From 887bba2af977666d45b78e8b644238892da8df67 Mon Sep 17 00:00:00 2001 From: Daniel FETTI Date: Mon, 30 Oct 2023 09:09:11 +0200 Subject: [PATCH] Patch for libtelio Reduce log levels from error and warn to debug. These changes are copied from 0be935b commit. --- bin/src/hickory-dns.rs | 18 +++++------ bin/tests/server_harness/mod.rs | 4 +-- crates/proto/src/h2/h2_client_stream.rs | 6 ++-- crates/proto/src/op/message.rs | 4 +-- crates/proto/src/quic/quic_client_stream.rs | 2 +- crates/proto/src/rr/dnssec/rdata/dnskey.rs | 2 +- crates/proto/src/rr/dnssec/rdata/key.rs | 2 +- .../src/rr/dnssec/supported_algorithm.rs | 4 +-- crates/proto/src/rr/rdata/opt.rs | 4 +-- crates/proto/src/rr/rdata/txt.rs | 2 +- crates/proto/src/rr/record_data.rs | 4 +-- crates/proto/src/rr/rr_set.rs | 4 +-- .../src/serialize/txt/rdata_parsers/caa.rs | 6 ++-- crates/proto/src/tcp/tcp_client_stream.rs | 4 +-- crates/proto/src/udp/udp_client_stream.rs | 8 ++--- crates/proto/src/udp/udp_stream.rs | 4 +-- crates/proto/src/xfer/dns_exchange.rs | 4 +-- crates/proto/src/xfer/mod.rs | 4 +-- crates/recursor/src/recursor.rs | 6 ++-- crates/resolver/src/async_resolver.rs | 2 +- crates/resolver/src/hosts.rs | 10 +++---- crates/resolver/src/system_conf/unix.rs | 2 +- crates/resolver/src/tls/dns_over_rustls.rs | 2 +- crates/server/src/authority/catalog.rs | 26 ++++++++-------- crates/server/src/config/dnssec.rs | 8 ++--- crates/server/src/server/h2_handler.rs | 8 ++--- crates/server/src/server/h3_handler.rs | 6 ++-- crates/server/src/server/quic_handler.rs | 6 ++-- crates/server/src/server/server_future.rs | 30 +++++++++---------- crates/server/src/server/timeout_stream.rs | 4 +-- .../server/src/store/forwarder/authority.rs | 2 +- .../server/src/store/in_memory/authority.rs | 20 ++++++------- crates/server/src/store/sqlite/authority.rs | 16 +++++----- crates/server/src/store/sqlite/persistence.rs | 4 +-- util/src/bin/dns.rs | 2 +- util/src/bin/dnskey-to-pem.rs | 4 +-- 36 files changed, 121 insertions(+), 123 deletions(-) diff --git a/bin/src/hickory-dns.rs b/bin/src/hickory-dns.rs index f61cdd4885..1e1ca5c5f6 100644 --- a/bin/src/hickory-dns.rs +++ b/bin/src/hickory-dns.rs @@ -49,7 +49,7 @@ use tokio::{ net::{TcpListener, UdpSocket}, runtime, }; -use tracing::{debug, error, info, warn, Event, Subscriber}; +use tracing::{debug, info, Event, Subscriber}; use tracing_subscriber::{ fmt::{format, FmtContext, FormatEvent, FormatFields, FormattedFields}, layer::SubscriberExt, @@ -155,7 +155,7 @@ async fn load_zone( let is_dnssec_enabled = zone_config.is_dnssec_enabled(); if zone_config.is_update_allowed() { - warn!("allow_update is deprecated in [[zones]] section, it belongs in [[zones.stores]]"); + debug!("allow_update is deprecated in [[zones]] section, it belongs in [[zones.stores]]"); } // load the zone @@ -163,7 +163,7 @@ async fn load_zone( #[cfg(feature = "sqlite")] Some(StoreConfig::Sqlite(ref config)) => { if zone_path.is_some() { - warn!("ignoring [[zones.file]] instead using [[zones.stores.zone_file_path]]"); + debug!("ignoring [[zones.file]] instead using [[zones.stores.zone_file_path]]"); } let mut authority = SqliteAuthority::try_from_config( @@ -182,7 +182,7 @@ async fn load_zone( } Some(StoreConfig::File(ref config)) => { if zone_path.is_some() { - warn!("ignoring [[zones.file]] instead using [[zones.stores.zone_file_path]]"); + debug!("ignoring [[zones.file]] instead using [[zones.stores.zone_file_path]]"); } let mut authority = FileAuthority::try_from_config( @@ -213,7 +213,7 @@ async fn load_zone( } #[cfg(feature = "sqlite")] None if zone_config.is_update_allowed() => { - warn!( + debug!( "using deprecated SQLite load configuration, please move to [[zones.stores]] form" ); let zone_file_path = zone_path.ok_or("file is a necessary parameter of zone_config")?; @@ -494,7 +494,7 @@ fn main() { e ); - error!("{}", error_msg); + debug!("{}", error_msg); panic!("{}", error_msg); } }; @@ -521,7 +521,7 @@ fn config_tls( .collect(); if tls_sockaddrs.is_empty() { - warn!("a tls certificate was specified, but no TLS addresses configured to listen on"); + debug!("a tls certificate was specified, but no TLS addresses configured to listen on"); } for tls_listener in &tls_sockaddrs { @@ -574,7 +574,7 @@ fn config_https( .collect(); if https_sockaddrs.is_empty() { - warn!("a tls certificate was specified, but no HTTPS addresses configured to listen on"); + debug!("a tls certificate was specified, but no HTTPS addresses configured to listen on"); } for https_listener in &https_sockaddrs { @@ -640,7 +640,7 @@ fn config_quic( .collect(); if quic_sockaddrs.is_empty() { - warn!("a tls certificate was specified, but no QUIC addresses configured to listen on"); + debug!("a tls certificate was specified, but no QUIC addresses configured to listen on"); } for quic_listener in &quic_sockaddrs { diff --git a/bin/tests/server_harness/mod.rs b/bin/tests/server_harness/mod.rs index 020abc8e8a..771ff2957f 100644 --- a/bin/tests/server_harness/mod.rs +++ b/bin/tests/server_harness/mod.rs @@ -17,7 +17,7 @@ use hickory_proto::rr::dnssec::*; use hickory_proto::rr::{rdata::A, *}; use regex::Regex; use tokio::runtime::Runtime; -use tracing::{info, warn}; +use tracing::{debug, info}; #[cfg(feature = "dnssec")] use self::mut_message_client::MutMessageHandle; @@ -83,7 +83,7 @@ where let mut named = named_killer.lock().unwrap(); if let Err(e) = named.kill() { - warn!