From: Mark Andrews Date: Wed, 28 Oct 2009 00:27:10 +0000 (+0000) Subject: 2741. [func] Allow the dnssec-keygen progress messages to be X-Git-Tag: v9.7.0b2^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c6d2578fd67bc1a427d13fd0699b25a187feec8a;p=thirdparty%2Fbind9.git 2741. [func] Allow the dnssec-keygen progress messages to be suppressed (dnssec-keygen -q). Automatically suppress the progress messages when stdin is not a tty. [RT #20474] --- diff --git a/CHANGES b/CHANGES index c1bbb144dbc..88ed07126cc 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,8 @@ +2741. [func] Allow the dnssec-keygen progress messages to be + suppressed (dnssec-keygen -q). Automatically + suppress the progress messages when stdin is not + a tty. [RT #20474] + 2740. [func] Identify bad answers from GTLD servers and treat them as referrals. [RT #18884] diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c index b7ec3d1de09..b40d477a715 100644 --- a/bin/dnssec/dnssec-keygen.c +++ b/bin/dnssec/dnssec-keygen.c @@ -29,7 +29,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dnssec-keygen.c,v 1.105 2009/10/27 18:56:48 each Exp $ */ +/* $Id: dnssec-keygen.c,v 1.106 2009/10/28 00:27:10 marka Exp $ */ /*! \file */ @@ -37,6 +37,7 @@ #include #include +#include #include #include @@ -175,7 +176,7 @@ progress(int p) c = '*'; break; case 3: - c = '\n'; + c = ' '; break; default: break; @@ -225,6 +226,8 @@ main(int argc, char **argv) { isc_boolean_t unsetrev = ISC_FALSE, unsetinact = ISC_FALSE; isc_boolean_t unsetdel = ISC_FALSE; isc_boolean_t genonly = ISC_FALSE; + isc_boolean_t quiet = ISC_FALSE; + isc_boolean_t show_progress = ISC_FALSE; if (argc == 1) usage(); @@ -236,7 +239,7 @@ main(int argc, char **argv) { /* * Process memory debugging argument first. */ -#define CMDLINE_FLAGS "3a:b:Cc:d:E:eFf:g:K:km:n:p:r:s:T:t:v:hGP:A:R:I:D:" +#define CMDLINE_FLAGS "3a:b:Cc:d:E:eFf:g:K:km:n:p:qr:s:T:t:v:hGP:A:R:I:D:" while ((ch = isc_commandline_parse(argc, argv, CMDLINE_FLAGS)) != -1) { switch (ch) { case 'm': @@ -329,6 +332,9 @@ main(int argc, char **argv) { fatal("-p must be followed by a number " "[0..255]"); break; + case 'q': + quiet = ISC_TRUE; + break; case 'r': setup_entropy(mctx, isc_commandline_argument, &ectx); break; @@ -443,6 +449,9 @@ main(int argc, char **argv) { } } + if (!isatty(0)) + quiet = ISC_TRUE; + if (ectx == NULL) setup_entropy(mctx, NULL, &ectx); ret = dst_lib_init2(mctx, ectx, engine, @@ -688,12 +697,18 @@ main(int argc, char **argv) { case DNS_KEYALG_RSASHA256: case DNS_KEYALG_RSASHA512: param = rsa_exp; + show_progress = ISC_TRUE; break; + case DNS_KEYALG_DH: param = generator; break; + case DNS_KEYALG_DSA: case DNS_KEYALG_NSEC3DSA: + show_progress = ISC_TRUE; + /* fall through */ + case DST_ALG_HMACMD5: case DST_ALG_HMACSHA1: case DST_ALG_HMACSHA224: @@ -713,10 +728,19 @@ main(int argc, char **argv) { conflict = ISC_FALSE; oldkey = NULL; - /* generate the key */ - ret = dst_key_generate2(name, alg, size, param, flags, - protocol, rdclass, mctx, &key, - &progress); + if (!quiet && show_progress) { + fprintf(stderr, "Generating key pair."); + ret = dst_key_generate2(name, alg, size, param, flags, + protocol, rdclass, mctx, &key, + &progress); + putc('\n', stderr); + fflush(stderr); + } else { + ret = dst_key_generate2(name, alg, size, param, flags, + protocol, rdclass, mctx, &key, + NULL); + } + isc_entropy_stopcallbacksources(ectx); if (ret != ISC_R_SUCCESS) { diff --git a/bin/dnssec/dnssec-keygen.docbook b/bin/dnssec/dnssec-keygen.docbook index 5afc009fd22..713e3ca8479 100644 --- a/bin/dnssec/dnssec-keygen.docbook +++ b/bin/dnssec/dnssec-keygen.docbook @@ -18,7 +18,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> - + June 30, 2000 @@ -75,6 +75,7 @@ + @@ -304,6 +305,25 @@ + + -q + + + Quiet mode: Suppresses unnecessary output, including + progress indication. Without this option, when + dnssec-keygen is run interactively + to generate an RSA or DSA key pair, it will print a string + of symbols to stderr indicating the + progress of the key generation. A '.' indicates that a + random number has been found which passed an initial + sieve test; '+' means a number has passed a single + round of the Miller-Rabin primality test; a space + means that the number has passed all the tests and is + a satisfactory key. + + + + -r randomdev diff --git a/bin/tests/system/dnssec/ns1/sign.sh b/bin/tests/system/dnssec/ns1/sign.sh index 55e11bba455..95c395c91fe 100644 --- a/bin/tests/system/dnssec/ns1/sign.sh +++ b/bin/tests/system/dnssec/ns1/sign.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.29 2009/10/27 22:25:37 marka Exp $ +# $Id: sign.sh,v 1.30 2009/10/28 00:27:10 marka Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -31,7 +31,7 @@ zonefile=root.db cp ../ns2/dsset-example. . cp ../ns2/dsset-dlv. . -keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` cat $infile $keyname.key > $zonefile diff --git a/bin/tests/system/dnssec/ns2/sign.sh b/bin/tests/system/dnssec/ns2/sign.sh index 17df3d27607..0d47b90959a 100644 --- a/bin/tests/system/dnssec/ns2/sign.sh +++ b/bin/tests/system/dnssec/ns2/sign.