plugin/dnstap: Fix behavior when multiple dnstap plugins specified (#5773)

* fix multiple dnstap plugins behavior

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>

plugin/dnstap/README.md

@@ -61,6 +61,15 @@ dnstap /tmp/dnstap.sock {
 }
 ~~~
 
+You can use _dnstap_ more than once to define multiple taps. The following logs information including the
+wire-format DNS message about client requests and responses to */tmp/dnstap.sock*,
+and also sends client requests and responses without wire-format DNS messages to a remote FQDN.
+
+~~~ txt
+dnstap /tmp/dnstap.sock full
+dnstap tcp://example.com:6000
+~~~
+
 ## Command Line Tool
 
 Dnstap has a command line tool that can be used to inspect the logging. The tool can be found
@@ -86,13 +95,15 @@ $ dnstap -l 127.0.0.1:6000
 
 ## Using Dnstap in your plugin
 
-In your setup function, check to see if the *dnstap* plugin is loaded:
+In your setup function, collect and store a list of all *dnstap* plugins loaded in the config:
 
 ~~~ go
+x :=  &ExamplePlugin{}
+
 c.OnStartup(func() error {
     if taph := dnsserver.GetConfig(c).Handler("dnstap"); taph != nil {
         if tapPlugin, ok := taph.(dnstap.Dnstap); ok {
-            f.tapPlugin = &tapPlugin
+            x.tapPlugins = append(x.tapPlugins, &tapPlugin)
         }
     }
     return nil
@@ -102,8 +113,13 @@ c.OnStartup(func() error {
 And then in your plugin:
 
 ~~~ go
-func (x RandomPlugin) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
+import (
-    if tapPlugin != nil {
+  github.com/coredns/coredns/plugin/dnstap/msg
+  tap "github.com/dnstap/golang-dnstap"
+)
+
+func (x ExamplePlugin) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
+    for _, tapPlugin := range x.tapPlugins {
         q := new(msg.Msg)
         msg.SetQueryTime(q, time.Now())
         msg.SetQueryAddress(q, w.RemoteAddr())

plugin/dnstap/setup.go

@@ -15,15 +15,17 @@ var log = clog.NewWithPlugin("dnstap")
 
 func init() { plugin.Register("dnstap", setup) }
 
-func parseConfig(c *caddy.Controller) (Dnstap, error) {
+func parseConfig(c *caddy.Controller) ([]*Dnstap, error) {
-	c.Next() // directive name
+	dnstaps := []*Dnstap{}
+
+	for c.Next() { // directive name
 		d := Dnstap{}
 		endpoint := ""
 
 		args := c.RemainingArgs()
 
 		if len(args) == 0 {
-		return d, c.ArgErr()
+			return nil, c.ArgErr()
 		}
 
 		endpoint = args[0]
@@ -32,7 +34,7 @@ func parseConfig(c *caddy.Controller) (Dnstap, error) {
 			// remote network endpoint
 			endpointURL, err := url.Parse(endpoint)
 			if err != nil {
-			return d, c.ArgErr()
+				return nil, c.ArgErr()
 			}
 			dio := newIO("tcp", endpointURL.Host)
 			d = Dnstap{io: dio}
@@ -53,29 +55,32 @@ func parseConfig(c *caddy.Controller) (Dnstap, error) {
 			case "identity":
 				{
 					if !c.NextArg() {
-					return d, c.ArgErr()
+						return nil, c.ArgErr()
 					}
 					d.Identity = []byte(c.Val())
 				}
 			case "version":
 				{
 					if !c.NextArg() {
-					return d, c.ArgErr()
+						return nil, c.ArgErr()
 					}
 					d.Version = []byte(c.Val())
 				}
 			}
 		}
-
