From 0ea7ac68b1ed61391e83f3134ac3bb61852637ad Mon Sep 17 00:00:00 2001 From: dmachard <5562930+dmachard@users.noreply.github.com> Date: Thu, 27 Jun 2024 06:44:18 +0200 Subject: [PATCH] quote peer name and identity --- README.md | 4 ++-- dnsutils/message.go | 23 ++++++++++++++++++----- dnsutils/message_test.go | 28 ++++++++++++++++++++++++++++ 3 files changed, 48 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 25bd2b03..492ef53f 100644 --- a/README.md +++ b/README.md @@ -70,8 +70,8 @@ - **[Transformers](./docs/transformers.md)** - - Custom [Relabeling](docs/transformers/transform_relabeling.md) for JSON structure - - Add additionnal [Tags](docs/transformers/transform_atags.md) + - [Rewrite](docs/transformers/transform_rewrite.md) DNS messages or custom [Relabeling](docs/transformers/transform_relabeling.md) for JSON output + - Add additionnal [Tags](docs/transformers/transform_atags.md) in DNS messages - Traffic [Filtering](docs/transformers/transform_trafficfiltering.md) and [Reducer](docs/transformers/transform_trafficreducer.md) - Latency [Computing](docs/transformers/transform_latency.md) - Apply [User Privacy](docs/transformers/transform_userprivacy.md) diff --git a/dnsutils/message.go b/dnsutils/message.go index bc8141ba..f9af3ad7 100644 --- a/dnsutils/message.go +++ b/dnsutils/message.go @@ -673,14 +673,26 @@ func (dm *DNSMessage) ToTextLine(format []string, fieldDelimiter string, fieldBo if len(qname) == 0 { s.WriteString(".") } else { - escapeStringAndWrite(&s, qname, fieldDelimiter, fieldBoundary) + quoteStringAndWrite(&s, qname, fieldDelimiter, fieldBoundary) } case directive == "identity": - s.WriteString(dm.DNSTap.Identity) + if len(qname) == 0 { + s.WriteString(".") + } else { + quoteStringAndWrite(&s, dm.DNSTap.Identity, fieldDelimiter, fieldBoundary) + } case directive == "peer-name": - s.WriteString(dm.DNSTap.PeerName) + if len(qname) == 0 { + s.WriteString(".") + } else { + quoteStringAndWrite(&s, dm.DNSTap.PeerName, fieldDelimiter, fieldBoundary) + } case directive == "version": - escapeStringAndWrite(&s, dm.DNSTap.Version, fieldDelimiter, fieldBoundary) + if len(qname) == 0 { + s.WriteString(".") + } else { + quoteStringAndWrite(&s, dm.DNSTap.Version, fieldDelimiter, fieldBoundary) + } case directive == "extra": s.WriteString(dm.DNSTap.Extra) case directive == "policy-rule": @@ -1849,6 +1861,7 @@ func GetFakeDNSMessage() DNSMessage { dm.DNSTap.Identity = "collector" dm.DNSTap.Version = "dnscollector 1.0.0" dm.DNSTap.Operation = "CLIENT_QUERY" + dm.DNSTap.PeerName = "localhost (127.0.0.1)" dm.DNS.Type = DNSQuery dm.DNS.Qname = pkgconfig.ProgQname dm.NetworkInfo.QueryIP = "1.2.3.4" @@ -1904,7 +1917,7 @@ func convertToString(value interface{}) string { } } -func escapeStringAndWrite(s *strings.Builder, fieldString, fieldDelimiter, fieldBoundary string) { +func quoteStringAndWrite(s *strings.Builder, fieldString, fieldDelimiter, fieldBoundary string) { if len(fieldDelimiter) > 0 { if strings.Contains(fieldString, fieldDelimiter) { fieldEscaped := fieldString diff --git a/dnsutils/message_test.go b/dnsutils/message_test.go index 993102d7..eb5bda19 100644 --- a/dnsutils/message_test.go +++ b/dnsutils/message_test.go @@ -808,6 +808,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary string format string qname string + identity string expected string }{ { @@ -816,6 +817,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary: config.Global.TextFormatBoundary, format: config.Global.TextFormat, qname: "dnscollector.fr", + identity: "collector", expected: "- collector CLIENT_QUERY NOERROR 1.2.3.4 1234 - - 0b dnscollector.fr A -", }, { @@ -824,6 +826,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary: config.Global.TextFormatBoundary, format: config.Global.TextFormat, qname: "dnscollector.fr", + identity: "collector", expected: "-;collector;CLIENT_QUERY;NOERROR;1.2.3.4;1234;-;-;0b;dnscollector.fr;A;-", }, { @@ -832,6 +835,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary: config.Global.TextFormatBoundary, format: config.Global.TextFormat, qname: "dnscollector.fr", + identity: "collector", expected: "-collectorCLIENT_QUERYNOERROR1.2.3.41234--0bdnscollector.frA-", }, { @@ -840,6 +844,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary: config.Global.TextFormatBoundary, format: config.Global.TextFormat, qname: "dns collector.fr", + identity: "collector", expected: "- collector CLIENT_QUERY NOERROR 1.2.3.4 1234 - - 0b \"dns collector.fr\" A -", }, { @@ -848,6 +853,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary: config.Global.TextFormatBoundary, format: config.Global.TextFormat, qname: "dns\"coll tor\".fr", + identity: "collector", expected: "- collector CLIENT_QUERY NOERROR 1.2.3.4 1234 - - 0b \"dns\\\"coll tor\\\".fr\" A -", }, { @@ -856,6 +862,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary: "!", format: config.Global.TextFormat, qname: "dnscoll tor.fr", + identity: "collector", expected: "- collector CLIENT_QUERY NOERROR 1.2.3.4 1234 - - 0b !dnscoll tor.fr! A -", }, { @@ -864,6 +871,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary: config.Global.TextFormatBoundary, format: "qname {IN} qtype", qname: "dnscollector.fr", + identity: "", expected: "dnscollector.fr IN A", }, { @@ -872,8 +880,27 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { boundary: config.Global.TextFormatBoundary, format: "identity version qname", qname: "dnscollector.fr", + identity: "collector", expected: "collector \"dnscollector 1.0.0\" dnscollector.fr", }, + { + name: "quote_dnstap_identity", + delimiter: config.Global.TextFormatDelimiter, + boundary: config.Global.TextFormatBoundary, + format: "identity qname", + qname: "dnscollector.fr", + identity: "dns collector", + expected: "\"dns collector\" dnscollector.fr", + }, + { + name: "quote_dnstap_peername", + delimiter: config.Global.TextFormatDelimiter, + boundary: config.Global.TextFormatBoundary, + format: "peer-name qname", + qname: "dnscollector.fr", + identity: "", + expected: "\"localhost (127.0.0.1)\" dnscollector.fr", + }, } for _, tc := range testcases { @@ -881,6 +908,7 @@ func TestDnsMessage_TextFormat_ToString(t *testing.T) { dm := GetFakeDNSMessage() dm.DNS.Qname = tc.qname + dm.DNSTap.Identity = tc.identity line := dm.String(strings.Fields(tc.format), tc.delimiter, tc.boundary) if line != tc.expected {