added some printing function that only print a partial DNSKEY

or RRSIG.
This makes the screen less messy when printing a large DNSSEC trace

diff --git a/drill/drill_util.c b/drill/drill_util.c
index 01675ec0f929dc38e22cef023cf7b19f49c96c5c..468f0dc07e29d48f95bd56653409587288a08767 100644 (file)
--- a/drill/drill_util.c
+++ b/drill/drill_util.c
@@ -11,7 +11,6 @@
 #include "drill.h"
 #include <ldns/dns.h>
 
-/* lnds_rr_new_frm_fp?? */
 ldns_rr *
 read_key_file(const char *filename)
 {
@@ -87,6 +86,112 @@ print_ds_of_keys(ldns_pkt *p)
        }
 }
 
+/* print some of the elements of a signature */
+void
+print_rrsig_abbr(FILE *fp, ldns_rr *sig) {
+       ldns_lookup_table *lt;
+       if (!sig) {
+               return;
+       }
+
+       if (ldns_rr_get_type(sig) != LDNS_RR_TYPE_RRSIG) {
+               return;
+       }
+
+       ldns_rdf_print(fp, ldns_rr_owner(sig));
+       fprintf(fp, " %d", (int)ldns_rr_ttl(sig));
+
+        lt = ldns_lookup_by_id(ldns_rr_classes, ldns_rr_get_class(sig));
+        if (lt) {
+                       fprintf(fp, " %s", lt->name);
+        } else {
+               fprintf(fp, " CLASS%d", ldns_rr_get_class(sig));
+        }
+       fprintf(fp, " RRSIG ");
+
+       /* print a number of rdf's */
+       /* typecovered */
+       ldns_rdf_print(fp, ldns_rr_rdf(sig, 0)); fprintf(fp, " ");
+       /* algo */
+       ldns_rdf_print(fp, ldns_rr_rdf(sig, 1)); fprintf(fp, " ");
+       /* labels */
+       ldns_rdf_print(fp, ldns_rr_rdf(sig, 2)); fprintf(fp, " ");
+       /* expir */
+       ldns_rdf_print(fp, ldns_rr_rdf(sig, 4)); fprintf(fp, " ");
+       /* incep */     
+       ldns_rdf_print(fp, ldns_rr_rdf(sig, 5)); fprintf(fp, " ");
+       /* key-id */    
+       ldns_rdf_print(fp, ldns_rr_rdf(sig, 6)); fprintf(fp, " ");
+       /* key owner */
+       ldns_rdf_print(fp, ldns_rr_rdf(sig, 7)); fprintf(fp, "\n");
+}
+
+void
+print_rrsig_list_abbr(FILE *fp, ldns_rr_list *sig)
+{
+       size_t i;
+
+       for(i = 0; i < ldns_rr_list_rr_count(sig); i++) {
+               print_rrsig_abbr(fp, ldns_rr_list_rr(sig, i));
+       }
+}
+
+void
+print_dnskey_abbr(FILE *fp, ldns_rr *key)
+{
+       ldns_lookup_table *lt;
+        if (!key) {
+                return;
+        }
+
+        if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY) {
+                return;
+        }
+
+        ldns_rdf_print(fp, ldns_rr_owner(key));
+        fprintf(fp, " %d", (int)ldns_rr_ttl(key));
+
+        lt = ldns_lookup_by_id(ldns_rr_classes, ldns_rr_get_class(key));
+        if (lt) {
+                fprintf(fp, " %s", lt->name);
+        } else {
+                fprintf(fp, " CLASS%d", ldns_rr_get_class(key));
+        }
+        fprintf(fp, " DNSKEY ");
+
+        /* print a number of rdf's */
+        /* flags */
+        ldns_rdf_print(fp, ldns_rr_rdf(key, 0)); fprintf(fp, " ");
+        /* proto */
+        ldns_rdf_print(fp, ldns_rr_rdf(key, 1)); fprintf(fp, " ");
+        /* algo */
+        ldns_rdf_print(fp, ldns_rr_rdf(key, 2));
+
+       if (ldns_rdf2native_int16(ldns_rr_rdf(key, 0)) == 256) {
+               fprintf(fp, " ;{id = %d (zsk), size = %db}", (int)ldns_calc_keytag(key),
+                               (int)ldns_rr_dnskey_key_size(key));
+               return;
+       }
+       if (ldns_rdf2native_int16(ldns_rr_rdf(key, 0)) == 257) {
+               fprintf(fp, " ;{id = %d (ksk), size = %db}", (int)ldns_calc_keytag(key),
+                               (int)ldns_rr_dnskey_key_size(key));
+               return;
+       }
+       fprintf(fp, " ;{id = %d, size = %db}", (int)ldns_calc_keytag(key),
+                       (int)ldns_rr_dnskey_key_size(key));
+}
+
+void
+print_dnskey_list_abbr(FILE *fp, ldns_rr_list *key)
+{
+       size_t i;
+
+       for(i = 0; i < ldns_rr_list_rr_count(key); i++) {
+               print_dnskey_abbr(fp, ldns_rr_list_rr(key, i));
+       }
+}
+
+
 void *
 xmalloc(size_t s)
 {

diff --git a/drill/drill_util.h b/drill/drill_util.h
index eebfe459d36546aea2fc24baf4f533f286b1a164..2e5e72a89b7d51a6f41006d1b75a9e9206153c06 100644 (file)
--- a/drill/drill_util.h
+++ b/drill/drill_util.h
@@ -23,6 +23,26 @@ ldns_rdf * ldns_rdf_new_addr_frm_str(char *);
  */
 void print_ds_of_keys(ldns_pkt *p);
 
+/**
+ * print some rdfs of a signature
+ */
+void print_rrsig_abbr(FILE *fp, ldns_rr *sig);
+
+/**
+ * print some rdfs of a signature list
+ */
+void print_rrsig_list_abbr(FILE *fp, ldns_rr_list *sig);
+
+/**
+ * print some rdfs of a dnskey
+ */
+void print_dnskey_abbr(FILE *fp, ldns_rr *sig);
+
+/**
+ * print some rdfs of a dnskey list
+ */
+void print_dnskey_list_abbr(FILE *fp, ldns_rr_list *sig);
+
 /**
  * Alloc some memory, with error checking
  */

diff --git a/drill/securetrace.c b/drill/securetrace.c
index 20da016e53a9a282f62ec334e2376758bd368afb..85019320e79d55d042b5f0ef4f4401ffd14ad362 100644 (file)
--- a/drill/securetrace.c
+++ b/drill/securetrace.c
@@ -36,6 +36,7 @@ check_ds_key_equiv(ldns_rr *key, ldns_rr *ds)
  * return the keys records that match some of the
  * DSs
  */
+/*@unused@*/
 static ldns_rr_list *
 check_ds_key_equiv_rr_list(ldns_rr_list *key, ldns_rr_list *ds)
 {
@@ -363,7 +364,7 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
 
                if (key_list) {
                        printf("Got KEYS!\n");
-                       ldns_rr_list_print(stdout, sig_list);
+                       print_rrsig_list_abbr(stdout, sig_list);
                        ds_list = get_ds(res, authname, &sig_list);
                        if (ds_list) {
                                ldns_rr_list_print(stdout, ds_list);