malcontent-dns-parental-con.../tests/common.rs

// SPDX-FileCopyrightText: 2022 Matteo Settenvini <matteo.settenvini@montecristosoftware.eu>
// SPDX-License-Identifier: GPL-3.0-or-later

#![allow(non_upper_case_globals)]
#![allow(non_camel_case_types)]
#![allow(non_snake_case)]
#![allow(dead_code)]

include!(concat!(env!("OUT_DIR"), "/bindings.rs"));
include!(concat!(env!("CARGO_MANIFEST_DIR"), "/src/constants.rs"));

use {
    anyhow::{anyhow, bail, ensure, Result},
    futures_util::TryStreamExt,
    libc::{freeaddrinfo, gai_strerror, getaddrinfo},
    nix::sys::socket::{SockaddrLike as _, SockaddrStorage},
    nix::unistd::Uid,
    std::collections::HashMap,
    std::env,
    std::ffi::{CStr, CString},
    std::net::{IpAddr, Ipv4Addr, Ipv6Addr},
    std::path::PathBuf,
    std::process::Command,
    std::str::FromStr,
    std::sync::Once,
    tokio::task,
    tokio::task::JoinHandle,
};

// Adapted from rusty_forkfork (which inherits it from rusty_fork)
// to allow a custom pre-fork function
#[macro_export]
macro_rules! fork_test {
    (#![rusty_fork(timeout_ms = $timeout:expr)]
     $(
         $(#[$meta:meta])*
         fn $test_name:ident() $(-> $ret:ty)? $body:block
    )*) => { $(
        $(#[$meta])*
        fn $test_name() {
            // Eagerly convert everything to function pointers so that all
            // tests use the same instantiation of `fork`.
            fn body_fn() $(-> $ret)? $body
            let body: fn () $(-> $ret)? = body_fn;

            fn supervise_fn(child: &mut rusty_forkfork::ChildWrapper,
                            _file: &mut ::std::fs::File) {
                rusty_forkfork::fork_test::supervise_child(child, $timeout)
            }
            let supervise:
                fn (&mut rusty_forkfork::ChildWrapper, &mut ::std::fs::File) =
                supervise_fn;

            rusty_forkfork::fork(
                rusty_forkfork::rusty_fork_test_name!($test_name),
                rusty_forkfork::rusty_fork_id!(),
                $crate::common::prefork_setup,
                supervise, body).expect("forking test failed");
        }
    )* };

    ($(
         $(#[$meta:meta])*
         fn $test_name:ident() $(-> $ret:ty)? $body:block
    )*) => {
        fork_test! {
            #![rusty_fork(timeout_ms = 0)]

            $($(#[$meta])* fn $test_name() $(-> $ret)? $body)*
        }
    };
}

pub fn prefork_setup(_child: &mut Command) {
    let out_dir = PathBuf::from(env!("OUT_DIR"));

    PREFORK.call_once(|| {
        std::env::set_var("LD_LIBRARY_PATH", &out_dir);

        let library_path = test_cdylib::build_current_project();
        let mut library_filename = library_path.file_name().unwrap().to_owned();
        library_filename.push(".2"); // required for NSS modules

        let dest = out_dir.join(library_filename);
        std::fs::copy(library_path, &dest).unwrap();
    });
}

pub type Eai = EaiRetcode;

static PREFORK: Once = Once::new();
static SETUP: Once = Once::new();

pub fn setup() -> Result<()> {
    SETUP.call_once(|| {
        let nss_config_status = unsafe {
            let db = CString::new("hosts").unwrap();
            let resolvers = CString::new("malcontent dns").unwrap();
            __nss_configure_lookup(db.as_ptr(), resolvers.as_ptr())
        };

        if nss_config_status != 0 {
            panic!(
                "Unable to configure NSS to load module: __nss_configure_lookup() returned {}",
                nss_config_status
            );
        }
    });

