Add safesearch test for dnsforward
This commit is contained in:
parent
3916f1073d
commit
d0f4f22e0d
@ -637,6 +637,7 @@ func (d *Dnsfilter) checkSafeSearch(host string) (Result, error) {
|
|||||||
return Result{}, err
|
return Result{}, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
res.IP = addrs[0]
|
||||||
// The next bug may occurs: LookupIP returns DNS64 mapped ipv4 address with zero-prefix
|
// The next bug may occurs: LookupIP returns DNS64 mapped ipv4 address with zero-prefix
|
||||||
for _, i := range addrs {
|
for _, i := range addrs {
|
||||||
if ipv4 := i.To4(); ipv4 != nil && len(i) == net.IPv6len {
|
if ipv4 := i.To4(); ipv4 != nil && len(i) == net.IPv6len {
|
||||||
@ -645,10 +646,6 @@ func (d *Dnsfilter) checkSafeSearch(host string) (Result, error) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if res.IP == nil || len(res.IP) == 0 {
|
|
||||||
res.IP = addrs[0]
|
|
||||||
}
|
|
||||||
|
|
||||||
// Cache result
|
// Cache result
|
||||||
err = safeSearchCache.Set(host, res)
|
err = safeSearchCache.Set(host, res)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -702,6 +702,8 @@ func TestSafeSearchCacheGoogle (t *testing.T) {
|
|||||||
t.Fatalf("SafeSearch is not enabled but there is an answer!")
|
t.Fatalf("SafeSearch is not enabled but there is an answer!")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Enable safesearch and check host
|
||||||
|
d.SafeSearchEnabled = true
|
||||||
|
|
||||||
// Let's lookup for safesearch domain
|
// Let's lookup for safesearch domain
|
||||||
safeDomain, ok := d.SafeSearchDomain(domain)
|
safeDomain, ok := d.SafeSearchDomain(domain)
|
||||||
@ -714,20 +716,13 @@ func TestSafeSearchCacheGoogle (t *testing.T) {
|
|||||||
t.Fatalf("Failed to lookup for %s", safeDomain)
|
t.Fatalf("Failed to lookup for %s", safeDomain)
|
||||||
}
|
}
|
||||||
|
|
||||||
var ip net.IP
|
ip := ips[0]
|
||||||
for _, i := range ips {
|
for _, i := range ips {
|
||||||
if len(i) == net.IPv6len && i.To4() != nil {
|
if len(i) == net.IPv6len && i.To4() != nil {
|
||||||
ip = i
|
ip = i
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ip == nil || len(ip) == 0 {
|
|
||||||
ip = ips[0]
|
|
||||||
}
|
|
||||||
|
|
||||||
// Enable safesearch and check host
|
|
||||||
d.SafeSearchEnabled = true
|
|
||||||
|
|
||||||
result, err = d.CheckHost(domain)
|
result, err = d.CheckHost(domain)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("CheckHost for safesearh domain %s failed cause %s", domain, err)
|
t.Fatalf("CheckHost for safesearh domain %s failed cause %s", domain, err)
|
||||||
|
@ -21,14 +21,14 @@ func TestServer(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// message over UDP
|
// message over UDP
|
||||||
req := createTestMessage()
|
req := createGoogleATestMessage()
|
||||||
addr := s.dnsProxy.Addr("udp")
|
addr := s.dnsProxy.Addr("udp")
|
||||||
client := dns.Client{Net: "udp"}
|
client := dns.Client{Net: "udp"}
|
||||||
reply, _, err := client.Exchange(req, addr.String())
|
reply, _, err := client.Exchange(req, addr.String())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("Couldn't talk to server %s: %s", addr, err)
|
t.Fatalf("Couldn't talk to server %s: %s", addr, err)
|
||||||
}
|
}
|
||||||
assertResponse(t, reply)
|
assertGoogleAResponse(t, reply)
|
||||||
|
|
||||||
// check query log and stats
|
// check query log and stats
|
||||||
log := s.GetQueryLog()
|
log := s.GetQueryLog()
|
||||||
@ -39,14 +39,14 @@ func TestServer(t *testing.T) {
|
|||||||
assert.Equal(t, 1, len(stats.Clients), "Top clients length")
|
assert.Equal(t, 1, len(stats.Clients), "Top clients length")
|
||||||
|
|
||||||
// message over TCP
|
// message over TCP
|
||||||
req = createTestMessage()
|
req = createGoogleATestMessage()
|
||||||
addr = s.dnsProxy.Addr("tcp")
|
addr = s.dnsProxy.Addr("tcp")
|
||||||
client = dns.Client{Net: "tcp"}
|
client = dns.Client{Net: "tcp"}
|
||||||
reply, _, err = client.Exchange(req, addr.String())
|
reply, _, err = client.Exchange(req, addr.String())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("Couldn't talk to server %s: %s", addr, err)
|
t.Fatalf("Couldn't talk to server %s: %s", addr, err)
|
||||||
}
|
}
|
||||||
assertResponse(t, reply)
|
assertGoogleAResponse(t, reply)
|
||||||
|
|
||||||
// check query log and stats again
|
// check query log and stats again
|
||||||
log = s.GetQueryLog()
|
log = s.GetQueryLog()
|
||||||
@ -63,6 +63,49 @@ func TestServer(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestSafeSearch(t *testing.T) {
|
||||||
|
s := createTestServer(t)
|
||||||
|
s.SafeSearchEnabled = true
|
||||||
|
defer removeDataDir(t)
|
||||||
|
err := s.Start(nil)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("Failed to start server: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Test safesearch for yandex. We already know safesearch ip
|
||||||
|
addr := s.dnsProxy.Addr("udp")
|
||||||
|
client := dns.Client{Net: "udp"}
|
||||||
|
yandexDomains := []string{"yandex.com.", "yandex.by.", "yandex.kz.", "yandex.ru.", "yandex.com."}
|
||||||
|
for _, host := range yandexDomains {
|
||||||
|
exchangeAndAssertResponse(t, client, addr, host, "213.180.193.56")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Let's lookup for google safesearch ip
|
||||||
|
ips, err := net.LookupIP("forcesafesearch.google.com")
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("Failed to lookup for forcesafesearch.google.com: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
ip := ips[0]
|
||||||
|
for _, i := range ips {
|
||||||
|
if len(i) == net.IPv6len && i.To4() != nil {
|
||||||
|
ip = i
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Test safeseacrh for google.
