d2_cfg_mgr_unittests.cc 49.5 KB
Newer Older
1
// Copyright (C) 2013-2014 Internet Systems Consortium, Inc. ("ISC")
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.

#include <config/module_spec.h>
#include <d2/d2_config.h>
#include <d2/d2_cfg_mgr.h>
#include <d_test_stubs.h>
19
#include <test_data_files_config.h>
20
#include <util/encode/base64.h>
21 22 23 24 25 26 27 28 29 30

#include <boost/foreach.hpp>
#include <gtest/gtest.h>

using namespace std;
using namespace isc;
using namespace isc::d2;

namespace {

31 32 33 34
std::string specfile(const std::string& name) {
    return (std::string(D2_SRC_DIR) + "/" + name);
}

35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56
/// @brief Test fixture class for testing D2CfgMgr class.
/// It maintains an member instance of D2CfgMgr and provides methods for
/// converting JSON strings to configuration element sets, checking parse
/// results, and accessing the configuration context.
class D2CfgMgrTest : public ConfigParseTest {
public:

    /// @brief Constructor
    D2CfgMgrTest():cfg_mgr_(new D2CfgMgr) {
    }

    /// @brief Destructor
    ~D2CfgMgrTest() {
    }

    /// @brief Configuration manager instance.
    D2CfgMgrPtr cfg_mgr_;
};

/// @brief Tests that the spec file is valid.
/// Verifies that the BIND10 DHCP-DDNS configuration specification file
//  is valid.
57
TEST(D2SpecTest, basicSpec) {
58 59
    ASSERT_NO_THROW(isc::config::
                    moduleSpecFromFile(specfile("dhcp-ddns.spec")));
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81
}

/// @brief Convenience function which compares the contents of the given
/// DnsServerInfo against the given set of values.
///
/// It is structured in such a way that each value is checked, and output
/// is generate for all that do not match.
///
/// @param server is a pointer to the server to check against.
/// @param hostname is the value to compare against server's hostname_.
/// @param ip_address is the string value to compare against server's
/// ip_address_.
/// @param port is the value to compare against server's port.
///
/// @return returns true if there is a match across the board, otherwise it
/// returns false.
bool checkServer(DnsServerInfoPtr server, const char* hostname,
                 const char *ip_address, uint32_t port)
{
    // Return value, assume its a match.
    bool result = true;

82
    if (!server) {
83 84 85 86 87 88
        EXPECT_TRUE(server);
        return false;
    }

    // Check hostname.
    if (server->getHostname() != hostname) {
89
        EXPECT_EQ(hostname, server->getHostname());
90 91 92 93 94
        result = false;
    }

    // Check IP address.
    if (server->getIpAddress().toText() != ip_address) {
95
        EXPECT_EQ(ip_address, server->getIpAddress().toText());
96 97 98 99 100
        result = false;
    }

    // Check port.
    if (server->getPort() !=  port) {
101
        EXPECT_EQ (port, server->getPort());
102 103 104 105 106 107
        result = false;
    }

    return (result);
}

108 109 110 111 112 113 114 115 116 117 118 119 120
/// @brief Convenience function which compares the contents of the given
/// TSIGKeyInfo against the given set of values.
///
/// It is structured in such a way that each value is checked, and output
/// is generate for all that do not match.
///
/// @param key is a pointer to the key to check against.
/// @param name is the value to compare against key's name_.
/// @param algorithm is the string value to compare against key's algorithm.
/// @param secret is the value to compare against key's secret.
///
/// @return returns true if there is a match across the board, otherwise it
/// returns false.
121 122
bool checkKey(TSIGKeyInfoPtr key, const std::string& name,
                 const std::string& algorithm, const std::string& secret)
123 124 125
{
    // Return value, assume its a match.
    bool result = true;
126
    if (!key) {
127 128 129 130 131 132
        EXPECT_TRUE(key);
        return false;
    }

    // Check name.
    if (key->getName() != name) {
133
        EXPECT_EQ(name, key->getName());
134 135 136
        result = false;
    }

137
    // Check algorithm.
138
    if (key->getAlgorithm() != algorithm) {
139
        EXPECT_EQ(algorithm, key->getAlgorithm());
140 141 142 143 144
        result = false;
    }

    // Check secret.
    if (key->getSecret() !=  secret) {
145
        EXPECT_EQ (secret, key->getSecret());
146 147 148
        result = false;
    }

149 150 151 152 153
    if (!key->getTSIGKey()) {
        EXPECT_TRUE (key->getTSIGKey());
        return false;
    }

154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183
    return (result);
}

/// @brief Test fixture class for testing DnsServerInfo parsing.
class TSIGKeyInfoTest : public ConfigParseTest {
public:

    /// @brief Constructor
    TSIGKeyInfoTest() {
        reset();
    }

    /// @brief Destructor
    ~TSIGKeyInfoTest() {
    }

    /// @brief Wipe out the current storage and parser and replace
    /// them with new ones.
    void reset() {
        keys_.reset(new TSIGKeyInfoMap());
        parser_.reset(new TSIGKeyInfoParser("test", keys_));
    }

    /// @brief Storage for "committing" keys.
    TSIGKeyInfoMapPtr keys_;

    /// @brief Pointer to the current parser instance.
    isc::dhcp::ParserPtr parser_;
};

