::PARSE);
352
353
        EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                          response_renderer));
354
355
356
        headerCheck(parse_message, default_qid, Rcode::NOTIMP(), i, QR_FLAG,
                    0, 0, 0, 0);
    }
357
}
358

359
360
361
362
363
364
365
366
367
// Simple API check
TEST_F(AuthSrvTest, verbose) {
    EXPECT_FALSE(server.getVerbose());
    server.setVerbose(true);
    EXPECT_TRUE(server.getVerbose());
    server.setVerbose(false);
    EXPECT_FALSE(server.getVerbose());
}

368
369
// Multiple questions.  Should result in FORMERR.
TEST_F(AuthSrvTest, multiQuestion) {
370
    createDataFromFile("multiquestion_fromWire.wire");
371
372
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
373
    headerCheck(parse_message, default_qid, Rcode::FORMERR(), opcode.getCode(),
374
375
376
377
378
379
380
381
382
383
384
385
                QR_FLAG, 2, 0, 0, 0);

    QuestionIterator qit = parse_message.beginQuestion();
    EXPECT_EQ(Name("example.com"), (*qit)->getName());
    EXPECT_EQ(RRClass::IN(), (*qit)->getClass());
    EXPECT_EQ(RRType::A(), (*qit)->getType());
    ++qit;
    EXPECT_EQ(Name("example.com"), (*qit)->getName());
    EXPECT_EQ(RRClass::IN(), (*qit)->getClass());
    EXPECT_EQ(RRType::AAAA(), (*qit)->getType());
    ++qit;
    EXPECT_TRUE(qit == parse_message.endQuestion());
386
387
}

388
389
390
// Incoming data doesn't even contain the complete header.  Must be silently
// dropped.
TEST_F(AuthSrvTest, shortMessage) {
391
    createDataFromFile("shortmessage_fromWire");
392
393
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
394
395
396
397
398
399
}

// Response messages.  Must be silently dropped, whether it's a valid response
// or malformed or could otherwise cause a protocol error.
TEST_F(AuthSrvTest, response) {
    // A valid (although unusual) response
400
    createDataFromFile("simpleresponse_fromWire.wire");
401
402
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
403
404
405

    // A response with a broken question section.  must be dropped rather than
    // returning FORMERR.
406
    createDataFromFile("shortresponse_fromWire");
407
408
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
409
410

    // A response to iquery.  must be dropped rather than returning NOTIMP.
411
    createDataFromFile("iqueryresponse_fromWire.wire");
412
413
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
414
415
416
417
}

// Query with a broken question
TEST_F(AuthSrvTest, shortQuestion) {
418
    createDataFromFile("shortquestion_fromWire");
419
420
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
421
422
423
424
425
    // Since the query's question is broken, the question section of the
    // response should be empty.
    headerCheck(parse_message, default_qid, Rcode::FORMERR(), opcode.getCode(),
                QR_FLAG, 0, 0, 0, 0);
}
426

427
428
// Query with a broken answer section
TEST_F(AuthSrvTest, shortAnswer) {
429
    createDataFromFile("shortanswer_fromWire.wire");
430
431
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
432
433
434

    // This is a bogus query, but question section is valid.  So the response
    // should copy the question section.
435
436
437
    headerCheck(parse_message, default_qid, Rcode::FORMERR(), opcode.getCode(),
                QR_FLAG, 1, 0, 0, 0);

438
439
440
441
442
443
    QuestionIterator qit = parse_message.beginQuestion();
    EXPECT_EQ(Name("example.com"), (*qit)->getName());
    EXPECT_EQ(RRClass::IN(), (*qit)->getClass());
    EXPECT_EQ(RRType::A(), (*qit)->getType());
    ++qit;
    EXPECT_TRUE(qit == parse_message.endQuestion());
444
445
}

446
447
// Query with unsupported version of EDNS.
TEST_F(AuthSrvTest, ednsBadVers) {
448
    createDataFromFile("queryBadEDNS_fromWire.wire");
449
450
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
451

