malcontent-dns-parental-controls/tests/integration_test.rs

// SPDX-FileCopyrightText: 2022 Matteo Settenvini <matteo.settenvini@montecristosoftware.eu>
// SPDX-License-Identifier: GPL-3.0-or-later

mod common;

use {
    crate::common::Eai,
    anyhow::Result,
    libc::{freeaddrinfo, gai_strerror, getaddrinfo},
    std::net::{IpAddr, Ipv4Addr},
};

#[test]
fn nss_module_is_loaded() -> Result<()> {
    common::setup()?;

    let hostname = std::ffi::CString::new("gnome.org").unwrap();
    unsafe {
        let mut addr = std::ptr::null_mut();
        let getaddrinfo_status = getaddrinfo(
            hostname.as_ptr(),
            std::ptr::null(),
            std::ptr::null(),
            &mut addr,
        );

        let error = std::ffi::CStr::from_ptr(gai_strerror(getaddrinfo_status));
        assert_eq!(
            getaddrinfo_status,
            0,
            "Unable to resolve hostname, getaddrinfo failed: {}",
            error.to_str().unwrap()
        );
        freeaddrinfo(addr);
    };

    Ok(())
}

#[test]
fn application_dns_is_nxdomain() -> Result<()> {
    common::setup()?;

    let hostname = std::ffi::CString::new("use-application-dns.net").unwrap();
    unsafe {
        let mut addr = std::ptr::null_mut();
        let getaddrinfo_status = getaddrinfo(
            hostname.as_ptr(),
            std::ptr::null(),
            std::ptr::null(),
            &mut addr,
        );

        let error = std::ffi::CStr::from_ptr(gai_strerror(getaddrinfo_status));
        assert_eq!(
            getaddrinfo_status,
            Eai::NoName.0,
            "Should have gotten no hostname (NXDOMAIN), instead got {}",
            error.to_str().unwrap()
        );
        freeaddrinfo(addr);
    };
    Ok(())
}

#[test]

fn wikipedia_is_unrestricted() -> Result<()> {
    let (system_addr, our_addr) = common::resolve_system_and_us("wikipedia.org")?;
    assert_eq!(system_addr, our_addr);
    Ok(())
}

#[test]
#[ignore]
fn adultsite_is_restricted() -> Result<()> {
    let (system_addr, our_addr) = common::resolve_system_and_us("pornhub.com")?;
    assert_ne!(system_addr, our_addr);
    assert_eq!(our_addr, IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)));
    Ok(())
}

#[test]
#[ignore]
fn root_user_bypasses_restrictions() -> Result<()> {
    // TODO fake root

    let (system_addr, our_addr) = common::resolve_system_and_us("pornhub.com")?;
    assert_eq!(system_addr, our_addr);
    Ok(())
}