--- a/dnssec-creatkey Tue Aug 10 16:38:46 2010 +0200
+++ b/dnssec-creatkey Wed Aug 11 11:15:49 2010 +0200
@@ -180,17 +180,18 @@
$zone = $_;
my @old_zone_content = ();
my @new_zone_content = ();
- my @keylist = ();
+ my @kkeylist = ();
+ my @zkeylist = ();
my $file = ();
open( INDEX, "<$master_dir/$zone/.index.zsk" )
or die "$master_dir/$zone/.index.zsk: $!\n";
- @keylist = <INDEX>;
+ @zkeylist = <INDEX>;
close(INDEX);
open( INDEX, "<$master_dir/$zone/.index.ksk" )
or die "$master_dir/$zone/.index.ksk: $!\n";
- push @keylist, <INDEX>;
+ @kkeylist = <INDEX>;
close(INDEX);
open( ZONE, "<$master_dir/$zone/$zone" )
@@ -200,7 +201,7 @@
# kuerzt die schluessel-bezeichnung aus der indexdatei auf die id um sie
# besser vergleichen zu koennen.
- for (@keylist) {
+ for (@kkeylist, @zkeylist) {
chomp;
s#K.*\+.*\+(.*)#$1#;
}
@@ -208,7 +209,7 @@
# filtert alle schluessel aus der zonedatei
# old_zone_content ==> new_zone_content
for (@old_zone_content) {
- unless (/IN\sDNSKEY/) {
+ unless (/dnssec-(zsk|ksk)/) {
push @new_zone_content, $_;
}
}
@@ -220,7 +221,7 @@
$file = $_;
my $rm_count = 1;
- for (@keylist) {
+ for (@zkeylist) {
if ( $file =~ /$_/ ) {
$rm_count = 0;
@@ -228,9 +229,25 @@
# schluessel die in der indexdatei standen, werden an die
# zonedatei angehangen.
if ( $file =~ /.*key/ ) {
- open( KEYFILE, "<$file" ) or next "$file: $!\n";
- push @new_zone_content, <KEYFILE>;
- close(KEYFILE);
+
+ $file =~ s#/.*/(K.*)#$1#;
+ push @new_zone_content, "\$include $file\t\t; dnssec-zsk\n" ;
+
+ last;
+ }
+ }
+ }
+ for (@kkeylist) {
+
+ if ( $file =~ /$_/ ) {
+ $rm_count = 0;
+
+ # schluessel die in der indexdatei standen, werden an die
+ # zonedatei angehangen.
+ if ( $file =~ /.*key/ ) {
+
+ $file =~ s#/.*/(K.*)#$1#;
+ push @new_zone_content, "\$include $file\t\t; dnssec-ksk\n" ;
last;
}