+		dnstaps = append(dnstaps, &d)
-	return d, nil
+	}
+	return dnstaps, nil
 }
 
 func setup(c *caddy.Controller) error {
-	dnstap, err := parseConfig(c)
+	dnstaps, err := parseConfig(c)
 	if err != nil {
 		return plugin.Error("dnstap", err)
 	}
 
+	for i := range dnstaps {
+		dnstap := dnstaps[i]
 		c.OnStartup(func() error {
 			if err := dnstap.io.(*dio).connect(); err != nil {
 				log.Errorf("No connection to dnstap endpoint: %s", err)
@@ -93,11 +98,21 @@ func setup(c *caddy.Controller) error {
 			return nil
 		})
 
-	dnsserver.GetConfig(c).AddPlugin(
+		if i == len(dnstaps)-1 {
-		func(next plugin.Handler) plugin.Handler {
+			// last dnstap plugin in block: point next to next plugin
+			dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler {
 				dnstap.Next = next
 				return dnstap
 			})
+		} else {
+			// not last dnstap plugin in block: point next to next dnstap
+			nextDnstap := dnstaps[i+1]
+			dnsserver.GetConfig(c).AddPlugin(func(plugin.Handler) plugin.Handler {
+				dnstap.Next = nextDnstap
+				return dnstap
+			})
+		}
+	}
 
 	return nil
 }

plugin/dnstap/setup_test.go

@@ -2,35 +2,52 @@ package dnstap
 
 import (
 	"os"
+	"reflect"
 	"testing"
 
 	"github.com/coredns/caddy"
+	"github.com/coredns/coredns/core/dnsserver"
 )
 
+type results struct {
+	endpoint string
+	full     bool
+	proto    string
+	identity []byte
+	version  []byte
+}
+
 func TestConfig(t *testing.T) {
 	hostname, _ := os.Hostname()
 	tests := []struct {
 		in     string
-		endpoint string
-		full     bool
-		proto    string
 		fail   bool
-		identity []byte
+		expect []results
-		version  []byte
 	}{
-		{"dnstap dnstap.sock full", "dnstap.sock", true, "unix", false, []byte(hostname), []byte("-")},
+		{"dnstap dnstap.sock full", false, []results{{"dnstap.sock", true, "unix", []byte(hostname), []byte("-")}}},
-		{"dnstap unix://dnstap.sock", "dnstap.sock", false, "unix", false, []byte(hostname), []byte("-")},
+		{"dnstap unix://dnstap.sock", false, []results{{"dnstap.sock", false, "unix", []byte(hostname), []byte("-")}}},
-		{"dnstap tcp://127.0.0.1:6000", "127.0.0.1:6000", false, "tcp", false, []byte(hostname), []byte("-")},
+		{"dnstap tcp://127.0.0.1:6000", false, []results{{"127.0.0.1:6000", false, "tcp", []byte(hostname), []byte("-")}}},
-		{"dnstap tcp://[::1]:6000", "[::1]:6000", false, "tcp", false, []byte(hostname), []byte("-")},
+		{"dnstap tcp://[::1]:6000", false, []results{{"[::1]:6000", false, "tcp", []byte(hostname), []byte("-")}}},
-		{"dnstap tcp://example.com:6000", "example.com:6000", false, "tcp", false, []byte(hostname), []byte("-")},
+		{"dnstap tcp://example.com:6000", false, []results{{"example.com:6000", false, "tcp", []byte(hostname), []byte("-")}}},
-		{"dnstap", "fail", false, "tcp", true, []byte(hostname), []byte("-")},
+		{"dnstap", true, []results{{"fail", false, "tcp", []byte(hostname), []byte("-")}}},
-		{"dnstap dnstap.sock full {\nidentity NAME\nversion VER\n}\n", "dnstap.sock", true, "unix", false, []byte("NAME"), []byte("VER")},
