summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2022-02-10 09:43:12 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2022-02-10 09:43:12 +0000
commit25bb6715fdff85ace8f3e821517d4279d1a68f65 (patch)
tree2aef869d16323831e5d9d48195dc6bd1651eac8d
parentAdding upstream version 0.2.0. (diff)
downloaddnswire-25bb6715fdff85ace8f3e821517d4279d1a68f65.tar.xz
dnswire-25bb6715fdff85ace8f3e821517d4279d1a68f65.zip
Adding upstream version 0.3.3.upstream/0.3.3
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r--.travis.yml27
-rw-r--r--CHANGES44
-rw-r--r--README.md2
-rw-r--r--configure.ac8
-rw-r--r--rpm/dnswire.spec33
-rw-r--r--src/dnstap.c67
-rw-r--r--src/dnstap.fields9
-rw-r--r--src/dnswire/dnstap.h69
-rwxr-xr-xsrc/gen-macros.sh13
-rw-r--r--src/test/create_dnstap.c7
-rw-r--r--src/test/print_dnstap.c20
-rw-r--r--src/test/test3.gold12
-rw-r--r--src/test/test4.gold10
-rw-r--r--src/test/test5.gold10
-rw-r--r--src/test/test_dnstap.c4
15 files changed, 293 insertions, 42 deletions
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index ab8d004..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-dist: xenial
-addons:
- apt:
- sources:
- - sourceline: 'ppa:dns-oarc/dsc-pr'
- update: true
- packages:
- - protobuf-c-compiler
- - libprotobuf-c-dev
- - libuv1-dev
- - libtinyframe-dev
-language: c
-compiler:
- - clang
- - gcc
-install: ./autogen.sh
-script:
- - ./configure --enable-warn-all
- - make dist
- - tar zxvf *.tar.gz
- - cd dnswire-[0-9]*
- - mkdir build
- - cd build
- - ../configure --enable-warn-all
- - make
- - make test
- - cat src/test/test*.sh.log
diff --git a/CHANGES b/CHANGES
index b00209b..e4fe8c0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,47 @@
+2022-02-02 Jerry Lundström
+
+ Release 0.3.3
+
+ This is a package only update release to correct mistakes in Debian/
+ Ubuntu packages.
+
+ - Replace/break all previous Debian/Ubuntu versions
+
+2022-02-02 Jerry Lundström
+
+ Release 0.3.2
+
+ This is a package only update release to correct mistakes in Debian/
+ Ubuntu packages.
+
+ - Fix Debian/Ubuntu package replaces/breaks to solve filename conflicts
+
+ dea8e35 Deb packages
+ 8398f65 Deb packages
+
+2022-02-01 Jerry Lundström
+
+ Release 0.3.1
+
+ This is a package only update release to correct mistakes in Debian/
+ Ubuntu packages.
+
+ - Bump SO version for Debian/Ubuntu
+
+2022-01-26 Jerry Lundström
+
+ Release 0.3.0
+
+ This release updates the Protobuf definition for DNSTAP to include
+ new message types, new protocols and the new Policy object.