184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210
/// @brief Test fixture class for testing DnsServerInfo parsing.
class DnsServerInfoTest : public ConfigParseTest {
public:

    /// @brief Constructor
    DnsServerInfoTest() {
        reset();
    }

    /// @brief Destructor
    ~DnsServerInfoTest() {
    }

    /// @brief Wipe out the current storage and parser and replace
    /// them with new ones.
    void reset() {
        servers_.reset(new DnsServerInfoStorage());
        parser_.reset(new DnsServerInfoParser("test", servers_));
    }

    /// @brief Storage for "committing" servers.
    DnsServerInfoStoragePtr servers_;

    /// @brief Pointer to the current parser instance.
    isc::dhcp::ParserPtr parser_;
};

211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240

/// @brief Test fixture class for testing DDnsDomain parsing.
class DdnsDomainTest : public ConfigParseTest {
public:

    /// @brief Constructor
    DdnsDomainTest() {
        reset();
    }

    /// @brief Destructor
    ~DdnsDomainTest() {
    }

    /// @brief Wipe out the current storage and parser and replace
    /// them with new ones.
    void reset() {
        keys_.reset(new TSIGKeyInfoMap());
        domains_.reset(new DdnsDomainMap());
        parser_.reset(new DdnsDomainParser("test", domains_, keys_));
    }

    /// @brief Add TSIGKeyInfos to the key map
    ///
    /// @param name the name of the key
    /// @param algorithm the algorithm of the key
    /// @param secret the secret value of the key
    void addKey(const std::string& name, const std::string& algorithm,
                const std::string& secret) {
        TSIGKeyInfoPtr key_info(new TSIGKeyInfo(name, algorithm, secret));
241
        (*keys_)[name]=key_info;
242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257
    }

    /// @brief Storage for "committing" domains.
    DdnsDomainMapPtr domains_;

    /// @brief Storage for TSIGKeys
    TSIGKeyInfoMapPtr keys_;

    /// @brief Pointer to the current parser instance.
    isc::dhcp::ParserPtr parser_;
};

/// @brief Tests the enforcement of data validation when parsing TSIGKeyInfos.
/// It verifies that:
/// 1. Name cannot be blank.
/// 2. Algorithm cannot be blank.
258
/// 3. Secret cannot be blank.
259
TEST_F(TSIGKeyInfoTest, invalidEntry) {
260 261 262
    // Config with a blank name entry.
    std::string config = "{"
                         " \"name\": \"\" , "
263
                         " \"algorithm\": \"HMAC-MD5\" , "
264
                         "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
265
                         "}";
266
    ASSERT_TRUE(fromJSON(config));
267

268 269
    // Verify that build fails on blank name.
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
270 271 272 273 274

    // Config with a blank algorithm entry.
    config = "{"
                         " \"name\": \"d2_key_one\" , "
                         " \"algorithm\": \"\" , "
275
                         "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
276 277
                         "}";

278
    ASSERT_TRUE(fromJSON(config));
279

280 281
    // Verify that build fails on blank algorithm.
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
282

283 284 285 286
    // Config with an invalid algorithm entry.
    config = "{"
                         " \"name\": \"d2_key_one\" , "
                         " \"algorithm\": \"bogus\" , "
287
                         "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
288 289 290 291 292 293 294
                         "}";

    ASSERT_TRUE(fromJSON(config));

    // Verify that build fails on blank algorithm.
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);

295 296 297
    // Config with a blank secret entry.
    config = "{"
                         " \"name\": \"d2_key_one\" , "
298
                         " \"algorithm\": \"HMAC-MD5\" , "
299 300 301
                         " \"secret\": \"\" "
                         "}";

302
    ASSERT_TRUE(fromJSON(config));
303

304 305
    // Verify that build fails blank secret
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
306 307 308 309

    // Config with an invalid secret entry.
    config = "{"
                         " \"name\": \"d2_key_one\" , "
310
                         " \"algorithm\": \"HMAC-MD5\" , "
311 312 313 314 315 316 317
                         " \"secret\": \"bogus\" "
                         "}";

    ASSERT_TRUE(fromJSON(config));

    // Verify that build fails an invalid secret
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
318 319 320 321
}

/// @brief Verifies that TSIGKeyInfo parsing creates a proper TSIGKeyInfo
/// when given a valid combination of entries.
322
TEST_F(TSIGKeyInfoTest, validEntry) {
323 324 325
    // Valid entries for TSIG key, all items are required.
    std::string config = "{"
                         " \"name\": \"d2_key_one\" , "
326
                         " \"algorithm\": \"HMAC-MD5\" , "
327
                         " \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
328
                         "}";
329
    ASSERT_TRUE(fromJSON(config));
330 331

    // Verify that it builds and commits without throwing.
332 333
    //ASSERT_NO_THROW(parser_->build(config_set_));
    (parser_->build(config_set_));
334 335 336 337
    ASSERT_NO_THROW(parser_->commit());

    // Verify the correct number of keys are present
    int count =  keys_->size();
338
    EXPECT_EQ(1, count);
339 340 341 342 343 344 345

    // Find the key and retrieve it.
    TSIGKeyInfoMap::iterator gotit = keys_->find("d2_key_one");
    ASSERT_TRUE(gotit != keys_->end());
    TSIGKeyInfoPtr& key = gotit->second;

