Skip to content

Commit

Permalink
dnsforward: imp tests
Browse files Browse the repository at this point in the history
  • Loading branch information
Mizzick committed Apr 22, 2024
1 parent e7f7df2 commit 67fc9d3
Showing 1 changed file with 111 additions and 25 deletions.
136 changes: 111 additions & 25 deletions internal/dnsforward/beforerequest_internal_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"net"
"testing"

"github.com/AdguardTeam/AdGuardHome/internal/filtering"
"github.com/AdguardTeam/dnsproxy/proxy"
"github.com/miekg/dns"
"github.com/stretchr/testify/assert"
Expand All @@ -25,100 +26,82 @@ func TestServer_HandleBefore(t *testing.T) {
clientSrvName string
name string
host string
wantErrMsgUDP string
allowedClients []string
disallowedClients []string
blockedHosts []string
wantRCode int
wantRCodeUDP int
}{{
want: assert.NotEmpty,
clientSrvName: tlsServerName,
name: "allow_all",
host: testFQDN,
wantErrMsgUDP: "",
allowedClients: []string{},
disallowedClients: []string{},
blockedHosts: []string{},
wantRCode: dns.RcodeSuccess,
wantRCodeUDP: dns.RcodeSuccess,
}, {
want: assert.Empty,
clientSrvName: "%" + "." + tlsServerName,
name: "invalid_client_id",
host: testFQDN,
wantErrMsgUDP: "",
allowedClients: []string{},
disallowedClients: []string{},
blockedHosts: []string{},
wantRCode: dns.RcodeServerFailure,
wantRCodeUDP: dns.RcodeSuccess,
}, {
want: assert.NotEmpty,
clientSrvName: clientID + "." + tlsServerName,
name: "allowed_client_allowed",
host: testFQDN,
wantErrMsgUDP: "i/o timeout",
allowedClients: []string{clientID},
disallowedClients: []string{},
blockedHosts: []string{},
wantRCode: dns.RcodeSuccess,
wantRCodeUDP: -1,
}, {
want: assert.Empty,
clientSrvName: "client-2." + tlsServerName,
name: "allowed_client_rejected",
host: testFQDN,
wantErrMsgUDP: "i/o timeout",
allowedClients: []string{clientID},
disallowedClients: []string{},
blockedHosts: []string{},
wantRCode: dns.RcodeRefused,
wantRCodeUDP: -1,
}, {
want: assert.NotEmpty,
clientSrvName: tlsServerName,
name: "disallowed_client_allowed",
host: testFQDN,
wantErrMsgUDP: "",
allowedClients: []string{},
disallowedClients: []string{clientID},
blockedHosts: []string{},
wantRCode: dns.RcodeSuccess,
wantRCodeUDP: dns.RcodeSuccess,
}, {
want: assert.Empty,
clientSrvName: clientID + "." + tlsServerName,
name: "disallowed_client_rejected",
host: testFQDN,
wantErrMsgUDP: "",
allowedClients: []string{},
disallowedClients: []string{clientID},
blockedHosts: []string{},
wantRCode: dns.RcodeRefused,
wantRCodeUDP: dns.RcodeSuccess,
}, {
want: assert.NotEmpty,
clientSrvName: tlsServerName,
name: "blocked_hosts_allowed",
host: testFQDN,
wantErrMsgUDP: "",
allowedClients: []string{},
disallowedClients: []string{},
blockedHosts: []string{blockedHost},
wantRCode: dns.RcodeSuccess,
wantRCodeUDP: dns.RcodeSuccess,
}, {
want: assert.Empty,
clientSrvName: tlsServerName,
name: "blocked_hosts_rejected",
host: dns.Fqdn(blockedHost),
wantErrMsgUDP: "i/o timeout",
allowedClients: []string{},
disallowedClients: []string{},
blockedHosts: []string{blockedHost},
wantRCode: dns.RcodeRefused,
wantRCodeUDP: -1,
}}