+
+ - Update debhelper compatibility level to 10
+ - Update to latest `dnstap.pb`, new message types, protocols and message policy
+
+ 87e7909 New dnstap.pb
+ f215476 debhelper
+ 20bf38f Bye Travis
+
2020-10-23 Jerry Lundström
Release 0.2.0
diff --git a/README.md b/README.md
index 16d1ea0..b0e6179 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
# library for DNS encapsulations and transporting of them
-[![Build Status](https://travis-ci.com/DNS-OARC/dnswire.svg?branch=develop)](https://travis-ci.com/DNS-OARC/dnswire) [![Total alerts](https://img.shields.io/lgtm/alerts/g/DNS-OARC/dnswire.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/DNS-OARC/dnswire/alerts/) [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3Adnswire&metric=bugs)](https://sonarcloud.io/dashboard?id=dns-oarc%3Adnswire) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3Adnswire&metric=security_rating)](https://sonarcloud.io/dashboard?id=dns-oarc%3Adnswire)
+[![Total alerts](https://img.shields.io/lgtm/alerts/g/DNS-OARC/dnswire.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/DNS-OARC/dnswire/alerts/) [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3Adnswire&metric=bugs)](https://sonarcloud.io/dashboard?id=dns-oarc%3Adnswire) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3Adnswire&metric=security_rating)](https://sonarcloud.io/dashboard?id=dns-oarc%3Adnswire)
**Currently Work in Progress!**
diff --git a/configure.ac b/configure.ac
index 87971aa..7d0d9a4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,9 +1,9 @@
AC_PREREQ(2.61)
-AC_INIT([dnswire], [0.2.0], [admin@dns-oarc.net], [dnswire], [https://github.com/DNS-OARC/dnswire/issues])
+AC_INIT([dnswire], [0.3.3], [admin@dns-oarc.net], [dnswire], [https://github.com/DNS-OARC/dnswire/issues])
AC_SUBST([DNSWIRE_VERSION_MAJOR], [0000])
-AC_SUBST([DNSWIRE_VERSION_MINOR], [0001])
-AC_SUBST([DNSWIRE_VERSION_PATCH], [0000])
-AC_SUBST([DNSWIRE_LIBRARY_VERSION], [0:1:0])
+AC_SUBST([DNSWIRE_VERSION_MINOR], [0003])
+AC_SUBST([DNSWIRE_VERSION_PATCH], [0003])
+AC_SUBST([DNSWIRE_LIBRARY_VERSION], [1:0:0])
AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
AC_CONFIG_SRCDIR([src/dnstap.c])
AC_CONFIG_HEADER([src/config.h])
diff --git a/rpm/dnswire.spec b/rpm/dnswire.spec
index d1135b7..b79bfc5 100644
--- a/rpm/dnswire.spec
+++ b/rpm/dnswire.spec
@@ -1,7 +1,7 @@
-%define sover 0
+%define sover 1
%define libname libdnswire%{sover}
Name: dnswire
-Version: 0.2.0
+Version: 0.3.3
Release: 1%{?dist}
Summary: library for DNS encapsulations and transporting of them
Group: Development/Libraries/C and C++
@@ -97,6 +97,35 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Wed Feb 02 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 0.3.3-1
+- Release 0.3.3
+ * This is a package only update release to correct mistakes in Debian/
+ Ubuntu packages.
+ * Replace/break all previous Debian/Ubuntu versions
+* Wed Feb 02 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 0.3.2-1
+- Release 0.3.2
+ * This is a package only update release to correct mistakes in Debian/
+ Ubuntu packages.
+ * Fix Debian/Ubuntu package replaces/breaks to solve filename conflicts
+ * Commits:
+ dea8e35 Deb packages
+ 8398f65 Deb packages
+* Tue Feb 01 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 0.3.1-1
+- Release 0.3.1
+ * This is a package only update release to correct mistakes in Debian/
+ Ubuntu packages.
+ * Bump SO version for Debian/Ubuntu
+* Wed Jan 26 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 0.3.0-1
+- Release 0.3.0
+ * This release updates the Protobuf definition for DNSTAP to include
+ new message types, new protocols and the new Policy object.