("warning: failed to kill named: {:?}", e); + debug!("warning: failed to kill named: {:?}", e); } }; diff --git a/crates/proto/src/h2/h2_client_stream.rs b/crates/proto/src/h2/h2_client_stream.rs index 2cd290d747..d1bdd81a50 100644 --- a/crates/proto/src/h2/h2_client_stream.rs +++ b/crates/proto/src/h2/h2_client_stream.rs @@ -25,7 +25,7 @@ use rustls::ClientConfig; use tokio_rustls::{ client::TlsStream as TokioTlsClientStream, Connect as TokioTlsConnect, TlsConnector, }; -use tracing::{debug, warn}; +use tracing::debug; use crate::error::ProtoError; use crate::http::Version; @@ -490,7 +490,7 @@ where debug!("h2 connection established to: {}", name_server); tokio::spawn( connection - .map_err(|e| warn!("h2 connection failed: {e}")) + .map_err(|e| debug!("h2 connection failed: {e}")) .map(|_: Result<(), ()>| ()), ); @@ -749,7 +749,7 @@ mod tests { .add_parsable_certificates(&rustls_native_certs::load_native_certs().unwrap()); if ignored > 0 { - warn!( + debug!( "failed to parse {} certificate(s) from the native root store", ignored ); diff --git a/crates/proto/src/op/message.rs b/crates/proto/src/op/message.rs index d8904e377c..1df7a82a29 100644 --- a/crates/proto/src/op/message.rs +++ b/crates/proto/src/op/message.rs @@ -9,7 +9,7 @@ use std::{fmt, iter, mem, ops::Deref, sync::Arc}; -use tracing::{debug, warn}; +use tracing::debug; use crate::{ error::*, @@ -972,7 +972,7 @@ where additional_count.0 += count.0; additional_count.1 |= count.1; } else if header.response_code().high() > 0 { - warn!( + debug!( "response code: {} for request: {} requires EDNS but none available", header.response_code(), header.id() diff --git a/crates/proto/src/quic/quic_client_stream.rs b/crates/proto/src/quic/quic_client_stream.rs index 4fd1a81b8a..27f4c0e180 100644 --- a/crates/proto/src/quic/quic_client_stream.rs +++ b/crates/proto/src/quic/quic_client_stream.rs @@ -289,7 +289,7 @@ pub fn client_config_tls13() -> Result { root_store.add_parsable_certificates(&rustls_native_certs::load_native_certs()?); if ignored > 0 { - tracing::warn!( + tracing::debug!( "failed to parse {} certificate(s) from the native root store", ignored, ); diff --git a/crates/proto/src/rr/dnssec/rdata/dnskey.rs b/crates/proto/src/rr/dnssec/rdata/dnskey.rs index b81c37b031..62b2e3fd97 100644 --- a/crates/proto/src/rr/dnssec/rdata/dnskey.rs +++ b/crates/proto/src/rr/dnssec/rdata/dnskey.rs @@ -246,7 +246,7 @@ impl DNSKEY { .emit(&mut encoder) .and_then(|_| self.emit(&mut encoder)) { - tracing::warn!("error serializing dnskey: {e}"); + tracing::debug!("error serializing dnskey: {e}"); return Err(format!("error serializing dnskey: {e}").into()); } } diff --git a/crates/proto/src/rr/dnssec/rdata/key.rs b/crates/proto/src/rr/dnssec/rdata/key.rs index 3932e1f4ff..a0a1849fd9 100644 --- a/crates/proto/src/rr/dnssec/rdata/key.rs +++ b/crates/proto/src/rr/dnssec/rdata/key.rs @@ -746,7 +746,7 @@ impl KEY { // encoder.set_canonical_names(true); // if let Err(e) = name.emit(&mut encoder) // .and_then(|_| emit(&mut encoder, self)) { - // warn!("error serializing KEY: {}", e); + // debug!("error serializing KEY: {}", e); // return Err(format!("error serializing KEY: {}", e).into()); // } // } diff --git a/crates/proto/src/rr/dnssec/supported_algorithm.rs b/crates/proto/src/rr/dnssec/supported_algorithm.rs index 52c356a913..0b540a5d4b 100644 --- a/crates/proto/src/rr/dnssec/supported_algorithm.rs +++ b/crates/proto/src/rr/dnssec/supported_algorithm.rs @@ -21,7 +21,7 @@ use std::fmt::{self, Display, Formatter}; #[cfg(feature = "serde-config")] use serde::{Deserialize, Serialize}; -use tracing::warn; +use tracing::debug; use crate::error::*; use crate::rr::dnssec::Algorithm; @@ -147,7 +147,7 @@ impl<'a> From<&'a [u8]> for SupportedAlgorithms { for a in values.iter().map(|i| Algorithm::from_u8(*i)) { match a { - Algorithm::Unknown(v) => warn!("unrecognized algorithm: {}", v), + Algorithm::Unknown(v) => debug!("unrecognized algorithm: {}", v), a => supported.set(a), } } diff --git a/crates/proto/src/rr/rdata/opt.rs b/crates/proto/src/rr/rdata/opt.rs index fbf9992913..c24f2fdc17 100644 --- a/crates/proto/src/rr/rdata/opt.rs +++ b/crates/proto/src/rr/rdata/opt.rs @@ -15,7 +15,7 @@ use std::{collections::HashMap, fmt}; #[cfg(feature = "serde-config")] use serde::{Deserialize, Serialize}; -use tracing::warn; +use tracing::debug; use crate::{ error::{ProtoError, ProtoErrorKind, ProtoResult}, @@ -291,7 +291,7 @@ impl<'r> RecordDataDecodable<'r> for OPT { if state != OptReadState::ReadCode { // there was some problem parsing the data for the options, ignoring them // TODO: should we ignore all of the EDNS data in this case? - warn!("incomplete or poorly formatted EDNS options: {:?}", state); + debug!("incomplete or poorly formatted EDNS options: {:?}", state); options.clear(); } diff --git a/crates/proto/src/rr/rdata/txt.rs b/crates/proto/src/rr/rdata/txt.rs index 9ce29e9d5d..9ebb5f8f41 100644 --- a/crates/proto/src/rr/rdata/txt.rs +++ b/crates/proto/src/rr/rdata/txt.rs @@ -162,7 +162,7 @@ impl fmt::Display for TXT { /// assert_eq!