jmg
/
dns-rewrite-proxy
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
64 Commits
2 Branches
129 KiB
 
Tree: 5a690375b0
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '5a690375b0'
${ noResults }
dns-rewrite-proxy/test.py

553 lines
18 KiB
Raw Blame History 

  1. import asyncio

  2. import ipaddress

  3. import socket

  4. import struct

  5. import unittest

  6. 

  7. 

  8. from aiodnsresolver import (

  9.     RESPONSE,

  10.     QUESTION,

  11.     TYPES,

  12.     DnsRecordDoesNotExist,

  13.     DnsResponseCode,

  14.     DnsTimeout,

  15.     IPv4AddressExpiresAt,

  16.     Message,

  17.     ResourceRecord,

  18.     QuestionRecord,

  19.     Resolver,

  20.     pack,

  21.     parse,

  22.     recvfrom,

  23. )

  24. from dnsrewriteproxy import (

  25.     DnsProxy,

  26. )

  27. 

  28. 

  29. def async_test(func):

  30.     def wrapper(*args, **kwargs):

  31.         future = func(*args, **kwargs)

  32.         loop = asyncio.get_event_loop()

  33.         loop.run_until_complete(future)

  34.     return wrapper

  35. 

  36. 

  37. class TestProxy(unittest.TestCase):

  38.     def add_async_cleanup(self, coroutine, *args):

  39.         self.addCleanup(asyncio.get_running_loop().run_until_complete, coroutine(*args))

  40. 

  41.     @async_test

  42.     async def test_e2e_no_match_rule(self):

  43.         resolve, clear_cache = get_resolver(3535)

  44.         self.add_async_cleanup(clear_cache)

  45.         start = DnsProxy(get_socket=get_socket(3535))

  46.         server_task = await start()

  47.         self.add_async_cleanup(await_cancel, server_task)

  48. 

  49.         with self.assertRaises(DnsResponseCode) as cm:

  50.             await resolve('www.google.com', TYPES.A)

  51. 

  52.         self.assertEqual(cm.exception.args[0], 5)

  53. 

  54.     @async_test

  55.     async def test_e2e_match_all(self):

  56.         resolve, clear_cache = get_resolver(3535)

  57.         self.add_async_cleanup(clear_cache)

  58.         start = DnsProxy(get_socket=get_socket(3535), rules=((r'(^.*$)', r'\1'),))

  59.         server_task = await start()

  60.         self.add_async_cleanup(await_cancel, server_task)

  61. 

  62.         response = await resolve('www.google.com', TYPES.A)

  63. 

  64.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  65. 

  66.     @async_test

  67.     async def test_e2e_default_port_match_all(self):

  68.         resolve, clear_cache = get_resolver(53)

  69.         self.add_async_cleanup(clear_cache)

  70.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  71.         server_task = await start()

  72.         self.add_async_cleanup(await_cancel, server_task)

  73. 

  74.         response = await resolve('www.google.com', TYPES.A)

  75. 

  76.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  77. 

  78.     @async_test

  79.     async def test_e2e_default_resolver_match_all_non_existing_domain(self):

  80.         resolve, clear_cache = get_resolver(53)

  81.         self.add_async_cleanup(clear_cache)

  82.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  83.         server_task = await start()

  84.         self.add_async_cleanup(await_cancel, server_task)

  85. 

  86.         with self.assertRaises(DnsRecordDoesNotExist):

  87.             await resolve('doesnotexist.charemza.name', TYPES.A)

  88. 

  89.     @async_test

  90.     async def test_e2e_default_resolver_rewrite_non_existing_to_existing(self):

  91.         resolve, clear_cache = get_resolver(53)

  92.         self.add_async_cleanup(clear_cache)

  93.         start = DnsProxy(rules=((r'^doesnotexist\.charemza\.name$', r'www.google.com'),))

  94.         server_task = await start()

  95.         self.add_async_cleanup(await_cancel, server_task)

  96. 

  97.         response = await resolve('doesnotexist.charemza.name', TYPES.A)

  98.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  99. 