+ * Changes:
+ - Update debhelper compatibility level to 10
+ - Update to latest `dnstap.pb`, new message types, protocols and message policy
+ * Commits:
+ 87e7909 New dnstap.pb
+ f215476 debhelper
+ 20bf38f Bye Travis
* Fri Oct 23 2020 Jerry Lundström <lundstrom.jerry@gmail.com> 0.2.0-1
- Release 0.2.0
* This release fixes various issues and bugs in the API, fix typos and
diff --git a/src/dnstap.c b/src/dnstap.c
index c5275b7..4e49e64 100644
--- a/src/dnstap.c
+++ b/src/dnstap.c
@@ -41,6 +41,8 @@ const char* const DNSTAP_MESSAGE_TYPE_STRING[] = {
"STUB_RESPONSE",
"TOOL_QUERY",
"TOOL_RESPONSE",
+ "UPDATE_QUERY",
+ "UPDATE_RESPONSE",
};
const char* const DNSTAP_SOCKET_FAMILY_STRING[] = {
"UNKNOWN",
@@ -51,8 +53,38 @@ const char* const DNSTAP_SOCKET_PROTOCOL_STRING[] = {
"UNKNOWN",
"UDP",
"TCP",
+ "DOT",
+ "DOH",
+ "DNSCryptUDP",
+ "DNSCryptTCP",
+};
+const char* const DNSTAP_POLICY_ACTION_STRING[] = {
+ "UNKNOWN",
+ "NXDOMAIN",
+ "NODATA",
+ "PASS",
+ "DROP",
+ "TRUNCATE",
+ "LOCAL_DATA",
+};
+const char* const DNSTAP_POLICY_MATCH_STRING[] = {
+ "UNKNOWN",
+ "QNAME",
+ "CLIENT_IP",
+ "RESPONSE_IP",
+ "NS_NAME",
+ "NS_IP",
};
+void dnstap_message_clear_policy(struct dnstap* dnstap)
+{
+ static const Dnstap__Policy policy = DNSTAP__POLICY__INIT;
+ assert(dnstap);
+
+ dnstap->message.policy = 0;
+ dnstap->policy = policy;
+}
+
int dnstap_decode_protobuf(struct dnstap* dnstap, const uint8_t* data, size_t len)
{
assert(dnstap);
@@ -88,6 +120,8 @@ int dnstap_decode_protobuf(struct dnstap* dnstap, const uint8_t* data, size_t le
case DNSTAP_MESSAGE_TYPE_STUB_RESPONSE:
case DNSTAP_MESSAGE_TYPE_TOOL_QUERY:
case DNSTAP_MESSAGE_TYPE_TOOL_RESPONSE:
+ case DNSTAP_MESSAGE_TYPE_UPDATE_QUERY:
+ case DNSTAP_MESSAGE_TYPE_UPDATE_RESPONSE:
break;
default:
dnstap->message.type = (enum _Dnstap__Message__Type)DNSTAP_MESSAGE_TYPE_UNKNOWN;
@@ -105,11 +139,44 @@ int dnstap_decode_protobuf(struct dnstap* dnstap, const uint8_t* data, size_t le
switch (dnstap->message.socket_protocol) {
case DNSTAP_SOCKET_PROTOCOL_UDP:
case DNSTAP_SOCKET_PROTOCOL_TCP:
+ case DNSTAP_SOCKET_PROTOCOL_DOT:
+ case DNSTAP_SOCKET_PROTOCOL_DOH:
+ case DNSTAP_SOCKET_PROTOCOL_DNSCryptUDP:
+ case DNSTAP_SOCKET_PROTOCOL_DNSCryptTCP:
break;
default:
dnstap->message.has_socket_protocol = false;
dnstap->message.socket_protocol = (enum _Dnstap__SocketProtocol)DNSTAP_SOCKET_PROTOCOL_UNKNOWN;
}
+
+ if (dnstap->message.policy) {
+ dnstap->policy = *dnstap->message.policy;
+
+ switch (dnstap->policy.action) {
+ case DNSTAP_POLICY_ACTION_NXDOMAIN:
+ case DNSTAP_POLICY_ACTION_NODATA:
+ case DNSTAP_POLICY_ACTION_PASS:
+ case DNSTAP_POLICY_ACTION_DROP:
+ case DNSTAP_POLICY_ACTION_TRUNCATE:
+ case DNSTAP_POLICY_ACTION_LOCAL_DATA:
+ break;
+ default:
+ dnstap->policy.has_action = false;
