From 1199ca4ab2267cecc2e3547bf4379caa293964b5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Feb 2022 04:06:40 +0000 Subject: [PATCH 1/7] chore(deps): bump trust-dns-proto from 0.20.4 to 0.21.1 Bumps [trust-dns-proto](https://github.com/bluejekyll/trust-dns) from 0.20.4 to 0.21.1. - [Release notes](https://github.com/bluejekyll/trust-dns/releases) - [Changelog](https://github.com/bluejekyll/trust-dns/blob/main/CHANGELOG.md) - [Commits](https://github.com/bluejekyll/trust-dns/compare/v0.20.4...v0.21.1) --- updated-dependencies: - dependency-name: trust-dns-proto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Cargo.lock | 47 ++++++++++++++++++++++++++++++++---- Cargo.toml | 2 +- lib/dnsmsg-parser/Cargo.toml | 2 +- 3 files changed, 44 insertions(+), 7 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2e83aa8bb7914..ac182886339fb 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2042,7 +2042,7 @@ dependencies = [ "criterion", "data-encoding", "thiserror", - "trust-dns-proto", + "trust-dns-proto 0.21.1", ] [[package]] @@ -2156,6 +2156,18 @@ dependencies = [ "syn 1.0.84", ] +[[package]] +name = "enum-as-inner" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21cdad81446a7f7dc43f6a77409efeb9733d2fa65553efef6018ef257c959b73" +dependencies = [ + "heck 0.4.0", + "proc-macro2 1.0.32", + "quote 1.0.10", + "syn 1.0.84", +] + [[package]] name = "enumflags2" version = "0.7.3" @@ -4187,7 +4199,7 @@ dependencies = [ "tokio", "tokio-rustls", "tokio-util 0.6.8", - "trust-dns-proto", + "trust-dns-proto 0.20.4", "trust-dns-resolver", "typed-builder 0.9.1", "uuid", @@ -7939,7 +7951,32 @@ dependencies = [ "async-trait", "cfg-if 1.0.0", "data-encoding", - "enum-as-inner", + "enum-as-inner 0.3.3", + "futures-channel", + "futures-io", + "futures-util", + "idna", + "ipnet", + "lazy_static", + "log", + "rand 0.8.5", + "smallvec", + "thiserror", + "tinyvec", + "tokio", + "url", +] + +[[package]] +name = "trust-dns-proto" +version = "0.21.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2861b3ed517888174d13909e675c4e94b3291867512068be59d76533e4d1270c" +dependencies = [ + "async-trait", + "cfg-if 1.0.0", + "data-encoding", + "enum-as-inner 0.4.0", "futures-channel", "futures-io", "futures-util", @@ -7972,7 +8009,7 @@ dependencies = [ "smallvec", "thiserror", "tokio", - "trust-dns-proto", + "trust-dns-proto 0.20.4", ] [[package]] @@ -8469,7 +8506,7 @@ dependencies = [ "tracing-log", "tracing-subscriber", "tracing-tower", - "trust-dns-proto", + "trust-dns-proto 0.21.1", "tui", "typetag", "url", diff --git a/Cargo.toml b/Cargo.toml index cce0177e2cbc2..6f767ec81215c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -282,7 +282,7 @@ tikv-jemallocator = { version = "0.4.3", default-features = false, optional = tr tokio-postgres = { version = "0.7.4", default-features = false, features = ["runtime", "with-chrono-0_4"], optional = true } toml = { version = "0.5.8", default-features = false } tonic = { version = "0.6", optional = true, default-features = false, features = ["transport", "codegen", "prost", "tls"] } -trust-dns-proto = { version = "0.20", features = ["dnssec"], optional = true } +trust-dns-proto = { version = "0.21", features = ["dnssec"], optional = true } typetag = { version = "0.1.8", default-features = false } url = { version = "2.2.2", default-features = false, features = ["serde"] } uuid = { version = "0.8.2", default-features = false, features = ["serde", "v4"] } diff --git a/lib/dnsmsg-parser/Cargo.toml b/lib/dnsmsg-parser/Cargo.toml index 7422a6482f538..817bfad83fe79 100644 --- a/lib/dnsmsg-parser/Cargo.toml +++ b/lib/dnsmsg-parser/Cargo.toml @@ -9,7 +9,7 @@ license = "MIT" [dependencies] data-encoding = "2.2" thiserror = "1.0" -trust-dns-proto = { version = "0.20", features = ["dnssec"] } +trust-dns-proto = { version = "0.21", features = ["dnssec"] } [dev-dependencies] criterion = "0.3" From e0561104845efb92fcefb3470b38d26bdfcaa112 Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Mon, 28 Feb 2022 15:09:08 -0800 Subject: [PATCH 2/7] Bring up to date with breaking changes Signed-off-by: Jesse Szwedko --- lib/dnsmsg-parser/src/dns_message.rs | 6 +- lib/dnsmsg-parser/src/dns_message_parser.rs | 431 ++++++++------------ src/sources/dnstap/parser.rs | 73 ++-- 3 files changed, 193 insertions(+), 317 