From: Wouter Wijngaards Date: Thu, 7 Feb 2008 09:46:49 +0000 (+0000) Subject: move around debug levels. X-Git-Tag: release-0.9~11 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=849026931b105e26f3c604cfb186b8b9077ec34e;p=thirdparty%2Funbound.git move around debug levels. git-svn-id: file:///svn/unbound/trunk@929 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/Makefile.in b/Makefile.in index 98159922d..0a2341ea2 100644 --- a/Makefile.in +++ b/Makefile.in @@ -221,9 +221,8 @@ tags: $(srcdir)/*.[ch] $(srcdir)/*/*.[ch] ctags -f $(srcdir)/tags $(srcdir)/*.[ch] $(srcdir)/*/*.[ch] doc: -ifdef doxygen - $(doxygen) $(srcdir)/doc/unbound.doxygen -endif + if test -n "$(doxygen)"; then \ + $(doxygen) $(srcdir)/doc/unbound.doxygen; fi strip: strip unbound diff --git a/daemon/acl_list.c b/daemon/acl_list.c index b3b879cae..42a58fc02 100644 --- a/daemon/acl_list.c +++ b/daemon/acl_list.c @@ -104,7 +104,7 @@ acl_list_insert(struct acl_list* acl, struct sockaddr_storage* addr, node->control = control; if(!rbtree_insert(acl->tree, &node->node)) { if(complain_duplicates) - verbose(VERB_DETAIL, "duplicate acl address ignored."); + verbose(VERB_QUERY, "duplicate acl address ignored."); } return 1; } diff --git a/daemon/unbound.c b/daemon/unbound.c index 200e92871..248cc0abf 100644 --- a/daemon/unbound.c +++ b/daemon/unbound.c @@ -274,7 +274,7 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode) fatal_exit("Could not chdir to %s: %s", cfg->directory, strerror(errno)); } - verbose(VERB_DETAIL, "chdir to %s", cfg->directory); + verbose(VERB_QUERY, "chdir to %s", cfg->directory); } if(cfg->username && cfg->username[0]) { struct passwd *pwd; @@ -288,7 +288,7 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode) if(chroot(cfg->chrootdir)) fatal_exit("unable to chroot to %s: %s", cfg->chrootdir, strerror(errno)); - verbose(VERB_DETAIL, "chroot to %s", cfg->chrootdir); + verbose(VERB_QUERY, "chroot to %s", cfg->chrootdir); } if(cfg->username && cfg->username[0]) { if(setgid(gid) != 0) @@ -297,7 +297,7 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode) if(setuid(uid) != 0) fatal_exit("unable to set user id of %s: %s", cfg->username, strerror(errno)); - verbose(VERB_DETAIL, "drop user privileges, run as %s", + verbose(VERB_QUERY, "drop user privileges, run as %s", cfg->username); } /* check old pid file before forking */ diff --git a/daemon/worker.c b/daemon/worker.c index 1df82310c..6ea3f9cce 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -166,7 +166,7 @@ worker_mem_report(struct worker* ATTR_UNUSED(worker), #else /* no UNBOUND_ALLOC_STATS */ size_t val = 0; int i; - if(verbosity < VERB_DETAIL) + if(verbosity < VERB_QUERY) return; for(i=0; ienv.mesh->mods.num; i++) { log_assert(fptr_whitelist_mod_get_mem(worker->env.mesh-> @@ -175,7 +175,7 @@ worker_mem_report(struct worker* ATTR_UNUSED(worker), val += (*worker->env.mesh->mods.mod[i]->get_mem) (&worker->env, i); } - verbose(VERB_DETAIL, "cache memory msg=%u rrset=%u infra=%u val=%u", + verbose(VERB_QUERY, "cache memory msg=%u rrset=%u infra=%u val=%u", slabhash_get_mem(worker->env.msg_cache), slabhash_get_mem(&worker->env.rrset_cache->table), infra_get_mem(worker->env.infra_cache), @@ -267,45 +267,45 @@ static int worker_check_request(ldns_buffer* pkt, struct worker* worker) { if(ldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) { - verbose(VERB_DETAIL, "request too short, discarded"); + verbose(VERB_QUERY, "request too short, discarded"); return -1; } if(ldns_buffer_limit(pkt) > NORMAL_UDP_SIZE && worker->daemon->cfg->harden_large_queries) { - verbose(VERB_DETAIL, "request too large, discarded"); + verbose(VERB_QUERY, "request too large, discarded"); return -1; } if(LDNS_QR_WIRE(ldns_buffer_begin(pkt))) { - verbose(VERB_DETAIL, "request has QR bit on, discarded"); + verbose(VERB_QUERY, "request has QR bit on, discarded"); return -1; } if(LDNS_TC_WIRE(ldns_buffer_begin(pkt))) { LDNS_TC_CLR(ldns_buffer_begin(pkt)); - verbose(VERB_DETAIL, "request bad, has TC bit on"); + verbose(VERB_QUERY, "request bad, has TC bit on"); return LDNS_RCODE_FORMERR; } if(LDNS_OPCODE_WIRE(ldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY) { - verbose(VERB_DETAIL, "request unknown opcode %d", + verbose(VERB_QUERY, "request unknown opcode %d", LDNS_OPCODE_WIRE(ldns_buffer_begin(pkt))); return LDNS_RCODE_NOTIMPL; } if(LDNS_QDCOUNT(ldns_buffer_begin(pkt)) != 1) { - verbose(VERB_DETAIL, "request wrong nr qd=%d", + verbose(VERB_QUERY, "request wrong nr qd=%d", LDNS_QDCOUNT(ldns_buffer_begin(pkt))); return LDNS_RCODE_FORMERR; } if(LDNS_ANCOUNT(ldns_buffer_begin(pkt)) != 0) { - verbose(VERB_DETAIL, "request wrong nr an=%d", + verbose(VERB_QUERY, "request wrong nr an=%d", LDNS_ANCOUNT(ldns_buffer_begin(pkt))); return LDNS_RCODE_FORMERR; } if(LDNS_NSCOUNT(ldns_buffer_begin(pkt)) != 0) { - verbose(VERB_DETAIL, "request wrong nr ns=%d", + verbose(VERB_QUERY, "request wrong nr ns=%d", LDNS_NSCOUNT(ldns_buffer_begin(pkt))); return LDNS_RCODE_FORMERR; } if(LDNS_ARCOUNT(ldns_buffer_begin(pkt)) > 1) { - verbose(VERB_DETAIL, "request wrong nr ar=%d", + verbose(VERB_QUERY, "request wrong nr ar=%d", LDNS_ARCOUNT(ldns_buffer_begin(pkt))); return LDNS_RCODE_FORMERR; } @@ -758,7 +758,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, } if(edns.edns_present && edns.udp_size < NORMAL_UDP_SIZE && worker->daemon->cfg->harden_short_bufsize) { - verbose(VERB_DETAIL, "worker request: EDNS bufsize %d ignored", + verbose(VERB_QUERY, "worker request: EDNS bufsize %d ignored", (int)edns.udp_size); edns.udp_size = NORMAL_UDP_SIZE; } @@ -835,21 +835,21 @@ worker_sighandler(int sig, void* arg) struct worker* worker = (struct worker*)arg; switch(sig) { case SIGHUP: - verbose(VERB_DETAIL, "caught signal SIGHUP"); + verbose(VERB_QUERY, "caught signal SIGHUP"); comm_base_exit(worker->base); break; case SIGINT: - verbose(VERB_DETAIL, "caught signal SIGINT"); + verbose(VERB_QUERY, "caught signal SIGINT"); worker->need_to_exit = 1; comm_base_exit(worker->base); break; case SIGQUIT: - verbose(VERB_DETAIL, "caught signal SIGQUIT"); + verbose(VERB_QUERY, "caught signal SIGQUIT"); worker->need_to_exit = 1; comm_base_exit(worker->base); break; case SIGTERM: - verbose(VERB_DETAIL, "caught signal SIGTERM"); + verbose(VERB_QUERY, "caught signal SIGTERM"); worker->need_to_exit = 1; comm_base_exit(worker->base); break; diff --git a/doc/Changelog b/doc/Changelog index cf4e8ad46..9e766b6b0 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,8 @@ +7 February 2008: Wouter + - moved up all current level 2 to be level 3. And 3 to 4. + to make room for new debug level 2 for detailed information + for operators. + 6 February 2008: Wouter - clearer explanation of threading configure options. - fixup asynclook test for nothreading (it creates only one process diff --git a/doc/unbound.conf.5 b/doc/unbound.conf.5 index 88169c241..c771c23e9 100644 --- a/doc/unbound.conf.5 +++ b/doc/unbound.conf.5 @@ -77,8 +77,9 @@ clause. .TP .B verbosity: \fI The verbosity number, level 0 means no verbosity, only errors. Level 1 -gives operational information. Level 2 gives query level information, -output per query. Level 3 gives algorithm level information. +gives operational information. Level 2 gives detailed operational +information. Level 3 gives query level information, output per query. +Level 4 gives algorithm level information. Default is level 1. The verbosity can also be increased from the commandline, see \fIunbound\fR(8). diff --git a/iterator/iter_donotq.c b/iterator/iter_donotq.c index e9a31fcb3..3f53ddc25 100644 --- a/iterator/iter_donotq.c +++ b/iterator/iter_donotq.c @@ -103,7 +103,7 @@ donotq_insert(struct iter_donotq* dq, struct sockaddr_storage* addr, node->net = net; node->parent = NULL; if(!rbtree_insert(dq->tree, &node->node)) { - verbose(VERB_DETAIL, "duplicate donotquery address ignored."); + verbose(VERB_QUERY, "duplicate donotquery address ignored."); } return 1; } diff --git a/iterator/iter_fwd.c b/iterator/iter_fwd.c index 449a62d9e..e61b5b491 100644 --- a/iterator/iter_fwd.c +++ b/iterator/iter_fwd.c @@ -228,8 +228,8 @@ read_forwards(struct iter_forwards* fwd, struct config_file* cfg) return 0; if(!forwards_insert(fwd, LDNS_RR_CLASS_IN, dp)) return 0; - verbose(VERB_DETAIL, "Forward zone server list:"); - delegpt_log(VERB_DETAIL, dp); + verbose(VERB_QUERY, "Forward zone server list:"); + delegpt_log(VERB_QUERY, dp); } return 1; } diff --git a/iterator/iter_hints.c b/iterator/iter_hints.c index 97ffe8f56..50f178688 100644 --- a/iterator/iter_hints.c +++ b/iterator/iter_hints.c @@ -285,7 +285,7 @@ read_stubs(struct iter_hints* hints, struct config_file* cfg) return 0; if(!hints_insert(hints, LDNS_RR_CLASS_IN, dp)) return 0; - delegpt_log(VERB_DETAIL, dp); + delegpt_log(VERB_QUERY, dp); } return 1; } @@ -314,7 +314,7 @@ read_root_hints(struct iter_hints* hints, char* fname) fclose(f); return 0; } - verbose(VERB_DETAIL, "Reading root hints from %s", fname); + verbose(VERB_QUERY, "Reading root hints from %s", fname); while(!feof(f)) { status = ldns_rr_new_frm_fp_l(&rr, f, &default_ttl, &origin, &prev_rr, &lineno); @@ -391,7 +391,7 @@ read_root_hints(struct iter_hints* hints, char* fname) if(!hints_insert(hints, c, dp)) { return 0; } - delegpt_log(VERB_DETAIL, dp); + delegpt_log(VERB_QUERY, dp); return 1; } diff --git a/iterator/iter_scrub.c b/iterator/iter_scrub.c index f6123cbb2..76551a144 100644 --- a/iterator/iter_scrub.c +++ b/iterator/iter_scrub.c @@ -60,11 +60,11 @@ static void remove_rrset(const char* str, ldns_buffer* pkt, struct msg_parse* msg, struct rrset_parse* prev, struct rrset_parse** rrset) { - if(verbosity >= VERB_DETAIL + if(verbosity >= VERB_QUERY && (*rrset)->dname_len <= LDNS_MAX_DOMAINLEN) { uint8_t buf[LDNS_MAX_DOMAINLEN+1]; dname_pkt_copy(pkt, buf, (*rrset)->dname); - log_nametypeclass(VERB_DETAIL, str, buf, + log_nametypeclass(VERB_QUERY, str, buf, (*rrset)->type, ntohs((*rrset)->rrset_class)); } if(prev) diff --git a/iterator/iter_utils.c b/iterator/iter_utils.c index 56cbed128..778580fe0 100644 --- a/iterator/iter_utils.c +++ b/iterator/iter_utils.c @@ -102,7 +102,7 @@ iter_apply_cfg(struct iter_env* iter_env, struct config_file* cfg) if(!read_fetch_policy(iter_env, cfg->target_fetch_policy)) return 0; for(i=0; imax_dependency_depth+1; i++) - verbose(VERB_DETAIL, "target fetch policy for level %d is %d", + verbose(VERB_QUERY, "target fetch policy for level %d is %d", i, iter_env->target_fetch_policy[i]); if(!iter_env->hints) @@ -331,7 +331,7 @@ iter_mark_cycle_targets(struct module_qstate* qstate, struct delegpt* dp) LDNS_RR_TYPE_AAAA, qstate->qinfo.qclass) || causes_cycle(qstate, ns->name, ns->namelen, LDNS_RR_TYPE_A, qstate->qinfo.qclass)) { - log_nametypeclass(VERB_DETAIL, "skipping target due " + log_nametypeclass(VERB_QUERY, "skipping target due " "to dependency cycle (harden-glue: no may " "fix some of the cycles)", ns->name, LDNS_RR_TYPE_A, diff --git a/iterator/iterator.c b/iterator/iterator.c index 0a5cb7a91..9453d9b5f 100644 --- a/iterator/iterator.c +++ b/iterator/iterator.c @@ -216,7 +216,7 @@ error_supers(struct module_qstate* qstate, int id, struct module_qstate* super) static int error_response(struct module_qstate* qstate, int id, int rcode) { - verbose(VERB_DETAIL, "return error response %s", + verbose(VERB_QUERY, "return error response %s", ldns_lookup_by_id(ldns_rcodes, rcode)? ldns_lookup_by_id(ldns_rcodes, rcode)->name:"??"); qstate->return_rcode = rcode; @@ -566,7 +566,7 @@ prime_stub(struct module_qstate* qstate, struct iter_qstate* iq, return 0; /* Otherwise, we need to (re)prime the stub. */ - log_nametypeclass(VERB_DETAIL, "priming stub", stub_dp->name, + log_nametypeclass(VERB_QUERY, "priming stub", stub_dp->name, LDNS_RR_TYPE_NS, qclass); /* Stub priming events start at the QUERYTARGETS state to avoid the @@ -656,13 +656,13 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq, size_t delnamelen; struct dns_msg* msg; - log_query_info(VERB_DETAIL, "resolving", &qstate->qinfo); + log_query_info(VERB_QUERY, "resolving", &qstate->qinfo); /* check effort */ /* We enforce a maximum number of query restarts. This is primarily a * cheap way to prevent CNAME loops. */ if(iq->query_restart_count > MAX_RESTART_COUNT) { - verbose(VERB_DETAIL, "request has exceeded the maximum number" + verbose(VERB_QUERY, "request has exceeded the maximum number" " of query restarts with %d", iq->query_restart_count); return