diff -r bba32c45a832 -r ee22798cf2c3 update-serial.pl --- a/update-serial.pl Fri Dec 24 00:01:55 2010 +0100 +++ b/update-serial.pl Fri Dec 24 00:15:54 2010 +0100 @@ -46,7 +46,6 @@ our @new_serial; # liste fuer neuen serial our @begin_ro_list; # liste mit zonen deren key-rollover beginnt our @end_ro_list; # liste mit zonen deren key-rollover fertig ist - our $master_dir = $config{master_dir}; our $bind_dir = $config{bind_dir}; our $conf_dir = $config{zone_conf_dir}; our $sign_alert_time = $config{sign_alert_time}; @@ -55,6 +54,7 @@ our $ablauf_zeit = $config{abl_zeit}; add_argv; + changed_zone; sign_end; @@ -112,27 +112,25 @@ # checked whether the zones in argv are managed zones and #inserted them into the list new_serial our @new_serial; - our $master_dir; my $zone; for (@ARGV) { chomp($zone = `idn --quiet "$_"`); - if (-e "$master_dir/$zone/$zone") { + if (-e "$config{master_dir}/$zone/$zone") { push @new_serial, $zone; } } } sub changed_zone { - our $master_dir; our @new_serial; - for (<$master_dir/*>) { + while (glob "$config{master_dir}/*") { my $zone = basename($_); - if (-e "$master_dir/$zone/.stamp") { - my $stamptime = (-M "$master_dir/$zone/.stamp"); - my $filetime = (-M "$master_dir/$zone/$zone"); + if (-e "$config{master_dir}/$zone/.stamp") { + my $stamptime = (-M "$config{master_dir}/$zone/.stamp"); + my $filetime = (-M "$config{master_dir}/$zone/$zone"); if ($stamptime > $filetime) { push @new_serial, $zone; print " * $zone: zonedatei wurde geaendert\n"; @@ -150,22 +148,21 @@ sub sign_end { our $sign_alert_time; # the time between the end and the new signing # (see external configuration) - our $master_dir; our @new_serial; # erzeugt $time (die zeit ab der neu signiert werden soll) my $unixtime = time + (3600 * $sign_alert_time); my $time = `date -d \@$unixtime +%Y%m%d%H`; - ## vergleicht fuer alle zonen im ordner $master_dir mit einer + ## vergleicht fuer alle zonen im ordner $config{master_dir} mit einer ## .signed-datei den zeitpunkt in $time mit dem ablaufdatum der ## signatur, welcher aus der datei .signed ausgelesen wird. - for (<$master_dir/*>) { - s#($master_dir/)(.*)#$2#; + while (glob "$config{master_dir}/*") { + s#($config{master_dir}/)(.*)#$2#; my $zone = $_; - if (-e "$master_dir/$zone/$zone.signed") { - open(ZONE, "$master_dir/$zone/$zone.signed"); + if (-e "$config{master_dir}/$zone/$zone.signed") { + open(ZONE, "$config{master_dir}/$zone/$zone.signed"); my @zone_sig_content = ; close(ZONE); @@ -185,24 +182,23 @@ # signiert die zonen und erhoeht den wert in der keycounter-datei our @new_serial; - our $master_dir; my $zone; my $kc; for (uniq(@new_serial)) { $zone = $_; - unless (-e "$master_dir/$zone/.index.zsk") { + unless (-e "$config{master_dir}/$zone/.index.zsk") { next; } - chdir "$master_dir/$zone"; + chdir "$config{master_dir}/$zone"; if (`dnssec-signzone $zone 2>/dev/null`) { print " * $zone neu signiert \n"; # erhoeht den keycounter - if ("$master_dir/$zone/.keycounter") { - open(KC, "$master_dir/$zone/.keycounter"); + if ("$config{master_dir}/$zone/.keycounter") { + open(KC, "$config{master_dir}/$zone/.keycounter"); $kc = ; close(KC); $kc += 1; @@ -210,7 +206,7 @@ else { $kc = 1; } - open(KC, ">$master_dir/$zone/.keycounter"); + open(KC, ">$config{master_dir}/$zone/.keycounter"); print KC $kc; close(KC); } @@ -219,7 +215,6 @@ } sub update_serial { - our $master_dir; our @new_serial; chomp(my $date = `date +%Y%m%d`); my @new_content; @@ -231,7 +226,7 @@ # erhoeht den serial my $zone = $_; - my $file = "$master_dir/$zone/$zone"; + my $file = "$config{master_dir}/$zone/$zone"; my @new_content = (); open(SER, "<$file") or die "$file: $!\n"; @@ -260,8 +255,8 @@ close(RES); print " * $zone: serial erhoeht \n"; - open(STAMP, ">$master_dir/$zone/.stamp") - or die "$master_dir/$zone/.stamp: $!\n"; + open(STAMP, ">$config{master_dir}/$zone/.stamp") + or die "$config{master_dir}/$zone/.stamp: $!\n"; close(STAMP); print " * $zone: stamp aktualisiert \n"; } @@ -289,12 +284,11 @@ # aktualisiert die indexzone; our @new_serial; our $indexzone; - our $master_dir; my @iz_content_old; my @iz_content_new; - open(INDEXZONE, "$master_dir/$indexzone/$indexzone") - or die "$master_dir/$indexzone/$indexzone: $!\n"; + open(INDEXZONE, "$config{master_dir}/$indexzone/$indexzone") + or die "$config{master_dir}/$indexzone/$indexzone: $!\n"; @iz_content_old = ; close(INDEXZONE); @@ -304,7 +298,7 @@ } } - for my $dir (glob "$master_dir/*") { + for my $dir (glob "$config{master_dir}/*") { my $zone = basename($dir); my $info_end = "::sec-off"; @@ -317,8 +311,8 @@ push @iz_content_new, $iz_line; } - open(INDEXZONE, ">$master_dir/$indexzone/$indexzone") - or die "$master_dir/$indexzone/$indexzone: $!\n"; + open(INDEXZONE, ">$config{master_dir}/$indexzone/$indexzone") + or die "$config{master_dir}/$indexzone/$indexzone: $!\n"; print INDEXZONE @iz_content_new; close(INDEXZONE); @@ -330,16 +324,15 @@ sub file_entry { - # prueft jede domain, die ein verzeichnis in $master_dir hat, ob sie + # prueft jede domain, die ein verzeichnis in $config{master_dir} hat, ob sie # dnssec nutzt. # passt die eintraege in $config_file falls noetig an. - our $master_dir; our $conf_dir; - while (<$master_dir/*>) { - s#($master_dir/)(.*)#$2#; + while (glob "$config{master_dir}/*") { + s#($config{master_dir}/)(.*)#$2#; my $zone = $_; - my $zone_file = "$master_dir/$zone/$zone"; + my $zone_file = "$config{master_dir}/$zone/$zone"; my $conf_file = "$conf_dir/$zone"; my @c_content; @@ -347,7 +340,7 @@ die "$conf_file: $! \n"; } - if (-e "$master_dir/$zone/.keycounter") { + if (-e "$config{master_dir}/$zone/.keycounter") { open(FILE, "<$conf_file") or die "$conf_file: $!\n"; @c_content = ; close(FILE); @@ -388,12 +381,11 @@ # gibt alle zonen mit abgelaufenen keycounter in die liste @begin_ro_list our @begin_ro_list; - our $master_dir; our $key_counter_end; our @new_serial; my $zone; - while (<$master_dir/*>) { + while (glob "$config{master_dir}/*") { chomp($zone = $_); my $key; @@ -406,7 +398,7 @@ # vergleicht den wert aus der keycount-datei mit dem wert aus der #dnstools.conf (key_counter_end) if ($key_counter_end <= $key) { - $zone =~ s#($master_dir/)(.