dns: add keyword for dns.response.rrname (feat 7012) - v2 #12500
Conversation
Feature: 7012 Add dns.response sticky buffer to match on dns response fields. Add rust functions to return dns response packet data. Unit tests verifying signature matching.
Feature: 7012
This is a better name as the keyword is looking at all rrname type fields in the response.
These arrays are manually formatted for readability.
Make the function safe by returning a reference to the DNSName object, the unsafe C wrapper can do the conversion to pointers.
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #12500 +/- ##
==========================================
+ Coverage 80.58% 80.65% +0.07%
==========================================
Files 925 926 +1
Lines 259313 260554 +1241
==========================================
+ Hits 208955 210157 +1202
- Misses 50358 50397 +39
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
Information: QA ran without warnings. Pipeline 24417 |
|
Is this to be considered for merge? The conversation in the prev PR suggests there is more to do? |
Other than more S-V coverage, to be comparable with the unit tests I think its ready for review. Something else standing out? There's this, #11647 (comment), but it doesn't really affect the completeness of this PR. Currently its a blocker for more discrete keywords to provide parity, for which I'll need very similar tests as well. So I could do those to complete this off, then they'd be ready for https://redmine.openinfosecfoundation.org/issues/5642. |
What are discrete keywords ? Do you say this PR is blocking adding other keywords ? Why so ?
@scrivs86 said yesterday that he was going to do another version cf #11647 (comment) This means squashing in your commits I guess |
Rebase of: #11647
Changes:
SV_BRANCH=OISF/suricata-verify#2264