request/writer_test.go

package request

import (
	"crypto/tls"
	"fmt"
	"testing"

	"github.com/coredns/coredns/plugin/test"

	"github.com/miekg/dns"
)

// mockResponseWriter implements dns.ResponseWriter interface for testing
type mockResponseWriter struct {
	test.ResponseWriter
	lastMsg *dns.Msg
}

func (m *mockResponseWriter) WriteMsg(msg *dns.Msg) error {
	m.lastMsg = msg
	return nil
}

// connStateResponseWriter implements both dns.ResponseWriter and
// dns.ConnectionStater for testing forwarding through ScrubWriter.
type connStateResponseWriter struct {
	test.ResponseWriter
	state *tls.ConnectionState
}

func (c *connStateResponseWriter) ConnectionState() *tls.ConnectionState { return c.state }

func TestScrubWriter(t *testing.T) {
	req := new(dns.Msg)
	req.SetQuestion("example.com.", dns.TypeA)
	req.SetEdns0(4096, true)

	mock := &mockResponseWriter{}
	sw := NewScrubWriter(req, mock)

	// Create a large response message
	resp := new(dns.Msg)
	resp.SetReply(req)

	// Add a lot of records to make it large
	for i := 1; i < 100; i++ {
		resp.Answer = append(resp.Answer, test.A(
			fmt.Sprintf("example.com. 10 IN A 10.0.0.%d", i)))
	}

	// Write the message through ScrubWriter
	err := sw.WriteMsg(resp)
	if err != nil {
		t.Errorf("Expected no error, got: %v", err)
	}

	// Verify that ScrubWriter called methods properly
	if mock.lastMsg == nil {
		t.Fatalf("Expected WriteMsg to be called with a message")
	}
}

func TestScrubWriterConnectionStateForwarded(t *testing.T) {
	want := &tls.ConnectionState{ServerName: "example.test"}
	inner := &connStateResponseWriter{state: want}

	sw := NewScrubWriter(new(dns.Msg), inner)

	cs, ok := dns.ResponseWriter(sw).(dns.ConnectionStater)
	if !ok {
		t.Fatal("ScrubWriter does not satisfy dns.ConnectionStater")
	}
	if got := cs.ConnectionState(); got != want {
		t.Errorf("ConnectionState() = %v, want %v", got, want)
	}
}

func TestScrubWriterConnectionStateNilWhenUnsupported(t *testing.T) {
	sw := NewScrubWriter(new(dns.Msg), &mockResponseWriter{})

	if got := sw.ConnectionState(); got != nil {
		t.Errorf("ConnectionState() = %v, want nil when wrapped writer is not a ConnectionStater", got)
	}
}
test(request): improve coverage across package (#7307) Add tests for previously untested functions: - edns0.go: test supportedOptions function - request.go: test address methods, protocol handling, and EDNS0 options - writer.go: test ScrubWriter implementation Improves overall package test coverage from 39.5% to 77.8%. Signed-off-by: Ville Vesilehto <ville@vesilehto.fi> 2025-05-19 21:23:58 +03:00			`package request`

			`import (`
feat(core): expose TLS ConnectionState (SNI) for DoQ (#8129) DoQWriter previously stored only the QUIC stream, so plugins reading TLS state via dns.ConnectionStater (e.g. for SNI-based routing or auditing) could not see anything for DoQ connections, even though the underlying QUIC connection carries a full tls.ConnectionState. This change adds a quic.Conn reference to DoQWriter and wires it in serveQUICStream. It implements dns.ConnectionStater on DoQWriter, returning the TLS state from the underlying QUIC connection (mirrors the DoT behavior that miekg/dns already provides for *tls.Conn) Forwards ConnectionState through request.ScrubWriter, which wraps every response writer before the plugin chain runs; the embedded dns.ResponseWriter interface does not promote ConnectionState (it belongs to a separate interface), so without this plugins would still see nil for both DoQ and DoT Signed-off-by: Nicholas Amorim <nicholas@santos.ee> 2026-05-29 01:45:48 +03:00			`"crypto/tls"`
test(request): improve coverage across package (#7307) Add tests for previously untested functions: - edns0.go: test supportedOptions function - request.go: test address methods, protocol handling, and EDNS0 options - writer.go: test ScrubWriter implementation Improves overall package test coverage from 39.5% to 77.8%. Signed-off-by: Ville Vesilehto <ville@vesilehto.fi> 2025-05-19 21:23:58 +03:00			`"fmt"`
			`"testing"`

			`"github.com/coredns/coredns/plugin/test"`

			`"github.com/miekg/dns"`
			`)`

			`// mockResponseWriter implements dns.ResponseWriter interface for testing`
			`type mockResponseWriter struct {`
			`test.ResponseWriter`
			`lastMsg *dns.Msg`
			`}`

