dnstap io, add reconnect test.

2024-09-21 14:47:09 +00:00 · 2020-01-30 15:13:25 +01:00 · 2020-01-30 15:13:25 +01:00 · dd1b35412f
commit dd1b35412f
parent 8aa338ba2d
11 changed files with 300 additions and 0 deletions
--- a/testdata/dnstap.tdir/dnstap.test
+++ b/testdata/dnstap.tdir/dnstap.test
@ -4,6 +4,7 @@
 # use .tpkg.var.test for in test variable passing
 [ -f .tpkg.var.test ] && source .tpkg.var.test

+. ../common.sh
 PRE="../.."
 if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi

--- a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.conf
+++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.conf
@ -0,0 +1,40 @@
+server:
+	verbosity: 2
+	num-threads: 1
+	outgoing-range: 16
+	interface: 127.0.0.1
+	port: @PORT@
+	use-syslog: no
+	directory: ""
+	pidfile: "unbound.pid"
+	chroot: ""
+	username: ""
+	do-not-query-localhost: no
+	local-zone: "example.net." redirect
+	local-data: "example.net. IN A 10.20.30.41"
+remote-control:
+	control-enable: yes
+	control-interface: 127.0.0.1
+	# control-interface: ::1
+	control-port: @CONTROL_PORT@
+	server-key-file: "unbound_server.key"
+	server-cert-file: "unbound_server.pem"
+	control-key-file: "unbound_control.key"
+	control-cert-file: "unbound_control.pem"
+forward-zone:
+	name: "."
+	forward-addr: "127.0.0.1@@TOPORT@"
+dnstap:
+	dnstap-enable: yes 
+	dnstap-socket-path: "dnstap.socket"
+	dnstap-send-identity: yes
+	dnstap-send-version: yes
+	#dnstap-identity
+	#dnstap-version
+	dnstap-log-resolver-query-messages: yes
+	dnstap-log-resolver-response-messages: yes
+	dnstap-log-client-query-messages: yes
+	dnstap-log-client-response-messages: yes
+	dnstap-log-forwarder-query-messages: yes
+	dnstap-log-forwarder-response-messages: yes
+
--- a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.dsc
+++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.dsc
@ -0,0 +1,16 @@
+BaseName: dnstap_reconnect
+Version: 1.0
+Description: test dnstap reconnect
+CreationDate: Tue Jan 21 13:00:38 CET 2020
+Maintainer: dr. W.C.A. Wijngaards
+Category: 
+Component:
+CmdDepends: 
+Depends: 
+Help:
+Pre: dnstap_reconnect.pre
+Post: dnstap_reconnect.post
+Test: dnstap_reconnect.test
+AuxFiles: 
+Passed:
+Failure:
--- a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post
+++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post
@ -0,0 +1,16 @@
+# #-- dnstap_reconnect.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+PRE="../.."
+if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi
+kill_pid $DNSTAP_SOCKET_PID
+kill_pid $FWD_PID
+kill $UNBOUND_PID
+kill $UNBOUND_PID >/dev/null 2>&1
+cat unbound.log
+exit 0
--- a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.pre
+++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.pre
@ -0,0 +1,55 @@
+# #-- dnstap_reconnect.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+
+PRE="../.."
+if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi
+
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+CONTROL_PORT=$(($RND_PORT + 2))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT dnstap_reconnect.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# start the dnstap log server
+# the -vvvv flag prints protocol and connection information from the
+# unbound-dnstap-socket server.
+# the -l flag prints the DNS info in the DNSTAP packet in multiline output.
+# stderr is the '-vvvv' server logs and errors.
+# stdout is the one-line packet logs (or with -l, multiline).
+$PRE/unbound-dnstap-socket -u dnstap.socket -l -vvvv 2>tap.errlog >tap.log &
+if test $? -ne 0; then
+	echo "could not start unbound-dnstap-socket server"
+	exit 1
+fi
+DNSTAP_SOCKET_PID=$!
+echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test
+# wait for the server to go up and make the dnstap.socket file
+wait_server_up "tap.errlog" "creating unix socket"
+if test ! -S dnstap.socket; then 
+	echo "the dnstap.socket file does not exist!"
+fi
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < dnstap_reconnect.conf > ub.conf
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.test
+++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.test
@ -0,0 +1,98 @@
+# #-- dnstap_reconnect.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+PRE="../.."
+if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi
+
+# test if the server is up.
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+	echo "OK"
+else
+	echo "> cat logfiles"
+	cat tap.log
+	cat tap.errlog
+	cat fwd.log
+	cat unbound.log
+	echo "Not OK"
+	exit 1
+fi
+
+echo "> check tap.log for dnstap info"
+# see if it logged the information in tap.log
+# wait for a moment for filesystem to catch up.
+if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi
+if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi
+if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi
+if grep "www.example.com" tap.log >/dev/null; then :; else sleep 10; fi
