+++ /dev/null
-#!/usr/bin/perl
-
-# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-#
-# SPDX-License-Identifier: MPL-2.0
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, you can obtain one at https://mozilla.org/MPL/2.0/.
-#
-# See the COPYRIGHT file distributed with this work for additional
-# information regarding copyright ownership.
-
-# This is a TCP-only DNS server whose aim is to facilitate testing how dig
-# copes with prematurely closed TCP connections.
-#
-# This server can be configured (through a separate control socket) with a
-# series of responses to send for subsequent incoming TCP DNS queries. Only
-# one query is handled before closing each connection. In order to keep things
-# simple, the server is not equipped with any mechanism for handling malformed
-# queries.
-#
-# Available response types are defined in the %response_types hash in the
-# getAnswerSection() function below. Each RR returned is generated dynamically
-# based on the QNAME found in the incoming query.
-
-use IO::File;
-use Net::DNS;
-use Net::DNS::Packet;
-
-use strict;
-
-# Ignore SIGPIPE so we won't fail if peer closes a TCP socket early
-local $SIG{PIPE} = 'IGNORE';
-
-# Flush logged output after every line
-local $| = 1;
-
-my $server_addr = "10.53.0.5";
-if (@ARGV > 0) {
- $server_addr = @ARGV[0];
-}
-
-my $mainport = int($ENV{'PORT'});
-if (!$mainport) { $mainport = 5300; }
-my $ctrlport = int($ENV{'EXTRAPORT1'});
-if (!$ctrlport) { $ctrlport = 5301; }
-
-my $ctlsock = IO::Socket::INET->new(LocalAddr => "$server_addr",
- LocalPort => $ctrlport, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
-
-my $tcpsock = IO::Socket::INET->new(LocalAddr => "$server_addr",
- LocalPort => $mainport, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
-
-my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";
-print $pidf "$$\n" or die "cannot write pid file: $!";
-$pidf->close or die "cannot close pid file: $!";;
-sub rmpid { unlink "ans.pid"; exit 1; };
-
-$SIG{INT} = \&rmpid;
-$SIG{TERM} = \&rmpid;
-
-my @response_sequence = ("complete_axfr");
-my $connection_counter = 0;
-
-# Return the next answer type to send, incrementing the connection counter and
-# making sure the latter does not exceed the size of the array holding the
-# configured response sequence.
-sub getNextResponseType {
- my $response_type = $response_sequence[$connection_counter];
-
- $connection_counter++;
- $connection_counter %= scalar(@response_sequence);
-
- return $response_type;
-}
-
-# Return an array of resource records comprising the answer section of a given
-# response type.
-sub getAnswerSection {
- my ($response_type, $qname) = @_;
-
- my %response_types = (
- no_response => [],
-
- partial_axfr => [
- Net::DNS::RR->new("$qname 300 IN SOA . . 0 0 0 0 300"),
- Net::DNS::RR->new("$qname NS ."),
- ],
-
- complete_axfr => [
- Net::DNS::RR->new("$qname 300 IN SOA . . 0 0 0 0 300"),
- Net::DNS::RR->new("$qname NS ."),
- Net::DNS::RR->new("$qname 300 IN SOA . . 0 0 0 0 300"),
- ],
- );
-
- return $response_types{$response_type};
-}
-
-
-# Generate a Net::DNS::Packet containing the response to send on the current
-# TCP connection. If the answer section of the response is determined to be
-# empty, no data will be sent on the connection at all (immediate EOF).
