davidb/jdnssec-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Clean up logging: recognize all levels for -v, normalize the code that forces java.util.logging to set the correct log level, normalize on the use of our very simple log formatter.

Browse Source 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@237 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
This commit is contained in:
David Blacka 2011-02-03 20:24:33 +00:00
parent 57fe4c05e7
commit e770f01958
11 changed files with 217 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/com/verisignlabs/dnssec/cl/DSTool.java
View File

@ -21,6 +21,7 @@ package com.verisignlabs.dnssec.cl;
import java.io.FileWriter;
import java.io.PrintWriter;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.Logger;
@ -30,9 +31,7 @@ import org.xbill.DNS.DNSKEYRecord;
import org.xbill.DNS.DSRecord;
import org.xbill.DNS.Record;
import com.verisignlabs.dnssec.security.BINDKeyUtils;
import com.verisignlabs.dnssec.security.DnsKeyPair;
import com.verisignlabs.dnssec.security.SignUtils;
import com.verisignlabs.dnssec.security.*;
/**
* This class forms the command line implementation of a DNSSEC DS/DLV generator
@ -101,17 +100,28 @@ public class DSTool
if (cli.hasOption('h')) usage();
Logger rootLogger = Logger.getLogger("");
if (cli.hasOption('v'))
{
int value = parseInt(cli.getOptionValue('v'), 5);
Logger rootLogger = Logger.getLogger("");
int value = parseInt(cli.getOptionValue('v'), -1);
switch (value)
{
case 0:
rootLogger.setLevel(Level.OFF);
break;
case 5:
case 1:
rootLogger.setLevel(Level.SEVERE);
break;
case 2:
default:
rootLogger.setLevel(Level.WARNING);
break;
case 3:
rootLogger.setLevel(Level.INFO);
break;
case 4:
rootLogger.setLevel(Level.CONFIG);
case 5:
rootLogger.setLevel(Level.FINE);
break;
case 6:
@ -119,6 +129,12 @@ public class DSTool
break;
}
}
// I hate java.util.logging, btw.
for (Handler h : rootLogger.getHandlers())
{
h.setLevel(rootLogger.getLevel());
h.setFormatter(new BareLogFormatter());
}
outputfile = cli.getOptionValue('f');
createDLV = cli.hasOption("dlv");

29
src/com/verisignlabs/dnssec/cl/KeyGen.java
View File

@ -21,6 +21,7 @@ package com.verisignlabs.dnssec.cl;
import java.io.File;
import java.io.PrintWriter;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.Logger;
@ -29,10 +30,7 @@ import org.xbill.DNS.DClass;
import org.xbill.DNS.DNSKEYRecord;
import org.xbill.DNS.Name;
import com.verisignlabs.dnssec.security.BINDKeyUtils;
import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
import com.verisignlabs.dnssec.security.DnsKeyPair;
import com.verisignlabs.dnssec.security.JCEDnsSecSigner;
import com.verisignlabs.dnssec.security.*;
/**
* This class forms the command line implementation of a DNSSEC key generator
@ -141,17 +139,28 @@ public class KeyGen
if (cli.hasOption('h')) usage();
Logger rootLogger = Logger.getLogger("");
if (cli.hasOption('v'))
{
int value = parseInt(cli.getOptionValue('v'), 5);
Logger rootLogger = Logger.getLogger("");
int value = parseInt(cli.getOptionValue('v'), -1);
switch (value)
{
case 0:
rootLogger.setLevel(Level.OFF);
break;
case 5:
case 1:
rootLogger.setLevel(Level.SEVERE);
break;
case 2:
default:
rootLogger.setLevel(Level.WARNING);
break;
case 3:
rootLogger.setLevel(Level.INFO);
break;
case 4:
rootLogger.setLevel(Level.CONFIG);
case 5:
rootLogger.setLevel(Level.FINE);
break;
case 6:
@ -159,6 +168,12 @@ public class KeyGen
break;
}
}
// I hate java.util.logging, btw.
for (Handler h : rootLogger.getHandlers())
{
h.setLevel(rootLogger.getLevel());
h.setFormatter(new BareLogFormatter());
}
if (cli.hasOption('k')) kskFlag = true;