deletions(-) diff --git a/lib/dnsmsg-parser/src/dns_message.rs b/lib/dnsmsg-parser/src/dns_message.rs index a56bbe59672ff..cd6e246f40ec7 100644 --- a/lib/dnsmsg-parser/src/dns_message.rs +++ b/lib/dnsmsg-parser/src/dns_message.rs @@ -1,3 +1,5 @@ +use trust_dns_proto::op::ResponseCode; + pub(super) const RTYPE_MB: u16 = 7; pub(super) const RTYPE_MG: u16 = 8; pub(super) const RTYPE_MR: u16 = 9; @@ -36,7 +38,7 @@ pub struct DnsQueryMessage { pub struct QueryHeader { pub id: u16, pub opcode: u8, - pub rcode: u8, + pub rcode: ResponseCode, pub qr: u8, pub aa: bool, pub tc: bool, @@ -65,7 +67,7 @@ pub struct DnsUpdateMessage { pub struct UpdateHeader { pub id: u16, pub opcode: u8, - pub rcode: u8, + pub rcode: ResponseCode, pub qr: u8, pub zone_count: u16, pub prerequisite_count: u16, diff --git a/lib/dnsmsg-parser/src/dns_message_parser.rs b/lib/dnsmsg-parser/src/dns_message_parser.rs index 30aef0c188982..68512e9b40e4d 100644 --- a/lib/dnsmsg-parser/src/dns_message_parser.rs +++ b/lib/dnsmsg-parser/src/dns_message_parser.rs @@ -149,10 +149,13 @@ impl DnsMessageParser { } fn parse_dns_record(&mut self, record: &Record) -> DnsParserResult { - let record_data = match record.rdata() { - RData::Unknown { code, rdata } => self.format_unknown_rdata(*code, rdata)?, - _ => format_rdata(record.rdata())?, - }; + let record_data = match record.data() { + Some(RData::Unknown { code, rdata }) => self.format_unknown_rdata(*code, rdata), + Some(rdata) => format_rdata(rdata), + None => Err(DnsMessageParserError::SimpleError { + cause: String::from("Empty rdata"), + }), + }?; Ok(DnsRecord { name: record.name().to_string(), @@ -338,290 +341,182 @@ impl DnsMessageParser { rdata: &NULL, ) -> DnsParserResult<(Option, Option>)> { match code { - dns_message::RTYPE_MB => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let madname = parse_domain_name(&mut decoder)?; - Ok((Some(madname.to_string()), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty MB rdata"), - }), - }, + dns_message::RTYPE_MB => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let madname = parse_domain_name(&mut decoder)?; + Ok((Some(madname.to_string()), None)) + } - dns_message::RTYPE_MG => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let mgname = parse_domain_name(&mut decoder)?; - Ok((Some(mgname.to_string()), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty MG rdata"), - }), - }, + dns_message::RTYPE_MG => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let mgname = parse_domain_name(&mut decoder)?; + Ok((Some(mgname.to_string()), None)) + } - dns_message::RTYPE_MR => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let newname = parse_domain_name(&mut decoder)?; - Ok((Some(newname.to_string()), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty MR rdata"), - }), - }, + dns_message::RTYPE_MR => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let newname = parse_domain_name(&mut decoder)?; + Ok((Some(newname.to_string()), None)) + } - dns_message::RTYPE_WKS => match rdata.anything() { - Some(raw_rdata) => self.parse_wks_rdata(raw_rdata), - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty WKS rdata"), - }), - }, + dns_message::RTYPE_WKS => self.parse_wks_rdata(rdata.anything()), + + dns_message::RTYPE_HINFO => { + let mut decoder = BinDecoder::new(rdata.anything()); + let cpu = parse_character_string(&mut decoder)?; + let os = parse_character_string(&mut decoder)?; + Ok(( + Some(format!( + "\"{}\" \"{}\"", + escape_string_for_text_representation(cpu), + escape_string_for_text_representation(os) + )), + None, + )) + } - dns_message::RTYPE_HINFO => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = BinDecoder::new(raw_rdata); - let cpu = parse_character_string(&mut decoder)?; - let os = parse_character_string(&mut decoder)?; - Ok(( - Some(format!( - "\"{}\" \"{}\"", - escape_string_for_text_representation(cpu), - escape_string_for_text_representation(os) - )), - None, - )) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty HINFO rdata"), - }), - }, + dns_message::RTYPE_MINFO => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let rmailbx = parse_domain_name(&mut decoder)?; + let emailbx = parse_domain_name(&mut decoder)?; + Ok((Some(format!