			`func (m mockResponseWriter) WriteMsg(msg dns.Msg) error {`
			`m.lastMsg = msg`
			`return nil`
			`}`

feat(core): expose TLS ConnectionState (SNI) for DoQ (#8129) DoQWriter previously stored only the QUIC stream, so plugins reading TLS state via dns.ConnectionStater (e.g. for SNI-based routing or auditing) could not see anything for DoQ connections, even though the underlying QUIC connection carries a full tls.ConnectionState. This change adds a quic.Conn reference to DoQWriter and wires it in serveQUICStream. It implements dns.ConnectionStater on DoQWriter, returning the TLS state from the underlying QUIC connection (mirrors the DoT behavior that miekg/dns already provides for *tls.Conn) Forwards ConnectionState through request.ScrubWriter, which wraps every response writer before the plugin chain runs; the embedded dns.ResponseWriter interface does not promote ConnectionState (it belongs to a separate interface), so without this plugins would still see nil for both DoQ and DoT Signed-off-by: Nicholas Amorim <nicholas@santos.ee> 2026-05-29 01:45:48 +03:00			`// connStateResponseWriter implements both dns.ResponseWriter and`
			`// dns.ConnectionStater for testing forwarding through ScrubWriter.`
			`type connStateResponseWriter struct {`
			`test.ResponseWriter`
			`state *tls.ConnectionState`
			`}`

			`func (c connStateResponseWriter) ConnectionState() tls.ConnectionState { return c.state }`

test(request): improve coverage across package (#7307) Add tests for previously untested functions: - edns0.go: test supportedOptions function - request.go: test address methods, protocol handling, and EDNS0 options - writer.go: test ScrubWriter implementation Improves overall package test coverage from 39.5% to 77.8%. Signed-off-by: Ville Vesilehto <ville@vesilehto.fi> 2025-05-19 21:23:58 +03:00			`func TestScrubWriter(t *testing.T) {`
			`req := new(dns.Msg)`
			`req.SetQuestion("example.com.", dns.TypeA)`
			`req.SetEdns0(4096, true)`

			`mock := &mockResponseWriter{}`
			`sw := NewScrubWriter(req, mock)`

			`// Create a large response message`
			`resp := new(dns.Msg)`
			`resp.SetReply(req)`

			`// Add a lot of records to make it large`
			`for i := 1; i < 100; i++ {`
			`resp.Answer = append(resp.Answer, test.A(`
			`fmt.Sprintf("example.com. 10 IN A 10.0.0.%d", i)))`
			`}`

			`// Write the message through ScrubWriter`
			`err := sw.WriteMsg(resp)`
			`if err != nil {`
			`t.Errorf("Expected no error, got: %v", err)`
			`}`

			`// Verify that ScrubWriter called methods properly`
			`if mock.lastMsg == nil {`
			`t.Fatalf("Expected WriteMsg to be called with a message")`
			`}`
			`}`
feat(core): expose TLS ConnectionState (SNI) for DoQ (#8129) DoQWriter previously stored only the QUIC stream, so plugins reading TLS state via dns.ConnectionStater (e.g. for SNI-based routing or auditing) could not see anything for DoQ connections, even though the underlying QUIC connection carries a full tls.ConnectionState. This change adds a quic.Conn reference to DoQWriter and wires it in serveQUICStream. It implements dns.ConnectionStater on DoQWriter, returning the TLS state from the underlying QUIC connection (mirrors the DoT behavior that miekg/dns already provides for *tls.Conn) Forwards ConnectionState through request.ScrubWriter, which wraps every response writer before the plugin chain runs; the embedded dns.ResponseWriter interface does not promote ConnectionState (it belongs to a separate interface), so without this plugins would still see nil for both DoQ and DoT Signed-off-by: Nicholas Amorim <nicholas@santos.ee> 2026-05-29 01:45:48 +03:00
			`func TestScrubWriterConnectionStateForwarded(t *testing.T) {`
			`want := &tls.ConnectionState{ServerName: "example.test"}`
			`inner := &connStateResponseWriter{state: want}`

			`sw := NewScrubWriter(new(dns.Msg), inner)`

			`cs, ok := dns.ResponseWriter(sw).(dns.ConnectionStater)`
			`if !ok {`
			`t.Fatal("ScrubWriter does not satisfy dns.ConnectionStater")`
			`}`
			`if got := cs.ConnectionState(); got != want {`
			`t.Errorf("ConnectionState() = %v, want %v", got, want)`
			`}`
			`}`

			`func TestScrubWriterConnectionStateNilWhenUnsupported(t *testing.T) {`
			`sw := NewScrubWriter(new(dns.Msg), &mockResponseWriter{})`

			`if got := sw.ConnectionState(); got != nil {`
			`t.Errorf("ConnectionState() = %v, want nil when wrapped writer is not a ConnectionStater", got)`
			`}`
			`}`