( /// tested.as_bytes(), /// b"Invalid utf8 <\xEF\xBF\xBD>. Valid utf8 <\xF0\x9F\xA4\xA3>", - /// "Utf8 lossy conversion error! Mismatch between input and expected" + /// "Utf8 lossy conversion debug! Mismatch between input and expected" /// ); /// ``` fn fmt(&self, f: &mut fmt::Formatter<'_>) -> Result<(), fmt::Error> { diff --git a/crates/proto/src/rr/record_data.rs b/crates/proto/src/rr/record_data.rs index af8d2c0a33..4ccb22a30d 100644 --- a/crates/proto/src/rr/record_data.rs +++ b/crates/proto/src/rr/record_data.rs @@ -16,7 +16,7 @@ use std::{cmp::Ordering, fmt, net::IpAddr}; use serde::{Deserialize, Serialize}; use enum_as_inner::EnumAsInner; -use tracing::{trace, warn}; +use tracing::{debug, trace}; use crate::{ error::{ProtoError, ProtoErrorKind, ProtoResult}, @@ -702,7 +702,7 @@ impl RData { { let mut encoder: BinEncoder<'_> = BinEncoder::new(&mut buf); self.emit(&mut encoder).unwrap_or_else(|_| { - warn!("could not encode RDATA: {:?}", self); + debug!("could not encode RDATA: {:?}", self); }); } buf diff --git a/crates/proto/src/rr/rr_set.rs b/crates/proto/src/rr/rr_set.rs index 03d7b1f094..375445cac1 100644 --- a/crates/proto/src/rr/rr_set.rs +++ b/crates/proto/src/rr/rr_set.rs @@ -7,7 +7,7 @@ use std::{iter::Chain, slice::Iter, vec}; -use tracing::{info, warn}; +use tracing::{debug, info}; use crate::rr::{DNSClass, Name, RData, Record, RecordType}; @@ -311,7 +311,7 @@ impl RecordSet { } } rdata => { - warn!("wrong rdata: {:?}, expected SOA", rdata); + debug!("wrong rdata: {:?}, expected SOA", rdata); return false; } } diff --git a/crates/proto/src/serialize/txt/rdata_parsers/caa.rs b/crates/proto/src/serialize/txt/rdata_parsers/caa.rs index 3bbde80ba1..ca79526f60 100644 --- a/crates/proto/src/serialize/txt/rdata_parsers/caa.rs +++ b/crates/proto/src/serialize/txt/rdata_parsers/caa.rs @@ -16,7 +16,7 @@ //! mail exchange, email, record -use tracing::warn; +use tracing::debug; use crate::rr::rdata::caa; use crate::rr::rdata::caa::{Property, Value}; @@ -59,7 +59,7 @@ pub(crate) fn parse<'i, I: Iterator>(mut tokens: I) -> ParseResu let issuer_critical = { let flags = flags_str.parse::()?; if flags & 0b0111_1111 != 0 { - warn!("unexpected flag values in caa (0 or 128): {}", flags); + debug!("unexpected flag values in caa (0 or 128): {}", flags); } flags & 0b1000_0000 != 0 @@ -70,7 +70,7 @@ pub(crate) fn parse<'i, I: Iterator>(mut tokens: I) -> ParseResu // unnecessary clone let tag = Property::from(tag_str.to_string()); if tag.is_unknown() { - warn!("unknown tag found for caa: {:?}", tag); + debug!("unknown tag found for caa: {:?}", tag); } tag }; diff --git a/crates/proto/src/tcp/tcp_client_stream.rs b/crates/proto/src/tcp/tcp_client_stream.rs index 303cb6f237..c41f583f94 100644 --- a/crates/proto/src/tcp/tcp_client_stream.rs +++ b/crates/proto/src/tcp/tcp_client_stream.rs @@ -15,7 +15,7 @@ use std::time::Duration; #[cfg(feature = "tokio-runtime")] use async_trait::async_trait; use futures_util::{future::Future, stream::Stream, StreamExt, TryFutureExt}; -use tracing::warn; +use tracing::debug; use crate::error::ProtoError; #[cfg(feature = "tokio-runtime")] @@ -144,7 +144,7 @@ impl Stream for TcpClientStream { let peer = self.tcp_stream.peer_addr(); if message.addr() != peer { // TODO: this should be an error, right? - warn!("{} does not match name_server: {}", message.addr(), peer) + debug!("{} does not match name_server: {}", message.addr(), peer) } Poll::Ready(Some(Ok(message))) diff --git a/crates/proto/src/udp/udp_client_stream.rs b/crates/proto/src/udp/udp_client_stream.rs index 004d968734..20db277251 100644 --- a/crates/proto/src/udp/udp_client_stream.rs +++ b/crates/proto/src/udp/udp_client_stream.rs @@ -15,7 +15,7 @@ use std::task::{Context, Poll}; use std::time::{Duration, SystemTime, UNIX_EPOCH}; use futures_util::{future::Future, stream::Stream}; -use tracing::{debug, trace, warn}; +use tracing::{debug, trace}; use crate::error::ProtoError; use crate::op::message::NoopMessageFinalizer; @@ -331,7 +331,7 @@ async fn send_serial_message_inner( let request_target = msg.addr(); if src != request_target { - warn!( + debug!( "ignoring response from {} because it does not match name_server: {}.", src, request_target, ); @@ -353,7 +353,7 @@ async fn send_serial_message_inner( } } else { // on wrong id, attempted poison? - warn!( + debug!( "expected message id: {} got: {}, dropped", msg_id, message.id() @@ -364,7 +364,7 @@ async fn send_serial_message_inner( } Err(e) => { // on errors deserializing, continue - warn!( + debug!( "dropped malformed message waiting for id: {} err: {}", msg_id, e ); diff --git a/crates/proto/src/udp/udp_stream.rs b/crates/proto/src/udp/udp_stream.rs index 7237b7d85c..dec6947515 100644 --- a/crates/proto/src/udp/udp_stream.rs +++ b/crates/proto/src/udp/udp_stream.rs @@ -17,7 +17,7 @@ use futures_util::stream::Stream; use futures_util::{future::Future, ready, TryFutureExt}; use rand; use rand::distributions::{uniform::Uniform, Distribution}; -use tracing::{debug, warn}; +use tracing::debug; use crate::udp::MAX_RECEIVE_BUFFER_SIZE; use crate::xfer::{BufDnsStreamHandle, SerialMessage, StreamReceiver}; @@ -207,7 +207,7 @@ impl Stream for UdpStream { // TODO: shouldn't this return the error to send to the sender? if let Err(e) = ready!