ius/dnstools: comparison dnssec-keytool.pl

equal deleted inserted replaced

-:a433ae489911
+:fdf4df74d8c5
 #! /usr/bin/perl
+use v5.10;
 use warnings;
 use strict;
 use FindBin;
 use File::Temp;
 use Getopt::Long;
 use Pod::Usage;
+use File::Basename;
-sub read_conf;
+use if $ENV{DEBUG} => "Smart::Comments";
+my $ME = basename $0;
+sub read_conf(@);
 sub read_argv($);
-sub rm_keys(@);
+sub rm_keys($@);
-sub ck_zone(@);
+sub ck_zone($@);
-sub creat_ksk(@);
+sub create_ksk($@);
-sub creat_zsk(@);
+sub create_zsk($@);
-sub post_creat(@);
+sub post_create($@);
 MAIN: {
-my @zone;
+### reading config
-my $do;
+my %conf = read_conf("$FindBin::Bin/dnstools.conf", "/etc/dnstools.conf");
-my %conf = read_conf();
+my ($cmd, @zones) = read_argv($conf{master_dir});
-($do, @zone) = read_argv($conf{master_dir});
+given ($cmd) {
-# completed the program, if not a valid zones was handed over
+when ("rm") { rm_keys($conf{master_dir}, @zones); exit }
-unless (@zone) { exit; }
+when ("ck") { ck_zone($conf{master_dir}, @zones) }
+when ("ksk") { create_ksk($conf{master_dir}, @zones) }
-if ($do eq "rm") { rm_keys($conf{master_dir}, @zone); exit; }
+};
-if ($do eq "ck") { ck_zone($conf{master_dir}, @zone); }
-if ($do eq "ksk") { creat_ksk($conf{master_dir}, @zone); }
+create_zsk($conf{master_dir}, @zones);
+post_create($conf{master_dir}, @zones);
-creat_zsk($conf{master_dir}, @zone);
-post_creat($conf{master_dir}, @zone);
 }
 sub read_argv ($) {
-my $master_dir = $_[0];
+my ($master_dir) = @_;
-my $zone;
+my ($cmd, @zones);    # return
-my $do;      # return
-my @zone;    # return
 GetOptions(
-"z" => sub { $do = "zsk" },
+"zsk"      => sub { $cmd = "zsk" },
-"k" => sub { $do = "ksk" },
+"ksk"      => sub { $cmd = "ksk" },
-"h" => sub { pod2usage },
+"rm"       => sub { $cmd = "rm" },
-"r" => sub { $do = "rm" },
+"ck|check" => sub { $cmd = "ck" },
-"c" => sub { $do = "ck" },
+"h|help" => sub { pod2usage(-exitvalue => 0, -verbose => 1) },
-) or pod2usage;
+"m|man"  => sub {
+pod2usage(
+-exitvalue => 0,
+-noperldoc => system("perldoc -V &>/dev/null"),
+-verbose   => 2
+);
+},
+)
+and @ARGV
+or pod2usage;
 # checks the zones in argv if there are managed zones
-for (@ARGV) {
+foreach (@ARGV) {
-chomp($zone = `idn --quiet "$_"`);
+chomp(my $zone = `idn --quiet "$_"`);
-if (-e "$master_dir/$zone/$zone") {
-push @zone, $zone;
+die "zone $zone is not managed\n"
-}
+if not -f "$master_dir/$zone/$zone";
-}
-return ($do, @zone);
+push @zones, $zone;
 }
+return ($cmd, @zones);
-sub read_conf {
+}
+sub read_conf(@) {
 # read configuration
-my @conffile = ("etc/dnstools.conf", "$FindBin::Bin/dnstools.conf");
+my @conffiles = @_;
 my %return;
-for (grep { -f } @conffile) {
+my ($_) = grep { -f } @conffiles;
-open(CONFIG, "<", $_) or die "Can't open $_: $!\n";
+open(my $cf, $_) or die "Can't open $_: $!\n";
-}
-unless (seek(CONFIG, 0, 0)) {
+while (<$cf>) {
-die "Can't open config (searched: @conffile)\n";
-}
-while (<CONFIG>) {
-chomp;
 s/#.*//;
 s/\s//g;
 next unless length;