+ dnstap->policy.action = (enum _Dnstap__Policy__Action)DNSTAP_POLICY_ACTION_UNKNOWN;
+ }
+
+ switch (dnstap->policy.match) {
+ case DNSTAP_POLICY_MATCH_QNAME:
+ case DNSTAP_POLICY_MATCH_CLIENT_IP:
+ case DNSTAP_POLICY_MATCH_RESPONSE_IP:
+ case DNSTAP_POLICY_MATCH_NS_NAME:
+ case DNSTAP_POLICY_MATCH_NS_IP:
+ break;
+ default:
+ dnstap->policy.has_match = false;
+ dnstap->policy.match = (enum _Dnstap__Policy__Match)DNSTAP_POLICY_MATCH_UNKNOWN;
+ }
+ }
}
return 0;
diff --git a/src/dnstap.fields b/src/dnstap.fields
index e38b6e5..26449d0 100644
--- a/src/dnstap.fields
+++ b/src/dnstap.fields
@@ -1,5 +1,5 @@
-dnstap dnstap identity string
-dnstap dnstap version string
+dnstap dnstap identity bytestring
+dnstap dnstap version bytestring
dnstap dnstap extra bytes
dnstap_message message socket_family enum dnstap_socket_family
dnstap_message message socket_protocol enum dnstap_socket_protocol
@@ -14,3 +14,8 @@ dnstap_message message query_zone bytes
dnstap_message message response_time_sec value uint64_t
dnstap_message message response_time_nsec value uint32_t
dnstap_message message response_message bytes
+dnstap_message_policy policy type string
+dnstap_message_policy policy rule bytes
+dnstap_message_policy policy action enum dnstap_policy_action
+dnstap_message_policy policy match enum dnstap_policy_match
+dnstap_message_policy policy value bytes
diff --git a/src/dnswire/dnstap.h b/src/dnswire/dnstap.h
index 97da495..7a01898 100644
--- a/src/dnswire/dnstap.h
+++ b/src/dnswire/dnstap.h
@@ -52,6 +52,8 @@ enum dnstap_message_type {
DNSTAP_MESSAGE_TYPE_STUB_RESPONSE = 10,
DNSTAP_MESSAGE_TYPE_TOOL_QUERY = 11,
DNSTAP_MESSAGE_TYPE_TOOL_RESPONSE = 12,
+ DNSTAP_MESSAGE_TYPE_UPDATE_QUERY = 13,
+ DNSTAP_MESSAGE_TYPE_UPDATE_RESPONSE = 14,
};
extern const char* const DNSTAP_MESSAGE_TYPE_STRING[];
@@ -63,15 +65,42 @@ enum dnstap_socket_family {
extern const char* const DNSTAP_SOCKET_FAMILY_STRING[];
enum dnstap_socket_protocol {
- DNSTAP_SOCKET_PROTOCOL_UNKNOWN = 0,
- DNSTAP_SOCKET_PROTOCOL_UDP = 1,
- DNSTAP_SOCKET_PROTOCOL_TCP = 2,
+ DNSTAP_SOCKET_PROTOCOL_UNKNOWN = 0,
+ DNSTAP_SOCKET_PROTOCOL_UDP = 1,
+ DNSTAP_SOCKET_PROTOCOL_TCP = 2,
+ DNSTAP_SOCKET_PROTOCOL_DOT = 3,
+ DNSTAP_SOCKET_PROTOCOL_DOH = 4,
+ DNSTAP_SOCKET_PROTOCOL_DNSCryptUDP = 5,
+ DNSTAP_SOCKET_PROTOCOL_DNSCryptTCP = 6,
};
extern const char* const DNSTAP_SOCKET_PROTOCOL_STRING[];
+enum dnstap_policy_action {
+ DNSTAP_POLICY_ACTION_UNKNOWN = 0,
+ DNSTAP_POLICY_ACTION_NXDOMAIN = 1,
+ DNSTAP_POLICY_ACTION_NODATA = 2,
+ DNSTAP_POLICY_ACTION_PASS = 3,
+ DNSTAP_POLICY_ACTION_DROP = 4,
+ DNSTAP_POLICY_ACTION_TRUNCATE = 5,
+ DNSTAP_POLICY_ACTION_LOCAL_DATA = 6,
+};
+extern const char* const DNSTAP_POLICY_ACTION_STRING[];
+
+enum dnstap_policy_match {
+ DNSTAP_POLICY_MATCH_UNKNOWN = 0,
+ DNSTAP_POLICY_MATCH_QNAME = 1,
