2021-02-04 20:35:13 +03:00
|
|
|
package aghtest
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/sha256"
|
|
|
|
"encoding/hex"
|
|
|
|
"fmt"
|
|
|
|
"net"
|
2022-11-02 16:18:02 +03:00
|
|
|
"net/netip"
|
2021-02-04 20:35:13 +03:00
|
|
|
"strings"
|
|
|
|
|
2022-11-02 16:18:02 +03:00
|
|
|
"github.com/AdguardTeam/dnsproxy/upstream"
|
2022-08-17 18:23:30 +03:00
|
|
|
"github.com/AdguardTeam/golibs/errors"
|
2021-02-04 20:35:13 +03:00
|
|
|
"github.com/miekg/dns"
|
|
|
|
)
|
|
|
|
|
2022-08-17 18:23:30 +03:00
|
|
|
// Additional Upstream Testing Utilities
|
|
|
|
|
2022-06-02 17:55:48 +03:00
|
|
|
// Upstream is a mock implementation of upstream.Upstream.
|
2022-08-17 18:23:30 +03:00
|
|
|
//
|
|
|
|
// TODO(a.garipov): Replace with UpstreamMock and rename it to just Upstream.
|
2022-06-02 17:55:48 +03:00
|
|
|
type Upstream struct {
|
2021-02-04 20:35:13 +03:00
|
|
|
// CName is a map of hostname to canonical name.
|
2022-06-02 17:55:48 +03:00
|
|
|
CName map[string][]string
|
2021-02-04 20:35:13 +03:00
|
|
|
// IPv4 is a map of hostname to IPv4.
|
|
|
|
IPv4 map[string][]net.IP
|
|
|
|
// IPv6 is a map of hostname to IPv6.
|
|
|
|
IPv6 map[string][]net.IP
|
|
|
|
}
|
|
|
|
|
2022-11-02 16:18:02 +03:00
|
|
|
var _ upstream.Upstream = (*Upstream)(nil)
|
2022-08-17 18:23:30 +03:00
|
|
|
|
2022-11-02 16:18:02 +03:00
|
|
|
// Exchange implements the [upstream.Upstream] interface for *Upstream.
|
2021-05-31 20:11:06 +03:00
|
|
|
//
|
|
|
|
// TODO(a.garipov): Split further into handlers.
|
2022-06-02 17:55:48 +03:00
|
|
|
func (u *Upstream) Exchange(m *dns.Msg) (resp *dns.Msg, err error) {
|
|
|
|
resp = new(dns.Msg).SetReply(m)
|
2021-02-04 20:35:13 +03:00
|
|
|
|
|
|
|
if len(m.Question) == 0 {
|
|
|
|
return nil, fmt.Errorf("question should not be empty")
|
|
|
|
}
|
2021-05-31 20:11:06 +03:00
|
|
|
|
2022-06-02 17:55:48 +03:00
|
|
|
q := m.Question[0]
|
|
|
|
name := q.Name
|
|
|
|
for _, cname := range u.CName[name] {
|
|
|
|
resp.Answer = append(resp.Answer, &dns.CNAME{
|
|
|
|
Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypeCNAME},
|
2021-02-04 20:35:13 +03:00
|
|
|
Target: cname,
|
2022-06-02 17:55:48 +03:00
|
|
|
})
|
2021-02-04 20:35:13 +03:00
|
|
|
}
|
|
|
|
|
2022-06-02 17:55:48 +03:00
|
|
|
qtype := q.Qtype
|
2021-05-31 20:11:06 +03:00
|
|
|
hdr := dns.RR_Header{
|
|
|
|
Name: name,
|
2022-06-02 17:55:48 +03:00
|
|
|
Rrtype: qtype,
|
2021-05-31 20:11:06 +03:00
|
|
|
}
|
|
|
|
|
2022-06-02 17:55:48 +03:00
|
|
|
switch qtype {
|
2021-02-04 20:35:13 +03:00
|
|
|
case dns.TypeA:
|
2022-06-02 17:55:48 +03:00
|
|
|
for _, ip := range u.IPv4[name] {
|
|
|
|
resp.Answer = append(resp.Answer, &dns.A{Hdr: hdr, A: ip})
|
2021-02-04 20:35:13 +03:00
|
|
|
}
|
2022-06-02 17:55:48 +03:00
|
|
|
case dns.TypeAAAA:
|
|
|
|
for _, ip := range u.IPv6[name] {
|
|
|
|
resp.Answer = append(resp.Answer, &dns.AAAA{Hdr: hdr, AAAA: ip})
|
2021-02-04 20:35:13 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if len(resp.Answer) == 0 {
|
|
|
|
resp.SetRcode(m, dns.RcodeNameError)
|
|
|
|
}
|
|
|
|
|
|
|
|
return resp, nil
|
|
|
|
}
|
|
|
|
|
2022-11-02 16:18:02 +03:00
|
|
|
// Address implements [upstream.Upstream] interface for *Upstream.
