2 * testcode/unitauth.c - unit test for authzone authoritative zone code.
4 * Copyright (c) 2017, NLnet Labs. All rights reserved.
6 * This software is open source.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38 * Unit test for auth zone code.
41 #include "services/authzone.h"
42 #include "testcode/unitmain.h"
43 #include "util/regional.h"
44 #include "util/net_help.h"
45 #include "util/config_file.h"
46 #include "util/data/msgreply.h"
47 #include "services/cache/dns.h"
48 #include "sldns/str2wire.h"
49 #include "sldns/wire2str.h"
50 #include "sldns/sbuffer.h"
52 /** verbosity for this test */
55 /** struct for query and answer checks */
57 /** zone to query (delegpt) */
59 /** query name, class, type */
61 /** additional flags or "" */
63 /** expected answer to check against, multi-line string */
67 /** auth zone for test */
68 static const char* zone_example_com =
69 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
70 "example.com. 3600 IN A 10.0.0.1\n"
71 "example.com. 3600 IN NS ns.example.com.\n"
72 "example.com. 3600 IN MX 50 mail.example.com.\n"
73 "deep.ent.example.com. 3600 IN A 10.0.0.9\n"
74 "mail.example.com. 3600 IN A 10.0.0.4\n"
75 "ns.example.com. 3600 IN A 10.0.0.5\n"
76 "out.example.com. 3600 IN CNAME www.example.com.\n"
77 "plan.example.com. 3600 IN CNAME nonexist.example.com.\n"
78 "redir.example.com. 3600 IN DNAME redir.example.org.\n"
79 "redir2.example.com. 3600 IN DNAME redir2.example.org.\n"
80 "obscured.redir2.example.com. 3600 IN A 10.0.0.12\n"
81 "under2.redir2.example.com. 3600 IN DNAME redir3.example.net.\n"
82 "doubleobscured.under2.redir2.example.com. 3600 IN A 10.0.0.13\n"
83 "sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
84 "sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
85 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
86 "ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
87 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
88 "obscured.sub2.example.com. 3600 IN A 10.0.0.10\n"
89 "under.sub2.example.com. 3600 IN NS ns.under.sub2.example.com.\n"
90 "doubleobscured.under.sub2.example.com. 3600 IN A 10.0.0.11\n"
91 "*.wild.example.com. 3600 IN A 10.0.0.8\n"
92 "*.wild2.example.com. 3600 IN CNAME www.example.com.\n"
93 "*.wild3.example.com. 3600 IN A 10.0.0.8\n"
94 "*.wild3.example.com. 3600 IN MX 50 mail.example.com.\n"
95 "www.example.com. 3600 IN A 10.0.0.2\n"
96 "www.example.com. 3600 IN A 10.0.0.3\n"
97 "yy.example.com. 3600 IN TXT \"a\"\n"
98 "yy.example.com. 3600 IN TXT \"b\"\n"
99 "yy.example.com. 3600 IN TXT \"c\"\n"
100 "yy.example.com. 3600 IN TXT \"d\"\n"
101 "yy.example.com. 3600 IN TXT \"e\"\n"
102 "yy.example.com. 3600 IN TXT \"f\"\n"
104 /* and some tests for RRSIGs (rrsig is www.nlnetlabs.nl copy) */
105 /* normal: domain and 1 rrsig */
106 "z1.example.com. 3600 IN A 10.0.0.10\n"
107 "z1.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
108 /* normal: domain and 2 rrsigs */
109 "z2.example.com. 3600 IN A 10.0.0.10\n"
110 "z2.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
111 "z2.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 12345 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
112 /* normal: domain and 3 rrsigs */
113 "z3.example.com. 3600 IN A 10.0.0.10\n"
114 "z3.example.com. 3600 IN A 10.0.0.11\n"
115 "z3.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
116 "z3.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 12345 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
117 "z3.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 12356 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
118 /* just an RRSIG rrset with nothing else */
119 "z4.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