    Ok(())
}

pub fn resolve_with_system(family: libc::c_int, host: &str) -> Result<IpAddr> {
    let process = Command::new("getent")
        .arg(match family {
            libc::AF_INET => "ahostsv4",
            libc::AF_INET6 => "ahostsv6",
            _ => panic!("INET family must be either IPv4 or IPv6"),
        })
        .arg(host)
        .output()?;
    ensure!(
        process.status.success(),
        "Failed to run getent to check host IP"
    );
    let output = String::from_utf8(process.stdout)?;
    let addr_string = output
        .as_str()
        .split(' ')
        .next()
        .ok_or(anyhow!("Unparseable output from getent"))?;
    Ok(IpAddr::from_str(&addr_string)?)
}

pub fn resolve_with_module(family: libc::c_int, hostname: &str) -> Result<IpAddr> {
    assert!(
        SETUP.is_completed(),
        "Forgot to call common::setup() at beginning of test?"
    );
    let c_hostname = CString::new(hostname).unwrap();
    unsafe {
        let mut addr = std::ptr::null_mut();
        let hints = libc::addrinfo {
            ai_family: family,
            ai_flags: 0,
            ai_socktype: 0,
            ai_protocol: 0,
            ai_addrlen: 0,
            ai_addr: std::ptr::null_mut(),
            ai_canonname: std::ptr::null_mut(),
            ai_next: std::ptr::null_mut(),
        };
        let getaddrinfo_status =
            getaddrinfo(c_hostname.as_ptr(), std::ptr::null(), &hints, &mut addr);

        let error = CStr::from_ptr(gai_strerror(getaddrinfo_status));
        assert_eq!(
            getaddrinfo_status,
            Eai::Success.0,
            "Should have gotten hostname for {}, instead got {}",
            hostname,
            error.to_str().unwrap()
        );
        let addr_storage = SockaddrStorage::from_raw((*addr).ai_addr, Some((*addr).ai_addrlen))
            .ok_or(anyhow!("Garbled addrinfo from getaddrinfo()"))?;
        let ip = convert_addrinfo(&addr_storage)?;
        freeaddrinfo(addr);
        Ok(ip)
    }
}

fn convert_addrinfo(sa: &SockaddrStorage) -> Result<IpAddr> {
    if let Some(addr) = sa.as_sockaddr_in() {
        Ok(IpAddr::V4(Ipv4Addr::from(addr.ip())))
    } else if let Some(addr) = sa.as_sockaddr_in6() {
        Ok(IpAddr::V6(Ipv6Addr::from(addr.ip())))
    } else {
        bail!("addrinfo is not either an IPv4 or IPv6 address")
    }
}

pub type Restrictions = Vec<IpAddr>;

pub fn mock_dbus(responses: HashMap<Uid, Vec<Restrictions>>) -> JoinHandle<Result<()>> {
    async fn dbus_loop(mut responses: HashMap<Uid, Vec<Restrictions>>) -> Result<()> {
        use zbus::MessageType::*;

        let mut responses_size: usize = responses.values().map(|v| v.len()).sum();
        for r in responses.values_mut() {
            r.reverse(); // we pop responses from the back, so...
        }

        let connection = zbus::ConnectionBuilder::session()?.build().await?;
        let mut stream = zbus::MessageStream::from(&connection);
        while responses_size > 0 {
            let msg = stream
                .try_next()
                .await?
                .ok_or(anyhow!("Unparseable DBus message"))?;

            if msg.header()?.message_type()? == MethodCall
                && msg
                    .interface()
                    .ok_or(anyhow!("Invoked method has no interface"))?
                    == DBUS_INTERFACE
                && msg
                    .member()
                    .ok_or(anyhow!("Invoked method has no member"))?
                    == DBUS_GET_RESTRICTIONS_METHOD
            {
                let user_id: u32 = msg.body()?;
                match responses.get_mut(&Uid::from_raw(user_id)) {
                    Some(answers) => match answers.pop() {
                        Some(a) => {
                            responses_size = responses_size - 1;
                            let ips: Vec<String> = a.into_iter().map(|ip| ip.to_string()).collect();
                            connection.reply(&msg, &ips).await
                        }
                        None => {
                            connection
                                .reply_error(
                                    &msg,
                                    "MockExhausted",
                                    &format!("DBus mock is saturated for user with id {}", user_id),
                                )
                                .await
                        }
                    },
                    None => {
                        connection
                            .reply_error(
                                &msg,
                                "MockExhausted",
                                &format!(
                                    "No mocked invocations available for user with id {}",
                                    user_id
                                ),
                            )
                            .await
                    }
                }?;
            }
        }