*)#$2#; + $zone =~ s#($config{master_dir}/)(.*)#$2#; push @begin_ro_list, $zone; } } @@ -419,14 +411,13 @@ # - eine datei .index.zsk vorhanden ist # - die datei .index.zsk vor mehr x stunden geaendert wurde # - die datei .index.zsk ueber mehr als zwei zeilen gross ist - our $master_dir; our @end_ro_list; our $ablauf_zeit; chomp(my $now_time = `date +%s`); - for (<$master_dir/*>) { + while (glob "$config{master_dir}/*") { my $zone = $_; - $zone =~ s#($master_dir/)(.*)#$2#; + $zone =~ s#($config{master_dir}/)(.*)#$2#; my @index = (); my $index_wc; @@ -434,8 +425,8 @@ # prueft nach der ".index.zsk"-datei und erstellt den zeitpunkt # an dem das key-rollover endet. - $status[9] - if (-e "$master_dir/$zone/.index.zsk") { - @status = stat("$master_dir/$zone/.index.zsk"); + if (-e "$config{master_dir}/$zone/.index.zsk") { + @status = stat("$config{master_dir}/$zone/.index.zsk"); $status[9] += (3600 * $ablauf_zeit); } else { next; } @@ -445,8 +436,8 @@ unless ($status[9] < $now_time) { next; } # prueft die anzahl der schluessel in der .index.zsk - open(INDEX, "$master_dir/$zone/.index.zsk") - or die "$master_dir/$zone/.index.zsk: $!\n"; + open(INDEX, "$config{master_dir}/$zone/.index.zsk") + or die "$config{master_dir}/$zone/.index.zsk: $!\n"; @index = ; $index_wc = @index; close(INDEX); @@ -458,14 +449,13 @@ # anfang des key-rollovers our @begin_ro_list; - our $master_dir; our @new_serial; for (uniq(@begin_ro_list)) { #erzeugt zsks my $zone = $_; - my $zpf = "$master_dir/$zone"; + my $zpf = "$config{master_dir}/$zone"; my @index; chdir "$zpf" or die "$zpf: $!\n"; @@ -498,9 +488,8 @@ sub key_to_zonefile { # die funktion fugt alle schluessel in eine zonedatei - our $master_dir; my $zone = $_[0]; - my $zpf = "$master_dir/$zone"; + my $zpf = "$config{master_dir}/$zone"; my @old_content; my @new_content = (); @@ -526,10 +515,9 @@ # die funktion loescht alle schluessel die nicht in der index.zsk # der uebergebenen zone stehen - our $master_dir; my $zone = $_[0]; my @keylist = (); - my $zpf = "$master_dir/$zone"; + my $zpf = "$config{master_dir}/$zone"; open(INDEX, "<$zpf/.index.zsk") or die "$zpf/.index.zsk: $!\n"; @keylist = ; @@ -546,7 +534,7 @@ # prueft alle schluesseldateien (ksk, zsk) ob sie in der jeweiligen # indexdatei beschrieben sind. wenn nicht werden sie geloescht. - for (`ls $master_dir/$zone/K*[key,private]`) { + for (grep /(?:key|private)$/ => glob "$config{master_dir}/$zone/K*") { chomp; my $file = $_; my $rm_count = 1; @@ -565,7 +553,6 @@ sub end_ro { our @end_ro_list; - our $master_dir; our @new_serial; my @content; @@ -575,7 +562,7 @@ my @content; my $last_key; - open(INDEX, "<$master_dir/$zone/.index.zsk"); + open(INDEX, "<$config{master_dir}/$zone/.index.zsk"); @content = ; close(INDEX); @@ -584,7 +571,7 @@ $last_key = $_; } if ($count > 1) { - open(INDEX, ">$master_dir/$zone/.index.zsk"); + open(INDEX, ">$config{master_dir}/$zone/.index.zsk"); print INDEX $last_key; close(INDEX); }