120 /* just an RRSIG rrset with nothing else, 2 rrsigs */
121 "z5.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
122 "z5.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 12345 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
123 #if 1 /* comparison of file does not work on this part because duplicates */
124 /* are removed and the rrsets are reordered */
125 "end_of_check.z6.example.com. 3600 IN A 10.0.0.10\n"
126 /* first rrsig, then A record */
127 "z6.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
128 "z6.example.com. 3600 IN A 10.0.0.10\n"
129 /* first two rrsigs, then A record */
130 "z7.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
131 "z7.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 12345 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
132 "z7.example.com. 3600 IN A 10.0.0.10\n"
133 /* first two rrsigs, then two A records */
134 "z8.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
135 "z8.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 12345 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
136 "z8.example.com. 3600 IN A 10.0.0.10\n"
137 "z8.example.com. 3600 IN A 10.0.0.11\n"
138 /* duplicate RR, duplicate RRsig */
139 "z9.example.com. 3600 IN A 10.0.0.10\n"
140 "z9.example.com. 3600 IN A 10.0.0.11\n"
141 "z9.example.com. 3600 IN A 10.0.0.10\n"
142 "z9.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
143 "z9.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
144 /* different covered types, first RRSIGs then, RRs, then another RRSIG */
145 "zz10.example.com. 3600 IN RRSIG AAAA 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
146 "zz10.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
147 "zz10.example.com. 3600 IN A 10.0.0.10\n"
148 "zz10.example.com. 3600 IN RRSIG CNAME 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=\n"
149 "zz10.example.com. 3600 IN AAAA ::11\n"
150 #endif /* if0 for duplicates and reordering */
153 /** queries for example.com: zone, query, flags, answer. end with NULL */
154 static struct q_ans example_com_queries[] = {
155 { "example.com", "www.example.com. A", "",
156 ";flags QR AA rcode NOERROR\n"
158 "www.example.com. 3600 IN A 10.0.0.2\n"
159 "www.example.com. 3600 IN A 10.0.0.3\n"
162 { "example.com", "example.com. SOA", "",
163 ";flags QR AA rcode NOERROR\n"
165 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
168 { "example.com", "example.com. A", "",
169 ";flags QR AA rcode NOERROR\n"
171 "example.com. 3600 IN A 10.0.0.1\n"
174 { "example.com", "example.com. AAAA", "",
175 ";flags QR AA rcode NOERROR\n"
176 ";authority section\n"
177 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
180 { "example.com", "example.com. NS", "",
181 ";flags QR AA rcode NOERROR\n"
183 "example.com. 3600 IN NS ns.example.com.\n"
184 ";additional section\n"
185 "ns.example.com. 3600 IN A 10.0.0.5\n"
188 { "example.com", "example.com. MX", "",
189 ";flags QR AA rcode NOERROR\n"
191 "example.com. 3600 IN MX 50 mail.example.com.\n"
192 ";additional section\n"
193 "mail.example.com. 3600 IN A 10.0.0.4\n"
196 { "example.com", "example.com. IN ANY", "",
197 ";flags QR AA rcode NOERROR\n"
199 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
200 "example.com. 3600 IN MX 50 mail.example.com.\n"
201 "example.com. 3600 IN A 10.0.0.1\n"
204 { "example.com", "nonexist.example.com. A", "",
205 ";flags QR AA rcode NXDOMAIN\n"
206 ";authority section\n"
207 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
210 { "example.com", "deep.ent.example.com. A", "",
211 ";flags QR AA rcode NOERROR\n"
213 "deep.ent.example.com. 3600 IN A 10.0.0.9\n"
216 { "example.com", "ent.example.com. A", "",
217 ";flags QR AA rcode NOERROR\n"
218 ";authority section\n"
