Commit b1d234eb authored by Brian Wellington's avatar Brian Wellington
Browse files

The dnssec tools properly use the logging subsystem and share more code.

parent 1ee6767f
207. [func] The dnssec tools properly use the logging subsystem.
206. [cleanup] dst now stores the key name as a dns_name_t, not
a char *.
......
......@@ -43,24 +43,25 @@ TARGETS = dnssec-keygen \
SRCS = dnssec-keygen.c \
dnssec-makekeyset.c \
dnssec-signkey.c \
dnssec-signzone.c
dnssec-signzone.c \
dnssectool.c
@BIND9_MAKE_RULES@
dnssec-keygen: dnssec-keygen.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL} ${CC} ${CFLAGS} -o $@ dnssec-keygen.@O@ \
dnssec-keygen: dnssec-keygen.@O@ dnssectool.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL} ${CC} ${CFLAGS} -o $@ dnssec-keygen.@O@ dnssectool.@O@ \
${DNSLIBS} ${ISCLIBS} ${LIBS}
dnssec-makekeyset: dnssec-makekeyset.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL} ${CC} ${CFLAGS} -o $@ dnssec-makekeyset.@O@ \
dnssec-makekeyset: dnssec-makekeyset.@O@ dnssectool.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL} ${CC} ${CFLAGS} -o $@ dnssec-makekeyset.@O@ dnssectool.@O@ \
${DNSLIBS} ${ISCLIBS} ${LIBS}
dnssec-signkey: dnssec-signkey.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL} ${CC} ${CFLAGS} -o $@ dnssec-signkey.@O@ \
dnssec-signkey: dnssec-signkey.@O@ dnssectool.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL} ${CC} ${CFLAGS} -o $@ dnssec-signkey.@O@ dnssectool.@O@ \
${DNSLIBS} ${ISCLIBS} ${LIBS}
dnssec-signzone: dnssec-signzone.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL} ${CC} ${CFLAGS} -o $@ dnssec-signzone.@O@ \
dnssec-signzone: dnssec-signzone.@O@ dnssectool.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL} ${CC} ${CFLAGS} -o $@ dnssec-signzone.@O@ dnssectool.@O@ \
${DNSLIBS} ${ISCLIBS} ${LIBS}
clean distclean::
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THE SOFTWARE.
*/
/* $Id: dnssec-keygen.c,v 1.26 2000/05/24 23:13:12 bwelling Exp $ */
/* $Id: dnssec-keygen.c,v 1.27 2000/05/24 23:54:39 bwelling Exp $ */
#include <config.h>
......@@ -30,6 +30,7 @@
#include <dns/fixedname.h>
#include <dns/keyvalues.h>
#include <dns/log.h>
#include <dns/name.h>
#include <dns/result.h>
#include <dns/secalg.h>
......@@ -37,48 +38,12 @@
#include <dst/dst.h>
#include <dst/result.h>
#define PROGRAM "dnssec-keygen"
#include "dnssectool.h"
#define MAX_RSA 2048 /* XXX ogud update this when rsa library is updated */
static int verbose;
static void
fatal(char *format, ...) {
va_list args;
fprintf(stderr, "%s: ", PROGRAM);
va_start(args, format);
vfprintf(stderr, format, args);
va_end(args);
fprintf(stderr, "\n");
exit(1);
}
static inline void
check_result(isc_result_t result, char *message) {
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "%s: %s: %s\n", PROGRAM, message,
isc_result_totext(result));
exit(1);
}
}
/* Not thread-safe! */
static char *
algtostr(const dns_secalg_t alg) {
isc_buffer_t b;
isc_region_t r;
isc_result_t result;
static char data[10];
isc_buffer_init(&b, data, sizeof(data));
result = dns_secalg_totext(alg, &b);
check_result(result, "dns_secalg_totext()");
isc_buffer_usedregion(&b, &r);
r.base[r.length] = 0;
return (char *) r.base;
}
char *program = "dnssec-keygen";
int verbose;
static isc_boolean_t
dsa_size_ok(int size) {
......@@ -88,7 +53,7 @@ dsa_size_ok(int size) {
static void
usage(void) {
printf("Usage:\n");
printf(" %s [options] name\n\n", PROGRAM);
printf(" %s [options] name\n\n", program);
printf("Required options:\n");
printf(" -a algorithm: RSA | RSAMD5 | DH | DSA | HMAC-MD5\n");
printf(" -b key size, in bits:\n");
......@@ -130,6 +95,7 @@ main(int argc, char **argv) {
isc_textregion_t r;
char filename[255];
isc_buffer_t buf;
isc_log_t *log = NULL;
RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
......@@ -205,11 +171,13 @@ main(int argc, char **argv) {
usage();
default:
fprintf(stderr, "%s: invalid argument -%c\n",
PROGRAM, ch);
program, ch);
usage();
}
}
setup_logging(verbose, mctx, &log);
if (argc < isc_commandline_index + 1)
fatal("the key name was not specified");
if (argc > isc_commandline_index + 1)
......@@ -369,7 +337,7 @@ main(int argc, char **argv) {
fprintf(stderr,
"%s: %s already exists, "
"generating a new key\n",
PROGRAM, filename);
program, filename);
}
}
......@@ -394,7 +362,11 @@ main(int argc, char **argv) {
if (type != NULL)
isc_mem_free(mctx, type);
dst_key_free(&key);
isc_mem_destroy(&mctx);
if (log != NULL)
isc_log_destroy(&log);
/* isc_mem_stats(mctx, stdout);*/
isc_mem_destroy(&mctx);
return (0);
}
......@@ -35,10 +35,15 @@
#include <dns/secalg.h>
#include <dns/time.h>
#define PROGRAM "dnssec-makekeyset"
#include <dst/dst.h>
#include "dnssectool.h"
#define BUFSIZE 2048
char *program = "dnssec-makekeyset";
int verbose;
typedef struct keynode keynode_t;
struct keynode {
dst_key_t *key;
......@@ -48,65 +53,11 @@ typedef ISC_LIST(keynode_t) keylist_t;
static isc_stdtime_t starttime = 0, endtime = 0, now;
static int ttl = -1;
static int verbose;
static isc_mem_t *mctx = NULL;
static keylist_t keylist;
static void
fatal(char *format, ...) {
va_list args;
fprintf(stderr, "%s: ", PROGRAM);
va_start(args, format);
vfprintf(stderr, format, args);
va_end(args);
fprintf(stderr, "\n");
exit(1);
}
static inline void
check_result(isc_result_t result, char *message) {
if (result != ISC_R_SUCCESS) {
fatal("%s: %s\n", message, isc_result_totext(result));
exit(1);
}
}
/* Not thread-safe! */
static char *
nametostr(dns_name_t *name) {
isc_buffer_t b;
isc_region_t r;
isc_result_t result;
static char data[1025];
isc_buffer_init(&b, data, sizeof(data));
result = dns_name_totext(name, ISC_FALSE, &b);
check_result(result, "dns_name_totext()");
isc_buffer_usedregion(&b, &r);
r.base[r.length] = 0;
return (char *) r.base;
}
/* Not thread-safe! */
static char *
algtostr(const dns_secalg_t alg) {
isc_buffer_t b;
isc_region_t r;
isc_result_t result;
static char data[10];
isc_buffer_init(&b, data, sizeof(data));
result = dns_secalg_totext(alg, &b);
check_result(result, "dns_secalg_totext()");
isc_buffer_usedregion(&b, &r);
r.base[r.length] = 0;
return (char *) r.base;
}
static isc_stdtime_t
strtotime(char *str, isc_int64_t now, isc_int64_t base) {
isc_int64_t val, offset;
......@@ -135,7 +86,7 @@ strtotime(char *str, isc_int64_t now, isc_int64_t base) {
static void
usage(void) {
fprintf(stderr, "Usage:\n");
fprintf(stderr, "\t%s [options] keys\n", PROGRAM);
fprintf(stderr, "\t%s [options] keys\n", program);
fprintf(stderr, "\n");
......@@ -176,7 +127,6 @@ main(int argc, char *argv[]) {
isc_buffer_t b;
isc_region_t r;
isc_log_t *log = NULL;
isc_logconfig_t *logconfig;
keynode_t *keynode;
dns_fixedname_t fsavedname;
dns_name_t *savedname = NULL;
......@@ -250,18 +200,10 @@ main(int argc, char *argv[]) {
if (ttl == -1) {
ttl = 3600;
fprintf(stderr, "%s: TTL not specified, assuming 3600\n",
PROGRAM);
program);
}
if (verbose > 0) {
RUNTIME_CHECK(isc_log_create(mctx, &log, &logconfig)
== ISC_R_SUCCESS);
isc_log_setcontext(log);
dns_log_init(log);
dns_log_setcontext(log);
RUNTIME_CHECK(isc_log_usechannel(logconfig, "default_stderr",
NULL, NULL) == ISC_R_SUCCESS);
}
setup_logging(verbose, mctx, &log);
dns_rdatalist_init(&rdatalist);
rdatalist.rdclass = dns_rdataclass_in;
......@@ -372,7 +314,7 @@ main(int argc, char *argv[]) {
if (ISC_LIST_EMPTY(keylist))
fprintf(stderr,
"%s: no private zone key found; not self-signing\n",
PROGRAM);
program);
for (keynode = ISC_LIST_HEAD(keylist);
keynode != NULL;
keynode = ISC_LIST_NEXT(keynode, link))
......
