Mercurial Mercurial > hg > ius > dnstools / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
dnssec-creatkey
changeset 28 4807ad9b8d19
parent 27 d5337081ed02
child 29 ef4b45dd7618
equal deleted inserted replaced
27:d5337081ed02 28:4807ad9b8d19 
    33 my @manu;
 
    33 my @manu;
 
    34 my @index;
 
    34 my @index;
 
    35 my $zone;
 
    35 my $zone;
 
    36 my $keyname;
 
    36 my $keyname;
 
    37 
    37 
       
    38 
    38 # prueft ob eingaben in ARGV domains sind und gibt sie in die liste @manu
 
    39 # prueft ob eingaben in ARGV domains sind und gibt sie in die liste @manu
 
    39 for (@ARGV) {
 
    40 for (@ARGV) {
 
    40     chomp( my $zone = `idn --quiet "$_"` );
 
    41     chomp( my $zone = `idn --quiet "$_"` );
 
    41 
    42 
    42     if ( -d "$master_dir/$zone" ) {
 
    43     if ( -d "$master_dir/$zone" ) {
 
    44     }
 
    45     }
 
    45     else {
 
    46     else {
 
    46         print " $zone not exist\n ";
 
    47         print " $zone not exist\n ";
 
    47     }
 
    48     }
 
    48 }
 
    49 }
 
       
    50 
       
    51 # prueft ob zonen mit schluesselmaterial ueber index- und keycounterdatei
 
       
    52 # verfuegen.
 
       
    53 # legt .index.ksk an falls nicht und gibt die entsprechende zone in die
 
       
    54 # liste @change 
       
    55 while (<$master_dir/*>) {
 
       
    56     chomp( $zone = $_ );
 
       
    57 
       
    58     if (-f "$zone/.index.zsk" and
 
       
    59         -f "$zone/.index.ksk" and
 
       
    60         -f "$zone/.keycounter") {
 
       
    61         next;
 
       
    62     }
 
       
    63 
       
    64     while (<$zone/*>) {
 
       
    65         if (m#^K#) {
 
       
    66             my $file_in_zone = $_;
 
       
    67 
       
    68             open (KEY,$_) or die "$_: $!\n";
 
       
    69             for (<KEY>) {
 
       
    70                 if (m#DNSKEY.257#) {
 
       
    71                     $file_in_zone =~ s#(/.*/)(.*).key#$2#;
 
       
    72 
       
    73                     open (INDEX, ">$zone/.index.ksk") or die;
 
       
    74                     print INDEX "$file_in_zone\n";
 
       
    75                     close (INDEX);
 
       
    76 
       
    77                     $zone =~ s#($master_dir/)(.*)#$2#;
 
       
    78                     push( @change, $zone );
 
       
    79 
       
    80                 }
 
       
    81             }
 
       
    82             close (KEY);
 
       
    83         }
 
       
    84     }
 
       
    85 }
 
       
    86 
    49 
    87 
    50 # gibt alle zonen mit abgelaufenen keycounter in die liste @change
 
    88 # gibt alle zonen mit abgelaufenen keycounter in die liste @change
 
    51 while (<$master_dir/*>) {
 
    89 while (<$master_dir/*>) {
 
    52     chomp( $zone = $_ );
 
    90     chomp( $zone = $_ );
 
    53     my $key;
 
    91     my $key;
 
    91     open( INDEX, ">.index.zsk" ) or die "$master_dir/$zone/.index.zsk: $!\n";
 
   129     open( INDEX, ">.index.zsk" ) or die "$master_dir/$zone/.index.zsk: $!\n";
 
    92     print INDEX @index;
 
   130     print INDEX @index;
 
    93     close(INDEX);
 
   131     close(INDEX);
 
    94 
   132 
    95     chomp($keyname);
 
   133     chomp($keyname);
 
    96     print "$keyname (ZSK) erzeugt fuer $zone \n";
 
   134     print "$keyname (ZSK) creat for $zone \n";
 
    97 
   135 
    98     open( KC, ">.keycounter" ) or die "$master_dir/$zone/keycounter: $!\n";
 
   136     open( KC, ">.keycounter" ) or die "$master_dir/$zone/keycounter: $!\n";
 
    99     print KC "0";
 
   137     print KC "0";
 
   100     close(KC);
 
   138     close(KC);
 
   101 }
 
   139 }
 
   105     $zone = $_;
 
   143     $zone = $_;
 
   106 
   144 
   107     chdir "$master_dir/$zone" or die "$master_dir/$zone: $!\n";
 
   145     chdir "$master_dir/$zone" or die "$master_dir/$zone: $!\n";
 
   108     $keyname = `dnssec-keygen -a RSASHA1 -b 2048 -f KSK -n ZONE $zone`;
 
   146     $keyname = `dnssec-keygen -a RSASHA1 -b 2048 -f KSK -n ZONE $zone`;
 
   109 
   147 
       
   148     print "creat new KSK for $zone? (no): ";
 
       
   149     unless (<STDIN> =~ m/^yes/) {
 
       
   150         next;
 
       
   151     }
 
       
   152 
   110     unless ( -f ".index.ksk" ) {
 
   153     unless ( -f ".index.ksk" ) {
 
   111         @index = ();
 
   154         @index = ();
 
   112     }
 
   155     }
 
   113     else {
 
   156     else {
 
       
   157 
   114         open( INDEX, ".index.ksk" )
 
   158         open( INDEX, ".index.ksk" )
 
   115             or die "$master_dir/$zone/.index.ksk: $!\n";
 
   159             or die "$master_dir/$zone/.index.ksk: $!\n";
 
   116         @index = <INDEX>;
 
   160         @index = <INDEX>;
 
   117         close(INDEX);
 
   161         close(INDEX);
 
   118     }
 
   162     }
 
   125     open( INDEX, ">.index.ksk" ) or die "$master_dir/$zone/.index.ksk: $!\n";
 
   169     open( INDEX, ">.index.ksk" ) or die "$master_dir/$zone/.index.ksk: $!\n";
 
   126     print INDEX @index;
 
   170     print INDEX @index;
 
   127     close(INDEX);
 
   171     close(INDEX);
 
   128 
   172 
   129     chomp($keyname);
 
   173     chomp($keyname);
 
   130     print "$keyname (KSK) erzeugt fuer $zone \n";
 
   174     print "$keyname (KSK) creat for $zone \n";
 
   131 }
 
   175 }
 
   132 
   176 
   133 # loescht alle unbenoetigten schluessel, fuegt die schluessel in
 
   177 # loescht alle unbenoetigten schluessel, fuegt die schluessel in
 
   134 # die zone-datei
 
   178 # die zone-datei
 
   135 for ( @change, @manu ) {
 
   179 for ( @change, @manu ) {
 
   202     open( ZONE, ">$master_dir/$zone/$zone" )
 
   246     open( ZONE, ">$master_dir/$zone/$zone" )
 
   203         or die "$master_dir/$zone/$zone: $!\n";
 
   247         or die "$master_dir/$zone/$zone: $!\n";
 
   204     print ZONE @new_zone_content;
 
   248     print ZONE @new_zone_content;
 
   205     close(ZONE);
 
   249     close(ZONE);
 
   206 
   250 
   207     print "$master_dir/$zone/$zone wurde neu erstellt \n";
 
   251 }
 
   208 }
ius/dnstools