isc_result_t dns_test_loaddb(dns_db_t **db, dns_dbtype_t dbtype, const char *origin, const char *testfile) { isc_result_t result; dns_fixedname_t fixed; dns_name_t *name; dns_fixedname_init(&fixed); name = dns_fixedname_name(&fixed); result = dns_name_fromstring(name, origin, 0, NULL); if (result != ISC_R_SUCCESS) return(result); result = dns_db_create(mctx, "rbt", name, dbtype, dns_rdataclass_in, 0, NULL, db); if (result != ISC_R_SUCCESS) return (result); result = dns_db_load(*db, testfile); return (result); }
int main(int argc, char *argv[]) { isc_token_t token; isc_result_t result; int c; unsigned int options = 0; dns_rdatatype_t rdtype; dns_rdataclass_t rdclass; char text[256*1024]; char data[64*1024]; isc_buffer_t tbuf; isc_buffer_t dbuf; dns_rdata_t rdata = DNS_RDATA_INIT; isc_boolean_t doexit = ISC_FALSE; isc_boolean_t once = ISC_FALSE; isc_boolean_t print = ISC_FALSE; isc_boolean_t unknown = ISC_FALSE; unsigned int t; char *origin = NULL; dns_fixedname_t fixed; dns_name_t *name = NULL; while ((c = isc_commandline_parse(argc, argv, "ho:puCPT")) != -1) { switch (c) { case 'o': origin = isc_commandline_argument; break; case 'p': print = ISC_TRUE; break; case 'u': unknown = ISC_TRUE; break; case 'C': for (t = 1; t <= 0xfeffu; t++) { if (dns_rdataclass_ismeta(t)) continue; dns_rdataclass_format(t, text, sizeof(text)); if (strncmp(text, "CLASS", 4) != 0) fprintf(stdout, "%s\n", text); } exit(0); case 'P': for (t = 0xff00; t <= 0xfffeu; t++) { if (dns_rdatatype_ismeta(t)) continue; dns_rdatatype_format(t, text, sizeof(text)); if (strncmp(text, "TYPE", 4) != 0) fprintf(stdout, "%s\n", text); } doexit = ISC_TRUE; break; case 'T': for (t = 1; t <= 0xfeffu; t++) { if (dns_rdatatype_ismeta(t)) continue; dns_rdatatype_format(t, text, sizeof(text)); if (strncmp(text, "TYPE", 4) != 0) fprintf(stdout, "%s\n", text); } doexit = ISC_TRUE; break; case '?': case 'h': /* Does not return. */ usage(); default: fprintf(stderr, "%s: unhandled option -%c\n", argv[0], isc_commandline_option); exit(1); } } if (doexit) exit(0); RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_lex_create(mctx, 256, &lex) == ISC_R_SUCCESS); /* * Set up to lex DNS master file. */ specials['('] = 1; specials[')'] = 1; specials['"'] = 1; isc_lex_setspecials(lex, specials); options = ISC_LEXOPT_EOL; isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); RUNTIME_CHECK(isc_lex_openstream(lex, stdin) == ISC_R_SUCCESS); if (origin != NULL) { dns_fixedname_init(&fixed); name = dns_fixedname_name(&fixed); result = dns_name_fromstring(name, origin, 0, NULL); if (result != ISC_R_SUCCESS) { fatal("dns_name_fromstring: %s", dns_result_totext(result)); } } while ((result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token)) == ISC_R_SUCCESS) { if (token.type == isc_tokentype_eof) break; if (token.type == isc_tokentype_eol) continue; if (once) { fatal("extra data"); } /* * Get class. */ if (token.type == isc_tokentype_number) { rdclass = (dns_rdataclass_t) token.value.as_ulong; if (token.value.as_ulong > 0xffffu) { fatal("class value too big %lu", token.value.as_ulong); } if (dns_rdataclass_ismeta(rdclass)) { fatal("class %lu is a meta value", token.value.as_ulong); } } else if (token.type == isc_tokentype_string) { result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); if (result != ISC_R_SUCCESS) { fatal("dns_rdataclass_fromtext: %s", dns_result_totext(result)); } if (dns_rdataclass_ismeta(rdclass)) { fatal("class %.*s(%d) is a meta value", (int)token.value.as_textregion.length, token.value.as_textregion.base, rdclass); } } else { fatal("unexpected token %u", token.type); } result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token); if (result != ISC_R_SUCCESS) break; if (token.type == isc_tokentype_eol) continue; if (token.type == isc_tokentype_eof) break; /* * Get type. */ if (token.type == isc_tokentype_number) { rdtype = (dns_rdatatype_t) token.value.as_ulong; if (token.value.as_ulong > 0xffffu) { fatal("type value too big %lu", token.value.as_ulong); } if (dns_rdatatype_ismeta(rdtype)) { fatal("type %lu is a meta value", token.value.as_ulong); } } else if (token.type == isc_tokentype_string) { result = dns_rdatatype_fromtext(&rdtype, &token.value.as_textregion); if (result != ISC_R_SUCCESS) { fatal("dns_rdatatype_fromtext: %s", dns_result_totext(result)); } if (dns_rdatatype_ismeta(rdtype)) { fatal("type %.