    // Verify the key contents.
346
    EXPECT_TRUE(checkKey(key, "d2_key_one", "HMAC-MD5",
347
                         "dGhpcyBrZXkgd2lsbCBtYXRjaA=="));
348 349 350 351 352 353 354 355 356
}

/// @brief Verifies that attempting to parse an invalid list of TSIGKeyInfo
/// entries is detected.
TEST_F(TSIGKeyInfoTest, invalidTSIGKeyList) {
    // Construct a list of keys with an invalid key entry.
    std::string config = "["

                         " { \"name\": \"key1\" , "
357
                         "   \"algorithm\": \"HMAC-MD5\" ,"
358
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
359
                         " },"
360
                         // this entry has an invalid algorithm
361 362
                         " { \"name\": \"key2\" , "
                         "   \"algorithm\": \"\" ,"
363
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
364 365
                         " },"
                         " { \"name\": \"key3\" , "
366
                         "   \"algorithm\": \"HMAC-MD5\" ,"
367
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
368 369 370
                         " }"
                         " ]";

371
    ASSERT_TRUE(fromJSON(config));
372 373 374 375 376 377

    // Create the list parser.
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new TSIGKeyInfoListParser("test", keys_)));

    // Verify that the list builds without errors.
378
    EXPECT_THROW(parser->build(config_set_), D2CfgError);
379 380 381 382 383 384 385 386 387
}

/// @brief Verifies that attempting to parse an invalid list of TSIGKeyInfo
/// entries is detected.
TEST_F(TSIGKeyInfoTest, duplicateTSIGKey) {
    // Construct a list of keys with an invalid key entry.
    std::string config = "["

                         " { \"name\": \"key1\" , "
388
                         "   \"algorithm\": \"HMAC-MD5\" ,"
389
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
390 391
                         " },"
                         " { \"name\": \"key2\" , "
392
                         "   \"algorithm\": \"HMAC-MD5\" ,"
393
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
394 395
                         " },"
                         " { \"name\": \"key1\" , "
396
                         "   \"algorithm\": \"HMAC-MD5\" ,"
397
                         "   \"secret\": \"GWG/Xfbju4O2iXGqkSu4PQ==\" "
398 399 400
                         " }"
                         " ]";

401
    ASSERT_TRUE(fromJSON(config));
402 403 404 405 406 407

    // Create the list parser.
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new TSIGKeyInfoListParser("test", keys_)));

    // Verify that the list builds without errors.
408
    EXPECT_THROW(parser->build(config_set_), D2CfgError);
409 410 411
}

/// @brief Verifies a valid list of TSIG Keys parses correctly.
412
/// Also verifies that all of the supported algorithm names work.
413
TEST_F(TSIGKeyInfoTest, validTSIGKeyList) {
414
    // Construct a valid list of keys.
415 416 417
    std::string config = "["

                         " { \"name\": \"key1\" , "
418
                         "   \"algorithm\": \"HMAC-MD5\" ,"
419
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
420 421
                         " },"
                         " { \"name\": \"key2\" , "
422
                         "   \"algorithm\": \"HMAC-SHA1\" ,"
423
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
424 425
                         " },"
                         " { \"name\": \"key3\" , "
426
                         "   \"algorithm\": \"HMAC-SHA256\" ,"
427
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
428 429
                         " },"
                         " { \"name\": \"key4\" , "
430
                         "   \"algorithm\": \"HMAC-SHA224\" ,"
431
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
432 433
                         " },"
                         " { \"name\": \"key5\" , "
434
                         "   \"algorithm\": \"HMAC-SHA384\" ,"
435
                         "  \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
436 437
                         " },"
                         " { \"name\": \"key6\" , "
438
                         "   \"algorithm\": \"HMAC-SHA512\" ,"
439
                         "   \"secret\": \"dGhpcyBrZXkgd2lsbCBtYXRjaA==\" "
440 441 442
                         " }"
                         " ]";

443
    ASSERT_TRUE(fromJSON(config));
444 445 446 447 448 449 450 451

    // Verify that the list builds and commits without errors.
    // Create the list parser.
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new TSIGKeyInfoListParser("test", keys_)));
    ASSERT_NO_THROW(parser->build(config_set_));
    ASSERT_NO_THROW(parser->commit());

452
    std::string ref_secret = "dGhpcyBrZXkgd2lsbCBtYXRjaA==";
453 454
    // Verify the correct number of keys are present
    int count =  keys_->size();
455
    ASSERT_EQ(6, count);
456 457 458 459 460 461 462

    // Find the 1st key and retrieve it.
    TSIGKeyInfoMap::iterator gotit = keys_->find("key1");
    ASSERT_TRUE(gotit != keys_->end());
    TSIGKeyInfoPtr& key = gotit->second;

    // Verify the key contents.
463
    EXPECT_TRUE(checkKey(key, "key1", TSIGKeyInfo::HMAC_MD5_STR, ref_secret));
464 465 466 467 468 469 470

    // Find the 2nd key and retrieve it.
    gotit = keys_->find("key2");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
471
    EXPECT_TRUE(checkKey(key, "key2", TSIGKeyInfo::HMAC_SHA1_STR, ref_secret));
472 473 474 475 476 477 478

