]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
412577e3 LP |
2 | /*** |
3 | This file is part of systemd. | |
4 | ||
5 | Copyright 2016 Lennart Poettering | |
412577e3 LP |
6 | ***/ |
7 | ||
12634bb4 LP |
8 | #include <netinet/ip.h> |
9 | ||
412577e3 LP |
10 | #include "sd-bus.h" |
11 | ||
12634bb4 | 12 | #include "af-list.h" |
412577e3 LP |
13 | #include "alloc-util.h" |
14 | #include "bus-common-errors.h" | |
15 | #include "dns-type.h" | |
16 | #include "random-util.h" | |
4cbfd62b | 17 | #include "resolved-def.h" |
412577e3 LP |
18 | #include "string-util.h" |
19 | #include "time-util.h" | |
20 | ||
12634bb4 LP |
21 | static void prefix_random(const char *name, char **ret) { |
22 | uint64_t i, u; | |
23 | char *m = NULL; | |
24 | ||
25 | u = 1 + (random_u64() & 3); | |
26 | ||
27 | for (i = 0; i < u; i++) { | |
28 | _cleanup_free_ char *b = NULL; | |
29 | char *x; | |
30 | ||
31 | assert_se(asprintf(&b, "x%" PRIu64 "x", random_u64())); | |
605405c6 | 32 | x = strjoin(b, ".", name); |
12634bb4 LP |
33 | assert_se(x); |
34 | ||
35 | free(m); | |
36 | m = x; | |
37 | } | |
38 | ||
39 | *ret = m; | |
40 | } | |
41 | ||
42 | static void test_rr_lookup(sd_bus *bus, const char *name, uint16_t type, const char *result) { | |
412577e3 LP |
43 | _cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL; |
44 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; | |
45 | _cleanup_free_ char *m = NULL; | |
46 | int r; | |
47 | ||
48 | /* If the name starts with a dot, we prefix one to three random labels */ | |
49 | if (startswith(name, ".")) { | |
12634bb4 LP |
50 | prefix_random(name + 1, &m); |
51 | name = m; | |
412577e3 LP |
52 | } |
53 | ||
54 | assert_se(sd_bus_message_new_method_call( | |
55 | bus, | |
56 | &req, | |
57 | "org.freedesktop.resolve1", | |
58 | "/org/freedesktop/resolve1", | |
59 | "org.freedesktop.resolve1.Manager", | |
60 | "ResolveRecord") >= 0); | |
61 | ||
62 | assert_se(sd_bus_message_append(req, "isqqt", 0, name, DNS_CLASS_IN, type, UINT64_C(0)) >= 0); | |
63 | ||
4cbfd62b | 64 | r = sd_bus_call(bus, req, SD_RESOLVED_QUERY_TIMEOUT_USEC, &error, &reply); |
412577e3 LP |
65 | |
66 | if (r < 0) { | |
67 | assert_se(result); | |
68 | assert_se(sd_bus_error_has_name(&error, result)); | |
69 | log_info("[OK] %s/%s resulted in <%s>.", name, dns_type_to_string(type), error.name); | |
70 | } else { | |
71 | assert_se(!result); | |
72 | log_info("[OK] %s/%s succeeded.", name, dns_type_to_string(type)); | |
73 | } | |
74 | } | |
75 | ||
12634bb4 LP |
76 | static void test_hostname_lookup(sd_bus *bus, const char *name, int family, const char *result) { |
77 | _cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL; | |
78 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; | |
79 | _cleanup_free_ char *m = NULL; | |
80 | const char *af; | |
81 | int r; | |
82 | ||
83 | af = family == AF_UNSPEC ? "AF_UNSPEC" : af_to_name(family); | |
84 | ||
85 | /* If the name starts with a dot, we prefix one to three random labels */ | |
86 | if (startswith(name, ".")) { | |
87 | prefix_random(name + 1, &m); | |
88 | name = m; | |
89 | } | |
90 | ||
91 | assert_se(sd_bus_message_new_method_call( | |
92 | bus, | |
93 | &req, | |
94 | "org.freedesktop.resolve1", | |
95 | "/org/freedesktop/resolve1", | |
96 | "org.freedesktop.resolve1.Manager", | |
97 | "ResolveHostname") >= 0); | |
98 | ||
99 | assert_se(sd_bus_message_append(req, "isit", 0, name, family, UINT64_C(0)) >= 0); | |
100 | ||
4cbfd62b | 101 | r = sd_bus_call(bus, req, SD_RESOLVED_QUERY_TIMEOUT_USEC, &error, &reply); |