("{} {}", rmailbx, emailbx)), None)) + } - dns_message::RTYPE_MINFO => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let rmailbx = parse_domain_name(&mut decoder)?; - let emailbx = parse_domain_name(&mut decoder)?; - Ok((Some(format!("{} {}", rmailbx, emailbx)), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty MINFO rdata"), - }), - }, + dns_message::RTYPE_RP => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let mbox = parse_domain_name(&mut decoder)?; + let txt = parse_domain_name(&mut decoder)?; + Ok((Some(format!("{} {}", mbox, txt)), None)) + } - dns_message::RTYPE_RP => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let mbox = parse_domain_name(&mut decoder)?; - let txt = parse_domain_name(&mut decoder)?; - Ok((Some(format!("{} {}", mbox, txt)), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty RP rdata"), - }), - }, + dns_message::RTYPE_AFSDB => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let subtype = parse_u16(&mut decoder)?; + let hostname = parse_domain_name(&mut decoder)?; + Ok((Some(format!("{} {}", subtype, hostname)), None)) + } - dns_message::RTYPE_AFSDB => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let subtype = parse_u16(&mut decoder)?; - let hostname = parse_domain_name(&mut decoder)?; - Ok((Some(format!("{} {}", subtype, hostname)), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty AFSDB rdata"), - }), - }, + dns_message::RTYPE_X25 => { + let mut decoder = BinDecoder::new(rdata.anything()); + let psdn_address = parse_character_string(&mut decoder)?; + Ok(( + Some(format!( + "\"{}\"", + escape_string_for_text_representation(psdn_address) + )), + None, + )) + } - dns_message::RTYPE_X25 => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = BinDecoder::new(raw_rdata); - let psdn_address = parse_character_string(&mut decoder)?; + dns_message::RTYPE_ISDN => { + let mut decoder = BinDecoder::new(rdata.anything()); + let address = parse_character_string(&mut decoder)?; + if decoder.is_empty() { Ok(( Some(format!( "\"{}\"", - escape_string_for_text_representation(psdn_address) + escape_string_for_text_representation(address) + )), + None, + )) + } else { + let sub_address = parse_character_string(&mut decoder)?; + Ok(( + Some(format!( + "\"{}\" \"{}\"", + escape_string_for_text_representation(address), + escape_string_for_text_representation(sub_address) )), None, )) } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty X25 rdata"), - }), - }, - - dns_message::RTYPE_ISDN => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = BinDecoder::new(raw_rdata); - let address = parse_character_string(&mut decoder)?; - if decoder.is_empty() { - Ok(( - Some(format!( - "\"{}\"", - escape_string_for_text_representation(address) - )), - None, - )) - } else { - let sub_address = parse_character_string(&mut decoder)?; - Ok(( - Some(format!( - "\"{}\" \"{}\"", - escape_string_for_text_representation(address), - escape_string_for_text_representation(sub_address) - )), - None, - )) - } - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty ISDN rdata"), - }), - }, - - dns_message::RTYPE_RT => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let preference = parse_u16(&mut decoder)?; - let intermediate_host = parse_domain_name(&mut decoder)?; - Ok((Some(format!("{} {}", preference, intermediate_host)), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty RT rdata"), - }), - }, - - dns_message::RTYPE_NSAP => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = BinDecoder::new(raw_rdata); - let rdata_len = raw_rdata.len() as u16; - let nsap_rdata = - HEXUPPER.encode(&parse_vec_with_u16_len(&mut decoder, rdata_len)?); - Ok((Some(format!("0x{}", nsap_rdata)), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty NSAP rdata"), - }), - }, + } - dns_message::RTYPE_PX => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let preference = parse_u16(&mut decoder)?; - let map822 = parse_domain_name(&mut decoder)?; - let mapx400 = parse_domain_name(&mut decoder)?; - Ok((Some(format!("{} {} {}", preference, map822, mapx400)), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty PX rdata"), - }), - }, + dns_message::RTYPE_RT => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let preference = parse_u16(&mut decoder)?; + let intermediate_host = parse_domain_name(&mut decoder)?; + Ok((Some(format!