mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-22 01:59:26 +00:00
2c3b2dabe9
The unit tests are now using a common base, which means that lib/dns/tests/ code now has to include lib/isc/include/isc/test.h and link with lib/isc/test.c and lib/ns/tests has to include both libisc and libdns parts. Instead of cross-linking code between the directories, move the /lib/<foo>/test.c to /tests/<foo>.c and /lib/<foo>/include/<foo>test.h to /tests/include/tests/<foo>.h and create a single libtest.la convenience library in /tests/. At the same time, move the /lib/<foo>/tests/ to /tests/<foo>/ (but keep it symlinked to the old location) and adjust paths accordingly. In few places, we are now using absolute paths instead of relative paths, because the directory level has changed. By moving the directories under the /tests/ directory, the test-related code is kept in a single place and we can avoid referencing files between libns->libdns->libisc which is unhealthy because they live in a separate Makefile-space. In the future, the /bin/tests/ should be merged to /tests/ and symlink kept, and the /fuzz/ directory moved to /tests/fuzz/.
223 lines
5.1 KiB
C
223 lines
5.1 KiB
C
/*
|
|
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
*
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*
|
|
* See the COPYRIGHT file distributed with this work for additional
|
|
* information regarding copyright ownership.
|
|
*/
|
|
|
|
#include <inttypes.h>
|
|
#include <sched.h> /* IWYU pragma: keep */
|
|
#include <setjmp.h>
|
|
#include <stdarg.h>
|
|
#include <stdbool.h>
|
|
#include <stddef.h>
|
|
#include <stdlib.h>
|
|
#include <unistd.h>
|
|
|
|
#define UNIT_TESTING
|
|
#include <cmocka.h>
|
|
|
|
#include <isc/buffer.h>
|
|
#include <isc/util.h>
|
|
|
|
#include <dns/nsec3.h>
|
|
#include <dns/private.h>
|
|
#include <dns/rdataclass.h>
|
|
#include <dns/rdatatype.h>
|
|
|
|
#include <dst/dst.h>
|
|
|
|
#include <tests/dns.h>
|
|
|
|
static dns_rdatatype_t privatetype = 65534;
|
|
|
|
static int
|
|
setup_test(void **state) {
|
|
isc_result_t result;
|
|
|
|
UNUSED(state);
|
|
|
|
result = dst_lib_init(mctx, NULL);
|
|
|
|
if (result != ISC_R_SUCCESS) {
|
|
return (1);
|
|
}
|
|
|
|
return (0);
|
|
}
|
|
|
|
static int
|
|
teardown_test(void **state) {
|
|
UNUSED(state);
|
|
|
|
dst_lib_destroy();
|
|
|
|
return (0);
|
|
}
|
|
|
|
typedef struct {
|
|
unsigned char alg;
|
|
dns_keytag_t keyid;
|
|
bool remove;
|
|
bool complete;
|
|
} signing_testcase_t;
|
|
|
|
typedef struct {
|
|
unsigned char hash;
|
|
unsigned char flags;
|
|
unsigned int iterations;
|
|
unsigned long salt;
|
|
bool remove;
|
|
bool pending;
|
|
bool nonsec;
|
|
} nsec3_testcase_t;
|
|
|
|
static void
|
|
make_signing(signing_testcase_t *testcase, dns_rdata_t *private,
|
|
unsigned char *buf, size_t len) {
|
|
dns_rdata_init(private);
|
|
|
|
buf[0] = testcase->alg;
|
|
buf[1] = (testcase->keyid & 0xff00) >> 8;
|
|
buf[2] = (testcase->keyid & 0xff);
|
|
buf[3] = testcase->remove;
|
|
buf[4] = testcase->complete;
|
|
private
|
|
->data = buf;
|
|
private
|
|
->length = len;
|
|
private
|
|
->type = privatetype;
|
|
private
|
|
->rdclass = dns_rdataclass_in;
|
|
}
|
|
|
|
static void
|
|
make_nsec3(nsec3_testcase_t *testcase, dns_rdata_t *private,
|
|
unsigned char *pbuf) {
|
|
dns_rdata_nsec3param_t params;
|
|
dns_rdata_t nsec3param = DNS_RDATA_INIT;