+		{"dnstap dnstap.sock full {\nidentity NAME\nversion VER\n}\n", false, []results{{"dnstap.sock", true, "unix", []byte("NAME"), []byte("VER")}}},
-		{"dnstap dnstap.sock {\nidentity NAME\nversion VER\n}\n", "dnstap.sock", false, "unix", false, []byte("NAME"), []byte("VER")},
+		{"dnstap dnstap.sock {\nidentity NAME\nversion VER\n}\n", false, []results{{"dnstap.sock", false, "unix", []byte("NAME"), []byte("VER")}}},
-		{"dnstap {\nidentity NAME\nversion VER\n}\n", "fail", false, "tcp", true, []byte("NAME"), []byte("VER")},
+		{"dnstap {\nidentity NAME\nversion VER\n}\n", true, []results{{"fail", false, "tcp", []byte("NAME"), []byte("VER")}}},
+		{`dnstap dnstap.sock full {
+                identity NAME
+                version VER
+              }
+              dnstap tcp://127.0.0.1:6000 {
+                identity NAME2
+                version VER2
+              }`, false, []results{
+			{"dnstap.sock", true, "unix", []byte("NAME"), []byte("VER")},
+			{"127.0.0.1:6000", false, "tcp", []byte("NAME2"), []byte("VER2")},
+		}},
 	}
 	for i, tc := range tests {
 		c := caddy.NewTestController("dns", tc.in)
-		tap, err := parseConfig(c)
+		taps, err := parseConfig(c)
 		if tc.fail && err == nil {
 			t.Fatalf("Test %d: expected test to fail: %s: %s", i, tc.in, err)
 		}
@@ -41,20 +58,69 @@ func TestConfig(t *testing.T) {
 		if err != nil {
 			t.Fatalf("Test %d: expected no error, got %s", i, err)
 		}
-		if x := tap.io.(*dio).endpoint; x != tc.endpoint {
+		for i, tap := range taps {
-			t.Errorf("Test %d: expected endpoint %s, got %s", i, tc.endpoint, x)
+			if x := tap.io.(*dio).endpoint; x != tc.expect[i].endpoint {
+				t.Errorf("Test %d: expected endpoint %s, got %s", i, tc.expect[i].endpoint, x)
 			}
-		if x := tap.io.(*dio).proto; x != tc.proto {
+			if x := tap.io.(*dio).proto; x != tc.expect[i].proto {
-			t.Errorf("Test %d: expected proto %s, got %s", i, tc.proto, x)
+				t.Errorf("Test %d: expected proto %s, got %s", i, tc.expect[i].proto, x)
 			}
-		if x := tap.IncludeRawMessage; x != tc.full {
+			if x := tap.IncludeRawMessage; x != tc.expect[i].full {
-			t.Errorf("Test %d: expected IncludeRawMessage %t, got %t", i, tc.full, x)
+				t.Errorf("Test %d: expected IncludeRawMessage %t, got %t", i, tc.expect[i].full, x)
 			}
-		if x := string(tap.Identity); x != string(tc.identity) {
+			if x := string(tap.Identity); x != string(tc.expect[i].identity) {
-			t.Errorf("Test %d: expected identity %s, got %s", i, tc.identity, x)
+				t.Errorf("Test %d: expected identity %s, got %s", i, tc.expect[i].identity, x)
+			}
+			if x := string(tap.Version); x != string(tc.expect[i].version) {
+				t.Errorf("Test %d: expected version %s, got %s", i, tc.expect[i].version, x)
 			}
-		if x := string(tap.Version); x != string(tc.version) {
-			t.Errorf("Test %d: expected version %s, got %s", i, tc.version, x)
 		}
 	}
 }
+
+func TestMultiDnstap(t *testing.T) {
+	input := `
+      dnstap dnstap1.sock
+      dnstap dnstap2.sock
+      dnstap dnstap3.sock
+    `
+
+	c := caddy.NewTestController("dns", input)
+	setup(c)
+	dnsserver.NewServer("", []*dnsserver.Config{dnsserver.GetConfig(c)})
