diff --git a/CHANGES b/CHANGES
index 90718d53d2..30c9611802 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4594. [func] "dnstap-read -x" prints a hex dump of the wire
+ format of each logged DNS message. [RT #44816]
+
4593. [doc] Update README using markdown, remove outdated FAQ
file in favor of the knowledge base.
diff --git a/README b/README
index d10bcf7848..8fb6491d93 100644
--- a/README
+++ b/README
@@ -94,16 +94,18 @@ BIND 9.12.0 is the newest development branch of BIND 9. It includes a
number of changes from BIND 9.11 and earlier releases. New features
include:
+ * dnstap-read -x prints a hex dump of the wire format of each logged DNS
+ message.
* The query handling code has been substantially refactored for improved
- readability, maintainability and testability
+ readability, maintainability and testability .
* dnstap output files can now be configured to roll automatically when
- reaching a given size
+ reaching a given size.
* Log file timestamps can now also be formatted in ISO 8601 (local) or
- ISO 8601 (UTC) formats
+ ISO 8601 (UTC) formats.
* Logging channels and dnstap output files can now be configured to use
- a timestamp as the suffix when rolling to a new file
- * named-checkconf -l lists zones found in named.conf
- * Added support for the EDNS Padding and Keepalive options
+ a timestamp as the suffix when rolling to a new file.
+ * named-checkconf -l lists zones found in named.conf.
+ * Added support for the EDNS Padding and Keepalive options.
Building BIND
diff --git a/README.md b/README.md
index 395dfb3200..678060de46 100644
--- a/README.md
+++ b/README.md
@@ -100,16 +100,18 @@ BIND 9.12.0 is the newest development branch of BIND 9. It includes a
number of changes from BIND 9.11 and earlier releases. New features
include:
+* `dnstap-read -x` prints a hex dump of the wire format of each logged
+ DNS message.
* The query handling code has been substantially refactored for improved
- readability, maintainability and testability
+ readability, maintainability and testability .
* `dnstap` output files can now be configured to roll automatically when
- reaching a given size
+ reaching a given size.
* Log file timestamps can now also be formatted in ISO 8601 (local) or ISO
- 8601 (UTC) formats
+ 8601 (UTC) formats.
* Logging channels and `dnstap` output files can now be configured to use a
- timestamp as the suffix when rolling to a new file
-* `named-checkconf -l` lists zones found in `named.conf`
-* Added support for the EDNS Padding and Keepalive options
+ timestamp as the suffix when rolling to a new file.
+* `named-checkconf -l` lists zones found in `named.conf`.
+* Added support for the EDNS Padding and Keepalive options.
### Building BIND
diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in
index 76d3ad83b4..8e1bbd6486 100644
--- a/bin/tests/system/conf.sh.in
+++ b/bin/tests/system/conf.sh.in
@@ -55,6 +55,7 @@ MDIG=$TOP/bin/tools/mdig
NZD2NZF=$TOP/bin/tools/named-nzd2nzf
FSTRM_CAPTURE=@FSTRM_CAPTURE@
FEATURETEST=$TOP/bin/tests/system/feature-test
+WIRETEST=$TOP/bin/tests/wire_test
RANDFILE=$TOP/bin/tests/system/random.data
@@ -172,3 +173,4 @@ export SAMPLEUPDATE
export SIGNER
export SUBDIRS
export TESTSOCK6
+export WIRETEST
diff --git a/bin/tests/system/dnstap/clean.sh b/bin/tests/system/dnstap/clean.sh
index 340338d6d1..e2c4df5e00 100644
--- a/bin/tests/system/dnstap/clean.sh
+++ b/bin/tests/system/dnstap/clean.sh
@@ -10,7 +10,7 @@ rm -f */named.memstats
rm -f */named.run
rm -f */named.stats
rm -f dig.out*
-rm -f dnstap.out
+rm -f dnstap.out dnstap.hex
rm -f dnstap.out.save
rm -f fstrm_capture.out
rm -f ns*/dnstap.out
diff --git a/bin/tests/system/dnstap/tests.sh b/bin/tests/system/dnstap/tests.sh
