--- a/update-serial.pl Fri Dec 24 00:01:55 2010 +0100
+++ b/update-serial.pl Fri Dec 24 00:15:54 2010 +0100
@@ -46,7 +46,6 @@
our @new_serial; # liste fuer neuen serial
our @begin_ro_list; # liste mit zonen deren key-rollover beginnt
our @end_ro_list; # liste mit zonen deren key-rollover fertig ist
- our $master_dir = $config{master_dir};
our $bind_dir = $config{bind_dir};
our $conf_dir = $config{zone_conf_dir};
our $sign_alert_time = $config{sign_alert_time};
@@ -55,6 +54,7 @@
our $ablauf_zeit = $config{abl_zeit};
add_argv;
+
changed_zone;
sign_end;
@@ -112,27 +112,25 @@
# checked whether the zones in argv are managed zones and
#inserted them into the list new_serial
our @new_serial;
- our $master_dir;
my $zone;
for (@ARGV) {
chomp($zone = `idn --quiet "$_"`);
- if (-e "$master_dir/$zone/$zone") {
+ if (-e "$config{master_dir}/$zone/$zone") {
push @new_serial, $zone;
}
}
}
sub changed_zone {
- our $master_dir;
our @new_serial;
- for (<$master_dir/*>) {
+ while (glob "$config{master_dir}/*") {
my $zone = basename($_);
- if (-e "$master_dir/$zone/.stamp") {
- my $stamptime = (-M "$master_dir/$zone/.stamp");
- my $filetime = (-M "$master_dir/$zone/$zone");
+ if (-e "$config{master_dir}/$zone/.stamp") {
+ my $stamptime = (-M "$config{master_dir}/$zone/.stamp");
+ my $filetime = (-M "$config{master_dir}/$zone/$zone");
if ($stamptime > $filetime) {
push @new_serial, $zone;
print " * $zone: zonedatei wurde geaendert\n";
@@ -150,22 +148,21 @@
sub sign_end {
our $sign_alert_time; # the time between the end and the new signing
# (see external configuration)
- our $master_dir;
our @new_serial;
# erzeugt $time (die zeit ab der neu signiert werden soll)
my $unixtime = time + (3600 * $sign_alert_time);
my $time = `date -d \@$unixtime +%Y%m%d%H`;
- ## vergleicht fuer alle zonen im ordner $master_dir mit einer
+ ## vergleicht fuer alle zonen im ordner $config{master_dir} mit einer
## <zone>.signed-datei den zeitpunkt in $time mit dem ablaufdatum der
## signatur, welcher aus der datei <zone>.signed ausgelesen wird.
- for (<$master_dir/*>) {
- s#($master_dir/)(.*)#$2#;
+ while (glob "$config{master_dir}/*") {
+ s#($config{master_dir}/)(.*)#$2#;
my $zone = $_;
- if (-e "$master_dir/$zone/$zone.signed") {
- open(ZONE, "$master_dir/$zone/$zone.signed");
+ if (-e "$config{master_dir}/$zone/$zone.signed") {
+ open(ZONE, "$config{master_dir}/$zone/$zone.signed");
my @zone_sig_content = <ZONE>;
close(ZONE);
@@ -185,24 +182,23 @@
# signiert die zonen und erhoeht den wert in der keycounter-datei
our @new_serial;
- our $master_dir;
my $zone;
my $kc;
for (uniq(@new_serial)) {
$zone = $_;
- unless (-e "$master_dir/$zone/.index.zsk") {
+ unless (-e "$config{master_dir}/$zone/.index.zsk") {
next;
}
- chdir "$master_dir/$zone";
+ chdir "$config{master_dir}/$zone";
if (`dnssec-signzone $zone 2>/dev/null`) {
print " * $zone neu signiert \n";
# erhoeht den keycounter
- if ("$master_dir/$zone/.keycounter") {
- open(KC, "$master_dir/$zone/.keycounter");
+ if ("$config{master_dir}/$zone/.keycounter") {
