blob: 4645e133fda6b0c9fcd27a5958c64a4ae3cf34b8 [file] [log] [blame]
#!/usr/bin/perl
# (C) Sergey Kandaurov
# (C) Nginx, Inc.
# Tests for http resolver.
###############################################################################
use warnings;
use strict;
use Test::More;
use IO::Select;
BEGIN { use FindBin; chdir($FindBin::Bin); }
use lib 'lib';
use Test::Nginx qw/ :DEFAULT http_end /;
###############################################################################
select STDERR; $| = 1;
select STDOUT; $| = 1;
my $t = Test::Nginx->new()->has(qw/http proxy rewrite/);
$t->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
daemon off;
events {
}
http {
%%TEST_GLOBALS_HTTP%%
server {
listen 127.0.0.1:8080;
server_name localhost;
location / {
resolver 127.0.0.1:%%PORT_8981_UDP%%;
resolver_timeout 1s;
proxy_pass http://$host:%%PORT_8080%%/backend;
proxy_next_upstream http_504 timeout error;
proxy_intercept_errors on;
proxy_connect_timeout 1s;
error_page 504 502 /50x;
}
location /two {
resolver 127.0.0.1:%%PORT_8981_UDP%% 127.0.0.1:%%PORT_8982_UDP%%;
proxy_pass http://$host:%%PORT_8080%%/backend;
}
location /valid {
resolver 127.0.0.1:%%PORT_8981_UDP%% valid=5s;
proxy_pass http://$host:%%PORT_8080%%/backend;
}
location /case {
resolver 127.0.0.1:%%PORT_8981_UDP%%;
proxy_pass http://$http_x_name:%%PORT_8080%%/backend;
}
location /invalid {
proxy_pass http://$host:%%PORT_8080%%/backend;
}
location /long {
resolver 127.0.0.1:%%PORT_8981_UDP%%;
resolver_timeout 4s;
proxy_pass http://$host:%%PORT_8080%%/backend;
}
location /resend {
resolver 127.0.0.1:%%PORT_8981_UDP%%;
resolver_timeout 8s;
proxy_pass http://$host:%%PORT_8080%%/backend;
}
location /bad {
resolver 127.0.0.1:%%PORT_8984_UDP%%;
resolver_timeout 1s;
proxy_pass http://$host:%%PORT_8080%%/backend;
}
location /tcp {
resolver 127.0.0.1:%%PORT_8983_UDP%% 127.0.0.1:%%PORT_8982_UDP%%;
resolver_timeout 1s;
proxy_pass http://$host:%%PORT_8080%%/backend;
proxy_connect_timeout 1s;
add_header X-IP $upstream_addr;
error_page 504 502 /50x;
location /tcp2 {
resolver_timeout 8s;
proxy_pass http://$host:%%PORT_8080%%/backend;
}
}
location /backend {
return 200;
}
location /50x {
return 200 $upstream_addr;
}
}
}
EOF
$t->run_daemon(\&dns_daemon, port(8981), $t);
$t->run_daemon(\&dns_daemon, port(8982), $t);
$t->run_daemon(\&dns_daemon, port(8983), $t, tcp => 1);
$t->waitforfile($t->testdir . '/' . port(8983));
port(8983, socket => 1)->close();
$t->run_daemon(\&dns_daemon, port(8984), $t);
$t->run()->plan(38);
$t->waitforfile($t->testdir . '/' . port(8981));
$t->waitforfile($t->testdir . '/' . port(8982));
$t->waitforfile($t->testdir . '/' . port(8984));
###############################################################################
my $p0 = port(8080);
# schedule resend test, which takes about 5 seconds to complete
my $s = http_host_header('id.example.net', '/resend', start => 1);
my $fe = http_host_header('fe.example.net', '/resend', start => 1);
like(http_host_header('a.example.net', '/'), qr/200 OK/, 'A');
# ensure that resolver serves queries from cache in a case-insensitive manner
# we check this by marking 2nd and subsequent queries on backend with SERVFAIL
http_x_name_header('case.example.net', '/case');