    // Find the 3rd key and retrieve it.
    gotit = keys_->find("key3");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
479 480
    EXPECT_TRUE(checkKey(key, "key3", TSIGKeyInfo::HMAC_SHA256_STR,
                         ref_secret));
481 482 483 484 485 486 487

    // Find the 4th key and retrieve it.
    gotit = keys_->find("key4");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
488 489
    EXPECT_TRUE(checkKey(key, "key4", TSIGKeyInfo::HMAC_SHA224_STR,
                         ref_secret));
490 491 492 493 494 495 496

    // Find the 5th key and retrieve it.
    gotit = keys_->find("key5");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
497 498
    EXPECT_TRUE(checkKey(key, "key5", TSIGKeyInfo::HMAC_SHA384_STR,
                         ref_secret));
499 500 501 502 503 504 505

    // Find the 6th key and retrieve it.
    gotit = keys_->find("key6");
    ASSERT_TRUE(gotit != keys_->end());
    key = gotit->second;

    // Verify the key contents.
506 507
    EXPECT_TRUE(checkKey(key, "key6", TSIGKeyInfo::HMAC_SHA512_STR,
                         ref_secret));
508 509
}

510 511 512 513 514
/// @brief Tests the enforcement of data validation when parsing DnsServerInfos.
/// It verifies that:
/// 1. Specifying both a hostname and an ip address is not allowed.
/// 2. Specifying both blank a hostname and blank ip address is not allowed.
/// 3. Specifying a negative port number is not allowed.
515
TEST_F(DnsServerInfoTest, invalidEntry) {
516
    // Create a config in which both host and ip address are supplied.
517
    // Verify that build fails.
518 519
    std::string config = "{ \"hostname\": \"pegasus.tmark\", "
                         "  \"ip_address\": \"127.0.0.1\" } ";
520
    ASSERT_TRUE(fromJSON(config));
521
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
522 523

    // Neither host nor ip address supplied
524
    // Verify that builds fails.
525 526
    config = "{ \"hostname\": \"\", "
             "  \"ip_address\": \"\" } ";
527
    ASSERT_TRUE(fromJSON(config));
528
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
529 530 531 532 533

    // Create a config with a negative port number.
    // Verify that build fails.
    config = "{ \"ip_address\": \"192.168.5.6\" ,"
             "  \"port\": -100 }";
534
    ASSERT_TRUE(fromJSON(config));
535 536 537
    EXPECT_THROW (parser_->build(config_set_), isc::BadValue);
}

538

539 540 541 542 543 544
/// @brief Verifies that DnsServerInfo parsing creates a proper DnsServerInfo
/// when given a valid combination of entries.
/// It verifies that:
/// 1. A DnsServerInfo entry is correctly made, when given only a hostname.
/// 2. A DnsServerInfo entry is correctly made, when given ip address and port.
/// 3. A DnsServerInfo entry is correctly made, when given only an ip address.
545
TEST_F(DnsServerInfoTest, validEntry) {
546 547
    // Valid entries for dynamic host
    std::string config = "{ \"hostname\": \"pegasus.tmark\" }";
548
    ASSERT_TRUE(fromJSON(config));
549 550 551 552 553 554 555

    // Verify that it builds and commits without throwing.
    ASSERT_NO_THROW(parser_->build(config_set_));
    ASSERT_NO_THROW(parser_->commit());

    // Verify the correct number of servers are present
    int count =  servers_->size();
556
    EXPECT_EQ(1, count);
557 558 559 560

    // Verify the server exists and has the correct values.
    DnsServerInfoPtr server = (*servers_)[0];
    EXPECT_TRUE(checkServer(server, "pegasus.tmark",
561 562
                            DnsServerInfo::EMPTY_IP_STR,
                            DnsServerInfo::STANDARD_DNS_PORT));
563 564 565 566 567 568 569

    // Start over for a new test.
    reset();

    // Valid entries for static ip
    config = " { \"ip_address\": \"127.0.0.1\" , "
             "  \"port\": 100 }";
570
    ASSERT_TRUE(fromJSON(config));
571 572 573 574 575 576 577

    // Verify that it builds and commits without throwing.
    ASSERT_NO_THROW(parser_->build(config_set_));
    ASSERT_NO_THROW(parser_->commit());

    // Verify the correct number of servers are present
    count =  servers_->size();
578
    EXPECT_EQ(1, count);
579 580 581 582 583 584 585 586 587 588

    // Verify the server exists and has the correct values.
    server = (*servers_)[0];
    EXPECT_TRUE(checkServer(server, "", "127.0.0.1", 100));

    // Start over for a new test.
    reset();

    // Valid entries for static ip, no port
    config = " { \"ip_address\": \"192.168.2.5\" }";
589
    ASSERT_TRUE(fromJSON(config));
590 591 592 593 594 595 596

    // Verify that it builds and commits without throwing.
    ASSERT_NO_THROW(parser_->build(config_set_));
    ASSERT_NO_THROW(parser_->commit());

    // Verify the correct number of servers are present
    count =  servers_->size();
597
    EXPECT_EQ(1, count);
598 599 600 601

    // Verify the server exists and has the correct values.
    server = (*servers_)[0];
    EXPECT_TRUE(checkServer(server, "", "192.168.2.5",
602
                            DnsServerInfo::STANDARD_DNS_PORT));
603 604 605 606 607 608 609 610 611
}

