btest: Add integration test for DNS_Mgr

This makes use of an ephemeral dnsmasq instance

testing/btest/Baseline/dns_mgr.lookup_addr/out

@@ -0,0 +1,2 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+dns.example.com

testing/btest/Baseline/dns_mgr.lookup_hostname/out

@@ -0,0 +1,7 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+addrs, 5
+10.0.0.3
+10.0.0.2
+10.0.0.1
+fe80::6990:df6e:618:c096
+10.0.0.4

testing/btest/Baseline/dns_mgr.lookup_hostname_cname/out

@@ -0,0 +1,3 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+lookup_hostname addrs, 0
+lookup_hostname_txt, 15, www.example.com

testing/btest/Baseline/dns_mgr.lookup_hostname_txt/out

@@ -0,0 +1,2 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+TXT, more-network-monitor

testing/btest/btest.cfg

@@ -4,7 +4,7 @@
 build_dir = build
 
 [btest]
-TestDirs    = af_packet doc bifs language core scripts coverage signatures plugins broker spicy supervisor telemetry javascript misc opt
+TestDirs    = af_packet doc bifs language core scripts coverage signatures plugins broker spicy supervisor telemetry javascript misc opt dns_mgr
 TmpDir      = %(testbase)s/.tmp
 BaselineDir = %(testbase)s/Baseline
 IgnoreDirs  = .svn CVS .tmp

testing/btest/dns_mgr/lookup_addr.zeek

@@ -0,0 +1,26 @@
+# @TEST-GROUP: dns_mgr
+#
+# @TEST-REQUIRES: dnsmasq --version
+# @TEST-PORT: DNSMASQ_PORT
+
+# @TEST-EXEC: btest-bg-run dnsmasq run-dnsmasq 127.0.0.1 ${DNSMASQ_PORT%/tcp}
+# @TEST-EXEC: unset ZEEK_DNS_FAKE; ZEEK_DNS_RESOLVER=127.0.0.1:${DNSMASQ_PORT%/tcp} zeek -b %INPUT >out
+# @TEST-EXEC: btest-bg-wait -k 0
+
+# @TEST-EXEC: btest-diff out
+
+redef exit_only_after_terminate = T;
+
+event zeek_init()
+	{
+	when ( local host = lookup_addr(10.0.0.99) )
+		{
+		print cat(host);
+		terminate();
+		}
+	timeout 5sec
+		{
+		print "ERROR timeout";
+		terminate();
+		}
+	}

testing/btest/dns_mgr/lookup_hostname.zeek

@@ -0,0 +1,28 @@
+# @TEST-GROUP: dns_mgr
+#
+# @TEST-REQUIRES: dnsmasq --version
+# @TEST-PORT: DNSMASQ_PORT
+
+# @TEST-EXEC: btest-bg-run dnsmasq run-dnsmasq 127.0.0.1 ${DNSMASQ_PORT%/tcp}
+# @TEST-EXEC: unset ZEEK_DNS_FAKE; ZEEK_DNS_RESOLVER=127.0.0.1:${DNSMASQ_PORT%/tcp} zeek -b %INPUT >out
+# @TEST-EXEC: btest-bg-wait -k 0
+
+# @TEST-EXEC: btest-diff out
+
+redef exit_only_after_terminate = T;
+
+event zeek_init()
+	{
+	when ( local addrs = lookup_hostname("example.com") )
+		{
+		print "addrs", |addrs|;
+		for ( a in addrs )
+			print a;
+		terminate();
+		}
+	timeout 5sec
+		{
+		print "ERROR timeout";
+		terminate();
+		}
+	}

