Clean up logging: recognize all levels for -v, normalize the code that forces java.util.logging to set the correct log level, normalize on the use of our very simple log formatter.
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@237 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
This commit is contained in:
parent
57fe4c05e7
commit
e770f01958
@ -21,6 +21,7 @@ package com.verisignlabs.dnssec.cl;
|
|||||||
|
|
||||||
import java.io.FileWriter;
|
import java.io.FileWriter;
|
||||||
import java.io.PrintWriter;
|
import java.io.PrintWriter;
|
||||||
|
import java.util.logging.Handler;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
@ -30,9 +31,7 @@ import org.xbill.DNS.DNSKEYRecord;
|
|||||||
import org.xbill.DNS.DSRecord;
|
import org.xbill.DNS.DSRecord;
|
||||||
import org.xbill.DNS.Record;
|
import org.xbill.DNS.Record;
|
||||||
|
|
||||||
import com.verisignlabs.dnssec.security.BINDKeyUtils;
|
import com.verisignlabs.dnssec.security.*;
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyPair;
|
|
||||||
import com.verisignlabs.dnssec.security.SignUtils;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class forms the command line implementation of a DNSSEC DS/DLV generator
|
* This class forms the command line implementation of a DNSSEC DS/DLV generator
|
||||||
@ -101,17 +100,28 @@ public class DSTool
|
|||||||
|
|
||||||
if (cli.hasOption('h')) usage();
|
if (cli.hasOption('h')) usage();
|
||||||
|
|
||||||
|
Logger rootLogger = Logger.getLogger("");
|
||||||
if (cli.hasOption('v'))
|
if (cli.hasOption('v'))
|
||||||
{
|
{
|
||||||
int value = parseInt(cli.getOptionValue('v'), 5);
|
int value = parseInt(cli.getOptionValue('v'), -1);
|
||||||
Logger rootLogger = Logger.getLogger("");
|
|
||||||
switch (value)
|
switch (value)
|
||||||
{
|
{
|
||||||
case 0:
|
case 0:
|
||||||
rootLogger.setLevel(Level.OFF);
|
rootLogger.setLevel(Level.OFF);
|
||||||
break;
|
break;
|
||||||
case 5:
|
case 1:
|
||||||
|
rootLogger.setLevel(Level.SEVERE);
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
default:
|
default:
|
||||||
|
rootLogger.setLevel(Level.WARNING);
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
|
rootLogger.setLevel(Level.INFO);
|
||||||
|
break;
|
||||||
|
case 4:
|
||||||
|
rootLogger.setLevel(Level.CONFIG);
|
||||||
|
case 5:
|
||||||
rootLogger.setLevel(Level.FINE);
|
rootLogger.setLevel(Level.FINE);
|
||||||
break;
|
break;
|
||||||
case 6:
|
case 6:
|
||||||
@ -119,6 +129,12 @@ public class DSTool
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// I hate java.util.logging, btw.
|
||||||
|
for (Handler h : rootLogger.getHandlers())
|
||||||
|
{
|
||||||
|
h.setLevel(rootLogger.getLevel());
|
||||||
|
h.setFormatter(new BareLogFormatter());
|
||||||
|
}
|
||||||
|
|
||||||
outputfile = cli.getOptionValue('f');
|
outputfile = cli.getOptionValue('f');
|
||||||
createDLV = cli.hasOption("dlv");
|
createDLV = cli.hasOption("dlv");
|
||||||
|
@ -21,6 +21,7 @@ package com.verisignlabs.dnssec.cl;
|
|||||||
|
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
import java.io.PrintWriter;
|
import java.io.PrintWriter;
|
||||||
|
import java.util.logging.Handler;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
@ -29,10 +30,7 @@ import org.xbill.DNS.DClass;
|
|||||||
import org.xbill.DNS.DNSKEYRecord;
|
import org.xbill.DNS.DNSKEYRecord;
|
||||||
import org.xbill.DNS.Name;
|
import org.xbill.DNS.Name;
|
||||||
|
|
||||||
import com.verisignlabs.dnssec.security.BINDKeyUtils;
|
import com.verisignlabs.dnssec.security.*;
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
|
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyPair;
|
|
||||||
import com.verisignlabs.dnssec.security.JCEDnsSecSigner;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class forms the command line implementation of a DNSSEC key generator
|
* This class forms the command line implementation of a DNSSEC key generator