+
+	handlers := dnsserver.GetConfig(c).Handlers()
+	d1, ok := handlers[0].(*Dnstap)
+	if !ok {
+		t.Fatalf("expected first plugin to be Dnstap, got %v", reflect.TypeOf(d1.Next))
+	}
+
+	if d1.io.(*dio).endpoint != "dnstap1.sock" {
+		t.Errorf("expected first dnstap to \"dnstap1.sock\", got %q", d1.io.(*dio).endpoint)
+	}
+	if d1.Next == nil {
+		t.Fatal("expected first dnstap to point to next dnstap instance")
+	}
+
+	d2, ok := d1.Next.(*Dnstap)
+	if !ok {
+		t.Fatalf("expected second plugin to be Dnstap, got %v", reflect.TypeOf(d1.Next))
+	}
+	if d2.io.(*dio).endpoint != "dnstap2.sock" {
+		t.Errorf("expected second dnstap to \"dnstap2.sock\", got %q", d2.io.(*dio).endpoint)
+	}
+	if d2.Next == nil {
+		t.Fatal("expected second dnstap to point to third dnstap instance")
+	}
+
+	d3, ok := d2.Next.(*Dnstap)
+	if !ok {
+		t.Fatalf("expected third plugin to be Dnstap, got %v", reflect.TypeOf(d2.Next))
+	}
+	if d3.io.(*dio).endpoint != "dnstap3.sock" {
+		t.Errorf("expected third dnstap to \"dnstap3.sock\", got %q", d3.io.(*dio).endpoint)
+	}
+	if d3.Next != nil {
+		t.Error("expected third plugin to be last, but Next is not nil")
+	}
+}

plugin/forward/dnstap.go

@@ -39,17 +39,18 @@ func toDnstap(f *Forward, host string, state request.Request, opts options, repl
 	msg.SetQueryAddress(q, state.W.RemoteAddr())
 	msg.SetResponseAddress(q, ta)
 
-	if f.tapPlugin.IncludeRawMessage {
+	for _, t := range f.tapPlugins {
+		if t.IncludeRawMessage {
 			buf, _ := state.Req.Pack()
 			q.QueryMessage = buf
 		}
 		msg.SetType(q, tap.Message_FORWARDER_QUERY)
-	f.tapPlugin.TapMessage(q)
+		t.TapMessage(q)
 
 		// Response
 		if reply != nil {
 			r := new(tap.Message)
-		if f.tapPlugin.IncludeRawMessage {
+			if t.IncludeRawMessage {
 				buf, _ := reply.Pack()
 				r.ResponseMessage = buf
 			}
@@ -58,6 +59,7 @@ func toDnstap(f *Forward, host string, state request.Request, opts options, repl
 			msg.SetResponseAddress(r, ta)
 			msg.SetResponseTime(r, time.Now())
 			msg.SetType(r, tap.Message_FORWARDER_RESPONSE)
-		f.tapPlugin.TapMessage(r)
+			t.TapMessage(r)
+		}
 	}
 }

plugin/forward/forward.go

@@ -49,7 +49,7 @@ type Forward struct {
 	// the maximum allowed (maxConcurrent)
 	ErrLimitExceeded error
 
-	tapPlugin *dnstap.Dnstap // when the dnstap plugin is loaded, we use to this to send messages out.
+	tapPlugins []*dnstap.Dnstap // when dnstap plugins are loaded, we use to this to send messages out.
 
 	Next plugin.Handler
 }
@@ -150,7 +150,7 @@ func (f *Forward) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg
 			child.Finish()
 		}
 
-		if f.tapPlugin != nil {
+		if len(f.tapPlugins) != 0 {
 			toDnstap(f, proxy.addr, state, opts, ret, start)
 		}
 

plugin/forward/setup.go

@@ -52,7 +52,7 @@ func setup(c *caddy.Controller) error {
 		c.OnStartup(func() error {
 			if taph := dnsserver.GetConfig(c).Handler("dnstap"); taph != nil {
 				if tapPlugin, ok := taph.(dnstap.Dnstap); ok {
-					f.tapPlugin = &tapPlugin
+					f.tapPlugins = append(f.tapPlugins, &tapPlugin)
 				}
 			}
 			return nil