+diff --git a/NEWS b/NEWS
+index 8d8bdd9..4d8c01d 100644
+--- a/NEWS
++++ b/NEWS
+@@ -1,6 +1,19 @@
+ This file describes user-visible changes in rbldnsd.
+ Newer news is at the top.
+
++Next release
++
++ - fix tests for systems without ipv6 support, or when ipv6 is
++ disabled in rbldnsd at compile-time
++
++ - fix tests for API change in pydns >= 2.3.6
++
++ - It is no longer an error to request binding to a particular
++ address/port more than once. (The subsequent requests are simply
++ ignored.) (This avoids confusion on certain systems/configurations
++ where gethostbyname("localhost") can return 127.0.0.1 multiple
++ times.)
++
+ 0.997a (23 Jul 2013)
+
+ - minor fixes/changes in packaging, no code changes.
+diff --git a/rbldnsd.c b/rbldnsd.c
+index abf1d01..8322bdd 100644
+--- a/rbldnsd.c
++++ b/rbldnsd.c
+@@ -203,10 +203,79 @@ static volatile int signalled;
+ #define SIGNALLED_ZSTATS 0x10
+ #define SIGNALLED_TERM 0x20
+
++static inline int sockaddr_in_equal(const struct sockaddr_in *addr1,
++ const struct sockaddr_in *addr2)
++{
++ return (addr1->sin_port == addr2->sin_port
++ && addr1->sin_addr.s_addr == addr2->sin_addr.s_addr);
++}
++
++#ifndef NO_IPv6
++static inline int sockaddr_in6_equal(const struct sockaddr_in6 *addr1,
++ const struct sockaddr_in6 *addr2)
++{
++ if (memcmp(addr1->sin6_addr.s6_addr, addr2->sin6_addr.s6_addr, 16) != 0)
++ return 0;
++ return (addr1->sin6_port == addr2->sin6_port
++ && addr1->sin6_flowinfo == addr2->sin6_flowinfo
++ && addr1->sin6_scope_id == addr2->sin6_scope_id);
++}
++#endif
++
++static inline int sockaddr_equal(const struct sockaddr *addr1,
++ const struct sockaddr *addr2)
++{
++ if (addr1->sa_family != addr2->sa_family)
++ return 0;
++ switch (addr1->sa_family) {
++ case AF_INET:
++ return sockaddr_in_equal((const struct sockaddr_in *)addr1,
++ (const struct sockaddr_in *)addr2);
++#ifndef NO_IPv6
++ return sockaddr_in6_equal((const struct sockaddr_in6 *)addr1,
++ (const struct sockaddr_in6 *)addr2);
++#endif
++ default:
++ error(0, "unknown address family (%d)", addr1->sa_family);
++ }
++}
++
++/* already_bound(addr, addrlen)
++ *
++ * Determine whether we've already bound to a particular address.
++ * This is here mostly to deal with the fact that on certain systems,
++ * gethostbyname()/getaddrinfo() can return a duplicate 127.0.0.1
++ * for 'localhost'. See
++ * - http://sourceware.org/bugzilla/show_bug.cgi?id=4980
++ * - https://bugzilla.redhat.com/show_bug.cgi?id=496300
++ */
++static int already_bound(const struct sockaddr *addr, socklen_t addrlen) {
++#ifdef NO_IPv6
++ struct sockaddr_in addr_buf;
++#else
++ struct sockaddr_in6 addr_buf;
++#endif
++ struct sockaddr *boundaddr = (struct sockaddr *)&addr_buf;
++ socklen_t buflen;
++ int i;
++
++ for (i = 0; i < numsock; i++) {
++ buflen = sizeof(addr_buf);
++ if (getsockname(sock[i], boundaddr, &buflen) < 0)
++ error(errno, "getsockname failed");
++ if (buflen == addrlen && sockaddr_equal(boundaddr, addr))
++ return 1;
++ }
++ return 0;
++}
++
+ #ifdef NO_IPv6
+ static void newsocket(struct sockaddr_in *sin) {
+ int fd;
+ const char *host = ip4atos(ntohl(sin->sin_addr.s_addr));
++
++ if (already_bound((struct sockaddr *)sin, sizeof(*sin)))
++ return;
+ if (numsock >= MAXSOCK)
+ error(0, "too many listening sockets (%d max)", MAXSOCK);
+ fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+@@ -223,6 +292,8 @@ static int newsocket(struct addrinfo *ai) {
+ int fd;
+ char host[NI_MAXHOST], serv[NI_MAXSERV];
+
++ if (already_bound(ai->ai_addr, ai->ai_addrlen))
++ return 1;
+ if (numsock >= MAXSOCK)
+ error(0, "too many listening sockets (%d max)", MAXSOCK);
+ fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+diff --git a/rbldnsd.py b/rbldnsd.py
+index 9300ef2..4b78dee 100644
+--- a/rbldnsd.py
++++ b/rbldnsd.py
+@@ -2,6 +2,7 @@
+
+
+ """
++import errno
+ from itertools import count
+ import subprocess
+ from tempfile import NamedTemporaryFile, TemporaryFile
+@@ -12,6 +13,14 @@ try:
+ import DNS
+ except ImportError:
+ raise RuntimeError("The pydns library is not installed")
++try:
++ from DNS import SocketError as DNS_SocketError
++except ImportError:
++ class DNS_SocketError(Exception):
++ """ Dummy, never raised.