testing/btest/dns_mgr/lookup_hostname_cname.zeek

@@ -0,0 +1,42 @@
+# @TEST-GROUP: dns_mgr
+#
+# @TEST-REQUIRES: dnsmasq --version
+# @TEST-PORT: DNSMASQ_PORT
+
+# @TEST-EXEC: btest-bg-run dnsmasq run-dnsmasq 127.0.0.1 ${DNSMASQ_PORT%/tcp}
+# @TEST-EXEC: unset ZEEK_DNS_FAKE; ZEEK_DNS_RESOLVER=127.0.0.1:${DNSMASQ_PORT%/tcp} zeek -b %INPUT >out
+# @TEST-EXEC: btest-bg-wait -k 0
+
+# @TEST-EXEC: btest-diff out
+
+redef exit_only_after_terminate = T;
+
+event zeek_init()
+	{
+	# www.example.com is a CNAME for example.com and this
+	# results in nothing :-/
+	when ( local addrs = lookup_hostname("www.example.com") )
+		{
+		print "lookup_hostname addrs", |addrs|;
+		for ( a in addrs )
+			print a;
+
+		# Example.com is a CNAME for www.example.com and a
+		# TXT lookup yields example.com. Weird.
+		when ( local txt = lookup_hostname_txt("www.example.com") )
+			{
+			print "lookup_hostname_txt", |txt|, txt;
+			terminate();
+			}
+		timeout 5sec
+			{
+			print "ERROR lookup_hostname_txt timeout";
+			terminate();
+			}
+		}
+	timeout 5sec
+		{
+		print "ERROR lookup_hostname timeout";
+		terminate();
+		}
+	}

testing/btest/dns_mgr/lookup_hostname_txt.zeek

@@ -0,0 +1,32 @@
+# @TEST-GROUP: dns_mgr
+#
+# @TEST-REQUIRES: dnsmasq --version
+# @TEST-PORT: DNSMASQ_PORT
+
+# @TEST-EXEC: btest-bg-run dnsmasq run-dnsmasq 127.0.0.1 ${DNSMASQ_PORT%/tcp}
+# @TEST-EXEC: unset ZEEK_DNS_FAKE; ZEEK_DNS_RESOLVER=127.0.0.1:${DNSMASQ_PORT%/tcp} zeek -b %INPUT >out
+# @TEST-EXEC: btest-bg-wait -k 0
+
+# @TEST-EXEC: btest-diff out
+
+redef exit_only_after_terminate = T;
+
+event zeek_init()
+	{
+	when ( local txt = lookup_hostname_txt("example.com") )
+		{
+		# www.example.com has much more TXT entries, we
+		# only return "more-network-monitor", however.
+		#
+		# ;; ANSWER SECTION:
+		# www.example.com.        0       IN      TXT     "more-network-monitor" "bro"
+		# www.example.com.        0       IN      TXT     "network-monitor" "open-source" "zeek"
+		print "TXT", txt;
+		terminate();
+		}
+	timeout 5sec
+		{
+		print "ERROR timeout";
+		terminate();
+		}
+	}

testing/scripts/run-dnsmasq

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+set -eux
+
+if ! dnsmasq --version; then
+    exit 1
+fi
+
+if [ $# -ne 2 ]; then
+    echo "Usage $0 <listen_addr> <listen_port>" >2
+    exit 1
+fi
+
+listen_addr=$1
+listen_port=$2
+
+exec dnsmasq \
+    --no-resolv \
+    --no-hosts \
+    --no-daemon \
+    --listen-addr="${listen_addr}" \
+    --port="${listen_port}" \
+    --address /example.com/10.0.0.1 \
+    --address /example.com/10.0.0.2 \
+    --address /example.com/10.0.0.3 \
+    --address /example.com/10.0.0.4 \
+    --address /example.com/10.0.0.4 \
+    --address /example.com/fe80::6990:df6e:618:c096 \
+    --address /mx.example.com/10.0.0.99 \
+    --address /dns.example.com/10.0.0.99 \
+    --ptr-record=99.0.0.10.in-addr.arpa,mx.example.com \
+    --ptr-record=99.0.0.10.in-addr.arpa,dns.example.com \
+    --txt-record=example.com,network-monitor,open-source,zeek \
+    --txt-record=example.com,more-network-monitor,bro \
+    --cname=www.example.com,example.com