added dns integration tests

Author: ethan-thompson

src/tests/process/dns/Header-Restore

@@ -0,0 +1,35 @@
+subrequest @DNS::Query {
+	#
+	#  Verify that the process layer copies ID and Opcode from the
+	#  request into the reply, and sets the QR and Authoritative bits.
+	#
+	#  ID=9999 is deliberately unusual to confirm the copy, not a
+	#  coincidental default value.
+	#
+	Header = {
+		ID = 9999
+		Opcode = ::Query
+	}
+
+	call dns {
+		#  ID must be the request's ID, not some default.
+		if (reply.Header.ID != 9999) {
+			test_fail
+		}
+
+		#  QR bit must be flipped to Response by dns_fields_restore().
+		if (reply.Header.Query != ::Response) {
+			test_fail
+		}
+
+		#  Opcode must be echoed back from the request.
+		if (reply.Header.Opcode != ::Query) {
+			test_fail
+		}
+
+		#  Authoritative must default to yes when not set by the user.
+		if (reply.Header.Authoritative != yes) {
+			test_fail
+		}
+	}
+}

src/tests/process/dns/Query

@@ -0,0 +1,26 @@
+subrequest @DNS::Query {
+	#
+	#  Minimal DNS query: ID=1 routes to ok -> No-Error.
+	#
+	Header = {
+		ID = 1
+		Opcode = ::Query
+	}
+
+	call dns {
+		#  rcode must be No-Error for an ok return.
+		if (reply.Header.Rcode != ::No-Error) {
+			test_fail
+		}
+
+		#  QR bit must be flipped to Response.
+		if (reply.Header.Query != ::Response) {
+			test_fail
+		}
+
+		#  ID must be echoed back from the request.
+		if (reply.Header.ID != 1) {
+			test_fail
+		}
+	}
+}

src/tests/process/dns/Query-Fail

@@ -0,0 +1,15 @@
+subrequest @DNS::Query {
+	#
+	#  ID=4 routes to fail, which must map to Server-Failure.
+	#
+	Header = {
+		ID = 4
+		Opcode = ::Query
+	}
+
+	call dns {
+		if (reply.Header.Rcode != ::Server-Failure) {
+			test_fail
+		}
+	}
+}

src/tests/process/dns/Query-Invalid

@@ -0,0 +1,15 @@
+subrequest @DNS::Query {
+	#
+	#  ID=5 routes to invalid, which must map to Format-Error.
+	#
+	Header = {
+		ID = 5
+		Opcode = ::Query
+	}
+
+	call dns {
+		if (reply.Header.Rcode != ::Format-Error) {
+			test_fail
+		}
+	}
+}

src/tests/process/dns/Query-Notfound

@@ -0,0 +1,15 @@
+subrequest @DNS::Query {
+	#
+	#  ID=2 routes to notfound, which must map to Name-Error.
+	#
+	Header = {
+		ID = 2
+		Opcode = ::Query
+	}
+
+	call dns {
+		if (reply.Header.Rcode != ::Name-Error) {
+			test_fail
+		}
+	}
+}

src/tests/process/dns/Query-Reject

@@ -0,0 +1,15 @@
+subrequest @DNS::Query {
+	#
+	#  ID=3 routes to reject, which must map to Refused.
+	#
+	Header = {
+		ID = 3
+		Opcode = ::Query
+	}
+
+	call dns {
+		if (reply.Header.Rcode != ::Refused) {
+			test_fail
+		}
+	}
+}

src/tests/process/dns/server.conf

@@ -0,0 +1,70 @@
+#  -*- text -*-
+#
+#  test configuration file.  Do not install.
+#
+#  $Id$
+#
+
+#
+#  Minimal dns.conf for testing the DNS process state machine.
+#
+
+output       = $ENV{OUTPUT}
+run_dir      = ${output}
+pidfile      = ${run_dir}/radiusd.pid
+panic_action = "gdb -batch -x src/tests/panic.gdb %e %p > ${run_dir}/gdb.log 2>&1; cat ${run_dir}/gdb.log"
+
+raddb        = raddb
+radacctdir   = ${run_dir}/radacct
+modconfdir   = ${raddb}/mods-config
+certdir      = ${raddb}/certs
+cadir        = ${raddb}/certs
+test_port    = $ENV{TEST_PORT}
+
+#  Only for testing!
+security {
+	allow_vulnerable_openssl = yes
+	allow_core_dumps = yes
+}
+
+policy {
+	$INCLUDE ../policy.conf
+}
+
+server dns {
+	namespace = dns
+
+	#
+	#  Route test scenarios by Header.ID so a single recv section
+	#  can exercise every rcode-to-DNS-rcode mapping:
+	#
+	#    ID 1  -> ok          -> No-Error      (happy path)
+	#    ID 2  -> notfound    -> Name-Error
+	#    ID 3  -> reject      -> Refused
+	#    ID 4  -> fail        -> Server-Failure
+	#    ID 5  -> invalid     -> Format-Error
+	#
+	#  All other IDs default to ok.
+	#
+	recv Query {
+		if (request.Header.ID == 2) {
+			notfound
+		}
+		elsif (request.Header.ID == 3) {
+			reject
+		}
+		elsif (request.Header.ID == 4) {
+			fail
+		}
+		elsif (request.Header.ID == 5) {
+			invalid
+		}
+		else {
+			ok
+		}
+	}
+
+	send Query-Response {
+		ok
+	}
+}