jmg
/
dns-rewrite-proxy
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
72 Commits
2 Branches
129 KiB
 
Tree: ab129c1986
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ab129c1986'
${ noResults }
dns-rewrite-proxy/test.py

566 lines
19 KiB
Raw Blame History 

  1. import asyncio

  2. import ipaddress

  3. import socket

  4. import struct

  5. import unittest

  6. 

  7. 

  8. from aiodnsresolver import (

  9.     RESPONSE,

  10.     QUESTION,

  11.     TYPES,

  12.     DnsRecordDoesNotExist,

  13.     DnsResponseCode,

  14.     DnsTimeout,

  15.     IPv4AddressExpiresAt,

  16.     Message,

  17.     ResourceRecord,

  18.     QuestionRecord,

  19.     Resolver,

  20.     pack,

  21.     parse,

  22.     recvfrom,

  23. )

  24. from dnsrewriteproxy import (

  25.     DnsProxy,

  26. )

  27. 

  28. 

  29. def async_test(func):

  30.     def wrapper(*args, **kwargs):

  31.         future = func(*args, **kwargs)

  32.         loop = asyncio.get_event_loop()

  33.         loop.run_until_complete(future)

  34.     return wrapper

  35. 

  36. 

  37. class TestProxy(unittest.TestCase):

  38.     def add_async_cleanup(self, coroutine, *args):

  39.         self.addCleanup(asyncio.get_running_loop().run_until_complete, coroutine(*args))

  40. 

  41.     @async_test

  42.     async def test_e2e_no_match_rule(self):

  43.         resolve, clear_cache = get_resolver(3535)

  44.         self.add_async_cleanup(clear_cache)

  45.         start = DnsProxy(get_socket=get_socket(3535))

  46.         server_task = await start()

  47.         self.add_async_cleanup(await_cancel, server_task)

  48. 

  49.         with self.assertRaises(DnsResponseCode) as cm:

  50.             await resolve('www.google.com', TYPES.A)

  51. 

  52.         self.assertEqual(cm.exception.args[0], 5)

  53. 

  54.     @async_test

  55.     async def test_e2e_match_all(self):

  56.         resolve, clear_cache = get_resolver(3535)

  57.         self.add_async_cleanup(clear_cache)

  58.         start = DnsProxy(get_socket=get_socket(3535), rules=((r'(^.*$)', r'\1'),))

  59.         server_task = await start()

  60.         self.add_async_cleanup(await_cancel, server_task)

  61. 

  62.         response = await resolve('www.google.com', TYPES.A)

  63. 

  64.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  65. 

  66.     @async_test

  67.     async def test_e2e_match_all_wrong_type(self):

  68.         resolve, clear_cache = get_resolver(3535)

  69.         self.add_async_cleanup(clear_cache)

  70.         start = DnsProxy(get_socket=get_socket(3535), rules=((r'(^.*$)', r'\1'),))

  71.         server_task = await start()

  72.         self.add_async_cleanup(await_cancel, server_task)

  73. 

  74.         with self.assertRaises(DnsResponseCode) as cm:

  75.             await resolve('www.google.com', TYPES.AAAA)

  76. 

  77.         self.assertEqual(cm.exception.args[0], 5)

  78. 

  79.     @async_test

  80.     async def test_e2e_default_port_match_all(self):

  81.         resolve, clear_cache = get_resolver(53)

  82.         self.add_async_cleanup(clear_cache)

  83.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  84.         server_task = await start()

  85.         self.add_async_cleanup(await_cancel, server_task)

  86. 

  87.         response = await resolve('www.google.com', TYPES.A)

  88. 

  89.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  90. 

  91.     @async_test

  92.     async def test_e2e_default_resolver_match_all_non_existing_domain(self):

  93.         resolve, clear_cache = get_resolver(53)

  94.         self.add_async_cleanup(clear_cache)

  95.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  96.         server_task = await start()

  97.         self.add_async_cleanup(await_cancel, server_task)

  98. 

  99.         with self.assertRaises(DnsRecordDoesNotExist):

  100.             await resolve('doesnotexist.charemza.name', TYPES.A)

  101. 