("{} {}", preference, intermediate_host)), None)) + } - dns_message::RTYPE_LOC => match rdata.anything() { - Some(raw_rdata) => self.parse_loc_rdata(raw_rdata), - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty LOC rdata"), - }), - }, + dns_message::RTYPE_NSAP => { + let raw_rdata = rdata.anything(); + let mut decoder = BinDecoder::new(raw_rdata); + let rdata_len = raw_rdata.len() as u16; + let nsap_rdata = HEXUPPER.encode(&parse_vec_with_u16_len(&mut decoder, rdata_len)?); + Ok((Some(format!("0x{}", nsap_rdata)), None)) + } - dns_message::RTYPE_KX => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = self.get_rdata_decoder_with_raw_message(raw_rdata); - let preference = parse_u16(&mut decoder)?; - let exchanger = parse_domain_name(&mut decoder)?; - Ok((Some(format!("{} {}", preference, exchanger)), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty KX rdata"), - }), - }, + dns_message::RTYPE_PX => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let preference = parse_u16(&mut decoder)?; + let map822 = parse_domain_name(&mut decoder)?; + let mapx400 = parse_domain_name(&mut decoder)?; + Ok((Some(format!("{} {} {}", preference, map822, mapx400)), None)) + } - dns_message::RTYPE_CERT => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = BinDecoder::new(raw_rdata); - let cert_type = parse_u16(&mut decoder)?; - let key_tag = parse_u16(&mut decoder)?; - let algorithm = Algorithm::from_u8(parse_u8(&mut decoder)?).as_str(); - let crl_len = raw_rdata.len() as u16 - 5; - let crl = BASE64.encode(&parse_vec_with_u16_len(&mut decoder, crl_len)?); - Ok(( - Some(format!("{} {} {} {}", cert_type, key_tag, algorithm, crl)), - None, - )) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty CERT rdata"), - }), - }, + dns_message::RTYPE_LOC => self.parse_loc_rdata(rdata.anything()), - dns_message::RTYPE_A6 => match rdata.anything() { - Some(raw_rdata) => self.parse_a6_rdata(raw_rdata), - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty A6 rdata"), - }), - }, + dns_message::RTYPE_KX => { + let mut decoder = self.get_rdata_decoder_with_raw_message(rdata.anything()); + let preference = parse_u16(&mut decoder)?; + let exchanger = parse_domain_name(&mut decoder)?; + Ok((Some(format!("{} {}", preference, exchanger)), None)) + } - dns_message::RTYPE_SINK => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = BinDecoder::new(raw_rdata); - let meaning = parse_u8(&mut decoder)?; - let coding = parse_u8(&mut decoder)?; - let subcoding = parse_u8(&mut decoder)?; - let data_len = raw_rdata.len() as u16 - 3; - let data = BASE64.encode(&parse_vec_with_u16_len(&mut decoder, data_len)?); + dns_message::RTYPE_CERT => { + let raw_rdata = rdata.anything(); + let mut decoder = BinDecoder::new(raw_rdata); + let cert_type = parse_u16(&mut decoder)?; + let key_tag = parse_u16(&mut decoder)?; + let algorithm = Algorithm::from_u8(parse_u8(&mut decoder)?).as_str(); + let crl_len = raw_rdata.len() as u16 - 5; + let crl = BASE64.encode(&parse_vec_with_u16_len(&mut decoder, crl_len)?); + Ok(( + Some(format!("{} {} {} {}", cert_type, key_tag, algorithm, crl)), + None, + )) + } - Ok(( - Some(format!("{} {} {} {}", meaning, coding, subcoding, data)), - None, - )) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty SINK rdata"), - }), - }, + dns_message::RTYPE_A6 => self.parse_a6_rdata(rdata.anything()), + + dns_message::RTYPE_SINK => { + let raw_rdata = rdata.anything(); + let mut decoder = BinDecoder::new(raw_rdata); + let meaning = parse_u8(&mut decoder)?; + let coding = parse_u8(&mut decoder)?; + let subcoding = parse_u8(&mut decoder)?; + let data_len = raw_rdata.len() as u16 - 3; + let data = BASE64.encode(&parse_vec_with_u16_len(&mut decoder, data_len)?); + + Ok(( + Some(format!