-sub generateResponse {
- my ($buf) = @_;
- my $request;
-
- if ($Net::DNS::VERSION > 0.68) {
- $request = new Net::DNS::Packet(\$buf, 0);
- $@ and die $@;
- } else {
- my $err;
- ($request, $err) = new Net::DNS::Packet(\$buf, 0);
- $err and die $err;
- }
-
- my @questions = $request->question;
- my $qname = $questions[0]->qname;
- my $qtype = $questions[0]->qtype;
- my $qclass = $questions[0]->qclass;
- my $id = $request->header->id;
-
- my $packet = new Net::DNS::Packet($qname, $qtype, $qclass);
- $packet->header->qr(1);
- $packet->header->aa(1);
- $packet->header->id($id);
-
- my $response_type = getNextResponseType();
- my $answers = getAnswerSection($response_type, $qname);
- for my $rr (@$answers) {
- $packet->push("answer", $rr);
- }
-
- print " Sending \"$response_type\" response\n";
-
- return $packet->data if @$answers;
-}
-
-my $rin;
-my $rout;
-for (;;) {
- $rin = '';
- vec($rin, fileno($ctlsock), 1) = 1;
- vec($rin, fileno($tcpsock), 1) = 1;
-
- select($rout = $rin, undef, undef, undef);
-
- if (vec($rout, fileno($ctlsock), 1)) {
- my $conn = $ctlsock->accept;
- @response_sequence = split(' ', $conn->getline);
- $connection_counter = 0;
- print "Response sequence set to: @response_sequence\n";
- $conn->close;
- } elsif (vec($rout, fileno($tcpsock), 1)) {
- my $buf;
- my $lenbuf;
- my $conn = $tcpsock->accept;
- my $n = $conn->sysread($lenbuf, 2);
- die unless $n == 2;
- my $len = unpack("n", $lenbuf);
- $n = $conn->sysread($buf, $len);
- die unless $n == $len;
- print "TCP request\n";
- my $response = generateResponse($buf);
- if ($response) {
- $len = length($response);
- $n = $conn->syswrite(pack("n", $len), 2);
- $n = $conn->syswrite($response, $len);
- print " Sent: $n chars via TCP\n";
- } else {
- print " No response sent\n";
- }
- $conn->close;
- }
-}
--- /dev/null
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+import logging
+from typing import AsyncGenerator, List, Optional
+
+import dns.rcode
+import dns.rdatatype
+import dns.rrset
+
+from isctest.asyncserver import (
+ CloseConnection,
+ ControlCommand,
+ ControllableAsyncDnsServer,
+ DnsResponseSend,
+ QueryContext,
+ ResponseAction,
+ ResponseHandler,
+)
+
+
+class ErraticAxfrHandler(ResponseHandler):
+ allowed_actions = ["no-response", "partial-axfr", "complete-axfr"]
+
+ def __init__(self, actions: List[str]) -> None:
+ self.actions = actions
+ self.counter = 0
+ for action in actions:
+ assert action in self.allowed_actions
+
+ async def get_responses(
+ self, qctx: QueryContext
+ ) -> AsyncGenerator[ResponseAction, None]:
+ action = self.actions[self.counter % len(self.actions)]
+ self.counter += 1
+
+ logging.info("current response action: %s", action)
+
+ if action == "no-response":
+ yield CloseConnection()
+ return
+
+ soa_rr = dns.rrset.from_text(
+ qctx.qname, 300, qctx.qclass, dns.rdatatype.SOA, ". . 0 0 0 0 300"
+ )
+ ns_rr = dns.rrset.from_text(qctx.qname, 300, qctx.qclass, dns.rdatatype.NS, ".")
+
+ qctx.response.answer.append(soa_rr)
+ qctx.response.answer.append(ns_rr)
+
+ if action == "partial-axfr":
+ yield DnsResponseSend(qctx.response)
+ elif action == "complete-axfr":
+ qctx.response.answer.append(soa_rr)
+ yield DnsResponseSend(qctx.response)
+ yield CloseConnection()
+
+
+class ResponseSequenceCommand(ControlCommand):
+ control_subdomain = "response-sequence"
+
+ def __init__(self) -> None:
+ self._current_handler: Optional[ResponseHandler] = None
+
+ def handle(
+ self, args: List[str], server: ControllableAsyncDnsServer, qctx: QueryContext
+ ) -> str:
+ for action in args:
+ if action not in ErraticAxfrHandler.allowed_actions:
+ logging.error("invalid %s action '%s'", self, action)
+ qctx.response.set_rcode(dns.rcode.SERVFAIL)
+ return f"invalid action '{action}'; must be one of {ErraticAxfrHandler.allowed_actions}"
+
+ actions = args
+
+ if self._current_handler is not None:
+ server.uninstall_response_handler(self._current_handler)
+
+ self._current_handler = ErraticAxfrHandler(actions)
+ server.install_response_handler(self._current_handler)
+
+ msg = f"reponse sequence set to {actions}"
+ logging.info(msg)
+ return msg
+
+
+def main() -> None:
+ server = ControllableAsyncDnsServer(
+ default_aa=True, default_rcode=dns.rcode.NOERROR
+ )
+ server.install_control_command(ResponseSequenceCommand())
+ server.run()
+
+
+if __name__ == "__main__":
+ main()
status=0
n=0
-sendcmd() {
- send "${1}" "$EXTRAPORT1"
-}
-
dig_with_opts() {
"$DIG" -p "$PORT" "$@"
}
"$MDIG" -p "$PORT" "$@"
}
+set_response_sequence() {
+ SEQUENCE="${1}"
+ LOGID="${2}"
+ dig_with_opts @10.53.0.5 "${SEQUENCE}.response-sequence._control" TXT >dig.out.control${LOGID} 2>&1 || ret=1