/// @brief Verifies that attempting to parse an invalid list of DnsServerInfo
/// entries is detected.
TEST_F(ConfigParseTest, invalidServerList) {
    // Construct a list of servers with an invalid server entry.
    std::string config = "[ { \"hostname\": \"one.tmark\" }, "
                        "{ \"hostname\": \"\" }, "
                        "{ \"hostname\": \"three.tmark\" } ]";
612
    ASSERT_TRUE(fromJSON(config));
613 614 615 616 617 618

    // Create the server storage and list parser.
    DnsServerInfoStoragePtr servers(new DnsServerInfoStorage());
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new DnsServerInfoListParser("test", servers)));

619 620
    // Verify that build fails.
    EXPECT_THROW(parser->build(config_set_), D2CfgError);
621 622 623 624 625 626 627 628 629
}

/// @brief Verifies that a list of DnsServerInfo entries parses correctly given
/// a valid configuration.
TEST_F(ConfigParseTest, validServerList) {
    // Create a valid list of servers.
    std::string config = "[ { \"hostname\": \"one.tmark\" }, "
                        "{ \"hostname\": \"two.tmark\" }, "
                        "{ \"hostname\": \"three.tmark\" } ]";
630
    ASSERT_TRUE(fromJSON(config));
631 632 633 634 635 636 637 638 639 640 641 642

    // Create the server storage and list parser.
    DnsServerInfoStoragePtr servers(new DnsServerInfoStorage());
    isc::dhcp::ParserPtr parser;
    ASSERT_NO_THROW(parser.reset(new DnsServerInfoListParser("test", servers)));

    // Verfiy that the list builds and commits without error.
    ASSERT_NO_THROW(parser->build(config_set_));
    ASSERT_NO_THROW(parser->commit());

    // Verify that the server storage contains the correct number of servers.
    int count =  servers->size();
643
    EXPECT_EQ(3, count);
644 645 646

    // Verify the first server exists and has the correct values.
    DnsServerInfoPtr server = (*servers)[0];
647 648
    EXPECT_TRUE(checkServer(server, "one.tmark", DnsServerInfo::EMPTY_IP_STR,
                            DnsServerInfo::STANDARD_DNS_PORT));
649 650 651

    // Verify the second server exists and has the correct values.
    server = (*servers)[1];
652 653
    EXPECT_TRUE(checkServer(server, "two.tmark", DnsServerInfo::EMPTY_IP_STR,
                            DnsServerInfo::STANDARD_DNS_PORT));
654 655 656

    // Verify the third server exists and has the correct values.
    server = (*servers)[2];
657 658
    EXPECT_TRUE(checkServer(server, "three.tmark", DnsServerInfo::EMPTY_IP_STR,
                            DnsServerInfo::STANDARD_DNS_PORT));
659 660 661 662 663 664 665 666
}

/// @brief Tests the enforcement of data validation when parsing DdnsDomains.
/// It verifies that:
/// 1. Domain storage cannot be null when constructing a DdnsDomainParser.
/// 2. The name entry is not optional.
/// 3. The server list man not be empty.
/// 4. That a mal-formed server entry is detected.
667 668
/// 5. That an undefined key name is detected.
TEST_F(DdnsDomainTest, invalidDdnsDomainEntry) {
669
    // Verify that attempting to construct the parser with null storage fails.
670 671 672
    DdnsDomainMapPtr domains;
    ASSERT_THROW(isc::dhcp::ParserPtr(
                 new DdnsDomainParser("test", domains, keys_)), D2CfgError);
673 674 675 676 677 678 679 680 681 682

    // Create a domain configuration without a name
    std::string config = "{  \"key_name\": \"d2_key.tmark.org\" , "
                         "  \"dns_servers\" : [ "
                         "  {  \"ip_address\": \"127.0.0.1\" , "
                         "    \"port\": 100 },"
                         "  { \"ip_address\": \"127.0.0.2\" , "
                         "    \"port\": 200 },"
                         "  {  \"ip_address\": \"127.0.0.3\" , "
                         "    \"port\": 300 } ] } ";
683
    ASSERT_TRUE(fromJSON(config));
684

685 686
    // Verify that the domain configuration builds fails.
    EXPECT_THROW(parser_->build(config_set_), isc::dhcp::DhcpConfigError);
687 688 689 690 691 692

    // Create a domain configuration with an empty server list.
    config = "{ \"name\": \"tmark.org\" , "
             "  \"key_name\": \"d2_key.tmark.org\" , "
             "  \"dns_servers\" : [ "
             "   ] } ";
693
    ASSERT_TRUE(fromJSON(config));
694 695

    // Verify that the domain configuration build fails.
696
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
697 698 699 700 701 702 703

    // Create a domain configuration with a mal-formed server entry.
    config = "{ \"name\": \"tmark.org\" , "
             "  \"key_name\": \"d2_key.tmark.org\" , "
             "  \"dns_servers\" : [ "
             "  {  \"ip_address\": \"127.0.0.3\" , "
             "    \"port\": -1 } ] } ";
704
    ASSERT_TRUE(fromJSON(config));
705 706

    // Verify that the domain configuration build fails.
707
    EXPECT_THROW(parser_->build(config_set_), isc::BadValue);
708