|
2022-06-02 17:55:48 +03:00
|
|
|
func (u *Upstream) Address() string {
|
2022-11-02 16:18:02 +03:00
|
|
|
return "todo.upstream.example"
|
|
|
|
}
|
|
|
|
|
|
|
|
// Close implements [upstream.Upstream] interface for *Upstream.
|
|
|
|
func (u *Upstream) Close() (err error) {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// MatchedResponse is a test helper that returns a response with answer if req
|
|
|
|
// has question type qt, and target targ. Otherwise, it returns nil.
|
|
|
|
//
|
|
|
|
// req must not be nil and req.Question must have a length of 1. Answer is
|
|
|
|
// interpreted in the following ways:
|
|
|
|
//
|
|
|
|
// - For A and AAAA queries, answer must be an IP address of the corresponding
|
|
|
|
// protocol version.
|
|
|
|
//
|
|
|
|
// - For PTR queries, answer should be a domain name in the response.
|
|
|
|
//
|
|
|
|
// If the answer does not correspond to the question type, MatchedResponse panics.
|
|
|
|
// Panics are used instead of [testing.TB], because the helper is intended to
|
|
|
|
// use in [UpstreamMock.OnExchange] callbacks, which are usually called in a
|
|
|
|
// separate goroutine.
|
|
|
|
//
|
|
|
|
// TODO(a.garipov): Consider adding version with DNS class as well.
|
|
|
|
func MatchedResponse(req *dns.Msg, qt uint16, targ, answer string) (resp *dns.Msg) {
|
|
|
|
if req == nil || len(req.Question) != 1 {
|
|
|
|
panic(fmt.Errorf("bad req: %+v", req))
|
|
|
|
}
|
|
|
|
|
|
|
|
q := req.Question[0]
|
|
|
|
targ = dns.Fqdn(targ)
|
|
|
|
if q.Qclass != dns.ClassINET || q.Qtype != qt || q.Name != targ {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
respHdr := dns.RR_Header{
|
|
|
|
Name: targ,
|
|
|
|
Rrtype: qt,
|
|
|
|
Class: dns.ClassINET,
|
|
|
|
Ttl: 60,
|
|
|
|
}
|
|
|
|
|
|
|
|
resp = new(dns.Msg).SetReply(req)
|
|
|
|
switch qt {
|
|
|
|
case dns.TypeA:
|
|
|
|
resp.Answer = mustAnsA(respHdr, answer)
|
|
|
|
case dns.TypeAAAA:
|
|
|
|
resp.Answer = mustAnsAAAA(respHdr, answer)
|
|
|
|
case dns.TypePTR:
|
|
|
|
resp.Answer = []dns.RR{&dns.PTR{
|
|
|
|
Hdr: respHdr,
|
|
|
|
Ptr: answer,
|
|
|
|
}}
|
|
|
|
default:
|
|
|
|
panic(fmt.Errorf("aghtest: bad question type: %s", dns.Type(qt)))
|
|
|
|
}
|
|
|
|
|
|
|
|
return resp
|
|
|
|
}
|
|
|
|
|
|
|
|
// mustAnsA returns valid answer records if s is a valid IPv4 address.
|
|
|
|
// Otherwise, mustAnsA panics.
|
|
|
|
func mustAnsA(respHdr dns.RR_Header, s string) (ans []dns.RR) {
|
|
|
|
ip, err := netip.ParseAddr(s)
|
|
|
|
if err != nil || !ip.Is4() {
|
|
|
|
panic(fmt.Errorf("aghtest: bad A answer: %+v", s))
|
|
|
|
}
|
|
|
|
|
|
|
|
return []dns.RR{&dns.A{
|
|
|
|
Hdr: respHdr,
|
|
|
|
A: ip.AsSlice(),
|
|
|
|
}}
|
|
|
|
}
|
|
|
|
|
|
|
|
// mustAnsAAAA returns valid answer records if s is a valid IPv6 address.
|
|
|
|
// Otherwise, mustAnsAAAA panics.
|
|
|
|
func mustAnsAAAA(respHdr dns.RR_Header, s string) (ans []dns.RR) {
|
|
|
|
ip, err := netip.ParseAddr(s)
|
|
|
|
if err != nil || !ip.Is6() {
|
|
|
|
panic(fmt.Errorf("aghtest: bad AAAA answer: %+v", s))
|
|
|
|
}
|
|
|
|
|
|
|
|
return []dns.RR{&dns.AAAA{
|
|
|
|
Hdr: respHdr,
|
|
|
|
AAAA: ip.AsSlice(),
|
|
|
|
}}
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewUpstreamMock returns an [*UpstreamMock], fields OnAddress and OnClose of
|
|
|
|
// which are set to stubs that return "upstream.example" and nil respectively.