|
|
unsigned char bufdata[BUFSIZ];
|
|
isc_buffer_t buf;
|
|
uint32_t salt;
|
|
unsigned char *sp;
|
|
int slen = 4;
|
|
|
|
/* for simplicity, we're using a maximum salt length of 4 */
|
|
salt = htonl(testcase->salt);
|
|
sp = (unsigned char *)&salt;
|
|
while (slen > 0 && *sp == '\0') {
|
|
slen--;
|
|
sp++;
|
|
}
|
|
|
|
params.common.rdclass = dns_rdataclass_in;
|
|
params.common.rdtype = dns_rdatatype_nsec3param;
|
|
params.hash = testcase->hash;
|
|
params.iterations = testcase->iterations;
|
|
params.salt = sp;
|
|
params.salt_length = slen;
|
|
|
|
params.flags = testcase->flags;
|
|
if (testcase->remove) {
|
|
params.flags |= DNS_NSEC3FLAG_REMOVE;
|
|
if (testcase->nonsec) {
|
|
params.flags |= DNS_NSEC3FLAG_NONSEC;
|
|
}
|
|
} else {
|
|
params.flags |= DNS_NSEC3FLAG_CREATE;
|
|
if (testcase->pending) {
|
|
params.flags |= DNS_NSEC3FLAG_INITIAL;
|
|
}
|
|
}
|
|
|
|
isc_buffer_init(&buf, bufdata, sizeof(bufdata));
|
|
dns_rdata_fromstruct(&nsec3param, dns_rdataclass_in,
|
|
dns_rdatatype_nsec3param, ¶ms, &buf);
|
|
|
|
dns_rdata_init(private);
|
|
|
|
dns_nsec3param_toprivate(&nsec3param, private, privatetype, pbuf,
|
|
DNS_NSEC3PARAM_BUFFERSIZE + 1);
|
|
}
|
|
|
|
/* convert private signing records to text */
|
|
ISC_RUN_TEST_IMPL(private_signing_totext) {
|
|
dns_rdata_t private;
|
|
int i;
|
|
|
|
signing_testcase_t testcases[] = { { DST_ALG_RSASHA512, 12345, 0, 0 },
|
|
{ DST_ALG_RSASHA256, 54321, 1, 0 },
|
|
{ DST_ALG_NSEC3RSASHA1, 22222, 0,
|
|
1 },
|
|
{ DST_ALG_RSASHA1, 33333, 1, 1 } };
|
|
const char *results[] = { "Signing with key 12345/RSASHA512",
|
|
"Removing signatures for key 54321/RSASHA256",
|
|
"Done signing with key 22222/NSEC3RSASHA1",
|
|
("Done removing signatures for key "
|
|
"33333/RSASHA1") };
|
|
int ncases = 4;
|
|
|
|
UNUSED(state);
|
|
|
|
for (i = 0; i < ncases; i++) {
|
|
unsigned char data[5];
|
|
char output[BUFSIZ];
|
|
isc_buffer_t buf;
|
|
|
|
isc_buffer_init(&buf, output, sizeof(output));
|
|
|
|
make_signing(&testcases[i], &private, data, sizeof(data));
|
|
dns_private_totext(&private, &buf);
|
|
assert_string_equal(output, results[i]);
|
|
}
|
|
}
|
|
|
|
/* convert private chain records to text */
|
|
ISC_RUN_TEST_IMPL(private_nsec3_totext) {
|
|
dns_rdata_t private;
|
|
int i;
|
|
|
|
nsec3_testcase_t testcases[] = {
|
|
{ 1, 0, 1, 0xbeef, 0, 0, 0 },
|
|
{ 1, 1, 10, 0xdadd, 0, 0, 0 },
|
|
{ 1, 0, 20, 0xbead, 0, 1, 0 },
|
|
{ 1, 0, 30, 0xdeaf, 1, 0, 0 },
|
|
{ 1, 0, 100, 0xfeedabee, 1, 0, 1 },
|
|
};
|
|
const char *results[] = { "Creating NSEC3 chain 1 0 1 BEEF",
|
|
"Creating NSEC3 chain 1 1 10 DADD",
|
|
"Pending NSEC3 chain 1 0 20 BEAD",
|
|
("Removing NSEC3 chain 1 0 30 DEAF / "
|
|
"creating NSEC chain"),
|
|
"Removing NSEC3 chain 1 0 100 FEEDABEE" };
|
|
int ncases = 5;
|
|
|
|
UNUSED(state);
|
|
|
|
for (i = 0; i < ncases; i++) {
|
|
unsigned char data[DNS_NSEC3PARAM_BUFFERSIZE + 1];
|
|
char output[BUFSIZ];
|
|
isc_buffer_t buf;
|
|
|
|
isc_buffer_init(&buf, output, sizeof(output));
|
|
|
|
make_nsec3(&testcases[i], &private, data);
|
|
dns_private_totext(&private, &buf);
|
|
assert_string_equal(output, results[i]);
|
|
}
|
|
}
|
|
|
|
ISC_TEST_LIST_START
|
|
ISC_TEST_ENTRY_CUSTOM(private_signing_totext, setup_test, teardown_test)
|
|
ISC_TEST_ENTRY_CUSTOM(private_nsec3_totext, setup_test, teardown_test)
|
|
ISC_TEST_LIST_END
|
|
|
|
ISC_TEST_MAIN
|