diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2022-02-10 09:43:12 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2022-02-10 09:43:12 +0000 |
commit | 25bb6715fdff85ace8f3e821517d4279d1a68f65 (patch) | |
tree | 2aef869d16323831e5d9d48195dc6bd1651eac8d | |
parent | Adding upstream version 0.2.0. (diff) | |
download | dnswire-25bb6715fdff85ace8f3e821517d4279d1a68f65.tar.xz dnswire-25bb6715fdff85ace8f3e821517d4279d1a68f65.zip |
Adding upstream version 0.3.3.upstream/0.3.3
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r-- | .travis.yml | 27 | ||||
-rw-r--r-- | CHANGES | 44 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | configure.ac | 8 | ||||
-rw-r--r-- | rpm/dnswire.spec | 33 | ||||
-rw-r--r-- | src/dnstap.c | 67 | ||||
-rw-r--r-- | src/dnstap.fields | 9 | ||||
-rw-r--r-- | src/dnswire/dnstap.h | 69 | ||||
-rwxr-xr-x | src/gen-macros.sh | 13 | ||||
-rw-r--r-- | src/test/create_dnstap.c | 7 | ||||
-rw-r--r-- | src/test/print_dnstap.c | 20 | ||||
-rw-r--r-- | src/test/test3.gold | 12 | ||||
-rw-r--r-- | src/test/test4.gold | 10 | ||||
-rw-r--r-- | src/test/test5.gold | 10 | ||||
-rw-r--r-- | src/test/test_dnstap.c | 4 |
15 files changed, 293 insertions, 42 deletions
diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index ab8d004..0000000 --- a/.travis.yml +++ /dev/null @@ -1,27 +0,0 @@ -dist: xenial -addons: - apt: - sources: - - sourceline: 'ppa:dns-oarc/dsc-pr' - update: true - packages: - - protobuf-c-compiler - - libprotobuf-c-dev - - libuv1-dev - - libtinyframe-dev -language: c -compiler: - - clang - - gcc -install: ./autogen.sh -script: - - ./configure --enable-warn-all - - make dist - - tar zxvf *.tar.gz - - cd dnswire-[0-9]* - - mkdir build - - cd build - - ../configure --enable-warn-all - - make - - make test - - cat src/test/test*.sh.log @@ -1,3 +1,47 @@ +2022-02-02 Jerry Lundström + + Release 0.3.3 + + This is a package only update release to correct mistakes in Debian/ + Ubuntu packages. + + - Replace/break all previous Debian/Ubuntu versions + +2022-02-02 Jerry Lundström + + Release 0.3.2 + + This is a package only update release to correct mistakes in Debian/ + Ubuntu packages. + + - Fix Debian/Ubuntu package replaces/breaks to solve filename conflicts + + dea8e35 Deb packages + 8398f65 Deb packages + +2022-02-01 Jerry Lundström + + Release 0.3.1 + + This is a package only update release to correct mistakes in Debian/ + Ubuntu packages. + + - Bump SO version for Debian/Ubuntu + +2022-01-26 Jerry Lundström + + Release 0.3.0 + + This release updates the Protobuf definition for DNSTAP to include + new message types, new protocols and the new Policy object. + + - Update debhelper compatibility level to 10 + - Update to latest `dnstap.pb`, new message types, protocols and message policy + + 87e7909 New dnstap.pb + f215476 debhelper + 20bf38f Bye Travis + 2020-10-23 Jerry Lundström Release 0.2.0 @@ -1,6 +1,6 @@ # library for DNS encapsulations and transporting of them -[![Build Status](https://travis-ci.com/DNS-OARC/dnswire.svg?branch=develop)](https://travis-ci.com/DNS-OARC/dnswire) [![Total alerts](https://img.shields.io/lgtm/alerts/g/DNS-OARC/dnswire.