From 794d5cf33f1f49fd8273987024dad1f11d8e2b3d Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Sun, 3 Apr 2016 18:54:26 +0200 Subject: Add some debugging output to validatechain. --- tools/dnssec/validatechain.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/tools/dnssec/validatechain.c b/tools/dnssec/validatechain.c index 1ecf5f7..62fca09 100644 --- a/tools/dnssec/validatechain.c +++ b/tools/dnssec/validatechain.c @@ -8,6 +8,19 @@ #include #include "common.h" +static int debug = 0; + +static void +print_tree(const getdns_list *tree, const char *name) +{ + if (name) + printf("* %s\n", name); + + char *s = getdns_pretty_print_list(tree); + puts(s); + free(s); +} + static getdns_return_t validate(const uint8_t *records_buf, size_t records_len, const uint8_t *support_buf, size_t support_len, @@ -33,7 +46,7 @@ validate(const uint8_t *records_buf, size_t records_len, support_records: DS's and DNSKEY's with accompanying RRSIG's. - trust_anchors: DNSKEY's (or DS?). + trust_anchors: DNSKEY's (and possibly DS's?). */ r = getdns_validate_dnssec2(to_validate, @@ -42,6 +55,11 @@ validate(const uint8_t *records_buf, size_t records_len, validation_time, skew); + if (debug) { + print_tree(to_validate, "to_validate"); + print_tree(support_records, "support_records"); + print_tree(trust_anchors, "trust_anchors"); + } out: if (to_validate) getdns_list_destroy(to_validate); @@ -106,5 +124,6 @@ main(int argc, char *argv[]) return r; } + printf("OK\n"); return 0; } -- cgit v1.1