auth_srv_unittest.cc 29.3 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
// Copyright (C) 2010  Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.

// $Id$

17 18
#include <config.h>

19 20 21 22 23 24 25 26 27
#include <gtest/gtest.h>

#include <dns/buffer.h>
#include <dns/name.h>
#include <dns/message.h>
#include <dns/messagerenderer.h>
#include <dns/rrclass.h>
#include <dns/rrtype.h>

28
#include <cc/data.h>
29
#include <cc/session.h>
30

31
#include <xfr/xfrout_client.h>
32

33
#include <auth/auth_srv.h>
34
#include <asiolink/asiolink.h>
35 36 37 38 39

#include <dns/tests/unittest_util.h>

using isc::UnitTestUtil;
using namespace std;
40
using namespace isc::cc;
41
using namespace isc::dns;
42
using namespace isc::data;
43
using namespace isc::xfr;
44
using namespace asiolink;
45 46

namespace {
47
const char* const CONFIG_TESTDB =
48
    "{\"database_file\": \"" TEST_DATA_DIR "/example.sqlite3\"}";
49 50
// The following file must be non existent and must be non"creatable" (see
// the sqlite3 test).
51
const char* const BADCONFIG_TESTDB =
52
    "{ \"database_file\": \"" TEST_DATA_DIR "/nodir/notexist\"}";
53
const char* const DEFAULT_REMOTE_ADDRESS = "192.0.2.1";
54

55 56 57 58 59 60 61 62 63 64 65 66
class DummySocket : public IOSocket {
private:
    DummySocket(const DummySocket& source);
    DummySocket& operator=(const DummySocket& source);
public:
    DummySocket(const int protocol) : protocol_(protocol) {}
    virtual int getNative() const { return (-1); }
    virtual int getProtocol() const { return (protocol_); }
private:
    const int protocol_;
};

67
class AuthSrvTest : public ::testing::Test {
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89
private:
    class MockXfroutClient : public AbstractXfroutClient {
    public:
        MockXfroutClient() :
            is_connected_(false), connect_ok_(true), send_ok_(true),
            disconnect_ok_(true)
        {}
        virtual void connect();
        virtual void disconnect();
        virtual int sendXfroutRequestInfo(int tcp_sock, const void* msg_data,
                                          uint16_t msg_len);
        bool isConnected() const { return (is_connected_); }
        void disableConnect() { connect_ok_ = false; }
        void disableDisconnect() { disconnect_ok_ = false; }
        void enableDisconnect() { disconnect_ok_ = true; }
        void disableSend() { send_ok_ = false; }
    private:
        bool is_connected_;
        bool connect_ok_;
        bool send_ok_;
        bool disconnect_ok_;
    };
90 91 92 93 94

    class MockSession : public AbstractSession {
    public:
        MockSession() :
            // by default we return a simple "success" message.
95
            msg_(Element::fromJSON("{\"result\": [0, \"SUCCESS\"]}")),
96
            send_ok_(true), receive_ok_(true)
97 98 99
        {}
        virtual void establish(const char* socket_file);
        virtual void disconnect();
100
        virtual int group_sendmsg(ConstElementPtr msg, string group,
101
                                  string instance, string to);
102 103
        virtual bool group_recvmsg(ConstElementPtr& envelope,
                                   ConstElementPtr& msg,
104
                                   bool nonblock, int seq);
105 106 107
        virtual void subscribe(string group, string instance);
        virtual void unsubscribe(string group, string instance);
        virtual void startRead(boost::function<void()> read_callback);
108 109
        virtual int reply(ConstElementPtr envelope, ConstElementPtr newmsg);
        virtual bool hasQueuedMsgs() const;
110
        virtual void setTimeout(size_t timeout UNUSED_PARAM) {};
111
        virtual size_t getTimeout() const { return 0; };
112

113
        void setMessage(ConstElementPtr msg) { msg_ = msg; }
114 115
        void disableSend() { send_ok_ = false; }
        void disableReceive() { receive_ok_ = false; }
116

117
        ConstElementPtr sent_msg;
118
        string msg_destination;
119
    private:
120
        ConstElementPtr msg_;
121 122
        bool send_ok_;
        bool receive_ok_;
123 124
    };