  102.     @async_test

  103.     async def test_e2e_default_resolver_rewrite_non_existing_to_existing(self):

  104.         resolve, clear_cache = get_resolver(53)

  105.         self.add_async_cleanup(clear_cache)

  106.         start = DnsProxy(rules=((r'^doesnotexist\.charemza\.name$', r'www.google.com'),))

  107.         server_task = await start()

  108.         self.add_async_cleanup(await_cancel, server_task)

  109. 

  110.         response = await resolve('doesnotexist.charemza.name', TYPES.A)

  111.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  112. 

  113.     @async_test

  114.     async def test_e2e_default_resolver_match_all_bad_upstream(self):

  115.         resolve, clear_cache = get_resolver(53, timeout=100)

  116.         self.add_async_cleanup(clear_cache)

  117. 

  118.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  119.         server_task = await start()

  120.         self.add_async_cleanup(await_cancel, server_task)

  121. 

  122.         with self.assertRaises(DnsResponseCode) as cm:

  123.             await resolve('www.google.com', TYPES.A)

  124. 

  125.         self.assertEqual(cm.exception.args[0], 2)

  126. 

  127.     @async_test

  128.     async def test_e2e_default_resolver_match_none_non_existing_domain(self):

  129.         resolve, clear_cache = get_resolver(53)

  130.         self.add_async_cleanup(clear_cache)

  131.         start = DnsProxy()

  132.         server_task = await start()

  133.         self.add_async_cleanup(await_cancel, server_task)

  134. 

  135.         with self.assertRaises(DnsResponseCode) as cm:

  136.             await resolve('doesnotexist.charemza.name', TYPES.A)

  137. 

  138.         self.assertEqual(cm.exception.args[0], 5)

  139. 

  140.     @async_test

  141.     async def test_many_responses_with_small_socket_buffer_no_onward_query(self):

  142.         resolve, clear_cache = get_resolver(53)

  143.         self.add_async_cleanup(clear_cache)

  144. 

  145.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_socket=get_small_socket,

  146.                          get_resolver=get_fixed_resolver)

  147.         server_task = await start()

  148.         self.add_async_cleanup(await_cancel, server_task)

  149. 

  150.         tasks = [

  151.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  152.             for _ in range(0, 100000)

  153.         ]

  154. 

  155.         responses = await asyncio.gather(*tasks)

  156. 

  157.         for response in responses:

  158.             self.assertEqual(str(response[0]), '1.2.3.4')

  159. 

  160.         bing_responses = await resolve('www.bing.com', TYPES.A)

  161.         self.assertEqual(type(bing_responses[0]), IPv4AddressExpiresAt)

  162. 

  163.     @async_test

  164.     async def test_many_responses_with_small_socket_buffer_onward_query(self):

  165.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_socket=get_small_socket)

  166.         server_task = await start()

  167.         self.add_async_cleanup(await_cancel, server_task)

  168. 

  169.         async def resolve(domain):

  170.             resolve, clear_cache = get_resolver(53)

  171.             result = await resolve(domain, TYPES.A)

  172.             await clear_cache()

  173.             return result

  174. 

  175.         tasks = [

  176.             asyncio.create_task(resolve('www.google.com'))

  177.             for _ in range(0, 1000)

  178.         ]

  179. 

  180.         responses = await asyncio.gather(*tasks)

  181. 

  182.         for response in responses:

  183.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  184. 

  185.         bing_responses = await resolve('www.bing.com')

  186.         self.assertEqual(type(bing_responses[0]), IPv4AddressExpiresAt)

  187. 

  188.     @async_test

  189.     async def test_many_responses_with_regular_socket_buffer_onward_query(self):

  190.         resolve, clear_cache = get_resolver(53)

  191.         self.add_async_cleanup(clear_cache)

  192. 

  193.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  194.         server_task = await start()

  195.         self.add_async_cleanup(await_cancel, server_task)

  196. 

  197.         tasks = [

  198.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  199.             for _ in range(0, 100000)

  200.         ]

  201. 

  202.         responses = await asyncio.gather(*tasks)

  203. 

  204.         for response in responses:

  205.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  206. 

  207.         bing_responses = await resolve('www.bing.com', TYPES.A)

  208.         self.assertEqual(type(bing_responses[0]), IPv4AddressExpiresAt)

  209. 

  210.     @async_test

  211.     async def test_proxy_returns_error_from_upstream(self):

  212.         rcode = 4

  213. 

