Skip to content

Commit

Permalink
[BUGFIX] disable ip protocol fallback and tests (#540)
Browse files Browse the repository at this point in the history 
Signed-off-by: Martin/Geno <[email protected]>
  • Loading branch information
@genofire @brian-brazil
genofire authored and brian-brazil committed Oct 23, 2019
1 parent 93a48d8 commit 2e7c8cd
Show file tree
Hide file tree
Showing 4 changed files with 93 additions and 43 deletions.
97 changes: 57 additions & 40 deletions prober/dns_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,21 +96,24 @@ func TestRecursiveDNSResponse(t *testing.T) {
}{
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
}, true,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
ValidRcodes: []string{"SERVFAIL", "NXDOMAIN"},
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidRcodes: []string{"SERVFAIL", "NXDOMAIN"},
}, false,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidateAnswer: config.DNSRRValidator{
FailIfMatchesRegexp: []string{".*7200.*"},
FailIfNotMatchesRegexp: []string{".*3600.*"},
Expand All @@ -119,17 +122,19 @@ func TestRecursiveDNSResponse(t *testing.T) {
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidateAuthority: config.DNSRRValidator{
FailIfMatchesRegexp: []string{".*7200.*"},
},
}, true,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidateAdditional: config.DNSRRValidator{
FailIfNotMatchesRegexp: []string{".*3600.*"},
},
Expand Down Expand Up @@ -226,27 +231,31 @@ func TestAuthoritativeDNSResponse(t *testing.T) {
}{
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
}, true,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
QueryType: "SOA",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
QueryType: "SOA",
}, true,
}, {
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
ValidRcodes: []string{"SERVFAIL", "NXDOMAIN"},
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidRcodes: []string{"SERVFAIL", "NXDOMAIN"},
}, false,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidateAnswer: config.DNSRRValidator{
FailIfMatchesRegexp: []string{".*3600.*"},
FailIfNotMatchesRegexp: []string{".*3600.*"},
Expand All @@ -255,8 +264,9 @@ func TestAuthoritativeDNSResponse(t *testing.T) {
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidateAnswer: config.DNSRRValidator{
FailIfMatchesRegexp: []string{".*7200.*"},
FailIfNotMatchesRegexp: []string{".*7200.*"},
Expand All @@ -265,26 +275,29 @@ func TestAuthoritativeDNSResponse(t *testing.T) {
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidateAuthority: config.DNSRRValidator{
FailIfNotMatchesRegexp: []string{"ns.*.isp.net"},
},
}, true,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidateAdditional: config.DNSRRValidator{
FailIfNotMatchesRegexp: []string{"^ns.*.isp"},
},
}, true,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidateAdditional: config.DNSRRValidator{
FailIfMatchesRegexp: []string{"^ns.*.isp"},
},
Expand Down Expand Up @@ -334,29 +347,33 @@ func TestServfailDNSResponse(t *testing.T) {
}{
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
}, false,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
ValidRcodes: []string{"SERVFAIL", "NXDOMAIN"},
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidRcodes: []string{"SERVFAIL", "NXDOMAIN"},
}, true,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
QueryType: "NOT_A_VALID_QUERY_TYPE",
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
QueryType: "NOT_A_VALID_QUERY_TYPE",
}, false,
},
{
config.DNSProbe{
IPProtocol: "ipv4",
QueryName: "example.com",
ValidRcodes: []string{"NOT_A_VALID_RCODE"},
IPProtocol: "ip4",
IPProtocolFallback: true,
QueryName: "example.com",
ValidRcodes: []string{"NOT_A_VALID_RCODE"},
}, false,
},
}
Expand Down
5 changes: 3 additions & 2 deletions prober/tcp_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,8 +135,9 @@ func TestTCPConnectionWithTLS(t *testing.T) {
// Expect name-verified TLS connection.
module := config.Module{
TCP: config.TCPProbe{
IPProtocol: "ipv4",
TLS: true,
IPProtocol: "ip4",
IPProtocolFallback: true,
TLS: true,
TLSConfig: pconfig.TLSConfig{
CAFile: tmpCaFile.Name(),
InsecureSkipVerify: false,
Expand Down
2 changes: 1 addition & 1 deletion prober/utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ func chooseProtocol(ctx context.Context, IPProtocol string, fallbackIPProtocol b
}

// Unable to find ip and no fallback set.
if fallback == nil {
if fallback == nil || !fallbackIPProtocol {
return nil, 0.0, fmt.Errorf("unable to find ip; no fallback")
}

Expand Down
32 changes: 32 additions & 0 deletions prober/utils_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
package prober

import (
"context"
"crypto/rand"
"crypto/rsa"
"crypto/x509"
Expand All @@ -22,9 +23,13 @@ import (
"fmt"
"math/big"
"net"
"os"
"testing"
"time"

"github.com/go-kit/kit/log"

"github.com/prometheus/client_golang/prometheus"
dto "github.com/prometheus/client_model/go"
)

Expand Down Expand Up @@ -110,3 +115,30 @@ func generateTestCertificate(expiry time.Time, IPAddressSAN bool) ([]byte, []byt
pemKey := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privatekey)})
return pemCert, pemKey
}

func TestChooseProtocol(t *testing.T) {
ctx := context.Background()
registry := prometheus.NewPedanticRegistry()
w := log.NewSyncWriter(os.Stderr)
logger := log.NewLogfmtLogger(w)

ip, _, err := chooseProtocol(ctx, "ip4", true, "ipv6.google.com", registry, logger)
if err != nil {
t.Error(err)
}
if ip == nil || ip.IP.To4() != nil {
t.Error("with fallback it should answer")
}

registry = prometheus.NewPedanticRegistry()

ip, _, err = chooseProtocol(ctx, "ip4", false, "ipv6.google.com", registry, logger)
if err != nil && err.Error() != "unable to find ip; no fallback" {
t.Error(err)
} else if err == nil {
t.Error("should set error")
}
if ip != nil {
t.Error("without fallback it should not answer")
}
}

0 comments on commit 2e7c8cd

Please sign in to comment.