(socket.poll_send_to(cx, message.bytes(), addr)) { // Drop the UDP packet and continue - warn!( + debug!( "error sending message to {} on udp_socket, dropping response: {}", addr, e ); diff --git a/crates/proto/src/xfer/dns_exchange.rs b/crates/proto/src/xfer/dns_exchange.rs index e4a036e330..c3c2d8dbd3 100644 --- a/crates/proto/src/xfer/dns_exchange.rs +++ b/crates/proto/src/xfer/dns_exchange.rs @@ -14,7 +14,7 @@ use std::task::{Context, Poll}; use futures_channel::mpsc; use futures_util::future::{Future, FutureExt}; use futures_util::stream::{Peekable, Stream, StreamExt}; -use tracing::{debug, warn}; +use tracing::debug; use crate::error::*; use crate::xfer::dns_handle::DnsHandle; @@ -212,7 +212,7 @@ where match serial_response.send_response(io_stream.send_message(dns_request)) { Ok(()) => (), Err(_) => { - warn!("failed to associate send_message response to the sender"); + debug!("failed to associate send_message response to the sender"); } } } diff --git a/crates/proto/src/xfer/mod.rs b/crates/proto/src/xfer/mod.rs index fb23ecef32..abd66e5c19 100644 --- a/crates/proto/src/xfer/mod.rs +++ b/crates/proto/src/xfer/mod.rs @@ -14,7 +14,7 @@ use futures_channel::oneshot; use futures_util::future::Future; use futures_util::ready; use futures_util::stream::{Fuse, Peekable, Stream, StreamExt}; -use tracing::{debug, warn}; +use tracing::debug; use crate::error::*; use crate::Time; @@ -51,7 +51,7 @@ fn ignore_send(result: Result>) { return; } - warn!("error notifying wait, possible future leak: {:?}", error); + debug!("error notifying wait, possible future leak: {:?}", error); } } diff --git a/crates/recursor/src/recursor.rs b/crates/recursor/src/recursor.rs index 008dba0201..e3002f1167 100644 --- a/crates/recursor/src/recursor.rs +++ b/crates/recursor/src/recursor.rs @@ -12,7 +12,7 @@ use futures_util::{future::select_all, FutureExt}; use hickory_resolver::name_server::TokioConnectionProvider; use lru_cache::LruCache; use parking_lot::Mutex; -use tracing::{debug, info, warn}; +use tracing::{debug, info}; use crate::{ proto::{ @@ -307,7 +307,7 @@ impl Recursor { lookup.ok_or_else(|| Error::from("no records found")) } Err(e) => { - warn!("lookup error: {e}"); + debug!("lookup error: {e}"); Err(Error::from(e)) } } @@ -430,7 +430,7 @@ impl Recursor { } } Err(e) => { - warn!("resolve failed {}", e); + debug!("resolve failed {}", e); } } } diff --git a/crates/resolver/src/async_resolver.rs b/crates/resolver/src/async_resolver.rs index 8d3b7d037b..5deeee33be 100644 --- a/crates/resolver/src/async_resolver.rs +++ b/crates/resolver/src/async_resolver.rs @@ -206,7 +206,7 @@ impl AsyncResolver

{ #[cfg(not(feature = "dnssec"))] { // TODO: should this just be a panic, or a pinned error? - tracing::warn!("validate option is only available with 'dnssec' feature"); + tracing::debug!("validate option is only available with 'dnssec' feature"); either = LookupEither::Retry(client); } } else { diff --git a/crates/resolver/src/hosts.rs b/crates/resolver/src/hosts.rs index 59cfc02f53..961348bc3b 100644 --- a/crates/resolver/src/hosts.rs +++ b/crates/resolver/src/hosts.rs @@ -9,7 +9,7 @@ use std::sync::Arc; use proto::op::Query; use proto::rr::{Name, RecordType}; use proto::rr::{RData, Record}; -use tracing::warn; +use tracing::debug; use crate::dns_lru; use crate::lookup::Lookup; @@ -77,7 +77,7 @@ impl Hosts { Lookup::new_with_max_ttl(query, Arc::from([])) }), _ => { - tracing::warn!("unsupported IP type from Hosts file: {:#?}", record_type); + tracing::debug!("unsupported IP type from Hosts file: {:#?}", record_type); return; } }; @@ -89,7 +89,7 @@ impl Hosts { match record_type { RecordType::A => lookup_type.a = Some(new_lookup), RecordType::AAAA => lookup_type.aaaa = Some(new_lookup), - _ => tracing::warn!("unsupported IP type from Hosts file"), + _ => tracing::debug!("unsupported IP type from Hosts file"), } } @@ -120,7 +120,7 @@ impl Hosts { let addr = if let Some(a) = fields[0].try_parse_ip() { a } else { - warn!("could not parse an IP from hosts file"); + debug!("could not parse an IP from hosts file"); continue; }; @@ -140,7 +140,7 @@ impl Hosts { self.insert(name.clone(), RecordType::AAAA, lookup); } _ => { - warn!("unsupported IP type from Hosts file: {:#?}", addr); + debug!("unsupported IP type from Hosts file: {:#?}", addr); continue; } }; diff --git a/crates/resolver/src/system_conf/unix.rs b/crates/resolver/src/system_conf/unix.rs index 44393091c0..aa683ac1c4 100644 --- a/crates/resolver/src/system_conf/unix.rs +++ b/crates/resolver/src/system_conf/unix.rs @@ -85,7 +85,7 @@ fn into_resolver_config( }); } if nameservers.is_empty() { - tracing::warn!("no nameservers found in config"); + tracing::debug!