219 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
222 { "example.com", "below.deep.ent.example.com. A", "",
223 ";flags QR AA rcode NXDOMAIN\n"
224 ";authority section\n"
225 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
228 { "example.com", "mail.example.com. A", "",
229 ";flags QR AA rcode NOERROR\n"
231 "mail.example.com. 3600 IN A 10.0.0.4\n"
234 { "example.com", "ns.example.com. A", "",
235 ";flags QR AA rcode NOERROR\n"
237 "ns.example.com. 3600 IN A 10.0.0.5\n"
240 { "example.com", "out.example.com. A", "",
241 ";flags QR AA rcode NOERROR\n"
243 "out.example.com. 3600 IN CNAME www.example.com.\n"
244 "www.example.com. 3600 IN A 10.0.0.2\n"
245 "www.example.com. 3600 IN A 10.0.0.3\n"
248 { "example.com", "out.example.com. CNAME", "",
249 ";flags QR AA rcode NOERROR\n"
251 "out.example.com. 3600 IN CNAME www.example.com.\n"
254 { "example.com", "plan.example.com. A", "",
255 ";flags QR AA rcode NOERROR\n"
257 "plan.example.com. 3600 IN CNAME nonexist.example.com.\n"
260 { "example.com", "plan.example.com. CNAME", "",
261 ";flags QR AA rcode NOERROR\n"
263 "plan.example.com. 3600 IN CNAME nonexist.example.com.\n"
266 { "example.com", "redir.example.com. A", "",
267 ";flags QR AA rcode NOERROR\n"
268 ";authority section\n"
269 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
272 { "example.com", "redir.example.com. DNAME", "",
273 ";flags QR AA rcode NOERROR\n"
275 "redir.example.com. 3600 IN DNAME redir.example.org.\n"
278 { "example.com", "abc.redir.example.com. A", "",
279 ";flags QR AA rcode NOERROR\n"
281 "redir.example.com. 3600 IN DNAME redir.example.org.\n"
282 "abc.redir.example.com. 0 IN CNAME abc.redir.example.org.\n"
285 { "example.com", "foo.abc.redir.example.com. A", "",
286 ";flags QR AA rcode NOERROR\n"
288 "redir.example.com. 3600 IN DNAME redir.example.org.\n"
289 "foo.abc.redir.example.com. 0 IN CNAME foo.abc.redir.example.org.\n"
292 { "example.com", "redir2.example.com. DNAME", "",
293 ";flags QR AA rcode NOERROR\n"
295 "redir2.example.com. 3600 IN DNAME redir2.example.org.\n"
298 { "example.com", "abc.redir2.example.com. A", "",
299 ";flags QR AA rcode NOERROR\n"
301 "redir2.example.com. 3600 IN DNAME redir2.example.org.\n"
302 "abc.redir2.example.com. 0 IN CNAME abc.redir2.example.org.\n"
305 { "example.com", "obscured.redir2.example.com. A", "",
306 ";flags QR AA rcode NOERROR\n"
308 "redir2.example.com. 3600 IN DNAME redir2.example.org.\n"
309 "obscured.redir2.example.com. 0 IN CNAME obscured.redir2.example.org.\n"
312 { "example.com", "under2.redir2.example.com. A", "",
313 ";flags QR AA rcode NOERROR\n"
315 "redir2.example.com. 3600 IN DNAME redir2.example.org.\n"
316 "under2.redir2.example.com. 0 IN CNAME under2.redir2.example.org.\n"
319 { "example.com", "doubleobscured.under2.redir2.example.com. A", "",
320 ";flags QR AA rcode NOERROR\n"
322 "redir2.example.com. 3600 IN DNAME redir2.example.org.\n"
323 "doubleobscured.under2.redir2.example.com. 0 IN CNAME doubleobscured.under2.redir2.example.org.\n"
326 { "example.com", "foo.doubleobscured.under2.redir2.example.com. A", "",
327 ";flags QR AA rcode NOERROR\n"
329 "redir2.example.com. 3600 IN DNAME redir2.example.org.\n"
330 "foo.doubleobscured.under2.redir2.example.com. 0 IN CNAME foo.doubleobscured.under2.redir2.example.org.\n"
333 { "example.com", "foo.under2.redir2.example.com. A", "",
334 ";flags QR AA rcode NOERROR\n"
336 "redir2.example.com. 3600 IN DNAME redir2.example.org.\n"
337 "foo.under2.redir2.example.com. 0 IN CNAME foo.under2.redir2.example.org.\n"
340 { "example.com", "sub.example.com. NS", "",
341 ";flags QR rcode NOERROR\n"
342 ";authority section\n"
343 "sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