+ DNSTAP_POLICY_MATCH_CLIENT_IP = 2,
+ DNSTAP_POLICY_MATCH_RESPONSE_IP = 3,
+ DNSTAP_POLICY_MATCH_NS_NAME = 4,
+ DNSTAP_POLICY_MATCH_NS_IP = 5,
+};
+extern const char* const DNSTAP_POLICY_MATCH_STRING[];
+
struct dnstap {
Dnstap__Dnstap dnstap;
Dnstap__Message message;
+ Dnstap__Policy policy;
+ bool _policy_type_alloced;
Dnstap__Dnstap* unpacked_dnstap;
};
@@ -80,6 +109,7 @@ struct dnstap {
{ \
.dnstap = DNSTAP__DNSTAP__INIT, \
.message = DNSTAP__MESSAGE__INIT, \
+ .policy = DNSTAP__POLICY__INIT, \
.unpacked_dnstap = 0, \
}
@@ -140,6 +170,39 @@ struct dnstap {
(d).message.socket_protocol = (enum _Dnstap__SocketProtocol)DNSTAP_MESSAGE_TYPE_UNKNOWN; \
}
+#define dnstap_message_has_policy(d) ((d).dnstap.message->policy != 0)
+#define dnstap_message_use_policy(d) (d).dnstap.message->policy = &(d).policy
+void dnstap_message_clear_policy(struct dnstap*);
+#define dnstap_message_policy_set_action(d, v) \
+ switch (v) { \
+ case DNSTAP_POLICY_ACTION_NXDOMAIN: \
+ case DNSTAP_POLICY_ACTION_NODATA: \
+ case DNSTAP_POLICY_ACTION_PASS: \
+ case DNSTAP_POLICY_ACTION_DROP: \
+ case DNSTAP_POLICY_ACTION_TRUNCATE: \
+ case DNSTAP_POLICY_ACTION_LOCAL_DATA: \
+ (d).policy.has_action = true; \
+ (d).policy.action = (enum _Dnstap__Policy__Action)v; \
+ break; \
+ default: \
+ (d).policy.has_action = false; \
+ (d).policy.action = (enum _Dnstap__Policy__Action)DNSTAP_POLICY_ACTION_UNKNOWN; \
+ }
+#define dnstap_message_policy_set_match(d, v) \
+ switch (v) { \
+ case DNSTAP_POLICY_MATCH_QNAME: \
+ case DNSTAP_POLICY_MATCH_CLIENT_IP: \
+ case DNSTAP_POLICY_MATCH_RESPONSE_IP: \
+ case DNSTAP_POLICY_MATCH_NS_NAME: \
+ case DNSTAP_POLICY_MATCH_NS_IP: \
+ (d).policy.has_match = true; \
+ (d).policy.match = (enum _Dnstap__Policy__Match)v; \
+ break; \
+ default: \
+ (d).policy.has_match = false; \
+ (d).policy.match = (enum _Dnstap__Policy__Match)DNSTAP_POLICY_MATCH_UNKNOWN; \
+ }
+
int dnstap_decode_protobuf(struct dnstap*, const uint8_t*, size_t);
// int dnstap_decode_cbor(struct dnstap*, const uint8_t*, size_t);
diff --git a/src/gen-macros.sh b/src/gen-macros.sh
index 190d74a..a7d74c2 100755
--- a/src/gen-macros.sh
+++ b/src/gen-macros.sh
@@ -1,11 +1,24 @@
#!/bin/sh -e
echo "/* autogenerated, don't edit */"
+echo "#include <string.h>"
+echo "#include <stdlib.h>"
while read prefix base name type typedef; do
echo "// $base.$name ($type)"
case "$type" in
string )
+ echo "#define ${prefix}_has_${name}(d) ((d).${base}.${name} != 0)
+#define ${prefix}_${name}(d) (const char*)((d).${base}.${name})
+#define ${prefix}_${name}_length(d) strlen((d).${base}.${name})
+#define ${prefix}_set_${name}(d, v) \
+ if ((d)._${base}_${name}_alloced) { \
+ free((d).${base}.${name}); \
+ } \
+ (d).${base}.${name} = strdup(v); \
+ (d)._${base}_${name}_alloced = true;"