  100.     @async_test

  101.     async def test_e2e_default_resolver_match_all_bad_upstream(self):

  102.         resolve, clear_cache = get_resolver(53, timeout=100)

  103.         self.add_async_cleanup(clear_cache)

  104. 

  105.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  106.         server_task = await start()

  107.         self.add_async_cleanup(await_cancel, server_task)

  108. 

  109.         with self.assertRaises(DnsResponseCode) as cm:

  110.             await resolve('www.google.com', TYPES.A)

  111. 

  112.         self.assertEqual(cm.exception.args[0], 2)

  113. 

  114.     @async_test

  115.     async def test_e2e_default_resolver_match_none_non_existing_domain(self):

  116.         resolve, clear_cache = get_resolver(53)

  117.         self.add_async_cleanup(clear_cache)

  118.         start = DnsProxy()

  119.         server_task = await start()

  120.         self.add_async_cleanup(await_cancel, server_task)

  121. 

  122.         with self.assertRaises(DnsResponseCode) as cm:

  123.             await resolve('doesnotexist.charemza.name', TYPES.A)

  124. 

  125.         self.assertEqual(cm.exception.args[0], 5)

  126. 

  127.     @async_test

  128.     async def test_many_responses_with_small_socket_buffer_no_onward_query(self):

  129.         resolve, clear_cache = get_resolver(53)

  130.         self.add_async_cleanup(clear_cache)

  131. 

  132.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_socket=get_small_socket,

  133.                          get_resolver=get_fixed_resolver)

  134.         server_task = await start()

  135.         self.add_async_cleanup(await_cancel, server_task)

  136. 

  137.         tasks = [

  138.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  139.             for _ in range(0, 100000)

  140.         ]

  141. 

  142.         responses = await asyncio.gather(*tasks)

  143. 

  144.         for response in responses:

  145.             self.assertEqual(str(response[0]), '1.2.3.4')

  146. 

  147.         bing_responses = await resolve('www.bing.com', TYPES.A)

  148.         self.assertEqual(type(bing_responses[0]), IPv4AddressExpiresAt)

  149. 

  150.     @async_test

  151.     async def test_many_responses_with_small_socket_buffer_onward_query(self):

  152.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_socket=get_small_socket)

  153.         server_task = await start()

  154.         self.add_async_cleanup(await_cancel, server_task)

  155. 

  156.         async def resolve(domain):

  157.             resolve, clear_cache = get_resolver(53)

  158.             result = await resolve(domain, TYPES.A)

  159.             await clear_cache()

  160.             return result

  161. 

  162.         tasks = [

  163.             asyncio.create_task(resolve('www.google.com'))

  164.             for _ in range(0, 1000)

  165.         ]

  166. 

  167.         responses = await asyncio.gather(*tasks)

  168. 

  169.         for response in responses:

  170.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  171. 

  172.         bing_responses = await resolve('www.bing.com')

  173.         self.assertEqual(type(bing_responses[0]), IPv4AddressExpiresAt)

  174. 

  175.     @async_test

  176.     async def test_many_responses_with_regular_socket_buffer_onward_query(self):

  177.         resolve, clear_cache = get_resolver(53)

  178.         self.add_async_cleanup(clear_cache)

  179. 

  180.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  181.         server_task = await start()

  182.         self.add_async_cleanup(await_cancel, server_task)

  183. 

  184.         tasks = [

  185.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  186.             for _ in range(0, 100000)

  187.         ]

  188. 

  189.         responses = await asyncio.gather(*tasks)

  190. 

  191.         for response in responses:

  192.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  193. 

  194.         bing_responses = await resolve('www.bing.com', TYPES.A)

  195.         self.assertEqual(type(bing_responses[0]), IPv4AddressExpiresAt)

  196. 

  197.     @async_test

  198.     async def test_proxy_returns_error_from_upstream(self):

  199.         rcode = 4

  200. 

  201.         async def get_response(query_data):

  202.             query = parse(query_data)

  203.             response = Message(

  204.                 qid=query.qid, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=rcode,

  205.                 qd=query.qd, an=(), ns=(), ar=(),

  206.             )

  207.             return pack(response)

  208. 

