From: Vladimír Čunát <vladimir.cunat@nic.cz>
Date: Mon, 4 Jan 2021 15:28:52 +0000 (+0100)
Subject: dnstap: represent DoT and DoH
X-Git-Tag: v5.3.0~22^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5e7fc1a8edcbe85224fce2a1353549a61cbd0d41;p=thirdparty%2Fknot-resolver.git

dnstap: represent DoT and DoH

(instead of marking them as TCP)
This includes latest dnstap.proto, except for keeping our local changes
of the licensing comment.
https://github.com/dnstap/dnstap.pb/blob/master/dnstap.proto
---

diff --git a/modules/dnstap/dnstap.c b/modules/dnstap/dnstap.c
index 7a12e3a58..d32f02a53 100644
--- a/modules/dnstap/dnstap.c
+++ b/modules/dnstap/dnstap.c
@@ -126,7 +126,11 @@ static int dnstap_log(kr_layer_t *ctx, enum dnstap_log_phase phase) {
 	}
 
 	if (req->qsource.dst_addr) {
-		if (req->qsource.flags.tcp) {
+		if (req->qsource.flags.http) {
+			m.socket_protocol = DNSTAP__SOCKET_PROTOCOL__DOH;
+		} else if (req->qsource.flags.tls) {
+			m.socket_protocol = DNSTAP__SOCKET_PROTOCOL__DOT;
+		} else if (req->qsource.flags.tcp) {
 			m.socket_protocol = DNSTAP__SOCKET_PROTOCOL__TCP;
 		} else {
 			m.socket_protocol = DNSTAP__SOCKET_PROTOCOL__UDP;
diff --git a/modules/dnstap/dnstap.proto b/modules/dnstap/dnstap.proto
index 301c32edc..f2b72738e 100644
--- a/modules/dnstap/dnstap.proto
+++ b/modules/dnstap/dnstap.proto
@@ -49,11 +49,12 @@ enum SocketFamily {
     INET6 = 2;  // IPv6 (RFC 2460)
 }
 
-// SocketProtocol: the transport protocol of a socket. This specifies how to
-// interpret "transport port" fields.
+// SocketProtocol: the protocol used to transport a DNS message.
 enum SocketProtocol {
-    UDP = 1;    // User Datagram Protocol (RFC 768)
-    TCP = 2;    // Transmission Control Protocol (RFC 793)
+    UDP = 1;    // DNS over UDP transport (RFC 1035 section 4.2.1)
+    TCP = 2;    // DNS over TCP transport (RFC 1035 section 4.2.2)
+    DOT = 3;    // DNS over TLS (RFC 7858)
+    DOH = 4;    // DNS over HTTPS (RFC 8484)
 }
 
 // Message: a wire-format (RFC 1035 section 4) DNS message and associated
@@ -159,6 +160,16 @@ message Message {
         // TOOL_RESPONSE is a DNS response message received by a DNS software
         // tool from a DNS server, from the perspective of the tool.
         TOOL_RESPONSE = 12;
+
+        // UPDATE_QUERY is a DNS update query message received from a resolver
+        // by an authoritative name server, from the perspective of the
+        // authoritative name server.
+        UPDATE_QUERY = 13;
+
+        // UPDATE_RESPONSE is a DNS update response message sent from an
+        // authoritative name server to a resolver, from the perspective of the
+        // authoritative name server.
+        UPDATE_RESPONSE = 14;
     }
 
     // One of the Type values described above.
diff --git a/modules/dnstap/meson.build b/modules/dnstap/meson.build
index bca503330..7bf73b7c8 100644
--- a/modules/dnstap/meson.build
+++ b/modules/dnstap/meson.build
@@ -32,6 +32,7 @@ if build_dnstap
       '--proto_path', meson.current_source_dir(),
       meson.current_source_dir() / 'dnstap.proto',
     ],
+    input: [ 'dnstap.proto' ],
     output: [
       'dnstap.pb-c.h',
       'dnstap.pb-c.c',