344 "sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
345 ";additional section\n"
346 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
347 "ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
350 { "example.com", "sub.example.com. DS", "",
351 ";flags QR AA rcode NOERROR\n"
352 ";authority section\n"
353 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
356 { "example.com", "www.sub.example.com. NS", "",
357 ";flags QR rcode NOERROR\n"
358 ";authority section\n"
359 "sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
360 "sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
361 ";additional section\n"
362 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
363 "ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
366 { "example.com", "foo.abc.sub.example.com. NS", "",
367 ";flags QR rcode NOERROR\n"
368 ";authority section\n"
369 "sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
370 "sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
371 ";additional section\n"
372 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
373 "ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
376 { "example.com", "ns1.sub.example.com. A", "",
377 ";flags QR rcode NOERROR\n"
378 ";authority section\n"
379 "sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
380 "sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
381 ";additional section\n"
382 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
383 "ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
386 { "example.com", "ns1.sub.example.com. AAAA", "",
387 ";flags QR rcode NOERROR\n"
388 ";authority section\n"
389 "sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
390 "sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
391 ";additional section\n"
392 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
393 "ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
396 { "example.com", "ns2.sub.example.com. A", "",
397 ";flags QR rcode NOERROR\n"
398 ";authority section\n"
399 "sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
400 "sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
401 ";additional section\n"
402 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
403 "ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
406 { "example.com", "ns2.sub.example.com. AAAA", "",
407 ";flags QR rcode NOERROR\n"
408 ";authority section\n"
409 "sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
410 "sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
411 ";additional section\n"
412 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
413 "ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
416 { "example.com", "sub2.example.com. A", "",
417 ";flags QR rcode NOERROR\n"
418 ";authority section\n"
419 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
420 ";additional section\n"
421 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
424 { "example.com", "sub2.example.com. NS", "",
425 ";flags QR rcode NOERROR\n"
426 ";authority section\n"
427 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
428 ";additional section\n"
429 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
432 { "example.com", "obscured.sub2.example.com. A", "",
433 ";flags QR rcode NOERROR\n"
434 ";authority section\n"
435 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
436 ";additional section\n"
437 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
440 { "example.com", "abc.obscured.sub2.example.com. A", "",
441 ";flags QR rcode NOERROR\n"
442 ";authority section\n"
443 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
444 ";additional section\n"
445 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
448 { "example.com", "under.sub2.example.com. A", "",
449 ";flags QR rcode NOERROR\n"
