plugin/cache/spoof_test.go

package cache

import (
	"context"
	"testing"

	"github.com/coredns/coredns/plugin"
	"github.com/coredns/coredns/plugin/pkg/dnstest"

	"github.com/coredns/coredns/plugin/test"
	"github.com/miekg/dns"
)

func TestSpoof(t *testing.T) {
	// Send query for example.org, get reply for example.net; should not be cached.
	c := New()
	c.Next = spoofHandler(true)

	req := new(dns.Msg)
	req.SetQuestion("example.org.", dns.TypeA)
	rec := dnstest.NewRecorder(&test.ResponseWriter{})

	c.ServeDNS(context.TODO(), rec, req)

	qname := rec.Msg.Question[0].Name
	if c.pcache.Len() != 0 {
		t.Errorf("Cached %s, while reply had %s", "example.org.", qname)
	}

	// qtype
	c.Next = spoofHandlerType()
	req.SetQuestion("example.org.", dns.TypeMX)

	c.ServeDNS(context.TODO(), rec, req)

	qtype := rec.Msg.Question[0].Qtype
	if c.pcache.Len() != 0 {
		t.Errorf("Cached %s type %d, while reply had %d", "example.org.", dns.TypeMX, qtype)
	}
}

func TestResponse(t *testing.T) {
	// Send query for example.org, get reply for example.net; should not be cached.
	c := New()
	c.Next = spoofHandler(false)

	req := new(dns.Msg)
	req.SetQuestion("example.net.", dns.TypeA)
	rec := dnstest.NewRecorder(&test.ResponseWriter{})

	c.ServeDNS(context.TODO(), rec, req)

	if c.pcache.Len() != 0 {
		t.Errorf("Cached %s, while reply had response set to %t", "example.net.", rec.Msg.Response)
	}
}

// spoofHandler is a fake plugin implementation which returns a single A records for example.org. The qname in the
// question section is set to example.NET (i.e. they *don't* match).
func spoofHandler(response bool) plugin.Handler {
	return plugin.HandlerFunc(func(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
		m := new(dns.Msg)
		m.SetQuestion("example.net.", dns.TypeA)
		m.Response = response
		m.Answer = []dns.RR{test.A("example.org. IN A 127.0.0.53")}
		w.WriteMsg(m)
		return dns.RcodeSuccess, nil
	})
}

// spoofHandlerType is a fake plugin implementation which returns a single MX records for example.org. The qtype in the
// question section is set to A.
func spoofHandlerType() plugin.Handler {
	return plugin.HandlerFunc(func(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
		m := new(dns.Msg)
		m.SetQuestion("example.org.", dns.TypeA)
		m.Response = true
		m.Answer = []dns.RR{test.MX("example.org. IN MX 10 mail.example.org.")}
		w.WriteMsg(m)
		return dns.RcodeSuccess, nil
	})
}
Fix dns-01-003 (#1634) * plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test 2018-03-25 17:11:10 +01:00			`package cache`

			`import (`
all: fix plugin import ordering (#1717) Got a bit messed up with stb lib "context" usage. 2018-04-22 08:34:35 +01:00			`"context"`
Fix dns-01-003 (#1634) * plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test 2018-03-25 17:11:10 +01:00			`"testing"`

			`"github.com/coredns/coredns/plugin"`
			`"github.com/coredns/coredns/plugin/pkg/dnstest"`

			`"github.com/coredns/coredns/plugin/test"`
			`"github.com/miekg/dns"`
			`)`

			`func TestSpoof(t *testing.T) {`
			`// Send query for example.org, get reply for example.net; should not be cached.`
			`c := New()`
request.Match check Response bit as well (#1775) * request.Match check Response bit as well We should check this bit and reject them as invalid. * Fix test 2018-05-09 12:35:42 +01:00			`c.Next = spoofHandler(true)`
Fix dns-01-003 (#1634) * plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test 2018-03-25 17:11:10 +01:00
			`req := new(dns.Msg)`
			`req.SetQuestion("example.org.", dns.TypeA)`
			`rec := dnstest.NewRecorder(&test.ResponseWriter{})`