error_response(qstate, id, LDNS_RCODE_SERVFAIL); } @@ -673,7 +673,7 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq, * of work required to answer a given query. */ verbose(VERB_ALGO, "request has dependency depth of %d", iq->depth); if(iq->depth > ie->max_dependency_depth) { - verbose(VERB_DETAIL, "request has exceeded the maximum " + verbose(VERB_QUERY, "request has exceeded the maximum " "dependency depth with depth of %d", iq->depth); return error_response(qstate, id, LDNS_RCODE_SERVFAIL); } @@ -792,7 +792,7 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq, if(iter_dp_is_useless(qstate, iq->dp)) { if(dname_is_root(iq->dp->name)) { /* use safety belt */ - verbose(VERB_DETAIL, "Cache has root NS but " + verbose(VERB_QUERY, "Cache has root NS but " "no addresses. Fallback to the safety belt."); iq->dp = hints_lookup_root(ie->hints, iq->qchase.qclass); @@ -861,7 +861,7 @@ static int processInitRequest2(struct module_qstate* qstate, struct iter_qstate* iq, struct iter_env* ie, int id) { - log_query_info(VERB_DETAIL, "resolving (init part 2): ", + log_query_info(VERB_QUERY, "resolving (init part 2): ", &qstate->qinfo); /* Check to see if we need to prime a stub zone. */ @@ -888,7 +888,7 @@ processInitRequest2(struct module_qstate* qstate, struct iter_qstate* iq, static int processInitRequest3(struct module_qstate* qstate, struct iter_qstate* iq) { - log_query_info(VERB_DETAIL, "resolving (init part 3): ", + log_query_info(VERB_QUERY, "resolving (init part 3): ", &qstate->qinfo); /* If the RD flag wasn't set, then we just finish with the * cached referral as the response. */ @@ -938,7 +938,7 @@ generate_target_query(struct module_qstate* qstate, struct iter_qstate* iq, subiq->dp = delegpt_copy(iq->dp, subq->region); } } - log_nametypeclass(VERB_DETAIL, "new target", name, qtype, qclass); + log_nametypeclass(VERB_QUERY, "new target", name, qtype, qclass); return 1; } @@ -1052,7 +1052,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, * needs to send a query to. That is, at least one per referral, * more if some targets timeout or return throwaway answers. */ - log_query_info(VERB_DETAIL, "processQueryTargets:", &qstate->qinfo); + log_query_info(VERB_QUERY, "processQueryTargets:", &qstate->qinfo); verbose(VERB_ALGO, "processQueryTargets: targetqueries %d, " "currentqueries %d", iq->num_target_queries, iq->num_current_queries); @@ -1061,7 +1061,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, /* Make sure that we haven't run away */ /* FIXME: is this check even necessary? */ if(iq->referral_count > MAX_REFERRAL_COUNT) { - verbose(VERB_DETAIL, "request has exceeded the maximum " + verbose(VERB_QUERY, "request has exceeded the maximum " "number of referrrals with %d", iq->referral_count); return error_response(qstate, id, LDNS_RCODE_SERVFAIL); } @@ -1069,7 +1069,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, /* Make sure we have a delegation point, otherwise priming failed * or another failure occurred */ if(!iq->dp) { - verbose(VERB_DETAIL, "Failed to get a delegation, giving up"); + verbose(VERB_QUERY, "Failed to get a delegation, giving up"); return error_response(qstate, id, LDNS_RCODE_SERVFAIL); } delegpt_log(VERB_ALGO, iq->dp); @@ -1137,7 +1137,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, /* Since a target query might have been made, we * need to check again. */ if(iq->num_target_queries == 0) { - verbose(VERB_DETAIL, "out of query targets -- " + verbose(VERB_QUERY, "out of query targets -- " "returning SERVFAIL"); /* fail -- no more targets, no more hope * of targets, no hope of a response. */ @@ -1164,8 +1164,8 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, } /* We have a valid target. */ - log_query_info(VERB_DETAIL, "sending query:", &iq->qchase); - log_name_addr(VERB_DETAIL, "sending to target:", iq->dp->name, + log_query_info(VERB_QUERY, "sending query:", &iq->qchase); + log_name_addr(VERB_QUERY, "sending to target:", iq->dp->name, &target->addr, target->addrlen); log_assert(fptr_whitelist_modenv_send_query(qstate->env->send_query)); outq = (*qstate->env->send_query)( @@ -1239,7 +1239,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, if(type == RESPONSE_TYPE_ANSWER) { /* ANSWER type responses terminate the query algorithm, * so they sent on their */ - verbose(VERB_DETAIL, "query response was ANSWER"); + verbose(VERB_QUERY, "query response was ANSWER"); if(!iter_dns_store(qstate->env, &iq->response->qinfo, iq->response->rep, 0)) return error_response(qstate, id, LDNS_RCODE_SERVFAIL); @@ -1254,7 +1254,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, } else if(type == RESPONSE_TYPE_REFERRAL) { /* REFERRAL type responses get a reset of the * delegation point, and back to the QUERYTARGETS_STATE. */ - verbose(VERB_DETAIL, "query response was REFERRAL"); + verbose(VERB_QUERY, "query response was REFERRAL"); /* Store the referral under the current query */ if(!iter_dns_store(qstate->env, &iq->response->qinfo, @@ -1296,7 +1296,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, /* CNAME type responses get a query restart (i.e., get a * reset of the query state and go back to INIT_REQUEST_STATE). */ - verbose(VERB_DETAIL, "query response was CNAME"); + verbose(VERB_QUERY, "query response was CNAME"); if(verbosity >= VERB_ALGO) log_dns_msg("cname msg", &iq->response->qinfo, iq->response->rep); @@ -1335,7 +1335,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, return next_state(iq, INIT_REQUEST_STATE); } else if(type == RESPONSE_TYPE_LAME) { /* Cache the LAMEness. */ - verbose(VERB_DETAIL, "query response was %sLAME", + verbose(VERB_QUERY, "query response was %sLAME", dnsseclame?"DNSSEC ":""); if(qstate->reply) { /* need addr for lameness cache, but we may have @@ -1352,7 +1352,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, * In this case, the event is just sent directly back to * the QUERYTARGETS_STATE without resetting anything, * because, clearly, the next target must be tried. */ - verbose(VERB_DETAIL, "query response was THROWAWAY"); + verbose(VERB_QUERY, "query response was THROWAWAY"); } else { log_warn("A query response came back with an unknown type: %d", (int)type); @@ -1394,7 +1394,7 @@ prime_supers(struct module_qstate* qstate, int id, struct module_qstate* forq) return; } - log_query_info(VERB_DETAIL, "priming successful for", &qstate->qinfo); + log_query_info(VERB_QUERY, "priming successful for", &qstate->qinfo); delegpt_log(VERB_ALGO, dp); foriq->dp = dp; foriq->deleg_msg = dns_copy_msg(qstate->return_msg, forq->region); @@ -1529,7 +1529,7 @@ static int processFinished(struct module_qstate* qstate, struct iter_qstate* iq, int id) { - log_query_info(VERB_DETAIL, "finishing processing for", + log_query_info(VERB_QUERY, "finishing processing for", &qstate->qinfo); if(!iq->response) { @@ -1728,7 +1728,7 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq, iq->response = dns_alloc_msg(pkt, prs, qstate->region); if(!iq->response) goto handle_it; - log_name_addr(VERB_DETAIL, "incoming packet from target:", iq->dp->name, + log_name_addr(VERB_QUERY, "incoming packet from target:", iq->dp->name, &qstate->reply->addr, qstate->reply->addrlen); if(verbosity >= VERB_ALGO) log_dns_msg("incoming scrubbed packet:", &iq->response->qinfo, @@ -1745,12 +1745,12 @@ iter_operate(struct module_qstate* qstate, enum module_ev event, int id, { struct iter_env* ie = (struct iter_env*)qstate->env->modinfo[id]; struct iter_qstate* iq = (struct iter_qstate*)qstate->minfo[id]; - verbose(VERB_DETAIL, "iterator[module %d] operate: extstate:%s event:%s", + verbose(VERB_QUERY, "iterator[module %d] operate: extstate:%s event:%s", id, strextstate(qstate->ext_state[id]), strmodulevent(event)); - if(iq) log_query_info(VERB_DETAIL, "iterator operate: query", + if(iq) log_query_info(VERB_QUERY, "iterator operate: query", &qstate->qinfo); if(iq && qstate->qinfo.qname != iq->qchase.qname) - log_query_info(VERB_DETAIL, "iterator operate: chased to", + log_query_info(VERB_QUERY, "iterator operate: chased to", &iq->qchase); /* perform iterator state machine */ diff --git a/services/mesh.c b/services/mesh.c index 03ddc1a50..57646a128 100644 --- a/services/mesh.c +++ b/services/mesh.c @@ -673,7 +673,7 @@ mesh_continue(struct mesh_area* mesh, struct mesh_state* mstate, if(mstate->num_activated > MESH_MAX_ACTIVATION) { /* module is looping. Stop it. */ log_err("internal error: looping module stopped"); - log_query_info(VERB_DETAIL, "pass error for qstate", + log_query_info(VERB_QUERY, "pass error for qstate", &mstate->s.qinfo); s = module_error; } @@ -682,7 +682,7 @@ mesh_continue(struct mesh_area* mesh, struct mesh_state* mstate, mstate->s.curmod++; if(mesh->mods.num == mstate->s.curmod) { log_err("Cannot pass to next module; at last module"); - log_query_info(VERB_DETAIL, "pass error for qstate", + log_query_info(VERB_QUERY, "pass error for qstate", &mstate->s.qinfo); mstate->s.curmod--; return mesh_continue(mesh, mstate, module_error, ev); diff --git a/services/modstack.c b/services/modstack.c index 0040c3d9e..7f4980123 100644 --- a/services/modstack.c +++ b/services/modstack.c @@ -77,7 +77,7 @@ int modstack_config(struct module_stack* stack, const char* module_conf) { int i; - verbose(VERB_DETAIL, "module config: \"%s\"", module_conf); + verbose(VERB_QUERY, "module config: \"%s\"", module_conf); stack->num = count_modules(module_conf); if(stack->num == 0) { log_err("error: no modules specified"); diff --git a/services/outside_network.c b/services/outside_network.c index 50fa846c0..445547d71 100644 --- a/services/outside_network.c +++ b/services/outside_network.c @@ -202,13 +202,13 @@ outnet_tcp_cb(struct comm_point* c, void* arg, int error, struct outside_network* outnet = pend->query->outnet; verbose(VERB_ALGO, "outnettcp cb"); if(error != NETEVENT_NOERROR) { - verbose(VERB_DETAIL, "outnettcp got tcp error %d", error); + verbose(VERB_QUERY, "outnettcp got tcp error %d", error); /* pass error below and exit */ } else { /* check ID */ if(ldns_buffer_limit(c->buffer) < sizeof(uint16_t) || LDNS_ID_WIRE(ldns_buffer_begin(c->buffer))!=pend->id) { - log_addr(VERB_DETAIL, + log_addr(VERB_QUERY, "outnettcp: bad ID in reply, from:", &pend->query->addr, pend->query->addrlen); error = NETEVENT_CLOSED; @@ -230,11 +230,11 @@ outnet_udp_cb(struct comm_point* c, void* arg, int error, verbose(VERB_ALGO, "answer cb"); if(error != NETEVENT_NOERROR) { - verbose(VERB_DETAIL, "outnetudp got udp error %d", error); + verbose(VERB_QUERY, "outnetudp got udp error %d", error); return 0; } if(ldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE) { - verbose(VERB_DETAIL, "outnetudp udp too short"); + verbose(VERB_QUERY, "outnetudp udp too short"); return 0; } log_assert(reply_info); @@ -251,7 +251,7 @@ outnet_udp_cb(struct comm_point* c, void* arg, int error, verbose(VERB_ALGO, "lookup size is %d entries", (int)outnet->pending->count); p = (struct pending*)rbtree_search(outnet->pending, &key); if(!p) { - verbose(VERB_DETAIL, "received unwanted or unsolicited udp reply dropped."); + verbose(VERB_QUERY, "received unwanted or unsolicited udp reply dropped."); log_buf(VERB_ALGO, "dropped message", c->buffer); return 0; } @@ -259,7 +259,7 @@ outnet_udp_cb(struct comm_point* c, void* arg, int error, verbose(VERB_ALGO, "received udp reply."); log_buf(VERB_ALGO, "udp message", c->buffer); if(p->c != c) { - verbose(VERB_DETAIL, "received reply id,addr on wrong port. " + verbose(VERB_QUERY, "received reply id,addr on wrong port. " "dropped."); return 0; } @@ -1029,7 +1029,7 @@ serviced_tcp_callback(struct comm_point* c, void* arg, int error, struct comm_reply r2; sq->pending = NULL; /* removed after this callback */ if(error != NETEVENT_NOERROR) - log_addr(VERB_DETAIL, "tcp error for address", + log_addr(VERB_QUERY, "tcp error for address", &sq->addr, sq->addrlen); if(error==NETEVENT_NOERROR) infra_update_tcp_works(sq->outnet->infra, &sq->addr, diff --git a/testcode/unitverify.c b/testcode/unitverify.c index 353aeb444..0f89b10ad 100644 --- a/testcode/unitverify.c +++ b/testcode/unitverify.c @@ -150,7 +150,7 @@ verifytest_rrset(struct module_env* env, struct val_env* ve, { enum sec_status sec; if(vsig) { - log_nametypeclass(VERB_DETAIL, "verify of rrset", + log_nametypeclass(VERB_QUERY, "verify of rrset", rrset->rk.dname, ntohs(rrset->rk.type), ntohs(rrset->rk.rrset_class)); } @@ -237,7 +237,7 @@ dstest_entry(struct