......@@ -34,7 +34,12 @@
#include <dns/result.h>
#include <dns/secalg.h>
#define PROGRAM "dnssec-signkey"
#include <dst/dst.h>
#include "dnssectool.h"
char *program = "dnssec-signkey";
int verbose;
#define BUFSIZE 2048
......@@ -47,69 +52,14 @@ struct keynode {
typedef ISC_LIST(keynode_t) keylist_t;
static isc_stdtime_t now;
static int verbose;
static isc_mem_t *mctx = NULL;
static keylist_t keylist;
static void
fatal(char *format, ...) {
va_list args;
fprintf(stderr, "%s: ", PROGRAM);
va_start(args, format);
vfprintf(stderr, format, args);
va_end(args);
fprintf(stderr, "\n");
exit(1);
}
static inline void
check_result(isc_result_t result, char *message) {
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "%s: %s: %s\n", PROGRAM, message,
isc_result_totext(result));
exit(1);
}
}
/* Not thread-safe! */
static char *
nametostr(dns_name_t *name) {
isc_buffer_t b;
isc_region_t r;
isc_result_t result;
static char data[1025];
isc_buffer_init(&b, data, sizeof(data));
result = dns_name_totext(name, ISC_FALSE, &b);
check_result(result, "dns_name_totext()");
isc_buffer_usedregion(&b, &r);
r.base[r.length] = 0;
return (char *) r.base;
}
/* Not thread-safe! */
static char *
algtostr(const dns_secalg_t alg) {
isc_buffer_t b;
isc_region_t r;
isc_result_t result;
static char data[10];
isc_buffer_init(&b, data, sizeof(data));
result = dns_secalg_totext(alg, &b);
check_result(result, "dns_secalg_totext()");
isc_buffer_usedregion(&b, &r);
r.base[r.length] = 0;
return (char *) r.base;
}
static void
usage(void) {
fprintf(stderr, "Usage:\n");
fprintf(stderr, "\t%s [options] keyset keys\n", PROGRAM);
fprintf(stderr, "\t%s [options] keyset keys\n", program);
fprintf(stderr, "\n");
......@@ -194,7 +144,6 @@ main(int argc, char *argv[]) {
isc_buffer_t b;
isc_region_t r;
isc_log_t *log = NULL;
isc_logconfig_t *logconfig;
keynode_t *keynode;
dns_result_register();
......@@ -226,15 +175,7 @@ main(int argc, char *argv[]) {
isc_stdtime_get(&now);
if (verbose > 0) {
RUNTIME_CHECK(isc_log_create(mctx, &log, &logconfig)
== ISC_R_SUCCESS);
isc_log_setcontext(log);
dns_log_init(log);
dns_log_setcontext(log);
RUNTIME_CHECK(isc_log_usechannel(logconfig, "default_stderr",
NULL, NULL) == ISC_R_SUCCESS);
}
setup_logging(verbose, mctx, &log);
if (strlen(argv[0]) < 8 ||
strcmp(argv[0] + strlen(argv[0]) - 7, ".keyset") != 0)
......
......@@ -40,9 +40,13 @@
#include <dns/secalg.h>
#include <dns/time.h>
#include <dst/dst.h>
#include <dst/result.h>
#define PROGRAM "dnssec-signzone"
#include "dnssectool.h"
char *program = "dnssec-signzone";
int verbose;
/*#define USE_ZONESTATUS*/
......@@ -65,93 +69,9 @@ struct signer_array_struct {
static ISC_LIST(signer_key_t) keylist;
static isc_stdtime_t starttime = 0, endtime = 0, now;
static int cycle = -1;
static int verbose;
static isc_boolean_t tryverify = ISC_FALSE;
static isc_mem_t *mctx = NULL;
static void
fatal(char *format, ...) {
va_list args;
fprintf(stderr, "%s: ", PROGRAM);
va_start(args, format);
vfprintf(stderr, format, args);
va_end(args);
fprintf(stderr, "\n");
exit(1);
}
static inline void
check_result(isc_result_t result, char *message) {
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "%s: %s: %s\n", PROGRAM, message,
isc_result_totext(result));
exit(1);
}
}
static void
vbprintf(int level, const char *fmt, ...) {
va_list ap;
if (level > verbose)
return;
va_start(ap, fmt);
fprintf(stderr, "%s: ", PROGRAM);
vfprintf(stderr, fmt, ap);
va_end(ap);
}
/* Not thread-safe! */
static char *
nametostr(dns_name_t *name) {
isc_buffer_t b;
isc_region_t r;
isc_result_t result;
static char data[1025];
isc_buffer_init(&b, data, sizeof(data));
result = dns_name_totext(name, ISC_FALSE, &b);
check_result(result, "dns_name_totext()");
isc_buffer_usedregion(&b, &r);
r.base[r.length] = 0;
return (char *) r.base;
}
/* Not thread-safe! */
static char *
typetostr(const dns_rdatatype_t type) {
isc_buffer_t b;
isc_region_t r;
isc_result_t result;
static char data[10];
isc_buffer_init(&b, data, sizeof(data));
result = dns_rdatatype_totext(type, &b);
check_result(result, "dns_rdatatype_totext()");
isc_buffer_usedregion(&b, &r);
r.base[r.length] = 0;
return (char *) r.base;
}
/*
* Not thread-safe!