like(http_x_name_header('CASE.example.net', '/case'), qr/200 OK/,
'A case-insensitive');
like(http_host_header('awide.example.net', '/'), qr/200 OK/, 'A uncompressed');
like(http_host_header('short.example.net', '/'), qr/502 Bad/,
'A short dns response');
like(http_host_header('nx.example.net', '/'), qr/502 Bad/, 'NXDOMAIN');
like(http_host_header('cname.example.net', '/'), qr/200 OK/, 'CNAME');
like(http_host_header('cname.example.net', '/'), qr/200 OK/,
'CNAME cached');
# CNAME + A combined answer
# demonstrates the name in answer section different from what is asked
like(http_host_header('cname_a.example.net', '/'), qr/200 OK/, 'CNAME + A');
# CNAME refers to non-existing A
like(http_host_header('cname2.example.net', '/'), qr/502 Bad/, 'CNAME bad');
like(http_host_header('long.example.net', '/'), qr/200 OK/, 'long label');
like(http_host_header('long2.example.net', '/'), qr/200 OK/, 'long name');
# take into account DNAME
like(http_host_header('alias.example.com', '/'), qr/200 OK/, 'DNAME');
# many A records in round robin
# nonexisting IPs enumerated with proxy_next_upstream
like(http_host_header('many.example.net', '/'),
qr/^127.0.0.20(1:$p0, 127.0.0.202:$p0|2:$p0, 127.0.0.201:$p0)$/m,
'A many');
like(http_host_header('many.example.net', '/'),
qr/^127.0.0.20(1:$p0, 127.0.0.202:$p0|2:$p0, 127.0.0.201:$p0)$/m,
'A many cached');
# tests for several resolvers specified in directive
# query bad ns, make sure that error responses are not cached
like(http_host_header('2.example.net', '/two'), qr/502 Bad/, 'two ns bad');
# now get correct response
like(http_host_header('2.example.net', '/two'), qr/200 OK/, 'two ns good');
# response is cached, actual request would get error
like(http_host_header('2.example.net', '/two'), qr/200 OK/, 'two ns cached');
# ttl tested with 1st req good and 2nd req bad
# send 1st request and cache its good response
like(http_host_header('ttl.example.net', '/'), qr/200 OK/, 'ttl');
# response is cached, actual request would get error
like(http_host_header('ttl.example.net', '/'), qr/200 OK/, 'ttl cached 1');
like(http_host_header('ttl.example.net', '/'), qr/200 OK/, 'ttl cached 2');
sleep 2;
# expired ttl causes nginx to make actual query
like(http_host_header('ttl.example.net', '/'), qr/502 Bad/, 'ttl expired');
# zero ttl prohibits response caching
like(http_host_header('ttl0.example.net', '/'), qr/200 OK/, 'zero ttl');
TODO: {
local $TODO = 'support for zero ttl';
like(http_host_header('ttl0.example.net', '/'), qr/502 Bad/,
'zero ttl not cached');
}
# "valid" parameter tested with 1st req good and 2nd req bad
# send 1st request and cache its good response
like(http_host_header('ttl.example.net', '/valid'), qr/200 OK/, 'valid');
# response is cached, actual request would get error
like(http_host_header('ttl.example.net', '/valid'), qr/200 OK/,
'valid cached 1');
like(http_host_header('ttl.example.net', '/valid'), qr/200 OK/,
'valid cached 2');
sleep 2;
# expired ttl is overridden with "valid" parameter
# response is taken from cache
like(http_host_header('ttl.example.net', '/valid'), qr/200 OK/,
'valid overrides ttl');
sleep 4;
# expired "valid" value causes nginx to make actual query
like(http_host_header('ttl.example.net', '/valid'), qr/502 Bad/,
'valid expired');