("no nameservers found in config"); } // search diff --git a/crates/resolver/src/tls/dns_over_rustls.rs b/crates/resolver/src/tls/dns_over_rustls.rs index 865aebf127..a5a9343cbc 100644 --- a/crates/resolver/src/tls/dns_over_rustls.rs +++ b/crates/resolver/src/tls/dns_over_rustls.rs @@ -40,7 +40,7 @@ pub(crate) static CLIENT_CONFIG: Lazy, ProtoError>> = L root_store.add_parsable_certificates(&rustls_native_certs::load_native_certs()?); if ignored > 0 { - tracing::warn!( + tracing::debug!( "failed to parse {} certificate(s) from the native root store", ignored, ); diff --git a/crates/server/src/authority/catalog.rs b/crates/server/src/authority/catalog.rs index cd311e1084..e457c041cd 100644 --- a/crates/server/src/authority/catalog.rs +++ b/crates/server/src/authority/catalog.rs @@ -11,7 +11,7 @@ use std::{borrow::Borrow, collections::HashMap, future::Future, io}; use cfg_if::cfg_if; -use tracing::{debug, error, info, trace, warn}; +use tracing::{debug, info, trace}; #[cfg(feature = "dnssec")] use crate::proto::rr::{ @@ -102,7 +102,7 @@ impl RequestHandler for Catalog { resp_edns.set_version(our_version); if req_edns.version() > our_version { - warn!( + debug!( "request edns version greater than {}: {}", our_version, req_edns.version() @@ -119,7 +119,7 @@ impl RequestHandler for Catalog { // couldn't handle the request return match result { Err(e) => { - error!("request error: {}", e); + debug!("request error: {}", e); ResponseInfo::serve_failed() } Ok(info) => info, @@ -146,7 +146,7 @@ impl RequestHandler for Catalog { self.update(request, response_edns, response_handle).await } c => { - warn!("unimplemented op_code: {:?}", c); + debug!("unimplemented op_code: {:?}", c); let response = MessageResponseBuilder::new(Some(request.raw_query())); response_handle @@ -155,7 +155,7 @@ impl RequestHandler for Catalog { } }, MessageType::Response => { - warn!("got a response as a request from id: {}", request.id()); + debug!("got a response as a request from id: {}", request.id()); let response = MessageResponseBuilder::new(Some(request.raw_query())); response_handle @@ -166,7 +166,7 @@ impl RequestHandler for Catalog { match result { Err(e) => { - error!("request failed: {}", e); + debug!("request failed: {}", e); ResponseInfo::serve_failed() } Ok(info) => info, @@ -265,7 +265,7 @@ impl Catalog { let ztype = request_info.query.query_type(); if ztype != RecordType::SOA { - warn!( + debug!( "invalid update request zone type must be SOA, ztype: {}", ztype ); @@ -288,7 +288,7 @@ impl Catalog { #[allow(deprecated)] match authority.zone_type() { ZoneType::Secondary | ZoneType::Slave => { - error!("secondary forwarding for update not yet implemented"); + debug!("secondary forwarding for update not yet implemented"); ResponseCode::NotImp } ZoneType::Primary | ZoneType::Master => { @@ -372,7 +372,7 @@ impl Catalog { match result { Err(e) => { - error!("failed to send response: {}", e); + debug!("failed to send response: {}", e); ResponseInfo::serve_failed() } Ok(r) => r, @@ -433,7 +433,7 @@ async fn lookup<'a, R: ResponseHandler + Unpin>( match result { Err(e) => { - error!("error sending response: {}", e); + debug!("error sending response: {}", e); ResponseInfo::serve_failed() } Ok(i) => i, @@ -556,7 +556,7 @@ async fn send_authoritative_response( match authority.ns(lookup_options).await { Ok(ns) => (Some(ns), None), Err(e) => { - warn!("ns_lookup errored: {}", e); + debug!("ns_lookup errored: {}", e); (None, None) } } @@ -573,7 +573,7 @@ async fn send_authoritative_response( // run the soa lookup Ok(nsecs) => Some(nsecs), Err(e) => { - warn!("failed to lookup nsecs: {}", e); + debug!("failed to lookup nsecs: {}", e); None } } @@ -584,7 +584,7 @@ async fn send_authoritative_response( match authority.soa_secure(lookup_options).await { Ok(soa) => (nsecs, Some(soa)), Err(e) => { - warn!("failed to lookup soa: {}", e); + debug!("failed to lookup soa: {}", e); (nsecs, None) } } diff --git a/crates/server/src/config/dnssec.rs b/crates/server/src/config/dnssec.rs index 40ba294b77..a99465211a 100644 --- a/crates/server/src/config/dnssec.rs +++ b/crates/server/src/config/dnssec.rs @@ -316,7 +316,7 @@ pub fn load_cert( zone_dir: &Path, tls_cert_config: &TlsCertConfig, ) -> Result<((X509, Option>), PKey), String> { - use tracing::{info, warn}; + use tracing::{debug, info}; use crate::proto::openssl::tls_server::{ read_cert_pem, read_cert_pkcs12, read_key_from_der, read_key_from_pkcs8, @@ -338,7 +338,7 @@ pub fn load_cert( } CertType::Pkcs12 => { if private_key_path.is_some() { - warn!( + debug!( "ignoring specified key, using the one in the PKCS12 file: {}", path.display() ); @@ -375,7 +375,7 @@ pub fn load_cert( zone_dir: &Path, tls_cert_config: &TlsCertConfig, ) -> Result<(Vec, PrivateKey), String> { - use tracing::{info, warn}; + use tracing::{debug, info}; use crate::proto::rustls::tls_server::{read_cert, read_key, read_key_from_der}; @@ -403,7 +403,7 @@ pub fn load_cert( (Some(private_key_path), PrivateKeyType::Pkcs8) => { info!("loading TLS PKCS8 key from: {}", private_key_path.display()); if password.is_some() { - warn!("Password for key supplied, but Rustls does not support encrypted PKCS8"); + debug!