jmg
/
dns-rewrite-proxy
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33 Commits
2 Branches
129 KiB
 
Tree: 11c1360906
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '11c1360906'
${ noResults }
dns-rewrite-proxy/test.py

398 lines
13 KiB
Raw Blame History 

  1. import asyncio

  2. import ipaddress

  3. import socket

  4. import struct

  5. import unittest

  6. 

  7. 

  8. from aiodnsresolver import (

  9.     RESPONSE,

  10.     TYPES,

  11.     DnsRecordDoesNotExist,

  12.     DnsResponseCode,

  13.     DnsTimeout,

  14.     IPv4AddressExpiresAt,

  15.     Message,

  16.     ResourceRecord,

  17.     QuestionRecord,

  18.     Resolver,

  19.     pack,

  20.     parse,

  21.     recvfrom,

  22. )

  23. from dnsrewriteproxy import (

  24.     DnsProxy,

  25. )

  26. 

  27. 

  28. def async_test(func):

  29.     def wrapper(*args, **kwargs):

  30.         future = func(*args, **kwargs)

  31.         loop = asyncio.get_event_loop()

  32.         loop.run_until_complete(future)

  33.     return wrapper

  34. 

  35. 

  36. class TestProxy(unittest.TestCase):

  37.     def add_async_cleanup(self, coroutine):

  38.         self.addCleanup(asyncio.get_running_loop().run_until_complete, coroutine())

  39. 

  40.     @async_test

  41.     async def test_e2e_no_match_rule(self):

  42.         resolve, clear_cache = get_resolver(3535)

  43.         self.add_async_cleanup(clear_cache)

  44.         start = DnsProxy(get_socket=get_socket(3535))

  45.         stop = await start()

  46.         self.add_async_cleanup(stop)

  47. 

  48.         with self.assertRaises(DnsResponseCode) as cm:

  49.             await resolve('www.google.com', TYPES.A)

  50. 

  51.         self.assertEqual(cm.exception.args[0], 5)

  52. 

  53.     @async_test

  54.     async def test_e2e_match_all(self):

  55.         resolve, clear_cache = get_resolver(3535)

  56.         self.add_async_cleanup(clear_cache)

  57.         start = DnsProxy(get_socket=get_socket(3535), rules=((r'(^.*$)', r'\1'),))

  58.         stop = await start()

  59.         self.add_async_cleanup(stop)

  60. 

  61.         response = await resolve('www.google.com', TYPES.A)

  62. 

  63.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  64. 

  65.     @async_test

  66.     async def test_e2e_default_port_match_all(self):

  67.         resolve, clear_cache = get_resolver(53)

  68.         self.add_async_cleanup(clear_cache)

  69.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  70.         stop = await start()

  71.         self.add_async_cleanup(stop)

  72. 

  73.         response = await resolve('www.google.com', TYPES.A)

  74. 

  75.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  76. 

  77.     @async_test

  78.     async def test_e2e_default_resolver_match_all_non_existing_domain(self):

  79.         resolve, clear_cache = get_resolver(53)

  80.         self.add_async_cleanup(clear_cache)

  81.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  82.         stop = await start()

  83.         self.add_async_cleanup(stop)

  84. 

  85.         with self.assertRaises(DnsRecordDoesNotExist):

  86.             await resolve('doesnotexist.charemza.name', TYPES.A)

  87. 

  88.     @async_test

  89.     async def test_e2e_default_resolver_match_all_bad_upstream(self):

  90.         resolve, clear_cache = get_resolver(53, timeout=100)

  91.         self.add_async_cleanup(clear_cache)

  92. 

  93.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  94.         stop = await start()

  95.         self.add_async_cleanup(stop)

  96. 

  97.         with self.assertRaises(DnsResponseCode) as cm:

  98.             await resolve('www.google.com', TYPES.A)

  99. 

  100.         self.assertEqual(cm.exception.args[0], 2)

  101. 

  102.     @async_test

  103.     async def test_e2e_default_resolver_match_none_non_existing_domain(self):

  104.         resolve, clear_cache = get_resolver(53)

  105.         self.add_async_cleanup(clear_cache)

  106.         start = DnsProxy()

  107.         stop = await start()

  108.         self.add_async_cleanup(stop)

  109. 

  110.         with self.assertRaises(DnsResponseCode) as cm:

  111.             await resolve('doesnotexist.charemza.name', TYPES.A)

  112. 

  113.         self.assertEqual(cm.exception.args[0], 5)

  114. 

  115.     @async_test

  116.     async def test_many_responses_with_small_socket_buffer(self):

  117.         resolve, clear_cache = get_resolver(53)

  118.         self.add_async_cleanup(clear_cache)

  119. 

