diff options
author | Linus Nordberg <linus@nordu.net> | 2016-04-06 10:07:48 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2016-04-07 16:06:12 +0200 |
commit | 03874b8eca8f065f6a1b133f06f19c0ff1d1494e (patch) | |
tree | 49ba20ad12e907270468353bc868742001086098 /src/dnssecport.erl | |
parent | b8d1f0175850fbbbb8e8f6e2cdab5438ab8a54b6 (diff) |
Add unit test for validation, from dnssecport:handle_call().
- The port now returns the RRset (DS, chain, trust root and all
RRSIG's). This in preparatino for when this data will be normalised.
- dnssecport decodes and encodes DNS data.
- v1 stores the DS RR in the leaf and the rest, including the DS
RRSIG, in the chain.
Diffstat (limited to 'src/dnssecport.erl')
-rw-r--r-- | src/dnssecport.erl | 113 |
1 files changed, 75 insertions, 38 deletions
diff --git a/src/dnssecport.erl b/src/dnssecport.erl index 804e727..02f919a 100644 --- a/src/dnssecport.erl +++ b/src/dnssecport.erl @@ -4,7 +4,7 @@ -module(dnssecport). -behaviour(gen_server). -export([start_link/0, stop/0]). --export([validate/2]). +-export([validate/1]). %% gen_server callbacks. -export([init/1, handle_call/3, terminate/2, handle_cast/2, handle_info/2, code_change/3]). @@ -18,36 +18,40 @@ start_link() -> stop() -> gen_server:call(?MODULE, stop). -validate(ValidateRR, SupportRRs) -> - gen_server:call(?MODULE, {validate, [ValidateRR, SupportRRs]}). +validate(Data) -> + gen_server:call(?MODULE, {validate, Data}). -record(state, {port :: port()}). init(Program) -> lager:debug("starting dnssec service"), - Port = create_port(Program, []), % TODO: Pass path to dir with trust root. + Port = create_port(Program, []), % TODO: Pass path to trust root file. {ok, #state{port = Port}}. +decode_response(Response) -> + <<Status:16/integer, RRSet/binary>> = Response, + {ok, Status, dns:split_rrset(RRSet)}. + handle_call(stop, _From, State) -> lager:debug("dnssec stop request received"), stop_port(State); -handle_call({validate, [ValidateRR, SupportRRs]}, _From, State) -> - lager:debug("dnssec validate incoming request: ~p", [ValidateRR]), +handle_call({validate, Data}, _From, State) -> case State#state.port of undefined -> {error, noport}; Port when is_port(Port) -> - S = list_to_binary(SupportRRs), - Port ! {self(), {command, <<ValidateRR/binary, S/binary>>}}, + Port ! {self(), {command, dns:encode_rrset(Data)}}, receive {Port, {data, Response}} -> - lager:debug("received response from dnssec port: ~p", - [Response]), - case Response of - "valid" -> - {reply, ok, State}; - Err -> - {reply, {error, Err}, State} + case decode_response(list_to_binary(Response)) of + {ok, 400, [DS | Chain]} -> + {reply, + {ok, [dns:encode_rr(DS) | dns:encode_rrset(Chain)]}, + State}; + {ok, Error, _} -> + {reply, {error, Error}, State}; + {error, Reason} -> + {stop, {protocolerror, Reason}, State} end; {Port, {exit_status, ExitStatus}} -> lager:error("dnssec port ~p exiting with status ~p", @@ -97,34 +101,67 @@ stop_port(State) -> %%%%%%%%%%%%%%%%%%%% %% Unit tests. -start_test_port(TestType) -> - Port = create_port("priv/dnssecport", ["--testmode", atom_to_list(TestType)]), - ?debugFmt("Port: ~p", [Port]), - Port. +-define(TA_FILE, "test/testdata/dnssec/trust_anchors"). +-define(REQ1_FILE, "test/testdata/dnssec/req.1"). + +start_test_port() -> + create_port("priv/dnssecport", [?TA_FILE]). + stop_test_port(Port) -> {stop, closed, _State} = stop_port(#state{port = Port}), ok. -err_test_() -> - {setup, - fun() -> start_test_port(err) end, - fun(Port) -> stop_test_port(Port) end, - fun(Port) -> - R = handle_call({validate, [<<"invalid-DS">>, []]}, - self(), #state{port = Port}), - [ - ?_assertMatch({reply, {error, "err"}, _State}, R) - ] - end}. +read_submission_from_file(Filename) -> + {ok, Data} = file:read_file(Filename), + dns:split_rrset(Data). + +read_dec_enc_test_() -> + DecodedRRset = read_submission_from_file(?REQ1_FILE), + {ok, FileContent} = file:read_file(?REQ1_FILE), + [?_assertEqual(FileContent, dns:encode_rrset(DecodedRRset))]. -ok_test_() -> +full_test_() -> {setup, - fun() -> start_test_port(ok) end, - fun(Port) -> stop_test_port(Port) end, - fun(Port) -> - R = handle_call({validate, [<<"invalid-DS">>, []]}, + fun() -> + start_test_port() end, + fun(Port) -> + stop_test_port(Port) end, + fun(Port) -> + R = handle_call({validate, read_submission_from_file(?REQ1_FILE)}, self(), #state{port = Port}), [ - ?_assertMatch({reply, ok, _State}, R) - ] - end}. + ?_assertMatch({reply, {ok, _}, _State}, R) + ] end + }. + +%% start_test_port(TestType) -> +%% Port = create_port("priv/dnssecport", ["--testmode", atom_to_list(TestType)]), +%% ?debugFmt("Port: ~p", [Port]), +%% Port. +%% stop_test_port(Port) -> +%% {stop, closed, _State} = stop_port(#state{port = Port}), +%% ok. + +%% err_test_() -> +%% {setup, +%% fun() -> start_test_port(err) end, +%% fun(Port) -> stop_test_port(Port) end, +%% fun(Port) -> +%% R = handle_call({validate, [<<"invalid-DS">>, []]}, +%% self(), #state{port = Port}), +%% [ +%% ?_assertMatch({reply, {error, "err"}, _State}, R) +%% ] +%% end}. + +%% ok_test_() -> +%% {setup, +%% fun() -> start_test_port(ok) end, +%% fun(Port) -> stop_test_port(Port) end, +%% fun(Port) -> +%% R = handle_call({validate, [<<"invalid-DS">>, []]}, +%% self(), #state{port = Port}), +%% [ +%% ?_assertMatch({reply, ok, _State}, R) +%% ] +%% end}. |