        Ok(())
    }

    task::spawn(async { dbus_loop(responses).await })
}
Add basic test 2022-08-13 17:04:22 +02:00			`// SPDX-FileCopyrightText: 2022 Matteo Settenvini <matteo.settenvini@montecristosoftware.eu>`
			`// SPDX-License-Identifier: GPL-3.0-or-later`

Ensure loading of NSS module in tests 2022-08-14 23:03:59 +02:00			`#![allow(non_upper_case_globals)]`
			`#![allow(non_camel_case_types)]`
			`#![allow(non_snake_case)]`
			`#![allow(dead_code)]`

Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`include!(concat!(env!("OUT_DIR"), "/bindings.rs"));`
Move to rust stable, introduce mock for dbus in tests 2022-08-18 13:59:11 +02:00			`include!(concat!(env!("CARGO_MANIFEST_DIR"), "/src/constants.rs"));`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00
Add basic test 2022-08-13 17:04:22 +02:00			`use {`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`anyhow::{anyhow, bail, ensure, Result},`
Move to rust stable, introduce mock for dbus in tests 2022-08-18 13:59:11 +02:00			`futures_util::TryStreamExt,`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`libc::{freeaddrinfo, gai_strerror, getaddrinfo},`
			`nix::sys::socket::{SockaddrLike as _, SockaddrStorage},`
Move to rust stable, introduce mock for dbus in tests 2022-08-18 13:59:11 +02:00			`nix::unistd::Uid,`
			`std::collections::HashMap,`
Ensure loading of NSS module in tests 2022-08-14 23:03:59 +02:00			`std::env,`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`std::ffi::{CStr, CString},`
			`std::net::{IpAddr, Ipv4Addr, Ipv6Addr},`
Add basic test 2022-08-13 17:04:22 +02:00			`std::path::PathBuf,`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`std::process::Command,`
Move to rust stable, introduce mock for dbus in tests 2022-08-18 13:59:11 +02:00			`std::str::FromStr,`
Add basic test 2022-08-13 17:04:22 +02:00			`std::sync::Once,`
Move to rust stable, introduce mock for dbus in tests 2022-08-18 13:59:11 +02:00			`tokio::task,`
			`tokio::task::JoinHandle,`
Add basic test 2022-08-13 17:04:22 +02:00			`};`

Use an async context for module and refactor 2022-08-21 14:47:37 +02:00			`// Adapted from rusty_forkfork (which inherits it from rusty_fork)`
			`// to allow a custom pre-fork function`
			`#[macro_export]`
			`macro_rules! fork_test {`
			`(#![rusty_fork(timeout_ms = $timeout:expr)]`
			`$(`
			`$(#[$meta:meta])*`
			`fn $test_name:ident() $(-> $ret:ty)? $body:block`
			`)*) => { $(`
			`$(#[$meta])*`
			`fn $test_name() {`
			`// Eagerly convert everything to function pointers so that all`
			// tests use the same instantiation of `fork`.
			`fn body_fn() $(-> $ret)? $body`
			`let body: fn () $(-> $ret)? = body_fn;`

			`fn supervise_fn(child: &mut rusty_forkfork::ChildWrapper,`
			`_file: &mut ::std::fs::File) {`
			`rusty_forkfork::fork_test::supervise_child(child, $timeout)`
			`}`
			`let supervise:`
			`fn (&mut rusty_forkfork::ChildWrapper, &mut ::std::fs::File) =`
			`supervise_fn;`

			`rusty_forkfork::fork(`
			`rusty_forkfork::rusty_fork_test_name!($test_name),`
			`rusty_forkfork::rusty_fork_id!(),`
			`$crate::common::prefork_setup,`
			`supervise, body).expect("forking test failed");`
			`}`
			`)* };`