450 ";authority section\n"
451 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
452 ";additional section\n"
453 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
456 { "example.com", "under.sub2.example.com. NS", "",
457 ";flags QR rcode NOERROR\n"
458 ";authority section\n"
459 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
460 ";additional section\n"
461 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
464 { "example.com", "abc.under.sub2.example.com. A", "",
465 ";flags QR rcode NOERROR\n"
466 ";authority section\n"
467 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
468 ";additional section\n"
469 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
472 { "example.com", "doubleobscured.under.sub2.example.com. A", "",
473 ";flags QR rcode NOERROR\n"
474 ";authority section\n"
475 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
476 ";additional section\n"
477 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
480 { "example.com", "abc.doubleobscured.under.sub2.example.com. A", "",
481 ";flags QR rcode NOERROR\n"
482 ";authority section\n"
483 "sub2.example.com. 3600 IN NS ns1.sub.example.com.\n"
484 ";additional section\n"
485 "ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
488 { "example.com", "wild.example.com. A", "",
489 ";flags QR AA rcode NOERROR\n"
490 ";authority section\n"
491 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
494 { "example.com", "*.wild.example.com. A", "",
495 ";flags QR AA rcode NOERROR\n"
497 "*.wild.example.com. 3600 IN A 10.0.0.8\n"
500 { "example.com", "*.wild.example.com. AAAA", "",
501 ";flags QR AA rcode NOERROR\n"
502 ";authority section\n"
503 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
506 { "example.com", "abc.wild.example.com. A", "",
507 ";flags QR AA rcode NOERROR\n"
509 "abc.wild.example.com. 3600 IN A 10.0.0.8\n"
512 { "example.com", "abc.wild.example.com. AAAA", "",
513 ";flags QR AA rcode NOERROR\n"
514 ";authority section\n"
515 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
518 { "example.com", "foo.abc.wild.example.com. A", "",
519 ";flags QR AA rcode NOERROR\n"
521 "foo.abc.wild.example.com. 3600 IN A 10.0.0.8\n"
524 { "example.com", "foo.abc.wild.example.com. AAAA", "",
525 ";flags QR AA rcode NOERROR\n"
526 ";authority section\n"
527 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
530 { "example.com", "wild2.example.com. A", "",
531 ";flags QR AA rcode NOERROR\n"
532 ";authority section\n"
533 "example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
536 { "example.com", "*.wild2.example.com. A", "",
537 ";flags QR AA rcode NOERROR\n"
539 "*.wild2.example.com. 3600 IN CNAME www.example.com.\n"
540 "www.example.com. 3600 IN A 10.0.0.2\n"
541 "www.example.com. 3600 IN A 10.0.0.3\n"
544 { "example.com", "abc.wild2.example.com. A", "",
545 ";flags QR AA rcode NOERROR\n"
547 "abc.wild2.example.com. 3600 IN CNAME www.example.com.\n"
548 "www.example.com. 3600 IN A 10.0.0.2\n"
549 "www.example.com. 3600 IN A 10.0.0.3\n"
552 { "example.com", "foo.abc.wild2.example.com. A", "",
553 ";flags QR AA rcode NOERROR\n"
555 "foo.abc.wild2.example.com. 3600 IN CNAME www.example.com.\n"
556 "www.example.com. 3600 IN A 10.0.0.2\n"
557 "www.example.com. 3600 IN A 10.0.0.3\n"
560 { "example.com", "abc.wild2.example.com. CNAME", "",
561 ";flags QR AA rcode NOERROR\n"
563 "abc.wild2.example.com. 3600 IN CNAME www.example.com.\n"
566 { "example.com", "abc.wild3.example.com. IN ANY", "",
567 ";flags QR AA rcode NOERROR\n"
569 "abc.wild3.example.com. 3600 IN MX 50 mail.example.com.\n"
570 "abc.wild3.example.com. 3600 IN A 10.0.0.8\n"
573 { "example.com", "yy.example.com. TXT", "",
574 ";flags QR AA rcode NOERROR\n"