+ ;;
+ bytestring )
echo "#define ${prefix}_has_${name}(d) (bool)((d).${base}.has_${name})
#define ${prefix}_${name}(d) (const uint8_t*)((d).${base}.${name}.data)
#define ${prefix}_${name}_length(d) (size_t)((d).${base}.${name}.len)
diff --git a/src/test/create_dnstap.c b/src/test/create_dnstap.c
index 9fbd4a8..b1f00ff 100644
--- a/src/test/create_dnstap.c
+++ b/src/test/create_dnstap.c
@@ -12,6 +12,7 @@
static char dns_wire_format_placeholder[] = "dns_wire_format_placeholder";
static unsigned char query_address[sizeof(struct in_addr)];
static unsigned char response_address[sizeof(struct in_addr)];
+static char policy_value[] = "bad.ns.name";
static inline void create_dnstap(struct dnstap* d, const char* identity)
{
@@ -48,4 +49,10 @@ static inline void create_dnstap(struct dnstap* d, const char* identity)
dnstap_message_set_query_message(*d, dns_wire_format_placeholder, sizeof(dns_wire_format_placeholder) - 1);
dnstap_message_set_response_message(*d, dns_wire_format_placeholder, sizeof(dns_wire_format_placeholder) - 1);
+
+ dnstap_message_use_policy(*d);
+ dnstap_message_policy_set_type(*d, "RPZ");
+ dnstap_message_policy_set_action(*d, DNSTAP_POLICY_ACTION_DROP);
+ dnstap_message_policy_set_match(*d, DNSTAP_POLICY_MATCH_NS_NAME);
+ dnstap_message_policy_set_value(*d, policy_value, sizeof(policy_value) - 1);
}
diff --git a/src/test/print_dnstap.c b/src/test/print_dnstap.c
index b758119..109677b 100644
--- a/src/test/print_dnstap.c
+++ b/src/test/print_dnstap.c
@@ -111,6 +111,26 @@ static void print_dnstap(const struct dnstap* d)
printf(" response_message_length: %zu\n", dnstap_message_response_message_length(*d));
printf(" response_message: %s\n", printable_string(dnstap_message_response_message(*d), dnstap_message_response_message_length(*d)));
}
+
+ if (dnstap_message_has_policy(*d)) {
+ printf(" policy:\n");
+
+ if (dnstap_message_policy_has_type(*d)) {
+ printf(" type: %s\n", dnstap_message_policy_type(*d));
+ }
+ if (dnstap_message_policy_has_rule(*d)) {
+ printf(" rule: %s\n", printable_string(dnstap_message_policy_rule(*d), dnstap_message_policy_rule_length(*d)));
+ }
+ if (dnstap_message_policy_has_action(*d)) {
+ printf(" action: %s\n", DNSTAP_POLICY_ACTION_STRING[dnstap_message_policy_action(*d)]);
+ }
+ if (dnstap_message_policy_has_match(*d)) {
+ printf(" match: %s\n", DNSTAP_POLICY_MATCH_STRING[dnstap_message_policy_match(*d)]);
+ }
+ if (dnstap_message_policy_has_value(*d)) {
+ printf(" value: %s\n", printable_string(dnstap_message_policy_value(*d), dnstap_message_policy_value_length(*d)));
+ }
+ }
}
printf("----\n");
diff --git a/src/test/test3.gold b/src/test/test3.gold
index a6e5c22..c86c86d 100644
--- a/src/test/test3.gold
+++ b/src/test/test3.gold
@@ -1,4 +1,4 @@
-read 322
+read 370
---- dnstap
