diff options
Diffstat (limited to 'resolv')
-rw-r--r-- | resolv/Makefile | 18 | ||||
-rw-r--r-- | resolv/tst-bug18665-tcp.c | 229 | ||||
-rw-r--r-- | resolv/tst-bug18665.c | 138 | ||||
-rw-r--r-- | resolv/tst-res_use_inet6.c | 201 | ||||
-rw-r--r-- | resolv/tst-resolv-basic.c | 315 | ||||
-rw-r--r-- | resolv/tst-resolv-network.c | 299 | ||||
-rw-r--r-- | resolv/tst-resolv-search.c | 343 |
7 files changed, 1542 insertions, 1 deletions
diff --git a/resolv/Makefile b/resolv/Makefile index bd086e0..5eb10e3 100644 --- a/resolv/Makefile +++ b/resolv/Makefile @@ -39,7 +39,16 @@ extra-libs := libresolv libnss_dns ifeq ($(have-thread-library),yes) extra-libs += libanl routines += gai_sigqueue -tests += tst-res_hconf_reorder + +tests += \ + tst-bug18665 \ + tst-bug18665-tcp \ + tst-res_hconf_reorder \ + tst-res_use_inet6 \ + tst-resolv-basic \ + tst-resolv-network \ + tst-resolv-search \ + endif extra-libs-others = $(extra-libs) libresolv-routines := res_comp res_debug \ @@ -108,3 +117,10 @@ tst-leaks2-ENV = MALLOC_TRACE=$(objpfx)tst-leaks2.mtrace $(objpfx)mtrace-tst-leaks2.out: $(objpfx)tst-leaks2.out $(common-objpfx)malloc/mtrace $(objpfx)tst-leaks2.mtrace > $@; \ $(evaluate-test) + +$(objpfx)tst-bug18665-tcp: $(objpfx)libresolv.so $(shared-thread-library) +$(objpfx)tst-bug18665: $(objpfx)libresolv.so $(shared-thread-library) +$(objpfx)tst-res_use_inet6: $(objpfx)libresolv.so $(shared-thread-library) +$(objpfx)tst-resolv-basic: $(objpfx)libresolv.so $(shared-thread-library) +$(objpfx)tst-resolv-network: $(objpfx)libresolv.so $(shared-thread-library) +$(objpfx)tst-resolv-search: $(objpfx)libresolv.so $(shared-thread-library) diff --git a/resolv/tst-bug18665-tcp.c b/resolv/tst-bug18665-tcp.c new file mode 100644 index 0000000..fcd3baf --- /dev/null +++ b/resolv/tst-bug18665-tcp.c @@ -0,0 +1,229 @@ +/* Test __libc_res_nsend buffer mismanagement, basic TCP coverage. + Copyright (C) 2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <errno.h> +#include <netdb.h> +#include <resolv.h> +#include <stdio.h> +#include <string.h> +#include <support/check.h> +#include <support/check_nss.h> +#include <support/resolv_test.h> +#include <support/xthread.h> +#include <support/xmemstream.h> + +static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER; + +static int initial_address_count = 1; +static int subsequent_address_count = 2000; +static int response_number = 0; + +static void +response (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype) +{ + TEST_VERIFY_EXIT (qname != NULL); + + /* If not using TCP, just force its use. */ + if (!ctx->tcp) + { + struct resolv_response_flags flags = {.tc = true}; + resolv_response_init (b, flags); + resolv_response_add_question (b, qname, qclass, qtype); + return; + } + + struct resolv_response_flags flags = {}; + resolv_response_init (b, flags); + resolv_response_add_question (b, qname, qclass, qtype); + + resolv_response_section (b, ns_s_an); + + /* The number of addresses (in the additional section) for the name + server record (in the authoritative section). */ + int address_count; + xpthread_mutex_lock (&lock); + ++response_number; + if (response_number == 1) + address_count = initial_address_count; + else if (response_number == 2) + { + address_count = 0; + resolv_response_drop (b); + resolv_response_close (b); + } + else + address_count = subsequent_address_count; + xpthread_mutex_unlock (&lock); + + /* Only add the address record to the answer section if we requested + any name server addresses. */ + if (address_count > 0) + { + resolv_response_open_record (b, qname, qclass, qtype, 0); + switch (qtype) + { + case T_A: + { + char ipv4[4] = {10, response_number >> 8, response_number, 0}; + ipv4[3] = 2 * ctx->tcp + 4 * ctx->server_index; + resolv_response_add_data (b, &ipv4, sizeof (ipv4)); + } + break; + case T_AAAA: + { + char ipv6[16] + = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, + response_number >> 8, response_number, 0, 0}; + ipv6[15] = 2 * ctx->tcp + 4 * ctx->server_index; + resolv_response_add_data (b, &ipv6, sizeof (ipv6)); + } + break; + default: + support_record_failure (); + printf ("error: unexpected QTYPE: %s/%u/%u\n", + qname, qclass, qtype); + } + resolv_response_close_record (b); + + /* Add the name server record. */ + resolv_response_section (b, ns_s_ns); + resolv_response_open_record (b, "example", C_IN, T_NS, 0); + resolv_response_add_name (b, "ns.example"); + resolv_response_close_record (b); + + /* Increase the response size with name server addresses. These + addresses are not copied out of nss_dns, and thus do not + trigger getaddrinfo retries with a larger buffer, making + testing more predictable. */ + resolv_response_section (b, ns_s_ar); + for (int i = 1; i <= address_count; ++i) + { + resolv_response_open_record (b, "ns.example", qclass, qtype, 0); + switch (qtype) + { + case T_A: + { + char ipv4[4] = {response_number, i >> 8, i, 0}; + ipv4[3] = 2 * ctx->tcp + 4 * ctx->server_index; + resolv_response_add_data (b, &ipv4, sizeof (ipv4)); + } + break; + case T_AAAA: + { + char ipv6[16] + = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, + response_number >> 8, response_number, + i >> 8, i, 0, 0}; + ipv6[15] = 2 * ctx->tcp + 4 * ctx->server_index; + resolv_response_add_data (b, &ipv6, sizeof (ipv6)); + } + break; + default: + support_record_failure (); + printf ("error: unexpected QTYPE: %s/%u/%u\n", + qname, qclass, qtype); + } + resolv_response_close_record (b); + } + } +} + +static char * +expected_result (unsigned port, unsigned response_number) +{ + struct xmemstream mem; + xopen_memstream (&mem); + /* We fail the second TCP query to the first server by closing the + connection immediately, without returning any data. This should + cause failover to the second server. */ + int server_index = 1; + fprintf (mem.out, "address: STREAM/TCP 10.