576 "yy.example.com. 3600 IN TXT \"a\"\n"
577 "yy.example.com. 3600 IN TXT \"b\"\n"
578 "yy.example.com. 3600 IN TXT \"c\"\n"
579 "yy.example.com. 3600 IN TXT \"d\"\n"
580 "yy.example.com. 3600 IN TXT \"e\"\n"
581 "yy.example.com. 3600 IN TXT \"f\"\n"
584 {NULL, NULL, NULL, NULL}
587 /** number of tmpfiles */
588 static int tempno = 0;
589 /** number of deleted files */
590 static int delno = 0;
592 /** cleanup tmp files at exit */
598 for(i=0; i<tempno; i++) {
600 snprintf(buf, sizeof(buf), "unbound.unittest.%u.%d",
601 (unsigned)getpid(), i);
603 snprintf(buf, sizeof(buf), "/tmp/unbound.unittest.%u.%d",
604 (unsigned)getpid(), i);
606 if(vbmp) printf("cleanup: unlink %s\n", buf);
611 /** create temp file, return (malloced) name string, write contents to it */
613 create_tmp_file(const char* s)
620 snprintf(buf, sizeof(buf), "unbound.unittest.%u.%d",
621 (unsigned)getpid(), tempno++);
623 snprintf(buf, sizeof(buf), "/tmp/unbound.unittest.%u.%d",
624 (unsigned)getpid(), tempno++);
627 if(!fname) fatal_exit("out of memory");
628 /* if no string, just make the name */
630 /* if string, write to file */
631 out = fopen(fname, "w");
632 if(!out) fatal_exit("cannot open %s: %s", fname, strerror(errno));
633 r = fwrite(s, 1, strlen(s), out);
635 fatal_exit("write failed: %s", strerror(errno));
636 } else if(r < strlen(s)) {
637 fatal_exit("write failed: too short (disk full?)");
643 /** delete temp file and free name string */
645 del_tmp_file(char* fname)
650 if(delno == tempno) {
651 /* deleted all outstanding files, back to start condition */
657 /** Add zone from file for testing */
659 authtest_addzone(struct auth_zones* az, const char* name, char* fname)
663 uint8_t* nm = sldns_str2wire_dname(name, &nmlen);
664 struct config_file* cfg;
665 if(!nm) fatal_exit("out of memory");
666 lock_rw_wrlock(&az->lock);
667 z = auth_zone_create(az, nm, nmlen, LDNS_RR_CLASS_IN);
668 lock_rw_unlock(&az->lock);
669 if(!z) fatal_exit("cannot find zone");
670 auth_zone_set_zonefile(z, fname);
672 cfg = config_create();
673 free(cfg->chrootdir);
674 cfg->chrootdir = NULL;
676 if(!auth_zone_read_zonefile(z, cfg)) {
677 fatal_exit("parse failure for auth zone %s", name);
679 lock_rw_unlock(&z->lock);
685 /** check that file is the same as other file */
687 checkfile(char* f1, char *f2)
689 char buf1[10240], buf2[10240];
693 if(!i1) fatal_exit("cannot open %s: %s", f1, strerror(errno));
695 if(!i2) fatal_exit("cannot open %s: %s", f2, strerror(errno));
697 while(!feof(i1) && !feof(i2)) {
700 cp1 = fgets(buf1, (int)sizeof(buf1), i1);
701 cp2 = fgets(buf2, (int)sizeof(buf2), i2);
702 if((!cp1 && !feof(i1)) || (!cp2 && !feof(i2)))
703 fatal_exit("fgets failed: %s", strerror(errno));
704 if(strncmp(buf1, "end_of_check", 12) == 0) {
709 if(strcmp(buf1, buf2) != 0) {
710 log_info("in files %s and %s:%d", f1, f2, line);
711 log_info("'%s'", buf1);
712 log_info("'%s'", buf2);
713 fatal_exit("files are not equal");
716 unit_assert(feof(i1) && feof(i2));
722 /** check that a zone (in string) can be read and reproduced */
724 check_read_exact(const char* name, const char* zone)
726 struct auth_zones* az;
729 if(vbmp) printf("check read zone %s\n", name);
730 fname = create_tmp_file(zone);
732 az = auth_zones_create();
734 z = authtest_addzone(az, name, fname);
736 outf = create_tmp_file(NULL);
737 if(!auth_zone_write_file(z, outf)) {
738 fatal_exit("write file failed for %s", fname);
740 checkfile(fname, outf);
744 auth_zones_delete(az);
747 /** parse q_ans structure for making query */
749 q_ans_parse(struct q_ans* q, struct regional* region,
750 struct query_info** qinfo, int* fallback, uint8_t** dp_nm,
755 size_t len, dname_len;
758 *fallback = 0; /* default fallback value */