			`($(`
			`$(#[$meta:meta])*`
			`fn $test_name:ident() $(-> $ret:ty)? $body:block`
			`)*) => {`
			`fork_test! {`
			`#![rusty_fork(timeout_ms = 0)]`

			`$($(#[$meta])* fn $test_name() $(-> $ret)? $body)*`
			`}`
			`};`
			`}`

			`pub fn prefork_setup(_child: &mut Command) {`
			`let out_dir = PathBuf::from(env!("OUT_DIR"));`

			`PREFORK.call_once(\|\| {`
			`std::env::set_var("LD_LIBRARY_PATH", &out_dir);`

			`let library_path = test_cdylib::build_current_project();`
			`let mut library_filename = library_path.file_name().unwrap().to_owned();`
			`library_filename.push(".2"); // required for NSS modules`

			`let dest = out_dir.join(library_filename);`
			`std::fs::copy(library_path, &dest).unwrap();`
			`});`
			`}`

Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`pub type Eai = EaiRetcode;`
Add basic test 2022-08-13 17:04:22 +02:00
Use an async context for module and refactor 2022-08-21 14:47:37 +02:00			`static PREFORK: Once = Once::new();`
Add basic test 2022-08-13 17:04:22 +02:00			`static SETUP: Once = Once::new();`

			`pub fn setup() -> Result<()> {`
Use an async context for module and refactor 2022-08-21 14:47:37 +02:00			`SETUP.call_once(\|\| {`
			`let nss_config_status = unsafe {`
			`let db = CString::new("hosts").unwrap();`
			`let resolvers = CString::new("malcontent dns").unwrap();`
			`__nss_configure_lookup(db.as_ptr(), resolvers.as_ptr())`
			`};`

			`if nss_config_status != 0 {`
			`panic!(`
			`"Unable to configure NSS to load module: __nss_configure_lookup() returned {}",`
			`nss_config_status`
			`);`
			`}`
			`});`
Add basic test 2022-08-13 17:04:22 +02:00
Ensure loading of NSS module in tests 2022-08-14 23:03:59 +02:00			`Ok(())`
Add basic test 2022-08-13 17:04:22 +02:00			`}`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00
Use an async context for module and refactor 2022-08-21 14:47:37 +02:00			`pub fn resolve_with_system(family: libc::c_int, host: &str) -> Result<IpAddr> {`
			`let process = Command::new("getent")`
			`.arg(match family {`
			`libc::AF_INET => "ahostsv4",`
			`libc::AF_INET6 => "ahostsv6",`
			`_ => panic!("INET family must be either IPv4 or IPv6"),`
			`})`
			`.arg(host)`
			`.output()?;`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`ensure!(`
			`process.status.success(),`
			`"Failed to run getent to check host IP"`
			`);`
			`let output = String::from_utf8(process.stdout)?;`
			`let addr_string = output`
			`.as_str()`
			`.split(' ')`
			`.next()`
			`.ok_or(anyhow!("Unparseable output from getent"))?;`
			`Ok(IpAddr::from_str(&addr_string)?)`
			`}`

Use an async context for module and refactor 2022-08-21 14:47:37 +02:00			`pub fn resolve_with_module(family: libc::c_int, hostname: &str) -> Result<IpAddr> {`
			`assert!(`
			`SETUP.is_completed(),`
			`"Forgot to call common::setup() at beginning of test?"`
			`);`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`let c_hostname = CString::new(hostname).unwrap();`
			`unsafe {`
			`let mut addr = std::ptr::null_mut();`
Use an async context for module and refactor 2022-08-21 14:47:37 +02:00			`let hints = libc::addrinfo {`
			`ai_family: family,`
			`ai_flags: 0,`
			`ai_socktype: 0,`
			`ai_protocol: 0,`
			`ai_addrlen: 0,`
			`ai_addr: std::ptr::null_mut(),`
			`ai_canonname: std::ptr::null_mut(),`
			`ai_next: std::ptr::null_mut(),`
			`};`
			`let getaddrinfo_status =`
			`getaddrinfo(c_hostname.as_ptr(), std::ptr::null(), &hints, &mut addr);`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00
			`let error = CStr::from_ptr(gai_strerror(getaddrinfo_status));`
			`assert_eq!(`
			`getaddrinfo_status,`
			`Eai::Success.0,`
			`"Should have gotten hostname for {}, instead got {}",`
			`hostname,`
			`error.to_str().unwrap()`
			`);`
			`let addr_storage = SockaddrStorage::from_raw((addr).ai_addr, Some((addr).ai_addrlen))`
			`.ok_or(anyhow!("Garbled addrinfo from getaddrinfo()"))?;`
Use an async context for module and refactor 2022-08-21 14:47:37 +02:00			`let ip = convert_addrinfo(&addr_storage)?;`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`freeaddrinfo(addr);`
Use an async context for module and refactor 2022-08-21 14:47:37 +02:00			`Ok(ip)`
			`}`
			`}`