*s(%d) is a meta value", (int)token.value.as_textregion.length, token.value.as_textregion.base, rdtype); } } else { fatal("unexpected token %u", token.type); } isc_buffer_init(&dbuf, data, sizeof(data)); result = dns_rdata_fromtext(&rdata, rdclass, rdtype, lex, name, 0, mctx, &dbuf, NULL); if (result != ISC_R_SUCCESS) { fatal("dns_rdata_fromtext: %s", dns_result_totext(result)); } once = ISC_TRUE; } if (result != ISC_R_EOF) { fatal("eof not found"); } if (!once) { fatal("no records found"); } if (print) { isc_buffer_init(&tbuf, text, sizeof(text)); result = dns_rdataclass_totext(rdclass, &tbuf); if (result != ISC_R_SUCCESS) { fatal("dns_rdataclass_totext: %s", dns_result_totext(result)); } isc_buffer_putstr(&tbuf, "\t"); result = dns_rdatatype_totext(rdtype, &tbuf); if (result != ISC_R_SUCCESS) { fatal("dns_rdatatype_totext: %s", dns_result_totext(result)); } isc_buffer_putstr(&tbuf, "\t"); result = dns_rdata_totext(&rdata, NULL, &tbuf); if (result != ISC_R_SUCCESS) { fatal("dns_rdata_totext: %s", dns_result_totext(result)); } printf("%.*s\n", (int)tbuf.used, (char*)tbuf.base); fflush(stdout); } if (unknown) { isc_buffer_init(&tbuf, text, sizeof(text)); result = dns_rdataclass_tounknowntext(rdclass, &tbuf); if (result != ISC_R_SUCCESS) { fatal("dns_rdataclass_tounknowntext: %s", dns_result_totext(result)); } isc_buffer_putstr(&tbuf, "\t"); result = dns_rdatatype_tounknowntext(rdtype, &tbuf); if (result != ISC_R_SUCCESS) { fatal("dns_rdatatype_tounknowntext: %s", dns_result_totext(result)); } isc_buffer_putstr(&tbuf, "\t"); result = dns_rdata_tofmttext(&rdata, NULL, DNS_STYLEFLAG_UNKNOWNFORMAT, 0, 0, "", &tbuf); if (result != ISC_R_SUCCESS) { fatal("dns_rdata_tofmttext: %sn", dns_result_totext(result)); } printf("%.*s\n", (int)tbuf.used, (char*)tbuf.base); fflush(stdout); } isc_lex_close(lex); isc_lex_destroy(&lex); isc_mem_destroy(&mctx); return (0); }
ATF_TC_BODY(tsig_tcp, tc) { const dns_name_t *tsigowner = NULL; dns_fixedname_t fkeyname; dns_message_t *msg = NULL; dns_name_t *keyname; dns_tsig_keyring_t *ring = NULL; dns_tsigkey_t *key = NULL; isc_buffer_t *buf = NULL; isc_buffer_t *querytsig = NULL; isc_buffer_t *tsigin = NULL; isc_buffer_t *tsigout = NULL; isc_result_t result; unsigned char secret[16] = { 0 }; dst_context_t *tsigctx = NULL; dst_context_t *outctx = NULL; UNUSED(tc); result = dns_test_begin(stderr, ISC_TRUE); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); /* isc_log_setdebuglevel(lctx, 99); */ dns_fixedname_init(&fkeyname); keyname = dns_fixedname_name(&fkeyname); result = dns_name_fromstring(keyname, "test", 0, NULL); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_tsigkeyring_create(mctx, &ring); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_tsigkey_create(keyname, dns_tsig_hmacsha256_name, secret, sizeof(secret), ISC_FALSE, NULL, 0, 0, mctx, ring, &key); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); /* * Create request. */ result = isc_buffer_allocate(mctx, &buf, 65535); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); render(buf, 0, key, &tsigout, &querytsig, NULL); isc_buffer_free(&buf); /* * Create response message 1. */ result = isc_buffer_allocate(mctx, &buf, 65535); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); render(buf, DNS_MESSAGEFLAG_QR, key, &querytsig, &tsigout, NULL); /* * Process response message 1. */ result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &msg); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_create: %s", dns_result_totext(result)); result = dns_message_settsigkey(msg, key); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_settsigkey: %s", dns_result_totext(result)); result = dns_message_parse(msg, buf, 0); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_parse: %s", dns_result_totext(result)); printmessage(msg); result = dns_message_setquerytsig(msg, querytsig); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_setquerytsig: %s", dns_result_totext(result)); result = dns_tsig_verify(buf, msg, NULL, NULL); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_tsig_verify: %s", dns_result_totext(result)); ATF_CHECK_EQ(msg->verified_sig, 1); ATF_CHECK_EQ(msg->tsigstatus, dns_rcode_noerror); /* * Check that we have a TSIG in the first message. */ ATF_REQUIRE(dns_message_gettsig(msg, &tsigowner) != NULL); result = dns_message_getquerytsig(msg, mctx, &tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_getquerytsig: %s", dns_result_totext(result)); tsigctx = msg->tsigctx; msg->tsigctx = NULL; isc_buffer_free(&buf); dns_message_destroy(&msg); result = dst_context_create3(key->key, mctx, DNS_LOGCATEGORY_DNSSEC, ISC_FALSE, &outctx); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); /* * Start digesting. */ result = add_mac(outctx, tsigout); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); /* * Create response message 2. */ result = isc_buffer_allocate(mctx, &buf, 65535); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); render(buf, DNS_MESSAGEFLAG_QR, key, &tsigout, &tsigout, outctx); /* * Process response message 2. */ result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &msg); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_create: %s", dns_result_totext(result)); msg->tcp_continuation = 1; msg->tsigctx = tsigctx; tsigctx = NULL; result = dns_message_settsigkey(msg, key); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_settsigkey: %s", dns_result_totext(result)); result = dns_message_parse(msg, buf, 0); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_parse: %s", dns_result_totext(result)); printmessage(msg); result = dns_message_setquerytsig(msg, tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_setquerytsig: %s", dns_result_totext(result)); result = dns_tsig_verify(buf, msg, NULL, NULL); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_tsig_verify: %s", dns_result_totext(result)); ATF_CHECK_EQ(msg->verified_sig, 1); ATF_CHECK_EQ(msg->tsigstatus, dns_rcode_noerror); /* * Check that we don't have a TSIG in the second message. */ tsigowner = NULL; ATF_REQUIRE(dns_message_gettsig(msg, &tsigowner) == NULL); tsigctx = msg->tsigctx; msg->tsigctx = NULL; isc_buffer_free(&buf); dns_message_destroy(&msg); /* * Create response message 3. */ result = isc_buffer_allocate(mctx, &buf, 65535); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); render(buf, DNS_MESSAGEFLAG_QR, key, &tsigout, &tsigout, outctx); result = add_tsig(outctx, key, buf); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "add_tsig: %s", dns_result_totext(result)); /* * Process response message 3. */ result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &msg); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_create: %s", dns_result_totext(result)); msg->tcp_continuation = 1; msg->tsigctx = tsigctx; tsigctx = NULL; result = dns_message_settsigkey(msg, key); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_settsigkey: %s", dns_result_totext(result)); result = dns_message_parse(msg, buf, 0); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_parse: %s", dns_result_totext(result)); printmessage(msg); /* * Check that we had a TSIG in the third message. */ ATF_REQUIRE(dns_message_gettsig(msg, &tsigowner) != NULL); result = dns_message_setquerytsig(msg, tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_setquerytsig: %s", dns_result_totext(result)); result = dns_tsig_verify(buf, msg, NULL, NULL); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_tsig_verify: %s", dns_result_totext(result)); ATF_CHECK_EQ(msg->verified_sig, 1); ATF_CHECK_EQ(msg->tsigstatus, dns_rcode_noerror); if (tsigin != NULL) isc_buffer_free(&tsigin); result = dns_message_getquerytsig(msg, mctx, &tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_getquerytsig: %s", dns_result_totext(result)); isc_buffer_free(&buf); dns_message_destroy(&msg); if (outctx != NULL) dst_context_destroy(&outctx); if (querytsig != NULL) isc_buffer_free(&querytsig); if (tsigin != NULL) isc_buffer_free(&tsigin); if (tsigout != NULL) isc_buffer_free(&tsigout); if (buf != NULL) isc_buffer_free(&buf); if (msg != NULL) dns_message_destroy(&msg); if (key != NULL) dns_tsigkey_detach(&key); if (ring != NULL) dns_tsigkeyring_detach(&ring); dns_test_end(); }