Fix #8338: Issue with "zz" abbreviation for IPv6 RPZ triggers

While there, add unittest for translating rpz names into netmasks

diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am
index 7cda549d87d88cc0835a3e6c0cb287eee0b12c28..65022d5aa740840b4068842bfb15d4930befdcdd 100644 (file)
--- a/pdns/recursordist/Makefile.am
+++ b/pdns/recursordist/Makefile.am
@@ -253,6 +253,8 @@ testrunner_SOURCES = \
        recpacketcache.cc recpacketcache.hh \
        recursor_cache.cc recursor_cache.hh \
        responsestats.cc \
+       rpzloader.cc rpzloader.hh \
+       resolver.hh resolver.cc \
        root-dnssec.hh \
        secpoll.cc \
        sillyrecords.cc \
@@ -281,6 +283,7 @@ testrunner_SOURCES = \
        test-rcpgenerator_cc.cc \
        test-recpacketcache_cc.cc \
        test-recursorcache_cc.cc \
+       test-rpzloader_cc.cc \
        test-secpoll_cc.cc \
        test-signers.cc \
        test-syncres_cc.hh \

diff --git a/pdns/recursordist/test-rpzloader_cc.cc b/pdns/recursordist/test-rpzloader_cc.cc
new file mode 100644 (file)
index 0000000..3b848fa
--- /dev/null
+++ b/pdns/recursordist/test-rpzloader_cc.cc
@@ -0,0 +1,42 @@
+#define BOOST_TEST_RPZ_LOADER
+#define BOOST_TEST_RPZ_LOADER
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "rpzloader.hh"
+#include <boost/test/unit_test.hpp>
+
+// Provide stubs for some symbols
+bool g_logRPZChanges{false};
+ComboAddress getQueryLocalAddress(int family, uint16_t port) {
+  cerr << "getQueryLocalAddress() STUBBED IN TEST!" << endl;
+  BOOST_ASSERT(false);
+  return ComboAddress();
+}
+
+BOOST_AUTO_TEST_SUITE(rpzloader_cc)
+
+BOOST_AUTO_TEST_CASE(test_rpz_loader) {
+
+  string tests[][2] = {
+      {"32.3.2.168.192", "192.168.2.3/32"},
+      {"27.73.2.168.192", "192.168.2.73/27"},
+      {"24.0.2.168.192", "192.168.2.0/24"},
+      {"128.57.zz.1.0.db8.2001", "2001:db8:0:1::57/128"},
+      {"48.zz.1.0.db8.2001", "2001:db8:0:1::/48"},
+      {"128.5.C0A8.FFFF.0.1.0.db8.2001", "2001:db8:0:1:0:ffff:c0a8:5/128"},
+
+      {"21.0.248.44.5", "5.44.248.0/21"},
+      {"64.0.0.0.0.0.1.0.0.", "0:0:1::/64"},
+      {"64.zz.2.0.0", "0:0:2::/64"},
+      {"80.0.0.0.1.0.0.0.0", "::1:0:0:0/80"},
+      {"80.0.0.0.1.zz", "::1:0:0:0/80"}};
+
+  for (auto &test : tests) {
+    Netmask n = makeNetmaskFromRPZ(DNSName(test[0]));
+    BOOST_CHECK_EQUAL(n.toString(), test[1]);
+  }
+}
+
+BOOST_AUTO_TEST_SUITE_END()

diff --git a/pdns/rpzloader.cc b/pdns/rpzloader.cc
index c4a908275d084067787f05588ed9fe673264c08f..35a1903a9df8caeb2de6ecac85ea362a0e4f2911 100644 (file)
--- a/pdns/rpzloader.cc
+++ b/pdns/rpzloader.cc
@@ -9,7 +9,7 @@
 #include "zoneparser-tng.hh"
 #include "threadname.hh"
 
-static Netmask makeNetmaskFromRPZ(const DNSName& name)
+Netmask makeNetmaskFromRPZ(const DNSName& name)
 {
   auto parts = name.getRawLabels();
   /*
@@ -46,14 +46,14 @@ static Netmask makeNetmaskFromRPZ(const DNSName& name)
 
   string v6;
 
+  if (parts[parts.size()-1] == "") {
+    v6 += ":";
+  }
   for (uint8_t i = parts.size()-1 ; i > 0; i--) {
     v6 += parts[i];
-    if (parts[i] == "" && i == 1 && i == parts.size()-1)
-        v6+= "::";
-    if (parts[i] == "" && i != parts.size()-1)
-        v6+= ":";
-    if (parts[i] != "" && i != 1)
+    if (i > 1 || (i == 1 && parts[i] == "")) {
       v6 += ":";
+    }
   }
   v6 += "/" + parts[0];
 

diff --git a/pdns/rpzloader.hh b/pdns/rpzloader.hh
index 7a2047a2269338e664df61619e9ad76725b871bd..345a1e31ee7f81b77672757c17039ef5a3159156 100644 (file)
--- a/pdns/rpzloader.hh
+++ b/pdns/rpzloader.hh
@@ -39,4 +39,5 @@ struct rpzStats
   std::atomic<uint32_t> d_serial;
 };
 
+Netmask makeNetmaskFromRPZ(const DNSName& name);
 shared_ptr<rpzStats> getRPZZoneStats(const std::string& zone);