709 710 711 712 713 714
    // Create a domain configuration without an defined key name
    config = "{ \"name\": \"tmark.org\" , "
             "  \"key_name\": \"d2_key.tmark.org\" , "
             "  \"dns_servers\" : [ "
             "  {  \"ip_address\": \"127.0.0.3\" , "
             "    \"port\": 300 } ] } ";
715
    ASSERT_TRUE(fromJSON(config));
716

717 718
    // Verify that the domain configuration build fails.
    EXPECT_THROW(parser_->build(config_set_), D2CfgError);
719
}
720 721 722 723 724 725

/// @brief Verifies the basics of parsing DdnsDomains.
/// It verifies that:
/// 1. Valid construction of DdnsDomainParser functions.
/// 2. Given a valid, configuration entry, DdnsDomainParser parses
/// correctly.
726 727
/// (It indirectly verifies the operation of DdnsDomainMap).
TEST_F(DdnsDomainTest, ddnsDomainParsing) {
728 729 730 731 732 733 734 735 736 737 738 739
    // Create a valid domain configuration entry containing three valid
    // servers.
    std::string config =
                        "{ \"name\": \"tmark.org\" , "
                        "  \"key_name\": \"d2_key.tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  {  \"ip_address\": \"127.0.0.1\" , "
                        "    \"port\": 100 },"
                        "  { \"ip_address\": \"127.0.0.2\" , "
                        "    \"port\": 200 },"
                        "  {  \"ip_address\": \"127.0.0.3\" , "
                        "    \"port\": 300 } ] } ";
740
    ASSERT_TRUE(fromJSON(config));
741

742
    // Add a TSIG key to the test key map, so key validation will pass.
743
    addKey("d2_key.tmark.org", "HMAC-MD5", "GWG/Xfbju4O2iXGqkSu4PQ==");
744 745

    // Verify that the domain configuration builds and commits without error.
746 747
    ASSERT_NO_THROW(parser_->build(config_set_));
    ASSERT_NO_THROW(parser_->commit());
748 749

    // Verify that the domain storage contains the correct number of domains.
750
    int count =  domains_->size();
751
    EXPECT_EQ(1, count);
752 753 754

    // Verify that the expected domain exists and can be retrieved from
    // the storage.
755 756
    DdnsDomainMap::iterator gotit = domains_->find("tmark.org");
    ASSERT_TRUE(gotit != domains_->end());
757 758 759
    DdnsDomainPtr& domain = gotit->second;

    // Verify the name and key_name values.
760 761
    EXPECT_EQ("tmark.org", domain->getName());
    EXPECT_EQ("d2_key.tmark.org", domain->getKeyName());
762 763
    ASSERT_TRUE(domain->getTSIGKeyInfo());
    ASSERT_TRUE(domain->getTSIGKeyInfo()->getTSIGKey());
764 765 766 767 768 769

    // Verify that the server list exists and contains the correct number of
    // servers.
    const DnsServerInfoStoragePtr& servers = domain->getServers();
    EXPECT_TRUE(servers);
    count =  servers->size();
770
    EXPECT_EQ(3, count);
771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791

    // Fetch each server and verify its contents.
    DnsServerInfoPtr server = (*servers)[0];
    EXPECT_TRUE(server);

    EXPECT_TRUE(checkServer(server, "", "127.0.0.1", 100));

    server = (*servers)[1];
    EXPECT_TRUE(server);

    EXPECT_TRUE(checkServer(server, "", "127.0.0.2", 200));

    server = (*servers)[2];
    EXPECT_TRUE(server);

    EXPECT_TRUE(checkServer(server, "", "127.0.0.3", 300));
}

/// @brief Tests the fundamentals of parsing DdnsDomain lists.
/// This test verifies that given a valid domain list configuration
/// it will accurately parse and populate each domain in the list.
792
TEST_F(DdnsDomainTest, DdnsDomainListParsing) {
793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817
    // Create a valid domain list configuration, with two domains
    // that have three servers each.
    std::string config =
                        "[ "
                        "{ \"name\": \"tmark.org\" , "
                        "  \"key_name\": \"d2_key.tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"ip_address\": \"127.0.0.1\" , "
                        "    \"port\": 100 },"
                        "  { \"ip_address\": \"127.0.0.2\" , "
                        "    \"port\": 200 },"
                        "  { \"ip_address\": \"127.0.0.3\" , "
                        "    \"port\": 300 } ] } "
                        ", "
                        "{ \"name\": \"billcat.net\" , "
                        "  \"key_name\": \"d2_key.billcat.net\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"ip_address\": \"127.0.0.4\" , "
                        "    \"port\": 400 },"
                        "  { \"ip_address\": \"127.0.0.5\" , "
                        "    \"port\": 500 },"
                        "  { \"ip_address\": \"127.0.0.6\" , "
                        "    \"port\": 600 } ] } "
                        "] ";

818
    ASSERT_TRUE(fromJSON(config));
819

820
    // Add keys to key map so key validation passes.
821 822
    addKey("d2_key.tmark.org", "HMAC-MD5", "GWG/Xfbju4O2iXGqkSu4PQ==");
    addKey("d2_key.billcat.net", "HMAC-MD5", "GWG/Xfbju4O2iXGqkSu4PQ==");
823 824