452
453
    // The response must have an EDNS OPT RR in the additional section, but
    // it will be added automatically at the render time.
454
455
456
457
    // Note that the DNSSEC DO bit is cleared even if this bit in the query
    // is set.  This is a limitation of the current implementation.
    headerCheck(parse_message, default_qid, Rcode::BADVERS(), opcode.getCode(),
                QR_FLAG, 1, 0, 0, 1);
458
459
460
461
462
463
464
    EXPECT_FALSE(parse_message.getEDNS()); // EDNS isn't added at this point

    parse_message.clear(Message::PARSE);
    InputBuffer ib(response_renderer.getData(), response_renderer.getLength());
    parse_message.fromWire(ib);
    EXPECT_EQ(Rcode::BADVERS(), parse_message.getRcode());
    EXPECT_TRUE(parse_message.getEDNS());
465
    EXPECT_FALSE(parse_message.getEDNS()->getDNSSECAwareness());
466
467
}

JINMEI Tatuya's avatar
JINMEI Tatuya committed
468
469
TEST_F(AuthSrvTest, AXFROverUDP) {
    // AXFR over UDP is invalid and should result in FORMERR.
470
471
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_UDP);
472
473
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
JINMEI Tatuya's avatar
JINMEI Tatuya committed
474
475
476
477
    headerCheck(parse_message, default_qid, Rcode::FORMERR(), opcode.getCode(),
                QR_FLAG, 1, 0, 0, 0);
}

478
479
TEST_F(AuthSrvTest, AXFRSuccess) {
    EXPECT_FALSE(xfrout.isConnected());
480
481
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
482
483
    // On success, the AXFR query has been passed to a separate process,
    // so we shouldn't have to respond.
484
485
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
486
    EXPECT_TRUE(xfrout.isConnected());
487
488
489
490
491
}

TEST_F(AuthSrvTest, AXFRConnectFail) {
    EXPECT_FALSE(xfrout.isConnected()); // check prerequisite
    xfrout.disableConnect();
492
493
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
494
495
496
497
498
499
500
501
502
503
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
    headerCheck(parse_message, default_qid, Rcode::SERVFAIL(),
                opcode.getCode(), QR_FLAG, 1, 0, 0, 0);
    EXPECT_FALSE(xfrout.isConnected());
}

TEST_F(AuthSrvTest, AXFRSendFail) {
    // first send a valid query, making the connection with the xfr process
    // open.
504
505
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
506
    server.processMessage(*io_message, parse_message, response_renderer);
507
    EXPECT_TRUE(xfrout.isConnected());
508
509
510
511

    xfrout.disableSend();
    parse_message.clear(Message::PARSE);
    response_renderer.clear();
512
513
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
514
515
516
517
518
519
520
521
522
523
524
525
526
527
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
    headerCheck(parse_message, default_qid, Rcode::SERVFAIL(),
                opcode.getCode(), QR_FLAG, 1, 0, 0, 0);

    // The connection should have been closed due to the send failure.
    EXPECT_FALSE(xfrout.isConnected());
}

TEST_F(AuthSrvTest, AXFRDisconnectFail) {
    // In our usage disconnect() shouldn't fail.  So we'll see the exception
    // should it be thrown.
    xfrout.disableSend();
    xfrout.disableDisconnect();
528
529
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
530
531
532
533
534
535
536
537
538
    EXPECT_THROW(server.processMessage(*io_message, parse_message,
                                       response_renderer),
                 XfroutError);
    EXPECT_TRUE(xfrout.isConnected());
    // XXX: we need to re-enable disconnect.  otherwise an exception would be
    // thrown via the destructor of the server.
    xfrout.enableDisconnect();
}

539
540
541
TEST_F(AuthSrvTest, notify) {
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
542
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
543
    createRequestPacket(IPPROTO_UDP);
544
545
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
546
547
548

