]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
rust/dns - convert more type values to text
authorJason Ish <ish@unx.ca>
Mon, 18 Dec 2017 12:46:17 +0000 (06:46 -0600)
committerVictor Julien <victor@inliniac.net>
Tue, 30 Jan 2018 09:32:16 +0000 (10:32 +0100)
Issue:
https://redmine.openinfosecfoundation.org/issues/2364

Convert more record type and errr code values to text.
Remove duplicate type declarations.

rust/src/dns/dns.rs
rust/src/dns/log.rs
rust/src/dns/lua.rs
rust/src/dns/parser.rs

index 5c9e1ade9e2df9fc3e6d1e71f2ec61a0063f1cbe..8a14dbae8cfec36163230a2e696abfcbd6eb7a28 100644 (file)
@@ -26,17 +26,6 @@ use applayer::LoggerFlags;
 use core;
 use dns::parser;
 
-/// DNS record types.
-pub const DNS_RTYPE_A:     u16 = 1;
-pub const DNS_RTYPE_CNAME: u16 = 5;
-pub const DNS_RTYPE_SOA:   u16 = 6;
-pub const DNS_RTYPE_PTR:   u16 = 12;
-pub const DNS_RTYPE_MX:    u16 = 15;
-pub const DNS_RTYPE_TXT:   u16 = 16;
-pub const DNS_RTYPE_AAAA:  u16 = 28;
-pub const DNS_RTYPE_SSHFP: u16 = 44;
-pub const DNS_RTYPE_RRSIG: u16 = 46;
-
 /// DNS record types.
 pub const DNS_RECORD_TYPE_A           : u16 = 1;
 pub const DNS_RECORD_TYPE_NS          : u16 = 2;
@@ -67,7 +56,7 @@ pub const DNS_RECORD_TYPE_PX          : u16 = 26;
 pub const DNS_RECORD_TYPE_GPOS        : u16 = 27;
 pub const DNS_RECORD_TYPE_AAAA        : u16 = 28;
 pub const DNS_RECORD_TYPE_LOC         : u16 = 29;
-pub const DNS_RECORD_TYPE_NXT         : u16 = 30;  // Obosolete
+pub const DNS_RECORD_TYPE_NXT         : u16 = 30;  // Obsolete
 pub const DNS_RECORD_TYPE_SRV         : u16 = 33;
 pub const DNS_RECORD_TYPE_ATMA        : u16 = 34;
 pub const DNS_RECORD_TYPE_NAPTR       : u16 = 35;
@@ -100,7 +89,26 @@ pub const DNS_RECORD_TYPE_URI         : u16 = 256;
 /// DNS error codes.
 pub const DNS_RCODE_NOERROR:  u16 = 0;
 pub const DNS_RCODE_FORMERR:  u16 = 1;
+pub const DNS_RCODE_SERVFAIL: u16 = 2;
 pub const DNS_RCODE_NXDOMAIN: u16 = 3;
+pub const DNS_RCODE_NOTIMP:   u16 = 4;
+pub const DNS_RCODE_REFUSED:  u16 = 5;
+pub const DNS_RCODE_YXDOMAIN: u16 = 6;
+pub const DNS_RCODE_YXRRSET:  u16 = 7;
+pub const DNS_RCODE_NXRRSET:  u16 = 8;
+pub const DNS_RCODE_NOTAUTH:  u16 = 9;
+pub const DNS_RCODE_NOTZONE:  u16 = 10;
+// Support for OPT RR from RFC6891 will be needed to
+// parse RCODE values over 15
+pub const DNS_RCODE_BADVERS:  u16 = 16;
+pub const DNS_RCODE_BADSIG:   u16 = 16;
+pub const DNS_RCODE_BADKEY:   u16 = 17;
+pub const DNS_RCODE_BADTIME:  u16 = 18;
+pub const DNS_RCODE_BADMODE:  u16 = 19;
+pub const DNS_RCODE_BADNAME:  u16 = 20;
+pub const DNS_RCODE_BADALG:   u16 = 21;
+pub const DNS_RCODE_BADTRUNC: u16 = 22;
+
 