|
||||||
|
googleDomains := []string{"www.google.com.", "www.google.com.af.", "www.google.be.", "www.google.by."}
|
||||||
|
for _, host := range googleDomains {
|
||||||
|
exchangeAndAssertResponse(t, client, addr, host, ip.String())
|
||||||
|
}
|
||||||
|
|
||||||
|
err = s.Stop()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("Can not stopd server cause: %s", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestInvalidRequest(t *testing.T) {
|
func TestInvalidRequest(t *testing.T) {
|
||||||
s := createTestServer(t)
|
s := createTestServer(t)
|
||||||
defer removeDataDir(t)
|
defer removeDataDir(t)
|
||||||
@ -283,23 +326,40 @@ func removeDataDir(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func createTestMessage() *dns.Msg {
|
func exchangeAndAssertResponse(t *testing.T, client dns.Client, addr net.Addr, host, ip string) {
|
||||||
|
req := createTestMessage(host)
|
||||||
|
reply, _, err := client.Exchange(req, addr.String())
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("Couldn't talk to server %s: %s", addr, err)
|
||||||
|
}
|
||||||
|
assertResponse(t, reply, ip)
|
||||||
|
}
|
||||||
|
|
||||||
|
func createGoogleATestMessage() *dns.Msg {
|
||||||
|
return createTestMessage("google-public-dns-a.google.com.")
|
||||||
|
}
|
||||||
|
|
||||||
|
func createTestMessage(host string) *dns.Msg {
|
||||||
req := dns.Msg{}
|
req := dns.Msg{}
|
||||||
req.Id = dns.Id()
|
req.Id = dns.Id()
|
||||||
req.RecursionDesired = true
|
req.RecursionDesired = true
|
||||||
req.Question = []dns.Question{
|
req.Question = []dns.Question{
|
||||||
{Name: "google-public-dns-a.google.com.", Qtype: dns.TypeA, Qclass: dns.ClassINET},
|
{Name: host, Qtype: dns.TypeA, Qclass: dns.ClassINET},
|
||||||
}
|
}
|
||||||
return &req
|
return &req
|
||||||
}
|
}
|
||||||
|
|
||||||
func assertResponse(t *testing.T, reply *dns.Msg) {
|
func assertGoogleAResponse(t *testing.T, reply *dns.Msg) {
|
||||||
|
assertResponse(t, reply, "8.8.8.8")
|
||||||
|
}
|
||||||
|
|
||||||
|
func assertResponse(t *testing.T, reply *dns.Msg, ip string) {
|
||||||
if len(reply.Answer) != 1 {
|
if len(reply.Answer) != 1 {
|
||||||
t.Fatalf("DNS server returned reply with wrong number of answers - %d", len(reply.Answer))
|
t.Fatalf("DNS server returned reply with wrong number of answers - %d", len(reply.Answer))
|
||||||
}
|
}
|
||||||
if a, ok := reply.Answer[0].(*dns.A); ok {
|
if a, ok := reply.Answer[0].(*dns.A); ok {
|
||||||
if !net.IPv4(8, 8, 8, 8).Equal(a.A) {
|
if !net.ParseIP(ip).Equal(a.A) {
|
||||||
t.Fatalf("DNS server returned wrong answer instead of 8.8.8.8: %v", a.A)
|
t.Fatalf("DNS server returned wrong answer instead of %s: %v", ip, a.A)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
t.Fatalf("DNS server returned wrong answer type instead of A: %v", reply.Answer[0])
|
t.Fatalf("DNS server returned wrong answer type instead of A: %v", reply.Answer[0])
|
||||||
|
Loading…
Reference in New Issue
Block a user