    // An internal command message should have been created and sent to an
    // external module.  Check them.
549
    EXPECT_EQ("Zonemgr", notify_session.msg_destination);
550
551
    EXPECT_EQ("notify",
              notify_session.sent_msg->get("command")->get(0)->stringValue());
552
553
    ConstElementPtr notify_args =
        notify_session.sent_msg->get("command")->get(1);
554
555
556
    EXPECT_EQ("example.com.", notify_args->get("zone_name")->stringValue());
    EXPECT_EQ(DEFAULT_REMOTE_ADDRESS,
              notify_args->get("master")->stringValue());
557
    EXPECT_EQ("IN", notify_args->get("zone_class")->stringValue());
558
559

    // On success, the server should return a response to the notify.
560
561
562
    headerCheck(parse_message, default_qid, Rcode::NOERROR(),
                Opcode::NOTIFY().getCode(), QR_FLAG | AA_FLAG, 1, 0, 0, 0);

563
    // The question must be identical to that of the received notify
564
565
566
567
568
569
    ConstQuestionPtr question = *parse_message.beginQuestion();
    EXPECT_EQ(Name("example.com"), question->getName());
    EXPECT_EQ(RRClass::IN(), question->getClass());
    EXPECT_EQ(RRType::SOA(), question->getType());
}

570
571
572
573
TEST_F(AuthSrvTest, notifyForCHClass) {
    // Same as the previous test, but for the CH RRClass.
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::CH(),
                        RRType::SOA());
574
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
575
    createRequestPacket(IPPROTO_UDP);
576
577
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
578
579
580

    // Other conditions should be the same, so simply confirm the RR class is
    // set correctly.
581
582
    ConstElementPtr notify_args =
        notify_session.sent_msg->get("command")->get(1);
583
    EXPECT_EQ("CH", notify_args->get("zone_class")->stringValue());
584
585
}

586
587
588
TEST_F(AuthSrvTest, notifyEmptyQuestion) {
    request_message.clear(Message::RENDER);
    request_message.setOpcode(Opcode::NOTIFY());
589
    request_message.setRcode(Rcode::NOERROR());
590
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
591
592
593
    request_message.setQid(default_qid);
    request_message.toWire(request_renderer);
    createRequestPacket(IPPROTO_UDP);
594
595
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
596
597
598
599
600
601
602
603
604
605
    headerCheck(parse_message, default_qid, Rcode::FORMERR(),
                Opcode::NOTIFY().getCode(), QR_FLAG, 0, 0, 0, 0);
}

TEST_F(AuthSrvTest, notifyMultiQuestions) {
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    // add one more SOA question
    request_message.addQuestion(Question(Name("example.com"), RRClass::IN(),
                                         RRType::SOA()));
606
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
607
    createRequestPacket(IPPROTO_UDP);
608
609
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
610
611
612
613
614
615
616
    headerCheck(parse_message, default_qid, Rcode::FORMERR(),
                Opcode::NOTIFY().getCode(), QR_FLAG, 2, 0, 0, 0);
}

TEST_F(AuthSrvTest, notifyNonSOAQuestion) {
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::NS());
617
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
618
    createRequestPacket(IPPROTO_UDP);
619
620
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
621
622
623
624
625
626
627
628
    headerCheck(parse_message, default_qid, Rcode::FORMERR(),
                Opcode::NOTIFY().getCode(), QR_FLAG, 1, 0, 0, 0);
}

TEST_F(AuthSrvTest, notifyWithoutAA) {
    // implicitly leave the AA bit off.  our implementation will accept it.
    createRequestPacket(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
629
630
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
631
632
633
634
635
636
637
    headerCheck(parse_message, default_qid, Rcode::NOERROR(),
                Opcode::NOTIFY().getCode(), QR_FLAG | AA_FLAG, 1, 0, 0, 0);
}