 /// The maximum number of transactions to keep in the queue pending
 /// processing before they are aggressively purged. Due to the
index c1334ba3e93111a32732eff49dba828767dd5a84..f24ffeee5b591b4772d851ed564fc8ce95444a3d 100644 (file)
@@ -271,15 +271,64 @@ fn dns_log_rrtype_enabled(rtype: u16, flags: u64) -> bool
 
 pub fn dns_rrtype_string(rrtype: u16) -> String {
     match rrtype {
-        DNS_RTYPE_A => "A",
-        DNS_RTYPE_CNAME => "CNAME",
-        DNS_RTYPE_SOA => "SOA",
-        DNS_RTYPE_PTR => "PTR",
-        DNS_RTYPE_MX => "MX",
-        DNS_RTYPE_TXT => "TXT",
-        DNS_RTYPE_AAAA => "AAAA",
-        DNS_RTYPE_SSHFP => "SSHFP",
-        DNS_RTYPE_RRSIG => "RRSIG",
+        DNS_RECORD_TYPE_A => "A",
+        DNS_RECORD_TYPE_NS => "NS",
+        DNS_RECORD_TYPE_AAAA => "AAAA",
+        DNS_RECORD_TYPE_CNAME => "CNAME",
+        DNS_RECORD_TYPE_TXT => "TXT",
+        DNS_RECORD_TYPE_MX => "MX",
+        DNS_RECORD_TYPE_SOA => "SOA",
+        DNS_RECORD_TYPE_PTR => "PTR",
+        DNS_RECORD_TYPE_SIG => "SIG",
+        DNS_RECORD_TYPE_KEY => "KEY",
+        DNS_RECORD_TYPE_WKS => "WKS",
+        DNS_RECORD_TYPE_TKEY => "TKEY",
+        DNS_RECORD_TYPE_TSIG => "TSIG",
+        DNS_RECORD_TYPE_ANY => "ANY",
+        DNS_RECORD_TYPE_RRSIG => "RRSIG",
+        DNS_RECORD_TYPE_NSEC => "NSEC",
+        DNS_RECORD_TYPE_DNSKEY => "DNSKEY",
+        DNS_RECORD_TYPE_HINFO => "HINFO",
+        DNS_RECORD_TYPE_MINFO => "MINFO",
+        DNS_RECORD_TYPE_RP => "RP",
+        DNS_RECORD_TYPE_AFSDB => "AFSDB",
+        DNS_RECORD_TYPE_X25 => "X25",
+        DNS_RECORD_TYPE_ISDN => "ISDN",
+        DNS_RECORD_TYPE_RT => "RT",
+        DNS_RECORD_TYPE_NSAP => "NSAP",
+        DNS_RECORD_TYPE_NSAPPTR => "NSAPPT",
+        DNS_RECORD_TYPE_PX => "PX",
+        DNS_RECORD_TYPE_GPOS => "GPOS",
+        DNS_RECORD_TYPE_LOC => "LOC",
+        DNS_RECORD_TYPE_SRV => "SRV",
+        DNS_RECORD_TYPE_ATMA => "ATMA",
+        DNS_RECORD_TYPE_NAPTR => "NAPTR",
+        DNS_RECORD_TYPE_KX => "KX",
+        DNS_RECORD_TYPE_CERT => "CERT",
+        DNS_RECORD_TYPE_A6 => "A6",
+        DNS_RECORD_TYPE_DNAME => "DNAME",
+        DNS_RECORD_TYPE_OPT => "OPT",
+        DNS_RECORD_TYPE_APL => "APL",
+        DNS_RECORD_TYPE_DS => "DS",
+        DNS_RECORD_TYPE_SSHFP => "SSHFP",
+        DNS_RECORD_TYPE_IPSECKEY => "IPSECKEY",
+        DNS_RECORD_TYPE_DHCID => "DHCID",
+        DNS_RECORD_TYPE_NSEC3 => "NSEC3",
+        DNS_RECORD_TYPE_NSEC3PARAM => "NSEC3PARAM",
+        DNS_RECORD_TYPE_TLSA => "TLSA",
+        DNS_RECORD_TYPE_HIP => "HIP",
+        DNS_RECORD_TYPE_CDS => "CDS",
+        DNS_RECORD_TYPE_CDNSKEY => "CDSNKEY",
+        DNS_RECORD_TYPE_MAILA => "MAILA",
+        DNS_RECORD_TYPE_URI => "URI",
+        DNS_RECORD_TYPE_MB => "MB",
+        DNS_RECORD_TYPE_MG => "MG",
+        DNS_RECORD_TYPE_MR => "MR",
+        DNS_RECORD_TYPE_NULL => "NULL",
+        DNS_RECORD_TYPE_SPF => "SPF",
+        DNS_RECORD_TYPE_NXT => "NXT",
+        DNS_RECORD_TYPE_MD => "ND",
+        DNS_RECORD_TYPE_MF => "MF",
         _ => {
             return rrtype.to_string();
         }
@@ -290,7 +339,22 @@ fn dns_rcode_string(flags: u16) -> String {
     match flags & 0x000f {
         DNS_RCODE_NOERROR => "NOERROR",
         DNS_RCODE_FORMERR => "FORMERR",
+        DNS_RCODE_SERVFAIL => "SERVFAIL",
         DNS_RCODE_NXDOMAIN => "NXDOMAIN",
+        DNS_RCODE_NOTIMP => "NOTIMP",
+        DNS_RCODE_REFUSED => "REFUSED",
+        DNS_RCODE_YXDOMAIN => "YXDOMAIN",
+        DNS_RCODE_YXRRSET => "YXRRSET",
+        DNS_RCODE_NXRRSET => "NXRRSET",
+        DNS_RCODE_NOTAUTH => "NOTAUTH",
+        DNS_RCODE_NOTZONE => "NOTZONE",
+        DNS_RCODE_BADVERS => "BADVERS/BADSIG",
+        DNS_RCODE_BADKEY => "BADKEY",
+        DNS_RCODE_BADTIME => "BADTIME",
+        DNS_RCODE_BADMODE => "BADMODE",
+        DNS_RCODE_BADNAME => "BADNAME",
+        DNS_RCODE_BADALG => "BADALG",
+        DNS_RCODE_BADTRUNC => "BADTRUNC",
         _ => {
             return (flags & 0x000f).to_string();
         }
@@ -385,16 +449,16 @@ fn dns_log_json_answer(header: &DNSHeader, answer: &DNSAnswerEntry)
     js.set_integer("ttl", answer.ttl as u64);
 
