Replace remaining fprintf() calls with zoneverify_*() calls

Replace all fprintf() calls inside lib/dns/zoneverify.c, but outside of zoneverify_log_error() and zoneverify_print() with calls to these functions.
2025-08-30 22:15:20 +00:00 · 2018-06-15 09:59:20 +02:00
parent 11a552a614
commit 5609472fbe
1 changed files with 46 additions and 35 deletions
--- a/lib/dns/zoneverify.c
+++ b/lib/dns/zoneverify.c
@@ -1063,7 +1063,7 @@ free_element_heap(void *element, void *uap) {
 }

 static isc_boolean_t
-checknext(const struct nsec3_chain_fixed *first,
+checknext(const vctx_t *vctx, const struct nsec3_chain_fixed *first,
 	  const struct nsec3_chain_fixed *e)
 {
 	char buf[512];
@@ -1082,27 +1082,26 @@ checknext(const struct nsec3_chain_fixed *first,
 	sr.length = first->next_length;
 	isc_buffer_init(&b, buf, sizeof(buf));
 	isc_base32hex_totext(&sr, 1, "", &b);
-	fprintf(stderr, "Break in NSEC3 chain at: %.*s\n",
+	zoneverify_log_error(vctx, "Break in NSEC3 chain at: %.*s",
 			     (int)isc_buffer_usedlength(&b), buf);

 	DE_CONST(d1, sr.base);
 	sr.length = first->next_length;
 	isc_buffer_init(&b, buf, sizeof(buf));
 	isc_base32hex_totext(&sr, 1, "", &b);
-	fprintf(stderr, "Expected: %.*s\n", (int) isc_buffer_usedlength(&b),
-		buf);
+	zoneverify_log_error(vctx, "Expected: %.*s",
+			     (int)isc_buffer_usedlength(&b), buf);

 	DE_CONST(d2, sr.base);
 	sr.length = first->next_length;
 	isc_buffer_init(&b, buf, sizeof(buf));
 	isc_base32hex_totext(&sr, 1, "", &b);
-	fprintf(stderr, "Found: %.*s\n", (int) isc_buffer_usedlength(&b), buf);
+	zoneverify_log_error(vctx, "Found: %.*s",
+			     (int)isc_buffer_usedlength(&b), buf);

 	return (ISC_FALSE);
 }

-#define EXPECTEDANDFOUND "Expected and found NSEC3 chains not equal\n"
-
 static isc_result_t
 verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 	isc_result_t result = ISC_R_SUCCESS;
@@ -1123,8 +1122,12 @@ verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 				free_element(mctx, f);
 				f = NULL;
 			} else {
-				if (result == ISC_R_SUCCESS)
-					fprintf(stderr, EXPECTEDANDFOUND);
+				if (result == ISC_R_SUCCESS) {
+					zoneverify_log_error(
+						vctx,
+						"Expected and found NSEC3 "
+						"chains not equal");
+				}
 				result = ISC_R_FAILURE;
 				/*
 				 * Attempt to resync found_chain.
@@ -1142,12 +1145,14 @@ verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 				}
 			}
 		} else if (result == ISC_R_SUCCESS) {
-			fprintf(stderr, EXPECTEDANDFOUND);
+			zoneverify_log_error(vctx,
+					     "Expected and found NSEC3 chains "
+					     "not equal");
 			result = ISC_R_FAILURE;
 		}
 		if (first == NULL || newchain(first, e)) {
 			if (prev != NULL) {
-				if (!checknext(prev, first))
+				if (!checknext(vctx, prev, first))
 					result = ISC_R_FAILURE;
 				if (prev != first)
 					free_element(mctx, prev);
@@ -1157,14 +1162,14 @@ verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 			prev = first = e;
 			continue;
 		}
-		if (!checknext(prev, e))
+		if (!checknext(vctx, prev, e))
 			result = ISC_R_FAILURE;
 		if (prev != first)
 			free_element(mctx, prev);
 		prev = e;
 	}
 	if (prev != NULL) {
-		if (!checknext(prev, first))
+		if (!checknext(vctx, prev, first))
 			result = ISC_R_FAILURE;
 		if (prev != first)
 			free_element(mctx, prev);
@@ -1174,7 +1179,9 @@ verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 	do {
 		if (f != NULL) {
 			if (result == ISC_R_SUCCESS) {
-				fprintf(stderr, EXPECTEDANDFOUND);
+				zoneverify_log_error(vctx,
+						     "Expected and found "
+						     "NSEC3 chains not equal");
 				result = ISC_R_FAILURE;
 			}
 			free_element(mctx, f);
@@ -1791,21 +1798,26 @@ print_summary(const vctx_t *vctx, isc_boolean_t keyset_kskonly) {
 	char algbuf[DNS_SECALG_FORMATSIZE];
 	int i;

-	fprintf(stderr, "Zone fully signed:\n");
+	zoneverify_print(vctx, "Zone fully signed:\n");
 	for (i = 0; i < 256; i++) {
-		if ((vctx->ksk_algorithms[i] != 0) ||
-		    (vctx->standby_ksk[i] != 0) ||
-		    (vctx->revoked_ksk[i] != 0) ||
-		    (vctx->zsk_algorithms[i] != 0) ||
-		    (vctx->standby_zsk[i] != 0) ||
-		    (vctx->revoked_zsk[i] != 0)) {
+		if ((vctx->ksk_algorithms[i] == 0) &&
+		    (vctx->standby_ksk[i] == 0) &&
+		    (vctx->revoked_ksk[i] == 0) &&
+		    (vctx->zsk_algorithms[i] == 0) &&
+		    (vctx->standby_zsk[i] == 0) &&
+		    (vctx->revoked_zsk[i] == 0))
+		{
+			continue;
+		}
 		dns_secalg_format(i, algbuf, sizeof(algbuf));
-			fprintf(stderr, "Algorithm: %s: KSKs: "
+		zoneverify_print(vctx,
+				 "Algorithm: %s: KSKs: "
 				 "%u active, %u stand-by, %u revoked\n",
 				 algbuf, vctx->ksk_algorithms[i],
 				 vctx->standby_ksk[i],
 				 vctx->revoked_ksk[i]);
-			fprintf(stderr, "%*sZSKs: "
+		zoneverify_print(vctx,
+				 "%*sZSKs: "
 				 "%u active, %u %s, %u revoked\n",
 				 (int)strlen(algbuf) + 13, "",
 				 vctx->zsk_algorithms[i],
@@ -1814,7 +1826,6 @@ print_summary(const vctx_t *vctx, isc_boolean_t keyset_kskonly) {
 				 vctx->revoked_zsk[i]);
 	}
 }
-}

 void
 dns_zoneverify_dnssec(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,