From d9cdb924ad132190353e3373ed01f592afec5d5d Mon Sep 17 00:00:00 2001
From: Ralph Dolmans <ralph@nlnetlabs.nl>
Date: Wed, 24 Jun 2020 15:34:50 +0200
Subject: [PATCH] Add DoH endpoint configuration test

---
 .../doh_downstream_endpoint.conf              | 17 +++++
 .../doh_downstream_endpoint.dsc               | 16 +++++
 .../doh_downstream_endpoint.post              | 10 +++
 .../doh_downstream_endpoint.pre               | 22 +++++++
 .../doh_downstream_endpoint.test              | 62 +++++++++++++++++++
 .../unbound_server.key                        | 15 +++++
 .../unbound_server.pem                        | 11 ++++
 7 files changed, 153 insertions(+)
 create mode 100644 testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.conf
 create mode 100644 testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.dsc
 create mode 100644 testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.post
 create mode 100644 testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.pre
 create mode 100644 testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.test
 create mode 100644 testdata/doh_downstream_endpoint.tdir/unbound_server.key
 create mode 100644 testdata/doh_downstream_endpoint.tdir/unbound_server.pem

diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.conf b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.conf
new file mode 100644
index 000000000..3ec5ed4a1
--- /dev/null
+++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.conf
@@ -0,0 +1,17 @@
+server:
+	verbosity: 2
+	# num-threads: 1
+	interface: 127.0.0.1@@PORT@
+	https-port: @PORT@
+	tls-service-key: "unbound_server.key"
+	tls-service-pem: "unbound_server.pem"
+	use-syslog: no
+	directory: .
+	pidfile: "unbound.pid"
+	chroot: ""
+	username: ""
+	do-not-query-localhost: no
+	http-endpoint: "/abc"
+
+	local-zone: "example.net" static
+	local-data: "www.example.net. IN A 1.2.3.1"
diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.dsc b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.dsc
new file mode 100644
index 000000000..ef36a1968
--- /dev/null
+++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.dsc
@@ -0,0 +1,16 @@
+BaseName: doh_downstream
+Version: 1.0
+Description: Test DNS-over-HTTPS query processing, endpoint setting
+CreationDate: Mon Jun 12 12:00:00 CET 2020
+Maintainer:
+Category: 
+Component:
+CmdDepends: 
+Depends: 
+Help:
+Pre: doh_downstream_endpoint.pre
+Post: doh_downstream_endpoint.post
+Test: doh_downstream_endpoint.test
+AuxFiles: 
+Passed:
+Failure:
diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.post b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.post
new file mode 100644
index 000000000..ffad089e4
--- /dev/null
+++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.post
@@ -0,0 +1,10 @@
+# #-- doh_downstream.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $UNBOUND_PID
+cat unbound.log
diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.pre b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.pre
new file mode 100644
index 000000000..4f10a9a18
--- /dev/null
+++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.pre
@@ -0,0 +1,22 @@
+# #-- doh_downstream.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 1
+UNBOUND_PORT=$RND_PORT
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < doh_downstream_endpoint.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -vvvv -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_unbound_up unbound.log
+
diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.test b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.test
new file mode 100644
index 000000000..6ae176dd9
--- /dev/null
+++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.test
@@ -0,0 +1,62 @@
+# #-- doh_downstream.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+get_make
+(cd $PRE; $MAKE dohclient)
+
+
+echo "> query www.example.net. endpoint /dns-query"
+$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www.example.net. A IN >outfile 2>&1
+cat outfile
+if test "$?" -ne 0; then
+	echo "exit status not OK"
+	echo "> cat logfiles"
+	cat outfile
+	cat fwd.log 
+	cat unbound.log
+	echo "Not OK"
+	exit 1
+fi
+if grep "status 404" outfile; then
+	echo "content OK"
+else
+	echo "result contents not OK"
+	echo "> cat logfiles"
+	cat outfile
+	cat fwd.log 
+	cat unbound.log
+	echo "result contents not OK"
+	exit 1
+fi
+echo "OK"
+
+echo "> query www.example.net. endpoint /dns-query"
+$PRE/dohclient -e /abc -s 127.0.0.1 -p $UNBOUND_PORT www.example.net. A IN >outfile 2>&1
+cat outfile
+if test "$?" -ne 0; then
+	echo "exit status not OK"
+	echo "> cat logfiles"
+	cat outfile
+	cat fwd.log 
+	cat unbound.log
+	echo "Not OK"
+	exit 1
+fi
+if grep ":status 200" outfile; then
+	echo "content OK"
+else
+	echo "result contents not OK"
+	echo "> cat logfiles"
+	cat outfile
+	cat fwd.log 
+	cat unbound.log
+	echo "result contents not OK"
+	exit 1
+fi
+echo "OK"
+exit 0
diff --git a/testdata/doh_downstream_endpoint.tdir/unbound_server.key b/testdata/doh_downstream_endpoint.tdir/unbound_server.key
new file mode 100644
index 000000000..4256c421d
--- /dev/null
+++ b/testdata/doh_downstream_endpoint.tdir/unbound_server.key
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA
+3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s
+RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB
+AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS
+6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds
+sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi
+XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3
+fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL
+CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP
+0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2
+oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l
+In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S
+LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg==
+-----END RSA PRIVATE KEY-----
diff --git a/testdata/doh_downstream_endpoint.tdir/unbound_server.pem b/testdata/doh_downstream_endpoint.tdir/unbound_server.pem
new file mode 100644
index 000000000..aeda3ff11
--- /dev/null
+++ b/testdata/doh_downstream_endpoint.tdir/unbound_server.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS
+y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/
+/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu
+g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ
+9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG
+l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH
+Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg==
+-----END CERTIFICATE-----
-- 
2.47.3