add QNameSubDomain (#17)

Author: mimuret

matcher/dnsmsg_query_name.go

@@ -17,11 +17,11 @@ func NewMatchDNSMsgQueryName(arg interface{}) (DnsMsgMatcher, error) {
 		return nil, errors.Errorf("invalid type args %v", arg)
 	}
 	buf := make([]byte, 255)
-	_, err := dns.PackDomainName(dns.CanonicalName(qName), buf, 0, nil, false)
+	offset, err := dns.PackDomainName(dns.CanonicalName(qName), buf, 0, nil, false)
 	if err != nil {
 		return nil, errors.Wrap(err, "invalid domain name")
 	}
-	return &matchDNSMsgQueryName{target: buf}, nil
+	return &matchDNSMsgQueryName{target: buf[:offset]}, nil
 }
 
 type matchDNSMsgQueryName struct {
@@ -33,11 +33,11 @@ func (m *matchDNSMsgQueryName) Match(d *dns.Msg) bool {
 		return false
 	}
 	buf := make([]byte, 255)
-	_, err := dns.PackDomainName(dns.CanonicalName(d.Question[0].Name), buf, 0, nil, false)
+	offset, err := dns.PackDomainName(dns.CanonicalName(d.Question[0].Name), buf, 0, nil, false)
 	if err != nil {
 		return false
 	}
-	return bytes.Equal(m.target, buf)
+	return bytes.Equal(m.target, buf[:offset])
 }
 
 func init() {

matcher/dnsmsg_query_name_subdomain.go

@@ -0,0 +1,50 @@
+package matcher
+
+import (
+	"bytes"
+
+	"github.com/miekg/dns"
+	"github.com/pkg/errors"
+)
+
+const (
+	DNSMatcherQNameSubDomain MatcherName = "QNameSubDomain"
+)
+
+func NewMatchDNSMsgQueryNameSubDomain(arg interface{}) (DnsMsgMatcher, error) {
+	qName, ok := arg.(string)
+	if !ok {
+		return nil, errors.Errorf("invalid type args %v", arg)
+	}
+	buf := make([]byte, 255)
+	offset, err := dns.PackDomainName(dns.CanonicalName(qName), buf, 0, nil, false)
+	if err != nil {
+		return nil, errors.Wrap(err, "invalid domain name")
+	}
+	return &matchDNSMsgQueryNameSubDomain{target: buf[:offset], offset: offset}, nil
+}
+
+type matchDNSMsgQueryNameSubDomain struct {
+	target []byte
+	offset int
+}
+
+func (m *matchDNSMsgQueryNameSubDomain) Match(d *dns.Msg) bool {
+	if len(d.Question) == 0 {
+		return false
+	}
+	buf := make([]byte, 255)
+	offset, err := dns.PackDomainName(dns.CanonicalName(d.Question[0].Name), buf, 0, nil, false)
+	if err != nil {
+		return false
+	}
+	buf = buf[:offset]
+	if len(buf) < len(m.target) {
+		return false
+	}
+	return bytes.Equal(m.target, buf[offset-m.offset:])
+}
+
+func init() {
+	RegisterDnsMsgMatcher(DNSMatcherQNameSubDomain, NewMatchDNSMsgQueryNameSubDomain, UnmarshalStringArg)
+}