("{} {} {} {}", meaning, coding, subcoding, data)), + None, + )) + } - dns_message::RTYPE_APL => match rdata.anything() { - Some(raw_rdata) => self.parse_apl_rdata(raw_rdata), - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty APL rdata"), - }), - }, + dns_message::RTYPE_APL => self.parse_apl_rdata(rdata.anything()), - dns_message::RTYPE_DHCID => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = BinDecoder::new(raw_rdata); - let raw_data_len = raw_rdata.len() as u16; - let digest = - BASE64.encode(&parse_vec_with_u16_len(&mut decoder, raw_data_len)?); - Ok((Some(digest), None)) - } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty DHCID rdata"), - }), - }, + dns_message::RTYPE_DHCID => { + let raw_rdata = rdata.anything(); + let mut decoder = BinDecoder::new(raw_rdata); + let raw_data_len = raw_rdata.len() as u16; + let digest = BASE64.encode(&parse_vec_with_u16_len(&mut decoder, raw_data_len)?); + Ok((Some(digest), None)) + } - dns_message::RTYPE_SPF => match rdata.anything() { - Some(raw_rdata) => { - let mut decoder = BinDecoder::new(raw_rdata); - let mut text = String::new(); - while !decoder.is_empty() { - text.push('\"'); - text.push_str(&parse_character_string(&mut decoder)?); - text.push_str("\" "); - } - Ok((Some(text.trim_end().to_string()), None)) + dns_message::RTYPE_SPF => { + let mut decoder = BinDecoder::new(rdata.anything()); + let mut text = String::new(); + while !decoder.is_empty() { + text.push('\"'); + text.push_str(&parse_character_string(&mut decoder)?); + text.push_str("\" "); } - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty SPF rdata"), - }), - }, + Ok((Some(text.trim_end().to_string()), None)) + } - _ => match rdata.anything() { - Some(raw_rdata) => Ok((None, Some(raw_rdata.to_vec()))), - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty rdata"), - }), - }, + _ => Ok((None, Some(rdata.anything().to_vec()))), } } } @@ -636,10 +531,7 @@ fn format_rdata(rdata: &RData) -> DnsParserResult<(Option, Option match null.anything() { - Some(raw_rdata) => Ok((Some(BASE64.encode(raw_rdata)), None)), - None => Ok((Some(String::from("")), None)), - }, + RData::NULL(null) => Ok((Some(BASE64.encode(null.anything())), None)), RData::NS(ns) => Ok((Some(ns.to_string()), None)), RData::OPENPGPKEY(key) => { if let Ok(key_string) = String::from_utf8(Vec::from(key.public_key())) { @@ -851,12 +743,7 @@ fn format_rdata(rdata: &RData) -> DnsParserResult<(Option, Option match rdata.anything() { - Some(raw_rdata) => Ok((None, Some(raw_rdata.to_vec()))), - None => Err(DnsMessageParserError::SimpleError { - cause: format!("Empty rdata with rcode {}", code), - }), - }, + DNSSECRData::Unknown { code: _, rdata } => Ok((None, Some(rdata.anything().to_vec()))), _ => Err(DnsMessageParserError::SimpleError { cause: format!("Unsupported rdata {:?}", rdata), }), @@ -952,6 +839,8 @@ fn parse_edns_options(edns: &Edns) -> Vec { | EdnsOption::DHU(algorithms) | EdnsOption::N3U(algorithms) => parse_edns_opt_dnssec_algorithms(*code, *algorithms), EdnsOption::Unknown(_, opt_data) => parse_edns_opt(*code, opt_data), + + _ => panic!("TODO"), }) .collect() } diff --git a/src/sources/dnstap/parser.rs b/src/sources/dnstap/parser.rs index 52ea3a5007c81..ebd782fa796b7 100644 --- a/src/sources/dnstap/parser.rs +++ b/src/sources/dnstap/parser.rs @@ -208,7 +208,7 @@ impl<'a> DnstapParser<'a> { if let Some(query_port) = dnstap_message.query_port { self.insert( self.event_schema.dnstap_message_schema().query_port(), - query_port as i64, + query_port, ); } @@ -230,7 +230,7 @@ impl<'a> DnstapParser<'a> { if let Some(response_port) = dnstap_message.response_port { self.insert( self.event_schema.dnstap_message_schema().response_port(), - response_port as i64, + response_port, ); } } @@ -253,7 +253,7 @@ impl<'a> DnstapParser<'a> { self.event_schema .dnstap_message_schema() .dnstap_message_type_id(), - dnstap_message_type_id as i64, + dnstap_message_type_id, ); self.insert( @@ -490,7 +490,7 @@ impl<'a> DnstapParser<'a> { self.insert( self.event_schema.dns_query_message_schema().response_code(), - msg.response_code as i64, + msg.response_code, ); if let Some(response) = msg.response { @@ -548,25 +548,19 @@ impl<'a> DnstapParser<'a> { self.parent_key_path .push(PathComponent::Key(parent_key.into())); - self.insert( - self.event_schema.dns_query_header_schema().id(), - header.id as i64, - ); + self.insert(self.event_schema.dns_query_header_schema().id(), header.id); self.insert( self.event_schema.dns_query_header_schema().opcode(), - header.opcode as i64, + header.opcode, ); self.insert( self.event_schema.dns_query_header_schema().rcode(), - header.rcode as i64, + u16::from(header.rcode), ); - self.insert( - self.event_schema.dns_query_header_schema().qr(), - header.qr as i64, - ); + self.insert(self.event_schema.dns_query_header_schema().qr(), header.qr); self.insert( self.event_schema.dns_query_header_schema().aa(), @@ -600,26 +594,26 @@ impl<'a> DnstapParser<'a> { self.insert( self.event_schema.dns_query_header_schema().question_count(), - header.question_count as i64, + header.question_count, ); self.insert( self.event_schema.dns_query_header_schema().answer_count(), - header.answer_count as i64, + header.answer_count, ); self.insert( self.event_schema .dns_query_header_schema() .authority_count(), - header.authority_count as i64, + header.authority_count, ); self.insert( self.event_schema .dns_query_header_schema() .additional_count(), - header.additional_count as i64, + header.additional_count, ); self.parent_key_path.pop(); @@ -659,7 +653,7 @@ impl<'a> DnstapParser<'a> { self.event_schema .dns_query_question_schema() .question_type_id(), - question.record_type_id as i64, + question.record_type_id, ); self.insert( self.event_schema.dns_query_question_schema().class(), @@ -681,7 +675,7 @@ impl<'a> DnstapParser<'a> { self.event_schema .dns_update_message_schema() .response_code(), - msg.response_code as i64, + msg.response_code, ); if let Some(response) = msg.response { @@ -730,48 +724,42 @@ impl<'a> DnstapParser<'a> { self.parent_key_path .push(PathComponent::Key(key_prefix.into())); - self.insert( - self.event_schema.dns_update_header_schema().id(), - header.id as i64, - ); + self.insert(self.event_schema.dns_update_header_schema().id(), header.id); self.insert( self.event_schema.dns_update_header_schema().opcode(), - header.opcode as i64, + header.opcode, ); self.insert( self.event_schema.dns_update_header_schema().rcode(), - header.rcode as i64, + u16::from(header.rcode), ); - self.insert( - self.event_schema.dns_update_header_schema().qr(), - header.qr as i64, - ); + self.insert(self.event_schema.dns_update_header_schema().qr(), header.qr); self.insert( self.event_schema.dns_update_header_schema().zone_count(), - header.zone_count as i64, + header.zone_count, ); self.insert( self.event_schema .dns_update_header_schema() .prerequisite_count(), - header.prerequisite_count as i64, + header.prerequisite_count, ); self.insert( self.event_schema.dns_update_header_schema().update_count(), - header.update_count as i64, + header.update_count, ); self.insert( self.event_schema .dns_update_header_schema() .additional_count(), - header.additional_count as i64, + header.additional_count, ); self.parent_key_path.pop(); @@ -795,7 +783,7 @@ impl<'a> DnstapParser<'a> { self.event_schema .dns_update_zone_info_schema() .zone_type_id(), - zone.zone_type_id as i64, + zone.zone_type_id, ); self.insert( self.event_schema.dns_update_zone_info_schema().zone_class(), @@ -814,13 +802,13 @@ impl<'a> DnstapParser<'a> { self.event_schema .dns_message_opt_pseudo_section_schema() .extended_rcode(), - edns.extended_rcode as i64, + edns.extended_rcode, ); self.insert( self.event_schema .dns_message_opt_pseudo_section_schema() .version(), - edns.version as i64, + edns.version, ); self.insert( self.event_schema @@ -832,7 +820,7 @@ impl<'a> DnstapParser<'a> { self.event_schema .dns_message_opt_pseudo_section_schema() .udp_max_payload_size(), - edns.udp_max_payload_size as i64, + edns.udp_max_payload_size, ); self.log_edns_options( self.event_schema @@ -861,7 +849,7 @@ impl<'a> DnstapParser<'a> { fn log_edns_opt(&mut self, opt: &EdnsOptionEntry) { self.insert( self.event_schema.dns_message_option_schema().opt_code(), - opt.opt_code as i64, + opt.opt_code, ); self.insert( self.event_schema.dns_message_option_schema().opt_name(), @@ -899,12 +887,9 @@ impl<'a> DnstapParser<'a> { } self.insert( self.event_schema.dns_record_schema().record_type_id(), - record.record_type_id as i64, - ); - self.insert( - self.event_schema.dns_record_schema().ttl(), - record.ttl as i64, + record.record_type_id, ); + self.insert(self.event_schema.dns_record_schema().ttl(), record.ttl); self.insert( self.event_schema.dns_record_schema().class(), record.class.clone(), From e806f9ff82a27ae72b6381ba37f2e8eb98ec9fff Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Mon, 28 Feb 2022 15:14:30 -0800 Subject: [PATCH 3/7] Address TODO Signed-off-by: Jesse Szwedko --- lib/dnsmsg-parser/src/dns_message_parser.rs | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/lib/dnsmsg-parser/src/dns_message_parser.rs b/lib/dnsmsg-parser/src/dns_message_parser.rs index 68512e9b40e4d..e96a48f83a19e 100644 --- a/lib/dnsmsg-parser/src/dns_message_parser.rs +++ b/lib/dnsmsg-parser/src/dns_message_parser.rs @@ -834,13 +834,14 @@ fn parse_edns_options(edns: &Edns) -> Vec { edns.options() .as_ref() .iter() - .map(|(code, option)| match option { + .flat_map(|(code, option)| match option { EdnsOption::DAU(algorithms) | EdnsOption::DHU(algorithms) - | EdnsOption::N3U(algorithms) => parse_edns_opt_dnssec_algorithms(*code, *algorithms), - EdnsOption::Unknown(_, opt_data) => parse_edns_opt(*code, opt_data), - - _ => panic!