Commit d949a5d8 authored by Michał Kępień's avatar Michał Kępień
Browse files

Implement zoneverify_log_error() and zoneverify_print()

These functions will be used in the process of replacing fatal(),
check_result(), and fprintf() calls throughout lib/dns/zoneverify.c with
code that does not call exit().  They are intended for:

  - zoneverify_log_error(): logging problems encountered while
    performing zone verification,

  - zoneverify_print(): printing status messages and reports which are
    only useful in standalone tools.

To make using dns_zone_logv() possible, add a new "zone" argument to
dns_zoneverify_dnssec() that standalone tools are expected to set to
NULL.
parent 730cc3e3
......@@ -3913,7 +3913,7 @@ main(int argc, char *argv[]) {
TIME_NOW(&sign_finish);
if (!disable_zone_check)
dns_zoneverify_dnssec(gdb, gversion, gorigin, mctx,
dns_zoneverify_dnssec(NULL, gdb, gversion, gorigin, mctx,
ignore_kskflag, keyset_kskonly);
if (outputformat != dns_masterformat_text) {
......
......@@ -323,8 +323,8 @@ main(int argc, char *argv[]) {
result = dns_db_newversion(gdb, &gversion);
check_result(result, "dns_db_newversion()");
dns_zoneverify_dnssec(gdb, gversion, gorigin, mctx, ignore_kskflag,
keyset_kskonly);
dns_zoneverify_dnssec(NULL, gdb, gversion, gorigin, mctx,
ignore_kskflag, keyset_kskonly);
dns_db_closeversion(gdb, &gversion, ISC_FALSE);
dns_db_detach(&gdb);
......
......@@ -32,8 +32,9 @@ ISC_LANG_BEGINDECLS
* present in the DNSKEY RRSET.
*/
void
dns_zoneverify_dnssec(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *origin,
isc_mem_t *mctx, isc_boolean_t ignore_kskflag,
dns_zoneverify_dnssec(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
dns_name_t *origin, isc_mem_t *mctx,
isc_boolean_t ignore_kskflag,
isc_boolean_t keyset_kskonly);
ISC_LANG_ENDDECLS
......@@ -22,6 +22,7 @@
#include <dns/dnssec.h>
#include <dns/fixedname.h>
#include <dns/keyvalues.h>
#include <dns/log.h>
#include <dns/name.h>
#include <dns/nsec.h>
#include <dns/nsec3.h>
......@@ -33,6 +34,7 @@
#include <dns/result.h>
#include <dns/secalg.h>
#include <dns/types.h>
#include <dns/zone.h>
#include <dns/zoneverify.h>
#include <dst/dst.h>
......@@ -41,6 +43,7 @@
#include <isc/buffer.h>
#include <isc/heap.h>
#include <isc/iterated_hash.h>
#include <isc/log.h>
#include <isc/mem.h>
#include <isc/region.h>
#include <isc/result.h>
......@@ -53,6 +56,7 @@
typedef struct vctx {
isc_mem_t * mctx;
dns_zone_t * zone;
dns_db_t * db;
dns_dbversion_t * ver;
dns_name_t * origin;
......@@ -105,6 +109,44 @@ fatal(const char *format, ...) {
exit(1);
}
/*%
* Log a zone verification error described by 'fmt' and the variable arguments
* following it. Either use dns_zone_logv() or print to stderr, depending on
* whether the function was invoked from within named or by a standalone tool,
* respectively.
*/
static void
zoneverify_log_error(const vctx_t *vctx, const char *fmt, ...) {
va_list ap;
va_start(ap, fmt);
if (vctx->zone != NULL) {
dns_zone_logv(vctx->zone, DNS_LOGCATEGORY_GENERAL,
ISC_LOG_ERROR, NULL, fmt, ap);
} else {
vfprintf(stderr, fmt, ap);
fprintf(stderr, "\n");
}
va_end(ap);
}
/*%
* If invoked from a standalone tool, print a message described by 'fmt' and
* the variable arguments following it to stderr.
*/
static void
zoneverify_print(const vctx_t *vctx, const char *fmt, ...) {
va_list ap;
if (vctx->zone != NULL) {
return;
}
va_start(ap, fmt);
vfprintf(stderr, fmt, ap);
va_end(ap);
}
static void
check_result(isc_result_t result, const char *message) {
if (result != ISC_R_SUCCESS)
......@@ -1043,14 +1085,15 @@ verifyemptynodes(const vctx_t *vctx, dns_name_t *name, dns_name_t *prevname,
}
static isc_result_t
vctx_init(vctx_t *vctx, isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver,
dns_name_t *origin)
vctx_init(vctx_t *vctx, isc_mem_t *mctx, dns_zone_t *zone, dns_db_t *db,
dns_dbversion_t *ver, dns_name_t *origin)
{
isc_result_t result;
memset(vctx, 0, sizeof(*vctx));
vctx->mctx = mctx;
vctx->zone = zone;
vctx->db = db;
vctx->ver = ver;
vctx->origin = origin;
......@@ -1115,8 +1158,9 @@ vctx_destroy(vctx_t *vctx) {
}
void
dns_zoneverify_dnssec(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *origin,
isc_mem_t *mctx, isc_boolean_t ignore_kskflag,
dns_zoneverify_dnssec(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
dns_name_t *origin, isc_mem_t *mctx,
isc_boolean_t ignore_kskflag,
isc_boolean_t keyset_kskonly)
{
char algbuf[80];
......@@ -1132,7 +1176,7 @@ dns_zoneverify_dnssec(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *origin,
isc_result_t result, vresult = ISC_R_UNSET;
vctx_t vctx;
result = vctx_init(&vctx, mctx, db, ver, origin);
result = vctx_init(&vctx, mctx, zone, db, ver, origin);
if (result != ISC_R_SUCCESS) {
return;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment