From fe4179ad3937ed7057e2939849f8020db61e16f9 Mon Sep 17 00:00:00 2001 From: davidb Date: Wed, 9 Jun 2010 19:10:48 -0400 Subject: [PATCH] wrap the simpleresolver.send() in a method just to log better errors; add some progress logging --- src/com/verisign/cl/DNSSECReconciler.java | 43 +++++++++++++++++++---- 1 file changed, 37 insertions(+), 6 deletions(-) diff --git a/src/com/verisign/cl/DNSSECReconciler.java b/src/com/verisign/cl/DNSSECReconciler.java index 20765ce..9740880 100644 --- a/src/com/verisign/cl/DNSSECReconciler.java +++ b/src/com/verisign/cl/DNSSECReconciler.java @@ -3,6 +3,7 @@ package com.verisign.cl; import java.io.BufferedReader; import java.io.FileReader; import java.io.IOException; +import java.net.SocketTimeoutException; import java.util.*; import org.xbill.DNS.*; @@ -150,6 +151,24 @@ public class DNSSECReconciler { return null; } + private Message resolve(Message query) { + + try { + return resolver.send(query); + } catch (SocketTimeoutException e) { + System.err.println("Error: timed out querying " + server + " for " + queryToString(query)); + } catch (IOException e) { + System.err.println("Error: error querying " + server + " for " + queryToString(query) + ":" + e.getMessage()); + } + return null; + } + + private String queryToString(Message query) { + if (query == null) return null; + Record question = query.getQuestion(); + return question.getName() + "/" + Type.string(question.getType()) + "/" + DClass.string(question.getDClass()); + } + public void execute() throws IOException { // Configure our resolver resolver = new SimpleResolver(server); @@ -161,7 +180,7 @@ public class DNSSECReconciler { } else { for (String name : dnskeyNames) { Message query = queryFromString(name + " DNSKEY"); - Message response = resolver.send(query); + Message response = resolve(query); validator.addTrustedKeysFromResponse(response); } } @@ -173,21 +192,27 @@ public class DNSSECReconciler { // Iterate over all queries Message query = nextQuery(); + long count = 0; while (query != null) { - Message response = resolver.send(query); - if (response == null) { + + Name zone = zoneFromQuery(query); + // Skip queries in zones that we don't have keys for + if (zone == null) { continue; } - Name zone = zoneFromQuery(query); + Message response = resolve(query); + if (response == null) { + continue; + } byte result = validator.validateMessage(response, zone.toString()); switch (result) { case SecurityStatus.BOGUS: case SecurityStatus.INVALID: System.out.println("BOGUS Answer:"); - System.out.println("Query: " + query.getQuestion()); + System.out.println("Query: " + queryToString(query)); System.out.println("Response:\n" + response); for (String err : validator.getErrorList()) { System.out.println("Error: " + err); @@ -198,7 +223,7 @@ public class DNSSECReconciler { case SecurityStatus.INDETERMINATE: case SecurityStatus.UNCHECKED: System.out.println("Insecure Answer:"); - System.out.println("Query: " + query.getQuestion()); + System.out.println("Query: " + queryToString(query)); System.out.println("Response:\n" + response); for (String err : validator.getErrorList()) { System.out.println("Error: " + err); @@ -208,8 +233,14 @@ public class DNSSECReconciler { break; } + if (++count % 1000 == 0) { + System.out.println("Completed " + count + " queries."); + } + query = nextQuery(); } + + System.out.println("Completed " + count + (count > 1 ? " queries" : " query")); } private static void usage() {