From 8ce7b78034373b6afbabbe452b45af1fffee7863 Mon Sep 17 00:00:00 2001 From: Jeremy Rand Date: Wed, 14 Dec 2022 07:50:55 +0000 Subject: [PATCH] Add functional tests --- .cirrus.yml | 38 +++++++++++++ testdata/ncdns.conf | 120 +++++++++++++++++++++++++++++++++++++++ testdata/regtest.sh | 76 +++++++++++++++++++++++++ testdata/run_bitcoind.sh | 28 +++++++++ 4 files changed, 262 insertions(+) create mode 100644 testdata/ncdns.conf create mode 100755 testdata/regtest.sh create mode 100755 testdata/run_bitcoind.sh diff --git a/.cirrus.yml b/.cirrus.yml index 658ddf4..ce2a11a 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -167,6 +167,43 @@ task: env: GOX_TAGS: "" +task: + name: "Functional Tests Ubuntu Go $GO_VERSION$MODULES_NAME" + compute_engine_instance: + image_project: cirrus-images + image: family/docker-builder + platform: linux + cpu: 1 + memory: 1G + bitcoind_cache: + folder: /tmp/bitcoind + populate_script: mkdir -p /tmp/bitcoind + install_script: + - apt-get update + - BITCOIND_URL=$(curl https://www.namecoin.org/download/ | grep x86_64-linux-gnu.tar.gz | grep -v 0.13.99 | grep --only-matching https://.*.tar.gz) + - BITCOIND_FILENAME=$(echo $BITCOIND_URL | grep -E --only-matching 'namecoin-nc.*.tar.gz') + - BITCOIND_PATH=/tmp/bitcoind/$BITCOIND_FILENAME + - tar -xaf $BITCOIND_PATH || (rm -f /tmp/bitcoind/* && curl --output $BITCOIND_PATH $BITCOIND_URL && tar -xaf $BITCOIND_PATH) + - cp -a namecoin-*/* /usr/ + - NCDNS_URL=https://api.cirrus-ci.com/v1/artifact/build/$CIRRUS_BUILD_ID/Cross-Compile%20Go%20$GO_VERSION/binaries/dist/ncdns--linux_amd64.tar.gz + - curl -o ncdns.tar.gz $NCDNS_URL + - tar -xaf ncdns.tar.gz + - cp -a ncdns--*/* /usr/ + bitcoind_service_background_script: + - testdata/run_bitcoind.sh + ncdns_service_background_script: + # ncdns refuses to run as root + - adduser ncdns --disabled-password + - ncdns -conf testdata/ncdns.conf + regtest_script: + - sleep 10s + - testdata/regtest.sh + depends_on: + - "Cross-Compile Go $GO_VERSION$MODULES_NAME" + env: + GO_VERSION: latest + MODULES_NAME: "" + task: name: "Cross-Compile Go $GO_VERSION$MODULES_NAME" alias: Cross-Compile @@ -257,6 +294,7 @@ task: - ShellCheck - Unit Tests - Cross-Compile + - Functional Tests Ubuntu Go latest bin_cache: folder: "idist" fingerprint_script: diff --git a/testdata/ncdns.conf b/testdata/ncdns.conf new file mode 100644 index 0000000..7a99798 --- /dev/null +++ b/testdata/ncdns.conf @@ -0,0 +1,120 @@ + +### ncdns will look for its configuration file in the following directories. +### The first configuration file found is used and all others are ignored. +### +### /etc/ncdns/ncdns.conf ) Non-Windows only +### /etc/ncdns.conf ) +### (executable path)/ncdns.conf +### (executable path)/../etc/ncdns/ncdns.conf +### (executable path)/../etc/ncdns.conf +### +### You may explicitly specify a path to the configuration file on the +### command line by passing '-conf=PATH'. + +[ncdns] +### This is a TOML configuration file. Values must be in quotes where shown. + + +### Basic Settings (Required) +### ------------------------- + +### The interface to bind to. Defaults to ":53", which causes ncdns to attempt to +### bind to all interfaces on port 53. Unless you are running ncdns as root you +### will probably find that this fails. On Linux, you can run the following +### command on the ncdns binary to authorize it to bind to ports under 1024. +### +### sudo setcap 'cap_net_bind_service=+ep' ./ncdns +### +### On BSD, there are sysctls to disable the low port restrictions. +### +### IMPORTANT NOTE: For Go versions 1.5.0 and 1.5.1 (but not 1.4.x or earlier +### or 1.5.2 when released, or any later version, or HEAD) there is a bug which +### means ncdns cannot listen on privileged ports on Linux systems. This bug +### manifests as ncdns hanging once executed without ever beginning to serve +### requests. This bug will manifest whenever ncdns is executed as root or with +### a non-empty capability set, so it precludes use of setcap to bind to privileged +### ports just as it precludes the use of conventional privilege dropping. +### +bind="127.0.0.1:5391" + + +### namecoind access (Required) +### --------------------------- +### You must configure the RPC address, username and password ## of a trusted +### (i.e. local) namecoind instance. + +### The address, in "hostname:port" format, of the Namecoin JSON-RPC interface. +namecoinrpcaddress="127.0.0.1:18554" + +### The username with which to connect to the Namecoin JSON-RPC interface. +namecoinrpcusername="doggman" + +### The password with which to connect to the Namecoin JSON-RPC interface. +namecoinrpcpassword="donkey" + +### ncdns caches values retrieved from Namecoin. This