+}
+
# Check if response in file $1 has the correct TTL range.
# The response record must have RRtype $2 and class IN (CLASS1).
# Maximum TTL is given by $3. This works in most cases where TTL is
n=$((n + 1))
echo_i "checking exit code for a retry upon TCP EOF (immediate -> immediate) ($n)"
ret=0
- echo "no_response no_response" | sendcmd 10.53.0.5
+ set_response_sequence no-response $n
dig_with_opts @10.53.0.5 example AXFR +tries=2 >dig.out.test$n 2>&1 && ret=1
# Sanity check: ensure ans5 behaves as expected.
[ $(grep "communications error.*end of file" dig.out.test$n | wc -l) -eq 2 ] || ret=1
n=$((n + 1))
echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> partial AXFR) ($n)"
ret=0
- echo "partial_axfr partial_axfr" | sendcmd 10.53.0.5
+ set_response_sequence partial-axfr $n
dig_with_opts @10.53.0.5 example AXFR +tries=2 >dig.out.test$n 2>&1 && ret=1
# Sanity check: ensure ans5 behaves as expected.
[ $(grep "communications error.*end of file" dig.out.test$n | wc -l) -eq 2 ] || ret=1
n=$((n + 1))
echo_i "checking exit code for a retry upon TCP EOF (immediate -> partial AXFR) ($n)"
ret=0
- echo "no_response partial_axfr" | sendcmd 10.53.0.5
+ set_response_sequence no-response.partial-axfr $n
dig_with_opts @10.53.0.5 example AXFR +tries=2 >dig.out.test$n 2>&1 && ret=1
# Sanity check: ensure ans5 behaves as expected.
[ $(grep "communications error.*end of file" dig.out.test$n | wc -l) -eq 2 ] || ret=1
n=$((n + 1))
echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> immediate) ($n)"
ret=0
- echo "partial_axfr no_response" | sendcmd 10.53.0.5
+ set_response_sequence partial-axfr.no-response $n
dig_with_opts @10.53.0.5 example AXFR +tries=2 >dig.out.test$n 2>&1 && ret=1
# Sanity check: ensure ans5 behaves as expected.
[ $(grep "communications error.*end of file" dig.out.test$n | wc -l) -eq 2 ] || ret=1
n=$((n + 1))
echo_i "checking exit code for a retry upon TCP EOF (immediate -> complete AXFR) ($n)"
ret=0
- echo "no_response complete_axfr" | sendcmd 10.53.0.5
+ set_response_sequence no-response.complete-axfr $n
dig_with_opts @10.53.0.5 example AXFR +tries=2 >dig.out.test$n 2>&1 || ret=1
# Sanity check: ensure ans5 behaves as expected.
[ $(grep "communications error.*end of file" dig.out.test$n | wc -l) -eq 1 ] || ret=1
n=$((n + 1))
echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> complete AXFR) ($n)"
ret=0
- echo "partial_axfr complete_axfr" | sendcmd 10.53.0.5
+ set_response_sequence partial-axfr.complete-axfr $n
dig_with_opts @10.53.0.5 example AXFR +tries=2 >dig.out.test$n 2>&1 || ret=1
# Sanity check: ensure ans5 behaves as expected.
[ $(grep "communications error.*end of file" dig.out.test$n | wc -l) -eq 1 ] || ret=1
n=$((n + 1))
echo_i "checking +tries=1 won't retry twice upon TCP EOF ($n)"
ret=0
- echo "no_response no_response" | sendcmd 10.53.0.5
+ set_response_sequence no-response $n
dig_with_opts @10.53.0.5 example AXFR +tries=1 >dig.out.test$n 2>&1 && ret=1
# Sanity check: ensure ans5 behaves as expected.
[ $(grep "communications error.*end of file" dig.out.test$n | wc -l) -eq 1 ] || ret=1
projects / thirdparty / bind9.git / commitdiff