# Ensure that resolver respects expired CNAME in CNAME + A combined response.
# When ttl in CNAME is expired, the answer should not be served from cache.
# Catch this by returning SERVFAIL on the 2nd and subsequent queries.
http_host_header('cname_a_ttl2.example.net', '/');
sleep 2;
like(http_host_header('cname_a_ttl2.example.net', '/'), qr/502 Bad/,
'CNAME + A with expired CNAME ttl');
like(http_host_header('example.net', '/invalid'), qr/502 Bad/, 'no resolver');
like(http_end($s), qr/200 OK/, 'resend after malformed response');
like(http_end($fe), qr/200 OK/, 'resend after format error');
$s = http_get('/bad', start => 1);
my $s2 = http_get('/bad', start => 1);
http_end($s);
ok(http_end($s2), 'timeout handler on 2nd request');
like(http_host_header('fe_id.example.net', '/'), qr/502 Bad/, 'format error');
# several requests waiting on same name query
# 1st request aborts before name is resolved
# 2nd request completes on resolver timeout
$s = http_host_header('timeout.example.net', '/long', start => 1);
$s2 = http_host_header('timeout.example.net', '/long', start => 1);
select undef, undef, undef, 1.1;
close $s;
like(http_end($s2), qr/502 Bad/, 'timeout after aborted request');
# resend DNS query over TCP once UDP response came truncated
unlike(http_host_header('tcp.example.net', '/tcp'), qr/127.0.0.201/, 'tc');
like(http_host_header('tcp.example.net', '/tcp'), qr/X-IP: 127.0.0.1/, 'tcp');
like(http_host_header('tcp2.example.net', '/tcp2'), qr/X-IP: 127.0.0.1/,
'tcp with resend');
###############################################################################
sub http_host_header {
my ($host, $uri, %extra) = @_;
return http(<<EOF, %extra);
GET $uri HTTP/1.0
Host: $host
EOF
}
sub http_x_name_header {
my ($host, $uri) = @_;
return http(<<EOF);
GET $uri HTTP/1.0
X-Name: $host
EOF
}
###############################################################################
sub reply_handler {
my ($recv_data, $port, $state, %extra) = @_;
my (@name, @rdata);
use constant NOERROR => 0;
use constant FORMERR => 1;
use constant SERVFAIL => 2;
use constant NXDOMAIN => 3;
use constant A => 1;
use constant CNAME => 5;
use constant DNAME => 39;
use constant IN => 1;
# default values
my ($hdr, $rcode, $ttl) = (0x8180, NOERROR, 3600);
# decode name
my ($len, $offset) = (undef, 12);
while (1) {
$len = unpack("\@$offset C", $recv_data);
last if $len == 0;
$offset++;
push @name, unpack("\@$offset A$len", $recv_data);
$offset += $len;
}
$offset -= 1;
my ($id, $type, $class) = unpack("n x$offset n2", $recv_data);
my $name = join('.', @name);
if (($name eq 'a.example.net') || ($name eq 'alias.example.net')) {
if ($type == A || $type == CNAME) {
push @rdata, rd_addr($ttl, '127.0.0.1');
}
} elsif ($name eq 'fe.example.net' && $type == A) {
if (++$state->{fecnt} > 1) {
$rcode = FORMERR;
}
push @rdata, rd_addr($ttl, '127.0.0.1');
} elsif ($name eq 'fe_id.example.net' && $type == A) {
$id = 42;
$rcode = FORMERR;
} elsif ($name eq 'case.example.net' && $type == A) {
if (++$state->{casecnt} > 1) {
$rcode = SERVFAIL;
}
push @rdata, rd_addr($ttl, '127.0.0.1');
} elsif ($name eq 'id.example.net' && $type == A) {
if (++$state->{idcnt} == 1) {
$id++;
}
push @rdata, rd_addr($ttl, '127.0.0.1');
} elsif ($name eq 'awide.example.net' && $type == A) {
push @rdata, pack '(C/a*)3x n2N nC4',
('awide', 'example', 'net'), A, IN, $ttl,
4, (127, 0, 0, 1);
} elsif (($name eq 'many.example.net') && $type == A) {
$state->{manycnt}++;
if ($state->{manycnt} > 1) {
$rcode = SERVFAIL;
}
push @rdata, rd_addr($ttl, '127.0.0.201');
push @rdata, rd_addr($ttl, '127.0.0.202');
} elsif (($name eq 'short.example.net')) {
# zero length RDATA in DNS response
if ($type == A) {
push @rdata, rd_addr($ttl, '');
}
} elsif (($name eq 'alias.example.com')) {
# example.com. 3600 IN DNAME example.net.
my @dname = ('example', 'net');
my $rdlen = length(join '', @dname) + @dname + 1;
push @rdata, pack("n3N n(C/a*)* x", 0xc012, DNAME, IN, $ttl,
$rdlen, @dname);
# alias.example.com. 3600 IN CNAME alias.example.net.
push @rdata, pack("n3N nCa5n", 0xc00c, CNAME, IN, $ttl,
8, 5, 'alias', 0xc02f);
} elsif ($name eq 'cname.example.net') {
$state->{cnamecnt}++;
if ($state->{cnamecnt} > 2) {
$rcode = SERVFAIL;
}
push @rdata, pack("n3N nCa5n", 0xc00c, CNAME, IN, $ttl,
8, 5, 'alias', 0xc012);
} elsif ($name eq 'timeout.example.net') {
select undef, undef, undef, 2.1;
return;
} elsif ($name eq 'cname_a.example.net') {
push @rdata, pack("n3N nCa5n", 0xc00c, CNAME, IN, $ttl,
8, 5, 'alias', 0xc014);
# points to "alias" set in previous rdata
if ($type == A) {
push @rdata, pack('n3N nC4', 0xc031, A, IN, $ttl,
4, split(/\./, '127.0.0.1'));
}
} elsif ($name eq 'cname_a_ttl2.example.net' && $type == A) {
push @rdata, pack("n3N nCa18n", 0xc00c, CNAME, IN, 1,
21, 18, 'cname_a_ttl2_alias', 0xc019);
if (++$state->{cttl2cnt} >= 2) {
$rcode = SERVFAIL;
}
push @rdata, pack('n3N nC4', 0xc036, A, IN, $ttl,
4, split(/\./, '127.0.0.1'));
} elsif ($name eq 'cname_a_ttl_alias.example.net' && $type == A) {
push @rdata, rd_addr($ttl, '127.0.0.1');
} elsif ($name eq 'cname2.example.net') {
# points to non-existing A
push @rdata, pack("n3N nCa2n", 0xc00c, CNAME, IN, $ttl,
5, 2, 'nx', 0xc02f);
} elsif ($name eq 'long.example.net') {
push @rdata, pack("n3N nCA63x", 0xc00c, CNAME, IN, $ttl,
65, 63, 'a' x 63);
} elsif (($name eq 'a' x 63) && $type == A) {
push @rdata, rd_addr($ttl, '127.0.0.1');
} elsif ($name eq 'long2.example.net') {
push @rdata, pack("n3N n(CA63)4x", 0xc00c, CNAME, IN, $ttl, 257,
63, 'a' x 63, 63, 'a' x 63, 63, 'a' x 63, 63, 'a' x 63);
} elsif (($name eq 'a' x 63 . '.' . 'a' x 63 . '.' . 'a' x 63 . '.'
