diff options
Diffstat (limited to 'src/test')
-rw-r--r-- | src/test/create_dnstap.c | 7 | ||||
-rw-r--r-- | src/test/print_dnstap.c | 20 | ||||
-rw-r--r-- | src/test/test3.gold | 12 | ||||
-rw-r--r-- | src/test/test4.gold | 10 | ||||
-rw-r--r-- | src/test/test5.gold | 10 | ||||
-rw-r--r-- | src/test/test_dnstap.c | 4 |
6 files changed, 60 insertions, 3 deletions
diff --git a/src/test/create_dnstap.c b/src/test/create_dnstap.c index 9fbd4a8..b1f00ff 100644 --- a/src/test/create_dnstap.c +++ b/src/test/create_dnstap.c @@ -12,6 +12,7 @@ static char dns_wire_format_placeholder[] = "dns_wire_format_placeholder"; static unsigned char query_address[sizeof(struct in_addr)]; static unsigned char response_address[sizeof(struct in_addr)]; +static char policy_value[] = "bad.ns.name"; static inline void create_dnstap(struct dnstap* d, const char* identity) { @@ -48,4 +49,10 @@ static inline void create_dnstap(struct dnstap* d, const char* identity) dnstap_message_set_query_message(*d, dns_wire_format_placeholder, sizeof(dns_wire_format_placeholder) - 1); dnstap_message_set_response_message(*d, dns_wire_format_placeholder, sizeof(dns_wire_format_placeholder) - 1); + + dnstap_message_use_policy(*d); + dnstap_message_policy_set_type(*d, "RPZ"); + dnstap_message_policy_set_action(*d, DNSTAP_POLICY_ACTION_DROP); + dnstap_message_policy_set_match(*d, DNSTAP_POLICY_MATCH_NS_NAME); + dnstap_message_policy_set_value(*d, policy_value, sizeof(policy_value) - 1); } diff --git a/src/test/print_dnstap.c b/src/test/print_dnstap.c index b758119..109677b 100644 --- a/src/test/print_dnstap.c +++ b/src/test/print_dnstap.c @@ -111,6 +111,26 @@ static void print_dnstap(const struct dnstap* d) printf(" response_message_length: %zu\n", dnstap_message_response_message_length(*d)); printf(" response_message: %s\n", printable_string(dnstap_message_response_message(*d), dnstap_message_response_message_length(*d))); } + + if (dnstap_message_has_policy(*d)) { + printf(" policy:\n"); + + if (dnstap_message_policy_has_type(*d)) { + printf(" type: %s\n", dnstap_message_policy_type(*d)); + } + if (dnstap_message_policy_has_rule(*d)) { + printf(" rule: %s\n", printable_string(dnstap_message_policy_rule(*d), dnstap_message_policy_rule_length(*d))); + } + if (dnstap_message_policy_has_action(*d)) { + printf(" action: %s\n", DNSTAP_POLICY_ACTION_STRING[dnstap_message_policy_action(*d)]); + } + if (dnstap_message_policy_has_match(*d)) { + printf(" match: %s\n", DNSTAP_POLICY_MATCH_STRING[dnstap_message_policy_match(*d)]); + } + if (dnstap_message_policy_has_value(*d)) { + printf(" value: %s\n", printable_string(dnstap_message_policy_value(*d), dnstap_message_policy_value_length(*d))); + } + } } printf("----\n"); diff --git a/src/test/test3.gold b/src/test/test3.gold index a6e5c22..c86c86d 100644 --- a/src/test/test3.gold +++ b/src/test/test3.gold @@ -1,4 +1,4 @@ -read 322 +read 370 ---- dnstap identity: writer_write-1 message: @@ -13,6 +13,11 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- ---- dnstap identity: writer_write-2 @@ -28,4 +33,9 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- diff --git a/src/test/test4.gold b/src/test/test4.gold index f6c9f7f..36523e4 100644 --- a/src/test/test4.gold +++ b/src/test/test4.gold @@ -12,6 +12,11 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- ---- dnstap identity: writer_pop-2 @@ -27,4 +32,9 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- diff --git a/src/test/test5.gold b/src/test/test5.gold index 86404aa..3042714 100644 --- a/src/test/test5.gold +++ b/src/test/test5.gold @@ -12,6 +12,11 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- ---- dnstap identity: writer_reader_unixsock-2 @@ -27,4 +32,9 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- diff --git a/src/test/test_dnstap.c b/src/test/test_dnstap.c index fd199f8..eec0049 100644 --- a/src/test/test_dnstap.c +++ b/src/test/test_dnstap.c @@ -27,7 +27,7 @@ int main(void) d.dnstap.type = (enum _Dnstap__Dnstap__Type)DNSTAP_TYPE_MESSAGE; // invalid message.type - d.message.type = (enum _Dnstap__Message__Type)(DNSTAP_MESSAGE_TYPE_TOOL_RESPONSE + 1); + d.message.type = (enum _Dnstap__Message__Type)(DNSTAP_MESSAGE_TYPE_UPDATE_RESPONSE + 1); s = dnstap_encode_protobuf_size(&d); assert(s < sizeof(buf)); assert(dnstap_encode_protobuf(&d, buf) == s); @@ -47,7 +47,7 @@ int main(void) d.message.socket_family = (enum _Dnstap__SocketFamily)DNSTAP_SOCKET_FAMILY_INET; // invalid message.socket_protocol - d.message.socket_protocol = (enum _Dnstap__SocketProtocol)(DNSTAP_SOCKET_PROTOCOL_TCP + 1); + d.message.socket_protocol = (enum _Dnstap__SocketProtocol)(DNSTAP_SOCKET_PROTOCOL_DNSCryptTCP + 1); s = dnstap_encode_protobuf_size(&d); assert(s < sizeof(buf)); assert(dnstap_encode_protobuf(&d, buf) == s); |