TEST_F(AuthSrvTest, notifyWithErrorRcode) {
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
638
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
639
640
    request_message.setRcode(Rcode::SERVFAIL());
    createRequestPacket(IPPROTO_UDP);
641
642
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
643
644
    headerCheck(parse_message, default_qid, Rcode::NOERROR(),
                Opcode::NOTIFY().getCode(), QR_FLAG | AA_FLAG, 1, 0, 0, 0);
Han Feng's avatar
Han Feng committed
645
646
}

647
TEST_F(AuthSrvTest, notifyWithoutSession) {
648
    server.setXfrinSession(NULL);
649
650
651

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
652
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
653
654
655
656
657
658
659
660
661
662
663
664
665
    createRequestPacket(IPPROTO_UDP);

    // we simply ignore the notify and let it be resent if an internal error
    // happens.
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
}

TEST_F(AuthSrvTest, notifySendFail) {
    notify_session.disableSend();

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
666
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
667
    createRequestPacket(IPPROTO_UDP);
668

669
670
671
672
673
674
675
676
677
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
}

TEST_F(AuthSrvTest, notifyReceiveFail) {
    notify_session.disableReceive();

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
678
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
679
680
681
682
683
684
    createRequestPacket(IPPROTO_UDP);
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
}

TEST_F(AuthSrvTest, notifyWithBogusSessionMessage) {
685
    notify_session.setMessage(Element::fromJSON("{\"foo\": 1}"));
686
687
688

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
689
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
690
691
692
693
694
695
696
    createRequestPacket(IPPROTO_UDP);
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
}

TEST_F(AuthSrvTest, notifyWithSessionMessageError) {
    notify_session.setMessage(
697
        Element::fromJSON("{\"result\": [1, \"FAIL\"]}"));
698
699
700

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
701
    request_message.setHeaderFlag(Message::HEADERFLAG_AA);
702
703
704
705
706
    createRequestPacket(IPPROTO_UDP);
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                       response_renderer));
}

707
void
708
709
710
updateConfig(AuthSrv* server, const char* const dbfile,
             const bool expect_success)
{
711
    ConstElementPtr config_answer =
712
        server->updateConfig(Element::fromJSON(dbfile));
713
714
715
    EXPECT_EQ(Element::map, config_answer->getType());
    EXPECT_TRUE(config_answer->contains("result"));

716
    ConstElementPtr result = config_answer->get("result");
717
    EXPECT_EQ(Element::list, result->getType());
718
    EXPECT_EQ(expect_success ? 0 : 1, result->get(0)->intValue());
719
720
721
722
}

// Install a Sqlite3 data source with testing data.
TEST_F(AuthSrvTest, updateConfig) {
723
    updateConfig(&server, CONFIG_TESTDB, true);
724
725
726
727

    // query for existent data in the installed data source.  The resulting
    // response should have the AA flag on, and have an RR in each answer
    // and authority section.
728
    createDataFromFile("examplequery_fromWire.wire");
729
730
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
731
732
733
734
735
    headerCheck(parse_message, default_qid, Rcode::NOERROR(), opcode.getCode(),
                QR_FLAG | AA_FLAG, 1, 1, 1, 0);
}

TEST_F(AuthSrvTest, datasourceFail) {
736
    updateConfig(&server, CONFIG_TESTDB, true);
737
738
739
740
741

    // This query will hit a corrupted entry of the data source (the zoneload
    // tool and the data source itself naively accept it).  This will result
    // in a SERVFAIL response, and the answer and authority sections should
    // be empty.
742
    createDataFromFile("badExampleQuery_fromWire.wire");
743
744
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
745
746
    headerCheck(parse_message, default_qid, Rcode::SERVFAIL(),
                opcode.getCode(), QR_FLAG, 1, 0, 0, 0);
747
}
748
749
750
751
752
753
754
755
756

TEST_F(AuthSrvTest, updateConfigFail) {
    // First, load a valid data source.
    updateConfig(&server, CONFIG_TESTDB, true);

    // Next, try to update it with a non-existent one.  This should fail.
    updateConfig(&server, BADCONFIG_TESTDB, false);