125
    // A nonoperative task object to be used in calls to processMessage()
126
    class MockTask : public DNSServer {
127 128
    public:
        MockTask() : done_(false) {}
129 130 131
        void operator()(asio::error_code ec UNUSED_PARAM,
                        size_t length UNUSED_PARAM)
        {}
132 133 134 135 136 137
        // virtual void doLookup() { return; }
        virtual void resume(const bool done) { done_ = done; }
        virtual bool hasAnswer() { return (done_); }
        virtual int value() { return (0); }
    private:
        bool done_;
138 139
    };

140
protected:
141
    AuthSrvTest() : server(true, xfrout),
142
                    request_message(Message::RENDER),
143 144 145 146 147 148
                    parse_message(new Message(Message::PARSE)),
                    default_qid(0x1035), opcode(Opcode(Opcode::QUERY())),
                    qname("www.example.com"), qclass(RRClass::IN()),
                    qtype(RRType::A()), io_message(NULL), endpoint(NULL),
                    request_obuffer(0), request_renderer(request_obuffer),
                    response_obuffer(new OutputBuffer(0))
149
    {
150
        server.setXfrinSession(&notify_session);
151
    }
152 153
    ~AuthSrvTest() {
        delete io_message;
154
        delete endpoint;
155
    }
156
    MockSession notify_session;
157
    MockXfroutClient xfrout;
158
    MockTask task;
159 160
    AuthSrv server;
    Message request_message;
161
    MessagePtr parse_message;
162 163 164 165 166
    const qid_t default_qid;
    const Opcode opcode;
    const Name qname;
    const RRClass qclass;
    const RRType qtype;
167
    IOSocket* io_sock;
168 169
    IOMessage* io_message;
    const IOEndpoint* endpoint;
170 171
    OutputBuffer request_obuffer;
    MessageRenderer request_renderer;
172
    OutputBufferPtr response_obuffer;
173
    vector<uint8_t> data;
174

JINMEI Tatuya's avatar
JINMEI Tatuya committed
175
    void createDataFromFile(const char* const datafile, int protocol);
176 177 178 179 180 181
    void createRequestMessage(const Opcode& opcode, const Name& request_name,
                              const RRClass& rrclass, const RRType& rrtype);
    void createRequestPacket(const Opcode& opcode, const Name& request_name,
                             const RRClass& rrclass, const RRType& rrtype,
                             int protocol);
    void createRequestPacket(int protocol);
182 183
};

184
void
185
AuthSrvTest::MockSession::establish(const char* socket_file UNUSED_PARAM) {}
186 187

void
188
AuthSrvTest::MockSession::disconnect() {}
189

190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205
void
AuthSrvTest::MockSession::subscribe(string group UNUSED_PARAM,
                                    string instance UNUSED_PARAM)
{}

void
AuthSrvTest::MockSession::unsubscribe(string group UNUSED_PARAM,
                                      string instance UNUSED_PARAM)
{}

void
AuthSrvTest::MockSession::startRead(
    boost::function<void()> read_callback UNUSED_PARAM)
{}

int
206 207
AuthSrvTest::MockSession::reply(ConstElementPtr envelope UNUSED_PARAM,
                                ConstElementPtr newmsg UNUSED_PARAM)
208 209 210 211 212
{
    return (-1);
}

bool
213
AuthSrvTest::MockSession::hasQueuedMsgs() const {
214 215 216
    return (false);
}

217
int
218
AuthSrvTest::MockSession::group_sendmsg(ConstElementPtr msg, string group,
219 220 221
                                        string instance UNUSED_PARAM,
                                        string to UNUSED_PARAM)
{
222 223 224
    if (!send_ok_) {
        isc_throw(XfroutError, "mock session send is disabled for test");
    }
225 226 227

    sent_msg = msg;
    msg_destination = group;
228 229 230 231
    return (0);
}

bool
232 233
AuthSrvTest::MockSession::group_recvmsg(ConstElementPtr& envelope UNUSED_PARAM,
                                        ConstElementPtr& msg,
234 235 236
                                        bool nonblock UNUSED_PARAM,
                                        int seq UNUSED_PARAM)
{
237 238 239 240
    if (!receive_ok_) {
        isc_throw(XfroutError, "mock session receive is disabled for test");
    }

