diff --git a/CHANGES b/CHANGES index 2d4698814f..7decbbd4f3 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,11 @@ +4.2.0-dev.112 | 2021-09-03 18:12:12 +0000 + + * Add btests for DNS WKS and BINDS (Vlad Grigorescu) + + * Add btest for DNS WKS RR. (Vlad Grigorescu) + + * Add btest for DNS NSEC3PARAM RR. (Vlad Grigorescu) + 4.2.0-dev.106 | 2021-09-03 18:10:31 +0000 * Code modernization: use ranged-based for loop where possible (Vlad Grigorescu) diff --git a/VERSION b/VERSION index c73b9c923f..7c47b66767 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.2.0-dev.106 +4.2.0-dev.112 diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.binds/dns.log b/testing/btest/Baseline/scripts.base.protocols.dns.binds/dns.log new file mode 100644 index 0000000000..0523babdcd --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.dns.binds/dns.log @@ -0,0 +1,11 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path dns +#open XXXX-XX-XX-XX-XX-XX +#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto trans_id rtt query qclass qclass_name qtype qtype_name rcode rcode_name AA TC RD RA Z answers TTLs rejected auth addl +#types time string addr port addr port enum count interval string count string count string count string bool bool bool bool count vector[string] vector[interval] bool set[string] set[string] +XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 10.87.3.74 51871 10.87.1.10 53 udp 27571 0.002004 example.net 1 C_INTERNET 65534 query-65534 0 NOERROR T F T T 2 BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal 0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000 F - - +#close XXXX-XX-XX-XX-XX-XX diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.binds/output b/testing/btest/Baseline/scripts.base.protocols.dns.binds/output new file mode 100644 index 0000000000..9e60009463 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.dns.binds/output @@ -0,0 +1,17 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +BINDS, [query=example.net, answer_type=1, algorithm=7, key_id=32018, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=5, key_id=2196, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=15, key_id=12994, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=16, key_id=23868, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=7, key_id=37611, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=8, key_id=9551, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=5, key_id=48254, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=8, key_id=33130, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=14, key_id=15141, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=10, key_id=41675, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=10, key_id=63711, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=13, key_id=65395, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=13, key_id=31400, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=14, key_id=60289, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=15, key_id=31000, removal_flag=0, complte_flag=\x01, is_query=0] +BINDS, [query=example.net, answer_type=1, algorithm=16, key_id=40187, removal_flag=0, complte_flag=\x01, is_query=0] diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.nsec3param/dns.log b/testing/btest/Baseline/scripts.base.protocols.dns.nsec3param/dns.log new file mode 100644 index 0000000000..ef0bca3662 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.dns.nsec3param/dns.log @@ -0,0 +1,11 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path dns +#open XXXX-XX-XX-XX-XX-XX +#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto trans_id rtt query qclass qclass_name qtype qtype_name rcode rcode_name AA TC RD RA Z answers TTLs rejected auth addl +#types time string addr port addr port enum count interval string count string count string count string bool bool bool bool count vector[string] vector[interval] bool set[string] set[string] +XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 10.87.3.18 53540 10.87.1.54 53 udp 15626 0.522010 sshfp.net 1 C_INTERNET 51 NSEC3PARAM 0 NOERROR F F T T 2 NSEC3PARAM 0.000000 F - - +#close XXXX-XX-XX-XX-XX-XX diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.nsec3param/output b/testing/btest/Baseline/scripts.base.protocols.dns.nsec3param/output new file mode 100644 index 0000000000..54fb2e6d95 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.dns.nsec3param/output @@ -0,0 +1,2 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +NSEC3PARAM, [query=sshfp.net, answer_type=1, nsec_flags=0, nsec_hash_algo=1, nsec_iter=20, nsec_salt_len=16, nsec_salt={\x1a\x90\xa9\x16\x19~E\xd0w*\xbc\xb6D\x11V, is_query=0], 7b1a90a916197e45d0772abcb6441156 diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.wks/dns.log b/testing/btest/Baseline/scripts.base.protocols.dns.wks/dns.log new file mode 100644 index 0000000000..5cb0f62ae5 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.dns.wks/dns.log @@ -0,0 +1,11 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path dns +#open XXXX-XX-XX-XX-XX-XX +#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto trans_id rtt query qclass qclass_name qtype qtype_name rcode rcode_name AA TC RD RA Z answers TTLs rejected auth addl +#types time string addr port addr port enum count interval string count string count string count string bool bool bool bool count vector[string] vector[interval] bool set[string] set[string] +XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 10.87.3.18 60059 10.87.1.10 53 udp 63119 0.001993 zeek.example.net 1 C_INTERNET 11 WKS 0 NOERROR T F T T 2 - - F - - +#close XXXX-XX-XX-XX-XX-XX diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.wks/output b/testing/btest/Baseline/scripts.base.protocols.dns.wks/output new file mode 100644 index 0000000000..52ce957a48 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.dns.wks/output @@ -0,0 +1,2 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +WKS, dns_msg, dns_answer diff --git a/testing/btest/Traces/dns/dns-binds.pcap b/testing/btest/Traces/dns/dns-binds.pcap new file mode 100644 index 0000000000..92ccc4125c Binary files /dev/null and b/testing/btest/Traces/dns/dns-binds.pcap differ diff --git a/testing/btest/Traces/dns/dns-wks.pcap b/testing/btest/Traces/dns/dns-wks.pcap new file mode 100644 index 0000000000..b82f5c4f85 Binary files /dev/null and b/testing/btest/Traces/dns/dns-wks.pcap differ diff --git a/testing/btest/Traces/dnssec/nsec3param.pcap b/testing/btest/Traces/dnssec/nsec3param.pcap new file mode 100644 index 0000000000..f68df0c5ef Binary files /dev/null and b/testing/btest/Traces/dnssec/nsec3param.pcap differ diff --git a/testing/btest/scripts/base/protocols/dns/binds.zeek b/testing/btest/scripts/base/protocols/dns/binds.zeek new file mode 100644 index 0000000000..fc74bee6f4 --- /dev/null +++ b/testing/btest/scripts/base/protocols/dns/binds.zeek @@ -0,0 +1,10 @@ +# @TEST-EXEC: zeek -b -C -r $TRACES/dns/dns-binds.pcap %INPUT > output +# @TEST-EXEC: btest-diff dns.log +# @TEST-EXEC: btest-diff output + +@load policy/protocols/dns/auth-addl + +event dns_BINDS(c: connection, msg: dns_msg, ans: dns_answer, binds: dns_binds_rr) + { + print "BINDS", binds; + } diff --git a/testing/btest/scripts/base/protocols/dns/nsec3param.zeek b/testing/btest/scripts/base/protocols/dns/nsec3param.zeek new file mode 100644 index 0000000000..cadc9b25f0 --- /dev/null +++ b/testing/btest/scripts/base/protocols/dns/nsec3param.zeek @@ -0,0 +1,11 @@ +# @TEST-EXEC: zeek -b -C -r $TRACES/dnssec/nsec3param.pcap %INPUT > output +# @TEST-EXEC: btest-diff dns.log +# @TEST-EXEC: btest-diff output + +@load policy/protocols/dns/auth-addl + +event dns_NSEC3PARAM(c: connection, msg: dns_msg, ans: dns_answer, nsec3param: dns_nsec3param_rr) + { + print "NSEC3PARAM", nsec3param, + bytestring_to_hexstr(nsec3param$nsec_salt); + } diff --git a/testing/btest/scripts/base/protocols/dns/wks.zeek b/testing/btest/scripts/base/protocols/dns/wks.zeek new file mode 100644 index 0000000000..826434356d --- /dev/null +++ b/testing/btest/scripts/base/protocols/dns/wks.zeek @@ -0,0 +1,10 @@ +# @TEST-EXEC: zeek -b -C -r $TRACES/dns/dns-wks.pcap %INPUT > output +# @TEST-EXEC: btest-diff dns.log +# @TEST-EXEC: btest-diff output + +@load policy/protocols/dns/auth-addl + +event dns_WKS_reply(c: connection, msg: dns_msg, ans: dns_answer) + { + print "WKS", dns_msg, dns_answer; + }