759 if(strstr(q->flags, "fallback"))
763 *dp_nmlen = sizeof(buf);
764 if((ret=sldns_str2wire_dname_buf(q->zone, buf, dp_nmlen))!=0)
765 fatal_exit("cannot parse query dp zone %s : %s", q->zone,
766 sldns_get_errorstr_parse(ret));
767 *dp_nm = regional_alloc_init(region, buf, *dp_nmlen);
768 if(!dp_nm) fatal_exit("out of memory");
773 if((ret=sldns_str2wire_rr_question_buf(q->query, buf, &len, &dname_len,
774 *dp_nm, *dp_nmlen, NULL, 0))!=0)
775 fatal_exit("cannot parse query %s : %s", q->query,
776 sldns_get_errorstr_parse(ret));
777 *qinfo = (struct query_info*)regional_alloc_zero(region,
779 if(!*qinfo) fatal_exit("out of memory");
780 (*qinfo)->qname = regional_alloc_init(region, buf, dname_len);
781 if(!(*qinfo)->qname) fatal_exit("out of memory");
782 (*qinfo)->qname_len = dname_len;
783 (*qinfo)->qtype = sldns_wirerr_get_type(buf, len, dname_len);
784 (*qinfo)->qclass = sldns_wirerr_get_class(buf, len, dname_len);
787 /** print flags to string */
789 pr_flags(sldns_buffer* buf, uint16_t flags)
792 sldns_buffer_printf(buf, ";flags");
793 if((flags&BIT_QR)!=0) sldns_buffer_printf(buf, " QR");
794 if((flags&BIT_AA)!=0) sldns_buffer_printf(buf, " AA");
795 if((flags&BIT_TC)!=0) sldns_buffer_printf(buf, " TC");
796 if((flags&BIT_RD)!=0) sldns_buffer_printf(buf, " RD");
797 if((flags&BIT_CD)!=0) sldns_buffer_printf(buf, " CD");
798 if((flags&BIT_RA)!=0) sldns_buffer_printf(buf, " RA");
799 if((flags&BIT_AD)!=0) sldns_buffer_printf(buf, " AD");
800 if((flags&BIT_Z)!=0) sldns_buffer_printf(buf, " Z");
801 sldns_wire2str_rcode_buf((int)(FLAGS_GET_RCODE(flags)),
802 rcode, sizeof(rcode));
803 sldns_buffer_printf(buf, " rcode %s", rcode);
804 sldns_buffer_printf(buf, "\n");
807 /** print RRs to string */
809 pr_rrs(sldns_buffer* buf, struct reply_info* rep)
813 struct packed_rrset_data* d;
814 log_assert(rep->rrset_count == rep->an_numrrsets + rep->ns_numrrsets
815 + rep->ar_numrrsets);
816 for(i=0; i<rep->rrset_count; i++) {
817 /* section heading */
818 if(i == 0 && rep->an_numrrsets != 0)
819 sldns_buffer_printf(buf, ";answer section\n");
820 else if(i == rep->an_numrrsets && rep->ns_numrrsets != 0)
821 sldns_buffer_printf(buf, ";authority section\n");
822 else if(i == rep->an_numrrsets+rep->ns_numrrsets &&
823 rep->ar_numrrsets != 0)
824 sldns_buffer_printf(buf, ";additional section\n");
826 d = (struct packed_rrset_data*)rep->rrsets[i]->entry.data;
827 for(j=0; j<d->count+d->rrsig_count; j++) {
828 if(!packed_rr_to_string(rep->rrsets[i], j, 0,
830 fatal_exit("could not rr_to_string %d",
833 sldns_buffer_printf(buf, "%s", s);
838 /** create string for message */
840 msgtostr(struct dns_msg* msg)
843 sldns_buffer* buf = sldns_buffer_new(65535);
844 if(!buf) fatal_exit("out of memory");
846 sldns_buffer_printf(buf, "null packet\n");
848 pr_flags(buf, msg->rep->flags);
849 pr_rrs(buf, msg->rep);
852 str = strdup((char*)sldns_buffer_begin(buf));
853 if(!str) fatal_exit("out of memory");
854 sldns_buffer_free(buf);
858 /** find line diff between strings */
860 line_diff(const char* p, const char* q, const char* pdesc, const char* qdesc)
862 char* pdup, *qdup, *pl, *ql;
866 if(!pdup || !qdup) fatal_exit("out of memory");
869 printf("linediff (<%s, >%s)\n", pdesc, qdesc);
870 while(pl && ql && *pl && *ql) {
871 char* ep = strchr(pl, '\n');
872 char* eq = strchr(ql, '\n');
873 /* terminate lines */
877 if(strcmp(pl, ql) == 0) {
878 printf("%3d %s\n", line, pl);
880 printf("%3d < %s\n", line, pl);
881 printf("%3d > %s\n", line, ql);
892 printf("%3d < %s\n", line, pl);
895 printf("%3d > %s\n", line, ql);
901 /** make q_ans query */
903 q_ans_query(struct q_ans* q, struct auth_zones* az, struct query_info* qinfo,
904 struct regional* region, int expected_fallback, uint8_t* dp_nm,