  120.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_socket=get_small_socket,

  121.                          get_resolver=get_fixed_resolver)

  122.         stop = await start()

  123.         self.add_async_cleanup(stop)

  124. 

  125.         tasks = [

  126.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  127.             for _ in range(0, 100000)

  128.         ]

  129. 

  130.         responses = await asyncio.gather(*tasks)

  131. 

  132.         for response in responses:

  133.             self.assertEqual(str(response[0]), '1.2.3.4')

  134. 

  135.         bing_responses = await resolve('www.bing.com', TYPES.A)

  136.         self.assertEqual(type(bing_responses[0]), IPv4AddressExpiresAt)

  137. 

  138.     @async_test

  139.     async def test_proxy_returns_error_from_upstream(self):

  140.         rcode = 4

  141. 

  142.         async def get_response(query_data):

  143.             query = parse(query_data)

  144.             response = Message(

  145.                 qid=query.qid, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=rcode,

  146.                 qd=query.qd, an=(), ns=(), ar=(),

  147.             )

  148.             return pack(response)

  149. 

  150.         stop_nameserver = await start_nameserver(54, get_response)

  151.         self.add_async_cleanup(stop_nameserver)

  152. 

  153.         resolve, clear_cache = get_resolver(53)

  154.         self.add_async_cleanup(clear_cache)

  155. 

  156.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  157.         stop = await start()

  158.         self.add_async_cleanup(stop)

  159. 

  160.         with self.assertRaises(DnsResponseCode) as cm:

  161.             await resolve('www.google.com', TYPES.A)

  162. 

  163.         self.assertEqual(cm.exception.args[0], 4)

  164. 

  165.         rcode = 5

  166.         with self.assertRaises(DnsResponseCode) as cm:

  167.             await resolve('www.google.com', TYPES.A)

  168. 

  169.         self.assertEqual(cm.exception.args[0], 5)

  170. 

  171.     @async_test

  172.     async def test_sending_bad_messages_not_affect_later_queries_a(self):

  173.         resolve, clear_cache = get_resolver(53)

  174.         self.add_async_cleanup(clear_cache)

  175. 

  176.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  177.         stop = await start()

  178.         self.add_async_cleanup(stop)

  179. 

  180.         response = await resolve('www.google.com', TYPES.A)

  181.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  182. 

  183.         for _ in range(0, 100000):

  184.             sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  185.             sock.sendto(b'not-a-valid-message', ('127.0.0.1', 53))

  186.             sock.close()

  187. 

  188.         tasks = [

  189.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  190.             for _ in range(0, 100000)

  191.         ]

  192.         responses = await asyncio.gather(*tasks)

  193.         for response in responses:

  194.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  195. 

  196.     @async_test

  197.     async def test_sending_bad_messages_not_affect_later_queries_b(self):

  198.         resolve, clear_cache = get_resolver(53)

  199.         self.add_async_cleanup(clear_cache)

  200. 

  201.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  202.         stop = await start()

  203.         self.add_async_cleanup(stop)

  204. 

  205.         response = await resolve('www.google.com', TYPES.A)

  206.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  207. 

  208.         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  209.         for _ in range(0, 100000):

  210.             sock.sendto(b'not-a-valid-message', ('127.0.0.1', 53))

  211.         sock.close()

  212. 

  213.         tasks = [

  214.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  215.             for _ in range(0, 100000)

  216.         ]

  217.         responses = await asyncio.gather(*tasks)

  218.         for response in responses:

  219.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  220. 

  221.     @async_test

  222.     async def test_sending_pointer_loop_not_affect_later_queries_c(self):

  223.         resolve, clear_cache = get_resolver(53)

  224.         self.add_async_cleanup(clear_cache)

  225. 

  226.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  227.         stop = await start()

  228.         self.add_async_cleanup(stop)

  229. 

  230.         response = await resolve('www.google.com', TYPES.A)

  231.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  232. 

  233.         name = b'mydomain.com'

  234.         question_record = QuestionRecord(name, TYPES.A, qclass=1)

  235.         record_1 = ResourceRecord(

  236.             name=name, qtype=TYPES.A, qclass=1, ttl=0,

  237.             rdata=ipaddress.IPv4Address('123.100.124.1').packed,

  238.         )

  239.         response = Message(

  240.             qid=1, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  241.             qd=(question_record,), an=(record_1,), ns=(), ar=(),

  242.         )

  243. 

  244.         data = pack(response)

  245.         packed_name = b''.join(

  246.             component

  247.             for label in name.split(b'.')

  248.             for component in (bytes([len(label)]), label)

  249.         ) + b'\0'

  250. 

  251.         occurance_1 = data.index(packed_name)

  252.         occurance_1_end = occurance_1 + len(packed_name)

  253.         occurance_2 = occurance_1_end + data[occurance_1_end:].index(packed_name)

  254.         occurance_2_end = occurance_2 + len(packed_name)

  255. 

