From: Arran Cudbard-Bell Date: Wed, 13 Mar 2024 22:01:57 +0000 (-0600) Subject: Reformat DNS attribute names to match every other dictionary in the server X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=32a82677eb732ecbed2b562d2b8c300748ef15e9;p=thirdparty%2Ffreeradius-server.git Reformat DNS attribute names to match every other dictionary in the server Expand more of the pseudo-acronyms to make it easier for the unintiated. We can add aliases back in later if we people complain. --- diff --git a/doc/antora/modules/raddb/pages/sites-available/dns.adoc b/doc/antora/modules/raddb/pages/sites-available/dns.adoc index 141dfe2075f..d965667e010 100644 --- a/doc/antora/modules/raddb/pages/sites-available/dns.adoc +++ b/doc/antora/modules/raddb/pages/sites-available/dns.adoc @@ -37,7 +37,7 @@ Dont use "port = 53" unless you want to break things == Default Configuration ``` -server dns { +server DNS { namespace = dns listen { type = query @@ -47,10 +47,10 @@ server dns { port = 5300 } } -recv query { +recv Query { ok } -send query.response { +send Query-Response { ok } } diff --git a/raddb/sites-available/dns b/raddb/sites-available/dns index 42a7ee66190..ef80ec3257e 100644 --- a/raddb/sites-available/dns +++ b/raddb/sites-available/dns @@ -24,14 +24,14 @@ # It's meant to be a _flexible_ DNS server. Want to give different answers to VoIP phones # and desktops? It can do that. # -server dns { +server DNS { # # namespace:: The protocol / dictionary to use. # namespace = dns listen { - type = query + type = Query transport = udp @@ -45,12 +45,11 @@ server dns { } -recv query { +recv Query { ok } -send query.response { +send Query-Response { ok } - } diff --git a/share/dictionary/dns/dictionary b/share/dictionary/dns/dictionary index 0a54139dd5e..309e0abb30f 100644 --- a/share/dictionary/dns/dictionary +++ b/share/dictionary/dns/dictionary @@ -1,5 +1,5 @@ # -*- text -*- -# Copyright (C) 2022 The FreeRADIUS Server project and contributors +# Copyright (C) 2024 The FreeRADIUS Server project and contributors # This work is licensed under CC-BY version 4.0 https://creativecommons.org/licenses/by/4.0 # Version $Id$ # diff --git a/share/dictionary/dns/dictionary.freeradius.internal b/share/dictionary/dns/dictionary.freeradius.internal index 6c02b503c77..a438c526985 100644 --- a/share/dictionary/dns/dictionary.freeradius.internal +++ b/share/dictionary/dns/dictionary.freeradius.internal @@ -4,13 +4,12 @@ # Version $Id$ FLAGS internal -ATTRIBUTE Packet-Type 1000 uint32 enum=packet.opcode - -VALUE Packet-Type query.response 16 -VALUE Packet-Type iquery.response 17 -VALUE Packet-Type status.response 18 -VALUE Packet-Type notify.response 20 -VALUE Packet-Type update.response 21 -VALUE Packet-Type dns-stateful-operations.response 22 +VALUE Packet-Type Query-Response 16 +VALUE Packet-Type IQuery-Response 17 +VALUE Packet-Type Status-Response 18 +VALUE Packet-Type Notify-Response 20 +VALUE Packet-Type Update-Response 21 +VALUE Packet-Type DNS-Stateful-Operations-Response 22 +ATTRIBUTE Packet-Type 1000 uint32 enum=Header.Opcode VALUE Packet-Type Do-Not-Respond 256 diff --git a/share/dictionary/dns/dictionary.rfc1034 b/share/dictionary/dns/dictionary.rfc1034 index 2c4d53a240f..7482ddab0cc 100644 --- a/share/dictionary/dns/dictionary.rfc1034 +++ b/share/dictionary/dns/dictionary.rfc1034 @@ -1,5 +1,5 @@ # -*- text -*- -# Copyright (C) 2022 The FreeRADIUS Server project and contributors +# Copyright (C) 2024 The FreeRADIUS Server project and contributors # This work is licensed under CC-BY version 4.0 https://creativecommons.org/licenses/by/4.0 # Version $Id$ # @@ -7,165 +7,165 @@ # contains a series of uint16_t offsets into the packet. # these offsets contain valid targets for compressed pointers. # -ATTRIBUTE packet 1 struct -MEMBER id uint16 -MEMBER query bit[1] -MEMBER