%u.%u.%u %u\n", + (response_number >> 8) & 0xff, response_number & 0xff, + 2 + 4 * server_index, port); + fprintf (mem.out, "address: STREAM/TCP 2001:db8::%x:%x %u\n", + (response_number + 1) & 0xffff, + 2 + 4 * server_index, port); + xfclose_memstream (&mem); + return mem.buffer; +} + +static void +test_different_sizes (void) +{ + struct addrinfo hints = + { + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + struct addrinfo *ai; + char *expected; + int ret; + + /* This magic number produces a response size close to 2048 + bytes. */ + initial_address_count = 124; + response_number = 0; + + ret = getaddrinfo ("www.example", "80", &hints, &ai); + expected = expected_result (80, 3); + check_addrinfo ("www.example:80", ai, ret, expected); + if (ret == 0) + freeaddrinfo (ai); + free (expected); + + response_number = 0; + ret = getaddrinfo ("www123.example", "80", &hints, &ai); + if (ret == 0) + freeaddrinfo (ai); + + response_number = 0; + ret = getaddrinfo ("www1234.example", "80", &hints, &ai); + if (ret == 0) + freeaddrinfo (ai); + + response_number = 0; + ret = getaddrinfo ("www12345.example", "80", &hints, &ai); + if (ret == 0) + freeaddrinfo (ai); +} + +static int +do_test (void) +{ + struct resolv_test *obj = resolv_test_start + ((struct resolv_redirect_config) + { + .response_callback = response + }); + + test_different_sizes (); + + _res.options |= RES_SNGLKUP; + test_different_sizes (); + + _res.options |= RES_SNGLKUPREOP; + test_different_sizes (); + + resolv_test_end (obj); + return 0; +} + +#include <support/test-driver.c> diff --git a/resolv/tst-bug18665.c b/resolv/tst-bug18665.c new file mode 100644 index 0000000..2d0cdb2 --- /dev/null +++ b/resolv/tst-bug18665.c @@ -0,0 +1,138 @@ +/* Test for __libc_res_nsend buffer mismanagent (bug 18665), UDP case. + Copyright (C) 2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <errno.h> +#include <netdb.h> +#include <resolv.h> +#include <stdio.h> +#include <string.h> +#include <support/check.h> +#include <support/resolv_test.h> +#include <support/xthread.h> + +static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER; + +static int initial_address_count; +static int response_count; + +static void +response (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype) +{ + TEST_VERIFY_EXIT (qname != NULL); + struct resolv_response_flags flags = {}; + resolv_response_init (b, flags); + resolv_response_add_question (b, qname, qclass, qtype); + + resolv_response_section (b, ns_s_an); + + /* Add many A/AAAA records to the second response. */ + int address_count; + xpthread_mutex_lock (&lock); + if (response_count == 0) + address_count = initial_address_count; + else + address_count = 2000; + ++response_count; + xpthread_mutex_unlock (&lock); + + for (int i = 0; i < address_count; ++i) + { + resolv_response_open_record (b, qname, qclass, qtype, 0); + switch (qtype) + { + case T_A: + { + char ipv4[4] = {10, i >> 8, i, 0}; + ipv4[3] = 2 * ctx->tcp + 4 * ctx->server_index; + resolv_response_add_data (b, &ipv4, sizeof (ipv4)); + } + break; + case T_AAAA: + { + char ipv6[16] + = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, + i >> 8, i, 0}; + ipv6[15] = 2 * ctx->tcp + 4 * ctx->server_index; + resolv_response_add_data (b, &ipv6, sizeof (ipv6)); + } + break; + default: + support_record_failure (); + printf ("error: unexpected QTYPE: %s/%u/%u\n", + qname, qclass, qtype); + } + resolv_response_close_record (b); + } +} + +static void +test_different_sizes (void) +{ + struct addrinfo hints = { .ai_family = AF_UNSPEC, }; + struct addrinfo *ai; + int ret; + + /* This magic number produces a response size close to 2048 + bytes. */ + initial_address_count = 126; + response_count = 0; + + ret = getaddrinfo ("www.example", "80", &hints, &ai); + if (ret == 0) + freeaddrinfo (ai); + + response_count = 0; + ret = getaddrinfo ("www123.example", "80", &hints, &ai); + if (ret == 0) + freeaddrinfo (ai); + + response_count = 0; + ret = getaddrinfo ("www1234.example", "80", &hints, &ai); + if (ret == 0) + freeaddrinfo (ai); + + response_count = 0; + ret = getaddrinfo ("www12345.example", "80", &hints, &ai); + if (ret == 0) + freeaddrinfo (ai); +} + +static int +do_test (void) +{ + struct resolv_test *obj = resolv_test_start + ((struct resolv_redirect_config) + { + .response_callback = response + }); + + test_different_sizes (); + + _res.options |= RES_SNGLKUP; + test_different_sizes (); + + _res.options |= RES_SNGLKUPREOP; + test_different_sizes (); + + resolv_test_end (obj); + return 0; +} + +#include <support/test-driver.c> diff --git a/resolv/tst-res_use_inet6.c b/resolv/tst-res_use_inet6.c