241 242 243 244
    msg = msg_;
    return (true);
}

245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268
void
AuthSrvTest::MockXfroutClient::connect() {
    if (!connect_ok_) {
        isc_throw(XfroutError, "xfrout connection disabled for test");
    }
    is_connected_ = true;
}

void
AuthSrvTest::MockXfroutClient::disconnect() {
    if (!disconnect_ok_) {
        isc_throw(XfroutError,
                  "closing xfrout connection is disabled for test");
    }
    is_connected_ = false;
}

int
AuthSrvTest::MockXfroutClient::sendXfroutRequestInfo(
    const int tcp_sock UNUSED_PARAM,
    const void* msg_data UNUSED_PARAM,
    const uint16_t msg_len UNUSED_PARAM)
{
    if (!send_ok_) {
269
        isc_throw(XfroutError, "xfrout connection send is disabled for test");
270 271 272 273
    }
    return (0);
}

274

275 276 277 278 279 280 281 282 283 284 285 286
// These are flags to indicate whether the corresponding flag bit of the
// DNS header is to be set in the test cases.  (Note that the flag values
// is irrelevant to their wire-format values)
const unsigned int QR_FLAG = 0x1;
const unsigned int AA_FLAG = 0x2;
const unsigned int TC_FLAG = 0x4;
const unsigned int RD_FLAG = 0x8;
const unsigned int RA_FLAG = 0x10;
const unsigned int AD_FLAG = 0x20;
const unsigned int CD_FLAG = 0x40;

void
JINMEI Tatuya's avatar
JINMEI Tatuya committed
287 288 289
AuthSrvTest::createDataFromFile(const char* const datafile,
                                const int protocol = IPPROTO_UDP)
{
290
    delete io_message;
291 292
    data.clear();

293
    delete endpoint;
294

295 296
    endpoint = IOEndpoint::create(protocol,
                                  IOAddress(DEFAULT_REMOTE_ADDRESS), 5300);
297
    UnitTestUtil::readWireData(datafile, data);
298 299
    io_sock = new DummySocket(protocol);
    io_message = new IOMessage(&data[0], data.size(), *io_sock, *endpoint);
300 301
}

302
void
303 304 305 306
AuthSrvTest::createRequestMessage(const Opcode& opcode,
                                  const Name& request_name,
                                  const RRClass& rrclass,
                                  const RRType& rrtype)
307
{
308
    request_message.clear(Message::RENDER);
309
    request_message.setOpcode(opcode);
JINMEI Tatuya's avatar
JINMEI Tatuya committed
310
    request_message.setQid(default_qid);
311
    request_message.addQuestion(Question(request_name, rrclass, rrtype));
312 313 314 315 316 317 318 319 320 321 322 323 324 325
}

void
AuthSrvTest::createRequestPacket(const Opcode& opcode,
                                 const Name& request_name,
                                 const RRClass& rrclass, const RRType& rrtype,
                                 const int protocol = IPPROTO_UDP)
{
    createRequestMessage(opcode, request_name, rrclass, rrtype);
    createRequestPacket(protocol);
}

void
AuthSrvTest::createRequestPacket(const int protocol = IPPROTO_UDP) {
326 327 328
    request_message.toWire(request_renderer);

    delete io_message;
329 330
    delete io_sock;

331 332
    endpoint = IOEndpoint::create(protocol,
                                  IOAddress(DEFAULT_REMOTE_ADDRESS), 5300);
333
    io_sock = new DummySocket(protocol);
334 335
    io_message = new IOMessage(request_renderer.getData(),
                               request_renderer.getLength(),
336
                               *io_sock, *endpoint);
337 338
}

339 340 341 342 343 344 345 346 347 348
void
headerCheck(const Message& message, const qid_t qid, const Rcode& rcode,
            const uint16_t opcodeval, const unsigned int flags,
            const unsigned int qdcount,
            const unsigned int ancount, const unsigned int nscount,
            const unsigned int arcount)
{
    EXPECT_EQ(qid, message.getQid());
    EXPECT_EQ(rcode, message.getRcode());
    EXPECT_EQ(opcodeval, message.getOpcode().getCode());
349 350 351 352 353 354 355
    EXPECT_EQ((flags & QR_FLAG) != 0, message.getHeaderFlag(MessageFlag::QR()));
    EXPECT_EQ((flags & AA_FLAG) != 0, message.getHeaderFlag(MessageFlag::AA()));
    EXPECT_EQ((flags & TC_FLAG) != 0, message.getHeaderFlag(MessageFlag::TC()));
    EXPECT_EQ((flags & RA_FLAG) != 0, message.getHeaderFlag(MessageFlag::RA()));
    EXPECT_EQ((flags & RD_FLAG) != 0, message.getHeaderFlag(MessageFlag::RD()));
    EXPECT_EQ((flags & AD_FLAG) != 0, message.getHeaderFlag(MessageFlag::AD()));
    EXPECT_EQ((flags & CD_FLAG) != 0, message.getHeaderFlag(MessageFlag::CD()));
356 357 358 359 360 361 362 363 364