     match answer.rrtype {
-        DNS_RTYPE_A | DNS_RTYPE_AAAA => {
+        DNS_RECORD_TYPE_A | DNS_RECORD_TYPE_AAAA => {
             js.set_string("rdata", &dns_print_addr(&answer.data));
         }
-        DNS_RTYPE_CNAME |
-        DNS_RTYPE_MX |
-        DNS_RTYPE_TXT |
-        DNS_RTYPE_PTR => {
+        DNS_RECORD_TYPE_CNAME |
+        DNS_RECORD_TYPE_MX |
+        DNS_RECORD_TYPE_TXT |
+        DNS_RECORD_TYPE_PTR => {
             js.set_string_from_bytes("rdata", &answer.data);
         },
-        DNS_RTYPE_SSHFP => {
+        DNS_RECORD_TYPE_SSHFP => {
             dns_log_sshfp(&js, &answer);
         },
         _ => {}
index 641431c0837d94a9e288ed8e74c5ea58d3e290fc..4f8b354b988f93179b57ebccc027317028fc733b 100644 (file)
@@ -139,7 +139,7 @@ pub extern "C" fn rs_dns_lua_get_answer_table(clua: &mut CLuaState,
             if answer.data.len() > 0 {
                 lua.pushstring("addr");
                 match answer.rrtype {
-                    DNS_RTYPE_A | DNS_RTYPE_AAAA => {
+                    DNS_RECORD_TYPE_A | DNS_RECORD_TYPE_AAAA => {
                         lua.pushstring(&dns_print_addr(&answer.data));
                     }
                     _ => {
index 6bfec2d9944fb3576d9d9e92d38a7cda0644225a..9159a84437ccf8d8ec8499cc634f40a479db748f 100644 (file)
@@ -162,7 +162,7 @@ fn dns_parse_answer<'a>(slice: &'a [u8], message: &'a [u8], count: usize)
                 let ttl = val.3;
                 let data = val.4;
                 let n = match rrtype {
-                    DNS_RTYPE_TXT => {
+                    DNS_RECORD_TYPE_TXT => {
                         // For TXT records we need to run the parser
                         // multiple times. Set n high, to the maximum
                         // value based on a max txt side of 65535, but
@@ -266,12 +266,12 @@ pub fn dns_parse_rdata<'a>(input: &'a [u8], message: &'a [u8], rrtype: u16)
     -> nom::IResult<&'a [u8], Vec<u8>>
 {
     match rrtype {
-        DNS_RTYPE_CNAME |
-        DNS_RTYPE_PTR |
-        DNS_RTYPE_SOA => {
+        DNS_RECORD_TYPE_CNAME |
+        DNS_RECORD_TYPE_PTR |
+        DNS_RECORD_TYPE_SOA => {
             dns_parse_name(input, message)
         },
-        DNS_RTYPE_MX => {
+        DNS_RECORD_TYPE_MX => {
             // For MX we we skip over the preference field before
             // parsing out the name.
             closure!(&'a [u8], do_parse!(
@@ -280,7 +280,7 @@ pub fn dns_parse_rdata<'a>(input: &'a [u8], message: &'a [u8], rrtype: u16)
                     (name)
             ))(input)
         },
-        DNS_RTYPE_TXT => {
+        DNS_RECORD_TYPE_TXT => {
             closure!(&'a [u8], do_parse!(
                 len: be_u8 >>
                 txt: take!(len) >>