Fix #8338: Issue with "zz" abbreviation for IPv6 RPZ triggers

While there, add unittest for translating rpz names into netmasks

(cherry picked from commit 301148e6d77e7cf8aed3b1b174bf6dbbeae7dc67)

diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am
index e8f9438fdf03c75bef795ff7e3c1e354b51170cd..a69f1f8df9460610c6554d19945d110976b2cf45 100644 (file)
--- a/pdns/recursordist/Makefile.am
+++ b/pdns/recursordist/Makefile.am
@@ -221,6 +221,8 @@ testrunner_SOURCES = \
        recpacketcache.cc recpacketcache.hh \
        recursor_cache.cc recursor_cache.hh \
        responsestats.cc \
+       rpzloader.cc rpzloader.hh \
+       resolver.hh resolver.cc \
        root-dnssec.hh \
        sillyrecords.cc \
        sholder.hh \
@@ -246,6 +248,7 @@ testrunner_SOURCES = \
        test-rcpgenerator_cc.cc \
        test-recpacketcache_cc.cc \
        test-recursorcache_cc.cc \
+       test-rpzloader_cc.cc \
        test-signers.cc \
        test-syncres_cc.cc \
        test-tsig.cc \

diff --git a/pdns/recursordist/test-rpzloader_cc.cc b/pdns/recursordist/test-rpzloader_cc.cc
new file mode 100644 (file)
index 0000000..d9687af
--- /dev/null
+++ b/pdns/recursordist/test-rpzloader_cc.cc
@@ -0,0 +1,42 @@
+#define BOOST_TEST_RPZ_LOADER
+#define BOOST_TEST_RPZ_LOADER
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <boost/test/unit_test.hpp>
+#include "rpzloader.hh"
+
+// Provide stubs for some symbols
+bool g_logRPZChanges{false};
+ComboAddress getQueryLocalAddress(int family, uint16_t port) {
+  cerr << "getQueryLocalAddress() STUBBED IN TEST!" << endl;
+  BOOST_ASSERT(false);
+  return ComboAddress();
+}
+
+BOOST_AUTO_TEST_SUITE(rpzloader_cc)
+
+BOOST_AUTO_TEST_CASE(test_rpz_loader) {
+
+  string tests[][2] = {
+      {"32.3.2.168.192", "192.168.2.3/32"},
+      {"27.73.2.168.192", "192.168.2.73/27"},
+      {"24.0.2.168.192", "192.168.2.0/24"},
+      {"128.57.zz.1.0.db8.2001", "2001:db8:0:1::57/128"},
+      {"48.zz.1.0.db8.2001", "2001:db8:0:1::/48"},
+      {"128.5.C0A8.FFFF.0.1.0.db8.2001", "2001:db8:0:1:0:ffff:c0a8:5/128"},
+
+      {"21.0.248.44.5", "5.44.248.0/21"},
+      {"64.0.0.0.0.0.1.0.0.", "0:0:1::/64"},
+      {"64.zz.2.0.0", "0:0:2::/64"},
+      {"80.0.0.0.1.0.0.0.0", "::1:0:0:0/80"},
+      {"80.0.0.0.1.zz", "::1:0:0:0/80"}};
+
+  for (auto &test : tests) {
+    Netmask n = makeNetmaskFromRPZ(DNSName(test[0]));
+    BOOST_CHECK_EQUAL(n.toString(), test[1]);
+  }
+}
+
+BOOST_AUTO_TEST_SUITE_END()

diff --git a/pdns/rpzloader.cc b/pdns/rpzloader.cc
index 815fb8409c9944ec417a99ceb2ca6420d66dc017..42618ef13b8d2684806f32eeb664b71c136d24d5 100644 (file)
--- a/pdns/rpzloader.cc
+++ b/pdns/rpzloader.cc
@@ -8,7 +8,7 @@
 #include "rpzloader.hh"
 #include "zoneparser-tng.hh"
 
-static Netmask makeNetmaskFromRPZ(const DNSName& name)
+Netmask makeNetmaskFromRPZ(const DNSName& name)
 {
   auto parts = name.getRawLabels();
   /*
@@ -45,14 +45,14 @@ static Netmask makeNetmaskFromRPZ(const DNSName& name)
 
   string v6;
 
+  if (parts[parts.size()-1] == "") {
+    v6 += ":";
+  }
   for (uint8_t i = parts.size()-1 ; i > 0; i--) {
     v6 += parts[i];
-    if (parts[i] == "" && i == 1 && i == parts.size()-1)
-        v6+= "::";
-    if (parts[i] == "" && i != parts.size()-1)
-        v6+= ":";
-    if (parts[i] != "" && i != 1)
+    if (i > 1 || (i == 1 && parts[i] == "")) {
       v6 += ":";
+    }
   }
   v6 += "/" + parts[0];
 

diff --git a/pdns/rpzloader.hh b/pdns/rpzloader.hh
index efd8e085315bf6fc97276879e6181b211d862107..bb62b6bd005d420e77c91f9561ae92ab0d5e8c8a 100644 (file)
--- a/pdns/rpzloader.hh
+++ b/pdns/rpzloader.hh
@@ -42,4 +42,5 @@ struct rpzStats
   std::atomic<uint32_t> d_serial;
 };
 
+Netmask makeNetmaskFromRPZ(const DNSName& name);
 shared_ptr<rpzStats> getRPZZoneStats(const std::string& zone);