    EXPECT_EQ(qdcount, message.getRRCount(Section::QUESTION()));
    EXPECT_EQ(ancount, message.getRRCount(Section::ANSWER()));
    EXPECT_EQ(nscount, message.getRRCount(Section::AUTHORITY()));
    EXPECT_EQ(arcount, message.getRRCount(Section::ADDITIONAL()));
}

// Unsupported requests.  Should result in NOTIMP.
TEST_F(AuthSrvTest, unsupportedRequest) {
365
    for (unsigned int i = 0; i < 16; ++i) {
366
        // set Opcode to 'i', which iterators over all possible codes except
367 368 369
        // the standard query and notify
        if (i == Opcode::QUERY().getCode() ||
            i == Opcode::NOTIFY().getCode()) {
Han Feng's avatar
Han Feng committed
370
            continue;
371
        }
372
        createDataFromFile("simplequery_fromWire");
373 374
        data[2] = ((i << 3) & 0xff);

375 376 377 378 379
        parse_message->clear(Message::PARSE);
        server.processMessage(*io_message, parse_message, response_obuffer,
                              &task);
    EXPECT_TRUE(task.hasAnswer());
        headerCheck(*parse_message, default_qid, Rcode::NOTIMP(), i, QR_FLAG,
380 381
                    0, 0, 0, 0);
    }
382
}
383

384 385 386 387 388 389 390 391 392
// Simple API check
TEST_F(AuthSrvTest, verbose) {
    EXPECT_FALSE(server.getVerbose());
    server.setVerbose(true);
    EXPECT_TRUE(server.getVerbose());
    server.setVerbose(false);
    EXPECT_FALSE(server.getVerbose());
}

393 394
// Multiple questions.  Should result in FORMERR.
TEST_F(AuthSrvTest, multiQuestion) {
395
    createDataFromFile("multiquestion_fromWire");
396 397 398
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::FORMERR(), opcode.getCode(),
399 400
                QR_FLAG, 2, 0, 0, 0);

401
    QuestionIterator qit = parse_message->beginQuestion();
402 403 404 405 406 407 408 409
    EXPECT_EQ(Name("example.com"), (*qit)->getName());
    EXPECT_EQ(RRClass::IN(), (*qit)->getClass());
    EXPECT_EQ(RRType::A(), (*qit)->getType());
    ++qit;
    EXPECT_EQ(Name("example.com"), (*qit)->getName());
    EXPECT_EQ(RRClass::IN(), (*qit)->getClass());
    EXPECT_EQ(RRType::AAAA(), (*qit)->getType());
    ++qit;
410
    EXPECT_TRUE(qit == parse_message->endQuestion());
411 412
}

413 414 415
// Incoming data doesn't even contain the complete header.  Must be silently
// dropped.
TEST_F(AuthSrvTest, shortMessage) {
416
    createDataFromFile("shortmessage_fromWire");
417 418
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
419 420 421 422 423 424
}

// Response messages.  Must be silently dropped, whether it's a valid response
// or malformed or could otherwise cause a protocol error.
TEST_F(AuthSrvTest, response) {
    // A valid (although unusual) response
425
    createDataFromFile("simpleresponse_fromWire");
426 427
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
428 429 430

    // A response with a broken question section.  must be dropped rather than
    // returning FORMERR.
431
    createDataFromFile("shortresponse_fromWire");
432 433
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
434 435

    // A response to iquery.  must be dropped rather than returning NOTIMP.
436
    createDataFromFile("iqueryresponse_fromWire");
437 438
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
439 440 441 442
}

// Query with a broken question
TEST_F(AuthSrvTest, shortQuestion) {
443
    createDataFromFile("shortquestion_fromWire");
444 445
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
446 447
    // Since the query's question is broken, the question section of the
    // response should be empty.
448
    headerCheck(*parse_message, default_qid, Rcode::FORMERR(), opcode.getCode(),
449 450
                QR_FLAG, 0, 0, 0, 0);
}
451