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/DNS-OARC/dnswire/alerts/) [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3Adnswire&metric=bugs)](https://sonarcloud.io/dashboard?id=dns-oarc%3Adnswire) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3Adnswire&metric=security_rating)](https://sonarcloud.io/dashboard?id=dns-oarc%3Adnswire) +[![Total alerts](https://img.shields.io/lgtm/alerts/g/DNS-OARC/dnswire.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/DNS-OARC/dnswire/alerts/) [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3Adnswire&metric=bugs)](https://sonarcloud.io/dashboard?id=dns-oarc%3Adnswire) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3Adnswire&metric=security_rating)](https://sonarcloud.io/dashboard?id=dns-oarc%3Adnswire) **Currently Work in Progress!** diff --git a/configure.ac b/configure.ac index 87971aa..7d0d9a4 100644 --- a/configure.ac +++ b/configure.ac @@ -1,9 +1,9 @@ AC_PREREQ(2.61) -AC_INIT([dnswire], [0.2.0], [admin@dns-oarc.net], [dnswire], [https://github.com/DNS-OARC/dnswire/issues]) +AC_INIT([dnswire], [0.3.3], [admin@dns-oarc.net], [dnswire], [https://github.com/DNS-OARC/dnswire/issues]) AC_SUBST([DNSWIRE_VERSION_MAJOR], [0000]) -AC_SUBST([DNSWIRE_VERSION_MINOR], [0001]) -AC_SUBST([DNSWIRE_VERSION_PATCH], [0000]) -AC_SUBST([DNSWIRE_LIBRARY_VERSION], [0:1:0]) +AC_SUBST([DNSWIRE_VERSION_MINOR], [0003]) +AC_SUBST([DNSWIRE_VERSION_PATCH], [0003]) +AC_SUBST([DNSWIRE_LIBRARY_VERSION], [1:0:0]) AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects]) AC_CONFIG_SRCDIR([src/dnstap.c]) AC_CONFIG_HEADER([src/config.h]) diff --git a/rpm/dnswire.spec b/rpm/dnswire.spec index d1135b7..b79bfc5 100644 --- a/rpm/dnswire.spec +++ b/rpm/dnswire.spec @@ -1,7 +1,7 @@ -%define sover 0 +%define sover 1 %define libname libdnswire%{sover} Name: dnswire -Version: 0.2.0 +Version: 0.3.3 Release: 1%{?dist} Summary: library for DNS encapsulations and transporting of them Group: Development/Libraries/C and C++ @@ -97,6 +97,35 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Wed Feb 02 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 0.3.3-1 +- Release 0.3.3 + * This is a package only update release to correct mistakes in Debian/ + Ubuntu packages. + * Replace/break all previous Debian/Ubuntu versions +* Wed Feb 02 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 0.3.2-1 +- Release 0.3.2 + * This is a package only update release to correct mistakes in Debian/ + Ubuntu packages. + * Fix Debian/Ubuntu package replaces/breaks to solve filename conflicts + * Commits: + dea8e35 Deb packages + 8398f65 Deb packages +* Tue Feb 01 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 0.3.1-1 +- Release 0.3.1 + * This is a package only update release to correct mistakes in Debian/ + Ubuntu packages. + * Bump SO version for Debian/Ubuntu +* Wed Jan 26 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 0.3.0-1 +- Release 0.3.0 + * This release updates the Protobuf definition for DNSTAP to include + new message types, new protocols and the new Policy object. + * Changes: + - Update debhelper compatibility level to 10 + - Update to latest `dnstap.pb`, new message types, protocols and message policy + * Commits: + 87e7909 New dnstap.pb + f215476 debhelper + 20bf38f Bye Travis * Fri Oct 23 2020 