new file mode 100644 index 0000000..5ed0ad0 --- /dev/null +++ b/resolv/tst-res_use_inet6.c @@ -0,0 +1,201 @@ +/* Basic functionality tests for inet6 option processing. + Copyright (C) 2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <netdb.h> +#include <resolv.h> +#include <string.h> +#include <support/check_nss.h> +#include <support/resolv_test.h> +#include <support/xthread.h> + +static void +response (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype) +{ + bool include_both = strcmp (qname, "both.example") == 0; + bool include_a = qtype == T_A || include_both; + bool include_aaaa = qtype == T_AAAA || include_both; + + resolv_response_init (b, (struct resolv_response_flags) {}); + resolv_response_add_question (b, qname, qclass, qtype); + resolv_response_section (b, ns_s_an); + if (include_a) + { + char ipv4[4] = {192, 0, 2, 17}; + resolv_response_open_record (b, qname, qclass, T_A, 0); + resolv_response_add_data (b, &ipv4, sizeof (ipv4)); + resolv_response_close_record (b); + } + if (include_aaaa) + { + char ipv6[16] + = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}; + resolv_response_open_record (b, qname, qclass, T_AAAA, 0); + resolv_response_add_data (b, &ipv6, sizeof (ipv6)); + resolv_response_close_record (b); + } +} + +/* Test that getaddrinfo is not influenced by RES_USE_INET6. */ +static void +test_gai (void) +{ + { + struct addrinfo hints = + { + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + struct addrinfo *ai; + int ret = getaddrinfo ("www1.example", "80", &hints, &ai); + check_addrinfo ("getaddrinfo AF_UNSPEC www1.example", ai, ret, + "address: STREAM/TCP 192.0.2.17 80\n" + "address: STREAM/TCP 2001:db8::1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + ret = getaddrinfo ("both.example", "80", &hints, &ai); + /* Combined A/AAAA responses currently result in address + duplication. */ + check_addrinfo ("getaddrinfo AF_UNSPEC both.example", ai, ret, + "address: STREAM/TCP 192.0.2.17 80\n" + "address: STREAM/TCP 192.0.2.17 80\n" + "address: STREAM/TCP 2001:db8::1 80\n" + "address: STREAM/TCP 2001:db8::1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + } + { + struct addrinfo hints = + { + .ai_family = AF_INET, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + struct addrinfo *ai; + int ret = getaddrinfo ("www1.example", "80", &hints, &ai); + check_addrinfo ("getaddrinfo AF_INET www1.example", ai, ret, + "address: STREAM/TCP 192.0.2.17 80\n"); + if (ret == 0) + freeaddrinfo (ai); + ret = getaddrinfo ("both.example", "80", &hints, &ai); + check_addrinfo ("getaddrinfo AF_INET both.example", ai, ret, + "address: STREAM/TCP 192.0.2.17 80\n"); + if (ret == 0) + freeaddrinfo (ai); + } + { + struct addrinfo hints = + { + .ai_family = AF_INET6, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + struct addrinfo *ai; + int ret = getaddrinfo ("www1.example", "80", &hints, &ai); + check_addrinfo ("getaddrinfo (AF_INET6)", ai, ret, + "address: STREAM/TCP 2001:db8::1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + ret = getaddrinfo ("both.example", "80", &hints, &ai); + check_addrinfo ("getaddrinfo AF_INET6 both.example", ai, ret, + "address: STREAM/TCP 2001:db8::1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + } +} + +/* Test that gethostbyname2 is not influenced by RES_USE_INET6. */ +static void +test_get2 (void) +{ + check_hostent ("gethostbyname2 AF_INET www1.example", + gethostbyname2 ("www1.example", AF_INET), + "name: www1.example\n" + "address: 192.0.2.17\n"); + check_hostent ("gethostbyname2 AF_INET both.example", + gethostbyname2 ("both.example", AF_INET), + "name: both.example\n" + "address: 192.0.2.17\n"); + + check_hostent ("gethostbyname2 AF_INET6 www1.example", + gethostbyname2 ("www1.example", AF_INET6), + "name: www1.example\n" + "address: 2001:db8::1\n"); + check_hostent ("gethostbyname2 AF_INET6 both.example", + gethostbyname2 ("both.example", AF_INET6), + "name: both.example\n" + "address: 2001:db8::1\n"); +} + +static void * +threadfunc (void *ignored) +{ + struct resolv_test *obj = resolv_test_start + ((struct resolv_redirect_config) + { + .response_callback = response + }); + + check_hostent ("gethostbyname (\"www1.example\")", + gethostbyname ("www1.example"), + "name: www1.example\n" + "address: 192.0.2.17\n"); + check_hostent ("gethostbyname (\"both.example\")", + gethostbyname ("both.example"), + "name: both.example\n" + "address: 192.0.2.17\n"); + test_get2 (); + test_gai (); + + _res.options |= RES_USE_INET6; + check_hostent ("gethostbyname (\"www1.example\")", + gethostbyname ("www1.example"), + "name: www1.example\n" + "address: 2001:db8::1\n"); + check_hostent ("gethostbyname (\"both.example\")", + gethostbyname ("both.example"), + "name: both.example\n" + "address: 2001:db8::1\n"); + test_get2 (); + test_gai (); + + resolv_test_end (obj); + + return NULL; +} + +static int +do_test (void) +{ + resolv_test_init (); + + /* Attempt to run on a non-main thread first. */ + { + pthread_t thr = xpthread_create (NULL, threadfunc, NULL); + xpthread_join (thr); + } + + /* Try the main thread next. */ + threadfunc (NULL); + + return 0; +} + +#include <support/test-driver.c> diff --git a/resolv/tst-resolv-basic.c b/resolv/tst-resolv-basic.c