  214.         async def get_response(query_data):

  215.             query = parse(query_data)

  216.             response = Message(

  217.                 qid=query.qid, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=rcode,

  218.                 qd=query.qd, an=(), ns=(), ar=(),

  219.             )

  220.             return pack(response)

  221. 

  222.         stop_nameserver = await start_nameserver(54, get_response)

  223.         self.add_async_cleanup(stop_nameserver)

  224. 

  225.         resolve, clear_cache = get_resolver(53)

  226.         self.add_async_cleanup(clear_cache)

  227. 

  228.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  229.         server_task = await start()

  230.         self.add_async_cleanup(await_cancel, server_task)

  231. 

  232.         with self.assertRaises(DnsResponseCode) as cm:

  233.             await resolve('www.google.com', TYPES.A)

  234. 

  235.         self.assertEqual(cm.exception.args[0], 4)

  236. 

  237.         rcode = 5

  238.         with self.assertRaises(DnsResponseCode) as cm:

  239.             await resolve('www.google.com', TYPES.A)

  240. 

  241.         self.assertEqual(cm.exception.args[0], 5)

  242. 

  243.     @async_test

  244.     async def test_sending_bad_messages_not_affect_later_queries_a(self):

  245.         resolve, clear_cache = get_resolver(53)

  246.         self.add_async_cleanup(clear_cache)

  247. 

  248.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  249.         server_task = await start()

  250.         self.add_async_cleanup(await_cancel, server_task)

  251. 

  252.         response = await resolve('www.google.com', TYPES.A)

  253.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  254. 

  255.         for _ in range(0, 100000):

  256.             sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  257.             sock.sendto(b'not-a-valid-message', ('127.0.0.1', 53))

  258.             sock.close()

  259. 

  260.         tasks = [

  261.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  262.             for _ in range(0, 100000)

  263.         ]

  264.         responses = await asyncio.gather(*tasks)

  265.         for response in responses:

  266.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  267. 

  268.     @async_test

  269.     async def test_sending_bad_messages_not_affect_later_queries_b(self):

  270.         resolve, clear_cache = get_resolver(53)

  271.         self.add_async_cleanup(clear_cache)

  272. 

  273.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  274.         server_task = await start()

  275.         self.add_async_cleanup(await_cancel, server_task)

  276. 

  277.         response = await resolve('www.google.com', TYPES.A)

  278.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  279. 

  280.         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  281.         for _ in range(0, 100000):

  282.             sock.sendto(b'not-a-valid-message', ('127.0.0.1', 53))

  283.         sock.close()

  284. 

  285.         tasks = [

  286.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  287.             for _ in range(0, 100000)

  288.         ]

  289.         responses = await asyncio.gather(*tasks)

  290.         for response in responses:

  291.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  292. 

  293.     @async_test

  294.     async def test_sending_lots_of_good_messages_not_affect_later_queries(self):

  295.         resolve, clear_cache = get_resolver(53)

  296.         self.add_async_cleanup(clear_cache)

  297. 

  298.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  299.         server_task = await start()

  300.         self.add_async_cleanup(await_cancel, server_task)

  301. 

  302.         response = await resolve('www.google.com', TYPES.A)

  303.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  304. 

  305.         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  306. 

  307.         for i in range(0, 100000):

  308.             name = b'doesnotexist' + str(i).encode('ascii') + b'.charemza.name'

  309.             question_record = QuestionRecord(name, TYPES.A, qclass=1)

  310.             question = Message(

  311.                 qid=i % 65535, qr=QUESTION, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  312.                 qd=(question_record,), an=(), ns=(), ar=(),

  313.             )

  314.             sock.sendto(pack(question), ('127.0.0.1', 53))

  315.         sock.close()

  316. 

  317.         response = await resolve('www.google.com', TYPES.A)

  318.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  319. 

  320.     @async_test

  321.     async def test_sending_pointer_loop_not_affect_later_queries_c(self):

  322.         resolve, clear_cache = get_resolver(53)

  323.         self.add_async_cleanup(clear_cache)

  324. 

  325.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),))

  326.         server_task = await start()

  327.         self.add_async_cleanup(await_cancel, server_task)

  328. 

  329.         response = await resolve('www.google.com', TYPES.A)

  330.         self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  331. 