("Password for key supplied, but Rustls does not support encrypted PKCS8"); } read_key(&private_key_path)? diff --git a/crates/server/src/server/h2_handler.rs b/crates/server/src/server/h2_handler.rs index fdb6d59334..b1e0267074 100644 --- a/crates/server/src/server/h2_handler.rs +++ b/crates/server/src/server/h2_handler.rs @@ -13,7 +13,7 @@ use h2::server; use hickory_proto::{http::Version, rr::Record}; use tokio::io::{AsyncRead, AsyncWrite}; use tokio_util::sync::CancellationToken; -use tracing::{debug, warn}; +use tracing::debug; use crate::{ authority::MessageResponse, @@ -40,7 +40,7 @@ pub(crate) async fn h2_handler( let mut h2 = match server::handshake(io).await { Ok(h2) => h2, Err(err) => { - warn!("handshake error from {}: {}", src_addr, err); + debug!("handshake error from {}: {}", src_addr, err); return; } }; @@ -52,7 +52,7 @@ pub(crate) async fn h2_handler( result = h2.accept() => match result { Some(Ok(next_request)) => next_request, Some(Err(err)) => { - warn!("error accepting request {}: {}", src_addr, err); + debug!("error accepting request {}: {}", src_addr, err); return; } None => { @@ -73,7 +73,7 @@ pub(crate) async fn h2_handler( tokio::spawn(async move { match h2_server::message_from(dns_hostname, request).await { Ok(bytes) => handle_request(bytes, src_addr, handler, responder).await, - Err(err) => warn!("error while handling request from {}: {}", src_addr, err), + Err(err) => debug!("error while handling request from {}: {}", src_addr, err), }; }); diff --git a/crates/server/src/server/h3_handler.rs b/crates/server/src/server/h3_handler.rs index b26bf0b970..c5d36fa32f 100644 --- a/crates/server/src/server/h3_handler.rs +++ b/crates/server/src/server/h3_handler.rs @@ -15,7 +15,7 @@ use hickory_proto::{ error::ProtoError, h3::h3_server::H3Connection, h3::H3Error, http::Version, rr::Record, }; use tokio_util::sync::CancellationToken; -use tracing::{debug, warn}; +use tracing::debug; use crate::{ authority::MessageResponse, @@ -44,7 +44,7 @@ where result = connection.accept() => match result { Some(Ok(next_request)) => next_request, Some(Err(err)) => { - warn!("error accepting request {}: {}", src_addr, err); + debug!("error accepting request {}: {}", src_addr, err); return Err(err); } None => { @@ -78,7 +78,7 @@ where max_requests -= 1; if max_requests == 0 { - warn!("exceeded request count, shutting down h3 conn: {src_addr}"); + debug!("exceeded request count, shutting down h3 conn: {src_addr}"); connection.shutdown().await?; break; } diff --git a/crates/server/src/server/quic_handler.rs b/crates/server/src/server/quic_handler.rs index 39316ec5de..dfe4459e15 100644 --- a/crates/server/src/server/quic_handler.rs +++ b/crates/server/src/server/quic_handler.rs @@ -15,7 +15,7 @@ use hickory_proto::{ rr::Record, }; use tokio_util::sync::CancellationToken; -use tracing::{debug, warn}; +use tracing::debug; use crate::{ authority::MessageResponse, @@ -45,7 +45,7 @@ where result = quic_streams.next() => match result { Some(Ok(next_request)) => next_request, Some(Err(err)) => { - warn!("error accepting request {}: {}", src_addr, err); + debug!("error accepting request {}: {}", src_addr, err); return Err(err); } None => { @@ -72,7 +72,7 @@ where max_requests -= 1; if max_requests == 0 { - warn!("exceeded request count, shutting down quic conn: {src_addr}"); + debug!("exceeded request count, shutting down quic conn: {src_addr}"); // DOQ_NO_ERROR (0x0): No error. This is used when the connection or stream needs to be closed, but there is no error to signal. stream.lock().await.stop(DoqErrorCode::NoError)?; break; diff --git a/crates/server/src/server/server_future.rs b/crates/server/src/server/server_future.rs index d5bbc5704e..711f9dcb79 100644 --- a/crates/server/src/server/server_future.rs +++ b/crates/server/src/server/server_future.rs @@ -17,7 +17,7 @@ use hickory_proto::{op::MessageType, rr::Record}; use rustls::{Certificate, PrivateKey, ServerConfig}; use tokio::{net, task::JoinSet}; use tokio_util::sync::CancellationToken; -use tracing::{debug, info, warn}; +use tracing::{debug, info}; #[cfg(all(feature = "dns-over-openssl", not(feature = "dns-over-rustls")))] use crate::proto::openssl::tls_server::*; @@ -80,7 +80,7 @@ impl ServerFuture { let message = match message { Err(e) => { - warn!("error receiving message on udp_socket: {}", e); + debug!("error receiving message on udp_socket: {}", e); continue; } Ok(message) => message, @@ -91,7 +91,7 @@ impl ServerFuture { // verify that the src address is safe for responses if let Err(e) = sanitize_src_address(src_addr) { - warn!( + debug!( "address can not be responded to {src_addr}: {e}", src_addr = src_addr, e = e @@ -163,7 +163,7 @@ impl ServerFuture { // verify that the src address is safe for responses if let Err(e) = sanitize_src_address(src_addr) { - warn!( + debug!( "address can not be responded to {src_addr}: {e}", src_addr = src_addr, e = e @@ -290,7 +290,7 @@ impl ServerFuture { // verify that the src address is safe for responses if let Err(e) = sanitize_src_address(src_addr) { - warn!( + debug!( "address can not be responded to {src_addr}: {e}", src_addr = src_addr, e = e @@ -441,7 +441,7 @@ impl ServerFuture { // verify that the src address is safe for responses if let Err(e) = sanitize_src_address(src_addr) { - warn!( + debug!