++
++ (Older versions of pydns before 2.3.6 do not raise SocketError.)
++ """
+
+ DUMMY_ZONE_HEADER = """
+ $SOA 0 example.org. hostmaster.example.com. 0 1h 1h 2d 1h
+@@ -113,7 +122,6 @@ class Rbldnsd(object):
+ stderr=self.stderr)
+
+ # wait for rbldnsd to start responding
+- time.sleep(0.1)
+ for retry in count():
+ if daemon.poll() is not None:
+ raise DaemonError(
+@@ -124,12 +132,18 @@ class Rbldnsd(object):
+ break
+ except QueryRefused:
+ break
++ except DNS_SocketError as ex:
++ # pydns >= 2.3.6
++ wrapped_error = ex.args[0]
++ if wrapped_error.errno != errno.ECONNREFUSED:
++ raise
+ except DNS.DNSError as ex:
++ # pydns < 2.3.6
+ if str(ex) != 'no working nameservers found':
+ raise
+- elif retries > 10:
+- raise DaemonError(
+- "rbldnsd does not seem to be responding")
++ if retry > 10:
++ raise DaemonError("rbldnsd does not seem to be responding")
++ time.sleep(0.1)
+
+ def _stop_daemon(self):
+ daemon = self._daemon
+@@ -150,6 +164,22 @@ class Rbldnsd(object):
+ raise DaemonError("rbldnsd exited with code %d"
+ % daemon.returncode)
+
++ @property
++ def no_ipv6(self):
++ """ Was rbldnsd compiled with -DNO_IPv6?
++ """
++ # If rbldnsd was compiled with -DNO_IPv6, the (therefore
++ # unsupported) '-6' command-line switch will not be described
++ # in the help message
++ cmd = [self.daemon_bin, '-h']
++ proc = subprocess.Popen(cmd, stdout=subprocess.PIPE)
++ help_message = proc.stdout.readlines()
++ if proc.wait() != 0:
++ raise subprocess.CalledProcessError(proc.returncode, cmd)
++ return not any(line.lstrip().startswith('-6 ')
++ for line in help_message)
++
++
+ class TestRbldnsd(unittest.TestCase):
+ def test(self):
+ rbldnsd = Rbldnsd()
+diff --git a/test_acl.py b/test_acl.py
+index d93ca0a..10bed1c 100644
+--- a/test_acl.py
++++ b/test_acl.py
+@@ -1,5 +1,8 @@
+ """ Tests for the acl dataset
+ """
++from functools import wraps
++import socket
++import sys
+ from tempfile import NamedTemporaryFile
+ import unittest
+
+@@ -9,6 +12,35 @@ __all__ = [
+ 'TestAclDataset',
+ ]
+
++try:
++ from unittest import skipIf
++except ImportError:
++ # hokey replacement (for python <= 2.6)
++ def skipIf(condition, reason):
++ if condition:
++ def decorate(f):
++ @wraps(f)
++ def skipped(*args, **kw):
++ sys.stderr.write("skipped test: %s " % reason)
++ return skipped
++ return decorate
++ else:
++ return lambda f: f
++
++def _have_ipv6():
++ # Check for IPv6 support
++ if not getattr(socket, 'has_ipv6', False):
++ return False # no python support for ipv6
++ elif Rbldnsd().no_ipv6:
++ return False # rbldnsd compiled with -DNO_IPv6
++ try:
++ socket.socket(socket.AF_INET6, socket.SOCK_DGRAM).close()
++ except socket.error:
++ return False # no kernel (or libc) support for ipv6?