+if grep "www.example.com" tap.log; then echo "yes it is in tap.log";
+else
+	echo "information not in tap.log"
+	echo "failed"
+	echo "> cat logfiles"
+	cat tap.log
+	cat tap.errlog
+	cat fwd.log
+	cat unbound.log
+	echo "Not OK"
+	exit 1
+fi
+
+echo ""
+echo "> test disconnect from the upstream server"
+
+kill_pid $DNSTAP_SOCKET_PID
+dig @127.0.0.1 -p $UNBOUND_PORT down.example.net.
+
+# bring log socket back up
+$PRE/unbound-dnstap-socket -u dnstap.socket -l -vvvv 2>tap2.errlog >tap2.log &
+if test $? -ne 0; then
+	echo "could not start (again) unbound-dnstap-socket server"
+	exit 1
+fi
+DNSTAP_SOCKET_PID=$!
+echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test
+# wait for the server to go up and make the dnstap.socket file
+wait_server_up "tap2.errlog" "creating unix socket"
+
+dig @127.0.0.1 -p $UNBOUND_PORT up.example.net.
+sleep 2
+dig @127.0.0.1 -p $UNBOUND_PORT up2.example.net.
+
+for x in down up up2; do
+	if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi
+	if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi
+	if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi
+	if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 10; fi
+	if grep "$x.example.net" tap2.log; then echo "yes it is in tap2.log";
+	else
+		echo "$x.example.net. information not in tap2.log"
+		echo "failed"
+		echo "> cat logfiles"
+		cat tap.log
+		cat tap.errlog
+		echo "> tap2 logfiles"
+		cat tap2.log
+		cat tap2.errlog
+		cat fwd.log
+		cat unbound.log
+		echo "Not OK"
+		exit 1
+	fi
+done
+
+echo "> cat logfiles"
+cat tap.log
+cat tap.errlog
+echo "> tap2 logfiles"
+cat tap2.log
+cat tap2.errlog
+cat fwd.log
+echo "> OK"
+exit 0
--- a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.testns
+++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.testns
@ -0,0 +1,22 @@
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www	IN	A
+SECTION ANSWER
+www	IN	A	10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA SERVFAIL
+ADJUST copy_id
+SECTION QUESTION
+www.example.net.	IN	A
+ENTRY_END
+
--- a/testdata/dnstap_reconnect.tdir/unbound_control.key
+++ b/testdata/dnstap_reconnect.tdir/unbound_control.key
@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa
+rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH
+ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB
+AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z
+WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG
+DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr
+4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m
+Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr
+p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg
+P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+
+aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe
+YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9
+DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE=
+-----END RSA PRIVATE KEY-----
--- a/testdata/dnstap_reconnect.tdir/unbound_control.pem
+++ b/testdata/dnstap_reconnect.tdir/unbound_control.pem
@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD
+6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3
+qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US
+J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B
+9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC
+iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq
+-----END CERTIFICATE-----
--- a/testdata/dnstap_reconnect.tdir/unbound_server.key
+++ b/testdata/dnstap_reconnect.tdir/unbound_server.key
@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA
+3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s
+RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB
+AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS
+6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds
+sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi
+XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3
+fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL
+CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP
+0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2
+oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l
+In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S
+LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg==
+-----END RSA PRIVATE KEY-----
--- a/testdata/dnstap_reconnect.tdir/unbound_server.pem
+++ b/testdata/dnstap_reconnect.tdir/unbound_server.pem
@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS
+y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/
+/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu
+g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ
+9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG
+l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH
+Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg==
+-----END CERTIFICATE-----