  332.         name = b'mydomain.com'

  333.         question_record = QuestionRecord(name, TYPES.A, qclass=1)

  334.         record_1 = ResourceRecord(

  335.             name=name, qtype=TYPES.A, qclass=1, ttl=0,

  336.             rdata=ipaddress.IPv4Address('123.100.124.1').packed,

  337.         )

  338.         response = Message(

  339.             qid=1, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  340.             qd=(question_record,), an=(record_1,), ns=(), ar=(),

  341.         )

  342. 

  343.         data = pack(response)

  344.         packed_name = b''.join(

  345.             component

  346.             for label in name.split(b'.')

  347.             for component in (bytes([len(label)]), label)

  348.         ) + b'\0'

  349. 

  350.         occurance_1 = data.index(packed_name)

  351.         occurance_1_end = occurance_1 + len(packed_name)

  352.         occurance_2 = occurance_1_end + data[occurance_1_end:].index(packed_name)

  353.         occurance_2_end = occurance_2 + len(packed_name)

  354. 

  355.         data_compressed = \

  356.             data[:occurance_2] + \

  357.             struct.pack('!H', (192 * 256) + occurance_2 + 4) + \

  358.             struct.pack('!H', (192 * 256) + occurance_2) + \

  359.             struct.pack('!H', (192 * 256) + occurance_2 + 2) + \

  360.             data[occurance_2_end:]

  361. 

  362.         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

  363.         sock.sendto(data_compressed, ('127.0.0.1', 53))

  364.         sock.close()

  365. 

  366.         tasks = [

  367.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  368.             for _ in range(0, 100000)

  369.         ]

  370.         responses = await asyncio.gather(*tasks)

  371.         for response in responses:

  372.             self.assertEqual(type(response[0]), IPv4AddressExpiresAt)

  373. 

  374.     @async_test

  375.     async def test_too_large_response_from_upstream_not_affect_later(self):

  376.         num_records = 200

  377. 

  378.         async def get_response(query_data):

  379.             query = parse(query_data)

  380.             response_records = tuple(

  381.                 ResourceRecord(

  382.                     name=query.qd[0].name,

  383.                     qtype=TYPES.A,

  384.                     qclass=1,

  385.                     ttl=0,

  386.                     rdata=ipaddress.IPv4Address('123.100.123.' + str(i)).packed,

  387.                 ) for i in range(0, num_records)

  388.             )

  389. 

  390.             response = Message(

  391.                 qid=query.qid, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  392.                 qd=query.qd, an=response_records, ns=(), ar=(),

  393.             )

  394.             return pack(response)

  395. 

  396.         stop_nameserver = await start_nameserver(54, get_response)

  397.         self.add_async_cleanup(stop_nameserver)

  398. 

  399.         resolve, clear_cache = get_resolver(53)

  400.         self.add_async_cleanup(clear_cache)

  401. 

  402.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  403.         server_task = await start()

  404.         self.add_async_cleanup(await_cancel, server_task)

  405. 

  406.         tasks = [

  407.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  408.             for _ in range(0, 100000)

  409.         ]

  410. 

  411.         for task in tasks:

  412.             with self.assertRaises(DnsTimeout):

  413.                 await task

  414. 

  415.         num_records = 1

  416.         tasks = [

  417.             asyncio.create_task(resolve('www.google.com', TYPES.A))

  418.             for _ in range(0, 100000)

  419.         ]

  420.         responses = await asyncio.gather(*tasks)

  421.         for response in responses:

  422.             self.assertEqual(str(response[0]), '123.100.123.0')

  423. 

  424.     @async_test

  425.     async def test_server_response_after_cancel_returned_to_client(self):

  426.         received_request = asyncio.Event()

  427.         continue_request = asyncio.Event()

  428. 

  429.         async def get_response(query_data):

  430.             query = parse(query_data)

  431.             response_record = ResourceRecord(

  432.                 name=query.qd[0].name,

  433.                 qtype=TYPES.A,

  434.                 qclass=1,

  435.                 ttl=0,

  436.                 rdata=ipaddress.IPv4Address('123.100.123.1').packed,

  437.             )

  438. 