|
||||||
@ -141,17 +139,28 @@ public class KeyGen
|
|||||||
|
|
||||||
if (cli.hasOption('h')) usage();
|
if (cli.hasOption('h')) usage();
|
||||||
|
|
||||||
|
Logger rootLogger = Logger.getLogger("");
|
||||||
if (cli.hasOption('v'))
|
if (cli.hasOption('v'))
|
||||||
{
|
{
|
||||||
int value = parseInt(cli.getOptionValue('v'), 5);
|
int value = parseInt(cli.getOptionValue('v'), -1);
|
||||||
Logger rootLogger = Logger.getLogger("");
|
|
||||||
switch (value)
|
switch (value)
|
||||||
{
|
{
|
||||||
case 0:
|
case 0:
|
||||||
rootLogger.setLevel(Level.OFF);
|
rootLogger.setLevel(Level.OFF);
|
||||||
break;
|
break;
|
||||||
case 5:
|
case 1:
|
||||||
|
rootLogger.setLevel(Level.SEVERE);
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
default:
|
default:
|
||||||
|
rootLogger.setLevel(Level.WARNING);
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
|
rootLogger.setLevel(Level.INFO);
|
||||||
|
break;
|
||||||
|
case 4:
|
||||||
|
rootLogger.setLevel(Level.CONFIG);
|
||||||
|
case 5:
|
||||||
rootLogger.setLevel(Level.FINE);
|
rootLogger.setLevel(Level.FINE);
|
||||||
break;
|
break;
|
||||||
case 6:
|
case 6:
|
||||||
@ -159,6 +168,12 @@ public class KeyGen
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// I hate java.util.logging, btw.
|
||||||
|
for (Handler h : rootLogger.getHandlers())
|
||||||
|
{
|
||||||
|
h.setLevel(rootLogger.getLevel());
|
||||||
|
h.setFormatter(new BareLogFormatter());
|
||||||
|
}
|
||||||
|
|
||||||
if (cli.hasOption('k')) kskFlag = true;
|
if (cli.hasOption('k')) kskFlag = true;
|
||||||
|
|
||||||
|
@ -22,15 +22,14 @@ package com.verisignlabs.dnssec.cl;
|
|||||||
import java.io.PrintWriter;
|
import java.io.PrintWriter;
|
||||||
import java.security.interfaces.DSAPublicKey;
|
import java.security.interfaces.DSAPublicKey;
|
||||||
import java.security.interfaces.RSAPublicKey;
|
import java.security.interfaces.RSAPublicKey;
|
||||||
|
import java.util.logging.Handler;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
import org.apache.commons.cli.*;
|
import org.apache.commons.cli.*;
|
||||||
import org.xbill.DNS.DNSKEYRecord;
|
import org.xbill.DNS.DNSKEYRecord;
|
||||||
|
|
||||||
import com.verisignlabs.dnssec.security.BINDKeyUtils;
|
import com.verisignlabs.dnssec.security.*;
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
|
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyPair;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class forms the command line implementation of a key introspection tool.
|
* This class forms the command line implementation of a key introspection tool.
|
||||||
@ -92,17 +91,28 @@ public class KeyInfoTool
|
|||||||
|
|
||||||
if (cli.hasOption('h')) usage();
|
if (cli.hasOption('h')) usage();
|
||||||
|
|
||||||
|
Logger rootLogger = Logger.getLogger("");
|
||||||
if (cli.hasOption('v'))
|
if (cli.hasOption('v'))
|
||||||
{
|
{
|
||||||
int value = parseInt(cli.getOptionValue('v'), 5);
|
int value = parseInt(cli.getOptionValue('v'), -1);
|
||||||
Logger rootLogger = Logger.getLogger("");
|
|
||||||
switch (value)
|
switch (value)
|
||||||
{
|
{
|
||||||
case 0:
|
case 0:
|
||||||
rootLogger.setLevel(Level.OFF);
|
rootLogger.setLevel(Level.OFF);
|
||||||
break;
|
break;
|
||||||
case 5:
|
case 1:
|
||||||
|
rootLogger.setLevel(Level.SEVERE);
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
default:
|
default:
|
||||||
|
rootLogger.setLevel(Level.WARNING);
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
|
rootLogger.setLevel(Level.INFO);
|
||||||
|
break;
|
||||||
|
case 4:
|
||||||
|
rootLogger.setLevel(Level.CONFIG);
|
||||||
|
case 5:
|
||||||
rootLogger.setLevel(Level.FINE);
|
rootLogger.setLevel(Level.FINE);
|
||||||
break;
|
break;
|
||||||
case 6:
|
case 6:
|
||||||
@ -110,6 +120,12 @@ public class KeyInfoTool
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// I hate java.util.logging, btw.
|
||||||
|
for (Handler h : rootLogger.getHandlers())
|
||||||
|
{
|
||||||
|
h.setLevel(rootLogger.getLevel());
|
||||||
|
h.setFormatter(new BareLogFormatter());
|
||||||
|
}
|
||||||
|
|
||||||
String[] optstrs;
|
String[] optstrs;
|
||||||
if ((optstrs = cli.getOptionValues('A')) != null)
|
if ((optstrs = cli.getOptionValues('A')) != null)
|
||||||
|
@ -48,12 +48,7 @@ import org.xbill.DNS.RRset;
|
|||||||
import org.xbill.DNS.Record;
|
import org.xbill.DNS.Record;
|
||||||
import org.xbill.DNS.Type;
|
import org.xbill.DNS.Type;
|
||||||
|
|
||||||
import com.verisignlabs.dnssec.security.BINDKeyUtils;
|
import com.verisignlabs.dnssec.security.*;
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyPair;
|
|
||||||
import com.verisignlabs.dnssec.security.DnsSecVerifier;
|
|
||||||
import com.verisignlabs.dnssec.security.JCEDnsSecSigner;
|
|
||||||
import com.verisignlabs.dnssec.security.SignUtils;
|
|
||||||
import com.verisignlabs.dnssec.security.ZoneUtils;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class forms the command line implementation of a DNSSEC keyset signer.
|
* This class forms the command line implementation of a DNSSEC keyset signer.
|
||||||
@ -136,28 +131,40 @@ public class SignKeyset {
|
|||||||
String optstr = null;
|
String optstr = null;
|
||||||
if (cli.hasOption('h')) usage();
|
if (cli.hasOption('h')) usage();
|
||||||
|
|
||||||
if (cli.hasOption('v')) {
|
Logger rootLogger = Logger.getLogger("");
|
||||||
int value = parseInt(cli.getOptionValue('v'), 5);
|
if (cli.hasOption('v'))
|
||||||
Logger rootLogger = Logger.getLogger("");
|
{
|
||||||
|
int value = parseInt(cli.getOptionValue('v'), -1);
|
||||||
switch (value) {
|
switch (value)
|
||||||
|
{
|
||||||
case 0:
|
case 0:
|
||||||
rootLogger.setLevel(Level.OFF);
|
rootLogger.setLevel(Level.OFF);
|
||||||
break;
|
break;
|
||||||
case 4:
|
case 1:
|
||||||
|
rootLogger.setLevel(Level.SEVERE);
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
default:
|
default:
|
||||||
rootLogger.setLevel(Level.INFO);
|
rootLogger.setLevel(Level.WARNING);
|
||||||
break;
|
break;
|
||||||
|
case 3:
|
||||||
|
rootLogger.setLevel(Level.INFO);
|
||||||
|
break;
|
||||||
|
case 4:
|
||||||
|
rootLogger.setLevel(Level.CONFIG);
|
||||||
case 5:
|
case 5:
|
||||||
rootLogger.setLevel(Level.FINE);
|
rootLogger.setLevel(Level.FINE);
|
||||||
break;
|
break;
|
||||||
case 6:
|
case 6:
|
||||||
rootLogger.setLevel(Level.ALL);
|
rootLogger.setLevel(Level.ALL);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
Handler[] handlers = rootLogger.getHandlers();
|
}
|
||||||
for (int i = 0; i < handlers.length; i++)
|
// I hate java.util.logging, btw.