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.34 2009/10/27 22:25:37 marka Exp $ +# $Id: sign.sh,v 1.35 2009/10/28 00:27:10 marka Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -36,8 +36,8 @@ do cp ../ns3/dsset-$subdomain.example. . done -keyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone` -keyname2=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone` +keyname1=`$KEYGEN -q -r $RANDFILE -a DSA -b 768 -n zone $zone` +keyname2=`$KEYGEN -q -r $RANDFILE -a DSA -b 768 -n zone $zone` cat $infile $keyname1.key $keyname2.key >$zonefile @@ -49,7 +49,7 @@ privzone=private.secure.example. privinfile=private.secure.example.db.in privzonefile=private.secure.example.db -privkeyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $privzone` +privkeyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $privzone` cat $privinfile $privkeyname.key >$privzonefile @@ -62,7 +62,7 @@ dlvzone=dlv. dlvinfile=dlv.db.in dlvzonefile=dlv.db -dlvkeyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $dlvzone` +dlvkeyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $dlvzone` cat $dlvinfile $dlvkeyname.key dlvset-$privzone > $dlvzonefile diff --git a/bin/tests/system/dnssec/ns3/sign.sh b/bin/tests/system/dnssec/ns3/sign.sh index 936de270d13..faab14a769c 100644 --- a/bin/tests/system/dnssec/ns3/sign.sh +++ b/bin/tests/system/dnssec/ns3/sign.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.29 2009/10/27 22:25:37 marka Exp $ +# $Id: sign.sh,v 1.30 2009/10/28 00:27:10 marka Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -26,7 +26,7 @@ zone=secure.example. infile=secure.example.db.in zonefile=secure.example.db -keyname=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -36,7 +36,7 @@ zone=bogus.example. infile=bogus.example.db.in zonefile=bogus.example.db -keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -46,8 +46,8 @@ zone=dynamic.example. infile=dynamic.example.db.in zonefile=dynamic.example.db -keyname1=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` -keyname2=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 1024 -n zone -f KSK $zone` +keyname1=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` +keyname2=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 1024 -n zone -f KSK $zone` cat $infile $keyname1.key $keyname2.key >$zonefile @@ -57,7 +57,7 @@ zone=keyless.example. infile=keyless.example.db.in zonefile=keyless.example.db -keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -77,7 +77,7 @@ zone=secure.nsec3.example. infile=secure.nsec3.example.db.in zonefile=secure.nsec3.example.db -keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -90,7 +90,7 @@ zone=nsec3.nsec3.example. infile=nsec3.nsec3.example.db.in zonefile=nsec3.nsec3.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -103,7 +103,7 @@ zone=optout.nsec3.example. infile=optout.nsec3.example.db.in zonefile=optout.nsec3.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -116,7 +116,7 @@ zone=nsec3.example. infile=nsec3.example.db.in zonefile=nsec3.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -129,7 +129,7 @@ zone=secure.optout.example. infile=secure.optout.example.db.in zonefile=secure.optout.example.db -keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -142,7 +142,7 @@ zone=nsec3.optout.example. infile=nsec3.optout.example.db.in zonefile=nsec3.optout.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -155,7 +155,7 @@ zone=optout.optout.example. infile=optout.optout.example.db.in zonefile=optout.optout.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -168,7 +168,7 @@ zone=optout.example. infile=optout.example.db.in zonefile=optout.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -181,7 +181,7 @@ zone=nsec3-unknown.example. infile=nsec3-unknown.example.db.in zonefile=nsec3-unknown.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -194,7 +194,7 @@ zone=optout-unknown.example. infile=optout-unknown.example.db.in zonefile=optout-unknown.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -207,7 +207,7 @@ zone=multiple.example. infile=multiple.example.db.in zonefile=multiple.example.db -keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -230,7 +230,7 @@ zone=rsasha256.example. infile=rsasha256.example.db.in zonefile=rsasha256.example.db -keyname=`$KEYGEN -r $RANDFILE -a RSASHA256 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA256 -b 768 -n zone $zone` cat $infile $keyname.key >$zonefile @@ -243,7 +243,7 @@ zone=rsasha512.example. infile=rsasha512.example.db.in zonefile=rsasha512.example.db -keyname=`$KEYGEN -r $RANDFILE -a RSASHA512 -b 1024 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA512 -b 1024 -n zone $zone` cat $infile $keyname.key >$zonefile diff --git a/bin/tests/system/dnssec/prereq.sh b/bin/tests/system/dnssec/prereq.sh index 78fafebe435..e5cd5465d3f 100644 --- a/bin/tests/system/dnssec/prereq.sh +++ b/bin/tests/system/dnssec/prereq.sh @@ -15,11 +15,11 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: prereq.sh,v 1.12 2009/03/02 23:47:43 tbox Exp $ +# $Id: prereq.sh,v 1.13 2009/10/28 00:27:10 marka Exp $ ../../../tools/genrandom 400 random.data -if $KEYGEN -a RSAMD5 -b 512 -n zone -r random.data foo > /dev/null 2>&1 +if $KEYGEN -q -a RSAMD5 -b 512 -n zone -r random.data foo > /dev/null 2>&1 then rm -f Kfoo* else