			`fn convert_addrinfo(sa: &SockaddrStorage) -> Result<IpAddr> {`
			`if let Some(addr) = sa.as_sockaddr_in() {`
			`Ok(IpAddr::V4(Ipv4Addr::from(addr.ip())))`
			`} else if let Some(addr) = sa.as_sockaddr_in6() {`
			`Ok(IpAddr::V6(Ipv6Addr::from(addr.ip())))`
			`} else {`
			`bail!("addrinfo is not either an IPv4 or IPv6 address")`
Start implementing and testing gethostbyname4_r 2022-08-15 22:55:35 +02:00			`}`
			`}`
Move to rust stable, introduce mock for dbus in tests 2022-08-18 13:59:11 +02:00
			`pub type Restrictions = Vec<IpAddr>;`

			`pub fn mock_dbus(responses: HashMap<Uid, Vec<Restrictions>>) -> JoinHandle<Result<()>> {`
			`async fn dbus_loop(mut responses: HashMap<Uid, Vec<Restrictions>>) -> Result<()> {`
			`use zbus::MessageType::*;`

			`let mut responses_size: usize = responses.values().map(\|v\| v.len()).sum();`
			`for r in responses.values_mut() {`
			`r.reverse(); // we pop responses from the back, so...`
			`}`

			`let connection = zbus::ConnectionBuilder::session()?.build().await?;`
			`let mut stream = zbus::MessageStream::from(&connection);`
			`while responses_size > 0 {`
			`let msg = stream`
			`.try_next()`
			`.await?`
			`.ok_or(anyhow!("Unparseable DBus message"))?;`

			`if msg.header()?.message_type()? == MethodCall`
			`&& msg`
			`.interface()`
			`.ok_or(anyhow!("Invoked method has no interface"))?`
			`== DBUS_INTERFACE`
			`&& msg`
			`.member()`
			`.ok_or(anyhow!("Invoked method has no member"))?`
			`== DBUS_GET_RESTRICTIONS_METHOD`
			`{`
			`let user_id: u32 = msg.body()?;`
Ensure unique nix library use with deps 2022-08-24 12:51:16 +02:00			`match responses.get_mut(&Uid::from_raw(user_id)) {`
Move to rust stable, introduce mock for dbus in tests 2022-08-18 13:59:11 +02:00			`Some(answers) => match answers.pop() {`
			`Some(a) => {`
			`responses_size = responses_size - 1;`
			`let ips: Vec<String> = a.into_iter().map(\|ip\| ip.to_string()).collect();`
			`connection.reply(&msg, &ips).await`
			`}`
			`None => {`
			`connection`
			`.reply_error(`
			`&msg,`
			`"MockExhausted",`
			`&format!("DBus mock is saturated for user with id {}", user_id),`
			`)`
			`.await`
			`}`
			`},`
			`None => {`
			`connection`
			`.reply_error(`
			`&msg,`
			`"MockExhausted",`
			`&format!(`
			`"No mocked invocations available for user with id {}",`
			`user_id`
			`),`
			`)`
			`.await`
			`}`
			`}?;`
			`}`
			`}`

			`Ok(())`
			`}`

			`task::spawn(async { dbus_loop(responses).await })`
			`}`