Mercurial Mercurial > hg > ius > dnstools / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
dnssec-killkey
changeset 29 ef4b45dd7618
parent 27 d5337081ed02
child 30 5ac92c1ffdf9
equal deleted inserted replaced
28:4807ad9b8d19 29:ef4b45dd7618 
    48         if ( -e "$zdir/.index.zsk" )    { unlink "$zdir/.index.zsk" }
 
    48         if ( -e "$zdir/.index.zsk" )    { unlink "$zdir/.index.zsk" }
 
    49         if ( -e "$zdir/dsset-$zone." )  { unlink "$zdir/dsset-$zone." }
 
    49         if ( -e "$zdir/dsset-$zone." )  { unlink "$zdir/dsset-$zone." }
 
    50         if ( -e "$zdir/keyset-$zone." ) { unlink "$zdir/keyset-$zone." }
 
    50         if ( -e "$zdir/keyset-$zone." ) { unlink "$zdir/keyset-$zone." }
 
    51         for (`ls $master_dir/$zone/K*[key,private]`) { unlink $_ }
 
    51         for (`ls $master_dir/$zone/K*[key,private]`) { unlink $_ }
 
    52     }
 
    52     }
 
       
    53 
       
    54     open( ZONE, "$master_dir/$zone/$zone" )
 
       
    55         or die "$master_dir/$zone/$zone: $!\n";
 
       
    56     @old_zone_content = <ZONE>;
 
       
    57     close(ZONE);
 
       
    58 
       
    59     for (@old_zone_content) {
 
       
    60         unless (/dnssec-(ksk|zsk)/) {
 
       
    61             push @new_zone_content, $_;
 
       
    62         }
 
       
    63     }
 
       
    64 
       
    65     open( ZONE, ">$master_dir/$zone/$zone" )
 
       
    66         or die "$master_dir/$zone/$zone: $!\n";
 
       
    67     print ZONE @new_zone_content;
 
       
    68     close(ZONE);
 
       
    69 
    53 }
 
    70 }
 
    54 
    71 
    55 # beendet den key-rollover
 
    72 # beendet den key-rollover
 
    56 for (<$master_dir/*>) {
 
    73 for (<$master_dir/*>) {
 
    57     $zone = $_;
 
    74     $zone = $_;
 
   112 # zonedatei geschrieben.
 
   129 # zonedatei geschrieben.
 
   113 for (@auto) {
 
   130 for (@auto) {
 
   114     my $zone             = $_;
 
   131     my $zone             = $_;
 
   115     my @old_zone_content = ();
 
   132     my @old_zone_content = ();
 
   116     my @new_zone_content = ();
 
   133     my @new_zone_content = ();
 
   117     my @keylist          = ();
 
   134     my @kkeylist         = ();
 
       
   135     my @zkeylist         = ();
 
   118     my $file;
 
   136     my $file;
 
   119 
   137 
   120     open( INDEX, "$master_dir/$zone/.index.zsk" )
 
   138     open( INDEX, "$master_dir/$zone/.index.zsk" )
 
   121         or die "$master_dir/$zone/.index.zsk: $!\n";
 
   139         or die "$master_dir/$zone/.index.zsk: $!\n";
 
   122     @keylist = <INDEX>;
 
   140     @zkeylist = <INDEX>;
 
   123     close(INDEX);
 
   141     close(INDEX);
 
   124 
   142 
   125     open( INDEX, "$master_dir/$zone/.index.ksk" )
 
   143     open( INDEX, "$master_dir/$zone/.index.ksk" )
 
   126         or die "$master_dir/$zone/.index.ksk: $!\n";
 
   144         or die "$master_dir/$zone/.index.ksk: $!\n";
 
   127     push @keylist, <INDEX>;
 
   145     @kkeylist = <INDEX>;
 
   128     close(INDEX);
 
   146     close(INDEX);
 
   129 
   147 
   130     open( ZONE, "$master_dir/$zone/$zone" )
 
   148     open( ZONE, "$master_dir/$zone/$zone" )
 
   131         or die "$master_dir/$zone/$zone: $!\n";
 
   149         or die "$master_dir/$zone/$zone: $!\n";
 
   132     @old_zone_content = <ZONE>;
 
   150     @old_zone_content = <ZONE>;
 
   133     close(ZONE);
 
   151     close(ZONE);
 
   134 
   152 
   135     # kuerzt die schluessel-bezeichnung aus der indexdatei auf die
 
   153     # kuerzt die schluessel-bezeichnung aus der indexdatei auf die
 
   136     # id um sie besser vergleichen zu koennen.
 
