{
public:
SetTraceAction(SetTraceActionConfiguration& config) :
- d_value{config.value}, d_loggers(config.remote_loggers), d_useIncomingTraceID(config.use_incoming_traceid), d_incomingTraceIDOptionCode(config.trace_edns_option) {};
+ d_value{config.value}, d_loggers(config.remote_loggers), d_useIncomingTraceID(config.use_incoming_traceid), d_incomingTraceIDOptionCode(config.trace_edns_option), d_stripIncomingTraceID(config.strip_incoming_traceid) {};
DNSAction::Action operator()([[maybe_unused]] DNSQuestion* dnsquestion, [[maybe_unused]] std::string* ruleresult) const override
{
vinfolog("SetTraceAction called, but OpenTelemetry tracing is globally disabled. Did you forget to call setOpenTelemetryTracing?");
return Action::None;
}
+
dnsquestion->ids.tracingEnabled = d_value;
- if (d_value) {
- tracer->setRootSpanAttribute("query.qname", AnyValue{dnsquestion->ids.qname.toStringNoDot()});
- tracer->setRootSpanAttribute("query.qtype", AnyValue{QType(dnsquestion->ids.qtype).toString()});
- tracer->setRootSpanAttribute("query.remote.address", AnyValue{dnsquestion->ids.origRemote.toString()});
- tracer->setRootSpanAttribute("query.remote.port", AnyValue{dnsquestion->ids.origRemote.getPort()});
- if (d_useIncomingTraceID.value_or(false)) {
- if (dnsquestion->ednsOptions == nullptr && !parseEDNSOptions(*dnsquestion)) {
- // Maybe parsed, but no EDNS found
- return Action::None;
- }
- if (dnsquestion->ednsOptions == nullptr) {
- // Parsing failed, log a warning and return
- vinfolog("parsing EDNS options failed while looking for OpenTelemetry Trace ID");
- return Action::None;
- }
- pdns::trace::TraceID traceID;
- pdns::trace::SpanID spanID;
- if (pdns::trace::extractOTraceIDs(*(dnsquestion->ednsOptions), EDNSOptionCode::EDNSOptionCodeEnum(d_incomingTraceIDOptionCode.value_or(EDNSOptionCode::OTTRACEIDS)), traceID, spanID)) {
- tracer->setTraceID(traceID);
- if (spanID != pdns::trace::s_emptySpanID) {
- tracer->setRootSpanID(spanID);
- }
+
+ if (!d_value) {
+ // Tracing has been turned off or should not be enabled, clean up
+ dnsquestion->ids.ottraceLoggers.clear();
+ return Action::None;
+ }
+
+ dnsquestion->ids.ottraceLoggers = d_loggers;
+ tracer->setRootSpanAttribute("query.qname", AnyValue{dnsquestion->ids.qname.toStringNoDot()});
+ tracer->setRootSpanAttribute("query.qtype", AnyValue{QType(dnsquestion->ids.qtype).toString()});
+ tracer->setRootSpanAttribute("query.remote.address", AnyValue{dnsquestion->ids.origRemote.toString()});
+ tracer->setRootSpanAttribute("query.remote.port", AnyValue{dnsquestion->ids.origRemote.getPort()});
+
+ if (!d_useIncomingTraceID.value_or(false) && !d_stripIncomingTraceID.value_or(false)) {
+ // No need to check EDNS
+ return Action::None;
+ }
+
+ // We need to check if EDNS Options exist
+ if (dnsquestion->ednsOptions == nullptr && !parseEDNSOptions(*dnsquestion)) {
+ // Maybe parsed, but no EDNS found
+ return Action::None;
+ }
+ if (dnsquestion->ednsOptions == nullptr) {
+ // Parsing failed, log a warning and return
+ vinfolog("parsing EDNS options failed while looking for OpenTelemetry Trace ID");
+ return Action::None;
+ }
+
+ if (d_useIncomingTraceID.value_or(false)) {
+ pdns::trace::TraceID traceID;
+ pdns::trace::SpanID spanID;
+ if (pdns::trace::extractOTraceIDs(*(dnsquestion->ednsOptions), EDNSOptionCode::EDNSOptionCodeEnum(d_incomingTraceIDOptionCode.value_or(EDNSOptionCode::OTTRACEIDS)), traceID, spanID)) {
+ tracer->setTraceID(traceID);
+ if (spanID != pdns::trace::s_emptySpanID) {
+ tracer->setRootSpanID(spanID);
}
}
