diff --git a/scripts/base/init-bare.zeek b/scripts/base/init-bare.zeek index 7454a82ce5..89510933c1 100644 --- a/scripts/base/init-bare.zeek +++ b/scripts/base/init-bare.zeek @@ -3887,7 +3887,7 @@ type dns_loc_rr: record { type dns_svcb_rr: record { svc_priority: count; ##< Service priority. (AliasMode? ServiceMode?) target_name: string; ##< Target name, the hostname of the service endpoint. - svc_params: table[count] of vector of string; ##< service parameters as key-value pairs + svc_params: table[count] of vector of string; ##< service parameters as key-value pairs (not used at this point) }; # DNS answer types. diff --git a/src/analyzer/protocol/dns/DNS.cc b/src/analyzer/protocol/dns/DNS.cc index c43888cb18..cb6b8cb5e8 100644 --- a/src/analyzer/protocol/dns/DNS.cc +++ b/src/analyzer/protocol/dns/DNS.cc @@ -1727,11 +1727,11 @@ bool DNS_Interpreter::ParseRR_SVCB(detail::DNS_MsgInfo* msg, const u_char*& data { case detail::TYPE_SVCB: analyzer->EnqueueConnEvent(dns_SVCB, analyzer->ConnVal(), msg->BuildHdrVal(), - msg->BuildAnswerVal(), msg->BuildSVCB_Val(&svcb_data)); + msg->BuildAnswerVal(), msg->BuildSVCB_Val(&svcb_data)); break; case detail::TYPE_HTTPS: analyzer->EnqueueConnEvent(dns_HTTPS, analyzer->ConnVal(), msg->BuildHdrVal(), - msg->BuildAnswerVal(), msg->BuildSVCB_Val(&svcb_data)); + msg->BuildAnswerVal(), msg->BuildSVCB_Val(&svcb_data)); break; default: break; // unreachable. for suppressing compiler warnings. } @@ -2046,7 +2046,7 @@ RecordValPtr DNS_MsgInfo::BuildSVCB_Val(SVCB_DATA* svcb) r->Assign(0, svcb->svc_priority); r->Assign(1, make_intrusive(svcb->target_name)); - // TODO: assign svcparams + // TODO: assign values to svcparams return r; } diff --git a/src/analyzer/protocol/dns/events.bif b/src/analyzer/protocol/dns/events.bif index 7e241c4d01..eed11bc820 100644 --- a/src/analyzer/protocol/dns/events.bif +++ b/src/analyzer/protocol/dns/events.bif @@ -721,9 +721,9 @@ event dns_SSHFP%(c: connection, msg: dns_msg, ans: dns_answer, algo: count, fpty ## loc: The parsed RDATA of LOC type record. event dns_LOC%(c: connection, msg: dns_msg, ans: dns_answer, loc: dns_loc_rr%); -## Generated for DNS replies of type *SVCB*. -## See `RFC draft `__ -## for more information about the DNS SVCB/HTTPS resource records. +## Generated for DNS replies of type *SVCB* (General Purpose Service Endpoints). +## See `RFC draft for DNS SVCB/HTTPS `__ +## for more information about DNS SVCB/HTTPS resource records. ## For replies with multiple answers, an individual event of the corresponding type is raised for each. ## ## c: The connection, which may be UDP or TCP depending on the type of the @@ -736,10 +736,10 @@ event dns_LOC%(c: connection, msg: dns_msg, ans: dns_answer, loc: dns_loc_rr%); ## svcb: The parsed RDATA of SVCB type record. event dns_SVCB%(c: connection, msg: dns_msg, ans: dns_answer, svcb: dns_svcb_rr%); -## Generated for DNS replies of type *HTTPS*. -## See `RFC draft `__ -## for more information about the DNS SVCB/HTTPS resource records. -## Since SVCB and HTTPS record share the same wire format layout, the argument https is dns_svcb_rr. +## Generated for DNS replies of type *HTTPS* (HTTPS Specific Service Endpoints). +## See `RFC draft for DNS SVCB/HTTPS `__ +## for more information about DNS SVCB/HTTPS resource records. +## Since SVCB and HTTPS records share the same wire format layout, the argument https is dns_svcb_rr. ## For replies with multiple answers, an individual event of the corresponding type is raised for each. ## ## c: The connection, which may be UDP or TCP depending on the type of the @@ -749,7 +749,7 @@ event dns_SVCB%(c: connection, msg: dns_msg, ans: dns_answer, svcb: dns_svcb_rr% ## ## ans: The type-independent part of the parsed answer record. ## -## https: The parsed RDATA of SVCB type record. +## https: The parsed RDATA of HTTPS type record. event dns_HTTPS%(c: connection, msg: dns_msg, ans: dns_answer, https: dns_svcb_rr%); ## Generated at the end of processing a DNS packet. This event is the last