new file mode 100644 index 0000000..78c581d --- /dev/null +++ b/resolv/tst-resolv-basic.c @@ -0,0 +1,315 @@ +/* Test basic nss_dns functionality and the resolver test harness itself. + Copyright (C) 2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <support/check.h> +#include <support/check_nss.h> +#include <support/resolv_test.h> +#include <support/support.h> + +static void +response (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype) +{ + TEST_VERIFY_EXIT (qname != NULL); + + /* The "t." prefix can be used to request TCP fallback. */ + bool force_tcp; + if (strncmp ("t.", qname, 2) == 0) + force_tcp = true; + else + force_tcp = false; + const char *qname_compare; + if (force_tcp) + qname_compare = qname + 2; + else + qname_compare = qname; + enum {www, alias, nxdomain} requested_qname; + if (strcmp (qname_compare, "www.example") == 0) + requested_qname = www; + else if (strcmp (qname_compare, "alias.example") == 0) + requested_qname = alias; + else if (strcmp (qname_compare, "nxdomain.example") == 0) + requested_qname = nxdomain; + else + { + support_record_failure (); + printf ("error: unexpected QNAME: %s\n", qname); + return; + } + TEST_VERIFY_EXIT (qclass == C_IN); + struct resolv_response_flags flags = {.tc = force_tcp && !ctx->tcp}; + if (requested_qname == nxdomain) + flags.rcode = 3; /* NXDOMAIN */ + resolv_response_init (b, flags); + resolv_response_add_question (b, qname, qclass, qtype); + if (requested_qname == nxdomain || flags.tc) + return; + + resolv_response_section (b, ns_s_an); + switch (requested_qname) + { + case www: + resolv_response_open_record (b, qname, qclass, qtype, 0); + break; + case alias: + resolv_response_open_record (b, qname, qclass, T_CNAME, 0); + resolv_response_add_name (b, "www.example"); + resolv_response_close_record (b); + resolv_response_open_record (b, "www.example", qclass, qtype, 0); + break; + case nxdomain: + FAIL_EXIT1 ("unreachable"); + } + switch (qtype) + { + case T_A: + { + char ipv4[4] = {192, 0, 2, 17}; + ipv4[3] += requested_qname + 2 * ctx->tcp + 4 * ctx->server_index; + resolv_response_add_data (b, &ipv4, sizeof (ipv4)); + } + break; + case T_AAAA: + { + char ipv6[16] + = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}; + ipv6[15] += requested_qname + 2 * ctx->tcp + 4 * ctx->server_index; + resolv_response_add_data (b, &ipv6, sizeof (ipv6)); + } + break; + default: + support_record_failure (); + printf ("error: unexpected QTYPE: %s/%u/%u\n", + qname, qclass, qtype); + } + resolv_response_close_record (b); +} + +static void +check_h (const char *name, int family, const char *expected) +{ + if (family == AF_INET) + { + char *query = xasprintf ("gethostbyname (\"%s\")", name); + check_hostent (query, gethostbyname (name), expected); + free (query); + } + { + char *query = xasprintf ("gethostbyname2 (\"%s\", %d)", name, family); + check_hostent (query, gethostbyname2 (name, family), expected); + free (query); + } + + bool too_small = true; + for (unsigned int offset = 0; offset < 8; ++offset) + for (unsigned int size = 1; too_small; ++size) + { + char *buf = xmalloc (offset + size); + too_small = false; + + struct hostent hostbuf; + struct hostent *result; + int herror; + if (family == AF_INET) + { + char *query = xasprintf ("gethostbyname (\"%s\") %u/%u", + name, offset, size); + int ret = gethostbyname_r + (name, &hostbuf, buf + offset, size, &result, &herror); + if (ret == 0) + { + h_errno = herror; + check_hostent (query, result, expected); + } + else if (ret == ERANGE) + too_small = true; + else + { + errno = ret; + FAIL_EXIT1 ("gethostbyname_r: %m"); + } + free (query); + memset (buf, 0, offset + size); + } + char *query = xasprintf ("gethostbyname2 (\"%s\", %d) %u/%u", + name, family, offset, size); + int ret = gethostbyname2_r + (name, family, &hostbuf, buf + offset, size, &result, &herror); + if (ret == 0) + { + h_errno = herror; + check_hostent (query, result, expected); + } + else if (ret == ERANGE) + too_small = true; + else + { + errno = ret; + FAIL_EXIT1 ("gethostbyname_r: %m"); + } + free (buf); + free (query); + } +} + +static void +check_ai (const char *name, const char *service, + int family, const char *expected) +{ + struct addrinfo hints = {.ai_family = family}; + struct addrinfo *ai; + char *query = xasprintf ("%s:%s [%d]", name, service, family); + int ret = getaddrinfo (name, service, &hints, &ai); + check_addrinfo (query, ai, ret, expected); + if (ret == 0) + freeaddrinfo (ai); + free (query); +} + +static int +do_test (void) +{ + struct resolv_test *aux = resolv_test_start + ((struct resolv_redirect_config) + { + .response_callback = response, + }); + + check_h ("www.example", AF_INET, + "name: www.example\n" + "address: 192.0.2.17\n"); + check_h ("alias.example", AF_INET, + "name: www.example\n" + "alias: alias.example\n" + "address: 192.0.2.18\n"); + check_h ("www.example", AF_INET6, + "name: www.example\n" + "address: 2001:db8::1\n"); + check_h ("alias.example", AF_INET6, + "name: www.example\n" + "alias: alias.example\n" + "address: 2001:db8::2\n"); + check_ai ("www.example", "80", AF_UNSPEC, + "address: STREAM/TCP 192.0.2.17 80\n" + "address: DGRAM/UDP 192.0.2.17 80\n" + "address: RAW/IP 192.0.2.17 80\n" + "address: