mDNSMacOSX/Tests/Unit Tests/PathEvaluationTest.m

   1 /*
   2  * Copyright (c) 2019 Apple Inc. All rights reserved.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 #include "unittest_common.h"
  18 #import <XCTest/XCTest.h>
  19
  20 #import <NetworkExtension/NEPolicySession.h>
  21
  22 @interface PathEvaluationTest : XCTestCase
  23 {
  24 }
  25 @end
  26
  27 @implementation PathEvaluationTest
  28
  29 - (void)setUp
  30 {
  31     mDNSPlatformMemZero(&mDNSStorage, sizeof(mDNS));
  32     init_mdns_environment(mDNStrue);
  33 }
  34
  35 - (void)tearDown
  36 {
  37 }
  38
  39 - (void)testPathDeny
  40 {
  41     if(!getenv("DNSSDUTIL_XCTEST")) return;   //   Don't run without this environment variable
  42     mDNSBool        isBlocked;
  43     DNSQuestion     q;
  44     mDNSInterfaceID routableIndex;
  45
  46     mDNSPlatformMemZero(&q, sizeof(DNSQuestion));
  47     q.TargetQID.NotAnInteger = 1;
  48     q.pid = getpid();
  49     q.InterfaceID = if_nametoindex( "pdp_ip0" );
  50     fprintf(stdout, "%s %s with cellular index %d named pdp_ip0\n", q.InterfaceID ? "Starting" : "Exiting (no cellular interface)", __FUNCTION__, q.InterfaceID);
  51     if (!q.InterfaceID) return;
  52
  53     routableIndex = IndexForInterfaceByName_ut( "pdp_ip0" );
  54     fprintf(stdout, "Testing blocked by (%s)\n", routableIndex ? "policy" : "no route");
  55
  56     mDNSPlatformGetDNSRoutePolicy(&q, &isBlocked);
  57     XCTAssertFalse(isBlocked);
  58
  59     // Now block it
  60     NSMutableArray *routeRules = [NSMutableArray array];
  61     NEPolicyRouteRule *routeRule = [NEPolicyRouteRule routeRuleWithAction:NEPolicyRouteRuleActionDeny forType:NEPolicyRouteRuleTypeCellular];
  62     [routeRules addObject:routeRule];
  63     routeRule = [NEPolicyRouteRule routeRuleWithAction:NEPolicyRouteRuleActionDeny forType:NEPolicyRouteRuleTypeWiFi];
  64     [routeRules addObject:routeRule];
  65     routeRule = [NEPolicyRouteRule routeRuleWithAction:NEPolicyRouteRuleActionDeny forType:NEPolicyRouteRuleTypeWired];
  66     [routeRules addObject:routeRule];
  67
  68     NEPolicyResult *result = [NEPolicyResult routeRules:routeRules];
  69     NEPolicy *policy = [[NEPolicy alloc] initWithOrder:1 result:result  conditions:@[ [NEPolicyCondition effectivePID:q.pid], [NEPolicyCondition allInterfaces] ]];
  70
  71     NEPolicySession  *policySession = [[NEPolicySession alloc] init];
  72     XCTAssertNotNil(policySession, "Check entitlemnts");
  73     [policySession addPolicy:policy];
  74     [policySession apply];
  75
  76     mDNSPlatformGetDNSRoutePolicy(&q, &isBlocked);
  77     //  Either if these asserts indicate a regression in mDNSPlatformGetDNSRoutePolicy
  78     if (routableIndex)  XCTAssertTrue(isBlocked, "blocked by (policy) test failure");
  79     else                XCTAssertFalse(isBlocked, "blocked by (no route) test failure");
  80
  81     [policySession removeAllPolicies];
  82     [policySession apply];
  83     fprintf(stdout, "Completed %s\n", __FUNCTION__);
  84 }
  85
  86 @end