907 int ret, fallback = 0;
908 struct dns_msg* msg = NULL;
910 int oldv = verbosity;
911 /* increase verbosity to printout logic in authzone */
912 if(vbmp) verbosity = 4;
913 ret = auth_zones_lookup(az, qinfo, region, &msg, &fallback, dp_nm,
915 if(vbmp) verbosity = oldv;
917 /* check the answer */
918 ans_str = msgtostr(msg);
919 /* printout if vbmp */
920 if(vbmp) printf("got (ret=%s%s):\n%s",
921 (ret?"ok":"fail"), (fallback?" fallback":""), ans_str);
922 /* check expected value for ret */
923 if(expected_fallback && ret != 0) {
924 /* ret is zero on fallback */
925 if(vbmp) printf("fallback expected, but "
926 "return value is not false\n");
927 unit_assert(expected_fallback && ret == 0);
930 if(!expected_fallback) {
931 if(vbmp) printf("return value is false, "
934 unit_assert(expected_fallback);
936 /* check expected value for fallback */
937 if(expected_fallback && !fallback) {
938 if(vbmp) printf("expected fallback, but fallback is no\n");
939 } else if(!expected_fallback && fallback) {
940 if(vbmp) printf("expected no fallback, but fallback is yes\n");
942 unit_assert( (expected_fallback&&fallback) ||
943 (!expected_fallback&&!fallback));
944 /* check answer string */
945 if(strcmp(q->answer, ans_str) != 0) {
946 if(vbmp) printf("wanted:\n%s", q->answer);
947 line_diff(q->answer, ans_str, "wanted", "got");
949 unit_assert(strcmp(q->answer, ans_str) == 0);
950 if(vbmp) printf("query ok\n\n");
954 /** check queries on a loaded zone */
956 check_az_q_ans(struct auth_zones* az, struct q_ans* queries)
959 struct regional* region = regional_create();
960 struct query_info* qinfo;
964 for(q=queries; q->zone; q++) {
965 if(vbmp) printf("query %s: %s %s\n", q->zone, q->query,
967 q_ans_parse(q, region, &qinfo, &fallback, &dp_nm, &dp_nmlen);
968 q_ans_query(q, az, qinfo, region, fallback, dp_nm, dp_nmlen);
969 regional_free_all(region);
971 regional_destroy(region);
974 /** check queries for a zone are returned as specified */
976 check_queries(const char* name, const char* zone, struct q_ans* queries)
978 struct auth_zones* az;
981 if(vbmp) printf("check queries %s\n", name);
982 fname = create_tmp_file(zone);
983 az = auth_zones_create();
984 if(!az) fatal_exit("out of memory");
985 z = authtest_addzone(az, name, fname);
986 if(!z) fatal_exit("could not read zone for queries test");
989 /* run queries and test them */
990 check_az_q_ans(az, queries);
992 auth_zones_delete(az);
995 /** Test authzone compare_serial */
997 authzone_compare_serial(void)
999 if(vbmp) printf("Testing compare_serial\n");
1000 unit_assert(compare_serial(0, 1) < 0);
1001 unit_assert(compare_serial(1, 0) > 0);
1002 unit_assert(compare_serial(0, 0) == 0);
1003 unit_assert(compare_serial(1, 1) == 0);
1004 unit_assert(compare_serial(0xf0000000, 0xf0000000) == 0);
1005 unit_assert(compare_serial(0, 0xf0000000) > 0);
1006 unit_assert(compare_serial(0xf0000000, 0) < 0);
1007 unit_assert(compare_serial(0xf0000000, 0xf0000001) < 0);
1008 unit_assert(compare_serial(0xf0000002, 0xf0000001) > 0);
1009 unit_assert(compare_serial(0x70000000, 0x80000000) < 0);
1010 unit_assert(compare_serial(0x90000000, 0x70000000) > 0);
1013 /** Test authzone read from file */
1015 authzone_read_test(void)
1017 if(vbmp) printf("Testing read auth zone\n");
1018 check_read_exact("example.com", zone_example_com);
1021 /** Test authzone query from zone */
1023 authzone_query_test(void)
1025 if(vbmp) printf("Testing query auth zone\n");
1026 check_queries("example.com", zone_example_com, example_com_queries);
1029 /** test authzone code */
1033 unit_show_feature("authzone");
1034 atexit(tmpfilecleanup);
1035 authzone_compare_serial();
1036 authzone_read_test();
1037 authzone_query_test();