suricata icon indicating copy to clipboard operation
suricata copied to clipboard

Published 20 hours ago verified publisher icon OISF

dns: add missing dns keywords to schema.json

Open hadiqaalamdar opened this issue 1 year ago • 6 comments

Feature #5642

  • [x] I have read the contributing guide lines at https://docs.suricata.io/en/latest/devguide/codebase/contributing/contribution-process.html
  • [x] I have signed the Open Information Security Foundation contribution agreement at https://suricata.io/about/contribution-agreement/
  • [x] I have updated the user guide (in doc/userguide/) to reflect the changes made (if applicable)

Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/5642

Describe changes:

  • Added dns tc, aa and z boolean fields to dns.answer in schema.json file
  • Added sshfp field in dns.authorities in schema.json

hadiqaalamdar avatar Jan 18 '24 09:01 hadiqaalamdar

Looks good to me.

Commit message could mention how you found them (manual code review, correct ? )

Question for us : do we want to have SV tests exercising these ?

catenacyber avatar Jan 18 '24 09:01 catenacyber

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (6896a93) 82.12% compared to head (f946f94) 82.14%. Report is 21 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #10193      +/-   ##
==========================================
+ Coverage   82.12%   82.14%   +0.01%     
==========================================
  Files         975      975              
  Lines      271724   271724              
==========================================
+ Hits       223151   223198      +47     
+ Misses      48573    48526      -47
Flag Coverage Δ
fuzzcorpus 62.79% <ø> (+0.07%) :arrow_up:
suricata-verify 61.40% <ø> (-0.02%) :arrow_down:
unittests 62.83% <ø> (-0.01%) :arrow_down:

Flags with carried forward coverage won't be shown. Click here to find out more.

codecov[bot] avatar Jan 18 '24 10:01 codecov[bot]

Question for us : do we want to have SV tests exercising these ?

That was the plan, yes. This is why you gave the sshfp pcap

inashivb avatar Jan 18 '24 10:01 inashivb

Looks good to me.

Commit message could mention how you found them (manual code review, correct ? )

Question for us : do we want to have SV tests exercising these ?

yes, I can change the commit message. Should I be creating the SV tests on this? I was under the impression that I should share the branch and then someone else might handle the SV tests.

hadiqaalamdar avatar Jan 18 '24 11:01 hadiqaalamdar

Question for us : do we want to have SV tests exercising these ?

imho, yes. Also document those fields, somehow.

jufajardini avatar Jan 18 '24 15:01 jufajardini

https://github.com/OISF/suricata-verify/pull/1588 is there

catenacyber avatar Jan 18 '24 15:01 catenacyber

Was merged with commit 6c193b1a3d184ac9e56427b97ca4ed576e40166f

catenacyber avatar Feb 29 '24 20:02 catenacyber