28
src/com/verisignlabs/dnssec/cl/KeyInfoTool.java
View File

@ -22,15 +22,14 @@ package com.verisignlabs.dnssec.cl;
import java.io.PrintWriter;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.cli.*;
import org.xbill.DNS.DNSKEYRecord;
import com.verisignlabs.dnssec.security.BINDKeyUtils;
import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
import com.verisignlabs.dnssec.security.DnsKeyPair;
import com.verisignlabs.dnssec.security.*;
/**
* This class forms the command line implementation of a key introspection tool.
@ -92,17 +91,28 @@ public class KeyInfoTool
if (cli.hasOption('h')) usage();
Logger rootLogger = Logger.getLogger("");
if (cli.hasOption('v'))
{
int value = parseInt(cli.getOptionValue('v'), 5);
Logger rootLogger = Logger.getLogger("");
int value = parseInt(cli.getOptionValue('v'), -1);
switch (value)
{
case 0:
rootLogger.setLevel(Level.OFF);
break;
case 5:
case 1:
rootLogger.setLevel(Level.SEVERE);
break;
case 2:
default:
rootLogger.setLevel(Level.WARNING);
break;
case 3:
rootLogger.setLevel(Level.INFO);
break;
case 4:
rootLogger.setLevel(Level.CONFIG);
case 5:
rootLogger.setLevel(Level.FINE);
break;
case 6:
@ -110,6 +120,12 @@ public class KeyInfoTool
break;
}
}
// I hate java.util.logging, btw.
for (Handler h : rootLogger.getHandlers())
{
h.setLevel(rootLogger.getLevel());
h.setFormatter(new BareLogFormatter());
}
String[] optstrs;
if ((optstrs = cli.getOptionValues('A')) != null)

55
src/com/verisignlabs/dnssec/cl/SignKeyset.java
View File

@ -48,12 +48,7 @@ import org.xbill.DNS.RRset;
import org.xbill.DNS.Record;
import org.xbill.DNS.Type;
import com.verisignlabs.dnssec.security.BINDKeyUtils;
import com.verisignlabs.dnssec.security.DnsKeyPair;
import com.verisignlabs.dnssec.security.DnsSecVerifier;
import com.verisignlabs.dnssec.security.JCEDnsSecSigner;
import com.verisignlabs.dnssec.security.SignUtils;
import com.verisignlabs.dnssec.security.ZoneUtils;
import com.verisignlabs.dnssec.security.*;
/**
* This class forms the command line implementation of a DNSSEC keyset signer.
@ -136,28 +131,40 @@ public class SignKeyset {
String optstr = null;
if (cli.hasOption('h')) usage();
if (cli.hasOption('v')) {
int value = parseInt(cli.getOptionValue('v'), 5);
Logger rootLogger = Logger.getLogger("");
switch (value) {
Logger rootLogger = Logger.getLogger("");
if (cli.hasOption('v'))
{
int value = parseInt(cli.getOptionValue('v'), -1);
switch (value)
{
case 0:
rootLogger.setLevel(Level.OFF);
break;
case 4:
rootLogger.setLevel(Level.OFF);
break;
case 1:
rootLogger.setLevel(Level.SEVERE);
break;
case 2:
default:
rootLogger.setLevel(Level.INFO);
break;
rootLogger.setLevel(Level.WARNING);
break;
case 3:
rootLogger.setLevel(Level.INFO);
break;
case 4:
rootLogger.setLevel(Level.CONFIG);
case 5:
rootLogger.setLevel(Level.FINE);
break;
rootLogger.setLevel(Level.FINE);
break;
case 6:
rootLogger.setLevel(Level.ALL);
break;
}
Handler[] handlers = rootLogger.getHandlers();
for (int i = 0; i < handlers.length; i++)
handlers[i].setLevel(rootLogger.getLevel());
rootLogger.setLevel(Level.ALL);
break;
}
}
// I hate java.util.logging, btw.
for (Handler h : rootLogger.getHandlers())
{
h.setLevel(rootLogger.getLevel());
h.setFormatter(new BareLogFormatter());
}
if (cli.hasOption('a')) verifySigs = true;

55
src/com/verisignlabs/dnssec/cl/SignRRset.java
View File

@ -47,12 +47,7 @@ import org.xbill.DNS.RRset;
import org.xbill.DNS.Record;
import org.xbill.DNS.Type;
import com.verisignlabs.dnssec.security.BINDKeyUtils;
import com.verisignlabs.dnssec.security.DnsKeyPair;
import com.verisignlabs.dnssec.security.DnsSecVerifier;
import com.verisignlabs.dnssec.security.JCEDnsSecSigner;
import com.verisignlabs.dnssec.security.SignUtils;
import com.verisignlabs.dnssec.security.ZoneUtils;
import com.verisignlabs.dnssec.security.*;
/**
* This class forms the command line implementation of a DNSSEC RRset signer.
@ -137,28 +132,40 @@ public class SignRRset {
String optstr = null;
if (cli.hasOption('h')) usage();
if (cli.hasOption('v')) {
int value = parseInt(cli.getOptionValue('v'), 5);
Logger rootLogger = Logger.getLogger("");
switch (value) {
Logger rootLogger = Logger.getLogger("");
if (cli.hasOption('v'))
{
int value = parseInt(cli.getOptionValue('v'), -1);
switch (value)
{
case 0:
rootLogger.setLevel(Level.OFF);
break;
case 4:
rootLogger.setLevel(Level.OFF);
break;
case 1:
rootLogger.setLevel(Level.SEVERE);
break;
case 2:
default:
rootLogger.setLevel(Level.INFO);
break;
rootLogger.setLevel(Level.WARNING);
break;
case 3:
rootLogger.setLevel(Level.INFO);
break;
case 4:
rootLogger.setLevel(Level.CONFIG);
case 5:
rootLogger.setLevel(Level.FINE);
break;
rootLogger.setLevel(Level.FINE);
break;
case 6:
rootLogger.setLevel(Level.ALL);
break;
}
Handler[] handlers = rootLogger.getHandlers();
for (int i = 0; i < handlers.length; i++)
handlers[i].setLevel(rootLogger.getLevel());
rootLogger.setLevel(Level.ALL);
break;
}
}
// I hate java.util.logging, btw.
for (Handler h : rootLogger.getHandlers())
{
h.setLevel(rootLogger.getLevel());
h.setFormatter(new BareLogFormatter());
}
if (cli.hasOption('a')) verifySigs = true;

39
src/com/verisignlabs/dnssec/cl/SignZone.java
View File

@ -55,13 +55,7 @@ import org.xbill.DNS.TextParseException;
import org.xbill.DNS.Type;
import org.xbill.DNS.utils.base16;
import com.verisignlabs.dnssec.security.BINDKeyUtils;
import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
import com.verisignlabs.dnssec.security.DnsKeyPair;
import com.verisignlabs.dnssec.security.DnsSecVerifier;
import com.verisignlabs.dnssec.security.JCEDnsSecSigner;
import com.verisignlabs.dnssec.security.SignUtils;
import com.verisignlabs.dnssec.security.ZoneUtils;
import com.verisignlabs.dnssec.security.*;
/**
* This class forms the command line implementation of a DNSSEC zone signer.
@ -120,11 +114,12 @@ public class SignZone
"sign the zone apex keyset with all available keys.");
opts.addOption("V", "verbose-signing", false, "Display verbose signing activity.");
// Argument options
OptionBuilder.hasOptionalArg();
OptionBuilder.withLongOpt("verbose");
OptionBuilder.withArgName("level");
OptionBuilder.withDescription("verbosity level.");
// Argument options
OptionBuilder.withDescription("verbosity level -- 0 is silence, 3 is info, "
+ "5 is debug information, 6 is trace information. default is level 2 (warning)");
opts.addOption(OptionBuilder.create('v'));
OptionBuilder.hasArg();
@ -221,20 +216,27 @@ public class SignZone
if (cli.hasOption('h')) usage();
Logger rootLogger = Logger.getLogger("");
if (cli.hasOption('v'))
{
int value = parseInt(cli.getOptionValue('v'), 5);
Logger rootLogger = Logger.getLogger("");
int value = parseInt(cli.getOptionValue('v'), -1);
switch (value)
{
case 0:
rootLogger.setLevel(Level.OFF);
break;
case 4:
case 1:
rootLogger.setLevel(Level.SEVERE);
break;
case 2:
default:
rootLogger.setLevel(Level.WARNING);
break;
case 3:
rootLogger.setLevel(Level.INFO);
break;
case 4:
rootLogger.setLevel(Level.CONFIG);
case 5:
rootLogger.setLevel(Level.FINE);
break;
@ -242,16 +244,19 @@ public class SignZone
rootLogger.setLevel(Level.ALL);
break;
}
Handler[] handlers = rootLogger.getHandlers();
for (int i = 0; i < handlers.length; i++)
handlers[i].setLevel(rootLogger.getLevel());
}
// I hate java.util.logging, btw.
for (Handler h : rootLogger.getHandlers())
{
h.setLevel(rootLogger.getLevel());
h.setFormatter(new BareLogFormatter());
}
if (cli.hasOption('a')) verifySigs = true;
if (cli.hasOption('3')) useNsec3 = true;
if (cli.hasOption('O')) useOptOut = true;
if (cli.hasOption('V')) verboseSigning = true;
if (useOptOut && !useNsec3)
{
System.err.println("Opt-Out not supported without NSEC3 -- ignored.");

