summaryrefslogtreecommitdiff
path: root/src/resolve/test-dnssec-complex.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/resolve/test-dnssec-complex.c')
-rw-r--r--src/resolve/test-dnssec-complex.c236
1 files changed, 0 insertions, 236 deletions
diff --git a/src/resolve/test-dnssec-complex.c b/src/resolve/test-dnssec-complex.c
deleted file mode 100644
index 58c089eb40..0000000000
--- a/src/resolve/test-dnssec-complex.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2016 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <netinet/ip.h>
-
-#include "sd-bus.h"
-
-#include "af-list.h"
-#include "alloc-util.h"
-#include "bus-common-errors.h"
-#include "dns-type.h"
-#include "random-util.h"
-#include "string-util.h"
-#include "time-util.h"
-
-#define DNS_CALL_TIMEOUT_USEC (45*USEC_PER_SEC)
-
-static void prefix_random(const char *name, char **ret) {
- uint64_t i, u;
- char *m = NULL;
-
- u = 1 + (random_u64() & 3);
-
- for (i = 0; i < u; i++) {
- _cleanup_free_ char *b = NULL;
- char *x;
-
- assert_se(asprintf(&b, "x%" PRIu64 "x", random_u64()));
- x = strjoin(b, ".", name, NULL);
- assert_se(x);
-
- free(m);
- m = x;
- }
-
- *ret = m;
- }
-
-static void test_rr_lookup(sd_bus *bus, const char *name, uint16_t type, const char *result) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL;
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_free_ char *m = NULL;
- int r;
-
- /* If the name starts with a dot, we prefix one to three random labels */
- if (startswith(name, ".")) {
- prefix_random(name + 1, &m);
- name = m;
- }
-
- assert_se(sd_bus_message_new_method_call(
- bus,
- &req,
- "org.freedesktop.resolve1",
- "/org/freedesktop/resolve1",
- "org.freedesktop.resolve1.Manager",
- "ResolveRecord") >= 0);
-
- assert_se(sd_bus_message_append(req, "isqqt", 0, name, DNS_CLASS_IN, type, UINT64_C(0)) >= 0);
-
- r = sd_bus_call(bus, req, DNS_CALL_TIMEOUT_USEC, &error, &reply);
-
- if (r < 0) {
- assert_se(result);
- assert_se(sd_bus_error_has_name(&error, result));
- log_info("[OK] %s/%s resulted in <%s>.", name, dns_type_to_string(type), error.name);
- } else {
- assert_se(!result);
- log_info("[OK] %s/%s succeeded.", name, dns_type_to_string(type));
- }
-}
-
-static void test_hostname_lookup(sd_bus *bus, const char *name, int family, const char *result) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL;
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_free_ char *m = NULL;
- const char *af;
- int r;
-
- af = family == AF_UNSPEC ? "AF_UNSPEC" : af_to_name(family);
-
- /* If the name starts with a dot, we prefix one to three random labels */
- if (startswith(name, ".")) {
- prefix_random(name + 1, &m);
- name = m;
- }
-
- assert_se(sd_bus_message_new_method_call(
- bus,
- &req,
- "org.freedesktop.resolve1",
- "/org/freedesktop/resolve1",
- "org.freedesktop.resolve1.Manager",
- "ResolveHostname") >= 0);
-
- assert_se(sd_bus_message_append(req, "isit", 0, name, family, UINT64_C(0)) >= 0);
-
- r = sd_bus_call(bus, req, DNS_CALL_TIMEOUT_USEC, &error, &reply);
-
- if (r < 0) {
- assert_se(result);
- assert_se(sd_bus_error_has_name(&error, result));
- log_info("[OK] %s/%s resulted in <%s>.", name, af, error.name);
- } else {
- assert_se(!result);
- log_info("[OK] %s/%s succeeded.", name, af);
- }
-
-}
-
-int main(int argc, char* argv[]) {
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
-
- /* Note that this is a manual test as it requires:
- *
- * Full network access
- * A DNSSEC capable DNS server
- * That zones contacted are still set up as they were when I wrote this.