index f0795f5fad..4c06b7c251 100644
--- a/bin/tests/system/dnstap/tests.sh
+++ b/bin/tests/system/dnstap/tests.sh
@@ -357,6 +357,14 @@ if [ $HAS_PYYAML -ne 0 ] ; then
status=`expr $status + $ret`
fi
+echo "I:checking dnstap-read hex output"
+hex=`$DNSTAPREAD -x ns3/dnstap.out | tail -1`
+echo $hex | $WIRETEST > dnstap.hex
+grep 'status: NOERROR' dnstap.hex > /dev/null 2>&1 || ret=1
+grep 'ANSWER: 3, AUTHORITY: 1' dnstap.hex > /dev/null 2>&1 || ret=1
+if [ $ret != 0 ]; then echo "I: failed"; fi
+status=`expr $status + $ret`
+
if [ -n "$FSTRM_CAPTURE" ] ; then
$DIG +short @10.53.0.4 -p 5300 a.example > dig.out
diff --git a/bin/tools/dnstap-read.c b/bin/tools/dnstap-read.c
index aae823fa5b..a494607f5d 100644
--- a/bin/tools/dnstap-read.c
+++ b/bin/tools/dnstap-read.c
@@ -30,6 +30,7 @@
#include
#include
+#include
#include
#include
#include
@@ -45,6 +46,7 @@
isc_mem_t *mctx = NULL;
isc_boolean_t memrecord = ISC_FALSE;
isc_boolean_t printmessage = ISC_FALSE;
+isc_boolean_t hexmessage = ISC_FALSE;
isc_boolean_t yaml = ISC_FALSE;
const char *program = "dnstap-read";
@@ -76,9 +78,10 @@ fatal(const char *format, ...) {
static void
usage(void) {
- fprintf(stderr, "dnstap-read [-mp] [filename]\n");
+ fprintf(stderr, "dnstap-read [-mpxy] [filename]\n");
fprintf(stderr, "\t-m\ttrace memory allocations\n");
fprintf(stderr, "\t-p\tprint the full DNS message\n");
+ fprintf(stderr, "\t-x\tuse hex format to print DNS message\n");
fprintf(stderr, "\t-y\tprint YAML format (implies -p)\n");
}
@@ -100,6 +103,33 @@ print_dtdata(dns_dtdata_t *dt) {
isc_buffer_free(&b);
}
+static void
+print_hex(dns_dtdata_t *dt) {
+ isc_buffer_t *b = NULL;
+ isc_result_t result;
+ size_t textlen;
+
+ if (dt->msg == NULL) {
+ return;
+ }
+
+ textlen = (dt->msgdata.length * 2) + 1;
+ isc_buffer_allocate(mctx, &b, textlen);
+ if (b == NULL) {
+ fatal("out of memory");
+ }
+
+ result = isc_hex_totext(&dt->msgdata, 0, "", b);
+ CHECKM(result, "isc_hex_totext");
+
+ printf("%.*s\n", (int) isc_buffer_usedlength(b),
+ (char *) isc_buffer_base(b));
+
+ cleanup:
+ if (b != NULL)
+ isc_buffer_free(&b);
+}
+
static void
print_packet(dns_dtdata_t *dt, const dns_master_style_t *style) {
isc_buffer_t *b = NULL;
@@ -277,7 +307,7 @@ main(int argc, char *argv[]) {
dns_dthandle_t *handle = NULL;
int rv = 0, ch;
- while ((ch = isc_commandline_parse(argc, argv, "mpy")) != -1) {
+ while ((ch = isc_commandline_parse(argc, argv, "mpxy")) != -1) {
switch (ch) {
case 'm':
isc_mem_debugging |= ISC_MEM_DEBUGRECORD;
@@ -286,6 +316,9 @@ main(int argc, char *argv[]) {
case 'p':
printmessage = ISC_TRUE;
break;
+ case 'x':
+ hexmessage = ISC_TRUE;
+ break;
case 'y':
yaml = ISC_TRUE;
dns_master_indentstr = " ";
@@ -338,6 +371,9 @@ main(int argc, char *argv[]) {
if (yaml) {
print_yaml(dt);
+ } else if (hexmessage) {
+ print_dtdata(dt);
+ print_hex(dt);
} else if (printmessage) {
print_dtdata(dt);
print_packet(dt, &dns_master_style_debug);
diff --git a/bin/tools/dnstap-read.docbook b/bin/tools/dnstap-read.docbook
index f8706fe252..28255bcab3 100644
--- a/bin/tools/dnstap-read.docbook
+++ b/bin/tools/dnstap-read.docbook
@@ -40,6 +40,7 @@
dnstap-read
+ file
@@ -81,6 +82,17 @@
+
+ -x
+
+
+ After printing the dnstap data, print
+ a hex dump of the wire form of the DNS message that was
+ encapsulated in the dnstap frame.
+
+
+
+
-y
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 11c1f6c3e9..f52b11b6bf 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -149,6 +149,13 @@
New Features
+
+
+ The dnstap-read -x option prints a hex
+ dump of the wire format DNS message encapsulated in each
+ dnstap log entry. [RT #44816]
+
+
The host -A option returns most