   154     # id um sie besser vergleichen zu koennen.
 
   137     for (@keylist) {
 
   155     for (@kkeylist, @zkeylist) {
 
   138         chomp;
 
   156         chomp;
 
   139         s#K.*\+.*\+(.*)#$1#;
 
   157         s#K.*\+.*\+(.*)#$1#;
 
   140     }
 
   158     }
 
   141 
   159 
   142     # filtert alle schluessel aus der zonedatei
 
   160     # filtert alle schluessel aus der zonedatei
 
   143     # old_zone_content ==> new_zone_content
 
   161     # old_zone_content ==> new_zone_content
 
   144     for (@old_zone_content) {
 
   162     for (@old_zone_content) {
 
   145         unless (/IN\sDNSKEY/) {
 
   163         unless (/dnssec-(ksk|zsk)/) {
 
   146             push @new_zone_content, $_;
 
   164             push @new_zone_content, $_;
 
   147         }
 
   165         }
 
   148     }
 
   166     }
 
   149 
   167 
   150     # prueft alle schluesseldateien (ksk, zsk) ob sie in der jeweiligen
 
   168     # prueft alle schluesseldateien (ksk, zsk) ob sie in der jeweiligen
 
   152     for (`ls $master_dir/$zone/K*[key,private]`) {
 
   170     for (`ls $master_dir/$zone/K*[key,private]`) {
 
   153         chomp;
 
   171         chomp;
 
   154         $file = $_;
 
   172         $file = $_;
 
   155         my $rm_count = 1;
 
   173         my $rm_count = 1;
 
   156 
   174 
   157         for (@keylist) {
 
   175         for (@zkeylist) {
 
   158 
   176 
   159             if ( $file =~ /$_/ ) {
 
   177             if ( $file =~ /$_/ ) {
 
   160                 $rm_count = 0;
 
   178                 $rm_count = 0;
 
   161 
   179 
   162                 # schluessel die in der indexdatei standen, werden an die
 
   180                 # schluessel die in der indexdatei standen, werden an die
 
   163                 # zonedatei angehangen.
 
   181                 # zonedatei angehangen.
 
   164                 if ( $file =~ /.*key/ ) {
 
   182                 if ( $file =~ /.*key/ ) {
 
   165                     open( KEYFILE, "$file" ) or die "$file: $!\n";
 
   183 
   166                     push @new_zone_content, <KEYFILE>;
 
   184                     $file =~ s#/.*/(K.*)#$1#;
 
   167                     close(KEYFILE);
 
   185                     push @new_zone_content, "\$include $file\t\t; dnssec-zsk\n" ;
 
   168 
   186 
   169                     last;
 
   187                     last;
 
   170                 }
 
   188                 }
 
   171             }
 
   189             }
 
   172         }
 
   190         }
 
       
   191         for (@kkeylist) {
 
       
   192 
       
   193             if ( $file =~ /$_/ ) {
 
       
   194                 $rm_count = 0;
 
       
   195 
       
   196                 # schluessel die in der indexdatei standen, werden an die
 
       
   197                 # zonedatei angehangen.
 
       
   198                 if ( $file =~ /.*key/ ) {
 
       
   199 
       
   200                     $file =~ s#/.*/(K.*)#$1#;
 
       
   201                     push @new_zone_content, "\$include $file\t\t; dnssec-ksk\n" ;
 
       
   202 
       
   203                     last;
 
       
   204                 }
 
       
   205             }
 
       
   206         }
 
   173 
   207 
   174         #loescht alle unbenoetigten schluessel
 
   208         #loescht alle unbenoetigten schluessel
 
   175         if ( $rm_count == 1 ) {
 
   209         if ( $rm_count == 1 ) {
 
   176             print `rm -f $file`;
 
   210             print `rm -f $file`;
 
   177         }
 
   211         }
ius/dnstools