- */
-
- assert_se(sd_bus_open_system(&bus) >= 0);
-
- /* Normally signed */
- test_rr_lookup(bus, "www.eurid.eu", DNS_TYPE_A, NULL);
- test_hostname_lookup(bus, "www.eurid.eu", AF_UNSPEC, NULL);
-
- test_rr_lookup(bus, "sigok.verteiltesysteme.net", DNS_TYPE_A, NULL);
- test_hostname_lookup(bus, "sigok.verteiltesysteme.net", AF_UNSPEC, NULL);
-
- /* Normally signed, NODATA */
- test_rr_lookup(bus, "www.eurid.eu", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
- test_rr_lookup(bus, "sigok.verteiltesysteme.net", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
-
- /* Invalid signature */
- test_rr_lookup(bus, "sigfail.verteiltesysteme.net", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
- test_hostname_lookup(bus, "sigfail.verteiltesysteme.net", AF_INET, BUS_ERROR_DNSSEC_FAILED);
-
- /* Invalid signature, RSA, wildcard */
- test_rr_lookup(bus, ".wilda.rhybar.0skar.cz", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
- test_hostname_lookup(bus, ".wilda.rhybar.0skar.cz", AF_INET, BUS_ERROR_DNSSEC_FAILED);
-
- /* Invalid signature, ECDSA, wildcard */
- test_rr_lookup(bus, ".wilda.rhybar.ecdsa.0skar.cz", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
- test_hostname_lookup(bus, ".wilda.rhybar.ecdsa.0skar.cz", AF_INET, BUS_ERROR_DNSSEC_FAILED);
-
- /* NXDOMAIN in NSEC domain */
- test_rr_lookup(bus, "hhh.nasa.gov", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, "hhh.nasa.gov", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
-
- /* wildcard, NSEC zone */
- test_rr_lookup(bus, ".wilda.nsec.0skar.cz", DNS_TYPE_A, NULL);
- test_hostname_lookup(bus, ".wilda.nsec.0skar.cz", AF_INET, NULL);
-
- /* wildcard, NSEC zone, NODATA */
- test_rr_lookup(bus, ".wilda.nsec.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
-
- /* wildcard, NSEC3 zone */
- test_rr_lookup(bus, ".wilda.0skar.cz", DNS_TYPE_A, NULL);
- test_hostname_lookup(bus, ".wilda.0skar.cz", AF_INET, NULL);
-
- /* wildcard, NSEC3 zone, NODATA */
- test_rr_lookup(bus, ".wilda.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
-
- /* wildcard, NSEC zone, CNAME */
- test_rr_lookup(bus, ".wild.nsec.0skar.cz", DNS_TYPE_A, NULL);
- test_hostname_lookup(bus, ".wild.nsec.0skar.cz", AF_UNSPEC, NULL);
- test_hostname_lookup(bus, ".wild.nsec.0skar.cz", AF_INET, NULL);
-
- /* wildcard, NSEC zone, NODATA, CNAME */
- test_rr_lookup(bus, ".wild.nsec.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
-
- /* wildcard, NSEC3 zone, CNAME */
- test_rr_lookup(bus, ".wild.0skar.cz", DNS_TYPE_A, NULL);
- test_hostname_lookup(bus, ".wild.0skar.cz", AF_UNSPEC, NULL);
- test_hostname_lookup(bus, ".wild.0skar.cz", AF_INET, NULL);
-
- /* wildcard, NSEC3 zone, NODATA, CNAME */
- test_rr_lookup(bus, ".wild.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
-
- /* NODATA due to empty non-terminal in NSEC domain */
- test_rr_lookup(bus, "herndon.nasa.gov", DNS_TYPE_A, BUS_ERROR_NO_SUCH_RR);
- test_hostname_lookup(bus, "herndon.nasa.gov", AF_UNSPEC, BUS_ERROR_NO_SUCH_RR);
- test_hostname_lookup(bus, "herndon.nasa.gov", AF_INET, BUS_ERROR_NO_SUCH_RR);
- test_hostname_lookup(bus, "herndon.nasa.gov", AF_INET6, BUS_ERROR_NO_SUCH_RR);
-
- /* NXDOMAIN in NSEC root zone: */
- test_rr_lookup(bus, "jasdhjas.kjkfgjhfjg", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");
-
- /* NXDOMAIN in NSEC3 .com zone: */
- test_rr_lookup(bus, "kjkfgjhfjgsdfdsfd.com", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
-
- /* Unsigned A */
- test_rr_lookup(bus, "poettering.de", DNS_TYPE_A, NULL);
- test_rr_lookup(bus, "poettering.de", DNS_TYPE_AAAA, NULL);
- test_hostname_lookup(bus, "poettering.de", AF_UNSPEC, NULL);
- test_hostname_lookup(bus, "poettering.de", AF_INET, NULL);
- test_hostname_lookup(bus, "poettering.de", AF_INET6, NULL);
-
-#ifdef HAVE_LIBIDN
- /* Unsigned A with IDNA conversion necessary */
- test_hostname_lookup(bus, "pöttering.de", AF_UNSPEC, NULL);
- test_hostname_lookup(bus, "pöttering.de", AF_INET, NULL);
- test_hostname_lookup(bus, "pöttering.de", AF_INET6, NULL);
-#endif
-
- /* DNAME, pointing to NXDOMAIN */
- test_rr_lookup(bus, ".ireallyhpoethisdoesnexist.xn--kprw13d.", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
- test_rr_lookup(bus, ".ireallyhpoethisdoesnexist.xn--kprw13d.", DNS_TYPE_RP, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
- test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");
-
- return 0;
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 10:43:02 +0000