			`c.ServeDNS(context.TODO(), rec, req)`

			`qname := rec.Msg.Question[0].Name`
			`if c.pcache.Len() != 0 {`
presubmit: Check errorf as well (#1845) Uppercase all these test errors as well. And extend the presubmit to check for these in the future. Also do a slightly smarter grep to only get t.<something>. as (because dump regexp) this also grep over non test files. 2018-06-02 19:48:39 +01:00			`t.Errorf("Cached %s, while reply had %s", "example.org.", qname)`
Fix dns-01-003 (#1634) * plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test 2018-03-25 17:11:10 +01:00			`}`

			`// qtype`
			`c.Next = spoofHandlerType()`
			`req.SetQuestion("example.org.", dns.TypeMX)`

			`c.ServeDNS(context.TODO(), rec, req)`

			`qtype := rec.Msg.Question[0].Qtype`
			`if c.pcache.Len() != 0 {`
presubmit: Check errorf as well (#1845) Uppercase all these test errors as well. And extend the presubmit to check for these in the future. Also do a slightly smarter grep to only get t.<something>. as (because dump regexp) this also grep over non test files. 2018-06-02 19:48:39 +01:00			`t.Errorf("Cached %s type %d, while reply had %d", "example.org.", dns.TypeMX, qtype)`
Fix dns-01-003 (#1634) * plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test 2018-03-25 17:11:10 +01:00			`}`
			`}`

request.Match check Response bit as well (#1775) * request.Match check Response bit as well We should check this bit and reject them as invalid. * Fix test 2018-05-09 12:35:42 +01:00			`func TestResponse(t *testing.T) {`
			`// Send query for example.org, get reply for example.net; should not be cached.`
			`c := New()`
			`c.Next = spoofHandler(false)`

			`req := new(dns.Msg)`
			`req.SetQuestion("example.net.", dns.TypeA)`
			`rec := dnstest.NewRecorder(&test.ResponseWriter{})`

			`c.ServeDNS(context.TODO(), rec, req)`

			`if c.pcache.Len() != 0 {`
presubmit: Check errorf as well (#1845) Uppercase all these test errors as well. And extend the presubmit to check for these in the future. Also do a slightly smarter grep to only get t.<something>. as (because dump regexp) this also grep over non test files. 2018-06-02 19:48:39 +01:00			`t.Errorf("Cached %s, while reply had response set to %t", "example.net.", rec.Msg.Response)`
request.Match check Response bit as well (#1775) * request.Match check Response bit as well We should check this bit and reject them as invalid. * Fix test 2018-05-09 12:35:42 +01:00			`}`
			`}`

Fix dns-01-003 (#1634) * plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test 2018-03-25 17:11:10 +01:00			`// spoofHandler is a fake plugin implementation which returns a single A records for example.org. The qname in the`
			`// question section is set to example.NET (i.e. they don't match).`
request.Match check Response bit as well (#1775) * request.Match check Response bit as well We should check this bit and reject them as invalid. * Fix test 2018-05-09 12:35:42 +01:00			`func spoofHandler(response bool) plugin.Handler {`
Fix dns-01-003 (#1634) * plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test 2018-03-25 17:11:10 +01:00			`return plugin.HandlerFunc(func(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {`
			`m := new(dns.Msg)`
			`m.SetQuestion("example.net.", dns.TypeA)`
request.Match check Response bit as well (#1775) * request.Match check Response bit as well We should check this bit and reject them as invalid. * Fix test 2018-05-09 12:35:42 +01:00			`m.Response = response`
Fix dns-01-003 (#1634) * plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test 2018-03-25 17:11:10 +01:00			`m.Answer = []dns.RR{test.A("example.org. IN A 127.0.0.53")}`
			`w.WriteMsg(m)`
			`return dns.RcodeSuccess, nil`
			`})`
			`}`

			`// spoofHandlerType is a fake plugin implementation which returns a single MX records for example.org. The qtype in the`
			`// question section is set to A.`
			`func spoofHandlerType() plugin.Handler {`
			`return plugin.HandlerFunc(func(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {`
			`m := new(dns.Msg)`
			`m.SetQuestion("example.org.", dns.TypeA)`
			`m.Response = true`
			`m.Answer = []dns.RR{test.MX("example.org. IN MX 10 mail.example.org.")}`
			`w.WriteMsg(m)`
			`return dns.RcodeSuccess, nil`
			`})`
			`}`