diff --git a/scripts/base/init-bare.zeek b/scripts/base/init-bare.zeek index aa98ecfe13..ec13e3da90 100644 --- a/scripts/base/init-bare.zeek +++ b/scripts/base/init-bare.zeek @@ -3887,7 +3887,6 @@ type dns_loc_rr: record { type dns_svcb_rr: record { svc_priority: count; ##< Service priority for the current record, 0 indicates that this record is in AliasMode and cannot carry svc_params; otherwise this is in ServiceMode, and may include svc_params target_name: string; ##< Target name, the hostname of the service endpoint. - svc_params: table[count] of vector of string; ##< service parameters as key-value pairs (not used at this point) }; # DNS answer types. diff --git a/src/analyzer/protocol/dns/DNS.cc b/src/analyzer/protocol/dns/DNS.cc index 789169261a..868a26adde 100644 --- a/src/analyzer/protocol/dns/DNS.cc +++ b/src/analyzer/protocol/dns/DNS.cc @@ -1698,53 +1698,53 @@ bool DNS_Interpreter::ParseRR_CAA(detail::DNS_MsgInfo* msg, const u_char*& data, bool DNS_Interpreter::ParseRR_SVCB(detail::DNS_MsgInfo* msg, const u_char*& data, int& len, int rdlength, const u_char* msg_start, const RR_Type& svcb_type) { - // the smallest SVCB/HTTPS rr is 3 bytes: - // the first 2 bytes are for the svc priority, and the third byte is root (0x0) - if ( len < 3 ) - return false; + // the smallest SVCB/HTTPS rr is 3 bytes: + // the first 2 bytes are for the svc priority, and the third byte is root (0x0) + if ( len < 3 ) + return false; - uint16_t svc_priority = ExtractShort(data, len); + uint16_t svc_priority = ExtractShort(data, len); - u_char target_name[513]; - int name_len = sizeof(target_name) - 1; - u_char* name_end = ExtractName(data, len, target_name, name_len, msg_start, false); - if ( ! name_end ) - return false; + u_char target_name[513]; + int name_len = sizeof(target_name) - 1; + u_char* name_end = ExtractName(data, len, target_name, name_len, msg_start, false); + if ( ! name_end ) + return false; - // target name can be root - in this case the alternative endpoint is - // qname itself. make sure that we print "." instead of an empty string - if ( name_end - target_name == 0 ) - { - target_name[0] = '.'; - target_name[1] = '\0'; - name_end = target_name+1; - } + // target name can be root - in this case the alternative endpoint is + // qname itself. make sure that we print "." instead of an empty string + if ( name_end - target_name == 0 ) + { + target_name[0] = '.'; + target_name[1] = '\0'; + name_end = target_name+1; + } - SVCB_DATA svcb_data = { - .svc_priority = svc_priority, - .target_name = make_intrusive(new String(target_name, name_end - target_name, true)), - }; + SVCB_DATA svcb_data = { + .svc_priority = svc_priority, + .target_name = make_intrusive(new String(target_name, name_end - target_name, true)), + }; - // TODO: parse svcparams - // we consume all the remaining raw data (svc params) but do nothing. - // this should be removed if the svc param parser is ready - String* unparsed_data = ExtractStream(data, len, rdlength); - delete unparsed_data; + // TODO: parse svcparams + // we consume all the remaining raw data (svc params) but do nothing. + // this should be removed if the svc param parser is ready + String* unparsed_data = ExtractStream(data, len, rdlength); + delete unparsed_data; - switch( svcb_type ) - { - case detail::TYPE_SVCB: - analyzer->EnqueueConnEvent(dns_SVCB, analyzer->ConnVal(), msg->BuildHdrVal(), - msg->BuildAnswerVal(), msg->BuildSVCB_Val(svcb_data)); - break; - case detail::TYPE_HTTPS: - analyzer->EnqueueConnEvent(dns_HTTPS, analyzer->ConnVal(), msg->BuildHdrVal(), - msg->BuildAnswerVal(), msg->BuildSVCB_Val(svcb_data)); - break; - default: break; // unreachable. for suppressing compiler warnings. - } - return true; + switch( svcb_type ) + { + case detail::TYPE_SVCB: + analyzer->EnqueueConnEvent(dns_SVCB, analyzer->ConnVal(), msg->BuildHdrVal(), + msg->BuildAnswerVal(), msg->BuildSVCB_Val(svcb_data)); + break; + case detail::TYPE_HTTPS: + analyzer->EnqueueConnEvent(dns_HTTPS, analyzer->ConnVal(), msg->BuildHdrVal(), + msg->BuildAnswerVal(), msg->BuildSVCB_Val(svcb_data)); + break; + default: break; // unreachable. for suppressing compiler warnings. + } + return true; } void DNS_Interpreter::SendReplyOrRejectEvent(detail::DNS_MsgInfo* msg, EventHandlerPtr event, diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.https/output b/testing/btest/Baseline/scripts.base.protocols.dns.https/output index 739d29b9e8..5f4d11d5dd 100644 --- a/testing/btest/Baseline/scripts.base.protocols.dns.https/output +++ b/testing/btest/Baseline/scripts.base.protocols.dns.https/output @@ -1,3 +1 @@ -[svc_priority=1, target_name=., svc_params={ - -}] +[svc_priority=1, target_name=.] diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.svcb/output b/testing/btest/Baseline/scripts.base.protocols.dns.svcb/output index d6fcb527e3..233b838420 100644 --- a/testing/btest/Baseline/scripts.base.protocols.dns.svcb/output +++ b/testing/btest/Baseline/scripts.base.protocols.dns.svcb/output @@ -1,3 +1 @@ -[svc_priority=0, target_name=foo.example.com, svc_params={ - -}] +[svc_priority=0, target_name=foo.example.com]