wrap the simpleresolver.send() in a method just to log better errors; add some progress logging
This commit is contained in:
davidb
parent
2c81367861
commit
fe4179ad39
@ -3,6 +3,7 @@ package com.verisign.cl;
|
|||||||
import java.io.BufferedReader;
|
import java.io.BufferedReader;
|
||||||
import java.io.FileReader;
|
import java.io.FileReader;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.net.SocketTimeoutException;
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
|
|
||||||
import org.xbill.DNS.*;
|
import org.xbill.DNS.*;
|
||||||
@ -150,6 +151,24 @@ public class DNSSECReconciler {
|
|||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private Message resolve(Message query) {
|
||||||
|
|
||||||
|
try {
|
||||||
|
return resolver.send(query);
|
||||||
|
} catch (SocketTimeoutException e) {
|
||||||
|
System.err.println("Error: timed out querying " + server + " for " + queryToString(query));
|
||||||
|
} catch (IOException e) {
|
||||||
|
System.err.println("Error: error querying " + server + " for " + queryToString(query) + ":" + e.getMessage());
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
private String queryToString(Message query) {
|
||||||
|
if (query == null) return null;
|
||||||
|
Record question = query.getQuestion();
|
||||||
|
return question.getName() + "/" + Type.string(question.getType()) + "/" + DClass.string(question.getDClass());
|
||||||
|
}
|
||||||
|
|
||||||
public void execute() throws IOException {
|
public void execute() throws IOException {
|
||||||
// Configure our resolver
|
// Configure our resolver
|
||||||
resolver = new SimpleResolver(server);
|
resolver = new SimpleResolver(server);
|
||||||
@ -161,7 +180,7 @@ public class DNSSECReconciler {
|
|||||||
} else {
|
} else {
|
||||||
for (String name : dnskeyNames) {
|
for (String name : dnskeyNames) {
|
||||||
Message query = queryFromString(name + " DNSKEY");
|
Message query = queryFromString(name + " DNSKEY");
|
||||||
Message response = resolver.send(query);
|
Message response = resolve(query);
|
||||||
validator.addTrustedKeysFromResponse(response);
|
validator.addTrustedKeysFromResponse(response);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -173,21 +192,27 @@ public class DNSSECReconciler {
|
|||||||
|
|
||||||
// Iterate over all queries
|
// Iterate over all queries
|
||||||
Message query = nextQuery();
|
Message query = nextQuery();
|
||||||
|
long count = 0;
|
||||||
|
|
||||||
while (query != null) {
|
while (query != null) {
|
||||||
Message response = resolver.send(query);
|
|
||||||
if (response == null) {
|
Name zone = zoneFromQuery(query);
|
||||||
|
// Skip queries in zones that we don't have keys for
|
||||||
|
if (zone == null) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
Name zone = zoneFromQuery(query);
|
Message response = resolve(query);
|
||||||
|
if (response == null) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
byte result = validator.validateMessage(response, zone.toString());
|
byte result = validator.validateMessage(response, zone.toString());
|
||||||
|
|
||||||
switch (result) {
|
switch (result) {
|
||||||
case SecurityStatus.BOGUS:
|
case SecurityStatus.BOGUS:
|
||||||
case SecurityStatus.INVALID:
|
case SecurityStatus.INVALID:
|
||||||
System.out.println("BOGUS Answer:");
|
System.out.println("BOGUS Answer:");
|
||||||
System.out.println("Query: " + query.getQuestion());
|
System.out.println("Query: " + queryToString(query));
|
||||||
System.out.println("Response:\n" + response);
|
System.out.println("Response:\n" + response);
|
||||||
for (String err : validator.getErrorList()) {
|
for (String err : validator.getErrorList()) {
|
||||||
System.out.println("Error: " + err);
|
System.out.println("Error: " + err);
|
||||||
@ -198,7 +223,7 @@ public class DNSSECReconciler {
|
|||||||
case SecurityStatus.INDETERMINATE:
|
case SecurityStatus.INDETERMINATE:
|
||||||
case SecurityStatus.UNCHECKED:
|
case SecurityStatus.UNCHECKED:
|
||||||
System.out.println("Insecure Answer:");
|
System.out.println("Insecure Answer:");
|
||||||
System.out.println("Query: " + query.getQuestion());
|
System.out.println("Query: " + queryToString(query));
|
||||||
System.out.println("Response:\n" + response);
|
System.out.println("Response:\n" + response);
|
||||||
for (String err : validator.getErrorList()) {
|
for (String err : validator.getErrorList()) {
|
||||||
System.out.println("Error: " + err);
|
System.out.println("Error: " + err);
|
||||||
@ -208,8 +233,14 @@ public class DNSSECReconciler {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (++count % 1000 == 0) {
|
||||||
|
System.out.println("Completed " + count + " queries.");
|
||||||
|
}
|
||||||
|
|
||||||
query = nextQuery();
|
query = nextQuery();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
System.out.println("Completed " + count + (count > 1 ? " queries" : " query"));
|
||||||
}
|
}
|
||||||
|
|
||||||
private static void usage() {
|
private static void usage() {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user