Mercurial Mercurial > hg > ius > dnstools / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
dnssec-keytool.pl
branchhs12
changeset 66 c44bc1c8e396
parent 64 86418a892c76
child 68 a433ae489911
equal deleted inserted replaced
64:86418a892c76 66:c44bc1c8e396 
     2 
     2 
     3 use warnings;
 
     3 use warnings;
 
     4 use strict;
 
     4 use strict;
 
     5 use FindBin;
 
     5 use FindBin;
 
     6 use File::Temp;
 
     6 use File::Temp;
 
       
     7 use Getopt::Long;
 
       
     8 use Pod::Usage;
 
     7 
     9 
     8 sub read_conf;
 
    10 sub read_conf;
 
     9 sub read_argv($);
 
    11 sub read_argv($);
 
    10 sub rm_keys(@);
 
    12 sub rm_keys(@);
 
       
    13 sub ck_zone(@);
 
       
    14 sub creat_ksk(@);
 
    11 sub creat_zsk(@);
 
    15 sub creat_zsk(@);
 
       
    16 sub post_creat(@);
 
       
    17 
    12 
    18 
    13 MAIN: {
 
    19 MAIN: {
 
    14     my @zone;
 
    20     my @zone;
 
    15     my $do;
 
    21     my $do;
 
    16 
    22 
    26 
    32 
    27     creat_zsk($conf{master_dir}, @zone);
 
    33     creat_zsk($conf{master_dir}, @zone);
 
    28     post_creat($conf{master_dir}, @zone);
 
    34     post_creat($conf{master_dir}, @zone);
 
    29 }
 
    35 }
 
    30 
    36 
    31 sub read_conf {
 
       
    32 
       
    33     # read configuration
 
       
    34     my @conffile = ("etc/dnstools.conf", "$FindBin::Bin/dnstools.conf");
 
       
    35     my %return;
 
       
    36 
       
    37     for (grep { -f } @conffile) {
 
       
    38         open(CONFIG, "<", $_) or die "Can't open $_: $!\n";
 
       
    39     }
 
       
    40     unless (seek(CONFIG, 0, 0)) {
 
       
    41         die "Can't open config (searched: @conffile)\n";
 
       
    42     }
 
       
    43     while (<CONFIG>) {
 
       
    44         chomp;
 
       
    45         s/#.*//;
 
       
    46         s/\s//g;
 
       
    47 
       
    48         next unless length;
 
       
    49         my ($cname, $ccont) = split(/\s*=\s*/, $_, 2);
 
       
    50         $return{$cname} = $ccont;
 
       
    51     }
 
       
    52     close(CONFIG);
 
       
    53     return %return;
 
       
    54 }
 
       
    55 
       
    56 sub read_argv ($) {
 
    37 sub read_argv ($) {
 
    57 
       
    58     # evaluate argv or print the help
 
       
    59     my $master_dir = $_[0];
 
    38     my $master_dir = $_[0];
 
    60 
    39 	my $zone;
 
    61     my $arg = shift @ARGV;
 
       
    62     my $zone;
 
       
    63     my $do;      # return
 
    40     my $do;      # return
 
    64     my @zone;    # return
 
    41     my @zone;    # return
 
    65 
    42 
    66     if (!defined $arg) {
 
    43 	GetOptions(
 
    67         print " usage: dnssec-keytool <option> zone\n";
 
    44 	"z"		=> sub { $do = "zsk" },
 
    68         print "   -z  created a new ZSK\n";
 
    45 	"k"	    => sub { $do = "ksk" },
 
    69         print "   -k  created a new ZSK and KSK\n";
 
    46 	"h"		=> sub {pod2usage},
 
    70         print "   -rm deletes the key-set of a zone\n";
 
    47 	"r"     => sub { $do = "rm" },
 
    71         print "   -c  created configuration files for the dnstools\n";
 
    48 	"c"		=> sub { $do = "ck" },
 
    72         print "       and a new ZSK for an existing KSK\n";
 
    49 	) or pod2usage;
 
    73         print "\n";
 
       
    74 
       
    75         exit;
 
       
    76     }
 
       
    77     elsif ($arg eq "-k")  { $do = "ksk"; }
 
       
    78     elsif ($arg eq "-rm") { $do = "rm"; }
 
       
    79     elsif ($arg eq "-c")  { $do = "ck"; }
 
       
    80     elsif ($arg eq "-z")  { $do = "zsk"; }
 
       
    81     else {
 
       
    82         print "not a valid option.\n";
 
       
    83         exit;
 
       
    84     }
 
       
    85 
    50 
    86     # checks the zones in argv if there are managed zones
 
    51     # checks the zones in argv if there are managed zones
 
    87     for (@ARGV) {
 
    52     for (@ARGV) {
 
    88         chomp($zone = `idn --quiet "$_"`);
 
    53         chomp($zone = `idn --quiet "$_"`);
 
    89         if (-e "$master_dir/$zone/$zone") {
 
    54         if (-e "$master_dir/$zone/$zone") {
 
    90             push @zone, $zone;
 
    55             push @zone, $zone;
 
    91         }
 
    56         }
 
    92     }
 
    57     }
 
    93     return ($do, @zone);
 
    58     return ($do, @zone);
 
    94 }
 
    59 }
 
       
    60 
       
    61 sub read_conf {
 
       
    62 
       
    63     # read configuration
 
       
    64     my @conffile = ("etc/dnstools.conf", "$FindBin::Bin/dnstools.conf");
 