opcode bit[4] -MEMBER authoritative bit[1] -MEMBER truncated-response bit[1] -MEMBER recursion-desired bit[1] -MEMBER recursion-available bit[1] -MEMBER reserved bit[1] -MEMBER authentic-data bit[1] -MEMBER checking-disabled bit[1] -MEMBER rcode bit[4] - -VALUE query query 0 -VALUE query response 1 - -VALUE opcode query 0 -VALUE opcode iquery 1 -VALUE opcode status 2 -VALUE opcode notify 4 -VALUE opcode update 5 -VALUE opcode dns-stateful-operations 6 - -VALUE rcode no-error 0 -VALUE rcode format-error 1 -VALUE rcode server-error 2 -VALUE rcode name-error 3 -VALUE rcode not-implemented 4 -VALUE rcode refused 5 -VALUE rcode yx-domain 6 -VALUE rcode yx-rr-set 7 -VALUE rcode nx-rr-set 8 -VALUE rcode not-auth 9 -VALUE rcode not-zone 10 -VALUE rcode dso-type-not-implemented 11 -VALUE rcode bad-signature 16 -VALUE rcode bad-key 17 -VALUE rcode bad-time 18 -VALUE rcode bad-mode 19 -VALUE rcode bad-name 20 -VALUE rcode bad-algorithm 21 -VALUE rcode bad-truncation 22 -VALUE rcode bad-cookie 23 - -MEMBER qdcount uint16 -MEMBER ancount uint16 -MEMBER nscount uint16 -MEMBER arcount uint16 - -ATTRIBUTE question 2 struct -MEMBER qname string dns_label -MEMBER qtype uint16 # from packet.type -MEMBER qclass uint16 - -VALUE qclass internet 1 -VALUE qclass chaos 3 -VALUE qclass hesiod 4 -VALUE qclass none 254 -VALUE qclass any 255 - -ATTRIBUTE rr 3 struct -MEMBER name string dns_label -MEMBER type uint16 key -MEMBER class uint16 -MEMBER ttl time_delta +ATTRIBUTE Header 1 struct +MEMBER ID uint16 +MEMBER Query bit[1] +MEMBER Opcode bit[4] +MEMBER Authoritative bit[1] +MEMBER Truncated-Response bit[1] +MEMBER Recursion-Desired bit[1] +MEMBER Recursion-Available bit[1] +MEMBER Reserved bit[1] +MEMBER Authentic-Data bit[1] +MEMBER Checking-Disabled bit[1] +MEMBER Rcode bit[4] + +VALUE Query Query 0 +VALUE Query Response 1 + +VALUE Opcode Query 0 +VALUE Opcode IQuery 1 +VALUE Opcode Status 2 +VALUE Opcode Notify 4 +VALUE Opcode Update 5 +VALUE Opcode DNS-Stateful-Operations 6 + +VALUE Rcode No-Error 0 +VALUE Rcode Format-error 1 +VALUE Rcode Server-error 2 +VALUE Rcode Name-error 3 +VALUE Rcode Not-implemented 4 +VALUE Rcode Refused 5 +VALUE Rcode YX-Domain 6 +VALUE Rcode YX-Resource-Recode-Set 7 +VALUE Rcode NX-Resource-Record-Set 8 +VALUE Rcode Not-Auth 9 +VALUE Rcode Not-Zone 10 +VALUE Rcode DSO-Type-Not-Implemented 11 +VALUE Rcode Bad-Signature 16 +VALUE Rcode Bad-Key 17 +VALUE Rcode Bad-Time 18 +VALUE Rcode Rad-Mode 19 +VALUE Rcode Bad-name 20 +VALUE Rcode Bad-Algorithm 21 +VALUE Rcode Bad-Truncation 22 +VALUE Rcode Bad-Cookie 23 + +MEMBER Question-Count uint16 +MEMBER Answer-Count uint16 +MEMBER Name-Server-Count uint16 +MEMBER Additional-Records-Count uint16 + +ATTRIBUTE Question 2 struct +MEMBER Name string dns_label +MEMBER Type uint16 # from packet.type +MEMBER Class uint16 + +VALUE Class Internet 1 +VALUE Class Chaos 3 +VALUE Class Hesiod 4 +VALUE Class None 254 +VALUE Class Any 255 + +ATTRIBUTE Resource-Record 3 struct +MEMBER Name string dns_label +MEMBER Type uint16 key +MEMBER Class uint16 +MEMBER TTL time_delta ###################################################################### # # Now we have resource records # ###################################################################### -STRUCT a type 1 length=uint16 -MEMBER ip-address ipaddr +STRUCT A Type 1 length=uint16 +MEMBER IP ipaddr -STRUCT ns type 2 length=uint16 -MEMBER domain-name string dns_label +STRUCT NS Type 2 length=uint16 +MEMBER Domain-Name string dns_label -STRUCT cname type 5 length=uint16 -MEMBER domain-name string dns_label +STRUCT CNAME Type 5 length=uint16 +MEMBER Domain-Name string dns_label -STRUCT soa type 6 length=uint16 -MEMBER mname string dns_label -MEMBER rname string dns_label -MEMBER serial uint32 -MEMBER refresh time_delta -MEMBER retry time_delta -MEMBER