    // Create the list parser
825
    isc::dhcp::ParserPtr list_parser;
826 827
    ASSERT_NO_THROW(list_parser.reset(
                    new DdnsDomainListParser("test", domains_, keys_)));
828 829

    // Verify that the domain configuration builds and commits without error.
830 831
    ASSERT_NO_THROW(list_parser->build(config_set_));
    ASSERT_NO_THROW(list_parser->commit());
832 833

    // Verify that the domain storage contains the correct number of domains.
834
    int count =  domains_->size();
835
    EXPECT_EQ(2, count);
836 837

    // Verify that the first domain exists and can be retrieved.
838 839
    DdnsDomainMap::iterator gotit = domains_->find("tmark.org");
    ASSERT_TRUE(gotit != domains_->end());
840 841 842
    DdnsDomainPtr& domain = gotit->second;

    // Verify the name and key_name values of the first domain.
843 844
    EXPECT_EQ("tmark.org", domain->getName());
    EXPECT_EQ("d2_key.tmark.org", domain->getKeyName());
845 846
    ASSERT_TRUE(domain->getTSIGKeyInfo());
    ASSERT_TRUE(domain->getTSIGKeyInfo()->getTSIGKey());
847 848 849 850 851

    // Verify the each of the first domain's servers
    DnsServerInfoStoragePtr servers = domain->getServers();
    EXPECT_TRUE(servers);
    count =  servers->size();
852
    EXPECT_EQ(3, count);
853 854 855 856 857 858 859 860 861 862 863 864 865 866

    DnsServerInfoPtr server = (*servers)[0];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.1", 100));

    server = (*servers)[1];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.2", 200));

    server = (*servers)[2];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.3", 300));

    // Verify second domain
867 868
    gotit = domains_->find("billcat.net");
    ASSERT_TRUE(gotit != domains_->end());
869 870 871
    domain = gotit->second;

    // Verify the name and key_name values of the second domain.
872 873
    EXPECT_EQ("billcat.net", domain->getName());
    EXPECT_EQ("d2_key.billcat.net", domain->getKeyName());
874 875
    ASSERT_TRUE(domain->getTSIGKeyInfo());
    ASSERT_TRUE(domain->getTSIGKeyInfo()->getTSIGKey());
876 877 878 879 880

    // Verify the each of second domain's servers
    servers = domain->getServers();
    EXPECT_TRUE(servers);
    count =  servers->size();
881
    EXPECT_EQ(3, count);
882 883 884 885 886 887 888 889 890 891 892 893 894 895 896

    server = (*servers)[0];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.4", 400));

    server = (*servers)[1];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.5", 500));

    server = (*servers)[2];
    EXPECT_TRUE(server);
    EXPECT_TRUE(checkServer(server, "", "127.0.0.6", 600));
}

/// @brief Tests that a domain list configuration cannot contain duplicates.
897
TEST_F(DdnsDomainTest, duplicateDomain) {
898 899 900 901 902 903 904 905 906 907 908 909 910 911
    // Create a domain list configuration that contains two domains with
    // the same name.
    std::string config =
                        "[ "
                        "{ \"name\": \"tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"ip_address\": \"127.0.0.3\" , "
                        "    \"port\": 300 } ] } "
                        ", "
                        "{ \"name\": \"tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"ip_address\": \"127.0.0.3\" , "
                        "    \"port\": 300 } ] } "
                        "] ";
912
    ASSERT_TRUE(fromJSON(config));
913

914
    // Create the list parser
915
    isc::dhcp::ParserPtr list_parser;
916 917
    ASSERT_NO_THROW(list_parser.reset(
                    new DdnsDomainListParser("test", domains_, keys_)));
918

919 920
    // Verify that the parse build fails.
    EXPECT_THROW(list_parser->build(config_set_), D2CfgError);
921 922 923 924 925 926 927 928
}

/// @brief Tests construction of D2CfgMgr
/// This test verifies that a D2CfgMgr constructs properly.
TEST(D2CfgMgr, construction) {
    D2CfgMgr *cfg_mgr = NULL;

    // Verify that configuration manager constructions without error.
929
    ASSERT_NO_THROW(cfg_mgr = new D2CfgMgr());
930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949

    // Verify that the context can be retrieved and is not null.
    D2CfgContextPtr context;
    ASSERT_NO_THROW(context = cfg_mgr->getD2CfgContext());
    EXPECT_TRUE(context);

    // Verify that the forward manager can be retrieved and is not null.
    EXPECT_TRUE(context->getForwardMgr());

    // Verify that the reverse manager can be retrieved and is not null.
    EXPECT_TRUE(context->getReverseMgr());

    // Verify that the manager can be destructed without error.
    EXPECT_NO_THROW(delete cfg_mgr);
}

