static void
print_yaml(dns_dtdata_t *dt) {
Dnstap__Dnstap *frame = dt->frame;
Dnstap__Message *m = frame->message;
const ProtobufCEnumValue *ftype, *mtype;
static isc_boolean_t first = ISC_TRUE;
ftype = protobuf_c_enum_descriptor_get_value(
&dnstap__dnstap__type__descriptor,
frame->type);
if (ftype == NULL)
return;
if (!first)
printf("---\n");
else
first = ISC_FALSE;
printf("type: %s\n", ftype->name);
if (frame->has_identity)
printf("identity: %.*s\n", (int) frame->identity.len,
frame->identity.data);
if (frame->has_version)
printf("version: %.*s\n", (int) frame->version.len,
frame->version.data);
if (frame->type != DNSTAP__DNSTAP__TYPE__MESSAGE)
return;
printf("message:\n");
mtype = protobuf_c_enum_descriptor_get_value(
&dnstap__message__type__descriptor,
m->type);
if (mtype == NULL)
return;
printf(" type: %s\n", mtype->name);
if (!isc_time_isepoch(&dt->qtime)) {
char buf[100];
isc_time_formatISO8601(&dt->qtime, buf, sizeof(buf));
printf(" query_time: !!timestamp %s\n", buf);
}
if (!isc_time_isepoch(&dt->rtime)) {
char buf[100];
isc_time_formatISO8601(&dt->rtime, buf, sizeof(buf));
printf(" response_time: !!timestamp %s\n", buf);
}
if (dt->msgdata.base != NULL) {
printf(" message_size: %zdb\n", (size_t) dt->msgdata.length);
} else
printf(" message_size: 0b\n");
if (m->has_socket_family) {
const ProtobufCEnumValue *type =
protobuf_c_enum_descriptor_get_value(
&dnstap__socket_family__descriptor,
m->socket_family);
if (type != NULL)
printf(" socket_family: %s\n", type->name);
}
printf(" socket_protocol: %s\n", dt->tcp ? "TCP" : "UDP");
if (m->has_query_address) {
ProtobufCBinaryData *ip = &m->query_address;
char buf[100];
(void)inet_ntop(ip->len == 4 ? AF_INET : AF_INET6,
ip->data, buf, sizeof(buf));
printf(" query_address: %s\n", buf);
}
if (m->has_response_address) {
ProtobufCBinaryData *ip = &m->response_address;
char buf[100];
(void)inet_ntop(ip->len == 4 ? AF_INET : AF_INET6,
ip->data, buf, sizeof(buf));
printf(" response_address: %s\n", buf);
}
if (m->has_query_port)
printf(" query_port: %u\n", m->query_port);
if (m->has_response_port)
printf(" response_port: %u\n", m->response_port);
if (m->has_query_zone) {
isc_result_t result;
dns_fixedname_t fn;
dns_name_t *name;
isc_buffer_t b;
dns_decompress_t dctx;
dns_fixedname_init(&fn);
name = dns_fixedname_name(&fn);
isc_buffer_init(&b, m->query_zone.data, m->query_zone.len);
isc_buffer_add(&b, m->query_zone.len);
dns_decompress_init(&dctx, -1, DNS_DECOMPRESS_NONE);
result = dns_name_fromwire(name, &b, &dctx, 0, NULL);
if (result == ISC_R_SUCCESS) {
printf(" query_zone: ");
dns_name_print(name, stdout);
printf("\n");
}
}
if (dt->msg != NULL) {
printf(" %s:\n", ((dt->type & DNS_DTTYPE_QUERY) != 0)
? "query_message_data"
: "response_message_data");
print_packet(dt, &dns_master_style_yaml);
printf(" %s: |\n", ((dt->type & DNS_DTTYPE_QUERY) != 0)
? "query_message"
: "response_message");
print_packet(dt, &dns_master_style_indent);
}
};
/*%
* Writes a public key to disk in DNS format.
*/
static isc_result_t
write_public_key(const dst_key_t *key, int type, const char *directory) {
FILE *fp;
isc_buffer_t keyb, textb, fileb, classb;
isc_region_t r;
char filename[ISC_DIR_NAMEMAX];
unsigned char key_array[DST_KEY_MAXSIZE];
char text_array[DST_KEY_MAXTEXTSIZE];
char class_array[10];
isc_result_t ret;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_fsaccess_t access;
REQUIRE(VALID_KEY(key));
isc_buffer_init(&keyb, key_array, sizeof(key_array));
isc_buffer_init(&textb, text_array, sizeof(text_array));
isc_buffer_init(&classb, class_array, sizeof(class_array));
ret = dst_key_todns(key, &keyb);
if (ret != ISC_R_SUCCESS)
return (ret);
isc_buffer_usedregion(&keyb, &r);
dns_rdata_fromregion(&rdata, key->key_class, dns_rdatatype_dnskey, &r);
ret = dns_rdata_totext(&rdata, (dns_name_t *) NULL, &textb);
if (ret != ISC_R_SUCCESS)
return (DST_R_INVALIDPUBLICKEY);
ret = dns_rdataclass_totext(key->key_class, &classb);
if (ret != ISC_R_SUCCESS)
return (DST_R_INVALIDPUBLICKEY);
/*
* Make the filename.