12634bb4 LP |
102 | |
103 | if (r < 0) { | |
104 | assert_se(result); | |
105 | assert_se(sd_bus_error_has_name(&error, result)); | |
106 | log_info("[OK] %s/%s resulted in <%s>.", name, af, error.name); | |
107 | } else { | |
108 | assert_se(!result); | |
109 | log_info("[OK] %s/%s succeeded.", name, af); | |
110 | } | |
111 | ||
112 | } | |
113 | ||
412577e3 LP |
114 | int main(int argc, char* argv[]) { |
115 | _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL; | |
116 | ||
117 | /* Note that this is a manual test as it requires: | |
118 | * | |
119 | * Full network access | |
120 | * A DNSSEC capable DNS server | |
121 | * That zones contacted are still set up as they were when I wrote this. | |
122 | */ | |
123 | ||
124 | assert_se(sd_bus_open_system(&bus) >= 0); | |
125 | ||
126 | /* Normally signed */ | |
12634bb4 LP |
127 | test_rr_lookup(bus, "www.eurid.eu", DNS_TYPE_A, NULL); |
128 | test_hostname_lookup(bus, "www.eurid.eu", AF_UNSPEC, NULL); | |
129 | ||
130 | test_rr_lookup(bus, "sigok.verteiltesysteme.net", DNS_TYPE_A, NULL); | |
131 | test_hostname_lookup(bus, "sigok.verteiltesysteme.net", AF_UNSPEC, NULL); | |
412577e3 LP |
132 | |
133 | /* Normally signed, NODATA */ | |
12634bb4 LP |
134 | test_rr_lookup(bus, "www.eurid.eu", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR); |
135 | test_rr_lookup(bus, "sigok.verteiltesysteme.net", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR); | |
412577e3 LP |
136 | |
137 | /* Invalid signature */ | |
12634bb4 LP |
138 | test_rr_lookup(bus, "sigfail.verteiltesysteme.net", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED); |
139 | test_hostname_lookup(bus, "sigfail.verteiltesysteme.net", AF_INET, BUS_ERROR_DNSSEC_FAILED); | |
412577e3 LP |
140 | |
141 | /* Invalid signature, RSA, wildcard */ | |
12634bb4 LP |
142 | test_rr_lookup(bus, ".wilda.rhybar.0skar.cz", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED); |
143 | test_hostname_lookup(bus, ".wilda.rhybar.0skar.cz", AF_INET, BUS_ERROR_DNSSEC_FAILED); | |
412577e3 LP |
144 | |
145 | /* Invalid signature, ECDSA, wildcard */ | |
12634bb4 LP |
146 | test_rr_lookup(bus, ".wilda.rhybar.ecdsa.0skar.cz", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED); |
147 | test_hostname_lookup(bus, ".wilda.rhybar.ecdsa.0skar.cz", AF_INET, BUS_ERROR_DNSSEC_FAILED); | |
412577e3 LP |
148 | |
149 | /* NXDOMAIN in NSEC domain */ | |
12634bb4 LP |
150 | test_rr_lookup(bus, "hhh.nasa.gov", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN"); |
151 | test_hostname_lookup(bus, "hhh.nasa.gov", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN"); | |
412577e3 LP |
152 | |
153 | /* wildcard, NSEC zone */ | |
12634bb4 LP |
154 | test_rr_lookup(bus, ".wilda.nsec.0skar.cz", DNS_TYPE_A, NULL); |
155 | test_hostname_lookup(bus, ".wilda.nsec.0skar.cz", AF_INET, NULL); | |
412577e3 LP |
156 | |
157 | /* wildcard, NSEC zone, NODATA */ | |
12634bb4 | 158 | test_rr_lookup(bus, ".wilda.nsec.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR); |
412577e3 LP |
159 | |
160 | /* wildcard, NSEC3 zone */ | |
12634bb4 LP |
161 | test_rr_lookup(bus, ".wilda.0skar.cz", DNS_TYPE_A, NULL); |
162 | test_hostname_lookup(bus, ".wilda.0skar.cz", AF_INET, NULL); | |
412577e3 LP |
163 | |
164 | /* wildcard, NSEC3 zone, NODATA */ | |
12634bb4 | 165 | test_rr_lookup(bus, ".wilda.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR); |
412577e3 LP |
166 | |
167 | /* wildcard, NSEC zone, CNAME */ | |
12634bb4 LP |