+ open(KC, "$config{master_dir}/$zone/.keycounter");
$kc = <KC>;
close(KC);
$kc += 1;
@@ -210,7 +206,7 @@
else {
$kc = 1;
}
- open(KC, ">$master_dir/$zone/.keycounter");
+ open(KC, ">$config{master_dir}/$zone/.keycounter");
print KC $kc;
close(KC);
}
@@ -219,7 +215,6 @@
}
sub update_serial {
- our $master_dir;
our @new_serial;
chomp(my $date = `date +%Y%m%d`);
my @new_content;
@@ -231,7 +226,7 @@
# erhoeht den serial
my $zone = $_;
- my $file = "$master_dir/$zone/$zone";
+ my $file = "$config{master_dir}/$zone/$zone";
my @new_content = ();
open(SER, "<$file") or die "$file: $!\n";
@@ -260,8 +255,8 @@
close(RES);
print " * $zone: serial erhoeht \n";
- open(STAMP, ">$master_dir/$zone/.stamp")
- or die "$master_dir/$zone/.stamp: $!\n";
+ open(STAMP, ">$config{master_dir}/$zone/.stamp")
+ or die "$config{master_dir}/$zone/.stamp: $!\n";
close(STAMP);
print " * $zone: stamp aktualisiert \n";
}
@@ -289,12 +284,11 @@
# aktualisiert die indexzone;
our @new_serial;
our $indexzone;
- our $master_dir;
my @iz_content_old;
my @iz_content_new;
- open(INDEXZONE, "$master_dir/$indexzone/$indexzone")
- or die "$master_dir/$indexzone/$indexzone: $!\n";
+ open(INDEXZONE, "$config{master_dir}/$indexzone/$indexzone")
+ or die "$config{master_dir}/$indexzone/$indexzone: $!\n";
@iz_content_old = <INDEXZONE>;
close(INDEXZONE);
@@ -304,7 +298,7 @@
}
}
- for my $dir (glob "$master_dir/*") {
+ for my $dir (glob "$config{master_dir}/*") {
my $zone = basename($dir);
my $info_end = "::sec-off";
@@ -317,8 +311,8 @@
push @iz_content_new, $iz_line;
}
- open(INDEXZONE, ">$master_dir/$indexzone/$indexzone")
- or die "$master_dir/$indexzone/$indexzone: $!\n";
+ open(INDEXZONE, ">$config{master_dir}/$indexzone/$indexzone")
+ or die "$config{master_dir}/$indexzone/$indexzone: $!\n";
print INDEXZONE @iz_content_new;
close(INDEXZONE);
@@ -330,16 +324,15 @@
sub file_entry {
- # prueft jede domain, die ein verzeichnis in $master_dir hat, ob sie
+ # prueft jede domain, die ein verzeichnis in $config{master_dir} hat, ob sie
# dnssec nutzt.
# passt die eintraege in $config_file falls noetig an.
- our $master_dir;
our $conf_dir;
- while (<$master_dir/*>) {
- s#($master_dir/)(.*)#$2#;
+ while (glob "$config{master_dir}/*") {
+ s#($config{master_dir}/)(.*)#$2#;
my $zone = $_;
- my $zone_file = "$master_dir/$zone/$zone";
+ my $zone_file = "$config{master_dir}/$zone/$zone";
my $conf_file = "$conf_dir/$zone";
my @c_content;
@@ -347,7 +340,7 @@
die "$conf_file: $! \n";
}
- if (-e "$master_dir/$zone/.keycounter") {
+ if (-e "$config{master_dir}/$zone/.keycounter") {
open(FILE, "<$conf_file") or die "$conf_file: $!\n";
@c_content = <FILE>;
close(FILE);
@@ -388,12 +381,11 @@
# gibt alle zonen mit abgelaufenen keycounter in die liste @begin_ro_list
our @begin_ro_list;
- our $master_dir;
our $key_counter_end;
our @new_serial;
my $zone;
- while (<$master_dir/*>) {
+ while (glob "$config{master_dir}/*") {
chomp($zone = $_);
my $key;
@@ -406,7 +398,7 @@
# vergleicht den wert aus der keycount-datei mit dem wert aus der
#dnstools.conf (key_counter_end)
