Commit fe792d59 authored by Alexandre's avatar Alexandre
Browse files

Use a --debug option to reduce --verbose output

parent 2244deb3
......@@ -45,6 +45,7 @@ Total elapsed time: 0.07 seconds (66.72 ms/request )
Possible options, besides `--dot`:
* --verbose or -v: Makes the program more talkative
* --debug or -d: Makes the program very talkative (sets verbose to true)
* --head or -e: (DoH) Uses only the HEAD HTTP method. Since the RFC
does not mention it, result is probably indefinite.
* --POST or -P: (DoH) Uses the POST HTTP method (default is GET)
......
......@@ -36,6 +36,7 @@ import signal
# Values that can be changed from the command line
dot = False # DoH by default
verbose = False
debug = False
insecure = False
post = False
head = False
......@@ -277,7 +278,7 @@ class RequestDoH(Request):
class Connection:
def __init__(self, server, servername=None, connect=None, forceIPv4=False, forceIPv6=False,
dot=dot, verbose=verbose, insecure=insecure):
dot=dot, verbose=verbose, debug=debug, insecure=insecure):
if dot and not is_valid_hostname(server):
error("DoT requires a host name or IP address, not \"%s\"" % server)
if not dot and not is_valid_url(server):
......@@ -293,6 +294,7 @@ class Connection:
self.check = self.server
self.dot = dot
self.verbose = verbose
self.debug = debug
self.insecure = insecure
self.connect_to = connect
......@@ -323,10 +325,10 @@ class Connection:
class ConnectionDoT(Connection):
def __init__(self, server, servername=None, connect=None, forceIPv4=False, forceIPv6=False,
verbose=verbose, insecure=insecure):
verbose=verbose, debug=debug, insecure=insecure):
Connection.__init__(self, server, servername=servername, connect=connect,
forceIPv4=forceIPv4, forceIPv6=forceIPv6, dot=True,
verbose=verbose, insecure=insecure)
verbose=verbose, debug=debug, insecure=insecure)
if connect is not None:
addr = connect
else:
......@@ -392,12 +394,12 @@ class ConnectionDoT(Connection):
# RFC 7858, section 4.2 and appendix A
self.cert = self.session.get_peer_certificate()
self.publickey = self.cert.get_pubkey()
if verbose or key is not None:
if debug or key is not None:
self.hasher.update(OpenSSL.crypto.dump_publickey(OpenSSL.crypto.FILETYPE_ASN1,
self.publickey))
self.digest = self.hasher.digest()
key_string = base64.standard_b64encode(self.digest).decode()
if verbose:
if debug:
print("Certificate #%x for \"%s\", delivered by \"%s\"" % \
(self.cert.get_serial_number(),
self.cert.get_subject().commonName,
......@@ -444,10 +446,10 @@ class ConnectionDoT(Connection):
class ConnectionDoH(Connection):
def __init__(self, server, servername=None, connect=None, forceIPv4=False, forceIPv6=False,
verbose=verbose, insecure=insecure):
verbose=verbose, debug=debug, insecure=insecure):
Connection.__init__(self, server, servername=servername, connect=connect,
forceIPv4=forceIPv4, forceIPv6=forceIPv6, dot=False,
verbose=verbose, insecure=insecure)
verbose=verbose, debug=debug, insecure=insecure)
self.url = server
self.connect = connect
......@@ -456,7 +458,7 @@ class ConnectionDoH(Connection):
# Does not work if pycurl was not compiled with nghttp2 (recent Debian
# packages are OK) https://github.com/pycurl/pycurl/issues/477
self.curl.setopt(pycurl.HTTP_VERSION, pycurl.CURL_HTTP_VERSION_2)
if self.verbose:
if self.debug:
self.curl.setopt(pycurl.VERBOSE, True)
if self.insecure:
self.curl.setopt(pycurl.SSL_VERIFYPEER, False)
......@@ -759,8 +761,8 @@ if not monitoring:
name = None
message = None
try:
optlist, args = getopt.getopt (sys.argv[1:], "hvPkeV:r:f:d:t46",
["help", "verbose", "dot", "head",
optlist, args = getopt.getopt (sys.argv[1:], "hvdPkeV:r:f:d:t46",
["help", "verbose", "debug", "dot", "head",
"insecure", "POST", "vhost=",
"dnssec", "noedns", "ecs", "repeat=", "file=", "delay=",
"key=", "nosni",
......@@ -774,6 +776,9 @@ if not monitoring:
dot = True
elif option == "--verbose" or option == "-v":
verbose = True
elif option == "--debug" or option == "-d":
debug = True
verbose = True
elif option == "--HEAD" or option == "--head" or option == "-e":
head = True
elif option == "--POST" or option == "--post" or option == "-P":
......@@ -960,11 +965,11 @@ for connectTo in ip_set:
try:
if dot:
conn = ConnectionDoT(url, servername=extracheck, connect=connectTo, verbose=verbose,
forceIPv4=forceIPv4, forceIPv6=forceIPv6,
debug=debug, forceIPv4=forceIPv4, forceIPv6=forceIPv6,
insecure=insecure)
else:
conn = ConnectionDoH(url, servername=extracheck, connect=connectTo, verbose=verbose,
forceIPv4=forceIPv4, forceIPv6=forceIPv6,
debug=debug, forceIPv4=forceIPv4, forceIPv6=forceIPv6,
insecure=insecure)
except TimeoutError:
error("timeout")
......
......@@ -144,7 +144,7 @@ tests:
- 'doh'
- 'check'
args:
- '-v'
- '-d'
- '--check'
- 'https://doh.bortzmeyer.fr'
- 'www.afnic.fr'
......@@ -156,7 +156,7 @@ tests:
- 'doh'
- 'check'
args:
- '-v'
- '-d'
- '--check'
- 'https://doh.bortzmeyer.fr'
- 'curl.haxx.se'
......@@ -255,7 +255,7 @@ tests:
- 'check'
- 'forceIPv4'
args:
- '-v'
- '-d'
- '-4'
- '--check'
- 'https://dns.google/dns-query'
......@@ -269,7 +269,7 @@ tests:
- 'check'
- 'forceIPv4'
args:
- '-v'
- '-d'
- '-4'
- '--check'
- 'https://dns.google/dns-query'
......@@ -283,7 +283,7 @@ tests:
- 'check'
- 'forceIPv6'
args:
- '-v'
- '-d'
- '-6'
- '--check'
- 'https://dns.google/dns-query'
......@@ -297,7 +297,7 @@ tests:
- 'check'
- 'forceIPv6'
args:
- '-v'
- '-d'
- '-6'
- '--check'
- 'https://dns.google/dns-query'
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment