diff -r c02caf4e0eb6 -r 0342c09abf97 dnssec-creatkey --- a/dnssec-creatkey Wed Aug 04 11:27:21 2010 +0200 +++ b/dnssec-creatkey Thu Aug 05 10:49:36 2010 +0200 @@ -29,8 +29,8 @@ close (CONFIG); -my $master_dir= $config{master_dir}; -my $key_counter_end=$config{key_counter_end}; +my $master_dir = $config{master_dir}; +my $key_counter_end = $config{key_counter_end}; my @change; my @manu; my @index; @@ -41,28 +41,30 @@ for (@ARGV) { chomp (my $zone = `idn --quiet "$_"`); - if (-e "$master_dir/$zone") { + if (-d "$master_dir/$zone") { push (@manu, $zone); - } else { - print " $zone ist keine verwaltete zone \n "; + } + else { + print " $zone not exist\n "; } } # gibt alle zonen mit abgelaufenen keycounter in die liste @change -for (<$master_dir/*>) { +while (<$master_dir/*>) { chomp ($zone = $_); my $key; - if (-e "$zone/.keycounter") { + unless (-f "$zone/.keycounter") { + next + } - open (KEY, "$zone/.keycounter"); - $key = ; - close (KEY); + open (KEY, "$zone/.keycounter") or die "$zone/.keycounter: $!\n"; + $key = ; + close (KEY); - if ($key_counter_end < $key) { - $zone =~ s#($master_dir/)(.*)#$2#; - push (@change, $zone); - } + if ($key_counter_end <= $key) { + $zone =~ s#($master_dir/)(.*)#$2#; + push (@change, $zone); } } @@ -70,15 +72,16 @@ for (@change, @manu) { $zone = $_; - chdir "$master_dir/$zone" or die "chdir nach / nicht moeglich: $1"; + chdir "$master_dir/$zone" or die "$master_dir/$zone: $!\n"; $keyname = `dnssec-keygen -a RSASHA1 -b 512 -n ZONE $zone`; - if (-e ".index.zsk") { - open (INDEX, ".index.zsk"); + unless (-f ".index.zsk") { + @index = (); + } + else { + open (INDEX, ".index.zsk") or die "$master_dir/$zone/.index.zsk: $!\n"; @index = ; close (INDEX); - } else { - @index = (); } push @index, $keyname; @@ -86,14 +89,14 @@ shift (@index); } - open (INDEX, ">.index.zsk"); + open (INDEX, ">.index.zsk") or die "$master_dir/$zone/.index.zsk: $!\n"; print INDEX @index; close (INDEX); chomp ($keyname); print "$keyname (ZSK) erzeugt fuer $zone \n"; - open (KC, ">.keycounter"); + open (KC, ">.keycounter") or die "$master_dir/$zone/keycounter: $!\n"; print KC "0"; close (KC); } @@ -102,15 +105,15 @@ for (@manu) { $zone = $_; - chdir "$master_dir/$zone" or die "chdir nach / nicht moeglich: $1"; + chdir "$master_dir/$zone" or die "$master_dir/$zone: $!\n"; $keyname = `dnssec-keygen -a RSASHA1 -b 2048 -f KSK -n ZONE $zone`; - if (-e ".index.ksk") { - open (INDEX, ".index.ksk"); + unless (-f ".index.ksk") { + @index = (); + } else { + open (INDEX, ".index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; @index = ; close (INDEX); - } else { - @index = (); } push @index, $keyname; @@ -118,7 +121,7 @@ shift (@index); } - open (INDEX, ">.index.ksk"); + open (INDEX, ">.index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; print INDEX @index; close (INDEX); @@ -136,28 +139,29 @@ my @keylist = (); my $file = (); - open (INDEX, "$master_dir/$zone/.index.zsk"); + + open (INDEX, "<$master_dir/$zone/.index.zsk") or die "$master_dir/$zone/.index.zsk: $!\n"; @keylist = ; close (INDEX); - open (INDEX, "$master_dir/$zone/.index.ksk"); + open (INDEX, "<$master_dir/$zone/.index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; push @keylist, ; close (INDEX); - open (ZONE, "$master_dir/$zone/$zone"); + open (ZONE, "<$master_dir/$zone/$zone") or die "$master_dir/$zone/$zone: $!\n"; @old_zone_content = ; close (ZONE); # kuerzt die schluessel-bezeichnung aus der indexdatei auf die id um sie # besser vergleichen zu koennen. - foreach (@keylist) { + for (@keylist) { chomp; s#K.*\+.*\+(.*)#$1#; } # filtert alle schluessel aus der zonedatei # old_zone_content ==> new_zone_content - foreach (@old_zone_content) { + for (@old_zone_content) { unless (/IN\sDNSKEY/) { push @new_zone_content, $_; } @@ -165,12 +169,12 @@ # prueft alle schluesseldateien (ksk, zsk) ob sie in der jeweiligen # indexdatei beschrieben sind. wenn nicht werden sie geloescht. - foreach (`ls $master_dir/$zone/K*[key,private]`){ + for (`ls $master_dir/$zone/K*[key,private]`){ chomp; $file = $_; my $rm_count = 1; - foreach (@keylist) { + for (@keylist) { if ($file =~ /$_/) { $rm_count = 0; @@ -178,7 +182,7 @@ # schluessel die in der indexdatei standen, werden an die # zonedatei angehangen. if ($file =~ /.*key/) { - open (KEYFILE, "$file"); + open (KEYFILE, "<$file") or next "$file: $!\n"; push @new_zone_content, ; close (KEYFILE); @@ -189,11 +193,12 @@ #loescht alle unbenoetigten schluessel if ($rm_count == 1) { - print `rm -f $file`; + unlink "$file"; } } - open (ZONE, ">$master_dir/$zone/$zone"); + + open (ZONE, ">$master_dir/$zone/$zone") or die "$master_dir/$zone/$zone: $!\n"; print ZONE @new_zone_content; close (ZONE);