if ($key_counter_end <= $key) {
- $zone =~ s#($master_dir/)(.*)#$2#;
+ $zone =~ s#($config{master_dir}/)(.*)#$2#;
push @begin_ro_list, $zone;
}
}
@@ -419,14 +411,13 @@
# - eine datei .index.zsk vorhanden ist
# - die datei .index.zsk vor mehr x stunden geaendert wurde
# - die datei .index.zsk ueber mehr als zwei zeilen gross ist
- our $master_dir;
our @end_ro_list;
our $ablauf_zeit;
chomp(my $now_time = `date +%s`);
- for (<$master_dir/*>) {
+ while (glob "$config{master_dir}/*") {
my $zone = $_;
- $zone =~ s#($master_dir/)(.*)#$2#;
+ $zone =~ s#($config{master_dir}/)(.*)#$2#;
my @index = ();
my $index_wc;
@@ -434,8 +425,8 @@
# prueft nach der ".index.zsk"-datei und erstellt den zeitpunkt
# an dem das key-rollover endet. - $status[9]
- if (-e "$master_dir/$zone/.index.zsk") {
- @status = stat("$master_dir/$zone/.index.zsk");
+ if (-e "$config{master_dir}/$zone/.index.zsk") {
+ @status = stat("$config{master_dir}/$zone/.index.zsk");
$status[9] += (3600 * $ablauf_zeit);
}
else { next; }
@@ -445,8 +436,8 @@
unless ($status[9] < $now_time) { next; }
# prueft die anzahl der schluessel in der .index.zsk
- open(INDEX, "$master_dir/$zone/.index.zsk")
- or die "$master_dir/$zone/.index.zsk: $!\n";
+ open(INDEX, "$config{master_dir}/$zone/.index.zsk")
+ or die "$config{master_dir}/$zone/.index.zsk: $!\n";
@index = <INDEX>;
$index_wc = @index;
close(INDEX);
@@ -458,14 +449,13 @@
# anfang des key-rollovers
our @begin_ro_list;
- our $master_dir;
our @new_serial;
for (uniq(@begin_ro_list)) {
#erzeugt zsks
my $zone = $_;
- my $zpf = "$master_dir/$zone";
+ my $zpf = "$config{master_dir}/$zone";
my @index;
chdir "$zpf" or die "$zpf: $!\n";
@@ -498,9 +488,8 @@
sub key_to_zonefile {
# die funktion fugt alle schluessel in eine zonedatei
- our $master_dir;
my $zone = $_[0];
- my $zpf = "$master_dir/$zone";
+ my $zpf = "$config{master_dir}/$zone";
my @old_content;
my @new_content = ();
@@ -526,10 +515,9 @@
# die funktion loescht alle schluessel die nicht in der index.zsk
# der uebergebenen zone stehen
- our $master_dir;
my $zone = $_[0];
my @keylist = ();
- my $zpf = "$master_dir/$zone";
+ my $zpf = "$config{master_dir}/$zone";
open(INDEX, "<$zpf/.index.zsk") or die "$zpf/.index.zsk: $!\n";
@keylist = <INDEX>;
@@ -546,7 +534,7 @@
# prueft alle schluesseldateien (ksk, zsk) ob sie in der jeweiligen
# indexdatei beschrieben sind. wenn nicht werden sie geloescht.
- for (`ls $master_dir/$zone/K*[key,private]`) {
+ for (grep /(?:key|private)$/ => glob "$config{master_dir}/$zone/K*") {
chomp;
my $file = $_;
my $rm_count = 1;
@@ -565,7 +553,6 @@
sub end_ro {
our @end_ro_list;
- our $master_dir;
our @new_serial;
my @content;
@@ -575,7 +562,7 @@
my @content;
my $last_key;
- open(INDEX, "<$master_dir/$zone/.index.zsk");
+ open(INDEX, "<$config{master_dir}/$zone/.index.zsk");
@content = <INDEX>;
close(INDEX);
@@ -584,7 +571,7 @@
$last_key = $_;
}
if ($count > 1) {
- open(INDEX, ">$master_dir/$zone/.index.zsk");
+ open(INDEX, ">$config{master_dir}/$zone/.index.zsk");
print INDEX $last_key;
close(INDEX);
}