- Unit test for auth zone https url download.

git-svn-id: file:///svn/unbound/trunk@4531 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index 1e79a8be6ef6a46347b84c31ec37d6aa525cb9aa..74cef944ec4f13f804cbfc1c18fbea95d3d4779d 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+12 February 2018: Wouter
+       - Unit test for auth zone https url download.
+
 12 February 2018: Ralph
        - Added tests with wildcard expanded NSEC records (CVE-2017-15105 test)
        - Processed aggressive NSEC code review remarks Wouter

diff --git a/testdata/auth_https.tdir/127.0.0.1/example.com.zone b/testdata/auth_https.tdir/127.0.0.1/example.com.zone
new file mode 100644 (file)
index 0000000..695eb1c
--- /dev/null
+++ b/testdata/auth_https.tdir/127.0.0.1/example.com.zone
@@ -0,0 +1,3 @@
+example.com. IN SOA ns.example.com. hostmaster.example.com. 1 3600 900 86400 3600
+example.com.   IN NS   ns.example.net.
+www.example.com. IN A  1.2.3.4

diff --git a/testdata/auth_https.tdir/auth_https.conf b/testdata/auth_https.tdir/auth_https.conf
new file mode 100644 (file)
index 0000000..add166f
--- /dev/null
+++ b/testdata/auth_https.tdir/auth_https.conf
@@ -0,0 +1,18 @@
+server:
+       verbosity: 7
+       # num-threads: 1
+       interface: 127.0.0.1
+       port: @PORT@
+       use-syslog: no
+       directory: ""
+       pidfile: "unbound.pid"
+       chroot: ""
+       username: ""
+       do-not-query-localhost: no
+       use-caps-for-id: yes
+auth-zone:
+       name: "example.com"
+       for-upstream: yes
+       for-downstream: yes
+       url: "https://127.0.0.1:@TOPORT@/example.com.zone"
+

diff --git a/testdata/auth_https.tdir/auth_https.dsc b/testdata/auth_https.tdir/auth_https.dsc
new file mode 100644 (file)
index 0000000..bf43411
--- /dev/null
+++ b/testdata/auth_https.tdir/auth_https.dsc
@@ -0,0 +1,16 @@
+BaseName: auth_https
+Version: 1.0
+Description: Perform https for authority zone
+CreationDate: Tue 13 Jun 09:35:40 CEST 2017
+Maintainer: dr. W.C.A. Wijngaards
+Category: 
+Component:
+CmdDepends: 
+Depends: 
+Help:
+Pre: auth_https.pre
+Post: auth_https.post
+Test: auth_https.test
+AuxFiles: 
+Passed:
+Failure:

diff --git a/testdata/auth_https.tdir/auth_https.post b/testdata/auth_https.tdir/auth_https.post
new file mode 100644 (file)
index 0000000..3c1b7ef
--- /dev/null
+++ b/testdata/auth_https.tdir/auth_https.post
@@ -0,0 +1,11 @@
+# #-- auth_https.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+PRE="../.."
+. ../common.sh
+kill_pid $UNBOUND_PID
+kill_pid $PETAL_PID

diff --git a/testdata/auth_https.tdir/auth_https.pre b/testdata/auth_https.tdir/auth_https.pre
new file mode 100644 (file)
index 0000000..e50fd5f
--- /dev/null
+++ b/testdata/auth_https.tdir/auth_https.pre
@@ -0,0 +1,34 @@
+# #-- auth_https.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+PETAL_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "PETAL_PORT=$PETAL_PORT" >> .tpkg.var.test
+
+get_make
+(cd $PRE; $MAKE petal)
+
+# start https daemon
+$PRE/petal -v -a "127.0.0.1" -p $PETAL_PORT >petal.log 2>&1 &
+PETAL_PID=$!
+echo "PETAL_PID=$PETAL_PID" >> .tpkg.var.test
+cat .tpkg.var.test
+wait_petal_up petal.log
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$PETAL_PORT'/' < auth_https.conf > ub.conf
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_unbound_up unbound.log
+

diff --git a/testdata/auth_https.tdir/auth_https.test b/testdata/auth_https.tdir/auth_https.test
new file mode 100644 (file)
index 0000000..cff9354
--- /dev/null
+++ b/testdata/auth_https.tdir/auth_https.test
@@ -0,0 +1,51 @@
+# #-- auth_https.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+if grep SERVFAIL outfile; then
+       echo "> try again"
+       dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+fi
+if grep SERVFAIL outfile; then
+       echo "> try again"
+       sleep 1
+       dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+fi
+if grep SERVFAIL outfile; then
+       echo "> try again"
+       sleep 1
+       dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+fi
+if grep SERVFAIL outfile; then
+       echo "> try again"
+       sleep 1
+       dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+fi
+if grep SERVFAIL outfile; then
+       echo "> try again"
+       sleep 10
+       dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+fi
+if grep SERVFAIL outfile; then
+       echo "> try again"
+       sleep 10
+       dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+fi
+echo "> cat logfiles"
+cat petal.log 
+cat unbound.log
+echo "> check answer"
+if grep "1.2.3.4" outfile; then
+       echo "OK"
+else
+       echo "Not OK"
+       exit 1
+fi
+
+exit 0