|
||||||
handlers[i].setLevel(rootLogger.getLevel());
|
for (Handler h : rootLogger.getHandlers())
|
||||||
|
{
|
||||||
|
h.setLevel(rootLogger.getLevel());
|
||||||
|
h.setFormatter(new BareLogFormatter());
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cli.hasOption('a')) verifySigs = true;
|
if (cli.hasOption('a')) verifySigs = true;
|
||||||
|
@ -47,12 +47,7 @@ import org.xbill.DNS.RRset;
|
|||||||
import org.xbill.DNS.Record;
|
import org.xbill.DNS.Record;
|
||||||
import org.xbill.DNS.Type;
|
import org.xbill.DNS.Type;
|
||||||
|
|
||||||
import com.verisignlabs.dnssec.security.BINDKeyUtils;
|
import com.verisignlabs.dnssec.security.*;
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyPair;
|
|
||||||
import com.verisignlabs.dnssec.security.DnsSecVerifier;
|
|
||||||
import com.verisignlabs.dnssec.security.JCEDnsSecSigner;
|
|
||||||
import com.verisignlabs.dnssec.security.SignUtils;
|
|
||||||
import com.verisignlabs.dnssec.security.ZoneUtils;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class forms the command line implementation of a DNSSEC RRset signer.
|
* This class forms the command line implementation of a DNSSEC RRset signer.
|
||||||
@ -137,28 +132,40 @@ public class SignRRset {
|
|||||||
String optstr = null;
|
String optstr = null;
|
||||||
if (cli.hasOption('h')) usage();
|
if (cli.hasOption('h')) usage();
|
||||||
|
|
||||||
if (cli.hasOption('v')) {
|
Logger rootLogger = Logger.getLogger("");
|
||||||
int value = parseInt(cli.getOptionValue('v'), 5);
|
if (cli.hasOption('v'))
|
||||||
Logger rootLogger = Logger.getLogger("");
|
{
|
||||||
|
int value = parseInt(cli.getOptionValue('v'), -1);
|
||||||
switch (value) {
|
switch (value)
|
||||||
|
{
|
||||||
case 0:
|
case 0:
|
||||||
rootLogger.setLevel(Level.OFF);
|
rootLogger.setLevel(Level.OFF);
|
||||||
break;
|
break;
|
||||||
case 4:
|
case 1:
|
||||||
|
rootLogger.setLevel(Level.SEVERE);
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
default:
|
default:
|
||||||
rootLogger.setLevel(Level.INFO);
|
rootLogger.setLevel(Level.WARNING);
|
||||||
break;
|
break;
|
||||||
|
case 3:
|
||||||
|
rootLogger.setLevel(Level.INFO);
|
||||||
|
break;
|
||||||
|
case 4:
|
||||||
|
rootLogger.setLevel(Level.CONFIG);
|
||||||
case 5:
|
case 5:
|
||||||
rootLogger.setLevel(Level.FINE);
|
rootLogger.setLevel(Level.FINE);
|
||||||
break;
|
break;
|
||||||
case 6:
|
case 6:
|
||||||
rootLogger.setLevel(Level.ALL);
|
rootLogger.setLevel(Level.ALL);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
Handler[] handlers = rootLogger.getHandlers();
|
}
|
||||||
for (int i = 0; i < handlers.length; i++)
|
// I hate java.util.logging, btw.
|
||||||
handlers[i].setLevel(rootLogger.getLevel());
|
for (Handler h : rootLogger.getHandlers())
|
||||||
|
{
|
||||||
|
h.setLevel(rootLogger.getLevel());
|
||||||
|
h.setFormatter(new BareLogFormatter());
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cli.hasOption('a')) verifySigs = true;
|
if (cli.hasOption('a')) verifySigs = true;
|
||||||
|
@ -55,13 +55,7 @@ import org.xbill.DNS.TextParseException;
|
|||||||
import org.xbill.DNS.Type;
|
import org.xbill.DNS.Type;
|
||||||
import org.xbill.DNS.utils.base16;
|
import org.xbill.DNS.utils.base16;
|
||||||
|
|
||||||
import com.verisignlabs.dnssec.security.BINDKeyUtils;
|
import com.verisignlabs.dnssec.security.*;
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
|
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyPair;
|
|
||||||
import com.verisignlabs.dnssec.security.DnsSecVerifier;
|
|
||||||
import com.verisignlabs.dnssec.security.JCEDnsSecSigner;
|
|
||||||
import com.verisignlabs.dnssec.security.SignUtils;
|
|
||||||
import com.verisignlabs.dnssec.security.ZoneUtils;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class forms the command line implementation of a DNSSEC zone signer.
