// SPDX-FileCopyrightText: 2022 Matteo Settenvini // SPDX-License-Identifier: GPL-3.0-or-later mod common; use { crate::common::Eai, anyhow::Result, libc::{freeaddrinfo, gai_strerror, getaddrinfo}, std::net::{IpAddr, Ipv4Addr}, }; #[test] fn nss_module_is_loaded() -> Result<()> { common::setup()?; let hostname = std::ffi::CString::new("gnome.org").unwrap(); unsafe { let mut addr = std::ptr::null_mut(); let getaddrinfo_status = getaddrinfo( hostname.as_ptr(), std::ptr::null(), std::ptr::null(), &mut addr, ); let error = std::ffi::CStr::from_ptr(gai_strerror(getaddrinfo_status)); assert_eq!( getaddrinfo_status, 0, "Unable to resolve hostname, getaddrinfo failed: {}", error.to_str().unwrap() ); freeaddrinfo(addr); }; Ok(()) } #[test] fn application_dns_is_nxdomain() -> Result<()> { common::setup()?; let hostname = std::ffi::CString::new("use-application-dns.net").unwrap(); unsafe { let mut addr = std::ptr::null_mut(); let getaddrinfo_status = getaddrinfo( hostname.as_ptr(), std::ptr::null(), std::ptr::null(), &mut addr, ); let error = std::ffi::CStr::from_ptr(gai_strerror(getaddrinfo_status)); assert_eq!( getaddrinfo_status, Eai::NoName.0, "Should have gotten no hostname (NXDOMAIN), instead got {}", error.to_str().unwrap() ); freeaddrinfo(addr); }; Ok(()) } #[test] fn wikipedia_is_unrestricted() -> Result<()> { let (system_addr, our_addr) = common::resolve_system_and_us("wikipedia.org")?; assert_eq!(system_addr, our_addr); Ok(()) } #[test] #[ignore] fn adultsite_is_restricted() -> Result<()> { let (system_addr, our_addr) = common::resolve_system_and_us("pornhub.com")?; assert_ne!(system_addr, our_addr); assert_eq!(our_addr, IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0))); Ok(()) } #[test] #[ignore] fn root_user_bypasses_restrictions() -> Result<()> { // TODO fake root let (system_addr, our_addr) = common::resolve_system_and_us("pornhub.com")?; assert_eq!(system_addr, our_addr); Ok(()) }