/// @brief Tests the parsing of a complete, valid DHCP-DDNS configuration.
/// This tests passes the configuration into an instance of D2CfgMgr just
/// as it would be done by d2_process in response to a configuration update
/// event.
950
TEST_F(D2CfgMgrTest, fullConfig) {
951 952 953 954 955 956 957
    // Create a configuration with all of application level parameters, plus
    // both the forward and reverse ddns managers.  Both managers have two
    // domains with three servers per domain.
    std::string config = "{ "
                        "\"interface\" : \"eth1\" , "
                        "\"ip_address\" : \"192.168.1.33\" , "
                        "\"port\" : 88 , "
958 959 960
                        "\"tsig_keys\": ["
                        "{"
                        "  \"name\": \"d2_key.tmark.org\" , "
961
                        "  \"algorithm\": \"hmac-md5\" , "
962
                        "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
963 964 965
                        "},"
                        "{"
                        "  \"name\": \"d2_key.billcat.net\" , "
966
                        "  \"algorithm\": \"hmac-md5\" , "
967
                        "   \"secret\": \"LSWXnfkKZjdPJI5QxlpnfQ==\" "
968 969
                        "}"
                        "],"
970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005
                        "\"forward_ddns\" : {"
                        "\"ddns_domains\": [ "
                        "{ \"name\": \"tmark.org\" , "
                        "  \"key_name\": \"d2_key.tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"hostname\": \"one.tmark\" } , "
                        "  { \"hostname\": \"two.tmark\" } , "
                        "  { \"hostname\": \"three.tmark\"} "
                        "  ] } "
                        ", "
                        "{ \"name\": \"billcat.net\" , "
                        "  \"key_name\": \"d2_key.billcat.net\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"hostname\": \"four.billcat\" } , "
                        "  { \"hostname\": \"five.billcat\" } , "
                        "  { \"hostname\": \"six.billcat\" } "
                        "  ] } "
                        "] },"
                        "\"reverse_ddns\" : {"
                        "\"ddns_domains\": [ "
                        "{ \"name\": \" 0.168.192.in.addr.arpa.\" , "
                        "  \"key_name\": \"d2_key.tmark.org\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"hostname\": \"one.rev\" } , "
                        "  { \"hostname\": \"two.rev\" } , "
                        "  { \"hostname\": \"three.rev\" } "
                        "  ] } "
                        ", "
                        "{ \"name\": \" 0.247.106.in.addr.arpa.\" , "
                        "  \"key_name\": \"d2_key.billcat.net\" , "
                        "  \"dns_servers\" : [ "
                        "  { \"hostname\": \"four.rev\" }, "
                        "  { \"hostname\": \"five.rev\" } , "
                        "  { \"hostname\": \"six.rev\" } "
                        "  ] } "
                        "] } }";
1006
    ASSERT_TRUE(fromJSON(config));
1007 1008 1009

    // Verify that we can parse the configuration.
    answer_ = cfg_mgr_->parseConfig(config_set_);
1010
    ASSERT_TRUE(checkAnswer(0));
1011 1012 1013 1014 1015 1016 1017 1018

    // Verify that the D2 context can be retrieved and is not null.
    D2CfgContextPtr context;
    ASSERT_NO_THROW(context = cfg_mgr_->getD2CfgContext());

    // Verify that the application level scalars have the proper values.
    std::string interface;
    EXPECT_NO_THROW (context->getParam("interface", interface));
1019
    EXPECT_EQ("eth1", interface);
1020 1021 1022

    std::string ip_address;
    EXPECT_NO_THROW (context->getParam("ip_address", ip_address));
1023
    EXPECT_EQ("192.168.1.33", ip_address);
1024 1025 1026

    uint32_t port = 0;
    EXPECT_NO_THROW (context->getParam("port", port));
1027
    EXPECT_EQ(88, port);
1028 1029 1030 1031 1032 1033

    // Verify that the forward manager can be retrieved.
    DdnsDomainListMgrPtr mgr = context->getForwardMgr();
    ASSERT_TRUE(mgr);

    // Verify that the forward manager has the correct number of domains.
1034
    DdnsDomainMapPtr domains = mgr->getDomains();
1035 1036
    ASSERT_TRUE(domains);
    int count =  domains->size();
1037
    EXPECT_EQ(2, count);
1038 1039 1040 1041 1042

    // Verify that the server count in each of the forward manager domains.
    // NOTE that since prior tests have validated server parsing, we are are
    // assuming that the servers did in fact parse correctly if the correct
    // number of them are there.
1043
    DdnsDomainMapPair domain_pair;
1044 1045 1046 1047 1048
    BOOST_FOREACH(domain_pair, (*domains)) {
        DdnsDomainPtr domain = domain_pair.second;
        DnsServerInfoStoragePtr servers = domain->getServers();
        count = servers->size();
        EXPECT_TRUE(servers);
1049
        EXPECT_EQ(3, count);
1050 1051 1052 1053 1054 1055 1056 1057 1058
    }

    // Verify that the reverse manager can be retrieved.
    mgr = context->getReverseMgr();
    ASSERT_TRUE(mgr);

    // Verify that the reverse manager has the correct number of domains.
    domains = mgr->getDomains();
    count =  domains->size();
1059
    EXPECT_EQ(2, count);
1060 1061 1062 1063 1064 1065 1066 1067 1068 1069

    // Verify that the server count in each of the reverse manager domains.
    // NOTE that since prior tests have validated server parsing, we are are
    // assuming that the servers did in fact parse correctly if the correct
    // number of them are there.
    BOOST_FOREACH(domain_pair, (*domains)) {
        DdnsDomainPtr domain = domain_pair.second;
        DnsServerInfoStoragePtr servers = domain->getServers();
        count = servers->size();
        EXPECT_TRUE(servers);
1070
        EXPECT_EQ(3, count);
1071
    }
1072