Jerry Lundström <lundstrom.jerry@gmail.com> 0.2.0-1 - Release 0.2.0 * This release fixes various issues and bugs in the API, fix typos and diff --git a/src/dnstap.c b/src/dnstap.c index c5275b7..4e49e64 100644 --- a/src/dnstap.c +++ b/src/dnstap.c @@ -41,6 +41,8 @@ const char* const DNSTAP_MESSAGE_TYPE_STRING[] = { "STUB_RESPONSE", "TOOL_QUERY", "TOOL_RESPONSE", + "UPDATE_QUERY", + "UPDATE_RESPONSE", }; const char* const DNSTAP_SOCKET_FAMILY_STRING[] = { "UNKNOWN", @@ -51,8 +53,38 @@ const char* const DNSTAP_SOCKET_PROTOCOL_STRING[] = { "UNKNOWN", "UDP", "TCP", + "DOT", + "DOH", + "DNSCryptUDP", + "DNSCryptTCP", +}; +const char* const DNSTAP_POLICY_ACTION_STRING[] = { + "UNKNOWN", + "NXDOMAIN", + "NODATA", + "PASS", + "DROP", + "TRUNCATE", + "LOCAL_DATA", +}; +const char* const DNSTAP_POLICY_MATCH_STRING[] = { + "UNKNOWN", + "QNAME", + "CLIENT_IP", + "RESPONSE_IP", + "NS_NAME", + "NS_IP", }; +void dnstap_message_clear_policy(struct dnstap* dnstap) +{ + static const Dnstap__Policy policy = DNSTAP__POLICY__INIT; + assert(dnstap); + + dnstap->message.policy = 0; + dnstap->policy = policy; +} + int dnstap_decode_protobuf(struct dnstap* dnstap, const uint8_t* data, size_t len) { assert(dnstap); @@ -88,6 +120,8 @@ int dnstap_decode_protobuf(struct dnstap* dnstap, const uint8_t* data, size_t le case DNSTAP_MESSAGE_TYPE_STUB_RESPONSE: case DNSTAP_MESSAGE_TYPE_TOOL_QUERY: case DNSTAP_MESSAGE_TYPE_TOOL_RESPONSE: + case DNSTAP_MESSAGE_TYPE_UPDATE_QUERY: + case DNSTAP_MESSAGE_TYPE_UPDATE_RESPONSE: break; default: dnstap->message.type = (enum _Dnstap__Message__Type)DNSTAP_MESSAGE_TYPE_UNKNOWN; @@ -105,11 +139,44 @@ int dnstap_decode_protobuf(struct dnstap* dnstap, const uint8_t* data, size_t le switch (dnstap->message.socket_protocol) { case DNSTAP_SOCKET_PROTOCOL_UDP: case DNSTAP_SOCKET_PROTOCOL_TCP: + case DNSTAP_SOCKET_PROTOCOL_DOT: + case DNSTAP_SOCKET_PROTOCOL_DOH: + case DNSTAP_SOCKET_PROTOCOL_DNSCryptUDP: + case DNSTAP_SOCKET_PROTOCOL_DNSCryptTCP: break; default: dnstap->message.has_socket_protocol = false; dnstap->message.socket_protocol = (enum _Dnstap__SocketProtocol)DNSTAP_SOCKET_PROTOCOL_UNKNOWN; } + + if (dnstap->message.policy) { + dnstap->policy = *dnstap->message.policy; + + switch (dnstap->policy.action) { + case DNSTAP_POLICY_ACTION_NXDOMAIN: + case DNSTAP_POLICY_ACTION_NODATA: + case DNSTAP_POLICY_ACTION_PASS: + case DNSTAP_POLICY_ACTION_DROP: + case DNSTAP_POLICY_ACTION_TRUNCATE: + case DNSTAP_POLICY_ACTION_LOCAL_DATA: + break; + default: + dnstap->policy.has_action = false; + dnstap->policy.action = (enum _Dnstap__Policy__Action)DNSTAP_POLICY_ACTION_UNKNOWN; + } + + switch (dnstap->policy.match) { + case DNSTAP_POLICY_MATCH_QNAME: + case DNSTAP_POLICY_MATCH_CLIENT_IP: + case DNSTAP_POLICY_MATCH_RESPONSE_IP: + case DNSTAP_POLICY_MATCH_NS_NAME: + case DNSTAP_POLICY_MATCH_NS_IP: + break; + default: + dnstap->policy.has_match = false; + dnstap->policy.match = (enum _Dnstap__Policy__Match)DNSTAP_POLICY_MATCH_UNKNOWN; + } + } } return 0; diff --git a/src/dnstap.fields b/src/dnstap.fields index e38b6e5..26449d0 100644 --- a/src/dnstap.fields +++ b/src/dnstap.fields @@ -1,5 +1,5 @@ -dnstap dnstap identity string -dnstap dnstap version string +dnstap dnstap identity