42
src/com/verisignlabs/dnssec/cl/VerifyZone.java
View File

@ -23,7 +23,6 @@ import java.io.PrintWriter;
import java.util.List;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.LogRecord;
import java.util.logging.Logger;
import org.apache.commons.cli.AlreadySelectedException;
@ -35,9 +34,7 @@ import org.apache.commons.cli.Options;
import org.apache.commons.cli.PosixParser;
import org.apache.commons.cli.UnrecognizedOptionException;
import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
import com.verisignlabs.dnssec.security.ZoneUtils;
import com.verisignlabs.dnssec.security.ZoneVerifier;
import com.verisignlabs.dnssec.security.*;
/**
* This class forms the command line implementation of a DNSSEC zone validator.
@ -50,25 +47,6 @@ public class VerifyZone
{
private static Logger log;
// A log formatter that strips away all of the noise that the default
// SimpleFormatter has
private static class MyLogFormatter extends java.util.logging.Formatter
{
@Override
public String format(LogRecord arg0)
{
StringBuilder out = new StringBuilder();
String lvl = arg0.getLevel().getName();
out.append(lvl);
out.append(": ");
out.append(arg0.getMessage());
out.append("\n");
return out.toString();
}
}
/**
* This is a small inner class used to hold all of the command line option
* state.
@ -103,8 +81,8 @@ public class VerifyZone
OptionBuilder.hasOptionalArg();
OptionBuilder.withLongOpt("verbose");
OptionBuilder.withArgName("level");
OptionBuilder.withDescription("verbosity level -- 0 is silence, "
+ "5 is debug information, 6 is trace information. default is level 5.");
OptionBuilder.withDescription("verbosity level -- 0 is silence, 3 is info, "
+ "5 is debug information, 6 is trace information. default is level 2 (warning)");
opts.addOption(OptionBuilder.create('v'));
OptionBuilder.hasArg();
@ -141,17 +119,25 @@ public class VerifyZone
Logger rootLogger = Logger.getLogger("");
if (cli.hasOption('v'))
{
int value = parseInt(cli.getOptionValue('v'), 1);
int value = parseInt(cli.getOptionValue('v'), -1);
switch (value)
{
case 0:
rootLogger.setLevel(Level.OFF);
break;
case 1:
rootLogger.setLevel(Level.SEVERE);
break;
case 2:
default:
rootLogger.setLevel(Level.WARNING);
break;
case 3:
rootLogger.setLevel(Level.INFO);
break;
case 4:
rootLogger.setLevel(Level.CONFIG);
case 5:
default:
rootLogger.setLevel(Level.FINE);
break;
case 6:
@ -163,7 +149,7 @@ public class VerifyZone
for (Handler h : rootLogger.getHandlers())
{
h.setLevel(rootLogger.getLevel());
h.setFormatter(new MyLogFormatter());
h.setFormatter(new BareLogFormatter());
}
if (cli.hasOption('m'))