168 | test_rr_lookup(bus, ".wild.nsec.0skar.cz", DNS_TYPE_A, NULL); |
169 | test_hostname_lookup(bus, ".wild.nsec.0skar.cz", AF_UNSPEC, NULL); | |
170 | test_hostname_lookup(bus, ".wild.nsec.0skar.cz", AF_INET, NULL); | |
412577e3 LP |
171 | |
172 | /* wildcard, NSEC zone, NODATA, CNAME */ | |
12634bb4 | 173 | test_rr_lookup(bus, ".wild.nsec.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR); |
412577e3 LP |
174 | |
175 | /* wildcard, NSEC3 zone, CNAME */ | |
12634bb4 LP |
176 | test_rr_lookup(bus, ".wild.0skar.cz", DNS_TYPE_A, NULL); |
177 | test_hostname_lookup(bus, ".wild.0skar.cz", AF_UNSPEC, NULL); | |
178 | test_hostname_lookup(bus, ".wild.0skar.cz", AF_INET, NULL); | |
412577e3 LP |
179 | |
180 | /* wildcard, NSEC3 zone, NODATA, CNAME */ | |
12634bb4 | 181 | test_rr_lookup(bus, ".wild.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR); |
412577e3 LP |
182 | |
183 | /* NODATA due to empty non-terminal in NSEC domain */ | |
12634bb4 LP |
184 | test_rr_lookup(bus, "herndon.nasa.gov", DNS_TYPE_A, BUS_ERROR_NO_SUCH_RR); |
185 | test_hostname_lookup(bus, "herndon.nasa.gov", AF_UNSPEC, BUS_ERROR_NO_SUCH_RR); | |
186 | test_hostname_lookup(bus, "herndon.nasa.gov", AF_INET, BUS_ERROR_NO_SUCH_RR); | |
187 | test_hostname_lookup(bus, "herndon.nasa.gov", AF_INET6, BUS_ERROR_NO_SUCH_RR); | |
412577e3 LP |
188 | |
189 | /* NXDOMAIN in NSEC root zone: */ | |
12634bb4 LP |
190 | test_rr_lookup(bus, "jasdhjas.kjkfgjhfjg", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN"); |
191 | test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN"); | |
192 | test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_INET, _BUS_ERROR_DNS "NXDOMAIN"); | |
193 | test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN"); | |
412577e3 LP |
194 | |
195 | /* NXDOMAIN in NSEC3 .com zone: */ | |
12634bb4 LP |
196 | test_rr_lookup(bus, "kjkfgjhfjgsdfdsfd.com", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN"); |
197 | test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_INET, _BUS_ERROR_DNS "NXDOMAIN"); | |
198 | test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN"); | |
199 | test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN"); | |
200 | ||
201 | /* Unsigned A */ | |
202 | test_rr_lookup(bus, "poettering.de", DNS_TYPE_A, NULL); | |
203 | test_rr_lookup(bus, "poettering.de", DNS_TYPE_AAAA, NULL); | |
204 | test_hostname_lookup(bus, "poettering.de", AF_UNSPEC, NULL); | |
205 | test_hostname_lookup(bus, "poettering.de", AF_INET, NULL); | |
206 | test_hostname_lookup(bus, "poettering.de", AF_INET6, NULL); | |
207 | ||
349cc4a5 | 208 | #if HAVE_LIBIDN2 || HAVE_LIBIDN |
12634bb4 LP |
209 | /* Unsigned A with IDNA conversion necessary */ |
210 | test_hostname_lookup(bus, "pöttering.de", AF_UNSPEC, NULL); | |
211 | test_hostname_lookup(bus, "pöttering.de", AF_INET, NULL); | |
212 | test_hostname_lookup(bus, "pöttering.de", AF_INET6, NULL); | |
213 | #endif | |
412577e3 | 214 | |
8f4560c7 LP |
215 | /* DNAME, pointing to NXDOMAIN */ |
216 | test_rr_lookup(bus, ".ireallyhpoethisdoesnexist.xn--kprw13d.", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN"); | |
217 | test_rr_lookup(bus, ".ireallyhpoethisdoesnexist.xn--kprw13d.", DNS_TYPE_RP, _BUS_ERROR_DNS "NXDOMAIN"); | |
218 | test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN"); | |
219 | test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_INET, _BUS_ERROR_DNS "NXDOMAIN"); | |
220 | test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN"); | |
221 | ||
412577e3 LP |
222 | return 0; |
223 | } |