++ return True
++
++no_ipv6 = not _have_ipv6()
++
+ def daemon(acl, addr='localhost'):
+ """ Create an Rbldnsd instance with given ACL
+ """
+@@ -33,11 +65,13 @@ class TestAclDataset(unittest.TestCase):
+ addr='127.0.0.1') as dnsd:
+ self.assertEqual(dnsd.query('test.example.com'), 'Success')
+
++ @skipIf(no_ipv6, "IPv6 unsupported")
+ def test_refuse_ipv6(self):
+ with daemon(acl=["::1 :refuse"],
+ addr='::1') as dnsd:
+ self.assertRaises(QueryRefused, dnsd.query, 'test.example.com')
+
++ @skipIf(no_ipv6, "IPv6 unsupported")
+ def test_pass_ipv6(self):
+ with daemon(acl=[ "0/0 :refuse",
+ "0::1 :pass" ],
+diff --git a/test_ip4trie.py b/test_ip4trie.py
+index fe9e78f..2cce09b 100644
+--- a/test_ip4trie.py
++++ b/test_ip4trie.py
+@@ -9,7 +9,7 @@ __all__ = [
+ ]
+
+ def ip4trie(zone_data):
+- """ Run rbldnsd with an ip6trie dataset
++ """ Run rbldnsd with an ip4trie dataset
+ """
+ dnsd = Rbldnsd()
+ dnsd.add_dataset('ip4trie', ZoneFile(zone_data))
+diff --git a/test_ip6trie.py b/test_ip6trie.py
+index d3600db..377c5dd 100644
+--- a/test_ip6trie.py
++++ b/test_ip6trie.py
+@@ -15,15 +15,6 @@ def ip6trie(zone_data):
+ dnsd.add_dataset('ip6trie', ZoneFile(zone_data))
+ return dnsd
+
+-def rfc3152(ip6addr, domain='example.com'):
+- from socket import inet_pton, AF_INET6
+- from struct import unpack
+-
+- bytes = unpack("16B", inet_pton(AF_INET6, ip6addr))
+- nibbles = '.'.join("%x.%x" % (byte & 0xf, (byte >> 4) & 0xf)
+- for byte in reversed(bytes))
+- return "%s.%s" % (nibbles, domain)
+-
+ class TestIp6TrieDataset(unittest.TestCase):
+ def test_exclusion(self):
+ with ip6trie(["dead::/16 listed",
+@@ -31,5 +22,35 @@ class TestIp6TrieDataset(unittest.TestCase):
+ self.assertEqual(dnsd.query(rfc3152("dead::beef")), None)
+ self.assertEqual(dnsd.query(rfc3152("dead::beee")), "listed")
+
++
++def rfc3152(ip6addr, domain='example.com'):
++ return "%s.%s" % ('.'.join(reversed(_to_nibbles(ip6addr))), domain)
++
++def _to_nibbles(ip6addr):
++ """ Convert ip6 address (in rfc4291 notation) to a sequence of nibbles
++
++ NB: We avoid the use of socket.inet_pton(AF_INET6, ip6addr) here
++ because it fails (with 'error: can't use AF_INET6, IPv6 is
++ disabled') when python has been compiled without IPv6 support. See
++ http://www.corpit.ru/pipermail/rbldnsd/2013q3/001181.html
++
++ """
++ def _split_words(addr):
++ return [ int(w, 16) for w in addr.split(':') ] if addr else []
++
++ if '::' in ip6addr:
++ head, tail = [ _split_words(s) for s in ip6addr.split('::', 1) ]
++ nzeros = 8 - len(head) - len(tail)
++ assert nzeros >= 0
++ words = head + [ 0 ] * nzeros + tail
++ else:
++ words = _split_words(ip6addr)
++
++ assert len(words) == 8
++ for word in words:
++ assert 0 <= word <= 0xffff
++
++ return ''.join("%04x" % word for word in words)
++
+ if __name__ == '__main__':
+ unittest.main()
projects / mjo-overlay.git / commitdiff