25
src/com/verisignlabs/dnssec/cl/ZoneFormat.java
View File

@ -33,6 +33,7 @@ import java.io.IOException;
import java.io.PrintWriter;
import java.security.NoSuchAlgorithmException;
import java.util.*;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.Logger;
@ -41,6 +42,7 @@ import org.xbill.DNS.*;
import org.xbill.DNS.Options;
import org.xbill.DNS.utils.base32;
import com.verisignlabs.dnssec.security.BareLogFormatter;
import com.verisignlabs.dnssec.security.RecordComparator;
/**
@ -82,17 +84,28 @@ public class ZoneFormat
if (cli.hasOption('m')) Options.set("multiline");
if (cli.hasOption('N')) assignNSEC3 = true;
Logger rootLogger = Logger.getLogger("");
if (cli.hasOption('v'))
{
int value = parseInt(cli.getOptionValue('v'), 5);
Logger rootLogger = Logger.getLogger("");
int value = parseInt(cli.getOptionValue('v'), -1);
switch (value)
{
case 0:
rootLogger.setLevel(Level.OFF);
break;
case 5:
case 1:
rootLogger.setLevel(Level.SEVERE);
break;
case 2:
default:
rootLogger.setLevel(Level.WARNING);
break;
case 3:
rootLogger.setLevel(Level.INFO);
break;
case 4:
rootLogger.setLevel(Level.CONFIG);
case 5:
rootLogger.setLevel(Level.FINE);
break;
case 6:
@ -100,6 +113,12 @@ public class ZoneFormat
break;
}
}
// I hate java.util.logging, btw.
for (Handler h : rootLogger.getHandlers())
{
h.setLevel(rootLogger.getLevel());
h.setFormatter(new BareLogFormatter());
}
String[] cl_args = cli.getArgs();

24
src/com/verisignlabs/dnssec/security/BareLogFormatter.java Normal file
View File

@ -0,0 +1,24 @@
package com.verisignlabs.dnssec.security;
import java.util.logging.LogRecord;
/**
* This is a very simple log formatter that simply outputs the log level and log
* string.
*/
public class BareLogFormatter extends java.util.logging.Formatter
{
@Override
public String format(LogRecord arg0)
{
StringBuilder out = new StringBuilder();
String lvl = arg0.getLevel().getName();
out.append(lvl);
out.append(": ");
out.append(arg0.getMessage());
out.append("\n");
return out.toString();
}
}

9
src/com/verisignlabs/dnssec/security/SignUtils.java
View File

@ -855,13 +855,7 @@ public class SignUtils
proto_nsec3s);
List nsec3s = finishNSEC3s(proto_nsec3s, nsec3_ttl);
// DEBUG
// for (Iterator i = nsec3s.iterator(); i.hasNext();)
// {
// NSEC3Record nsec3 = (NSEC3Record) i.next();
// log.fine("NSEC3: " + nsec3 + "\nRDATA: "
// + base16.toString(nsec3.rdataToWireCanonical()));
// }
records.addAll(nsec3s);
NSEC3PARAMRecord nsec3param = new NSEC3PARAMRecord(
@ -1121,7 +1115,6 @@ public class SignUtils
{
cur_nsec3 = (ProtoNSEC3) i.next();
// log.fine("finishNSEC3s: processing " + cur_nsec3);
// check to see if cur is a duplicate (by name)
if (prev_nsec3 != null
&& Arrays.equals(prev_nsec3.getOwner(), cur_nsec3.getOwner()))

7
src/com/verisignlabs/dnssec/security/ZoneVerifier.java
View File

@ -221,7 +221,12 @@ public class ZoneVerifier
// Learn some things about the zone as we do this pass.
if (r_type == Type.SOA) mZoneName = r_name;
if (r_type == Type.NSEC3PARAM) mNSEC3params = (NSEC3PARAMRecord) r;
if (r_type == Type.DNSKEY) mVerifier.addTrustedKey((DNSKEYRecord) r);
if (r_type == Type.DNSKEY) {
DNSKEYRecord dnskey = (DNSKEYRecord) r;
mVerifier.addTrustedKey(dnskey);
log.info("Adding trusted key: " + dnskey + " ; keytag = "
+ dnskey.getFootprint());
}
if (mDNSSECType == DNSSECType.UNSIGNED) mDNSSECType = determineDNSSECType(r);
}