for _, tc := range testCases {
Expand Down Expand Up @@ -157,21 +140,124 @@ func TestServer_HandleBefore(t *testing.T) {

tc.want(t, reply.Answer)
assert.Equal(t, tc.wantRCode, reply.Rcode)
})
}
}

func TestServer_HandleBefore_udp(t *testing.T) {
t.Parallel()

const (
clientIPv4 = "127.0.0.1"
clientIPv6 = "::1"

blockedHost = "blockedhost.org"
testFQDN = "example.org."
)

clientIPs := []string{clientIPv4, clientIPv6}

testCases := []struct {
name string
host string
allowedClients []string
disallowedClients []string
blockedHosts []string
wantTimeout bool
}{{
name: "allow_all",
host: testFQDN,
allowedClients: []string{},
disallowedClients: []string{},
blockedHosts: []string{},
wantTimeout: false,
}, {
name: "allowed_client_allowed",
host: testFQDN,
allowedClients: clientIPs,
disallowedClients: []string{},
blockedHosts: []string{},
wantTimeout: false,
}, {
name: "allowed_client_rejected",
host: testFQDN,
allowedClients: []string{"1:2:3::4"},
disallowedClients: []string{},
blockedHosts: []string{},
wantTimeout: true,
}, {
name: "disallowed_client_allowed",
host: testFQDN,
allowedClients: []string{},
disallowedClients: []string{"1:2:3::4"},
blockedHosts: []string{},
wantTimeout: false,
}, {
name: "disallowed_client_rejected",
host: testFQDN,
allowedClients: []string{},
disallowedClients: clientIPs,
blockedHosts: []string{},
wantTimeout: true,
}, {
name: "blocked_hosts_allowed",
host: testFQDN,
allowedClients: []string{},
disallowedClients: []string{},
blockedHosts: []string{blockedHost},
wantTimeout: false,
}, {
name: "blocked_hosts_rejected",
host: dns.Fqdn(blockedHost),
allowedClients: []string{},
disallowedClients: []string{},
blockedHosts: []string{blockedHost},
wantTimeout: true,
}}

client = &dns.Client{
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
t.Parallel()

s := createTestServer(t, &filtering.Config{
BlockingMode: filtering.BlockingModeDefault,
}, ServerConfig{
UDPListenAddrs: []*net.UDPAddr{{}},
TCPListenAddrs: []*net.TCPAddr{{}},
Config: Config{
UpstreamMode: UpstreamModeLoadBalance,
EDNSClientSubnet: &EDNSClientSubnet{Enabled: false},
},
ServePlainDNS: true,
})

s.conf.AllowedClients = tc.allowedClients
s.conf.DisallowedClients = tc.disallowedClients
s.conf.BlockedHosts = tc.blockedHosts

err := s.Prepare(&s.conf)
require.NoError(t, err)

startDeferStop(t, s)

client := &dns.Client{
Net: "udp",
}

req = createTestMessage(tc.host)
addr = s.dnsProxy.Addr(proxy.ProtoUDP).String()
req := createTestMessage(tc.host)
addr := s.dnsProxy.Addr(proxy.ProtoUDP).String()

reply, _, err := client.Exchange(req, addr)
if tc.wantTimeout {
wantErr := &net.OpError{}
require.ErrorAs(t, err, &wantErr)
assert.True(t, wantErr.Timeout())

reply, _, err = client.Exchange(req, addr)
if tc.wantErrMsgUDP != "" {
assert.ErrorContains(t, err, tc.wantErrMsgUDP)
assert.Nil(t, reply)
} else {
require.NotNil(t, reply)
assert.Equal(t, tc.wantRCodeUDP, reply.Rcode)

assert.Equal(t, dns.RcodeSuccess, reply.Rcode)
assert.NotEmpty(t, reply.Answer)
}
})
Expand Down

0 comments on commit 67fc9d3

Please sign in to comment.