value limits the number of +### items ncdns may store in its cache. The default value is 100. +#cachemaxentries=150 + + +### Nameserver Identity (Optional) +### ------------------------------ + +### ncdns needs to be able to state the hostname and IP address at which the +### nameserver lies. If you are only using ncdns locally you can avoid configuring +### these. +### +### If SelfName is specified, ncdns lists the name specified as an NS record at +### the zone apex: +### +### bit. IN NS ns1.example.com. +### +### This requires that you be able to assign the ncdns instance a hostname. +### +### If SelfName is left blank (the default), ncdns will generate an internal +### psuedo-hostname under the zone, which will resolve to the value of SelfIP. +### +### The default value of SelfIP is the bogus IP of "127.127.127.127", which will +### work acceptably in some cases (e.g. with Unbound). +#selfname="ns1.example.com." +#selfip="192.0.2.1" + + +### DNSSEC (Optional) +### ----------------- +### The following options concern DNSSEC and are optional. +### Leaving them all blank will disable DNSSEC. + +### Path to the file containing the KSK public key. +#publickey="etc/Kbit.+008+12345.key" + +### Path to the file containing the KSK private key. +#privatekey="etc/Kbit.+008+12345.private" + +### Path to the file containing the ZSK public key. +#zonepublickey="etc/Kbit.+008+12345.key" + +### Path to the file containing the ZSK private key. +#zoneprivatekey="etc/Kbit.+008+12345.private" + + +### HTTP server (Optional) +### ---------------------- +### Use of the HTTP server is optional. + +### Set this to enable the HTTP server. If you leave this blank, the HTTP +### server will not be enabled. +#httplistenaddr=":8202" + +### The template directory is usually detected automatically. If it cannot be found +### automatically, you must set the full path to it here manually. Paths will be +### interpreted relative to the configuration file. +#tplpath="../tpl" + +[xlog] + +severity="debug" + +[service] + +uid="ncdns" diff --git a/testdata/regtest.sh b/testdata/regtest.sh new file mode 100755 index 0000000..73718c2 --- /dev/null +++ b/testdata/regtest.sh @@ -0,0 +1,76 @@ +#!/usr/bin/env bash +export HOME=~ +set -eu + +# Adapted from Electrum-NMC. + +bitcoin_cli="namecoin-cli -rpcuser=doggman -rpcpassword=donkey -rpcport=18554 -regtest" + +function new_blocks() +{ + $bitcoin_cli generatetoaddress "$1" "$($bitcoin_cli getnewaddress)" > /dev/null +} + +function assert_equal() +{ + err_msg="$3" + + if [[ "$1" != "$2" ]]; then + echo "'$1' != '$2'" + echo "$err_msg" + return 1 + fi +} + +function assert_raises_error() +{ + cmd=$1 + required_err=$2 + + if observed_err=$($cmd 2>&1) ; then + echo "Failed to raise error '$required_err'" + return 1 + fi + if [[ "$observed_err" != *"$required_err"* ]]; then + echo "$observed_err" + echo "Raised wrong error instead of '$required_err'" + return 1 + fi +} + +echo "Expire any existing names from previous functional test runs" +new_blocks 35 + +echo "Pre-register testls.bit" +$bitcoin_cli name_new 'd/testls' + +echo "Wait for pre-registration to mature" +new_blocks 12 + +echo "Register testls.bit" +$bitcoin_cli name_firstupdate 'd/testls' + +echo "Wait for registration to confirm" +new_blocks 1 + +echo "Update testls.bit" +$bitcoin_cli name_update 'd/testls' '{"ip":"107.152.38.155","map":{"*":{"tls":[[2,1,0,"MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADvxHcjwDYMNfUSTtSIn3VbBC1sOzh/1Fv5T0UzEuLWIE="]]},"sub1":{"map":{"sub2":{"map":{"sub3":{"ip":"107.152.38.155"}}}}},"_tor":{"txt":"dhflg7a7etr77hwt4eerwoovhg7b5bivt2jem4366dt4psgnl5diyiyd.onion"}}}' + +echo "Wait for update to confirm" +new_blocks 1 + +echo "Query testls.bit via Core" +$bitcoin_cli name_show 'd/testls' + +echo "Query testls.bit IPv4 Authoritative via dig" +dig_output=$(dig -p 5391 @127.0.0.1 A testls.bit) +echo "$dig_output" +echo "Checking response correctness" +echo "$dig_output" | grep "107.152.38.155" + +echo "Query testls.bit TLS Authoritative via dig" +dig_output=$(dig -p 5391 @127.0.0.1 TLSA "*.testls.bit") +echo "$dig_output" +echo "Checking response correctness" +tlsa_hex="$(echo 'MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADvxHcjwDYMNfUSTtSIn3VbBC1sOzh/1Fv5T0UzEuLWIE=' | base64 --decode | xxd -u -ps -c 500)" +echo "$dig_output" | sed 's/ //g' | grep "$tlsa_hex" diff --git a/testdata/run_bitcoind.sh b/testdata/run_bitcoind.sh new file mode 100755 index 0000000..070ba89 --- /dev/null +++ b/testdata/run_bitcoind.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash +export HOME=~ +set -eux pipefail + +# Adapted from Electrum-NMC. + +mkdir -p ~/.namecoin +cat > ~/.namecoin/namecoin.conf <