From: Miek Gieben <miekg@NLnetLabs.nl>
Date: Mon, 13 Feb 2006 11:13:13 +0000 (+0000)
Subject: added some printing function that only print a partial DNSKEY
X-Git-Tag: release-1.1.0~354
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d02e770a45e84d88794e316e662e5166efa397a6;p=thirdparty%2Fldns.git

added some printing function that only print a partial DNSKEY
or RRSIG.
This makes the screen less messy when printing a large DNSSEC trace
---

diff --git a/drill/drill_util.c b/drill/drill_util.c
index 01675ec0..468f0dc0 100644
--- a/drill/drill_util.c
+++ b/drill/drill_util.c
@@ -11,7 +11,6 @@
 #include "drill.h"
 #include <ldns/dns.h>
 
-/* lnds_rr_new_frm_fp?? */
 ldns_rr *
 read_key_file(const char *filename)
 {
@@ -87,6 +86,112 @@ print_ds_of_keys(ldns_pkt *p)
 	}
 }
 
+/* print some of the elements of a signature */
+void
+print_rrsig_abbr(FILE *fp, ldns_rr *sig) {
+	ldns_lookup_table *lt;
+	if (!sig) {
+		return;
+	}
+
+	if (ldns_rr_get_type(sig) != LDNS_RR_TYPE_RRSIG) {
+		return;
+	}
+
+	ldns_rdf_print(fp, ldns_rr_owner(sig));
+	fprintf(fp, " %d", (int)ldns_rr_ttl(sig));
+
+        lt = ldns_lookup_by_id(ldns_rr_classes, ldns_rr_get_class(sig));
+        if (lt) {
+               	fprintf(fp, " %s", lt->name);
+        } else {
+        	fprintf(fp, " CLASS%d", ldns_rr_get_class(sig));
+        }
+	fprintf(fp, " RRSIG ");
+
+	/* print a number of rdf's */
+	/* typecovered */
+	ldns_rdf_print(fp, ldns_rr_rdf(sig, 0)); fprintf(fp, " ");
+	/* algo */
+	ldns_rdf_print(fp, ldns_rr_rdf(sig, 1)); fprintf(fp, " ");
+	/* labels */
+	ldns_rdf_print(fp, ldns_rr_rdf(sig, 2)); fprintf(fp, " ");
+	/* expir */
+	ldns_rdf_print(fp, ldns_rr_rdf(sig, 4)); fprintf(fp, " ");
+	/* incep */	
+	ldns_rdf_print(fp, ldns_rr_rdf(sig, 5)); fprintf(fp, " ");
+	/* key-id */	
+	ldns_rdf_print(fp, ldns_rr_rdf(sig, 6)); fprintf(fp, " ");
+	/* key owner */
+	ldns_rdf_print(fp, ldns_rr_rdf(sig, 7)); fprintf(fp, "\n");
+}
+
+void
+print_rrsig_list_abbr(FILE *fp, ldns_rr_list *sig)
+{
+	size_t i;
+
+	for(i = 0; i < ldns_rr_list_rr_count(sig); i++) {
+		print_rrsig_abbr(fp, ldns_rr_list_rr(sig, i));
+	}
+}
+
+void
+print_dnskey_abbr(FILE *fp, ldns_rr *key)
+{
+	ldns_lookup_table *lt;
+        if (!key) {
+                return;
+        }
+
+        if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY) {
+                return;
+        }
+
+        ldns_rdf_print(fp, ldns_rr_owner(key));
+        fprintf(fp, " %d", (int)ldns_rr_ttl(key));
+
+        lt = ldns_lookup_by_id(ldns_rr_classes, ldns_rr_get_class(key));
+        if (lt) {
+                fprintf(fp, " %s", lt->name);
+        } else {
+                fprintf(fp, " CLASS%d", ldns_rr_get_class(key));
+        }
+        fprintf(fp, " DNSKEY ");
+
+        /* print a number of rdf's */
+        /* flags */
+        ldns_rdf_print(fp, ldns_rr_rdf(key, 0)); fprintf(fp, " ");
+        /* proto */
+        ldns_rdf_print(fp, ldns_rr_rdf(key, 1)); fprintf(fp, " ");
+        /* algo */
+        ldns_rdf_print(fp, ldns_rr_rdf(key, 2));
+
+	if (ldns_rdf2native_int16(ldns_rr_rdf(key, 0)) == 256) {
+		fprintf(fp, " ;{id = %d (zsk), size = %db}", (int)ldns_calc_keytag(key),
+				(int)ldns_rr_dnskey_key_size(key));
+		return;
+	}
+	if (ldns_rdf2native_int16(ldns_rr_rdf(key, 0)) == 257) {
+		fprintf(fp, " ;{id = %d (ksk), size = %db}", (int)ldns_calc_keytag(key),
+				(int)ldns_rr_dnskey_key_size(key));
+		return;
+	}
+	fprintf(fp, " ;{id = %d, size = %db}", (int)ldns_calc_keytag(key),
+			(int)ldns_rr_dnskey_key_size(key));
+}
+
+void
+print_dnskey_list_abbr(FILE *fp, ldns_rr_list *key)
+{
+	size_t i;
+
+	for(i = 0; i < ldns_rr_list_rr_count(key); i++) {
+		print_dnskey_abbr(fp, ldns_rr_list_rr(key, i));
+	}
+}
+
+
 void *
 xmalloc(size_t s)
 {
diff --git a/drill/drill_util.h b/drill/drill_util.h
index eebfe459..2e5e72a8 100644
--- a/drill/drill_util.h
+++ b/drill/drill_util.h
@@ -23,6 +23,26 @@ ldns_rdf * ldns_rdf_new_addr_frm_str(char *);
  */
 void print_ds_of_keys(ldns_pkt *p);
 
+/**
+ * print some rdfs of a signature
+ */
+void print_rrsig_abbr(FILE *fp, ldns_rr *sig);
+
+/**
+ * print some rdfs of a signature list
+ */
+void print_rrsig_list_abbr(FILE *fp, ldns_rr_list *sig);
+
+/**
+ * print some rdfs of a dnskey
+ */
+void print_dnskey_abbr(FILE *fp, ldns_rr *sig);
+
+/**
+ * print some rdfs of a dnskey list
+ */
+void print_dnskey_list_abbr(FILE *fp, ldns_rr_list *sig);
+
 /**
  * Alloc some memory, with error checking
  */
diff --git a/drill/securetrace.c b/drill/securetrace.c
index 20da016e..85019320 100644
--- a/drill/securetrace.c
+++ b/drill/securetrace.c
@@ -36,6 +36,7 @@ check_ds_key_equiv(ldns_rr *key, ldns_rr *ds)
  * return the keys records that match some of the
  * DSs
  */
+/*@unused@*/
 static ldns_rr_list *
 check_ds_key_equiv_rr_list(ldns_rr_list *key, ldns_rr_list *ds)
 {
@@ -363,7 +364,7 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
 
 		if (key_list) {
 			printf("Got KEYS!\n");
-			ldns_rr_list_print(stdout, sig_list);
+			print_rrsig_list_abbr(stdout, sig_list);
 			ds_list = get_ds(res, authname, &sig_list);
 			if (ds_list) {
 				ldns_rr_list_print(stdout, ds_list);