diff options
| author |  Johnny Bergström <github@joonix.se>
| 2020-12-15 14:26:07 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-12-15 14:26:07 +0100 |
| commit | be955daa3738f91b112f72e64e836e23983851fc (patch) | |
| tree | 7805645f56a0e6874625d7e26e8a8e427a4a1850 /core/dnsserver/server_https_test.go | |
| parent | 6af47bac39b89ed029fadf43f56712b442408109 (diff) | |
| download | coredns-be955daa3738f91b112f72e64e836e23983851fc.tar.gz coredns-be955daa3738f91b112f72e64e836e23983851fc.tar.zst coredns-be955daa3738f91b112f72e64e836e23983851fc.zip | |
custom DoH request validation (#4329)
* custom DoH request validation
Signed-off-by: Johnny Bergström <johnny@klaudify.se>
* add comment and test
Signed-off-by: Johnny Bergström <johnny@klaudify.se>
* NewServerHTTPS comment typo
Signed-off-by: Johnny Bergström <johnny@klaudify.se>
Diffstat (limited to 'core/dnsserver/server_https_test.go')
| -rw-r--r-- | core/dnsserver/server_https_test.go | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/core/dnsserver/server_https_test.go b/core/dnsserver/server_https_test.go new file mode 100644 index 000000000..6663c1075 --- /dev/null +++ b/core/dnsserver/server_https_test.go @@ -0,0 +1,66 @@ +package dnsserver + +import ( + "bytes" + "crypto/tls" + "net/http" + "net/http/httptest" + "regexp" + "testing" + + "github.com/miekg/dns" +) + +var ( + validPath = regexp.MustCompile("^/(dns-query|(?P<uuid>[0-9a-f]+))$") + validator = func(r *http.Request) bool { return validPath.MatchString(r.URL.Path) } +) + +func testServerHTTPS(t *testing.T, path string, validator func(*http.Request) bool) *http.Response { + c := Config{ + Zone: "example.com.", + Transport: "https", + TLSConfig: &tls.Config{}, + ListenHosts: []string{"127.0.0.1"}, + Port: "443", + HTTPRequestValidateFunc: validator, + } + s, err := NewServerHTTPS("127.0.0.1:443", []*Config{&c}) + if err != nil { + t.Log(err) + t.Fatal("could not create HTTPS server") + } + m := new(dns.Msg) + m.SetQuestion("example.org.", dns.TypeDNSKEY) + buf, err := m.Pack() + if err != nil { + t.Fatal(err) + } + + r := httptest.NewRequest(http.MethodPost, path, bytes.NewReader(buf)) + w := httptest.NewRecorder() + s.ServeHTTP(w, r) + + return w.Result() +} + +func TestCustomHTTPRequestValidator(t *testing.T) { + testCases := map[string]struct { + path string + expected int + validator func(*http.Request) bool + }{ + "default": {"/dns-query", http.StatusOK, nil}, + "custom validator": {"/b10cada", http.StatusOK, validator}, + "no validator set": {"/adb10c", http.StatusNotFound, nil}, + "invalid path with validator": {"/helloworld", http.StatusNotFound, validator}, + } + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + res := testServerHTTPS(t, tc.path, tc.validator) + if res.StatusCode != tc.expected { + t.Error("unexpected HTTP code", res.StatusCode) + } + }) + } +} |