[Opendnssec-commits] sion r6969 - in trunk/OpenDNSSEC/enforcer: ksm/include/ksm utils

commits at svn.opendnssec.org commits at svn.opendnssec.org
Wed Jan 23 10:55:48 CET 2013


Author: sion
Date: Wed Jan 23 10:55:48 2013
New Revision: 6969
URL: http://fisheye.opendnssec.org/changelog/opendnssec?cs=6969

Log:
OPENDNSSEC-367: add syslog message if algorithm change is confirmed.

Modified:
   trunk/OpenDNSSEC/enforcer/ksm/include/ksm/ksm.h
   trunk/OpenDNSSEC/enforcer/utils/ksmutil.c

Modified: trunk/OpenDNSSEC/enforcer/ksm/include/ksm/ksm.h
==============================================================================
--- trunk/OpenDNSSEC/enforcer/ksm/include/ksm/ksm.h	Wed Jan 23 10:48:13 2013	(r6968)
+++ trunk/OpenDNSSEC/enforcer/ksm/include/ksm/ksm.h	Wed Jan 23 10:55:48 2013	(r6969)
@@ -57,6 +57,7 @@
 int KsmRundown(void);
 
 #define KSM_NAME_LENGTH     256         /* Includes trailing NULL */
+#define KSM_MSG_LENGTH      512         /* Includes trailing NULL */
 #define KSM_PATH_LENGTH     4096        /* Includes trailing NULL */
 #define KSM_POLICY_DESC_LENGTH     256  /* Includes trailing NULL */
 #define KSM_TIME_LENGTH     32          /* Includes trailing NULL */

Modified: trunk/OpenDNSSEC/enforcer/utils/ksmutil.c
==============================================================================
--- trunk/OpenDNSSEC/enforcer/utils/ksmutil.c	Wed Jan 23 10:48:13 2013	(r6968)
+++ trunk/OpenDNSSEC/enforcer/utils/ksmutil.c	Wed Jan 23 10:55:48 2013	(r6969)
@@ -4417,6 +4417,9 @@
 	int value = 0;
 	int algo_change = 0;
 	int user_certain;
+	char* changes_made = NULL;
+	int size = -1;
+	char tmp_change[KSM_MSG_LENGTH];
 
     /* Some files, the xml and rng */
     const char* rngfilename = OPENDNSSEC_SCHEMA_DIR "/kasp.rng";
@@ -4565,9 +4568,18 @@
 											/* Changed */
 											if (!algo_change) {
 												printf("\n\nAlgorithm change attempted... details:\n");
+												StrAppend(&changes_made, "Algorithm changes made, details:");
 												algo_change = 1;
 											}
-											printf("Policy: %s, KSK algorithm changed from %d to %d.\n", policy_name, policy->ksk->algorithm, value);
+											size = snprintf(tmp_change, KSM_MSG_LENGTH, "Policy: %s, KSK algorithm changed from %d to %d.", policy_name, policy->ksk->algorithm, value);
+											/* Check overflow */
+											if (size < 0 || size >= KSM_MSG_LENGTH) {
+												printf("Error constructing log message for policy %s, exiting...", policy_name);
+												return -1;
+											}
+											printf("%s\n", tmp_change);
+											StrAppend(&changes_made, "  ");
+											StrAppend(&changes_made, tmp_change);
 										}
 										
 									}
@@ -4591,9 +4603,18 @@
 											/* Changed */
 											if (!algo_change) {
 												printf("\n\nAlgorithm change attempted... details:\n");
+												StrAppend(&changes_made, "Algorithm changes made, details:");
 												algo_change = 1;
 											}
-											printf("Policy: %s, ZSK algorithm changed from %d to %d.\n", policy_name, policy->zsk->algorithm, value);
+												size = snprintf(tmp_change, KSM_MSG_LENGTH, "Policy: %s, KSK algorithm changed from %d to %d.", policy_name, policy->ksk->algorithm, value);
+											/* Check overflow */
+											if (size < 0 || size >= KSM_MSG_LENGTH) {
+												printf("Error constructing log message for policy %s, exiting...", policy_name);
+												return -1;
+											}
+											printf("%s\n", tmp_change);
+											StrAppend(&changes_made, "  ");
+											StrAppend(&changes_made, tmp_change);
 										}
 
 									}
@@ -4632,6 +4653,26 @@
 
 			/* Newline for the output */
 			printf("\n");
+
+			/*
+			 * Log this change to syslog for posterity
+			 */
+#ifdef HAVE_OPENLOG_R
+        openlog_r("ods-ksmutil", 0, DEFAULT_LOG_FACILITY, &sdata);
+#else
+        openlog("ods-ksmutil", 0, DEFAULT_LOG_FACILITY);
+#endif
+#ifdef HAVE_SYSLOG_R
+        syslog_r(LOG_INFO, &sdata, "%s", changes_made);
+#else
+        syslog(LOG_INFO, "%s", changes_made);
+#endif
+#ifdef HAVE_CLOSELOG_R
+        closelog_r(&sdata);
+#else
+        closelog();
+#endif
+
 		}
 
 		/*



More information about the Opendnssec-commits mailing list