( "address can not be responded to {src_addr}: {e}", src_addr = src_addr, e = e @@ -633,7 +633,7 @@ impl ServerFuture { // verify that the src address is safe for responses if let Err(e) = sanitize_src_address(src_addr) { - warn!("address can not be responded to {src_addr}: {e}"); + debug!("address can not be responded to {src_addr}: {e}"); continue; } @@ -734,7 +734,7 @@ impl ServerFuture { // verify that the src address is safe for responses // TODO: we're relying the quinn library to actually validate responses before we get here, but this check is still worth doing if let Err(e) = sanitize_src_address(src_addr) { - warn!( + debug!( "address can not be responded to {src_addr}: {e}", src_addr = src_addr, e = e @@ -754,7 +754,7 @@ impl ServerFuture { .await; if let Err(e) = result { - warn!("quic stream processing failed from {src_addr}: {e}") + debug!("quic stream processing failed from {src_addr}: {e}") } }); @@ -825,7 +825,7 @@ impl ServerFuture { // verify that the src address is safe for responses // TODO: we're relying the quinn library to actually validate responses before we get here, but this check is still worth doing if let Err(e) = sanitize_src_address(src_addr) { - warn!( + debug!( "address can not be responded to {src_addr}: {e}", src_addr = src_addr, e = e @@ -845,7 +845,7 @@ impl ServerFuture { .await; if let Err(e) = result { - warn!("h3 stream processing failed from {src_addr}: {e}") + debug!("h3 stream processing failed from {src_addr}: {e}") } }); @@ -878,7 +878,7 @@ async fn block_until_done( join_set: &mut JoinSet>, ) -> Result<(), ProtoError> { if join_set.is_empty() { - warn!("block_until_done called with no pending tasks"); + debug!("block_until_done called with no pending tasks"); return Ok(()); } @@ -956,7 +956,7 @@ impl ResponseHandler for ReportingResponseHandler { let id = self.request_header.id(); let rid = response_info.id(); if id != rid { - warn!("request id:{id} does not match response id:{rid}"); + debug!("request id:{id} does not match response id:{rid}"); debug_assert_eq!(id, rid, "request id and response id should match"); } @@ -1084,10 +1084,10 @@ pub(crate) async fn handle_request( .await; if let Err(e) = result { - warn!("failed to return FormError to client: {}", e); + debug!("failed to return FormError to client: {}", e); } } - Err(e) => warn!("failed to read message: {}", e), + Err(e) => debug!("failed to read message: {}", e), } } diff --git a/crates/server/src/server/timeout_stream.rs b/crates/server/src/server/timeout_stream.rs index 10b13fcc97..7f28bc696e 100644 --- a/crates/server/src/server/timeout_stream.rs +++ b/crates/server/src/server/timeout_stream.rs @@ -7,7 +7,7 @@ use std::time::Duration; use futures_util::stream::{Stream, StreamExt}; use futures_util::FutureExt; use tokio::time::Sleep; -use tracing::{debug, warn}; +use tracing::debug; /// This wraps the underlying Stream in a timeout. /// @@ -64,7 +64,7 @@ where // ensure that interest in the Timeout is registered match timeout.poll_unpin(cx) { Poll::Ready(_) => { - warn!("timeout fired immediately!"); + debug!("timeout fired immediately!"); return Poll::Ready(Some(Err(io::Error::new( io::ErrorKind::TimedOut, "timeout fired immediately!", diff --git a/crates/server/src/store/forwarder/authority.rs b/crates/server/src/store/forwarder/authority.rs index 6e1b8cc081..f69791e794 100644 --- a/crates/server/src/store/forwarder/authority.rs +++ b/crates/server/src/store/forwarder/authority.rs @@ -68,7 +68,7 @@ impl ForwardAuthority { // preserve_intermediates enables when set to true, and disables // when set to false. So we set it to true. if !options.preserve_intermediates { - tracing::warn!( + tracing::debug!( "preserve_intermediates set to false, which is invalid \ for a forwarder; switching to true" ); diff --git a/crates/server/src/store/in_memory/authority.rs b/crates/server/src/store/in_memory/authority.rs index 1a91d5a38f..748ee56b1f 100644 --- a/crates/server/src/store/in_memory/authority.rs +++ b/crates/server/src/store/in_memory/authority.rs @@ -21,7 +21,7 @@ use cfg_if::cfg_if; use futures_util::future::{self, TryFutureExt}; #[cfg(feature = "dnssec")] use time::OffsetDateTime; -use tracing::{debug, error, warn}; +use tracing::debug; use tokio::sync::{RwLock, RwLockReadGuard, RwLockWriteGuard}; @@ -356,7 +356,7 @@ impl InnerInMemory { let soa = match soa { Some(soa) => soa, None => { - error!("could not lookup SOA for authority: {}", origin); + debug!("could not lookup SOA for authority: {}", origin); return 0; } }; @@ -371,7 +371,7 @@ impl InnerInMemory { let soa = match soa { Some(soa) => soa, None => { - error!("could not lookup SOA for authority: {}", origin); + debug!("could not lookup SOA for authority: {}", origin); return 0; } }; @@ -544,7 +544,7 @@ impl InnerInMemory { let mut record = if let Some(record) = record { record } else { - error!("could not lookup SOA for authority: {}", origin); + debug!("could not lookup SOA for authority: {}", origin); return 0; }; @@ -573,7 +573,7 @@ impl InnerInMemory { /// true if the value was inserted, false otherwise fn upsert(&mut self, record: Record, serial: u32, dns_class: DNSClass) -> bool { if dns_class != record.dns_class() { - warn!( + debug!