("TODO"), + | EdnsOption::N3U(algorithms) => { + Some(parse_edns_opt_dnssec_algorithms(*code, *algorithms)) + } + EdnsOption::Unknown(_, opt_data) => Some(parse_edns_opt(*code, opt_data)), + _ => None, }) .collect() } From bc8db62bbc387f424645ad038974ef49bdc1584d Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Mon, 28 Feb 2022 15:31:38 -0800 Subject: [PATCH 4/7] Add handling for unknown edns options Signed-off-by: Jesse Szwedko --- lib/dnsmsg-parser/src/dns_message_parser.rs | 37 +++++++++++++-------- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/lib/dnsmsg-parser/src/dns_message_parser.rs b/lib/dnsmsg-parser/src/dns_message_parser.rs index e96a48f83a19e..f646b66086175 100644 --- a/lib/dnsmsg-parser/src/dns_message_parser.rs +++ b/lib/dnsmsg-parser/src/dns_message_parser.rs @@ -34,6 +34,8 @@ pub enum DnsMessageParserError { TrustDnsError { source: ProtoError }, #[error("UTF8Error: {}", source)] Utf8ParsingError { source: Utf8Error }, + #[error("Unknown Edns option: {:?}, please report", option)] + UnknownEdnsOption { option: EdnsOption }, } /// Result alias for parsing @@ -68,7 +70,7 @@ impl DnsMessageParser { let msg = TrustDnsMessage::from_vec(&self.raw_message) .map_err(|source| DnsMessageParserError::TrustDnsError { source })?; let header = parse_dns_query_message_header(&msg); - let edns_section = parse_edns(&msg); + let edns_section = parse_edns(&msg)?; let rcode_high = edns_section.as_ref().map_or(0, |edns| edns.extended_rcode); let response_code = (u16::from(rcode_high) << 4) | ((u16::from(header.rcode)) & 0x000F); @@ -820,28 +822,35 @@ fn parse_dns_update_message_header(dns_message: &TrustDnsMessage) -> UpdateHeade } } -fn parse_edns(dns_message: &TrustDnsMessage) -> Option { - dns_message.edns().map(|edns| OptPseudoSection { - extended_rcode: edns.rcode_high(), - version: edns.version(), - dnssec_ok: edns.dnssec_ok(), - udp_max_payload_size: edns.max_payload(), - options: parse_edns_options(edns), - }) +fn parse_edns(dns_message: &TrustDnsMessage) -> DnsParserResult> { + dns_message + .edns() + .map(|edns| { + parse_edns_options(edns).map(|options| OptPseudoSection { + extended_rcode: edns.rcode_high(), + version: edns.version(), + dnssec_ok: edns.dnssec_ok(), + udp_max_payload_size: edns.max_payload(), + options, + }) + }) + .transpose() } -fn parse_edns_options(edns: &Edns) -> Vec { +fn parse_edns_options(edns: &Edns) -> DnsParserResult> { edns.options() .as_ref() .iter() - .flat_map(|(code, option)| match option { + .map(|(code, option)| match option { EdnsOption::DAU(algorithms) | EdnsOption::DHU(algorithms) | EdnsOption::N3U(algorithms) => { - Some(parse_edns_opt_dnssec_algorithms(*code, *algorithms)) + Ok(parse_edns_opt_dnssec_algorithms(*code, *algorithms)) } - EdnsOption::Unknown(_, opt_data) => Some(parse_edns_opt(*code, opt_data)), - _ => None, + EdnsOption::Unknown(_, opt_data) => Ok(parse_edns_opt(*code, opt_data)), + option => Err(DnsMessageParserError::UnknownEdnsOption { + option: option.clone(), + }), }) .collect() } From f6d3a569a7d1b321c4a1b7f5180cc3b3799304dc Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Mon, 28 Feb 2022 16:09:01 -0800 Subject: [PATCH 5/7] Revert "Add handling for unknown edns options" This reverts commit bc8db62bbc387f424645ad038974ef49bdc1584d. --- lib/dnsmsg-parser/src/dns_message_parser.rs | 37 ++++++++------------- 1 file changed, 14 insertions(+), 23 deletions(-) diff --git a/lib/dnsmsg-parser/src/dns_message_parser.rs b/lib/dnsmsg-parser/src/dns_message_parser.rs index f646b66086175..e96a48f83a19e 100644 --- a/lib/dnsmsg-parser/src/dns_message_parser.rs +++ b/lib/dnsmsg-parser/src/dns_message_parser.rs @@ -34,8 +34,6 @@ pub enum DnsMessageParserError { TrustDnsError { source: ProtoError }, #[error("UTF8Error: {}", source)] Utf8ParsingError { source: Utf8Error }, - #[error("Unknown Edns option: {:?