  209.         stop_nameserver = await start_nameserver(54, get_response)

  210.         self.add_async_cleanup(stop_nameserver)

  211. 

  212.         resolve, clear_cache = get_resolver(53)

  213.         self.add_async_cleanup(clear_cache)

  214. 

  215.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  216.         server_task = await start()

  217.         self.add_async_cleanup(await_cancel, server_task)

  218. 

  219.         with self.assertRaises(DnsResponseCode) as cm:

  220.             await resolve('www.google.com', TYPES.A)

  221. 

  222.         self.assertEqual(cm.exception.args[0], 4)

  223. 

  224.         rcode = 5

  225.         with self.assertRaises(DnsResponseCode) as cm:

  226.             await resolve('www.google.com', TYPES.A)

  227. 

  228.         self.assertEqual(cm.exception.args[0], 5)

  229. 

  230.     @async_test

  231.     async def test_sending_bad_messages_not_affect_later_queries_a(self):

  232.         resolve, clear_cache = get_resolver(53)

  233.         self.add_async_cleanup(clear_cache)

  234. 

  235.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  236.         server_task = await start()

  237.         self.add_async_cleanup(await_cancel, server_task)

  238. 

  239.         response = await resolve('www.google.com', TYPES.A)

  240.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  241. 

  242.         for _ in range(0, 100000):

  243.             sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  244.             sock.sendto(b'not-a-valid-message', ('127.0.0.1', 53))

  245.             sock.close()

  246. 

  247.         tasks = [

  248.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  249.             for _ in range(0, 100000)

  250.         ]

  251.         responses = await asyncio.gather(*tasks)

  252.         for response in responses:

  253.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  254. 

  255.     @async_test

  256.     async def test_sending_bad_messages_not_affect_later_queries_b(self):

  257.         resolve, clear_cache = get_resolver(53)

  258.         self.add_async_cleanup(clear_cache)

  259. 

  260.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  261.         server_task = await start()

  262.         self.add_async_cleanup(await_cancel, server_task)

  263. 

  264.         response = await resolve('www.google.com', TYPES.A)

  265.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  266. 

  267.         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  268.         for _ in range(0, 100000):

  269.             sock.sendto(b'not-a-valid-message', ('127.0.0.1', 53))

  270.         sock.close()

  271. 

  272.         tasks = [

  273.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  274.             for _ in range(0, 100000)

  275.         ]

  276.         responses = await asyncio.gather(*tasks)

  277.         for response in responses:

  278.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  279. 

  280.     @async_test

  281.     async def test_sending_lots_of_good_messages_not_affect_later_queries(self):

  282.         resolve, clear_cache = get_resolver(53)

  283.         self.add_async_cleanup(clear_cache)

  284. 

  285.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  286.         server_task = await start()

  287.         self.add_async_cleanup(await_cancel, server_task)

  288. 

  289.         response = await resolve('www.google.com', TYPES.A)

  290.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  291. 

  292.         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  293. 

  294.         for i in range(0, 100000):

  295.             name = b'doesnotexist' + str(i).encode('ascii') + b'.charemza.name'

  296.             question_record = QuestionRecord(name, TYPES.A, qclass=1)

  297.             question = Message(

  298.                 qid=i % 65535, qr=QUESTION, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  299.                 qd=(question_record,), an=(), ns=(), ar=(),

  300.             )

  301.             sock.sendto(pack(question), ('127.0.0.1', 53))

  302.         sock.close()

  303. 

  304.         response = await resolve('www.google.com', TYPES.A)

  305.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  306. 

  307.     @async_test

  308.     async def test_sending_pointer_loop_not_affect_later_queries_c(self):

  309.         resolve, clear_cache = get_resolver(53)

  310.         self.add_async_cleanup(clear_cache)

  311. 

  312.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  313.         server_task = await start()

  314.         self.add_async_cleanup(await_cancel, server_task)

  315. 

  316.         response = await resolve('www.google.com', TYPES.A)

  317.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  318. 