entry* e, struct alloc_cache* alloc, printf("result(no)= %s\n", ret?"yes":"no"); } unit_assert(!ret); - verbose(VERB_DETAIL, "DS fail: OK; matched unit test"); + verbose(VERB_QUERY, "DS fail: OK; matched unit test"); } else { fatal_exit("Bad qname in DS unit test, yes or no"); } @@ -274,7 +274,7 @@ verifytest_file(const char* fname, const char* at_date) ve.date_override = cfg_convert_timeval(at_date); unit_assert(region && buf); dnskey = extract_keys(list, &alloc, region, buf); - if(vsig) log_nametypeclass(VERB_DETAIL, "test dnskey", + if(vsig) log_nametypeclass(VERB_QUERY, "test dnskey", dnskey->rk.dname, ntohs(dnskey->rk.type), ntohs(dnskey->rk.rrset_class)); /* ready to go! */ diff --git a/util/data/msgparse.c b/util/data/msgparse.c index 288f206d9..2b3065954 100644 --- a/util/data/msgparse.c +++ b/util/data/msgparse.c @@ -700,9 +700,9 @@ add_rr_to_rrset(struct rrset_parse* rrset, ldns_buffer* pkt, * also the last part is more likely to be incomplete. * RFC 2181: must put RRset only once in response. */ /* - verbose(VERB_DETAIL, "Packet contains rrset data in " + verbose(VERB_QUERY, "Packet contains rrset data in " "multiple sections, dropped last part."); - log_buf(VERB_DETAIL, "packet was", pkt); + log_buf(VERB_QUERY, "packet was", pkt); */ /* forwards */ if(!skip_ttl_rdata(pkt)) diff --git a/util/log.c b/util/log.c index a63080947..c1db604cc 100644 --- a/util/log.c +++ b/util/log.c @@ -83,7 +83,7 @@ log_init(const char* filename, int use_syslog, const char* chrootdir) || log_to_syslog #endif ) - verbose(VERB_DETAIL, "switching log to %s", + verbose(VERB_QUERY, "switching log to %s", use_syslog?"syslog":(filename&&filename[0]?filename:"stderr")); if(logfile && logfile != stderr) fclose(logfile); diff --git a/util/log.h b/util/log.h index f69af339d..f6983181e 100644 --- a/util/log.h +++ b/util/log.h @@ -55,9 +55,11 @@ enum verbosity_value { NO_VERBOSE = 0, /** 1 - operational information */ VERB_OPS, - /** 2 - query level information */ + /** 2 - detailed information */ VERB_DETAIL, - /** 3 - algorithm level information */ + /** 3 - query level information */ + VERB_QUERY, + /** 4 - algorithm level information */ VERB_ALGO }; diff --git a/util/net_help.c b/util/net_help.c index 438772e47..153a433b6 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -318,9 +318,9 @@ void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone, port = ntohs(((struct sockaddr_in*)addr)->sin_port); dname_str(zone, namebuf); if(af != AF_INET && af != AF_INET6) - verbose(VERB_DETAIL, "%s <%s> %s%s#%d (addrlen %d)", + verbose(VERB_QUERY, "%s <%s> %s%s#%d (addrlen %d)", str, namebuf, family, dest, (int)port, (int)addrlen); - else verbose(VERB_DETAIL, "%s <%s> %s%s#%d", + else verbose(VERB_QUERY, "%s <%s> %s%s#%d", str, namebuf, family, dest, (int)port); } diff --git a/util/netevent.c b/util/netevent.c index 6e4d8ca1b..832cf948a 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -581,14 +581,14 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) return 1; if(ldns_buffer_read_u16_at(c->buffer, 0) > ldns_buffer_capacity(c->buffer)) { - verbose(VERB_DETAIL, "tcp: dropped larger than buffer"); + verbose(VERB_QUERY, "tcp: dropped larger than buffer"); return 0; } ldns_buffer_set_limit(c->buffer, ldns_buffer_read_u16_at(c->buffer, 0)); if(!short_ok && ldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE) { - verbose(VERB_DETAIL, "tcp: dropped bogus too short."); + verbose(VERB_QUERY, "tcp: dropped bogus too short."); return 0; } verbose(VERB_ALGO, "Reading tcp query of length %d", @@ -734,7 +734,7 @@ comm_point_tcp_handle_callback(int fd, short event, void* arg) return; } if(event&EV_TIMEOUT) { - verbose(VERB_DETAIL, "tcp took too long, dropped"); + verbose(VERB_QUERY, "tcp took too long, dropped"); reclaim_tcp_handler(c); if(!c->tcp_do_close) { log_assert(fptr_whitelist_comm_point(c->callback)); diff --git a/validator/val_anchor.c b/validator/val_anchor.c index 7847a8197..55db7b32d 100644 --- a/validator/val_anchor.c +++ b/validator/val_anchor.c @@ -270,7 +270,7 @@ anchor_store_new_rr(struct val_anchors* anchors, ldns_buffer* buffer, ldns_buffer_begin(buffer), ldns_buffer_limit(buffer))) { return 0; } - log_nametypeclass(VERB_DETAIL, "adding trusted key", + log_nametypeclass(VERB_QUERY, "adding trusted key", ldns_rdf_data(owner), ldns_rr_get_type(rr), ldns_rr_get_class(rr)); return 1; @@ -613,7 +613,7 @@ anchor_read_bind_file(struct val_anchors* anchors, ldns_buffer* buffer, log_err("error opening file %s: %s", fname, strerror(errno)); return 0; } - verbose(VERB_DETAIL, "reading in bind-compat-mode: '%s'", fname); + verbose(VERB_QUERY, "reading in bind-compat-mode: '%s'", fname); /* scan for trusted-keys keyword, ignore everything else */ ldns_buffer_clear(buffer); while((rdlen=readkeyword_bindfile(in, buffer, &line_nr, 1)) != 0) { diff --git a/validator/val_sigcrypt.c b/validator/val_sigcrypt.c index 46bf68c01..497e5c7a6 100644 --- a/validator/val_sigcrypt.c +++ b/validator/val_sigcrypt.c @@ -313,7 +313,7 @@ ds_create_dnskey_digest(struct module_env* env, return 1; #endif default: - verbose(VERB_DETAIL, "unknown DS digest algorithm %d", + verbose(VERB_QUERY, "unknown DS digest algorithm %d", (int) ds_get_digest_algo(ds_rrset, ds_idx)); break; } @@ -330,30 +330,30 @@ int ds_digest_match_dnskey(struct module_env* env, size_t digestlen = ds_digest_size_algo(ds_rrset, ds_idx); if(digestlen == 0) { - verbose(VERB_DETAIL, "DS fail: not supported, or DS RR " + verbose(VERB_QUERY, "DS fail: not supported, or DS RR " "format error"); return 0; /* not supported, or DS RR format error */ } /* check digest length in DS with length from hash function */ ds_get_sigdata(ds_rrset, ds_idx, &ds, &dslen); if(!ds || dslen != digestlen) { - verbose(VERB_DETAIL, "DS fail: DS RR algo and digest do not " + verbose(VERB_QUERY, "DS fail: DS RR algo and digest do not " "match each other"); return 0; /* DS algorithm and digest do not match */ } digest = regional_alloc(env->scratch, digestlen); if(!digest) { - verbose(VERB_DETAIL, "DS fail: out of memory"); + verbose(VERB_QUERY, "DS fail: out of memory"); return 0; /* mem error */ } if(!ds_create_dnskey_digest(env, dnskey_rrset, dnskey_idx, ds_rrset, ds_idx, digest)) { - verbose(VERB_DETAIL, "DS