matcher/dnsmsg_query_name_subdomain_test.go

@@ -0,0 +1,164 @@
+package matcher_test
+
+import (
+	_ "embed"
+	"encoding/json"
+
+	"github.com/miekg/dns"
+	"github.com/mimuret/dnsutils/matcher"
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+)
+
+//go:embed testdata/dnsmsg_query_name_subdomain_fail.json
+var matchDNSMsgQuerySubDomainFailData []byte
+
+//go:embed testdata/dnsmsg_query_name_subdomain_success.json
+var matchDNSMsgQuerySubDomainValidData []byte
+
+var _ = Describe("QName", func() {
+	Context("NewMatchDNSMsgQueryNameSubDomain", func() {
+		var (
+			m   matcher.DnsMsgMatcher
+			err error
+		)
+		When("arg is string", func() {
+			When("valid domain name", func() {
+				BeforeEach(func() {
+					m, err = matcher.NewMatchDNSMsgQueryNameSubDomain("exmaple.jp")
+				})
+				It("returns matcher", func() {
+					Expect(err).To(Succeed())
+					Expect(m).NotTo(BeNil())
+				})
+			})
+			When("invalid domain name", func() {
+				BeforeEach(func() {
+					m, err = matcher.NewMatchDNSMsgQueryNameSubDomain("..")
+				})
+				It("returns error", func() {
+					Expect(err).To(HaveOccurred())
+				})
+			})
+		})
+		When("arg is invalid type", func() {
+			BeforeEach(func() {
+				m, err = matcher.NewMatchDNSMsgQueryNameSubDomain(true)
+			})
+			It("returns error", func() {
+				Expect(err).To(HaveOccurred())
+			})
+		})
+	})
+	Context("UnmarshalArg", func() {
+		var (
+			err error
+			mc  *matcher.MatcherConfig
+		)
+		BeforeEach(func() {
+			mc = &matcher.MatcherConfig{}
+		})
+		When("valid arg", func() {
+			BeforeEach(func() {
+				err = json.Unmarshal(matchDNSMsgQuerySubDomainValidData, mc)
+			})
+			It("not returns error", func() {
+				Expect(err).To(Succeed())
+				Expect(mc).To(Equal(&matcher.MatcherConfig{
+					Name: "QNameSubDomain",
+					Type: matcher.MatcherTypeDnsMsg,
+					Arg:  "example.jp.",
+				}))
+			})
+		})
+		When("invalid arg", func() {
+			BeforeEach(func() {
+				err = json.Unmarshal(matchDNSMsgQuerySubDomainFailData, mc)
+			})
+			It("returns error", func() {
+				Expect(err).To(HaveOccurred())
+			})
+		})
+	})
+	Context("BuildDnsMsgMatcher", func() {
+		var (
+			err error
+			m1  matcher.DnsMsgMatcher
+			m2  matcher.DnsMsgMatcher
+		)
+		BeforeEach(func() {
+			m1, err = matcher.NewMatchDNSMsgQueryNameSubDomain("exmaple.jp")
+			Expect(err).To(Succeed())
+		})
+		When("Name is QName", func() {
+			BeforeEach(func() {
+				m2, err = matcher.BuildDnsMsgMatcher(matcher.MatcherConfig{
+					Type: matcher.MatcherTypeDnsMsg,
+					Name: "QNameSubDomain",
+					Arg:  "exmaple.jp",
+				})
+			})
+			It("returns matcher", func() {
+				Expect(err).To(Succeed())
+				Expect(m2).To(Equal(m1))
+			})
+		})
+	})
+	Context("Match", func() {
+		var (
+			err error
+			m   matcher.DnsMsgMatcher
+		)
+		BeforeEach(func() {
+			m, err = matcher.NewMatchDNSMsgQueryNameSubDomain("exmaple.jp.")
+			Expect(err).To(Succeed())
+		})
+		When("msg.Question is empty ", func() {
+			It("returns false", func() {
+				Expect(m.Match(&dns.Msg{})).To(BeFalse())
+			})
+		})
+		When("msg.Question is not domain name ", func() {
+			It("returns false", func() {
+				Expect(m.Match(&dns.Msg{Question: []dns.Question{
+					{
+						Name:   "..",
+						Qtype:  dns.TypeA,
+						Qclass: dns.ClassCHAOS,
+					},
+				}})).To(BeFalse())
+			})
+		})
+		When("msg.QueryName != TARGET", func() {
+			It("returns false", func() {
+				Expect(m.Match(&dns.Msg{Question: []dns.Question{{Name: "exmaple.net"}}})).To(BeFalse())
+			})
+			It("returns false", func() {
+				Expect(m.Match(&dns.Msg{Question: []dns.Question{{Name: "jp"}}})).To(BeFalse())
+			})
+			It("returns false", func() {
+				Expect(m.Match(&dns.Msg{Question: []dns.Question{{Name: "ple.jp"}}})).To(BeFalse())
+			})
+		})
+		When("msg.QueryName = SUBDOMAIN", func() {
+			It("returns true", func() {
+				Expect(m.Match(&dns.Msg{Question: []dns.Question{{Name: "www.ExmapLe.jp"}}})).To(BeTrue())
+			})
+			It("returns true", func() {
+				Expect(m.Match(&dns.Msg{Question: []dns.Question{{Name: "*.ExmapLe.jp"}}})).To(BeTrue())
+			})
+		})
+		When("msg.QueryName = TARGET", func() {
+			When("different case", func() {
+				It("returns true", func() {
+					Expect(m.Match(&dns.Msg{Question: []dns.Question{{Name: "ExmapLe.jp."}}})).To(BeTrue())
+				})
+			})
+			When("not FQDN", func() {
+				It("returns true", func() {
+					Expect(m.Match(&dns.Msg{Question: []dns.Question{{Name: "ExmapLe.jp"}}})).To(BeTrue())
+				})
+			})
+		})
+	})
+})

matcher/testdata/dnsmsg_query_name_regexp_success.json

@@ -1,5 +1,5 @@
 {
   "Type": "DNS",
-  "name": "QNameRegexp",
+  "Name": "QNameRegexp",
   "Arg": ".*"
-}
+}

matcher/testdata/dnsmsg_query_name_subdomain_fail.json

@@ -0,0 +1,5 @@
+{
+  "Type": "DNS",
+  "Name": "QNameSubDomain",
+  "Arg": false
+}

matcher/testdata/dnsmsg_query_name_subdomain_success.json

@@ -0,0 +1,5 @@
+{
+  "Type": "DNS",
+  "Name": "QNameSubDomain",
+  "Arg": "example.jp."
+}