  319.         name = b'mydomain.com'

  320.         question_record = QuestionRecord(name, TYPES.A, qclass=1)

  321.         record_1 = ResourceRecord(

  322.             name=name, qtype=TYPES.A, qclass=1, ttl=0,

  323.             rdata=ipaddress.IPv4Address('123.100.124.1').packed,

  324.         )

  325.         response = Message(

  326.             qid=1, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  327.             qd=(question_record,), an=(record_1,), ns=(), ar=(),

  328.         )

  329. 

  330.         data = pack(response)

  331.         packed_name = b''.join(

  332.             component

  333.             for label in name.split(b'.')

  334.             for component in (bytes([len(label)]), label)

  335.         ) + b'\0'

  336. 

  337.         occurance_1 = data.index(packed_name)

  338.         occurance_1_end = occurance_1 + len(packed_name)

  339.         occurance_2 = occurance_1_end + data[occurance_1_end:].index(packed_name)

  340.         occurance_2_end = occurance_2 + len(packed_name)

  341. 

  342.         data_compressed = \

  343.             data[:occurance_2] + \

  344.             struct.pack('!H', (192 * 256) + occurance_2 + 4) + \

  345.             struct.pack('!H', (192 * 256) + occurance_2) + \

  346.             struct.pack('!H', (192 * 256) + occurance_2 + 2) + \

  347.             data[occurance_2_end:]

  348. 

  349.         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  350.         sock.sendto(data_compressed, ('127.0.0.1', 53))

  351.         sock.close()

  352. 

  353.         tasks = [

  354.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  355.             for _ in range(0, 100000)

  356.         ]

  357.         responses = await asyncio.gather(*tasks)

  358.         for response in responses:

  359.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  360. 

  361.     @async_test

  362.     async def test_too_large_response_from_upstream_not_affect_later(self):

  363.         num_records = 200

  364. 

  365.         async def get_response(query_data):

  366.             query = parse(query_data)

  367.             response_records = tuple(

  368.                 ResourceRecord(

  369.                     name=query.qd[0].name,

  370.                     qtype=TYPES.A,

  371.                     qclass=1,

  372.                     ttl=0,

  373.                     rdata=ipaddress.IPv4Address('123.100.123.' + str(i)).packed,

  374.                 ) for i in range(0, num_records)

  375.             )

  376. 

  377.             response = Message(

  378.                 qid=query.qid, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  379.                 qd=query.qd, an=response_records, ns=(), ar=(),

  380.             )

  381.             return pack(response)

  382. 

  383.         stop_nameserver = await start_nameserver(54, get_response)

  384.         self.add_async_cleanup(stop_nameserver)

  385. 

  386.         resolve, clear_cache = get_resolver(53)

  387.         self.add_async_cleanup(clear_cache)

  388. 

  389.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  390.         server_task = await start()

  391.         self.add_async_cleanup(await_cancel, server_task)

  392. 

  393.         tasks = [

  394.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  395.             for _ in range(0, 100000)

  396.         ]

  397. 

  398.         for task in tasks:

  399.             with self.assertRaises(DnsTimeout):

  400.                 await task

  401. 

  402.         num_records = 1

  403.         tasks = [

  404.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  405.             for _ in range(0, 100000)

  406.         ]

  407.         responses = await asyncio.gather(*tasks)

  408.         for response in responses:

  409.             self.assertEqual(str(response[0]), '123.100.123.0')

  410. 

  411.     @async_test

  412.     async def test_server_response_after_cancel_returned_to_client(self):

  413.         received_request = asyncio.Event()

  414.         continue_request = asyncio.Event()

  415. 

  416.         async def get_response(query_data):

  417.             query = parse(query_data)

  418.             response_record = ResourceRecord(

  419.                 name=query.qd[0].name,

  420.                 qtype=TYPES.A,

  421.                 qclass=1,

  422.                 ttl=0,

  423.                 rdata=ipaddress.IPv4Address('123.100.123.1').packed,

  424.             )

  425. 