|
|
|
|
// The field OnExchange is set to onExc.
|
|
|
|
func NewUpstreamMock(onExc func(req *dns.Msg) (resp *dns.Msg, err error)) (u *UpstreamMock) {
|
|
|
|
return &UpstreamMock{
|
|
|
|
OnAddress: func() (addr string) { return "upstream.example" },
|
|
|
|
OnExchange: onExc,
|
|
|
|
OnClose: func() (err error) { return nil },
|
|
|
|
}
|
2021-02-04 20:35:13 +03:00
|
|
|
}
|
|
|
|
|
2022-08-17 18:23:30 +03:00
|
|
|
// NewBlockUpstream returns an [*UpstreamMock] that works like an upstream that
|
|
|
|
// supports hash-based safe-browsing/adult-blocking feature. If shouldBlock is
|
|
|
|
// true, hostname's actual hash is returned, blocking it. Otherwise, it returns
|
|
|
|
// a different hash.
|
|
|
|
func NewBlockUpstream(hostname string, shouldBlock bool) (u *UpstreamMock) {
|
|
|
|
hash := sha256.Sum256([]byte(hostname))
|
|
|
|
hashStr := hex.EncodeToString(hash[:])
|
|
|
|
if !shouldBlock {
|
|
|
|
hashStr = hex.EncodeToString(hash[:])[:2] + strings.Repeat("ab", 28)
|
2021-02-04 20:35:13 +03:00
|
|
|
}
|
|
|
|
|
2022-08-17 18:23:30 +03:00
|
|
|
ans := &dns.TXT{
|
|
|
|
Hdr: dns.RR_Header{
|
|
|
|
Name: "",
|
|
|
|
Rrtype: dns.TypeTXT,
|
|
|
|
Class: dns.ClassINET,
|
|
|
|
Ttl: 60,
|
2021-02-04 20:35:13 +03:00
|
|
|
},
|
2022-08-17 18:23:30 +03:00
|
|
|
Txt: []string{hashStr},
|
|
|
|
}
|
|
|
|
respTmpl := &dns.Msg{
|
|
|
|
Answer: []dns.RR{ans},
|
2021-02-04 20:35:13 +03:00
|
|
|
}
|
|
|
|
|
2022-08-17 18:23:30 +03:00
|
|
|
return &UpstreamMock{
|
2022-11-02 16:18:02 +03:00
|
|
|
OnAddress: func() (addr string) { return "sbpc.upstream.example" },
|
2022-08-17 18:23:30 +03:00
|
|
|
OnExchange: func(req *dns.Msg) (resp *dns.Msg, err error) {
|
|
|
|
resp = respTmpl.Copy()
|
|
|
|
resp.SetReply(req)
|
|
|
|
resp.Answer[0].(*dns.TXT).Hdr.Name = req.Question[0].Name
|
2021-02-04 20:35:13 +03:00
|
|
|
|
2022-08-17 18:23:30 +03:00
|
|
|
return resp, nil
|
|
|
|
},
|
2022-11-02 16:18:02 +03:00
|
|
|
OnClose: func() (err error) { return nil },
|
2022-08-17 18:23:30 +03:00
|
|
|
}
|
2021-03-31 15:00:47 +03:00
|
|
|
}
|
2021-02-04 20:35:13 +03:00
|
|
|
|
2022-08-17 18:23:30 +03:00
|
|
|
// ErrUpstream is the error returned from the [*UpstreamMock] created by
|
|
|
|
// [NewErrorUpstream].
|
|
|
|
const ErrUpstream errors.Error = "test upstream error"
|
2021-02-04 20:35:13 +03:00
|
|
|
|
2022-08-17 18:23:30 +03:00
|
|
|
// NewErrorUpstream returns an [*UpstreamMock] that returns [ErrUpstream] from
|
|
|
|
// its Exchange method.
|
|
|
|
func NewErrorUpstream() (u *UpstreamMock) {
|
|
|
|
return &UpstreamMock{
|
2022-11-02 16:18:02 +03:00
|
|
|
OnAddress: func() (addr string) { return "error.upstream.example" },
|
2022-08-17 18:23:30 +03:00
|
|
|
OnExchange: func(_ *dns.Msg) (resp *dns.Msg, err error) {
|
|
|
|
return nil, errors.Error("test upstream error")
|
|
|
|
},
|
2022-11-02 16:18:02 +03:00
|
|
|
OnClose: func() (err error) { return nil },
|
2022-08-17 18:23:30 +03:00
|
|
|
}
|
2021-02-04 20:35:13 +03:00
|
|
|
}
|