  439.             response = Message(

  440.                 qid=query.qid, qr=RESPONSE, opcode=0, aa=0, tc=0, rd=0, ra=1, z=0, rcode=0,

  441.                 qd=query.qd, an=(response_record,), ns=(), ar=(),

  442.             )

  443.             received_request.set()

  444.             await continue_request.wait()

  445.             return pack(response)

  446. 

  447.         stop_nameserver = await start_nameserver(54, get_response)

  448.         self.add_async_cleanup(stop_nameserver)

  449. 

  450.         start = DnsProxy(rules=((r'(^.*$)', r'\1'),), get_resolver=lambda: get_resolver(54))

  451.         server_task = await start()

  452. 

  453.         async def resolve(domain):

  454.             resolve, clear_cache = get_resolver(53)

  455.             result = await resolve(domain, TYPES.A)

  456.             await clear_cache()

  457.             return result

  458. 

  459.         # Start a set of requests

  460.         tasks = [

  461.             asyncio.create_task(resolve('www.google.com'))

  462.             for _ in range(0, 100)

  463.         ]

  464.         await received_request.wait()

  465. 

  466.         # Cancel the server...

  467.         server_task.cancel()

  468. 

  469.         # ... start a new request

  470.         after_cancel_task = asyncio.create_task(resolve('www.bing.com'))

  471. 

  472.         # ... wait to try to ensure the request would have been received

  473.         await asyncio.sleep(0.2)

  474. 

  475.         # ... then finally the upstream server continues with the processing

  476.         # of the requests received before cancellation

  477.         continue_request.set()

  478.         for response in await asyncio.gather(*tasks):

  479.             self.assertEqual(str(response[0]), '123.100.123.1')

  480. 

  481.         # ... but the request started after cancellation times out

  482.         with self.assertRaises(DnsTimeout):

  483.             await after_cancel_task

  484. 

  485. 

  486. def get_socket(port):

  487.     def _get_socket():

  488.         sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  489.         sock.setblocking(False)

  490.         sock.bind(('', port))

  491.         return sock

  492.     return _get_socket

  493. 

  494. 

  495. def get_small_socket():

  496.     # For linux, the minimum buffer size is 1024

  497.     sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  498.     sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 1024)

  499.     sock.setblocking(False)

  500.     sock.bind(('', 53))

  501.     return sock

  502. 

  503. 

  504. def get_resolver(port, timeout=2.0):

  505.     async def get_nameservers(_, __):

  506.         for _ in range(0, 5):

  507.             yield (timeout, ('127.0.0.1', port))

  508. 

  509.     return Resolver(get_nameservers=get_nameservers)

  510. 

  511. 

  512. def get_fixed_resolver():

  513.     async def get_host(_, fqdn, qtype):

  514.         hosts = {

  515.             b'www.google.com': {

  516.                 TYPES.A: IPv4AddressExpiresAt('1.2.3.4', expires_at=0),

  517.             },

  518.         }

  519.         try:

  520.             return hosts[fqdn.lower()][qtype]

  521.         except KeyError:

  522.             return None

  523. 

  524.     return Resolver(get_host=get_host)

  525. 

  526. 

  527. async def start_nameserver(port, get_response):

  528.     # For some tests we need to control the responses from upstream, especially in the cases

  529.     # where it's not behaving

  530.     loop = asyncio.get_event_loop()

  531. 

  532.     sock = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)

  533.     sock.setblocking(False)

  534.     sock.bind(('', port))

  535. 

  536.     async def server():

  537.         client_tasks = []

  538.         try:

  539.             while True:

  540.                 data, addr = await recvfrom(loop, [sock], 512)

  541.                 client_tasks.append(asyncio.ensure_future(client_task(data, addr)))

  542.         finally:

  543.             for task in client_tasks:

  544.                 task.cancel()

  545. 

  546.     async def client_task(data, addr):

  547.         response = await get_response(data)

  548.         sock.sendto(response, addr)

  549. 

  550.     server_task = asyncio.ensure_future(server())

  551. 

  552.     async def stop():

  553.         server_task.cancel()

  554.         await asyncio.sleep(0)

  555.         sock.close()

  556. 

  557.     return stop

  558. 

  559. 

  560. async def await_cancel(task):

  561.     task.cancel()

  562.     try:

  563.         await task

  564.     except asyncio.CancelledError:

  565.         pass