bytestring +dnstap dnstap version bytestring dnstap dnstap extra bytes dnstap_message message socket_family enum dnstap_socket_family dnstap_message message socket_protocol enum dnstap_socket_protocol @@ -14,3 +14,8 @@ dnstap_message message query_zone bytes dnstap_message message response_time_sec value uint64_t dnstap_message message response_time_nsec value uint32_t dnstap_message message response_message bytes +dnstap_message_policy policy type string +dnstap_message_policy policy rule bytes +dnstap_message_policy policy action enum dnstap_policy_action +dnstap_message_policy policy match enum dnstap_policy_match +dnstap_message_policy policy value bytes diff --git a/src/dnswire/dnstap.h b/src/dnswire/dnstap.h index 97da495..7a01898 100644 --- a/src/dnswire/dnstap.h +++ b/src/dnswire/dnstap.h @@ -52,6 +52,8 @@ enum dnstap_message_type { DNSTAP_MESSAGE_TYPE_STUB_RESPONSE = 10, DNSTAP_MESSAGE_TYPE_TOOL_QUERY = 11, DNSTAP_MESSAGE_TYPE_TOOL_RESPONSE = 12, + DNSTAP_MESSAGE_TYPE_UPDATE_QUERY = 13, + DNSTAP_MESSAGE_TYPE_UPDATE_RESPONSE = 14, }; extern const char* const DNSTAP_MESSAGE_TYPE_STRING[]; @@ -63,15 +65,42 @@ enum dnstap_socket_family { extern const char* const DNSTAP_SOCKET_FAMILY_STRING[]; enum dnstap_socket_protocol { - DNSTAP_SOCKET_PROTOCOL_UNKNOWN = 0, - DNSTAP_SOCKET_PROTOCOL_UDP = 1, - DNSTAP_SOCKET_PROTOCOL_TCP = 2, + DNSTAP_SOCKET_PROTOCOL_UNKNOWN = 0, + DNSTAP_SOCKET_PROTOCOL_UDP = 1, + DNSTAP_SOCKET_PROTOCOL_TCP = 2, + DNSTAP_SOCKET_PROTOCOL_DOT = 3, + DNSTAP_SOCKET_PROTOCOL_DOH = 4, + DNSTAP_SOCKET_PROTOCOL_DNSCryptUDP = 5, + DNSTAP_SOCKET_PROTOCOL_DNSCryptTCP = 6, }; extern const char* const DNSTAP_SOCKET_PROTOCOL_STRING[]; +enum dnstap_policy_action { + DNSTAP_POLICY_ACTION_UNKNOWN = 0, + DNSTAP_POLICY_ACTION_NXDOMAIN = 1, + DNSTAP_POLICY_ACTION_NODATA = 2, + DNSTAP_POLICY_ACTION_PASS = 3, + DNSTAP_POLICY_ACTION_DROP = 4, + DNSTAP_POLICY_ACTION_TRUNCATE = 5, + DNSTAP_POLICY_ACTION_LOCAL_DATA = 6, +}; +extern const char* const DNSTAP_POLICY_ACTION_STRING[]; + +enum dnstap_policy_match { + DNSTAP_POLICY_MATCH_UNKNOWN = 0, + DNSTAP_POLICY_MATCH_QNAME = 1, + DNSTAP_POLICY_MATCH_CLIENT_IP = 2, + DNSTAP_POLICY_MATCH_RESPONSE_IP = 3, + DNSTAP_POLICY_MATCH_NS_NAME = 4, + DNSTAP_POLICY_MATCH_NS_IP = 5, +}; +extern const char* const DNSTAP_POLICY_MATCH_STRING[]; + struct dnstap { Dnstap__Dnstap dnstap; Dnstap__Message message; + Dnstap__Policy policy; + bool _policy_type_alloced; Dnstap__Dnstap* unpacked_dnstap; }; @@ -80,6 +109,7 @@ struct dnstap { { \ .dnstap = DNSTAP__DNSTAP__INIT, \ .message = DNSTAP__MESSAGE__INIT, \ + .policy = DNSTAP__POLICY__INIT, \ .unpacked_dnstap = 0, \ } @@ -140,6 +170,39 @@ struct dnstap { (d).message.socket_protocol = (enum _Dnstap__SocketProtocol)DNSTAP_MESSAGE_TYPE_UNKNOWN; \ } +#define dnstap_message_has_policy(d) ((d).dnstap.message->policy != 0) +#define dnstap_message_use_policy(d) (d).dnstap.message->policy = &(d).policy +void dnstap_message_clear_policy(struct dnstap*); +#define dnstap_message_policy_set_action(d, v) \ + switch (v) { \ + case DNSTAP_POLICY_ACTION_NXDOMAIN: \ + case DNSTAP_POLICY_ACTION_NODATA: \ + case DNSTAP_POLICY_ACTION_PASS: \ + case DNSTAP_POLICY_ACTION_DROP: \ + case DNSTAP_POLICY_ACTION_TRUNCATE: \ + case DNSTAP_POLICY_ACTION_LOCAL_DATA: \ + (d).policy.has_action = true; \ + (d).policy.action = (enum _Dnstap__Policy__Action)v; \ + break; \ + default: \ + (d).policy.has_action = false; \ + (d).policy.action = (enum _Dnstap__Policy__Action)DNSTAP_POLICY_ACTION_UNKNOWN; \ + } +#define dnstap_message_policy_set_match(d, v) \ + switch (v) { \ + case DNSTAP_POLICY_MATCH_QNAME: \ + case DNSTAP_POLICY_MATCH_CLIENT_IP: \ + case DNSTAP_POLICY_MATCH_RESPONSE_IP: \ + case DNSTAP_POLICY_MATCH_NS_NAME: \ + case DNSTAP_POLICY_MATCH_NS_IP: \ + (d).policy.has_match = true; \ + (d).policy.match = (enum _Dnstap__Policy__Match)v; \ + break; \ + default: \ + (d).policy.has_match = false; \ + (d).policy.match = (enum _Dnstap__Policy__Match)DNSTAP_POLICY_MATCH_UNKNOWN; \ + } + int dnstap_decode_protobuf(struct dnstap*, const uint8_t*, size_t); // int dnstap_decode_cbor(struct dnstap*, const uint8_t*, size_t); diff --git a/src/gen-macros.sh b/src/gen-macros.sh index 190d74a..a7d74c2 100755 --- a/src/gen-macros.sh +++ b/src/gen-macros.sh @@ -1,11 +1,24 @@ #!/bin/sh -e echo "/* autogenerated, don't edit */" +echo "#include <string.h>" +echo "#include <stdlib.h>" while read prefix base name type typedef; do echo "// $base.$name ($type)" case "$type" in string ) + echo "#define ${prefix}_has_${name}(d) ((d).${base}.${name} != 0) +#define ${prefix}_${name}(d) (const char*)((d).${base}.${name}) +#define ${prefix}_${name}_length(d) strlen((d).${base}.${name}) +#define ${prefix}_set_${name}(d, v) \ + if ((d)._${base}_${name}_alloced) { \ + free((d).${base}.${name}); \ + } \ + (d).${base}.${name} = strdup(v); \ + (d)._${base}_${name}_alloced = true;" + ;; + bytestring ) echo "#define ${prefix}_has_${name}(d) (bool)((d).${base}.has_${name}) #define ${prefix}_${name}(d) (const uint8_t*)((d).${base}.${name}.data) #define ${prefix}_${name}_length(d) (size_t)((d).${base}.${name}.len) diff --git a/src/test/create_dnstap.c b/src/test/create_dnstap.c index 9fbd4a8..b1f00ff 100644 --- a/src/test/create_dnstap.c +++ b/src/test/create_dnstap.c @@ -12,6 +12,7 @@ static char dns_wire_format_placeholder[] = "dns_wire_format_placeholder"; static unsigned char query_address[sizeof(struct in_addr)]; static unsigned char response_address[sizeof(struct in_addr)]; +static char policy_value[] = "bad.ns.name"; static inline void create_dnstap(struct dnstap* d, const char* identity) { @@ -48,4 +49,10 @@ static inline void create_dnstap(struct dnstap* d, const char* identity) dnstap_message_set_query_message(*d, dns_wire_format_placeholder, sizeof(dns_wire_format_placeholder) - 1); dnstap_message_set_response_message(*d, dns_wire_format_placeholder, sizeof(dns_wire_format_placeholder) - 1); + + dnstap_message_use_policy(*d); + dnstap_message_policy_set_type(*d, "RPZ"); + dnstap_message_policy_set_action(*d, DNSTAP_POLICY_ACTION_DROP); + dnstap_message_policy_set_match(*d, DNSTAP_POLICY_MATCH_NS_NAME); + dnstap_message_policy_set_value(*d, policy_value, sizeof(policy_value) - 1); } diff --git a/src/test/print_dnstap.c b/src/test/print_dnstap.c index b758119..109677b 100644 --- a/src/test/print_dnstap.c +++ b/src/test/print_dnstap.c @@ -111,6 +111,26 @@ static void print_dnstap(const struct