fail: could not calc key digest"); + verbose(VERB_QUERY, "DS fail: could not calc key digest"); return 0; /* digest algo failed */ } if(memcmp(digest, ds, dslen) != 0) { - verbose(VERB_DETAIL, "DS fail: digest is different"); + verbose(VERB_QUERY, "DS fail: digest is different"); return 0; /* digest different */ } return 1; @@ -415,7 +415,7 @@ dnskeyset_verify_rrset(struct module_env* env, struct val_env* ve, rbtree_t* sortree = NULL; num = rrset_get_sigcount(rrset); if(num == 0) { - verbose(VERB_DETAIL, "rrset failed to verify due to a lack of " + verbose(VERB_QUERY, "rrset failed to verify due to a lack of " "signatures"); return sec_status_bogus; } @@ -443,7 +443,7 @@ dnskey_verify_rrset(struct module_env* env, struct val_env* ve, num = rrset_get_sigcount(rrset); if(num == 0) { - verbose(VERB_DETAIL, "rrset failed to verify due to a lack of " + verbose(VERB_QUERY, "rrset failed to verify due to a lack of " "signatures"); return sec_status_bogus; } @@ -492,7 +492,7 @@ dnskeyset_verify_rrset_sig(struct module_env* env, struct val_env* ve, return sec; } if(numchecked == 0) { - verbose(VERB_DETAIL, "verify: could not find appropriate key"); + verbose(VERB_QUERY, "verify: could not find appropriate key"); return sec_status_bogus; } return sec_status_bogus; @@ -1069,7 +1069,7 @@ sigdate_error(const char* str, int32_t expi, int32_t incep, int32_t now) char now_buf[16]; time_t te, ti, tn; - if(verbosity < VERB_DETAIL) + if(verbosity < VERB_QUERY) return; te = (time_t)expi; ti = (time_t)incep; @@ -1151,7 +1151,7 @@ adjust_ttl(struct val_env* ve, struct ub_packed_rrset_key* rrset, * Use the smallest of these. */ if(d->ttl > (uint32_t)origttl) { - verbose(VERB_DETAIL, "rrset TTL larger than original TTL," + verbose(VERB_QUERY, "rrset TTL larger than original TTL," " adjusting TTL downwards"); d->ttl = origttl; } @@ -1215,7 +1215,7 @@ setup_key_digest(int algo, EVP_PKEY* evp_key, const EVP_MD** digest_type, break; default: - verbose(VERB_DETAIL, "verify: unknown algorithm %d", + verbose(VERB_QUERY, "verify: unknown algorithm %d", algo); return 0; } @@ -1248,7 +1248,7 @@ verify_canonrrset(ldns_buffer* buf, int algo, unsigned char* sigblock, } if(!setup_key_digest(algo, evp_key, &digest_type, key, keylen)) { - verbose(VERB_DETAIL, "verify: failed to setup key"); + verbose(VERB_QUERY, "verify: failed to setup key"); EVP_PKEY_free(evp_key); return sec_status_bogus; } @@ -1292,18 +1292,18 @@ dnskey_verify_rrset_sig(struct regional* region, ldns_buffer* buf, rrset_get_rdata(rrset, rrnum + sig_idx, &sig, &siglen); /* min length of rdatalen, fixed rrsig, root signer, 1 byte sig */ if(siglen < 2+20) { - verbose(VERB_DETAIL, "verify: signature too short"); + verbose(VERB_QUERY, "verify: signature too short"); return sec_status_bogus; } if(!(dnskey_get_flags(dnskey, dnskey_idx) & DNSKEY_BIT_ZSK)) { - verbose(VERB_DETAIL, "verify: dnskey without ZSK flag"); + verbose(VERB_QUERY, "verify: dnskey without ZSK flag"); return sec_status_bogus; } if(dnskey_get_protocol(dnskey, dnskey_idx) != LDNS_DNSSEC_KEYPROTO) { /* RFC 4034 says DNSKEY PROTOCOL MUST be 3 */ - verbose(VERB_DETAIL, "verify: dnskey has wrong key protocol"); + verbose(VERB_QUERY, "verify: dnskey has wrong key protocol"); return sec_status_bogus; } @@ -1311,46 +1311,46 @@ dnskey_verify_rrset_sig(struct regional* region, ldns_buffer* buf, signer = sig+2+18; signer_len = dname_valid(signer, siglen-2-18); if(!signer_len) { - verbose(VERB_DETAIL, "verify: malformed signer name"); + verbose(VERB_QUERY, "verify: malformed signer name"); return sec_status_bogus; /* signer name invalid */ } if(!dname_subdomain_c(rrset->rk.dname, signer)) { - verbose(VERB_DETAIL, "verify: signer name is off-tree"); + verbose(VERB_QUERY, "verify: signer name is off-tree"); return sec_status_bogus; /* signer name offtree */ } sigblock = (unsigned char*)signer+signer_len; if(siglen < 2+18+signer_len+1) { - verbose(VERB_DETAIL, "verify: too short, no signature data"); + verbose(VERB_QUERY, "verify: too short, no signature data"); return sec_status_bogus; /* sig rdf is < 1 byte */ } sigblock_len = (unsigned int)(siglen - 2 - 18 - signer_len); /* verify key dname == sig signer name */ if(query_dname_compare(signer, dnskey->rk.dname) != 0) { - verbose(VERB_DETAIL, "verify: wrong key for rrsig"); + verbose(VERB_QUERY, "verify: wrong key for rrsig"); return sec_status_bogus; } /* verify covered type */ /* memcmp works because type is in network format for rrset */ if(memcmp(sig+2, &rrset->rk.type, 2) != 0) { - verbose(VERB_DETAIL, "verify: wrong type covered"); + verbose(VERB_QUERY, "verify: wrong type covered"); return sec_status_bogus; } /* verify keytag and sig algo (possibly again) */ if((int)sig[2+2] != dnskey_get_algo(dnskey, dnskey_idx)) { - verbose(VERB_DETAIL, "verify: wrong algorithm"); + verbose(VERB_QUERY, "verify: wrong algorithm"); return sec_status_bogus; } ktag = htons(dnskey_calc_keytag(dnskey, dnskey_idx)); if(memcmp(sig+2+16, &ktag, 2) != 0) { - verbose(VERB_DETAIL, "verify: wrong keytag"); + verbose(VERB_QUERY, "verify: wrong keytag"); return sec_status_bogus; } /* verify labels is in a valid range */ if((int)sig[2+3] > dname_signame_label_count(rrset->rk.dname)) { - verbose(VERB_DETAIL, "verify: labelcount out of range"); + verbose(VERB_QUERY, "verify: labelcount out of range"); return sec_status_bogus; } @@ -1375,7 +1375,7 @@ dnskey_verify_rrset_sig(struct regional* region, ldns_buffer* buf, /* check that dnskey is available */ dnskey_get_pubkey(dnskey, dnskey_idx, &key, &keylen); if(!key) { - verbose(VERB_DETAIL, "verify: short DNSKEY RR"); + verbose(VERB_QUERY, "verify: short DNSKEY RR"); return sec_status_unchecked; } diff --git a/validator/val_utils.c b/validator/val_utils.c index 821c31ff0..79cd5f4be 100644 --- a/validator/val_utils.c +++ b/validator/val_utils.c @@ -273,7 +273,7 @@ val_find_signer(enum val_classification subtype, struct query_info* qinf, *signer_name = NULL; *signer_len = 0; } else { - verbose(VERB_DETAIL, "find_signer: could not find signer name" + verbose(VERB_QUERY, "find_signer: could not find signer name" " for unknown type response"); *signer_name = NULL; *signer_len = 0; @@ -423,7 +423,7 @@ val_verify_new_DNSKEYs(struct regional* region, struct module_env* env, if(dnskey_rrset->rk.dname_len != ds_rrset->rk.dname_len || query_dname_compare(dnskey_rrset->rk.dname, ds_rrset->rk.dname) != 0) { - verbose(VERB_DETAIL, "DNSKEY RRset did not match DS RRset " + verbose(VERB_QUERY, "DNSKEY RRset did not match DS RRset " "by name"); return key_entry_create_bad(region, ds_rrset->rk.dname, ds_rrset->rk.dname_len, @@ -465,7 +465,7 @@ val_verify_new_DNSKEYs(struct regional* region, struct module_env* env, rrset_get_ttl(ds_rrset)); } /* If any were understandable, then it is bad. */ - verbose(VERB_DETAIL, "Failed to match any usable DS to a DNSKEY."); + verbose(VERB_QUERY, "Failed to match any usable DS to a DNSKEY."); return key_entry_create_bad(region, ds_rrset->rk.dname, ds_rrset->rk.dname_len, ntohs(ds_rrset->rk.rrset_class)); } @@ -642,7 +642,7 @@ val_check_nonsecure(struct val_env* ve, struct reply_info* rep) * But this rrset did not verify. * Therefore the message is bogus. */ - log_nametypeclass(VERB_DETAIL, "message is bogus, " + log_nametypeclass(VERB_QUERY, "message is bogus, " "non secure rrset", rep->rrsets[i]->rk.dname, ntohs(rep->rrsets[i]->rk.type), diff --git a/validator/validator.c b/validator/validator.c index 6c4f00156..2cae040d5 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -392,7 +392,7 @@ validate_msg_signatures(struct module_env* env, struct val_env* ve, /* If the (answer) rrset failed to validate, then this * message is BAD. */ if(sec != sec_status_secure) { - log_nametypeclass(VERB_DETAIL, "validator: response " + log_nametypeclass(VERB_QUERY, "validator: response " "has failed ANSWER rrset:", s->rk.dname, ntohs(s->rk.type), ntohs(s->rk.rrset_class)); chase_reply->security = sec_status_bogus; @@ -415,7 +415,7 @@ validate_msg_signatures(struct module_env* env, struct val_env* ve, /* If anything in the authority section fails to be secure, * we have a bad message. */ if(sec != sec_status_secure) { - log_nametypeclass(VERB_DETAIL, "validator: response " + log_nametypeclass(VERB_QUERY, "validator: response " "has failed AUTHORITY rrset:", s->rk.dname, ntohs(s->rk.type), ntohs(s->rk.rrset_class)); chase_reply->security = sec_status_bogus; @@ -470,7 +470,7 @@ validate_positive_response(struct module_env* env, struct val_env* ve, * expansion. If so, an additional check will need to be * made in the authority section. */ if(!val_rrset_wildcard(s, &wc)) { - log_nametypeclass(VERB_DETAIL, "Positive response has " + log_nametypeclass(VERB_QUERY, "Positive response has " "inconsistent wildcard sigs:", s->rk.dname, ntohs(s->rk.type), ntohs(s->rk.rrset_class)); chase_reply->security = sec_status_bogus; @@ -521,7 +521,7 @@ validate_positive_response(struct module_env* env, struct val_env* ve, /* If after all this, we still haven't proven the positive wildcard * response, fail. */ if(wc != NULL && !wc_NSEC_ok) { - verbose(VERB_DETAIL, "positive response was wildcard " + verbose(VERB_QUERY, "positive response was wildcard " "expansion and did not prove original data " "did not exist"); chase_reply->security = sec_status_bogus; @@ -613,7 +613,7 @@ validate_nodata_response(struct module_env* env, struct val_env* ve, } if(!has_valid_nsec) { - verbose(VERB_DETAIL, "NODATA response failed to prove NODATA " + verbose(VERB_QUERY, "NODATA response failed to prove NODATA " "status with NSEC/NSEC3"); if(verbosity >= VERB_ALGO) log_dns_msg("Failed NODATA", qchase, chase_reply); @@ -671,7 +671,7 @@ validate_nameerror_response(struct module_env* env, struct val_env* ve, chase_reply->rrsets, chase_reply->an_numrrsets+ chase_reply->ns_numrrsets, qchase, kkey); if(chase_reply->security != sec_status_secure) { - verbose(VERB_DETAIL, "NameError response failed nsec, " + verbose(VERB_QUERY, "NameError response failed nsec, " "nsec3 proof was %s", sec_status_to_string( chase_reply->security)); return; @@ -682,14 +682,14 @@ validate_nameerror_response(struct module_env* env, struct val_env* ve, /* If the message fails to prove either condition, it is bogus. */ if(!has_valid_nsec) { - verbose(VERB_DETAIL, "NameError response has failed to prove: " + verbose(VERB_QUERY, "NameError response has failed to prove: " "qname does not exist"); chase_reply->security = sec_status_bogus; return; } if(!has_valid_wnsec) { - verbose(VERB_DETAIL, "NameError response has failed to prove: " + verbose(VERB_QUERY, "NameError response has failed to prove: " "covering wildcard does not exist"); chase_reply->security = sec_status_bogus; return; @@ -780,7 +780,7 @@ validate_any_response(struct module_env* env, struct val_env* ve, * expansion. If so, an additional check will need to be * made in the authority section. */ if(!val_rrset_wildcard(s, &wc)) { - log_nametypeclass(VERB_DETAIL, "Positive ANY response" + log_nametypeclass(VERB_QUERY, "Positive ANY response" " has inconsistent wildcard sigs:", s->rk.dname, ntohs(s->rk.type), ntohs(s->rk.rrset_class)); @@ -835,7 +835,7 @@ validate_any_response(struct module_env* env, struct val_env* ve, /* If after all this, we still haven't proven the positive wildcard * response, fail. */ if(wc != NULL && !wc_NSEC_ok) { - verbose(VERB_DETAIL, "positive ANY response was wildcard " + verbose(VERB_QUERY, "positive ANY response was wildcard " "expansion and did not prove original data " "did not exist"); chase_reply->security = sec_status_bogus; @@ -881,7 +881,7 @@ validate_cname_response(struct module_env* env, struct val_env* ve, * expansion. If so, an additional check will need to be * made in the authority section. */ if(!val_rrset_wildcard(s, &wc)) { - log_nametypeclass(VERB_DETAIL, "Cname response has " + log_nametypeclass(VERB_QUERY, "Cname response has " "inconsistent wildcard sigs:", s->rk.dname, ntohs(s->rk.type), ntohs(s->rk.rrset_class)); chase_reply->security = sec_status_bogus; @@ -893,7 +893,7 @@ validate_cname_response(struct module_env* env, struct val_env* ve, * its synthesized CNAME expansion is underdefined */ if(qchase->qtype != LDNS_RR_TYPE_DNAME && ntohs(s->rk.type) == LDNS_RR_TYPE_DNAME && wc) { - log_nametypeclass(VERB_DETAIL, "cannot validate a " + log_nametypeclass(VERB_QUERY, "cannot validate a " "wildcarded