|
* This class forms the command line implementation of a DNSSEC zone signer.
|
||||||
@ -120,11 +114,12 @@ public class SignZone
|
|||||||
"sign the zone apex keyset with all available keys.");
|
"sign the zone apex keyset with all available keys.");
|
||||||
opts.addOption("V", "verbose-signing", false, "Display verbose signing activity.");
|
opts.addOption("V", "verbose-signing", false, "Display verbose signing activity.");
|
||||||
|
|
||||||
|
// Argument options
|
||||||
OptionBuilder.hasOptionalArg();
|
OptionBuilder.hasOptionalArg();
|
||||||
OptionBuilder.withLongOpt("verbose");
|
OptionBuilder.withLongOpt("verbose");
|
||||||
OptionBuilder.withArgName("level");
|
OptionBuilder.withArgName("level");
|
||||||
OptionBuilder.withDescription("verbosity level.");
|
OptionBuilder.withDescription("verbosity level -- 0 is silence, 3 is info, "
|
||||||
// Argument options
|
+ "5 is debug information, 6 is trace information. default is level 2 (warning)");
|
||||||
opts.addOption(OptionBuilder.create('v'));
|
opts.addOption(OptionBuilder.create('v'));
|
||||||
|
|
||||||
OptionBuilder.hasArg();
|
OptionBuilder.hasArg();
|
||||||
@ -221,20 +216,27 @@ public class SignZone
|
|||||||
|
|
||||||
if (cli.hasOption('h')) usage();
|
if (cli.hasOption('h')) usage();
|
||||||
|
|
||||||
|
Logger rootLogger = Logger.getLogger("");
|
||||||
if (cli.hasOption('v'))
|
if (cli.hasOption('v'))
|
||||||
{
|
{
|
||||||
int value = parseInt(cli.getOptionValue('v'), 5);
|
int value = parseInt(cli.getOptionValue('v'), -1);
|
||||||
Logger rootLogger = Logger.getLogger("");
|
|
||||||
|
|
||||||
switch (value)
|
switch (value)
|
||||||
{
|
{
|
||||||
case 0:
|
case 0:
|
||||||
rootLogger.setLevel(Level.OFF);
|
rootLogger.setLevel(Level.OFF);
|
||||||
break;
|
break;
|
||||||
case 4:
|
case 1:
|
||||||
|
rootLogger.setLevel(Level.SEVERE);
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
default:
|
default:
|
||||||
|
rootLogger.setLevel(Level.WARNING);
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
rootLogger.setLevel(Level.INFO);
|
rootLogger.setLevel(Level.INFO);
|
||||||
break;
|
break;
|
||||||
|
case 4:
|
||||||
|
rootLogger.setLevel(Level.CONFIG);
|
||||||
case 5:
|
case 5:
|
||||||
rootLogger.setLevel(Level.FINE);
|
rootLogger.setLevel(Level.FINE);
|
||||||
break;
|
break;
|
||||||
@ -242,16 +244,19 @@ public class SignZone
|
|||||||
rootLogger.setLevel(Level.ALL);
|
rootLogger.setLevel(Level.ALL);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
Handler[] handlers = rootLogger.getHandlers();
|
}
|
||||||
for (int i = 0; i < handlers.length; i++)
|
// I hate java.util.logging, btw.
