#include "util/net_help.h"
#include "testcode/unitmain.h"
#include "sldns/parseutil.h"
+#include "sldns/pkthdr.h"
#include "sldns/sbuffer.h"
#include "sldns/str2wire.h"
#include "sldns/wire2str.h"
unit_assert(ret == expected_result);
}
+/** Handle the tsig-sign-reply */
+static void
+handle_tsig_sign_reply(char* line, FILE* in, const char* fname,
+ struct tsig_key_table* key_table, struct sldns_buffer* pkt)
+{
+ char* arg = get_arg_on_line(line, "tsig-sign-reply");
+ char* s, *timestr, *expected_rcode_str, *expectedstr2;
+ int expected_rcode, expected_result2, ret;
+ uint64_t timepoint;
+ struct tsig_data* tsig;
+ size_t pos;
+ uint8_t buf[65536];
+ sldns_buffer reply_pkt;
+
+ s = arg;
+ timestr = get_next_arg_on_line(&s);
+ expected_rcode_str = get_next_arg_on_line(&s);
+ expectedstr2 = get_next_arg_on_line(&s);
+
+ timepoint = (uint64_t)atoll(timestr);
+ if(timepoint == 0 && strcmp(timestr, "0") != 0)
+ fatal_exit("expected time argument for %s", timestr);
+ expected_rcode = str2wire_rcode(expected_rcode_str);
+ if(expected_rcode == 0 && strcmp(expected_rcode_str, "0") != 0 &&
+ strcmp(expected_rcode_str, "NOERROR") != 0 &&
+ strcmp(expected_rcode_str, "RCODE0") != 0)
+ fatal_exit("expected rcode argument for %s", expected_rcode_str);
+ expected_result2 = atoi(expectedstr2);
+ if(expected_result2 == 0 && strcmp(expectedstr2, "0") != 0)
+ fatal_exit("expected int argument for %s", expectedstr2);
+
+ sldns_buffer_init_frm_data(&reply_pkt, buf, sizeof(buf));
+ if(!read_packet_hex("", &reply_pkt, in, fname))
+ fatal_exit("Could not read reply packet");
+ if(vtest >= 2) {
+ char* str = sldns_wire2str_pkt(sldns_buffer_begin(&reply_pkt),
+ sldns_buffer_limit(&reply_pkt));
+ if(str)
+ printf("reply packet: %s\n", str);
+ else
+ printf("could not wire2str_pkt\n");
+ free(str);
+ }
+
+ if(vtest) {
+ char bufrc[16];
+ sldns_wire2str_rcode_buf(expected_rcode, bufrc, sizeof(bufrc));
+ printf("tsig-sign-reply with %d %s %d\n", (int)timepoint,
+ bufrc, expected_result2);
+ }
+
+ /* Verify the query in the packet buffer. Use that TSIG to sign
+ * a reply. */
+ if(!tsig_find_rr(pkt)) {
+ if(vtest)
+ printf("tsig-verify-query found no TSIG RR\n");
+ unit_assert(0);
+ return;
+ }
+ ret = tsig_parse_verify_query(key_table, pkt, &tsig, NULL, timepoint);
+ if(vtest) {
+ char bufrc[16];
+ sldns_wire2str_rcode_buf(expected_rcode, bufrc, sizeof(bufrc));
+ if(ret == expected_rcode)
+ printf("verify ok, ret %s\n", bufrc);
+ else
+ printf("verify returned %d, expected result %d %s\n",
+ ret, expected_rcode, bufrc);
+ }
+ unit_assert(ret == expected_rcode);
+
+ /* Put position at the end of the packet to sign it. */
+ pos = sldns_buffer_limit(&reply_pkt);
+ sldns_buffer_clear(&reply_pkt);
+ sldns_buffer_set_position(&reply_pkt, pos);
+ if(ret != 0) {
+ /* There was an error, set the rcode for it */
+ LDNS_RCODE_SET(sldns_buffer_begin(&reply_pkt), ret);
+ }
+
+ ret = tsig_sign_reply(tsig, &reply_pkt, key_table, timepoint);
+ sldns_buffer_flip(pkt);
+
+ if(vtest) {
+ if(ret == expected_result2)
+ printf("function ok, %s\n", (ret?"success":"fail"));
+ else
+ printf("function returned %d, expected result %d\n",
+ ret, expected_result2);
+ }
+ unit_assert(ret == expected_result2);
+
+ tsig_delete(tsig);
+ sldns_buffer_flip(&reply_pkt);
+ sldns_buffer_copy(pkt, &reply_pkt);
+}
/** Handle one line from the TSIG test file */
static void
handle_tsig_sign_shared(s, key_table, pkt);
} else if(strncmp(s, "tsig-verify-shared", 18) == 0) {
handle_tsig_verify_shared(s, key_table, pkt);
+ } else if(strncmp(s, "tsig-sign-reply", 15) == 0) {
+ handle_tsig_sign_reply(s, in,fname, key_table, pkt);
} else if(strncmp(s, "#", 1) == 0) {
/* skip comment */
} else if(strcmp(s, "") == 0) {
projects / thirdparty / unbound.git / commitdiff
