66 |
66 |
67 given ($cmd) { |
67 given ($cmd) { |
68 when ("zsk") { exit create_zsk(@zones) }; |
68 when ("zsk") { exit create_zsk(@zones) }; |
69 when ("ksk") { exit create_ksk(@zones) }; |
69 when ("ksk") { exit create_ksk(@zones) }; |
70 #when ("check") { exit check_zone(@zones) }; |
70 #when ("check") { exit check_zone(@zones) }; |
71 #when ("rm") { exit rm_keys(@zones) }; |
71 when ("rm") { exit rm_keys(@zones) }; |
72 default { die "not implemented\n" }; |
72 default { die "not implemented\n" }; |
73 }; |
73 }; |
74 } |
74 |
75 |
75 } |
76 sub rm_keys ($@) { |
76 |
77 |
77 sub rm_keys (@) { |
78 # deletes all the keys were handed over -rm in argv |
78 |
79 my ($master_dir, @zone) = @_; |
79 my @zones = @_; |
80 |
80 my $master_dir = "$cf{master_dir}"; |
81 for (@zone) { |
81 |
82 my $zone = $_; |
82 for my $zone (@zones) { |
83 |
83 |
84 my $zpf = "$master_dir/$zone"; |
84 my $dir = "$master_dir/$zone"; |
85 my $ep = 0; |
85 my $ep = 0; |
86 |
86 |
87 if (-e "$zpf/$zone.signed") { |
87 my @files = map "$dir/$_", ("$zone.signed", |
88 unlink "$zpf/$zone.signed" and $ep = 1; |
88 ".keycounter", |
89 } |
89 ".index.ksk", |
90 if (-e "$zpf/.keycounter") { |
90 ".index.zsk", |
91 unlink "$zpf/.keycounter" and $ep = 1; |
91 "dsset-$zone.", |
92 } |
92 "keyset-$zone."); |
93 if (-e "$zpf/.index.ksk") { |
93 push @files, glob "$dir/K$zone*"; |
94 unlink "$zpf/.index.ksk" and $ep = 1; |
94 |
95 } |
95 for my $f (@files) { |
96 if (-e "$zpf/.index.zsk") { |
96 if (-e $f) { |
97 unlink "$zpf/.index.zsk" and $ep = 1; |
97 unlink $f or die "Can't unlink '$f': $!\n"; |
98 } |
98 $ep = 1; |
99 if (-e "$zpf/dsset-$zone.") { |
99 } |
100 unlink "$zpf/dsset-$zone." and $ep = 1; |
100 } |
101 } |
101 |
102 if (-e "$zpf/keyset-$zone.") { |
102 say " * $zone: removed key-set" if $ep; |
103 unlink "$zpf/keyset-$zone." and $ep = 1; |
103 |
104 } |
104 open my $old, "$dir/$zone" or die "Can't open '$dir/$zone': $!\n"; |
105 |
105 my @old = <$old>; |
106 for (glob("$zpf/K$zone*")) { |
106 close $old; |
107 chomp($_); |
107 my @new = grep { not /^\s*\$include\s+("?)K\Q$zone\E.*\.key\1\s*$/i } @old; |
108 unlink("$_"); |
108 return if @new ~~ @old; |
109 } |
109 |
110 |
110 my $new = File::Temp->new(UNLINK => 0) |
111 if ($ep == 1) { |
111 or die "Can't create tmpfile\n"; |
112 print " * $zone: removed key-set\n"; |
112 print $new @new; |
113 } |
113 rename $new->filename => "$dir/$zone" |
114 |
114 or die "Can't rename " . $new->filename . " to $dir/$zone: $!\n"; |
115 open(my $old, "$zpf/$zone") or die "$zpf/$zone: $!\n"; |
115 |
116 my $fh = File::Temp->new(DIR => $zpf) |
116 } |
117 or die "Can't create tmpfile: $!\n"; |
117 |
118 print $fh grep { not /^\s*\$INCLUDE.*"K$zone.*\.key"/i } <$old>; |
|
119 rename($fh->filename => "$zpf/$zone") |
|
120 or die "Can't rename " . $fh->filename . " to $zpf/$zone: $!\n"; |
|
121 } |
|
122 } |
118 } |
123 |
119 |
124 sub create_key ($@) { |
120 sub create_key ($@) { |
125 |
121 |
126 my ($type, @zones) = @_; |
122 my ($type, @zones) = @_; |
278 |
274 |
279 open OLD, '<', $zf or die "Can't open $zf: $!\n"; |
275 open OLD, '<', $zf or die "Can't open $zf: $!\n"; |
280 chomp (@lines = <OLD>); |
276 chomp (@lines = <OLD>); |
281 close OLD; |
277 close OLD; |
282 |
278 |
283 return if grep /^\s*\$include\s+("?)\Q$keyname\E\.key\1$/i, @lines; |
279 return if grep /^\s*\$include\s+("?)\Q$keyname\E\.key\1\s*$/i, @lines; |
284 |
280 |
285 $tmp = File::Temp->new(UNLINK => 0) or die "Can't create temporary file\n"; |
281 $tmp = File::Temp->new(UNLINK => 0) or die "Can't create temporary file\n"; |
286 print $tmp join "\n", @lines, qq(\$INCLUDE "$keyname.key"\n); |
282 print $tmp join "\n", @lines, qq(\$INCLUDE "$keyname.key"\n); |
287 close $tmp; |
283 close $tmp; |
288 |
284 |