identity: writer_write-1
message:
@@ -13,6 +13,11 @@ message:
query_message: dns_wire_format_placeholder
response_message_length: 27
response_message: dns_wire_format_placeholder
+ policy:
+ type: RPZ
+ action: DROP
+ match: NS_NAME
+ value: bad.ns.name
----
---- dnstap
identity: writer_write-2
@@ -28,4 +33,9 @@ message:
query_message: dns_wire_format_placeholder
response_message_length: 27
response_message: dns_wire_format_placeholder
+ policy:
+ type: RPZ
+ action: DROP
+ match: NS_NAME
+ value: bad.ns.name
----
diff --git a/src/test/test4.gold b/src/test/test4.gold
index f6c9f7f..36523e4 100644
--- a/src/test/test4.gold
+++ b/src/test/test4.gold
@@ -12,6 +12,11 @@ message:
query_message: dns_wire_format_placeholder
response_message_length: 27
response_message: dns_wire_format_placeholder
+ policy:
+ type: RPZ
+ action: DROP
+ match: NS_NAME
+ value: bad.ns.name
----
---- dnstap
identity: writer_pop-2
@@ -27,4 +32,9 @@ message:
query_message: dns_wire_format_placeholder
response_message_length: 27
response_message: dns_wire_format_placeholder
+ policy:
+ type: RPZ
+ action: DROP
+ match: NS_NAME
+ value: bad.ns.name
----
diff --git a/src/test/test5.gold b/src/test/test5.gold
index 86404aa..3042714 100644
--- a/src/test/test5.gold
+++ b/src/test/test5.gold
@@ -12,6 +12,11 @@ message:
query_message: dns_wire_format_placeholder
response_message_length: 27
response_message: dns_wire_format_placeholder
+ policy:
+ type: RPZ
+ action: DROP
+ match: NS_NAME
+ value: bad.ns.name
----
---- dnstap
identity: writer_reader_unixsock-2
@@ -27,4 +32,9 @@ message:
query_message: dns_wire_format_placeholder
response_message_length: 27
response_message: dns_wire_format_placeholder
+ policy:
+ type: RPZ
+ action: DROP
+ match: NS_NAME
+ value: bad.ns.name
----
diff --git a/src/test/test_dnstap.c b/src/test/test_dnstap.c
index fd199f8..eec0049 100644
--- a/src/test/test_dnstap.c
+++ b/src/test/test_dnstap.c
@@ -27,7 +27,7 @@ int main(void)
d.dnstap.type = (enum _Dnstap__Dnstap__Type)DNSTAP_TYPE_MESSAGE;
// invalid message.type
- d.message.type = (enum _Dnstap__Message__Type)(DNSTAP_MESSAGE_TYPE_TOOL_RESPONSE + 1);
+ d.message.type = (enum _Dnstap__Message__Type)(DNSTAP_MESSAGE_TYPE_UPDATE_RESPONSE + 1);
s = dnstap_encode_protobuf_size(&d);
assert(s < sizeof(buf));
assert(dnstap_encode_protobuf(&d, buf) == s);
@@ -47,7 +47,7 @@ int main(void)
d.message.socket_family = (enum _Dnstap__SocketFamily)DNSTAP_SOCKET_FAMILY_INET;
// invalid message.socket_protocol
- d.message.socket_protocol = (enum _Dnstap__SocketProtocol)(DNSTAP_SOCKET_PROTOCOL_TCP + 1);
+ d.message.socket_protocol = (enum _Dnstap__SocketProtocol)(DNSTAP_SOCKET_PROTOCOL_DNSCryptTCP + 1);
s = dnstap_encode_protobuf_size(&d);
assert(s < sizeof(buf));
assert(dnstap_encode_protobuf(&d, buf) == s);