452 453
// Query with a broken answer section
TEST_F(AuthSrvTest, shortAnswer) {
454
    createDataFromFile("shortanswer_fromWire");
455 456
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
457 458 459

    // This is a bogus query, but question section is valid.  So the response
    // should copy the question section.
460
    headerCheck(*parse_message, default_qid, Rcode::FORMERR(), opcode.getCode(),
461 462
                QR_FLAG, 1, 0, 0, 0);

463
    QuestionIterator qit = parse_message->beginQuestion();
464 465 466 467
    EXPECT_EQ(Name("example.com"), (*qit)->getName());
    EXPECT_EQ(RRClass::IN(), (*qit)->getClass());
    EXPECT_EQ(RRType::A(), (*qit)->getType());
    ++qit;
468
    EXPECT_TRUE(qit == parse_message->endQuestion());
469 470
}

471 472
// Query with unsupported version of EDNS.
TEST_F(AuthSrvTest, ednsBadVers) {
473
    createDataFromFile("queryBadEDNS_fromWire");
474 475
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
476 477 478 479

    // The response must have an EDNS OPT RR in the additional section.
    // Note that the DNSSEC DO bit is cleared even if this bit in the query
    // is set.  This is a limitation of the current implementation.
480
    headerCheck(*parse_message, default_qid, Rcode::BADVERS(), opcode.getCode(),
481
                QR_FLAG, 1, 0, 0, 1);
482 483
    EXPECT_EQ(4096, parse_message->getUDPSize());
    EXPECT_FALSE(parse_message->isDNSSECSupported());
484 485
}

JINMEI Tatuya's avatar
JINMEI Tatuya committed
486 487
TEST_F(AuthSrvTest, AXFROverUDP) {
    // AXFR over UDP is invalid and should result in FORMERR.
488 489
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_UDP);
490 491 492
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::FORMERR(), opcode.getCode(),
JINMEI Tatuya's avatar
JINMEI Tatuya committed
493 494 495
                QR_FLAG, 1, 0, 0, 0);
}

496 497
TEST_F(AuthSrvTest, AXFRSuccess) {
    EXPECT_FALSE(xfrout.isConnected());
498 499
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
500 501
    // On success, the AXFR query has been passed to a separate process,
    // so we shouldn't have to respond.
502 503
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
504
    EXPECT_FALSE(xfrout.isConnected());
505 506 507 508 509
}

TEST_F(AuthSrvTest, AXFRConnectFail) {
    EXPECT_FALSE(xfrout.isConnected()); // check prerequisite
    xfrout.disableConnect();
510 511
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
512 513 514
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::SERVFAIL(),
515
                opcode.getCode(), QR_FLAG, 1, 0, 0, 0);
516 517
    // For a shot term workaround with xfrout we currently close the connection
    // for each AXFR attempt
518 519 520 521 522 523
    EXPECT_FALSE(xfrout.isConnected());
}

TEST_F(AuthSrvTest, AXFRSendFail) {
    // first send a valid query, making the connection with the xfr process
    // open.
524 525
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
526
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
527
    EXPECT_FALSE(xfrout.isConnected()); // see above
528 529

    xfrout.disableSend();
530 531
    parse_message->clear(Message::PARSE);
    response_obuffer->clear();
532 533
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
534 535 536
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::SERVFAIL(),
537 538 539 540 541 542 543 544 545 546 547
                opcode.getCode(), QR_FLAG, 1, 0, 0, 0);

    // The connection should have been closed due to the send failure.
    EXPECT_FALSE(xfrout.isConnected());
}

TEST_F(AuthSrvTest, AXFRDisconnectFail) {
    // In our usage disconnect() shouldn't fail.  So we'll see the exception
    // should it be thrown.
    xfrout.disableSend();
    xfrout.disableDisconnect();
548 549
    createRequestPacket(opcode, Name("example.com"), RRClass::IN(),
                        RRType::AXFR(), IPPROTO_TCP);
550
    EXPECT_THROW(server.processMessage(*io_message, parse_message,
551
                                       response_obuffer, &task),
552 553 554 555 556 557 558
                 XfroutError);
    EXPECT_TRUE(xfrout.isConnected());
    // XXX: we need to re-enable disconnect.  otherwise an exception would be
    // thrown via the destructor of the server.
    xfrout.enableDisconnect();
}