expire time_delta -MEMBER minimum time_delta +STRUCT SOA Type 6 length=uint16 +MEMBER Master-Name string dns_label +MEMBER Responsible-Name string dns_label +MEMBER Serial uint32 +MEMBER Refresh time_delta +MEMBER Retry time_delta +MEMBER Expire time_delta +MEMBER Minimum time_delta -STRUCT ptr type 12 length=uint16 -MEMBER domain-name string dns_label +STRUCT PTR Type 12 length=uint16 +MEMBER Domain-Name string dns_label -STRUCT mx type 15 length=uint16 -MEMBER preference uint32 -MEMBER domain-name string dns_label +STRUCT MX Type 15 length=uint16 +MEMBER Preference uint32 +MEMBER Domain-Name string dns_label -STRUCT txt type 16 length=uint16 -MEMBER data string +STRUCT TXT Type 16 length=uint16 +MEMBER Data string -STRUCT aaaa type 28 length=uint16 -MEMBER ipv6-address ipv6addr +STRUCT AAAA Type 28 length=uint16 +MEMBER IP ipv6addr -STRUCT dhcid type 49 length=uint16 -MEMBER identifier-type-code uint16 -MEMBER digest-type-code uint8 -MEMBER digest octets +STRUCT DHCID type 49 length=uint16 +MEMBER Identifier-Type-Code uint16 +MEMBER Digest-Type-Code uint8 +MEMBER Digest octets -VALUE identifier-type-code chaddr 0 -VALUE identifier-type-code dhcpv4-client-identifier 1 -VALUE identifier-type-code dhcpv6-client-duid 2 +VALUE Identifier-Type-Code CHAddr 0 +VALUE Identifier-Type-Code DHCPv4-Client-Identifier 1 +VALUE Identifier-Type-Code DHCPv6-Client-Duid 2 -VALUE digest-type-code sha-256 1 +VALUE Digest-Type-Code SHA-256 1 # # opt MUST have: # # 1 octet 0 - name is root # 2 octets class - requestors UDP payload size -# 4 octets TTL - extended rcode and flags +# 4 octets TTL - extended Rcode and flags # 2 octets RDLEN # RRDATA of 16 bits code, 16 bits length of data, data -STRUCT opt type 41 length=uint16 -MEMBER options tlv +STRUCT Opt Type 41 length=uint16 +MEMBER Options tlv -ATTRIBUTE llq .1 struct -MEMBER version uint16 -MEMBER opcode uint16 -MEMBER error uint16 +ATTRIBUTE LLQ .1 struct +MEMBER Version uint16 +MEMBER Opcode uint16 +MEMBER Error uint16 MEMBER ID uint64 -MEMBER lease time_delta +MEMBER Lease time_delta -#ATTRIBUTE ul .2 -ATTRIBUTE nsid .3 octets +#ATTRIBUTE UL .2 +ATTRIBUTE NSID .3 octets -ATTRIBUTE edns-client-subnet .8 struct -MEMBER family uint16 -MEMBER source-prefix-length uint8 -MEMBER scope-prefix-length uint8 +ATTRIBUTE EDNS-Client-Subnet .8 struct +MEMBER Family uint16 +MEMBER Source-Prefix-Length uint8 +MEMBER Scope-Prefix-Length uint8 # MUST be truncated to bytes determined by source-prefix-length -MEMBER ip combo-ip +MEMBER IP combo-ip # existence signals EXPIRE -ATTRIBUTE expire .9 bool +ATTRIBUTE Expire .9 bool # https://datatracker.ietf.org/doc/html/rfc7873 -ATTRIBUTE cookie .10 struct +ATTRIBUTE Cookie .10 struct # pseudo-random-function(client ip, server ip, client secret) -MEMBER client octets[8] +MEMBER Client octets[8] # pseudo-random-function(client ip, client cookie, server secret), at least 64 bits -MEMBER server octets +MEMBER Server octets -ATTRIBUTE edns0-tcp-keepalive .11 uint16 # time_delta in units of 100 milliseconds +ATTRIBUTE EDNS0-Tcp-Keepalive .11 uint16 # time_delta in units of 100 milliseconds -ATTRIBUTE padding .12 octets +ATTRIBUTE Padding .12 octets # Name server RR -ATTRIBUTE ns 4 struct clone=rr +ATTRIBUTE Name-Server 4 struct clone=Resource-Record # additional "glue" RR, or OPT RR for peer signalling -ATTRIBUTE ar 4 struct clone=rr +ATTRIBUTE Additional-Record 4 struct clone=Resource-Record diff --git a/src/process/dns/base.c b/src/process/dns/base.c index cec2af3ef12..5c0ad902389 100644 --- a/src/process/dns/base.c +++ b/src/process/dns/base.c @@ -174,13 +174,13 @@ static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mc static const virtual_server_compile_t compile_list[] = { { .name = "recv", - .name2 = "query", + .name2 = "Query", .component = MOD_POST_AUTH, .offset = PROCESS_CONF_OFFSET(request), }, { .name = "send", - .name2 = "query.response", + .name2 = "Query-Response", .component = MOD_POST_AUTH, .offset = PROCESS_CONF_OFFSET(reply), }, diff --git a/src/protocols/dns/base.c b/src/protocols/dns/base.c index c6ff32a5923..40e3b686014 100644 --- a/src/protocols/dns/base.c +++ b/src/protocols/dns/base.c @@ -57,11 +57,11 @@ fr_dict_attr_t const *attr_dns_ar; extern fr_dict_attr_autoload_t dns_dict_attr[]; fr_dict_attr_autoload_t dns_dict_attr[] = { // { .out = &attr_dns_packet_type, .name = "Packet-Type", .type = FR_TYPE_UINT16, .dict = &dict_dns }, - { .out = &attr_dns_packet, .name = "packet", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, - { .out = &attr_dns_question, .name = "question", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, - { .out = &attr_dns_rr, .name = "rr", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, - { .out = &attr_dns_ns, .name = "ns", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, - { .out = &attr_dns_ar, .name = "ar", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, + { .out = &attr_dns_packet, .name = "Header", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, + { .out = &attr_dns_question, .name = "Question", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, + { .out = &attr_dns_rr, .name = "Resource-Record", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, + { .out = &attr_dns_ns, .name = "Name-Server", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, + { .out = &attr_dns_ar, .name = "Additional-Record", .type = FR_TYPE_STRUCT, .dict = &dict_dns }, { NULL } }; diff --git a/src/tests/unit/protocols/dns/bad-cookie.txt b/src/tests/unit/protocols/dns/bad-cookie.txt index 3959b5998c5..3a296122c3f 100644 --- a/src/tests/unit/protocols/dns/bad-cookie.txt +++ b/src/tests/unit/protocols/dns/bad-cookie.txt @@ -51,7 +51,7 @@ fuzzer-out dns # decode-proto f6 ab 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 00 00 0c 00 0a 00 08 36 bf 11 1f ef 2e 01 09 -match packet = { id = 63147, query = query, opcode = query, authoritative = no, truncated-response = no, recursion-desired = yes, recursion-available = no, reserved = no, authentic-data = yes, checking-disabled = no, rcode = no-error, qdcount = 1, ancount = 0, nscount = 0, arcount = 1 }, question = { qname = ".", qtype = 6, qclass = internet }, ar = { name = ".", type = opt, class = 4096, ttl = 0, type.opt = { options = { cookie = { client = 0x36bf111fef2e0109 } } } } +match Header = { ID = 63147, Query = Query, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = yes, Recursion-Available = no, Reserved = no, Authentic-Data = yes, Checking-Disabled = no, Rcode = No-Error, Question-Count = 1, Answer-Count = 0, Name-Server-Count = 0, Additional-Records-Count = 1 }, Question = { Name = ".", Type = 6, Class = Internet }, Additional-Record = { Name = ".", Type = Opt, Class = 4096, TTL = 0, Type.Opt = { Options = { Cookie = { Client = 0x36bf111fef2e0109 } } } } encode-proto - match f6 ab 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 00 00 0c 00 0a 00 08 36 bf 11 1f ef 2e 01 09 @@ -98,8 +98,7 @@ match f6 ab 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 # | | optdata = '6\xbf\x11\x1f\xef.\x01\t}\x8f\xfe\x06\\co\xfb\x14-vt\x94@zs' # decode-proto f6 ab 81 87 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 01 00 00 00 00 1c 00 0a 00 18 36 bf 11 1f ef 2e 01 09 7d 8f fe 06 5c 63 6f fb 14 2d 76 74 94 40 7a 73 -match packet = { id = 63147, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = yes, recursion-available = yes, reserved = no, authentic-data = no, checking-disabled = no, rcode = yx-rr-set, qdcount = 1, ancount = 0, nscount = 0, arcount = 1 }, question = { qname = ".", qtype = 6, qclass = internet }, ar = { name = ".", type = opt, class = 4096, ttl = 16777216, type.opt = { options = { cookie = { client = 0x36bf111fef2e0109, server = 0x7d8ffe065c636ffb142d767494407a73 } } } } - +match Header = { ID = 63147, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = yes, Recursion-Available = yes, Reserved = no, Authentic-Data = no, Checking-Disabled = no, Rcode = YX-Resource-Recode-Set, Question-Count = 1, Answer-Count = 0, Name-Server-Count = 0, Additional-Records-Count = 1 }, Question = { Name = ".", Type = 6, Class = Internet }, Additional-Record = { Name = ".", Type = Opt, Class = 4096, TTL = 16777216, Type.Opt = { Options = { Cookie = { Client = 0x36bf111fef2e0109, Server = 0x7d8ffe065c636ffb142d767494407a73 } } } } encode-proto - match f6 ab 81 87 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 01 00 00 00 00 1c 00 0a 00 18 36 bf 11 1f ef 2e 01 09 7d 8f fe 06 5c 63 6f fb 14 2d 76 74 94 40 7a 73 @@ -145,8 +144,7 @@ match f6 ab 81 87 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 01 00 00 # | | optdata = '6\xbf\x11\x1f\xef.\x01\t}\x8f\xfe\x06\\co\xfb\x14-vt\x94@zs' # decode-proto b4 33 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 00 00 1c 00 0a 00 18 36 bf 11 1f ef 2e 01 09 7d 8f fe 06 5c 63 6f fb 14 2d 76 74 94 40 7a 73 -match packet = { id = 46131, query = query, opcode = query, authoritative = no, truncated-response = no, recursion-desired = yes, recursion-available = no, reserved = no, authentic-data = yes, checking-disabled = no, rcode = no-error, qdcount = 1, ancount = 0, nscount = 0, arcount = 1 }, question = { qname = ".", qtype = 6, qclass = internet }, ar = { name = ".", type = opt, class = 4096, ttl = 0, type.opt = { options = { cookie = { client = 0x36bf111fef2e0109, server = 0x7d8ffe065c636ffb142d767494407a73 } } } } - +match Header = { ID = 46131, Query = Query, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = yes, Recursion-Available = no, Reserved = no, Authentic-Data = yes, Checking-Disabled = no, Rcode = No-Error, Question-Count = 1, Answer-Count = 0, Name-Server-Count = 0, Additional-Records-Count = 1 }, Question = { Name = ".", Type = 6, Class = Internet }, Additional-Record = { Name = ".", Type = Opt, Class = 4096, TTL = 0, Type.Opt = { Options = { Cookie = { Client = 0x36bf111fef2e0109, Server = 0x7d8ffe065c636ffb142d767494407a73 } } } } encode-proto - match b4 33 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 00 00 1c 00 0a 00 18 36 bf 11 1f ef 2e 01 09 7d 8f fe 06 5c 63 6f fb 14 2d 76 74 94 40 7a 73 @@ -188,6 +186,7 @@ match b4 33 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 # | retry = 900 # | expire = 604800 # | minimum = 86400 + # ns = None # \ar \ # |[ DNS OPT Resource Record ] @@ -205,7 +204,7 @@ match b4 33 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 # | | optdata = '6\xbf\x11\x1f\xef.\x01\t\n/\x9d\xa2\\co\xfbI\xc3[\xb1O\xa4(\xb4' # decode-proto b4 33 81 a0 00 01 00 01 00 00 00 01 00 00 06 00 01 00 00 06 00 01 00 01 4e fe 00 40 01 61 0c 72 6f 6f 74 2d 73 65 72 76 65 72 73 03 6e 65 74 00 05 6e 73 74 6c 64 0c 76 65 72 69 73 69 67 6e 2d 67 72 73 03 63 6f 6d 00 78 57 d1 92 00 00 07 08 00 00 03 84 00 09 3a 80 00 01 51 80 00 00 29 10 00 00 00 00 00 00 1c 00 0a 00 18 36 bf 11 1f ef 2e 01 09 0a 2f 9d a2 5c 63 6f fb 49 c3 5b b1 4f a4 28 b4 -match packet = { id = 46131, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = yes, recursion-available = yes, reserved = no, authentic-data = yes, checking-disabled = no, rcode = no-error, qdcount = 1, ancount = 1, nscount = 0, arcount = 1 }, question = { qname = ".", qtype = 6, qclass = internet }, rr = { name = ".", type = soa, class = 1, ttl = 85758, type.soa = { mname = "a.root-servers.net", rname = "nstld.verisign-grs.com", serial = 2019021202, refresh = 1800, retry = 900, expire = 604800, minimum = 86400 } }, ar = { name = ".", type = opt, class = 4096, ttl = 0, type.opt = { options = { cookie = { client = 0x36bf111fef2e0109, server = 0x0a2f9da25c636ffb49c35bb14fa428b4 } } } } +match Header = { ID = 46131, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = yes, Recursion-Available = yes, Reserved = no, Authentic-Data = yes, Checking-Disabled = no, Rcode = No-Error, Question-Count = 1, Answer-Count = 1, Name-Server-Count = 0, Additional-Records-Count = 1 }, Question = { Name = ".", Type = 6, Class = Internet }, Resource-Record = { Name = ".", Type = SOA, Class = 1, TTL = 85758, Type.SOA = { Master-Name = "a.root-servers.net", Responsible-Name = "nstld.verisign-grs.com", Serial = 2019021202, Refresh = 1800, Retry = 900, Expire = 604800, Minimum = 86400 } }, Additional-Record = { Name = ".", Type = Opt, Class = 4096, TTL = 0, Type.Opt = { Options = { Cookie = { Client = 0x36bf111fef2e0109, Server = 0x0a2f9da25c636ffb49c35bb14fa428b4 } } } } encode-proto - match b4 33 81 a0 00 01 00 01 00 00 00 01 00 00 06 00 01 00 00 06 00 01 00 01 4e fe 00 40 01 61 0c 72 6f 6f 74 2d 73 65 72 76 65 72 73 03 6e 65 74 00 05 6e 73 74 6c 64 0c 76 65 72 69 73 69 67 6e 2d 67 72 73 03 63 6f 6d 00 78 57 d1 92 00 00 07 08 00 00 03 84 00 09 3a 80 00 01 51 80 00 00 29 10 00 00 00 00 00 00 1c 00 0a 00 18 36 bf 11 1f ef 2e 01 09 0a 2f 9d a2 5c 63 6f fb 49 c3 5b b1 4f a4 28 b4 diff --git a/src/tests/unit/protocols/dns/base.txt b/src/tests/unit/protocols/dns/base.txt index 53df254c85e..3d8e8a88ed1 100644 --- a/src/tests/unit/protocols/dns/base.txt +++ b/src/tests/unit/protocols/dns/base.txt @@ -7,25 +7,24 @@ fuzzer-out dns # 16 bits of ID 0 # Query, all other bits are clear -# 0 query +# 0 Query # 1 answer -# 0 nscount -# 0 arcount +# 0 Name-Server-Count +# 0 Additional-Records-Count # # A record of '.', class Internet, TTL 16 # length 4, with 127.0.0.1 as the IP address -# Z type class ttl +# Z type class TTL decode-proto 00 00 80 00 00 00 00 01 00 00 00 00 00 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 -match packet = { id = 0, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = no, recursion-available = no, reserved = no, authentic-data = no, checking-disabled = no, rcode = no-error, qdcount = 0, ancount = 1, nscount = 0, arcount = 0 }, rr = { name = ".", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } } - +match Header = { ID = 0, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = no, Recursion-Available = no, Reserved = no, Authentic-Data = no, Checking-Disabled = no, Rcode = No-Error, Question-Count = 0, Answer-Count = 1, Name-Server-Count = 0, Additional-Records-Count = 0 }, Resource-Record = { Name = ".", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } } encode-proto - match 00 00 80 00 00 00 00 01 00 00 00 00 00 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 # Really "decode RR". -# Z type class ttl length IPaddr +# Z type class TTL length IPaddr decode-pair 00 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 -match rr = { name = ".", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } } +match Resource-Record = { Name = ".", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } } encode-pair - match 00 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 @@ -33,16 +32,16 @@ match 00 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 # # And a complex label # -encode-proto packet = { id = 0, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = no, recursion-available = no, reserved = no, authentic-data = no, checking-disabled = no, rcode = no-error, qdcount = 0, ancount = 1, nscount = 0, arcount = 0 }, rr = { name = "www.