  256.         data_compressed = \

  257.             data[:occurance_2] + \

  258.             struct.pack('!H', (192 * 256) + occurance_2 + 4) + \

  259.             struct.pack('!H', (192 * 256) + occurance_2) + \

  260.             struct.pack('!H', (192 * 256) + occurance_2 + 2) + \

  261.             data[occurance_2_end:]

  262. 

  263.         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  264.         sock.sendto(data_compressed, ('127.0.0.1', 53))

  265.         sock.close()

  266. 

  267.         tasks = [

  268.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  269.             for _ in range(0, 100000)

  270.         ]

  271.         responses = await asyncio.gather(*tasks)

  272.         for response in responses:

  273.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  274. 

  275.     @async_test

  276.     async def test_too_large_response_from_upstream_not_affect_later(self):

  277.         num_records = 200

  278. 

  279.         async def get_response(query_data):

  280.             query = parse(query_data)

  281.             response_records = tuple(

  282.                 ResourceRecord(

  283.                     name=query.qd[0].name,

  284.                     qtype=TYPES.A,

  285.                     qclass=1,

  286.                     ttl=0,

  287.                     rdata=ipaddress.IPv4Address('123.100.123.' + str(i)).packed,

  288.                 ) for i in range(0, num_records)

  289.             )

  290. 

  291.             response = Message(

  292.                 qid=query.qid, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  293.                 qd=query.qd, an=response_records, ns=(), ar=(),

  294.             )

  295.             return pack(response)

  296. 

  297.         stop_nameserver = await start_nameserver(54, get_response)

  298.         self.add_async_cleanup(stop_nameserver)

  299. 

  300.         resolve, clear_cache = get_resolver(53)

  301.         self.add_async_cleanup(clear_cache)

  302. 

  303.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  304.         stop = await start()

  305.         self.add_async_cleanup(stop)

  306. 

  307.         tasks = [

  308.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  309.             for _ in range(0, 100000)

  310.         ]

  311. 

  312.         for task in tasks:

  313.             with self.assertRaises(DnsTimeout):

  314.                 await task

  315. 

  316.         num_records = 1

  317.         tasks = [

  318.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  319.             for _ in range(0, 100000)

  320.         ]

  321.         responses = await asyncio.gather(*tasks)

  322.         for response in responses:

  323.             self.assertEqual(str(response[0]), '123.100.123.0')

  324. 

  325. 

  326. def get_socket(port):

  327.     def _get_socket():

  328.         sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  329.         sock.setblocking(False)

  330.         sock.bind(('', port))

  331.         return sock

  332.     return _get_socket

  333. 

  334. 

  335. def get_small_socket():

  336.     # For linux, the minimum buffer size is 1024

  337.     sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  338.     sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 1024)

  339.     sock.setblocking(False)

  340.     sock.bind(('', 53))

  341.     return sock

  342. 

  343. 

  344. def get_resolver(port, timeout=0.5):

  345.     async def get_nameservers(_, __):

  346.         for _ in range(0, 5):

  347.             yield (timeout, ('127.0.0.1', port))

  348. 

  349.     return Resolver(get_nameservers=get_nameservers)

  350. 

  351. 

  352. def get_fixed_resolver():

  353.     async def get_host(_, fqdn, qtype):

  354.         hosts = {

  355.             b'www.google.com': {

  356.                 TYPES.A: IPv4AddressExpiresAt('1.2.3.4', expires_at=0),

  357.             },

  358.         }

  359.         try:

  360.             return hosts[fqdn.lower()][qtype]

  361.         except KeyError:

  362.             return None

  363. 

  364.     return Resolver(get_host=get_host)

  365. 

  366. 

  367. async def start_nameserver(port, get_response):

  368.     # For some tests we need to control the responses from upstream, especially in the cases

  369.     # where it's not behaving

  370.     loop = asyncio.get_event_loop()

  371. 

  372.     sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  373.     sock.setblocking(False)

  374.     sock.bind(('', port))

  375. 

  376.     async def server():

  377.         client_tasks = []

  378.         try:

  379.             while True:

  380.                 data, addr = await recvfrom(loop, [sock], 512)

  381.                 client_tasks.append(asyncio.ensure_future(client_task(data, addr)))

  382.         finally:

  383.             for task in client_tasks:

  384.                 task.cancel()

  385. 

  386.     async def client_task(data, addr):

  387.         response = await get_response(data)

  388.         sock.sendto(response, addr)

  389. 

  390.     server_task = asyncio.ensure_future(server())

  391. 

  392.     async def stop():

  393.         server_task.cancel()

  394.         await asyncio.sleep(0)

  395.         sock.close()

  396. 

  397.     return stop