*/
isc_buffer_init(&fileb, filename, sizeof(filename));
ret = dst_key_buildfilename(key, DST_TYPE_PUBLIC, directory, &fileb);
if (ret != ISC_R_SUCCESS)
return (ret);
/*
* Create public key file.
*/
if ((fp = fopen(filename, "w")) == NULL)
return (DST_R_WRITEERROR);
if (issymmetric(key)) {
access = 0;
isc_fsaccess_add(ISC_FSACCESS_OWNER,
ISC_FSACCESS_READ | ISC_FSACCESS_WRITE,
&access);
(void)isc_fsaccess_set(filename, access);
}
/* Write key information in comments */
if ((type & DST_TYPE_KEY) == 0) {
fprintf(fp, "; This is a %s%s-signing key, keyid %d, for ",
(key->key_flags & DNS_KEYFLAG_REVOKE) != 0 ?
"revoked " :
"",
(key->key_flags & DNS_KEYFLAG_KSK) != 0 ?
"key" :
"zone",
key->key_id);
ret = dns_name_print(key->key_name, fp);
if (ret != ISC_R_SUCCESS) {
fclose(fp);
return (ret);
}
fputc('\n', fp);
printtime(key, DST_TIME_CREATED, "; Created", fp);
printtime(key, DST_TIME_PUBLISH, "; Publish", fp);
printtime(key, DST_TIME_ACTIVATE, "; Activate", fp);
printtime(key, DST_TIME_REVOKE, "; Revoke", fp);
printtime(key, DST_TIME_INACTIVE, "; Inactive", fp);
printtime(key, DST_TIME_DELETE, "; Delete", fp);
}
/* Now print the actual key */
ret = dns_name_print(key->key_name, fp);
fprintf(fp, " ");
if (key->key_ttl != 0)
fprintf(fp, "%d ", key->key_ttl);
isc_buffer_usedregion(&classb, &r);
if ((unsigned) fwrite(r.base, 1, r.length, fp) != r.length)
ret = DST_R_WRITEERROR;
if ((type & DST_TYPE_KEY) != 0)
fprintf(fp, " KEY ");
else
fprintf(fp, " DNSKEY ");
isc_buffer_usedregion(&textb, &r);
if ((unsigned) fwrite(r.base, 1, r.length, fp) != r.length)
ret = DST_R_WRITEERROR;
fputc('\n', fp);
fflush(fp);
if (ferror(fp))
ret = DST_R_WRITEERROR;
fclose(fp);
return (ret);
}
/*%
* Writes a public key to disk in DNS format.
*/
static isc_result_t
write_public_key(const dst_key_t *key, int type, const char *directory) {
FILE *fp;
isc_buffer_t keyb, textb, fileb, classb;
isc_region_t r;
char filename[ISC_DIR_NAMEMAX];
unsigned char key_array[DST_KEY_MAXSIZE];
char text_array[DST_KEY_MAXTEXTSIZE];
char class_array[10];
isc_result_t ret;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_fsaccess_t access;
REQUIRE(VALID_KEY(key));
isc_buffer_init(&keyb, key_array, sizeof(key_array));
isc_buffer_init(&textb, text_array, sizeof(text_array));
isc_buffer_init(&classb, class_array, sizeof(class_array));
ret = dst_key_todns(key, &keyb);
if (ret != ISC_R_SUCCESS)
return (ret);
isc_buffer_usedregion(&keyb, &r);
dns_rdata_fromregion(&rdata, key->key_class, dns_rdatatype_dnskey, &r);
ret = dns_rdata_totext(&rdata, (dns_name_t *) NULL, &textb);
if (ret != ISC_R_SUCCESS)
return (DST_R_INVALIDPUBLICKEY);
ret = dns_rdataclass_totext(key->key_class, &classb);
if (ret != ISC_R_SUCCESS)
return (DST_R_INVALIDPUBLICKEY);
/*
* Make the filename.
*/
isc_buffer_init(&fileb, filename, sizeof(filename));
ret = dst_key_buildfilename(key, DST_TYPE_PUBLIC, directory, &fileb);
if (ret != ISC_R_SUCCESS)
return (ret);
/*
* Create public key file.
*/
if ((fp = fopen(filename, "w")) == NULL)
return (DST_R_WRITEERROR);
if (issymmetric(key)) {
access = 0;
isc_fsaccess_add(ISC_FSACCESS_OWNER,
ISC_FSACCESS_READ | ISC_FSACCESS_WRITE,
&access);
(void)isc_fsaccess_set(filename, access);
}
ret = dns_name_print(key->key_name, fp);
if (ret != ISC_R_SUCCESS) {
fclose(fp);
return (ret);
}
fprintf(fp, " ");
isc_buffer_usedregion(&classb, &r);
fwrite(r.base, 1, r.length, fp);
if ((type & DST_TYPE_KEY) != 0)
fprintf(fp, " KEY ");
else
fprintf(fp, " DNSKEY ");
isc_buffer_usedregion(&textb, &r);
fwrite(r.base, 1, r.length, fp);
fputc('\n', fp);
fclose(fp);
return (ISC_R_SUCCESS);
}
