From 4598ca164d09ae177b07bd46fc144dd83689d7f4 Mon Sep 17 00:00:00 2001
From: Nathan Scrivens <nathan.scrivens21@gmail.com>
Date: Thu, 16 May 2024 15:50:24 -0400
Subject: [PATCH] dns log: add additional section

Feature: 7011
dns_log_json_answer: log additional section records.
update schema.json with new "additionals" section.
---
 etc/schema.json     | 28 ++++++++++++++++++++++++++++
 rust/src/dns/log.rs | 20 ++++++++++++++++++++
 2 files changed, 48 insertions(+)

diff --git a/etc/schema.json b/etc/schema.json
index 2aff6cd6f9..bb6a8238c3 100644
--- a/etc/schema.json
+++ b/etc/schema.json
@@ -1104,6 +1104,9 @@
                 "authorities": {
                     "$ref": "#/$defs/dns.authorities"
                 },
+                "additionals": {
+                    "$ref": "#/$defs/dns.additionals"
+                },
                 "query": {
                     "type": "array",
                     "minItems": 1,
@@ -1175,6 +1178,9 @@
                         },
                         "authorities": {
                             "$ref": "#/$defs/dns.authorities"
+                        },
+                        "additionals": {
+                            "$ref": "#/$defs/dns.additionals"
                         }
                     },
                     "additionalProperties": false
@@ -6345,6 +6351,28 @@
                 "additionalProperties": false
             }
         },
+        "dns.additionals": {
+            "type": "array",
+            "minItems": 1,
+            "items": {
+                "type": "object",
+                "properties": {
+                    "rdata": {
+                        "type": "string"
+                    },
+                    "rrname": {
+                        "type": "string"
+                    },
+                    "rrtype": {
+                        "type": "string"
+                    },
+                    "ttl": {
+                        "type": "integer"
+                    }
+                },
+                "additionalProperties": false
+            }
+        },
         "stats_applayer_error": {
             "type": "object",
             "properties": {
diff --git a/rust/src/dns/log.rs b/rust/src/dns/log.rs
index 575875042a..c1043f8925 100644
--- a/rust/src/dns/log.rs
+++ b/rust/src/dns/log.rs
@@ -606,6 +606,26 @@ fn dns_log_json_answer(
         js.close()?;
     }
 
+    if !response.additionals.is_empty() {
+        let mut is_js_open = false;
+        for add in &response.additionals {
+            if let DNSRData::Unknown(rdata) = &add.data {
+                if rdata.is_empty() {
+                    continue;
+                }
+            }
+            if !is_js_open {
+                js.open_array("additionals")?;
+                is_js_open = true;
+            }
+            let add_detail = dns_log_json_answer_detail(add)?;
+            js.append_object(&add_detail)?;
+        }
+        if is_js_open {
+            js.close()?;
+        }
+    }
+
     Ok(())
 }
 
-- 
2.47.2