diff --git a/testdata/auth_https.tdir/petal.key b/testdata/auth_https.tdir/petal.key
new file mode 100644 (file)
index 0000000..6614e49
--- /dev/null
+++ b/testdata/auth_https.tdir/petal.key
@@ -0,0 +1,21 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIDfQIBAAKBwQC1xQ/Kca6zszZbcCtdOTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJ
+RuN+Rm304SonpwghfP2/ULZNnuDgpG03/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1
+QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ867K029ypjOQtAJ85qdO3mERy7TGtdUcu
+O6hLeVet419YeQ2F8cfNxn63d7bOzNGLPW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeU
+J/i4YDWexFYSL+ECAwEAAQKBwCLXXQl+9O+5AEhSnd1Go1Jh0pSA7eBJOuXQcebG
+Rb7ykp+6C4G2NtDziwwPRNdI6wQQQ0sym18RfyVQHydGr78/nbiIbB3HCn5e92Mh
+mefzW6ow9Kvm2txLzGKA1lvoyRbNm81jnG/eygi3u7Nqd5PNv+4dHj2RkTlmxOeh
+qnDMVP5md8uZPv6lYNnrnIzvLCR5vnPNdVwn89AqzI85IcDZdy0R9ZX4NBbsDgAU
+6ig6uXuRXvSGiyJ/OUXSrnogaQJhAOjvkHUhVZQkPOxO90TNH4j0GdKKtbSWxIdz
+lKfuJeBAEqs0TL+C6vbS81Xw3W1alyDdUBk3rJMOBqW6Ryq5HNL+j5H+Jfsh7fvc
+Yle+5wHGci0P9zCFZCrY8It7n9XFIwJhAMfEi6oJa2G8waPJ1bQhxka82Tf9pnKM
+XCn/1BBOFjVIx5F842cpA+zp5a62GENTGYPQTTRBB/2/ZwnW5aIkrlg54AtmbqBZ
+Oh+2kJdJQD/tfoVmc5soUE2ScTHadK5RKwJhAN4w9kjkXS+MSZjX0kIMsBIBVkhh
+C+aREjJqa9ir7/Ey7RvmLXdYuCxtGLRXp7/R8+rjcK49Tx6O+IRJZe042mfhbq3C
+EhS1Tr86f4xXix9EXlDhs9bSxrOgcAN9Dv/opQJhAK7eBcPaav0rVfYh/8emqQHS
+3fJ9Pu6WnzbEksWTFS2ff9KDGCx9YspIFJ5TF/oXDAaumGZdZrlgirm6O1kr8tGY
+F97i04PZl1+bWAaWQH+1TUNI43m2WFUPE7coG2tb8QJgcddDg9VlXliZqgcETZfJ
+kJmYETxrcSn3ao6v116N8yxhEgUgjkmsCTiFgx36iDVnXwK6PIt+sIu8MC7eYNa3
+berrv/M21K0LRn20IWRxvUobG070weHCAgkko7fTWgr2
+-----END RSA PRIVATE KEY-----

diff --git a/testdata/auth_https.tdir/petal.pem b/testdata/auth_https.tdir/petal.pem
new file mode 100644 (file)
index 0000000..19c8b89
--- /dev/null
+++ b/testdata/auth_https.tdir/petal.pem
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFzCCAUACCQDO660L5y5LGDANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVw
+ZXRhbDAeFw0xMDA5MzAxMzQzMDFaFw0zMDA2MTcxMzQzMDFaMBAxDjAMBgNVBAMT
+BXBldGFsMIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQC1xQ/Kca6zszZbcCtd
+OTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJRuN+Rm304SonpwghfP2/ULZNnuDgpG03
+/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ8
+67K029ypjOQtAJ85qdO3mERy7TGtdUcuO6hLeVet419YeQ2F8cfNxn63d7bOzNGL
+PW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeUJ/i4YDWexFYSL+ECAwEAATANBgkqhkiG
+9w0BAQUFAAOBwQBBkX9KDP2RXbg+xPmdJ4P6CwvA5x1LZwC++ydVx4NlvT0pWicD
+ZUnXjcWAJlkeOuUBAqFG7WHTrXpUUAjmdqFVq2yFjteUYBdrFz0RDB2jM9feeKYO
+mTgxdZyT9a6humxCxt5VfgT02axLjm/2AqCyFPMbf4PASoJDln01AEuZLZ8Xl2gV
+bYHMnHTGoD1Hu6FNEzRgkMC6XT8X3YjHvzQhpc/qL5wEfEsinQGdX4twsuWbf8xd
+q7miNnkO8vd0maw=
+-----END CERTIFICATE-----