DNAME:", s->rk.dname, ntohs(s->rk.type), ntohs(s->rk.rrset_class)); chase_reply->security = sec_status_bogus; @@ -943,7 +943,7 @@ validate_cname_response(struct module_env* env, struct val_env* ve, /* If after all this, we still haven't proven the positive wildcard * response, fail. */ if(wc != NULL && !wc_NSEC_ok) { - verbose(VERB_DETAIL, "CNAME response was wildcard " + verbose(VERB_QUERY, "CNAME response was wildcard " "expansion and did not prove original data " "did not exist"); chase_reply->security = sec_status_bogus; @@ -1026,7 +1026,7 @@ validate_cname_noanswer_response(struct module_env* env, struct val_env* ve, } if(nodata_valid_nsec && nxdomain_valid_nsec) { - verbose(VERB_DETAIL, "CNAMEchain to noanswer proves that name " + verbose(VERB_QUERY, "CNAMEchain to noanswer proves that name " "exists and not exists, bogus"); chase_reply->security = sec_status_bogus; return; @@ -1049,7 +1049,7 @@ validate_cname_noanswer_response(struct module_env* env, struct val_env* ve, } if(!nodata_valid_nsec && !nxdomain_valid_nsec) { - verbose(VERB_DETAIL, "CNAMEchain to noanswer response failed " + verbose(VERB_QUERY, "CNAMEchain to noanswer response failed " "to prove status with NSEC/NSEC3"); if(verbosity >= VERB_ALGO) log_dns_msg("Failed CNAMEnoanswer", qchase, chase_reply); @@ -1154,7 +1154,7 @@ processInit(struct module_qstate* qstate, struct val_qstate* vq, vq->trust_anchor = vq->trust_anchor->parent; } if(!vq->trust_anchor) { /* unsigned parent denies anchor*/ - verbose(VERB_DETAIL, "unsigned parent zone denies" + verbose(VERB_QUERY, "unsigned parent zone denies" " trust anchor, indeterminate"); vq->chase_reply->security = sec_status_indeterminate; vq->state = VAL_FINISHED_STATE; @@ -1366,14 +1366,14 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq, if(vq->signer_name == NULL) { log_query_info(VERB_ALGO, "processValidate: state has no " "signer name", &vq->qchase); - verbose(VERB_DETAIL, "Could not establish validation of " + verbose(VERB_QUERY, "Could not establish validation of " "INSECURE status of unsigned response."); vq->chase_reply->security = sec_status_bogus; return 1; } if(key_entry_isbad(vq->key_entry)) { - log_nametypeclass(VERB_DETAIL, "Could not establish a chain " + log_nametypeclass(VERB_QUERY, "Could not establish a chain " "of trust to keys for", vq->key_entry->name, LDNS_RR_TYPE_DNSKEY, vq->key_entry->key_class); vq->chase_reply->security = sec_status_bogus; @@ -1384,7 +1384,7 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq, * answer and authority must be valid, additional is only checked. */ if(!validate_msg_signatures(qstate->env, ve, &vq->qchase, vq->chase_reply, vq->key_entry)) { - verbose(VERB_DETAIL, "Validate: message contains bad rrsets"); + verbose(VERB_QUERY, "Validate: message contains bad rrsets"); return 1; } @@ -1585,13 +1585,13 @@ val_operate(struct module_qstate* qstate, enum module_ev event, int id, { struct val_env* ve = (struct val_env*)qstate->env->modinfo[id]; struct val_qstate* vq = (struct val_qstate*)qstate->minfo[id]; - verbose(VERB_DETAIL, "validator[module %d] operate: extstate:%s " + verbose(VERB_QUERY, "validator[module %d] operate: extstate:%s " "event:%s", id, strextstate(qstate->ext_state[id]), strmodulevent(event)); - log_query_info(VERB_DETAIL, "validator operate: query", + log_query_info(VERB_QUERY, "validator operate: query", &qstate->qinfo); if(vq && qstate->qinfo.qname != vq->qchase.qname) - log_query_info(VERB_DETAIL, "validator operate: chased to", + log_query_info(VERB_QUERY, "validator operate: chased to", &vq->qchase); (void)outbound; if(event == module_event_new || @@ -1758,7 +1758,7 @@ ds_response_to_ke(struct module_qstate* qstate, struct val_qstate* vq, enum val_classification subtype; if(rcode != LDNS_RCODE_NOERROR) { /* errors here pretty much break validation */ - verbose(VERB_DETAIL, "DS response was error, thus bogus"); + verbose(VERB_QUERY, "DS response was error, thus bogus"); goto return_bogus; } @@ -1779,7 +1779,7 @@ ds_response_to_ke(struct module_qstate* qstate, struct val_qstate* vq, sec = val_verify_rrset_entry(qstate->env, ve, ds, vq->key_entry); if(sec != sec_status_secure) { - verbose(VERB_DETAIL, "DS rrset in DS response did " + verbose(VERB_QUERY, "DS rrset in DS response did " "not verify"); goto return_bogus; } @@ -1829,7 +1829,7 @@ ds_response_to_ke(struct module_qstate* qstate, struct val_qstate* vq, *ke = NULL; return 1; case sec_status_bogus: - verbose(VERB_DETAIL, "NSEC RRset for the " + verbose(VERB_QUERY, "NSEC RRset for the " "referral did not prove no DS."); goto return_bogus; case sec_status_unchecked: @@ -1855,7 +1855,7 @@ ds_response_to_ke(struct module_qstate* qstate, struct val_qstate* vq, *ke = NULL; return 1; case sec_status_bogus: - verbose(VERB_DETAIL, "NSEC3s for the " + verbose(VERB_QUERY, "NSEC3s for the " "referral did not prove no DS."); goto return_bogus; case sec_status_insecure: @@ -1867,11 +1867,11 @@ ds_response_to_ke(struct module_qstate* qstate, struct val_qstate* vq, /* Apparently, no available NSEC/NSEC3 proved NODATA, so * this is BOGUS. */ - verbose(VERB_DETAIL, "DS %s ran out of options, so return " + verbose(VERB_QUERY, "DS %s ran out of options, so return " "bogus", val_classification_to_string(subtype)); goto return_bogus; } else { - verbose(VERB_DETAIL, "Encountered an unhandled type of " + verbose(VERB_QUERY, "Encountered an unhandled type of " "DS response, thus bogus."); return_bogus: *ke = key_entry_create_bad(qstate->region, qinfo->qname, @@ -1967,7 +1967,7 @@ process_dnskey_response(struct module_qstate* qstate, struct val_qstate* vq, if(dnskey == NULL) { /* bad response */ - verbose(VERB_DETAIL, "Missing DNSKEY RRset in response to " + verbose(VERB_QUERY, "Missing DNSKEY RRset in response to " "DNSKEY query."); vq->key_entry = key_entry_create_bad(qstate->region, qinfo->qname, qinfo->qname_len, qinfo->qclass); @@ -1996,7 +1996,7 @@ process_dnskey_response(struct module_qstate* qstate, struct val_qstate* vq, * state. */ if(!key_entry_isgood(vq->key_entry)) { if(key_entry_isbad(vq->key_entry)) - verbose(VERB_DETAIL, "Did not match a DS to a DNSKEY, " + verbose(VERB_QUERY, "Did not match a DS to a DNSKEY, " "thus bogus."); vq->state = VAL_VALIDATE_STATE; return;