}, please report", option)] - UnknownEdnsOption { option: EdnsOption }, } /// Result alias for parsing @@ -70,7 +68,7 @@ impl DnsMessageParser { let msg = TrustDnsMessage::from_vec(&self.raw_message) .map_err(|source| DnsMessageParserError::TrustDnsError { source })?; let header = parse_dns_query_message_header(&msg); - let edns_section = parse_edns(&msg)?; + let edns_section = parse_edns(&msg); let rcode_high = edns_section.as_ref().map_or(0, |edns| edns.extended_rcode); let response_code = (u16::from(rcode_high) << 4) | ((u16::from(header.rcode)) & 0x000F); @@ -822,35 +820,28 @@ fn parse_dns_update_message_header(dns_message: &TrustDnsMessage) -> UpdateHeade } } -fn parse_edns(dns_message: &TrustDnsMessage) -> DnsParserResult> { - dns_message - .edns() - .map(|edns| { - parse_edns_options(edns).map(|options| OptPseudoSection { - extended_rcode: edns.rcode_high(), - version: edns.version(), - dnssec_ok: edns.dnssec_ok(), - udp_max_payload_size: edns.max_payload(), - options, - }) - }) - .transpose() +fn parse_edns(dns_message: &TrustDnsMessage) -> Option { + dns_message.edns().map(|edns| OptPseudoSection { + extended_rcode: edns.rcode_high(), + version: edns.version(), + dnssec_ok: edns.dnssec_ok(), + udp_max_payload_size: edns.max_payload(), + options: parse_edns_options(edns), + }) } -fn parse_edns_options(edns: &Edns) -> DnsParserResult> { +fn parse_edns_options(edns: &Edns) -> Vec { edns.options() .as_ref() .iter() - .map(|(code, option)| match option { + .flat_map(|(code, option)| match option { EdnsOption::DAU(algorithms) | EdnsOption::DHU(algorithms) | EdnsOption::N3U(algorithms) => { - Ok(parse_edns_opt_dnssec_algorithms(*code, *algorithms)) + Some(parse_edns_opt_dnssec_algorithms(*code, *algorithms)) } - EdnsOption::Unknown(_, opt_data) => Ok(parse_edns_opt(*code, opt_data)), - option => Err(DnsMessageParserError::UnknownEdnsOption { - option: option.clone(), - }), + EdnsOption::Unknown(_, opt_data) => Some(parse_edns_opt(*code, opt_data)), + _ => None, }) .collect() } From 9ec889db61f9c780fece75ee5d572ce31410eea2 Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Mon, 28 Feb 2022 16:10:56 -0800 Subject: [PATCH 6/7] Better handling of unknown edns options Signed-off-by: Jesse Szwedko --- lib/dnsmsg-parser/src/dns_message_parser.rs | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/lib/dnsmsg-parser/src/dns_message_parser.rs b/lib/dnsmsg-parser/src/dns_message_parser.rs index e96a48f83a19e..1ab2a5df1e1a3 100644 --- a/lib/dnsmsg-parser/src/dns_message_parser.rs +++ b/lib/dnsmsg-parser/src/dns_message_parser.rs @@ -834,14 +834,12 @@ fn parse_edns_options(edns: &Edns) -> Vec { edns.options() .as_ref() .iter() - .flat_map(|(code, option)| match option { + .map(|(code, option)| match option { EdnsOption::DAU(algorithms) | EdnsOption::DHU(algorithms) - | EdnsOption::N3U(algorithms) => { - Some(parse_edns_opt_dnssec_algorithms(*code, *algorithms)) - } - EdnsOption::Unknown(_, opt_data) => Some(parse_edns_opt(*code, opt_data)), - _ => None, + | EdnsOption::N3U(algorithms) => parse_edns_opt_dnssec_algorithms(*code, *algorithms), + EdnsOption::Unknown(_, opt_data) => parse_edns_opt(*code, opt_data), + option => parse_edns_opt(*code, &Vec::::from(option)), }) .collect() } From bbf043c06ff3bb9b49555d27f5249fc517417ec5 Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Tue, 1 Mar 2022 07:34:11 -0800 Subject: [PATCH 7/7] Correct NULL record handling to make it behave like before Signed-off-by: Jesse Szwedko --- lib/dnsmsg-parser/src/dns_message_parser.rs | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/lib/dnsmsg-parser/src/dns_message_parser.rs b/lib/dnsmsg-parser/src/dns_message_parser.rs index 1ab2a5df1e1a3..aa946cf12778e 100644 --- a/lib/dnsmsg-parser/src/dns_message_parser.rs +++ b/lib/dnsmsg-parser/src/dns_message_parser.rs @@ -152,9 +152,7 @@ impl DnsMessageParser { let record_data = match record.data() { Some(RData::Unknown { code, rdata }) => self.format_unknown_rdata(*code, rdata), Some(rdata) => format_rdata(rdata), - None => Err(DnsMessageParserError::SimpleError { - cause: String::from("Empty rdata"), - }), + None => Ok((Some(String::from("")), None)), // NULL record }?; Ok(DnsRecord {