559 560 561 562
TEST_F(AuthSrvTest, notify) {
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    request_message.setHeaderFlag(MessageFlag::AA());
563
    createRequestPacket(IPPROTO_UDP);
564 565
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
566 567 568

    // An internal command message should have been created and sent to an
    // external module.  Check them.
569
    EXPECT_EQ("Zonemgr", notify_session.msg_destination);
570 571
    EXPECT_EQ("notify",
              notify_session.sent_msg->get("command")->get(0)->stringValue());
572 573
    ConstElementPtr notify_args =
        notify_session.sent_msg->get("command")->get(1);
574 575 576
    EXPECT_EQ("example.com.", notify_args->get("zone_name")->stringValue());
    EXPECT_EQ(DEFAULT_REMOTE_ADDRESS,
              notify_args->get("master")->stringValue());
577
    EXPECT_EQ("IN", notify_args->get("zone_class")->stringValue());
578 579

    // On success, the server should return a response to the notify.
580
    headerCheck(*parse_message, default_qid, Rcode::NOERROR(),
581 582
                Opcode::NOTIFY().getCode(), QR_FLAG | AA_FLAG, 1, 0, 0, 0);

583
    // The question must be identical to that of the received notify
584
    ConstQuestionPtr question = *parse_message->beginQuestion();
585 586 587 588 589
    EXPECT_EQ(Name("example.com"), question->getName());
    EXPECT_EQ(RRClass::IN(), question->getClass());
    EXPECT_EQ(RRType::SOA(), question->getType());
}

590 591 592 593 594 595
TEST_F(AuthSrvTest, notifyForCHClass) {
    // Same as the previous test, but for the CH RRClass.
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::CH(),
                        RRType::SOA());
    request_message.setHeaderFlag(MessageFlag::AA());
    createRequestPacket(IPPROTO_UDP);
596 597
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
598 599 600

    // Other conditions should be the same, so simply confirm the RR class is
    // set correctly.
601 602
    ConstElementPtr notify_args =
        notify_session.sent_msg->get("command")->get(1);
603
    EXPECT_EQ("CH", notify_args->get("zone_class")->stringValue());
604 605
}

606 607 608 609 610 611 612
TEST_F(AuthSrvTest, notifyEmptyQuestion) {
    request_message.clear(Message::RENDER);
    request_message.setOpcode(Opcode::NOTIFY());
    request_message.setHeaderFlag(MessageFlag::AA());
    request_message.setQid(default_qid);
    request_message.toWire(request_renderer);
    createRequestPacket(IPPROTO_UDP);
613 614 615
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::FORMERR(),
616 617 618 619 620 621 622 623 624 625 626
                Opcode::NOTIFY().getCode(), QR_FLAG, 0, 0, 0, 0);
}

TEST_F(AuthSrvTest, notifyMultiQuestions) {
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    // add one more SOA question
    request_message.addQuestion(Question(Name("example.com"), RRClass::IN(),
                                         RRType::SOA()));
    request_message.setHeaderFlag(MessageFlag::AA());
    createRequestPacket(IPPROTO_UDP);
627 628 629
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::FORMERR(),
630 631 632 633 634 635 636 637
                Opcode::NOTIFY().getCode(), QR_FLAG, 2, 0, 0, 0);
}

TEST_F(AuthSrvTest, notifyNonSOAQuestion) {
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::NS());
    request_message.setHeaderFlag(MessageFlag::AA());
    createRequestPacket(IPPROTO_UDP);
638 639 640
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::FORMERR(),
641 642 643 644 645 646 647
                Opcode::NOTIFY().getCode(), QR_FLAG, 1, 0, 0, 0);
}

TEST_F(AuthSrvTest, notifyWithoutAA) {
    // implicitly leave the AA bit off.  our implementation will accept it.
    createRequestPacket(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
648 649 650
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::NOERROR(),
651 652 653 654 655 656 657 658 659
                Opcode::NOTIFY().getCode(), QR_FLAG | AA_FLAG, 1, 0, 0, 0);
}

TEST_F(AuthSrvTest, notifyWithErrorRcode) {
    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    request_message.setHeaderFlag(MessageFlag::AA());
    request_message.setRcode(Rcode::SERVFAIL());
    createRequestPacket(IPPROTO_UDP);
660 661 662
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::NOERROR(),
663
                Opcode::NOTIFY().getCode(), QR_FLAG | AA_FLAG, 1, 0, 0, 0);
Han Feng's avatar
Han Feng committed
664 665
}