dnstap* d) printf(" response_message_length: %zu\n", dnstap_message_response_message_length(*d)); printf(" response_message: %s\n", printable_string(dnstap_message_response_message(*d), dnstap_message_response_message_length(*d))); } + + if (dnstap_message_has_policy(*d)) { + printf(" policy:\n"); + + if (dnstap_message_policy_has_type(*d)) { + printf(" type: %s\n", dnstap_message_policy_type(*d)); + } + if (dnstap_message_policy_has_rule(*d)) { + printf(" rule: %s\n", printable_string(dnstap_message_policy_rule(*d), dnstap_message_policy_rule_length(*d))); + } + if (dnstap_message_policy_has_action(*d)) { + printf(" action: %s\n", DNSTAP_POLICY_ACTION_STRING[dnstap_message_policy_action(*d)]); + } + if (dnstap_message_policy_has_match(*d)) { + printf(" match: %s\n", DNSTAP_POLICY_MATCH_STRING[dnstap_message_policy_match(*d)]); + } + if (dnstap_message_policy_has_value(*d)) { + printf(" value: %s\n", printable_string(dnstap_message_policy_value(*d), dnstap_message_policy_value_length(*d))); + } + } } printf("----\n"); diff --git a/src/test/test3.gold b/src/test/test3.gold index a6e5c22..c86c86d 100644 --- a/src/test/test3.gold +++ b/src/test/test3.gold @@ -1,4 +1,4 @@ -read 322 +read 370 ---- dnstap identity: writer_write-1 message: @@ -13,6 +13,11 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- ---- dnstap identity: writer_write-2 @@ -28,4 +33,9 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- diff --git a/src/test/test4.gold b/src/test/test4.gold index f6c9f7f..36523e4 100644 --- a/src/test/test4.gold +++ b/src/test/test4.gold @@ -12,6 +12,11 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- ---- dnstap identity: writer_pop-2 @@ -27,4 +32,9 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- diff --git a/src/test/test5.gold b/src/test/test5.gold index 86404aa..3042714 100644 --- a/src/test/test5.gold +++ b/src/test/test5.gold @@ -12,6 +12,11 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- ---- dnstap identity: writer_reader_unixsock-2 @@ -27,4 +32,9 @@ message: query_message: dns_wire_format_placeholder response_message_length: 27 response_message: dns_wire_format_placeholder + policy: + type: RPZ + action: DROP + match: NS_NAME + value: bad.ns.name ---- diff --git a/src/test/test_dnstap.c b/src/test/test_dnstap.c index fd199f8..eec0049 100644 --- a/src/test/test_dnstap.c +++ b/src/test/test_dnstap.c @@ -27,7 +27,7 @@ int main(void) d.dnstap.type = (enum _Dnstap__Dnstap__Type)DNSTAP_TYPE_MESSAGE; // invalid message.type - d.message.type = (enum _Dnstap__Message__Type)(DNSTAP_MESSAGE_TYPE_TOOL_RESPONSE + 1); + d.message.type = (enum _Dnstap__Message__Type)(DNSTAP_MESSAGE_TYPE_UPDATE_RESPONSE + 1); s = dnstap_encode_protobuf_size(&d); assert(s < sizeof(buf)); assert(dnstap_encode_protobuf(&d, buf) == s); @@ -47,7 +47,7 @@ int main(void) d.message.socket_family = (enum _Dnstap__SocketFamily)DNSTAP_SOCKET_FAMILY_INET; // invalid message.socket_protocol - d.message.socket_protocol = (enum _Dnstap__SocketProtocol)(DNSTAP_SOCKET_PROTOCOL_TCP + 1); + d.message.socket_protocol = (enum _Dnstap__SocketProtocol)(DNSTAP_SOCKET_PROTOCOL_DNSCryptTCP + 1); s = dnstap_encode_protobuf_size(&d); assert(s < sizeof(buf)); assert(dnstap_encode_protobuf(&d, buf) == s); |