|
||||||
handlers[i].setLevel(rootLogger.getLevel());
|
for (Handler h : rootLogger.getHandlers())
|
||||||
|
{
|
||||||
|
h.setLevel(rootLogger.getLevel());
|
||||||
|
h.setFormatter(new BareLogFormatter());
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cli.hasOption('a')) verifySigs = true;
|
if (cli.hasOption('a')) verifySigs = true;
|
||||||
if (cli.hasOption('3')) useNsec3 = true;
|
if (cli.hasOption('3')) useNsec3 = true;
|
||||||
if (cli.hasOption('O')) useOptOut = true;
|
if (cli.hasOption('O')) useOptOut = true;
|
||||||
if (cli.hasOption('V')) verboseSigning = true;
|
if (cli.hasOption('V')) verboseSigning = true;
|
||||||
|
|
||||||
if (useOptOut && !useNsec3)
|
if (useOptOut && !useNsec3)
|
||||||
{
|
{
|
||||||
System.err.println("Opt-Out not supported without NSEC3 -- ignored.");
|
System.err.println("Opt-Out not supported without NSEC3 -- ignored.");
|
||||||
|
@ -23,7 +23,6 @@ import java.io.PrintWriter;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.logging.Handler;
|
import java.util.logging.Handler;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
import java.util.logging.LogRecord;
|
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
import org.apache.commons.cli.AlreadySelectedException;
|
import org.apache.commons.cli.AlreadySelectedException;
|
||||||
@ -35,9 +34,7 @@ import org.apache.commons.cli.Options;
|
|||||||
import org.apache.commons.cli.PosixParser;
|
import org.apache.commons.cli.PosixParser;
|
||||||
import org.apache.commons.cli.UnrecognizedOptionException;
|
import org.apache.commons.cli.UnrecognizedOptionException;
|
||||||
|
|
||||||
import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
|
import com.verisignlabs.dnssec.security.*;
|
||||||
import com.verisignlabs.dnssec.security.ZoneUtils;
|
|
||||||
import com.verisignlabs.dnssec.security.ZoneVerifier;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class forms the command line implementation of a DNSSEC zone validator.
|
* This class forms the command line implementation of a DNSSEC zone validator.
|
||||||
@ -50,25 +47,6 @@ public class VerifyZone
|
|||||||
{
|
{
|
||||||
private static Logger log;
|
private static Logger log;
|
||||||
|
|
||||||
// A log formatter that strips away all of the noise that the default
|
|
||||||
// SimpleFormatter has
|
|
||||||
private static class MyLogFormatter extends java.util.logging.Formatter
|
|
||||||
{
|
|
||||||
@Override
|
|
||||||
public String format(LogRecord arg0)
|
|
||||||
{
|
|
||||||
StringBuilder out = new StringBuilder();
|
|
||||||
String lvl = arg0.getLevel().getName();
|
|
||||||
|
|
||||||
out.append(lvl);
|
|
||||||
out.append(": ");
|
|
||||||
out.append(arg0.getMessage());
|
|
||||||
out.append("\n");
|
|
||||||
|
|
||||||
return out.toString();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This is a small inner class used to hold all of the command line option
|
* This is a small inner class used to hold all of the command line option
|
||||||
* state.
|
* state.
|
||||||
@ -103,8 +81,8 @@ public class VerifyZone
|
|||||||
OptionBuilder.hasOptionalArg();
|
OptionBuilder.hasOptionalArg();
|
||||||
OptionBuilder.withLongOpt("verbose");
|
OptionBuilder.withLongOpt("verbose");
|
||||||
OptionBuilder.withArgName("level");
|
OptionBuilder.withArgName("level");
|
||||||
OptionBuilder.withDescription("verbosity level -- 0 is silence, "
|
OptionBuilder.withDescription("verbosity level -- 0 is silence, 3 is info, "
|
||||||
+ "5 is debug information, 6 is trace information. default is level 5.");
|
+ "5 is debug information, 6 is trace information. default is level 2 (warning)");
|
||||||
opts.addOption(OptionBuilder.create('v'));
|
opts.addOption(OptionBuilder.create('v'));
|
||||||
|
|
||||||
OptionBuilder.hasArg();
|
OptionBuilder.hasArg();
|
||||||
@ -141,17 +119,25 @@ public class VerifyZone
|
|||||||
Logger rootLogger = Logger.getLogger("");
|
Logger rootLogger = Logger.getLogger("");
|
||||||
if (cli.hasOption('v'))
|
if (cli.hasOption('v'))
|
||||||
{
|
{
|
||||||
int value = parseInt(cli.getOptionValue('v'), 1);
|