       
    65     my %return;
 
       
    66 
       
    67     for (grep { -f } @conffile) {
 
       
    68         open(CONFIG, "<", $_) or die "Can't open $_: $!\n";
 
       
    69     }
 
       
    70     unless (seek(CONFIG, 0, 0)) {
 
       
    71         die "Can't open config (searched: @conffile)\n";
 
       
    72     }
 
       
    73     while (<CONFIG>) {
 
       
    74         chomp;
 
       
    75         s/#.*//;
 
       
    76         s/\s//g;
 
       
    77 
       
    78         next unless length;
 
       
    79         my ($cname, $ccont) = split(/\s*=\s*/, $_, 2);
 
       
    80         $return{$cname} = $ccont;
 
       
    81     }
 
       
    82     close(CONFIG);
 
       
    83     return %return;
 
       
    84 }
 
       
    85 
    95 
    86 
    96 sub rm_keys (@) {
 
    87 sub rm_keys (@) {
 
    97 
    88 
    98     # deletes all the keys were handed over -rm in argv
 
    89     # deletes all the keys were handed over -rm in argv
 
    99     my ($master_dir, @zone) = @_;
 
    90     my ($master_dir, @zone) = @_;
 
   154         }
 
   145         }
 
   155 
   146 
   156     }
 
   147     }
 
   157 }
 
   148 }
 
   158 
   149 
   159 sub creat_ksk {
 
   150 sub creat_ksk (@) {
 
   160     my ($master_dir, @zone) = @_;
 
   151     my ($master_dir, @zone) = @_;
 
   161     my @index;
 
   152     my @index;
 
   162     my $keyname;
 
   153     my $keyname;
 
   163 
   154 
   164     for (@zone) {
 
   155     for (@zone) {
 
   234         print KC "0";
 
   225         print KC "0";
 
   235         close(KC);
 
   226         close(KC);
 
   236     }
 
   227     }
 
   237 }
 
   228 }
 
   238 
   229 
   239 sub ck_zone {
 
   230 sub ck_zone (@) {
 
   240     my ($master_dir, @zone) = @_;
 
   231     my ($master_dir, @zone) = @_;
 
   241 
   232 
   242     for (@zone) {
 
   233     for (@zone) {
 
   243         my $zone = $_;
 
   234         my $zone = $_;
 
   244         my $zpf  = "$master_dir/$zone";
 
   235         my $zpf  = "$master_dir/$zone";
 
   273             unlink("$zpf/.index.zsk") or die "$zpf/.index.zsk: $!\n";
 
   264             unlink("$zpf/.index.zsk") or die "$zpf/.index.zsk: $!\n";
 
   274         }
 
   265         }
 
   275     }
 
   266     }
 
   276 }
 
   267 }
 
   277 
   268 
   278 sub post_creat {
 
   269 sub post_creat (@) {
 
   279     my ($master_dir, @zone) = @_;
 
   270     my ($master_dir, @zone) = @_;
 
   280     for (@zone) {
 
   271     for (@zone) {
 
   281         my $zone = $_;
 
   272         my $zone = $_;
 
   282         `touch $master_dir/$zone/$zone`;
 
   273         `touch $master_dir/$zone/$zone`;
 
   283         &kill_useless_keys($zone, $master_dir);
 
   274         &kill_useless_keys($zone, $master_dir);
 
   284         &key_to_zonefile($zone, $master_dir);
 
   275         &key_to_zonefile($zone, $master_dir);
 
   285     }
 
   276     }
 
   286 }
 
   277 }
 
   287 
   278 
   288 sub kill_useless_keys {
 
   279 sub kill_useless_keys (@) {
 
   289 
   280 
   290     # the function deletes all keys that are not available in the zone
 
   281     # the function deletes all keys that are not available in the zone
 
   291 
   282 
   292     my $zone       = $_[0];
 
   283     my $zone       = $_[0];
 
   293     my $master_dir = $_[1];
 
   284     my $master_dir = $_[1];
 
   324             }
 
   315             }
 
   325         }
 
   316         }
 
   326     }
 
   317     }
 
   327 }
 
   318 }
 
   328 
   319 
   329 sub key_to_zonefile {
 
   320 sub key_to_zonefile (@) {
 
   330 
   321 
   331     # the function added all keys to the indexfile
 
   322     # the function added all keys to the indexfile
 
   332     my $zone       = $_[0];
 
   323     my $zone       = $_[0];
 
   333     my $master_dir = $_[1];
 
   324     my $master_dir = $_[1];
 
   334     my $zpf        = "$master_dir/$zone";
 
   325     my $zpf        = "$master_dir/$zone";
 
   363 
   354 
   364 =head1 SYNOPSIS
 
   355 =head1 SYNOPSIS
 
   365 
   356 
   366 dnssec-keytool <option> zone
 
   357 dnssec-keytool <option> zone
 
   367 
   358 
       
   359 =item -z  created a new ZSK
 
       
   360 
       
   361 =item -k  created a new ZSK and KSK
 
       
   362 
       
   363 =item -r  delete the key-set of a zone
 
       
   364 
       
   365 =item -c  created configuration files for the dnstools and a new ZSK for an existing KSK
 
       
   366 
   368 =head1 DESCRIPTION
 
   367 =head1 DESCRIPTION
 
   369 
   368 
   370 kommt bald
 
   369 kommt bald
ius/dnstools