From: Remi Gacogne Date: Tue, 29 Jun 2021 14:47:21 +0000 (+0200) Subject: dnsdist: Support more dnstap transport types (DoT, DoH) X-Git-Tag: dnsdist-1.7.0-alpha1~100^2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7b9442f4dc3d64023fa869bcf849cb0981878b46;p=thirdparty%2Fpdns.git dnsdist: Support more dnstap transport types (DoT, DoH) --- diff --git a/pdns/dnsdist-lua-actions.cc b/pdns/dnsdist-lua-actions.cc index 3d4d213c4b..e8d7f25f5e 100644 --- a/pdns/dnsdist-lua-actions.cc +++ b/pdns/dnsdist-lua-actions.cc @@ -1043,6 +1043,28 @@ private: bool d_hasV6; }; +static DnstapMessage::ProtocolType ProtocolToDNSTap(DNSQuestion::Protocol protocol) +{ + DnstapMessage::ProtocolType result; + switch (protocol) { + default: + case DNSQuestion::Protocol::DoUDP: + case DNSQuestion::Protocol::DNSCryptUDP: + result = DnstapMessage::ProtocolType::DoUDP; + break; + case DNSQuestion::Protocol::DoTCP: + case DNSQuestion::Protocol::DNSCryptTCP: + result = DnstapMessage::ProtocolType::DoTCP; + break; + case DNSQuestion::Protocol::DoT: + result = DnstapMessage::ProtocolType::DoT; + break; + case DNSQuestion::Protocol::DoH: + result = DnstapMessage::ProtocolType::DoH; + break; + } + return result; +} class DnstapLogAction : public DNSAction, public boost::noncopyable { @@ -1056,7 +1078,8 @@ public: static thread_local std::string data; data.clear(); - DnstapMessage message(data, !dq->getHeader()->qr ? DnstapMessage::MessageType::client_query : DnstapMessage::MessageType::client_response, d_identity, dq->remote, dq->local, dq->overTCP(), reinterpret_cast(dq->getData().data()), dq->getData().size(), dq->queryTime, nullptr); + DnstapMessage::ProtocolType protocol = ProtocolToDNSTap(dq->getProtocol()); + DnstapMessage message(data, !dq->getHeader()->qr ? DnstapMessage::MessageType::client_query : DnstapMessage::MessageType::client_response, d_identity, dq->remote, dq->local, protocol, reinterpret_cast(dq->getData().data()), dq->getData().size(), dq->queryTime, nullptr); { if (d_alterFunc) { std::lock_guard lock(g_luamutex); @@ -1189,7 +1212,8 @@ public: gettime(&now, true); data.clear(); - DnstapMessage message(data, DnstapMessage::MessageType::client_response, d_identity, dr->remote, dr->local, dr->overTCP(), reinterpret_cast(dr->getData().data()), dr->getData().size(), dr->queryTime, &now); + DnstapMessage::ProtocolType protocol = ProtocolToDNSTap(dr->getProtocol()); + DnstapMessage message(data, DnstapMessage::MessageType::client_response, d_identity, dr->remote, dr->local, protocol, reinterpret_cast(dr->getData().data()), dr->getData().size(), dr->queryTime, &now); { if (d_alterFunc) { std::lock_guard lock(g_luamutex); diff --git a/pdns/dnstap.cc b/pdns/dnstap.cc index 954f2d0bf2..86f933a6e1 100644 --- a/pdns/dnstap.cc +++ b/pdns/dnstap.cc @@ -17,15 +17,11 @@ namespace DnstapSocketFamilyTypes { enum : protozero::pbf_tag_type { inet = 1, inet6 = 2 }; } -namespace DnstapSocketFamilyProtocol { - enum : protozero::pbf_tag_type { udp = 1, tcp = 2 }; -} - namespace DnstapMessageFields { enum : protozero::pbf_tag_type { type = 1, socket_family = 2, socket_protocol = 3, query_address = 4, response_address = 5, query_port = 6, response_port = 7, query_time_sec = 8, query_time_nsec = 9, query_message = 10, query_zone = 11, response_time_sec = 12, response_time_nsec = 13, response_message = 14 }; } -DnstapMessage::DnstapMessage(std::string& buffer, DnstapMessage::MessageType type, const std::string& identity, const ComboAddress* requestor, const ComboAddress* responder, bool isTCP, const char* packet, const size_t len, const struct timespec* queryTime, const struct timespec* responseTime, boost::optional auth): d_buffer(buffer) +DnstapMessage::DnstapMessage(std::string& buffer, DnstapMessage::MessageType type, const std::string& identity, const ComboAddress* requestor, const ComboAddress* responder, DnstapMessage::ProtocolType protocol, const char* packet, const size_t len, const struct timespec* queryTime, const struct timespec* responseTime, boost::optional auth): d_buffer(buffer) { protozero::pbf_writer pbf{d_buffer}; @@ -37,7 +33,7 @@ DnstapMessage::DnstapMessage(std::string& buffer, DnstapMessage::MessageType typ protozero::pbf_writer pbf_message{pbf, DnstapBaseFields::message}; pbf_message.add_enum(DnstapMessageFields::type, static_cast(type)); - pbf_message.add_enum(DnstapMessageFields::socket_protocol, isTCP ? DnstapSocketFamilyProtocol::tcp : DnstapSocketFamilyProtocol::udp); + pbf_message.add_enum(DnstapMessageFields::socket_protocol, static_cast(protocol)); if (requestor != nullptr) { pbf_message.add_enum(DnstapMessageFields::socket_family, requestor->sin4.sin_family == AF_INET ? DnstapSocketFamilyTypes::inet : DnstapSocketFamilyTypes::inet6); diff --git a/pdns/dnstap.hh b/pdns/dnstap.hh index 3d3fe71bb4..f4c7ee6ad9 100644 --- a/pdns/dnstap.hh +++ b/pdns/dnstap.hh @@ -34,8 +34,9 @@ class DnstapMessage { public: enum class MessageType : uint32_t { auth_query = 1, auth_response = 2, resolver_query = 3, resolver_response = 4, client_query = 5, client_response = 6, forwarder_query = 7, forwarded_response = 8, stub_query = 9, stub_response = 10, tool_query = 11, tool_response = 12 }; + enum class ProtocolType : uint32_t { DoUDP = 1, DoTCP = 2, DoT = 3, DoH = 4 }; - DnstapMessage(std::string& buffer, MessageType type, const std::string& identity, const ComboAddress* requestor, const ComboAddress* responder, bool isTCP, const char* packet, const size_t len, const struct timespec* queryTime, const struct timespec* responseTime, boost::optional auth=boost::none); + DnstapMessage(std::string& buffer, MessageType type, const std::string& identity, const ComboAddress* requestor, const ComboAddress* responder, ProtocolType protocol, const char* packet, const size_t len, const struct timespec* queryTime, const struct timespec* responseTime, boost::optional auth=boost::none); void setExtra(const std::string& extra);