int value = parseInt(cli.getOptionValue('v'), -1);
|
||||||
switch (value)
|
switch (value)
|
||||||
{
|
{
|
||||||
case 0:
|
case 0:
|
||||||
rootLogger.setLevel(Level.OFF);
|
rootLogger.setLevel(Level.OFF);
|
||||||
break;
|
break;
|
||||||
case 1:
|
case 1:
|
||||||
|
rootLogger.setLevel(Level.SEVERE);
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
|
default:
|
||||||
|
rootLogger.setLevel(Level.WARNING);
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
rootLogger.setLevel(Level.INFO);
|
rootLogger.setLevel(Level.INFO);
|
||||||
break;
|
break;
|
||||||
|
case 4:
|
||||||
|
rootLogger.setLevel(Level.CONFIG);
|
||||||
case 5:
|
case 5:
|
||||||
default:
|
|
||||||
rootLogger.setLevel(Level.FINE);
|
rootLogger.setLevel(Level.FINE);
|
||||||
break;
|
break;
|
||||||
case 6:
|
case 6:
|
||||||
@ -163,7 +149,7 @@ public class VerifyZone
|
|||||||
for (Handler h : rootLogger.getHandlers())
|
for (Handler h : rootLogger.getHandlers())
|
||||||
{
|
{
|
||||||
h.setLevel(rootLogger.getLevel());
|
h.setLevel(rootLogger.getLevel());
|
||||||
h.setFormatter(new MyLogFormatter());
|
h.setFormatter(new BareLogFormatter());
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cli.hasOption('m'))
|
if (cli.hasOption('m'))
|
||||||
|
@ -33,6 +33,7 @@ import java.io.IOException;
|
|||||||
import java.io.PrintWriter;
|
import java.io.PrintWriter;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
|
import java.util.logging.Handler;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
@ -41,6 +42,7 @@ import org.xbill.DNS.*;
|
|||||||
import org.xbill.DNS.Options;
|
import org.xbill.DNS.Options;
|
||||||
import org.xbill.DNS.utils.base32;
|
import org.xbill.DNS.utils.base32;
|
||||||
|
|
||||||
|
import com.verisignlabs.dnssec.security.BareLogFormatter;
|
||||||
import com.verisignlabs.dnssec.security.RecordComparator;
|
import com.verisignlabs.dnssec.security.RecordComparator;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -82,17 +84,28 @@ public class ZoneFormat
|
|||||||
if (cli.hasOption('m')) Options.set("multiline");
|
if (cli.hasOption('m')) Options.set("multiline");
|
||||||
if (cli.hasOption('N')) assignNSEC3 = true;
|
if (cli.hasOption('N')) assignNSEC3 = true;
|
||||||
|
|
||||||
|
Logger rootLogger = Logger.getLogger("");
|
||||||
if (cli.hasOption('v'))
|
if (cli.hasOption('v'))
|
||||||
{
|
{
|
||||||
int value = parseInt(cli.getOptionValue('v'), 5);
|
int value = parseInt(cli.getOptionValue('v'), -1);
|
||||||
Logger rootLogger = Logger.getLogger("");
|
|
||||||
switch (value)
|
switch (value)
|
||||||
{
|
{
|
||||||
case 0:
|
case 0:
|
||||||
rootLogger.setLevel(Level.OFF);
|
rootLogger.setLevel(Level.OFF);
|
||||||
break;
|
break;
|
||||||
case 5:
|
case 1:
|
||||||
|
rootLogger.setLevel(Level.SEVERE);
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
default:
|
default:
|
||||||
|
rootLogger.setLevel(Level.WARNING);
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
|
rootLogger.setLevel(Level.INFO);
|
||||||
|
break;
|
||||||
|
case 4:
|
||||||
|
rootLogger.setLevel(Level.CONFIG);
|
||||||
|
case 5:
|
||||||
rootLogger.setLevel(Level.FINE);
|
rootLogger.setLevel(Level.FINE);
|
||||||
break;
|
break;
|
||||||
case 6:
|
case 6:
|
||||||
@ -100,6 +113,12 @@ public class ZoneFormat
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// I hate java.util.logging, btw.
|
||||||
|
for (Handler h : rootLogger.getHandlers())
|
||||||
|
{
|
||||||
|
h.setLevel(rootLogger.getLevel());
|
||||||
|
h.setFormatter(new BareLogFormatter());
|
||||||
|
}
|
||||||
|
|
||||||
String[] cl_args = cli.getArgs();
|
String[] cl_args = cli.getArgs();
|
||||||
|
|
||||||
|
24
src/com/verisignlabs/dnssec/security/BareLogFormatter.java
Normal file
24
src/com/verisignlabs/dnssec/security/BareLogFormatter.java
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
package com.verisignlabs.dnssec.security;
|
||||||
|
|
||||||
|
import java.util.logging.LogRecord;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This is a very simple log formatter that simply outputs the log level and log
|
||||||
|
* string.
