From: Otto Moerbeek Date: Mon, 23 Sep 2019 12:59:38 +0000 (+0200) Subject: Fix #8338: Issue with "zz" abbreviation for IPv6 RPZ triggers X-Git-Tag: dnsdist-1.4.0-rc3~7^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=301148e6d77e7cf8aed3b1b174bf6dbbeae7dc67;p=pdns Fix #8338: Issue with "zz" abbreviation for IPv6 RPZ triggers While there, add unittest for translating rpz names into netmasks --- diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am index 7cda549d8..65022d5aa 100644 --- a/pdns/recursordist/Makefile.am +++ b/pdns/recursordist/Makefile.am @@ -253,6 +253,8 @@ testrunner_SOURCES = \ recpacketcache.cc recpacketcache.hh \ recursor_cache.cc recursor_cache.hh \ responsestats.cc \ + rpzloader.cc rpzloader.hh \ + resolver.hh resolver.cc \ root-dnssec.hh \ secpoll.cc \ sillyrecords.cc \ @@ -281,6 +283,7 @@ testrunner_SOURCES = \ test-rcpgenerator_cc.cc \ test-recpacketcache_cc.cc \ test-recursorcache_cc.cc \ + test-rpzloader_cc.cc \ test-secpoll_cc.cc \ test-signers.cc \ test-syncres_cc.hh \ diff --git a/pdns/recursordist/test-rpzloader_cc.cc b/pdns/recursordist/test-rpzloader_cc.cc new file mode 100644 index 000000000..3b848fafd --- /dev/null +++ b/pdns/recursordist/test-rpzloader_cc.cc @@ -0,0 +1,42 @@ +#define BOOST_TEST_RPZ_LOADER +#define BOOST_TEST_RPZ_LOADER +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include "rpzloader.hh" +#include + +// Provide stubs for some symbols +bool g_logRPZChanges{false}; +ComboAddress getQueryLocalAddress(int family, uint16_t port) { + cerr << "getQueryLocalAddress() STUBBED IN TEST!" << endl; + BOOST_ASSERT(false); + return ComboAddress(); +} + +BOOST_AUTO_TEST_SUITE(rpzloader_cc) + +BOOST_AUTO_TEST_CASE(test_rpz_loader) { + + string tests[][2] = { + {"32.3.2.168.192", "192.168.2.3/32"}, + {"27.73.2.168.192", "192.168.2.73/27"}, + {"24.0.2.168.192", "192.168.2.0/24"}, + {"128.57.zz.1.0.db8.2001", "2001:db8:0:1::57/128"}, + {"48.zz.1.0.db8.2001", "2001:db8:0:1::/48"}, + {"128.5.C0A8.FFFF.0.1.0.db8.2001", "2001:db8:0:1:0:ffff:c0a8:5/128"}, + + {"21.0.248.44.5", "5.44.248.0/21"}, + {"64.0.0.0.0.0.1.0.0.", "0:0:1::/64"}, + {"64.zz.2.0.0", "0:0:2::/64"}, + {"80.0.0.0.1.0.0.0.0", "::1:0:0:0/80"}, + {"80.0.0.0.1.zz", "::1:0:0:0/80"}}; + + for (auto &test : tests) { + Netmask n = makeNetmaskFromRPZ(DNSName(test[0])); + BOOST_CHECK_EQUAL(n.toString(), test[1]); + } +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/pdns/rpzloader.cc b/pdns/rpzloader.cc index c4a908275..35a1903a9 100644 --- a/pdns/rpzloader.cc +++ b/pdns/rpzloader.cc @@ -9,7 +9,7 @@ #include "zoneparser-tng.hh" #include "threadname.hh" -static Netmask makeNetmaskFromRPZ(const DNSName& name) +Netmask makeNetmaskFromRPZ(const DNSName& name) { auto parts = name.getRawLabels(); /* @@ -46,14 +46,14 @@ static Netmask makeNetmaskFromRPZ(const DNSName& name) string v6; + if (parts[parts.size()-1] == "") { + v6 += ":"; + } for (uint8_t i = parts.size()-1 ; i > 0; i--) { v6 += parts[i]; - if (parts[i] == "" && i == 1 && i == parts.size()-1) - v6+= "::"; - if (parts[i] == "" && i != parts.size()-1) - v6+= ":"; - if (parts[i] != "" && i != 1) + if (i > 1 || (i == 1 && parts[i] == "")) { v6 += ":"; + } } v6 += "/" + parts[0]; diff --git a/pdns/rpzloader.hh b/pdns/rpzloader.hh index 7a2047a22..345a1e31e 100644 --- a/pdns/rpzloader.hh +++ b/pdns/rpzloader.hh @@ -39,4 +39,5 @@ struct rpzStats std::atomic d_serial; }; +Netmask makeNetmaskFromRPZ(const DNSName& name); shared_ptr getRPZZoneStats(const std::string& zone);