STREAM/TCP 2001:db8::1 80\n" + "address: DGRAM/UDP 2001:db8::1 80\n" + "address: RAW/IP 2001:db8::1 80\n"); + check_ai ("alias.example", "80", AF_UNSPEC, + "address: STREAM/TCP 192.0.2.18 80\n" + "address: DGRAM/UDP 192.0.2.18 80\n" + "address: RAW/IP 192.0.2.18 80\n" + "address: STREAM/TCP 2001:db8::2 80\n" + "address: DGRAM/UDP 2001:db8::2 80\n" + "address: RAW/IP 2001:db8::2 80\n"); + check_ai ("www.example", "80", AF_INET, + "address: STREAM/TCP 192.0.2.17 80\n" + "address: DGRAM/UDP 192.0.2.17 80\n" + "address: RAW/IP 192.0.2.17 80\n"); + check_ai ("alias.example", "80", AF_INET, + "address: STREAM/TCP 192.0.2.18 80\n" + "address: DGRAM/UDP 192.0.2.18 80\n" + "address: RAW/IP 192.0.2.18 80\n"); + check_ai ("www.example", "80", AF_INET6, + "address: STREAM/TCP 2001:db8::1 80\n" + "address: DGRAM/UDP 2001:db8::1 80\n" + "address: RAW/IP 2001:db8::1 80\n"); + check_ai ("alias.example", "80", AF_INET6, + "address: STREAM/TCP 2001:db8::2 80\n" + "address: DGRAM/UDP 2001:db8::2 80\n" + "address: RAW/IP 2001:db8::2 80\n"); + + check_h ("t.www.example", AF_INET, + "name: t.www.example\n" + "address: 192.0.2.19\n"); + check_h ("t.alias.example", AF_INET, + "name: www.example\n" + "alias: t.alias.example\n" + "address: 192.0.2.20\n"); + check_h ("t.www.example", AF_INET6, + "name: t.www.example\n" + "address: 2001:db8::3\n"); + check_h ("t.alias.example", AF_INET6, + "name: www.example\n" + "alias: t.alias.example\n" + "address: 2001:db8::4\n"); + check_ai ("t.www.example", "80", AF_UNSPEC, + "address: STREAM/TCP 192.0.2.19 80\n" + "address: DGRAM/UDP 192.0.2.19 80\n" + "address: RAW/IP 192.0.2.19 80\n" + "address: STREAM/TCP 2001:db8::3 80\n" + "address: DGRAM/UDP 2001:db8::3 80\n" + "address: RAW/IP 2001:db8::3 80\n"); + check_ai ("t.alias.example", "80", AF_UNSPEC, + "address: STREAM/TCP 192.0.2.20 80\n" + "address: DGRAM/UDP 192.0.2.20 80\n" + "address: RAW/IP 192.0.2.20 80\n" + "address: STREAM/TCP 2001:db8::4 80\n" + "address: DGRAM/UDP 2001:db8::4 80\n" + "address: RAW/IP 2001:db8::4 80\n"); + check_ai ("t.www.example", "80", AF_INET, + "address: STREAM/TCP 192.0.2.19 80\n" + "address: DGRAM/UDP 192.0.2.19 80\n" + "address: RAW/IP 192.0.2.19 80\n"); + check_ai ("t.alias.example", "80", AF_INET, + "address: STREAM/TCP 192.0.2.20 80\n" + "address: DGRAM/UDP 192.0.2.20 80\n" + "address: RAW/IP 192.0.2.20 80\n"); + check_ai ("t.www.example", "80", AF_INET6, + "address: STREAM/TCP 2001:db8::3 80\n" + "address: DGRAM/UDP 2001:db8::3 80\n" + "address: RAW/IP 2001:db8::3 80\n"); + check_ai ("t.alias.example", "80", AF_INET6, + "address: STREAM/TCP 2001:db8::4 80\n" + "address: DGRAM/UDP 2001:db8::4 80\n" + "address: RAW/IP 2001:db8::4 80\n"); + + check_h ("nxdomain.example", AF_INET, + "error: HOST_NOT_FOUND\n"); + check_h ("nxdomain.example", AF_INET6, + "error: HOST_NOT_FOUND\n"); + check_ai ("nxdomain.example", "80", AF_UNSPEC, + "error: Name or service not known\n"); + check_ai ("nxdomain.example", "80", AF_INET, + "error: Name or service not known\n"); + check_ai ("nxdomain.example", "80", AF_INET6, + "error: Name or service not known\n"); + + check_h ("t.nxdomain.example", AF_INET, + "error: HOST_NOT_FOUND\n"); + check_h ("t.nxdomain.example", AF_INET6, + "error: HOST_NOT_FOUND\n"); + check_ai ("t.nxdomain.example", "80", AF_UNSPEC, + "error: Name or service not known\n"); + check_ai ("t.nxdomain.example", "80", AF_INET, + "error: Name or service not known\n"); + check_ai ("t.nxdomain.example", "80", AF_INET6, + "error: Name or service not known\n"); + + resolv_test_end (aux); + + return 0; +} + +#include <support/test-driver.c> diff --git a/resolv/tst-resolv-network.c b/resolv/tst-resolv-network.c new file mode 100644 index 0000000..f248527 --- /dev/null +++ b/resolv/tst-resolv-network.c @@ -0,0 +1,299 @@ +/* Test getnetbyname and getnetbyaddr. + Copyright (C) 2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <netdb.h> +#include <stdlib.h> +#include <string.h> +#include <support/check.h> +#include <support/check_nss.h> +#include <support/resolv_test.h> +#include <support/support.h> +#include <support/xmemstream.h> + +static void +send_ptr (struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype, + const char *alias) +{ + resolv_response_init (b, (struct resolv_response_flags) {}); + resolv_response_add_question (b, qname, qclass, qtype); + resolv_response_section (b, ns_s_an); + resolv_response_open_record (b, qname, qclass, T_PTR, 0); + resolv_response_add_name (b, alias); + resolv_response_close_record (b); +} + +static void +handle_code (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype, + int code) +{ + switch (code) + { + case 1: + send_ptr (b, qname, qclass, qtype, "1.in-addr.arpa"); + break; + case 2: + send_ptr (b, qname, qclass, qtype, "2.1.in-addr.arpa"); + break; + case 3: + send_ptr (b, qname, qclass, qtype, "3.2.1.in-addr.arpa"); + break; + case 4: + send_ptr (b, qname, qclass, qtype, "4.3.2.1.in-addr.arpa"); + break; + case 5: + /* Test multiple PTR records. */ + resolv_response_init (b, (struct resolv_response_flags) {}); + resolv_response_add_question (b, qname, qclass, qtype); + resolv_response_section (b, ns_s_an); + resolv_response_open_record (b, qname, qclass, T_PTR, 0); + resolv_response_add_name (b, "127.in-addr.arpa"); + resolv_response_close_record (b); + resolv_response_open_record (b, qname, qclass, T_PTR, 0); + resolv_response_add_name (b, "0.in-addr.arpa"); + resolv_response_close_record (b); + break; + case 6: + /* Test skipping of RRSIG record. */ + resolv_response_init (b, (struct resolv_response_flags) { }); + resolv_response_add_question (b, qname, qclass, qtype); + resolv_response_section (b, ns_s_an); + + resolv_response_open_record (b, qname, qclass, T_PTR, 0); + resolv_response_add_name (b, "127.in-addr.arpa"); + resolv_response_close_record (b); + + resolv_response_open_record (b, qname, qclass, 46 /* RRSIG */, 0); + { + char buf[500]; + memset (buf, 0x3f, sizeof (buf)); + resolv_response_add_data (b, buf, sizeof (buf)); + } + resolv_response_close_record (b); + + resolv_response_open_record (b, qname, qclass, T_PTR, 0); + resolv_response_add_name (b, "0.in-addr.arpa"); + resolv_response_close_record (b); + break; + case 7: + /* Test CNAME handling. */ + resolv_response_init (b, (struct resolv_response_flags) { }); + resolv_response_add_question (b, qname, qclass, qtype); + resolv_response_section (b, ns_s_an); + resolv_response_open_record (b, qname, qclass, T_CNAME, 0); + resolv_response_add_name (b, "cname.example"); + resolv_response_close_record (b); + resolv_response_open_record (b, "cname.example", qclass, T_PTR, 0); + resolv_response_add_name (b, "4.3.2.1.in-addr.arpa"); + resolv_response_close_record (b); + break; + + case 100: + resolv_response_init (b, (struct resolv_response_flags) { .rcode = 0, }); + resolv_response_add_question (b, qname, qclass, qtype); + break; + case 101: + resolv_response_init (b, (struct resolv_response_flags) + { .rcode = NXDOMAIN, }); + resolv_response_add_question (b, qname, qclass, qtype); + break; + case 102: + resolv_response_init (b, (struct resolv_response_flags) {.rcode = SERVFAIL}); + resolv_response_add_question (b, qname, qclass, qtype); + break; + case 103: + /* Check response length matching. */ + if (!ctx->tcp) + { + resolv_response_init (b, (struct resolv_response_flags) {.tc = true}); + resolv_response_add_question (b, qname, qclass, qtype); + } + else + { + resolv_response_init (b, (struct resolv_response_flags) {.ancount = 1}); + resolv_response_add_question (b, qname, qclass, qtype); + resolv_response_section (b, ns_s_an); + resolv_response_open_record (b, qname, qclass, T_PTR, 0); + resolv_response_add_name (b, "127.in-addr.arpa"); + resolv_response_close_record (b); + resolv_response_open_record (b, qname, qclass, T_PTR, 0); + resolv_response_add_name (b, "example"); + resolv_response_close_record (b); + + resolv_response_open_record (b, qname, qclass, T_PTR, 0); + size_t to_fill = 65535 - resolv_response_length (b) + - 2 /* length, "n" */ - 2 /* compression reference */ + - 2 /* RR type */; + for (size_t i = 0; i < to_fill; ++i) + resolv_response_add_data (b, "", 1); + resolv_response_close_record (b); + resolv_response_add_name (b, "n.example"); + uint16_t rrtype = htons (T_PTR); + resolv_response_add_data (b, &rrtype, sizeof (rrtype)); + } + break; + default: + FAIL_EXIT1 ("invalid QNAME: %s (code %d)", qname, code); + } +} + +static void +response (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype) +{ + int code; + if (strstr (qname, "in-addr.arpa") == NULL) + { + char *tail; + if (sscanf (qname, "code%d.%ms", &code, &tail) != 2 + || strcmp (tail, "example") != 0) + FAIL_EXIT1 ("invalid QNAME: %s", qname); + free (tail); + handle_code (ctx, b, qname, qclass, qtype, code); + } + else + { + /* Reverse lookup. */ + int components[4]; + char *tail; + if (sscanf (qname, "%d.%d.%d.%d.%ms", + components, components + 1, components + 2, components + 3, + &tail) != 5 + || strcmp (tail, "in-addr.arpa") != 0) + FAIL_EXIT1 ("invalid QNAME: %s", qname); + free (tail); + handle_code (ctx, b, qname, qclass, qtype, components[3]); + } +} + +static void +check_reverse (int code, const char *expected) +{ + char *query = xasprintf ("code=%d", code); + check_netent (query, getnetbyaddr (code, AF_INET), expected); + free (query); +} + +/* Test for CVE-2016-3075. */ +static void +check_long_name (void) +{ + struct xmemstream mem; + xopen_memstream (&mem); + + char label[65]; + memset (label, 'x', 63); + label[63] = '.'; + label[64] = '\0'; + for (unsigned i = 0; i < 64 * 1024 * 1024 / strlen (label); ++i) + fprintf (mem.out, "%s", label); + + xfclose_memstream (&mem); + + check_netent ("long name", getnetbyname (mem.buffer), + "error: NO_RECOVERY\n"); + + free (mem.buffer); +} + +int +main (void) +{ + struct resolv_test *obj = resolv_test_start + ((struct resolv_redirect_config) + { + .response_callback = response + }); + + /* Lookup by name, success cases. */ + check_netent ("code1.example", getnetbyname ("code1.example"), + "alias: 1.in-addr.arpa\n" + "net: 0x00000001\n"); + check_netent ("code2.example", getnetbyname ("code2.example"), + "alias: 2.1.in-addr.arpa\n" + "net: 0x00000102\n"); + check_netent ("code3.example", getnetbyname ("code3.example"), + "alias: 3.2.1.in-addr.arpa\n" + "net: 0x00010203\n"); + check_netent ("code4.example", getnetbyname ("code4.example"), + "alias: 4.3.2.1.in-addr.arpa\n" + "net: 0x01020304\n"); + check_netent ("code5.example", getnetbyname ("code5.example"), + "alias: 127.in-addr.arpa\n" + "alias: 0.in-addr.arpa\n" + "net: 0x0000007f\n"); + check_netent ("code6.example", getnetbyname ("code6.example"), + "alias: 127.in-addr.arpa\n" + "alias: 0.in-addr.arpa\n" + "net: 0x0000007f\n"); + check_netent ("code7.example", getnetbyname ("code7.example"), + "alias: 4.3.2.1.in-addr.arpa\n" + "net: 0x01020304\n"); + + /* Lookup by name, failure cases. */ + check_netent ("code100.example", getnetbyname ("code100.example"), + "error: NO_ADDRESS\n"); + check_netent ("code101.example", getnetbyname ("code101.example"), + "error: HOST_NOT_FOUND\n"); + check_netent ("code102.example", getnetbyname ("code102.example"), + "error: TRY_AGAIN\n"); + check_netent ("code103.example", getnetbyname ("code103.example"), + "error: NO_RECOVERY\n"); + + /* Lookup by address, success cases. */ + check_reverse (1, + "name: 1.in-addr.arpa\n" + "net: 0x00000001\n"); + check_reverse (2, + "name: 2.1.in-addr.arpa\n" + "net: 0x00000002\n"); + check_reverse (3, + "name: 3.2.1.in-addr.arpa\n" + "net: 0x00000003\n"); + check_reverse (4, + "name: 4.3.2.1.in-addr.arpa\n" + "net: 0x00000004\n"); + check_reverse (5, + "name: 127.in-addr.arpa\n" + "alias: 0.in-addr.arpa\n" + "net: 0x00000005\n"); + check_reverse (6, + "name: 127.in-addr.arpa\n" + "alias: 0.in-addr.arpa\n" + "net: 0x00000006\n"); + check_reverse (7, + "name: 4.3.2.1.in-addr.arpa\n" + "net: 0x00000007\n"); + + /* Lookup by address, failure cases. */ + check_reverse (100, + "error: NO_ADDRESS\n"); + check_reverse (101, + "error: HOST_NOT_FOUND\n"); + check_reverse (102, + "error: TRY_AGAIN\n"); + check_reverse (103, + "error: NO_RECOVERY\n"); + + check_long_name (); + + resolv_test_end (obj); +} diff --git a/resolv/tst-resolv-search.c b/resolv/tst-resolv-search.c new file mode 100644 index 0000000..d95f9d9 --- /dev/null +++ b/resolv/tst-resolv-search.c @@ -0,0 +1,343 @@ +/* Test search/default domain name behavior. + Copyright (C) 2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <resolv.h> +#include <string.h> +#include <support/check.h> +#include <support/check_nss.h> +#include <support/resolv_test.h> +#include <support/support.h> +#include <support/xmemstream.h> + +struct item +{ + const char *name; + int response; +}; + +const struct item items[] = + { + {"hostname.usersys.example.com", 1}, + {"hostname.corp.example.com", 1}, + {"hostname.example.com", 1}, + + {"mail.corp.example.com", 1}, + {"mail.example.com", 1}, + + {"file.corp.example.com", 2}, + {"file.corp", 1}, + {"file.example.com", 1}, + {"servfail-usersys.usersys.example.com", -ns_r_servfail}, + {"servfail-usersys.corp.example.com", 1}, + {"servfail-usersys.example.com", 1}, + {"servfail-corp.usersys.example.com", 1}, + {"servfail-corp.corp.example.com", -ns_r_servfail}, + {"servfail-corp.example.com", 1}, + {"www.example.com", 1}, + {"large.example.com", 200}, + + /* Test query amplification with a SERVFAIL response combined with + a large RRset. */ + {"large-servfail.usersys.example.com", -ns_r_servfail}, + {"large-servfail.example.com", 2000}, + {} + }; + +enum + { + name_not_found = -1, + name_no_data = -2 + }; + +static int +find_name (const char *name) +{ + for (int i = 0; items[i].name != NULL; ++i) + { + if (strcmp (name, items[i].name) == 0) + return i; + } + if (strcmp (name, "example.com") == 0 + || strcmp (name, "usersys.example.com") == 0 + || strcmp (name, "corp.example.com") == 0) + return name_no_data; + return name_not_found; +} + +static int rcode_override_server_index = -1; +static int rcode_override; + +static void +response (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype) +{ + if (ctx->server_index == rcode_override_server_index) + { + struct resolv_response_flags flags = {.rcode = rcode_override}; + resolv_response_init (b, flags); + resolv_response_add_question (b, qname, qclass, qtype); + return; + } + + int index = find_name (qname); + struct resolv_response_flags flags = {}; + if (index == name_not_found) + flags.rcode = ns_r_nxdomain; + else if (index >= 0 && items[index].response < 0) + flags.rcode = -items[index].response; + else if (index >= 0 && items[index].response > 5 && !ctx->tcp) + /* Force TCP if more than 5 addresses where requested. */ + flags.tc = true; + resolv_response_init (b, flags); + resolv_response_add_question (b, qname, qclass, qtype); + + if (flags.tc || index < 0 || items[index].response < 0) + return; + + resolv_response_section (b, ns_s_an); + + for (int i = 0; i < items[index].response; ++i) + { + resolv_response_open_record (b, qname, qclass, qtype, 0); + + switch (qtype) + { + case T_A: + { + char addr[4] = {10, index, i >> 8, i}; + resolv_response_add_data (b, addr, sizeof (addr)); + } + break; + case T_AAAA: + { + char addr[16] + = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, + 0, index + 1, (i + 1) >> 8, i + 1}; + resolv_response_add_data (b, addr, sizeof (addr)); + } + break; + default: + support_record_failure (); + printf ("error: unexpected QTYPE: %s/%u/%u\n", + qname, qclass, qtype); + } + resolv_response_close_record (b); + } +} + +enum output_format + { + format_get, format_gai + }; + +static void +format_expected_1 (FILE *out, int family, enum output_format format, int index) +{ + for (int i = 0; i < items[index].response; ++i) + { + char address[200]; + switch (family) + { + case AF_INET: + snprintf (address, sizeof (address), "10.