  426.             response = Message(

  427.                 qid=query.qid, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  428.                 qd=query.qd, an=(response_record,), ns=(), ar=(),

  429.             )

  430.             received_request.set()

  431.             await continue_request.wait()

  432.             return pack(response)

  433. 

  434.         stop_nameserver = await start_nameserver(54, get_response)

  435.         self.add_async_cleanup(stop_nameserver)

  436. 

  437.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  438.         server_task = await start()

  439. 

  440.         async def resolve(domain):

  441.             resolve, clear_cache = get_resolver(53)

  442.             result = await resolve(domain, TYPES.A)

  443.             await clear_cache()

  444.             return result

  445. 

  446.         # Start a set of requests

  447.         tasks = [

  448.             asyncio.create_task(resolve('www.google.com'))

  449.             for _ in range(0, 100)

  450.         ]

  451.         await received_request.wait()

  452. 

  453.         # Cancel the server...

  454.         server_task.cancel()

  455. 

  456.         # ... start a new request

  457.         after_cancel_task = asyncio.create_task(resolve('www.bing.com'))

  458. 

  459.         # ... wait to try to ensure the request would have been received

  460.         await asyncio.sleep(0.2)

  461. 

  462.         # ... then finally the upstream server continues with the processing

  463.         # of the requests received before cancellation

  464.         continue_request.set()

  465.         for response in await asyncio.gather(*tasks):

  466.             self.assertEqual(str(response[0]), '123.100.123.1')

  467. 

  468.         # ... but the request started after cancellation times out

  469.         with self.assertRaises(DnsTimeout):

  470.             await after_cancel_task

  471. 

  472. 

  473. def get_socket(port):

  474.     def _get_socket():

  475.         sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  476.         sock.setblocking(False)

  477.         sock.bind(('', port))

  478.         return sock

  479.     return _get_socket

  480. 

  481. 

  482. def get_small_socket():

  483.     # For linux, the minimum buffer size is 1024

  484.     sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  485.     sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 1024)

  486.     sock.setblocking(False)

  487.     sock.bind(('', 53))

  488.     return sock

  489. 

  490. 

  491. def get_resolver(port, timeout=2.0):

  492.     async def get_nameservers(_, __):

  493.         for _ in range(0, 5):

  494.             yield (timeout, ('127.0.0.1', port))

  495. 

  496.     return Resolver(get_nameservers=get_nameservers)

  497. 

  498. 

  499. def get_fixed_resolver():

  500.     async def get_host(_, fqdn, qtype):

  501.         hosts = {

  502.             b'www.google.com': {

  503.                 TYPES.A: IPv4AddressExpiresAt('1.2.3.4', expires_at=0),

  504.             },

  505.         }

  506.         try:

  507.             return hosts[fqdn.lower()][qtype]

  508.         except KeyError:

  509.             return None

  510. 

  511.     return Resolver(get_host=get_host)

  512. 

  513. 

  514. async def start_nameserver(port, get_response):

  515.     # For some tests we need to control the responses from upstream, especially in the cases

  516.     # where it's not behaving

  517.     loop = asyncio.get_event_loop()

  518. 

  519.     sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  520.     sock.setblocking(False)

  521.     sock.bind(('', port))

  522. 

  523.     async def server():

  524.         client_tasks = []

  525.         try:

  526.             while True:

  527.                 data, addr = await recvfrom(loop, [sock], 512)

  528.                 client_tasks.append(asyncio.ensure_future(client_task(data, addr)))

  529.         finally:

  530.             for task in client_tasks:

  531.                 task.cancel()

  532. 

  533.     async def client_task(data, addr):

  534.         response = await get_response(data)

  535.         sock.sendto(response, addr)

  536. 

  537.     server_task = asyncio.ensure_future(server())

  538. 

  539.     async def stop():

  540.         server_task.cancel()

  541.         await asyncio.sleep(0)

  542.         sock.close()

  543. 

  544.     return stop

  545. 

  546. 

  547. async def await_cancel(task):

  548.     task.cancel()

  549.     try:

  550.         await task

  551.     except asyncio.CancelledError:

  552.         pass