|
||||||
|
*/
|
||||||
|
public class BareLogFormatter extends java.util.logging.Formatter
|
||||||
|
{
|
||||||
|
@Override
|
||||||
|
public String format(LogRecord arg0)
|
||||||
|
{
|
||||||
|
StringBuilder out = new StringBuilder();
|
||||||
|
String lvl = arg0.getLevel().getName();
|
||||||
|
|
||||||
|
out.append(lvl);
|
||||||
|
out.append(": ");
|
||||||
|
out.append(arg0.getMessage());
|
||||||
|
out.append("\n");
|
||||||
|
|
||||||
|
return out.toString();
|
||||||
|
}
|
||||||
|
}
|
@ -855,13 +855,7 @@ public class SignUtils
|
|||||||
proto_nsec3s);
|
proto_nsec3s);
|
||||||
|
|
||||||
List nsec3s = finishNSEC3s(proto_nsec3s, nsec3_ttl);
|
List nsec3s = finishNSEC3s(proto_nsec3s, nsec3_ttl);
|
||||||
// DEBUG
|
|
||||||
// for (Iterator i = nsec3s.iterator(); i.hasNext();)
|
|
||||||
// {
|
|
||||||
// NSEC3Record nsec3 = (NSEC3Record) i.next();
|
|
||||||
// log.fine("NSEC3: " + nsec3 + "\nRDATA: "
|
|
||||||
// + base16.toString(nsec3.rdataToWireCanonical()));
|
|
||||||
// }
|
|
||||||
records.addAll(nsec3s);
|
records.addAll(nsec3s);
|
||||||
|
|
||||||
NSEC3PARAMRecord nsec3param = new NSEC3PARAMRecord(
|
NSEC3PARAMRecord nsec3param = new NSEC3PARAMRecord(
|
||||||
@ -1121,7 +1115,6 @@ public class SignUtils
|
|||||||
{
|
{
|
||||||
cur_nsec3 = (ProtoNSEC3) i.next();
|
cur_nsec3 = (ProtoNSEC3) i.next();
|
||||||
|
|
||||||
// log.fine("finishNSEC3s: processing " + cur_nsec3);
|
|
||||||
// check to see if cur is a duplicate (by name)
|
// check to see if cur is a duplicate (by name)
|
||||||
if (prev_nsec3 != null
|
if (prev_nsec3 != null
|
||||||
&& Arrays.equals(prev_nsec3.getOwner(), cur_nsec3.getOwner()))
|
&& Arrays.equals(prev_nsec3.getOwner(), cur_nsec3.getOwner()))
|
||||||
|
@ -221,7 +221,12 @@ public class ZoneVerifier
|
|||||||
// Learn some things about the zone as we do this pass.
|
// Learn some things about the zone as we do this pass.
|
||||||
if (r_type == Type.SOA) mZoneName = r_name;
|
if (r_type == Type.SOA) mZoneName = r_name;
|
||||||
if (r_type == Type.NSEC3PARAM) mNSEC3params = (NSEC3PARAMRecord) r;
|
if (r_type == Type.NSEC3PARAM) mNSEC3params = (NSEC3PARAMRecord) r;
|
||||||
if (r_type == Type.DNSKEY) mVerifier.addTrustedKey((DNSKEYRecord) r);
|
if (r_type == Type.DNSKEY) {
|
||||||
|
DNSKEYRecord dnskey = (DNSKEYRecord) r;
|
||||||
|
mVerifier.addTrustedKey(dnskey);
|
||||||
|
log.info("Adding trusted key: " + dnskey + " ; keytag = "
|
||||||
|
+ dnskey.getFootprint());
|
||||||
|
}
|
||||||
|
|
||||||
if (mDNSSECType == DNSSECType.UNSIGNED) mDNSSECType = determineDNSSECType(r);
|
if (mDNSSECType == DNSSECType.UNSIGNED) mDNSSECType = determineDNSSECType(r);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user