666
TEST_F(AuthSrvTest, notifyWithoutSession) {
667
    server.setXfrinSession(NULL);
668 669 670 671 672 673 674 675

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    request_message.setHeaderFlag(MessageFlag::AA());
    createRequestPacket(IPPROTO_UDP);

    // we simply ignore the notify and let it be resent if an internal error
    // happens.
676 677
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
678 679 680 681 682 683 684 685 686
}

TEST_F(AuthSrvTest, notifySendFail) {
    notify_session.disableSend();

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    request_message.setHeaderFlag(MessageFlag::AA());
    createRequestPacket(IPPROTO_UDP);
687

688 689
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
690 691 692 693 694 695 696 697 698
}

TEST_F(AuthSrvTest, notifyReceiveFail) {
    notify_session.disableReceive();

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    request_message.setHeaderFlag(MessageFlag::AA());
    createRequestPacket(IPPROTO_UDP);
699 700
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
701 702 703
}

TEST_F(AuthSrvTest, notifyWithBogusSessionMessage) {
704
    notify_session.setMessage(Element::fromJSON("{\"foo\": 1}"));
705 706 707 708 709

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    request_message.setHeaderFlag(MessageFlag::AA());
    createRequestPacket(IPPROTO_UDP);
710 711
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
712 713 714 715
}

TEST_F(AuthSrvTest, notifyWithSessionMessageError) {
    notify_session.setMessage(
716
        Element::fromJSON("{\"result\": [1, \"FAIL\"]}"));
717 718 719 720 721

    createRequestMessage(Opcode::NOTIFY(), Name("example.com"), RRClass::IN(),
                        RRType::SOA());
    request_message.setHeaderFlag(MessageFlag::AA());
    createRequestPacket(IPPROTO_UDP);
722 723
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_FALSE(task.hasAnswer());
724 725
}

726
void
727 728 729
updateConfig(AuthSrv* server, const char* const dbfile,
             const bool expect_success)
{
730
    ConstElementPtr config_answer =
731
        server->updateConfig(Element::fromJSON(dbfile));
732 733 734
    EXPECT_EQ(Element::map, config_answer->getType());
    EXPECT_TRUE(config_answer->contains("result"));

735
    ConstElementPtr result = config_answer->get("result");
736
    EXPECT_EQ(Element::list, result->getType());
737
    EXPECT_EQ(expect_success ? 0 : 1, result->get(0)->intValue());
738 739 740 741
}

// Install a Sqlite3 data source with testing data.
TEST_F(AuthSrvTest, updateConfig) {
742
    updateConfig(&server, CONFIG_TESTDB, true);
743 744 745 746

    // query for existent data in the installed data source.  The resulting
    // response should have the AA flag on, and have an RR in each answer
    // and authority section.
747
    createDataFromFile("examplequery_fromWire");
748 749 750
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::NOERROR(), opcode.getCode(),
751 752 753 754
                QR_FLAG | AA_FLAG, 1, 1, 1, 0);
}

TEST_F(AuthSrvTest, datasourceFail) {
755
    updateConfig(&server, CONFIG_TESTDB, true);
756 757 758 759 760

    // This query will hit a corrupted entry of the data source (the zoneload
    // tool and the data source itself naively accept it).  This will result
    // in a SERVFAIL response, and the answer and authority sections should
    // be empty.
761
    createDataFromFile("badExampleQuery_fromWire");
762 763 764
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::SERVFAIL(),
765
                opcode.getCode(), QR_FLAG, 1, 0, 0, 0);
766
}
767 768 769 770 771 772 773 774 775

TEST_F(AuthSrvTest, updateConfigFail) {
    // First, load a valid data source.
    updateConfig(&server, CONFIG_TESTDB, true);

    // Next, try to update it with a non-existent one.  This should fail.
    updateConfig(&server, BADCONFIG_TESTDB, false);

    // The original data source should still exist.
776
    createDataFromFile("examplequery_fromWire");
777 778 779
    server.processMessage(*io_message, parse_message, response_obuffer, &task);
    EXPECT_TRUE(task.hasAnswer());
    headerCheck(*parse_message, default_qid, Rcode::NOERROR(), opcode.getCode(),
780 781
                QR_FLAG | AA_FLAG, 1, 1, 1, 0);
}
782
}