. 'a' x 63) && $type == A)
{
push @rdata, rd_addr($ttl, '127.0.0.1');
} elsif ($name eq 'ttl.example.net' && $type == A) {
$state->{ttlcnt}++;
if ($state->{ttlcnt} == 2 || $state->{ttlcnt} == 4) {
$rcode = SERVFAIL;
}
push @rdata, rd_addr(1, '127.0.0.1');
} elsif ($name eq 'ttl0.example.net' && $type == A) {
$state->{ttl0cnt}++;
if ($state->{ttl0cnt} == 2) {
$rcode = SERVFAIL;
}
push @rdata, rd_addr(0, '127.0.0.1');
} elsif ($name eq '2.example.net') {
if ($port == port(8981)) {
$state->{twocnt}++;
}
if ($state->{twocnt} & 1) {
$rcode = SERVFAIL;
}
if ($type == A) {
push @rdata, rd_addr($ttl, '127.0.0.1');
}
} elsif ($name =~ /tcp2?.example.net/) {
$rcode = FORMERR if $port == port(8982);
$hdr |= 0x0300 unless $extra{tcp};
push @rdata, rd_addr($ttl, $extra{tcp}
? '127.0.0.1' : '127.0.0.201') if $type == A;
}
$len = @name;
pack("n6 (C/a*)$len x n2", $id, $hdr | $rcode, 1, scalar @rdata,
0, 0, @name, $type, $class) . join('', @rdata);
}
sub rd_addr {
my ($ttl, $addr) = @_;
my $code = 'split(/\./, $addr)';
return pack 'n3N', 0xc00c, A, IN, $ttl if $addr eq '';
pack 'n3N nC4', 0xc00c, A, IN, $ttl, eval "scalar $code", eval($code);
}
sub dns_daemon {
my ($port, $t, %extra) = @_;
my ($data, $recv_data);
my $socket = IO::Socket::INET->new(
LocalAddr => '127.0.0.1',
LocalPort => $port,
Proto => 'udp',
)
or die "Can't create listening socket: $!\n";
my $sel = IO::Select->new($socket);
my $tcp = 0;
if ($extra{tcp}) {
$tcp = port(8983, socket => 1);
$sel->add($tcp);
}
local $SIG{PIPE} = 'IGNORE';
# track number of relevant queries
my %state = (
cnamecnt => 0,
twocnt => 0,
ttlcnt => 0,
ttl0cnt => 0,
cttlcnt => 0,
cttl2cnt => 0,
manycnt => 0,
casecnt => 0,
idcnt => 0,
fecnt => 0,
);
# signal we are ready
open my $fh, '>', $t->testdir() . '/' . $port;
close $fh;
while (my @ready = $sel->can_read) {
foreach my $fh (@ready) {
if ($tcp == $fh) {
my $new = $fh->accept;
$new->autoflush(1);
$sel->add($new);
} elsif ($socket == $fh) {
$fh->recv($recv_data, 65536);
$data = reply_handler($recv_data, $port,
\%state);
$fh->send($data);
} else {
$fh->recv($recv_data, 65536);
unless (length $recv_data) {
$sel->remove($fh);
$fh->close;
next;
}
again:
my $len = unpack("n", $recv_data);
$data = substr $recv_data, 2, $len;
$data = reply_handler($data, $port, \%state,
tcp => 1);
$data = pack("n", length $data) . $data;
$fh->send($data);
$recv_data = substr $recv_data, 2 + $len;
goto again if length $recv_data;
}
}
}
}
###############################################################################