    // The original data source should still exist.
757
    createDataFromFile("examplequery_fromWire.wire");
758
759
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
760
761
762
    headerCheck(parse_message, default_qid, Rcode::NOERROR(), opcode.getCode(),
                QR_FLAG | AA_FLAG, 1, 1, 1, 0);
}
JINMEI Tatuya's avatar
JINMEI Tatuya committed
763
764
765
766
767
768
769
770
771
772

TEST_F(AuthSrvTest, cacheSlots) {
    // simple check for the get/set operations
    server.setCacheSlots(10);    // 10 = arbitrary choice
    EXPECT_EQ(10, server.getCacheSlots());

    // 0 is a valid size
    server.setCacheSlots(0);
    EXPECT_EQ(00, server.getCacheSlots());
}
773

774
775
776
// Submit UDP normal query and check query counter
TEST_F(AuthSrvTest, queryCounterUDPNormal) {
    // The counter should be initialized to 0.
777
    EXPECT_EQ(0, server.getCounter(AuthCounters::COUNTER_UDP_QUERY));
778
779
780
781
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::NS(), IPPROTO_UDP);
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
782
    // After processing UDP query, the counter should be 1.
783
    EXPECT_EQ(1, server.getCounter(AuthCounters::COUNTER_UDP_QUERY));
784
785
}

786
787
788
// Submit TCP normal query and check query counter
TEST_F(AuthSrvTest, queryCounterTCPNormal) {
    // The counter should be initialized to 0.
789
    EXPECT_EQ(0, server.getCounter(AuthCounters::COUNTER_TCP_QUERY));
790
791
792
793
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::NS(), IPPROTO_TCP);
    EXPECT_TRUE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
794
    // After processing TCP query, the counter should be 1.
795
    EXPECT_EQ(1, server.getCounter(AuthCounters::COUNTER_TCP_QUERY));
796
797
798
799
800
}

// Submit TCP AXFR query and check query counter
TEST_F(AuthSrvTest, queryCounterTCPAXFR) {
    // The counter should be initialized to 0.
801
    EXPECT_EQ(0, server.getCounter(AuthCounters::COUNTER_TCP_QUERY));
802
803
804
805
806
807
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
    // It returns false. see AXFRSuccess test.
    EXPECT_FALSE(server.processMessage(*io_message, parse_message,
                                      response_renderer));
    // After processing TCP AXFR query, the counter should be 1.
808
    EXPECT_EQ(1, server.getCounter(AuthCounters::COUNTER_TCP_QUERY));
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
}

// class for queryCounterUnexpected test
// getProtocol() returns IPPROTO_IP
class DummyUnknownSocket : public IOSocket {
public:
    DummyUnknownSocket() {}
    virtual int getNative() const { return (0); }
    virtual int getProtocol() const { return (IPPROTO_IP); }
};

// function for queryCounterUnexpected test
// returns a reference to a static object of DummyUnknownSocket
IOSocket&
getDummyUnknownSocket() {
    static DummyUnknownSocket socket;
    return (socket);
}

828
// Submit unexpected type of query and check it throws isc::Unexpected
829
TEST_F(AuthSrvTest, queryCounterUnexpected) {
830
831
832
833
    // This code isn't exception safe, but we'd rather keep the code
    // simpler and more readable as this is only for tests and if it throws
    // the program would immediately terminate anyway.

834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
    // Create UDP query packet.
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::NS(), IPPROTO_UDP);

    // Modify the message
    delete io_message;
    endpoint = IOEndpoint::create(IPPROTO_UDP,
                                  IOAddress(DEFAULT_REMOTE_ADDRESS), 5300);
    io_message = new IOMessage(request_renderer.getData(),
                               request_renderer.getLength(),
                               getDummyUnknownSocket(), *endpoint);

    EXPECT_THROW(server.processMessage(*io_message, parse_message,
                                       response_renderer),
                 isc::Unexpected);
849
}
850
}