( "mismatched dns_class on record insert, zone: {} record: {}", dns_class, record.dns_class() @@ -785,7 +785,7 @@ impl InnerInMemory { let tbs = match tbs { Ok(tbs) => tbs, Err(err) => { - error!("could not serialize rrset to sign: {}", err); + debug!("could not serialize rrset to sign: {}", err); continue; } }; @@ -794,7 +794,7 @@ impl InnerInMemory { let signature = match signature { Ok(signature) => signature, Err(err) => { - error!("could not sign rrset: {}", err); + debug!("could not sign rrset: {}", err); continue; } }; @@ -838,7 +838,7 @@ impl InnerInMemory { // TODO: should this be an error? if secure_keys.is_empty() { - warn!( + debug!( "attempt to sign_zone {} for dnssec, but no keys available!", origin ) @@ -1098,8 +1098,6 @@ impl Authority for InMemoryAuthority { // if DNSSEC is enabled, and the request had the DO set, sign the recordset #[cfg(feature = "dnssec")] { - use tracing::warn; - // ANAME's are constructed on demand, so need to be signed before return if lookup_options.is_dnssec() { InnerInMemory::sign_rrset( @@ -1109,7 +1107,7 @@ impl Authority for InMemoryAuthority { self.class(), ) // rather than failing the request, we'll just warn - .map_err(|e| warn!("failed to sign ANAME record: {}", e)) + .map_err(|e| debug!("failed to sign ANAME record: {}", e)) .ok(); } } diff --git a/crates/server/src/store/sqlite/authority.rs b/crates/server/src/store/sqlite/authority.rs index 5c869907e2..e7b485f607 100644 --- a/crates/server/src/store/sqlite/authority.rs +++ b/crates/server/src/store/sqlite/authority.rs @@ -14,7 +14,7 @@ use std::{ }; use futures_util::lock::Mutex; -use tracing::{error, info, warn}; +use tracing::{debug, info}; use crate::{ authority::{Authority, LookupError, LookupOptions, MessageRequest, UpdateResult, ZoneType}, @@ -311,13 +311,13 @@ impl SqliteAuthority { let required_name = LowerName::from(require.name()); if require.ttl() != 0 { - warn!("ttl must be 0 for: {:?}", require); + debug!("ttl must be 0 for: {:?}", require); return Err(ResponseCode::FormErr); } let origin = self.origin(); if !origin.zone_of(&require.name().into()) { - warn!("{} is not a zone_of {}", require.name(), origin); + debug!("{} is not a zone_of {}", require.name(), origin); return Err(ResponseCode::NotZone); } @@ -465,7 +465,7 @@ impl SqliteAuthority { // does this authority allow_updates? if !self.allow_update { - warn!( + debug!( "update attempted on non-updatable Authority: {}", self.origin() ); @@ -523,7 +523,7 @@ impl SqliteAuthority { return Ok(()); } } else { - warn!( + debug!( "no sig0 matched registered records: id {}", update_message.id() ); @@ -662,7 +662,7 @@ impl SqliteAuthority { // subsequent to a failure of the server. if let Some(ref journal) = *self.journal.lock().await { if let Err(error) = journal.insert_records(serial, records) { - error!("could not persist update records: {}", error); + debug!("could not persist update records: {}", error); return Err(ResponseCode::ServFail); } } @@ -812,11 +812,11 @@ impl SqliteAuthority { cfg_if::cfg_if! { if #[cfg(feature = "dnssec")] { self.secure_zone().await.map_err(|e| { - error!("failure securing zone: {}", e); + debug!("failure securing zone: {}", e); ResponseCode::ServFail })? } else { - error!("failure securing zone, dnssec feature not enabled"); + debug!("failure securing zone, dnssec feature not enabled"); return Err(ResponseCode::ServFail) } } diff --git a/crates/server/src/store/sqlite/persistence.rs b/crates/server/src/store/sqlite/persistence.rs index 9f066007b1..423c13b504 100644 --- a/crates/server/src/store/sqlite/persistence.rs +++ b/crates/server/src/store/sqlite/persistence.rs @@ -14,7 +14,7 @@ use std::sync::{Mutex, MutexGuard}; use rusqlite::types::ToSql; use rusqlite::{self, Connection}; use time; -use tracing::error; +use tracing::debug; use crate::error::{PersistenceErrorKind, PersistenceResult}; use crate::proto::rr::Record; @@ -324,7 +324,7 @@ impl<'j> Iterator for JournalIter<'j> { } Ok(None) => None, Err(err) => { - error!("persistence error while iterating over journal: {}", err); + debug!("persistence error while iterating over journal: {}", err); None } } diff --git a/util/src/bin/dns.rs b/util/src/bin/dns.rs index dba43fdcb0..a2ab4be8fa 100644 --- a/util/src/bin/dns.rs +++ b/util/src/bin/dns.rs @@ -529,7 +529,7 @@ fn tls_config() -> Result> { root_store.add_parsable_certificates(&rustls_native_certs::load_native_certs()?); if ignored > 0 { - tracing::warn!( + tracing::debug!( "failed to parse {} certificate(s) from the native root store", ignored, ); diff --git a/util/src/bin/dnskey-to-pem.rs b/util/src/bin/dnskey-to-pem.rs index bb68c147e4..fbc26a0124 100644 --- a/util/src/bin/dnskey-to-pem.rs +++ b/util/src/bin/dnskey-to-pem.rs @@ -30,7 +30,7 @@ use clap::Parser; use data_encoding::BASE64; use openssl::bn::BigNum; use openssl::rsa::Rsa; -use tracing::{info, warn, Level}; +use tracing::{debug, info, Level}; use hickory_proto::rr::dnssec::Algorithm; @@ -92,7 +92,7 @@ pub fn main() { panic!("Private-key-format line not found: {}", next_line); } if "v1.2" != value { - warn!("WARNING: un-tested version {:?}", value); + debug!("WARNING: un-tested version {:?}", value); } // algorithm