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } } +encode-proto Header = { ID = 0, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = no, Recursion-Available = no, Reserved = no, Authentic-Data = no, Checking-Disabled = no, Rcode = No-Error, Question-Count = 0, Answer-Count = 1, Name-Server-Count = 0, Additional-Records-Count = 0 }, Resource-Record = { Name = "www.example.com", Type = A, Class = 1, TTL = 16, Type.A = { ip = 127.0.0.1 } } match 00 00 80 00 00 00 00 01 00 00 00 00 03 77 77 77 07 65 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 decode-proto - -match packet = { id = 0, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = no, recursion-available = no, reserved = no, authentic-data = no, checking-disabled = no, rcode = no-error, qdcount = 0, ancount = 1, nscount = 0, arcount = 0 }, rr = { name = "www.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } } +match Header = { ID = 0, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = no, Recursion-Available = no, Reserved = no, Authentic-Data = no, Checking-Disabled = no, Rcode = No-Error, Question-Count = 0, Answer-Count = 1, Name-Server-Count = 0, Additional-Records-Count = 0 }, Resource-Record = { Name = "www.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } } # # multiple labels (2) # -encode-proto packet = { id = 0, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = no, recursion-available = no, reserved = no, authentic-data = no, checking-disabled = no, rcode = no-error, qdcount = 0, ancount = 2, nscount = 0, arcount = 0 }, rr = { name = "www.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } }, rr = { name = "ftp.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } } +encode-proto Header = { ID = 0, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = no, Recursion-Available = no, Reserved = no, Authentic-Data = no, Checking-Disabled = no, Rcode = No-Error, Question-Count = 0, Answer-Count = 2, Name-Server-Count = 0, Additional-Records-Count = 0 }, Resource-Record = { Name = "www.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } }, Resource-Record = { Name = "ftp.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } } match 00 00 80 00 00 00 00 02 00 00 00 00 03 77 77 77 07 65 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 03 66 74 70 c0 10 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 # @@ -50,18 +49,18 @@ match 00 00 80 00 00 00 00 02 00 00 00 00 03 77 77 77 07 65 78 61 6d 70 6c 65 03 # and then "ftp" with a pointer c010 to "example.com" # decode-proto - -match packet = { id = 0, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = no, recursion-available = no, reserved = no, authentic-data = no, checking-disabled = no, rcode = no-error, qdcount = 0, ancount = 2, nscount = 0, arcount = 0 }, rr = { name = "www.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } }, rr = { name = "ftp.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } } +match Header = { ID = 0, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = no, Recursion-Available = no, Reserved = no, Authentic-Data = no, Checking-Disabled = no, Rcode = No-Error, Question-Count = 0, Answer-Count = 2, Name-Server-Count = 0, Additional-Records-Count = 0 }, Resource-Record = { Name = "www.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } }, Resource-Record = { Name = "ftp.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } } # # multiple labels (3), but with all counts removed. The counts will # be calculated dynamically. # -# Note that this isn't a valid DNS reply packet, as it should really +# Note that this isn't a valID DNS reply Header, as it should really # contain the questions which we're replying to. But we don't care # about every bit of RFC correctness here, we just care to test the # encoders and decoders for formatting. # -encode-proto packet = { id = 0, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = no, recursion-available = no, reserved = no, authentic-data = no, checking-disabled = no, rcode = no-error, qdcount = 0, ancount = 3, nscount = 0, arcount = 0 }, rr = { name = "www.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } }, rr = { name = "ftp.