%d.%d.%d", + index, (i >> 8) & 0xff, i & 0xff); + break; + case AF_INET6: + snprintf (address, sizeof (address), "2001:db8::%x:%x", + index + 1, i + 1); + break; + default: + FAIL_EXIT1 ("unreachable"); + } + + switch (format) + { + case format_get: + fprintf (out, "address: %s\n", address); + break; + case format_gai: + fprintf (out, "address: STREAM/TCP %s 80\n", address); + } + } +} + +static char * +format_expected (const char *fqdn, int family, enum output_format format) +{ + int index = find_name (fqdn); + TEST_VERIFY_EXIT (index >= 0); + struct xmemstream stream; + xopen_memstream (&stream); + + TEST_VERIFY_EXIT (items[index].response >= 0); + if (format == format_get) + fprintf (stream.out, "name: %s\n", items[index].name); + if (family == AF_INET || family == AF_UNSPEC) + format_expected_1 (stream.out, AF_INET, format, index); + if (family == AF_INET6 || family == AF_UNSPEC) + format_expected_1 (stream.out, AF_INET6, format, index); + + xfclose_memstream (&stream); + return stream.buffer; +} + +static void +do_get (const char *name, const char *fqdn, int family) +{ + char *expected = format_expected (fqdn, family, format_get); + if (family == AF_INET) + { + char *query = xasprintf ("gethostbyname (\"%s\")", name); + check_hostent (query, gethostbyname (name), expected); + free (query); + } + char *query = xasprintf ("gethostbyname2 (\"%s\", %d)", name, family); + check_hostent (query, gethostbyname2 (name, family), expected); + + /* Test res_search. */ + int qtype; + switch (family) + { + case AF_INET: + qtype = T_A; + break; + case AF_INET6: + qtype = T_AAAA; + break; + default: + qtype = -1; + } + if (qtype >= 0) + { + int sz = 512; + unsigned char *response = xmalloc (sz); + int ret = res_search (name, C_IN, qtype, response, sz); + TEST_VERIFY_EXIT (ret >= 0); + if (ret > sz) + { + /* Truncation. Retry with a larger buffer. */ + sz = 65535; + unsigned char *newptr = xrealloc (response, sz); + response = newptr; + + ret = res_search (name, C_IN, qtype, response, sz); + TEST_VERIFY_EXIT (ret >= 0); + TEST_VERIFY_EXIT (ret < sz); + } + check_dns_packet (query, response, ret, expected); + free (response); + } + + free (query); + free (expected); +} + +static void +do_gai (const char *name, const char *fqdn, int family) +{ + struct addrinfo hints = + { + .ai_family = family, + .ai_protocol = IPPROTO_TCP, + .ai_socktype = SOCK_STREAM + }; + struct addrinfo *ai; + char *query = xasprintf ("%s:80 [%d]", name, family); + int ret = getaddrinfo (name, "80", &hints, &ai); + char *expected = format_expected (fqdn, family, format_gai); + check_addrinfo (query, ai, ret, expected); + if (ret == 0) + freeaddrinfo (ai); + free (expected); + free (query); +} + +static void +do_both (const char *name, const char *fqdn) +{ + do_get (name, fqdn, AF_INET); + do_get (name, fqdn, AF_INET6); + do_gai (name, fqdn, AF_INET); + do_gai (name, fqdn, AF_INET6); + do_gai (name, fqdn, AF_UNSPEC); +} + +static void +do_test_all (bool unconnectable_server) +{ + struct resolv_redirect_config config = + { + .response_callback = response, + .search = {"usersys.example.com", "corp.example.com", "example.com"}, + }; + struct resolv_test *obj = resolv_test_start (config); + + if (unconnectable_server) + { + /* 255.255.255.255 results in an immediate connect failure. The + next server will supply the answer instead. This is a + triggering condition for bug 19791. */ + _res.nsaddr_list[0].sin_addr.s_addr = -1; + _res.nsaddr_list[0].sin_port = htons (53); + } + + do_both ("file", "file.corp.example.com"); + do_both ("www", "www.example.com"); + do_both ("servfail-usersys", "servfail-usersys.corp.example.com"); + do_both ("servfail-corp", "servfail-corp.usersys.example.com"); + do_both ("large", "large.example.com"); + do_both ("large-servfail", "large-servfail.example.com"); + do_both ("file.corp", "file.corp"); + + /* Check that SERVFAIL and REFUSED responses do not alter the search + path resolution. */ + rcode_override_server_index = 0; + rcode_override = ns_r_servfail; + do_both ("hostname", "hostname.usersys.example.com"); + do_both ("large", "large.example.com"); + do_both ("large-servfail", "large-servfail.example.com"); + rcode_override = ns_r_refused; + do_both ("hostname", "hostname.usersys.example.com"); + do_both ("large", "large.example.com"); + do_both ("large-servfail", "large-servfail.example.com"); + /* Likewise, but with an NXDOMAIN for the first search path + entry. */ + rcode_override = ns_r_servfail; + do_both ("mail", "mail.corp.example.com"); + rcode_override = ns_r_refused; + do_both ("mail", "mail.corp.example.com"); + /* Likewise, but with ndots handling. */ + rcode_override = ns_r_servfail; + do_both ("file.corp", "file.corp"); + rcode_override = ns_r_refused; + do_both ("file.corp", "file.corp"); + + resolv_test_end (obj); +} + +static int +do_test (void) +{ + for (int unconnectable_server = 0; unconnectable_server < 2; + ++unconnectable_server) + do_test_all (unconnectable_server); + return 0; +} + +#include <support/test-driver.c> |