 my ($cname, $ccont) = split(/\s*=\s*/, $_, 2);
 $return{$cname} = $ccont;
 }
-close(CONFIG);
 return %return;
 }
-sub rm_keys (@) {
+sub rm_keys ($@) {
 # deletes all the keys were handed over -rm in argv
 my ($master_dir, @zone) = @_;
-my @new_zone_content;
-my @old_zone_content;
 for (@zone) {
 my $zone = $_;
 my $zpf = "$master_dir/$zone";
 if ($ep == 1) {
 print " * $zone: removed key-set\n";
 }
-open(ZONE, "$zpf/$zone")
+	open(my $old, "$zpf/$zone") or die "$zpf/$zone: $!\n";
-or die "$zpf/$zone: $!\n";
+	my $fh = File::Temp->new(DIR => $zpf) or die "Can't create tmpfile: $!\n";
-@old_zone_content = <ZONE>;
+	print $fh grep { not /^\s*\$INCLUDE.*"K$zone.*\.key"/i } <$old>;
-close(ZONE);
+	rename($fh->filename => "$zpf/$zone")
+	    or die "Can't rename " . $fh->filename . " to $zpf/$zone: $!\n";
-for (@old_zone_content) {
+}
-unless (m#\$INCLUDE.*\"K$zone.*\.key\"#) {
+}
-push @new_zone_content, $_;
-}
+sub create_ksk ($@) {
-}
-{
-my $fh = File::Temp->new(DIR => "$zpf")
-or die "Can't create tmpdir: $!\n";
-print $fh join "" => @new_zone_content, "";
-rename($fh->filename => "$zpf/$zone")
-or die "Can't rename " . $fh->filename . " to $zpf/$zone: $!\n";
-}
-}
-}
-sub creat_ksk (@) {
 my ($master_dir, @zone) = @_;
 my @index;
 my $keyname;
 for (@zone) {
 print "!! THE KSK must be published !! \n";
 }
 }
-sub creat_zsk (@) {
+sub create_zsk ($@) {
 my ($master_dir, @zone) = @_;
 my @index;
 my $keyname;
 for (@zone) {
 print KC "0";
 close(KC);
 }
 }
-sub ck_zone (@) {
+sub ck_zone ($@) {
 my ($master_dir, @zone) = @_;
 for (@zone) {
 my $zone = $_;
 my $zpf  = "$master_dir/$zone";
 unlink("$zpf/.index.zsk") or die "$zpf/.index.zsk: $!\n";
 }
 }
 }
-sub post_creat (@) {
+sub post_create ($@) {
 my ($master_dir, @zone) = @_;
 for (@zone) {
 my $zone = $_;
 `touch $master_dir/$zone/$zone`;
 &kill_useless_keys($zone, $master_dir);
 &key_to_zonefile($zone, $master_dir);
 }
 }
-sub kill_useless_keys (@) {
+sub kill_useless_keys ($@) {
 # the function deletes all keys that are not available in the zone
 my $zone       = $_[0];
 my $master_dir = $_[1];
 }
 }
 }
 }
-sub key_to_zonefile (@) {
+sub key_to_zonefile ($@) {
 # the function added all keys to the indexfile
 my $zone       = $_[0];
 my $master_dir = $_[1];
 my $zpf        = "$master_dir/$zone";
 dnssec-keytool
 =head1 SYNOPSIS
-dnssec-keytool <option> zone
+dnssec-keytool {-z|-k|-r|-c} zone
-=item -z  created a new ZSK
-=item -k  created a new ZSK and KSK
-=item -r  delete the key-set of a zone
-=item -c  created configuration files for the dnstools and a new ZSK for an existing KSK
 =head1 DESCRIPTION
-kommt bald
+Blabla.
+=head1 OPTIONS
+=over
+=item B<-z>  created a new ZSK
+=item B<-k>  created a new ZSK and KSK
+=item B<-r>  delete the key-set of a zone
+=item B<-c>  created configuration files for the dnstools and a new ZSK for an existing KSK
+=back
+=cut
+# vim:sts=4 sw=4 aw ai sm:

branch	hs12
changeset 69	fdf4df74d8c5
parent 68	a433ae489911
child 71	e25fc893e203