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } }, rr = { name = "ns.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } } +encode-proto Header = { ID = 0, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = no, Recursion-Available = no, Reserved = no, Authentic-Data = no, Checking-Disabled = no, Rcode = No-Error, Question-Count = 0, Answer-Count = 3, Name-Server-Count = 0, Additional-Records-Count = 0 }, Resource-Record = { Name = "www.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } }, Resource-Record = { Name = "ftp.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } }, Resource-Record = { Name = "ns.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } } match 00 00 80 00 00 00 00 03 00 00 00 00 03 77 77 77 07 65 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 03 66 74 70 c0 10 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 02 6e 73 c0 10 00 01 00 01 00 00 00 10 00 04 7f 00 00 01 # @@ -69,7 +68,7 @@ match 00 00 80 00 00 00 00 03 00 00 00 00 03 77 77 77 07 65 78 61 6d 70 6c 65 03 # and then "ftp" with a pointer c010 to "example.com" # decode-proto - -match packet = { id = 0, query = response, opcode = query, authoritative = no, truncated-response = no, recursion-desired = no, recursion-available = no, reserved = no, authentic-data = no, checking-disabled = no, rcode = no-error, qdcount = 0, ancount = 3, nscount = 0, arcount = 0 }, rr = { name = "www.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } }, rr = { name = "ftp.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } }, rr = { name = "ns.example.com", type = a, class = 1, ttl = 16, type.a = { ip-address = 127.0.0.1 } } +match Header = { ID = 0, Query = Response, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = no, Recursion-Available = no, Reserved = no, Authentic-Data = no, Checking-Disabled = no, Rcode = No-Error, Question-Count = 0, Answer-Count = 3, Name-Server-Count = 0, Additional-Records-Count = 0 }, Resource-Record = { Name = "www.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } }, Resource-Record = { Name = "ftp.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } }, Resource-Record = { Name = "ns.example.com", Type = A, Class = 1, TTL = 16, Type.A = { IP = 127.0.0.1 } } count match 23 diff --git a/src/tests/unit/protocols/dns/opt41.txt b/src/tests/unit/protocols/dns/opt41.txt index 69d51dd9e4d..0100d8edcd0 100644 --- a/src/tests/unit/protocols/dns/opt41.txt +++ b/src/tests/unit/protocols/dns/opt41.txt @@ -6,7 +6,7 @@ proto-dictionary dns fuzzer-out dns decode-proto f6 ab 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 00 00 0c 00 0a 00 08 36 bf 11 1f ef 2e 01 09 -match packet = { id = 63147, query = query, opcode = query, authoritative = no, truncated-response = no, recursion-desired = yes, recursion-available = no, reserved = no, authentic-data = yes, checking-disabled = no, rcode = no-error, qdcount = 1, ancount = 0, nscount = 0, arcount = 1 }, question = { qname = ".", qtype = 6, qclass = internet }, ar = { name = ".", type = opt, class = 4096, ttl = 0, type.opt = { options = { cookie = { client = 0x36bf111fef2e0109 } } } } +match Header = { ID = 63147, Query = Query, Opcode = Query, Authoritative = no, Truncated-Response = no, Recursion-Desired = yes, Recursion-Available = no, Reserved = no, Authentic-Data = yes, Checking-Disabled = no, Rcode = No-Error, Question-Count = 1, Answer-Count = 0, Name-Server-Count = 0, Additional-Records-Count = 1 }, Question = { Name = ".", Type = 6, Class = Internet }, Additional-Record = { Name = ".", Type = Opt, Class = 4096, TTL = 0, Type.Opt = { Options = { Cookie = { Client = 0x36bf111fef2e0109 } } } } encode-proto - match f6 ab 01 20 00 01 00 00 00 00 00 01 00 00 06 00 01 00 00 29 10 00 00 00 00 00 00 0c 00 0a 00 08 36 bf 11 1f ef 2e 01 09