- dnsquestion->ids.ottraceLoggers = d_loggers;
}
+
+ if (d_stripIncomingTraceID.value_or(false)) {
+ uint16_t optStart;
+ size_t optLen;
+ bool last;
+
+ if (locateEDNSOptRR(dnsquestion->getData(), &optStart, &optLen, &last) != 0) {
+ // Can't find the EDNS OPT RR, can't happen
+ return Action::None;
+ }
+
+ if (!last) {
+ vinfolog("SetTraceAction: EDNS options is not the last RR in the packet, not removing TRACEPARENT");
+ return Action::None;
+ }
+
+ size_t existingOptLen = optLen;
+ removeEDNSOptionFromOPT(reinterpret_cast<char*>(&dnsquestion->getMutableData().at(optStart)), &optLen, d_incomingTraceIDOptionCode.value_or(EDNSOptionCode::OTTRACEIDS));
+ dnsquestion->getMutableData().resize(dnsquestion->getData().size() - (existingOptLen - optLen));
+ // Ensure the EDNS Option View is not out of date
+ dnsquestion->ednsOptions.reset();
+ }
+
return Action::None;
}
std::optional<bool> d_useIncomingTraceID;
std::optional<short unsigned int> d_incomingTraceIDOptionCode;
+ std::optional<bool> d_stripIncomingTraceID;
};
#endif
import binascii
import dns.message
import dns.rrset
+import dns.rcode
import dns.rdataclass
import dns.rdatatype
import dns.edns
import time
+import threading
import opentelemetry.proto.trace.v1.trace_pb2
import google.protobuf.json_format
def testTCP(self):
self.doTest(useTCP=True, extraFunctions={"queueResponse"})
+
+
+def servfailOnTraceParent(request: dns.message.Message):
+ response = dns.message.make_response(request)
+ if any(opt.otype == 65500 for opt in request.options):
+ response.set_rcode(dns.rcode.SERVFAIL)
+ return response.to_wire()
+
+
+class TestOpenTelemetryTracingStripIncomingTraceParent(
+ DNSDistOpenTelemetryProtobufTest
+):
+ _yaml_config_params = [
+ "_testServerPort",
+ ]
+ _yaml_config_template = """---
+logging:
+ open_telemetry_tracing: true
+
+backends:
+ - address: 127.0.0.1:%d
+ protocol: Do53
+
+query_rules:
+ - name: Enable tracing
+ selector:
+ type: All
+ action:
+ type: SetTrace
+ value: true
+ strip_incoming_traceid: true
+"""
+
+ @classmethod
+ def startResponders(cls):
+ print("Launching responders..")
+
+ cls._UDPResponder = threading.Thread(
+ name="UDP Responder",
+ target=cls.UDPResponder,
+ args=[
+ cls._testServerPort,
+ cls._toResponderQueue,
+ cls._fromResponderQueue,
+ False,
+ servfailOnTraceParent,
+ ],
+ )
+ cls._UDPResponder.daemon = True
+ cls._UDPResponder.start()
+
+ cls._TCPResponder = threading.Thread(
+ name="TCP Responder",
+ target=cls.TCPResponder,
+ args=[
+ cls._testServerPort,
+ cls._toResponderQueue,
+ cls._fromResponderQueue,
+ False,
+ False,
+ servfailOnTraceParent,
+ ],
+ )
+ cls._TCPResponder.daemon = True
+ cls._TCPResponder.start()
+
+ def doQuery(self, useTCP=False):
+ name = "query.ot.tests.powerdns.com."
+
+ ottrace = dns.edns.GenericOption(str(65500), "\x00\x00")
+ ottrace.data += binascii.a2b_hex("12345678901234567890123456789012")
+ ottrace.data += binascii.a2b_hex("1234567890123456")
+ query = dns.message.make_query(
+ name, "A", "IN", use_edns=True, options=[ottrace]
+ )
+
+ if useTCP:
+ (_, receivedResponse) = self.sendTCPQuery(query, response=None)
+ else:
+ (_, receivedResponse) = self.sendUDPQuery(query, response=None)
+
+ self.assertIsNotNone(receivedResponse)
+ # If we stripped the OpenTelemetry Trace ID from the query, we should not get a SERVFAIL
+ self.assertEqual(receivedResponse.rcode(), dns.rcode.NOERROR)
+
+ def testStripIncomingTraceIDUDP(self):
+ self.doQuery()
+
+ def testStripIncomingTraceIDTCP(self):
+ self.doQuery(True)
projects / thirdparty / pdns.git / commitdiff