*/
static char *
algtostr(const dns_secalg_t alg) {
isc_buffer_t b;
isc_region_t r;
isc_result_t result;
static char data[10];
isc_buffer_init(&b, data, sizeof(data));
result = dns_secalg_totext(alg, &b);
check_result(result, "dns_secalg_totext()");
isc_buffer_usedregion(&b, &r);
r.base[r.length] = 0;
return ((char *)r.base);
}
static inline void
set_bit(unsigned char *array, unsigned int index, unsigned int bit) {
unsigned int shift, mask;
......@@ -751,14 +671,14 @@ signname(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node,
if (warnwild++ == 0) {
fprintf(stderr, "%s: warning: BIND 9 doesn't properly "
"handle wildcards in secure zones:\n",
PROGRAM);
program);
fprintf(stderr, "\t- wildcard nonexistence proof is "
"not generated by the server\n");
fprintf(stderr, "\t- wildcard nonexistence proof is "
"not required by the resolver\n");
}
fprintf(stderr, "%s: warning: wildcard name seen: %s\n",
PROGRAM, nametostr(name));
program, nametostr(name));
}
if (!atorigin) {
dns_rdataset_t nsset;
......@@ -1244,7 +1164,7 @@ strtotime(char *str, isc_int64_t now, isc_int64_t base) {
static void
usage(void) {
fprintf(stderr, "Usage:\n");
fprintf(stderr, "\t%s [options] zonefile [keys]\n", PROGRAM);
fprintf(stderr, "\t%s [options] zonefile [keys]\n", program);
fprintf(stderr, "\n");
......@@ -1276,44 +1196,6 @@ usage(void) {
exit(0);
}
static void
setup_logging(int level, isc_log_t **logp) {
isc_result_t result;
isc_logdestination_t destination;
isc_logconfig_t *logconfig;
isc_log_t *log = 0;
RUNTIME_CHECK(isc_log_create(mctx, &log, &logconfig)
== ISC_R_SUCCESS);
isc_log_setcontext(log);
dns_log_init(log);
dns_log_setcontext(log);
isc_log_settag(logconfig, PROGRAM);
/*
* Set up a channel similar to default_stderr except:
* - the logging level is passed in
* - the program name and logging level are printed
* - no time stamp is printed
*/
destination.file.stream = stderr;
destination.file.name = NULL;
destination.file.versions = ISC_LOG_ROLLNEVER;
destination.file.maximum_size = 0;
result = isc_log_createchannel(logconfig, "stderr",
ISC_LOG_TOFILEDESC,
level,
&destination,
ISC_LOG_PRINTTAG|ISC_LOG_PRINTLEVEL);
check_result(result, "isc_log_createchannel()");
RUNTIME_CHECK(isc_log_usechannel(logconfig, "stderr",
NULL, NULL) == ISC_R_SUCCESS);
*logp = log;
}
int
main(int argc, char *argv[]) {
int i, ch;
......@@ -1325,7 +1207,6 @@ main(int argc, char *argv[]) {
signer_key_t *key;
isc_result_t result;
isc_log_t *log = NULL;
int loglevel;
dns_result_register();
......@@ -1409,22 +1290,7 @@ main(int argc, char *argv[]) {
cycle = (endtime - starttime) / 4;
}
switch (verbose) {
case 0:
/*
* We want to see warnings about things like out-of-zone
* data in the master file even when not verbose.
*/
loglevel = ISC_LOG_WARNING;
break;
case 1:
loglevel = ISC_LOG_INFO;
break;
default:
loglevel = ISC_LOG_DEBUG(verbose - 2 + 1);
break;
}
setup_logging(loglevel, &log);
setup_logging(verbose, mctx, &log);
argc -= isc_commandline_index;
argv += isc_commandline_index;
......
/*
* Copyright (C) 1999, 2000 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/