# HG changeset patch # User asuess@dns.net.schlittermann.de # Date 1280998176 -7200 # Node ID 0342c09abf979fe276f6a5e6b159ea83dfc71ed2 # Parent c02caf4e0eb613dd0d41630b8bf31d41e3619589 just code improvement diff -r c02caf4e0eb6 -r 0342c09abf97 dnssec-creatkey --- a/dnssec-creatkey Wed Aug 04 11:27:21 2010 +0200 +++ b/dnssec-creatkey Thu Aug 05 10:49:36 2010 +0200 @@ -29,8 +29,8 @@ close (CONFIG); -my $master_dir= $config{master_dir}; -my $key_counter_end=$config{key_counter_end}; +my $master_dir = $config{master_dir}; +my $key_counter_end = $config{key_counter_end}; my @change; my @manu; my @index; @@ -41,28 +41,30 @@ for (@ARGV) { chomp (my $zone = `idn --quiet "$_"`); - if (-e "$master_dir/$zone") { + if (-d "$master_dir/$zone") { push (@manu, $zone); - } else { - print " $zone ist keine verwaltete zone \n "; + } + else { + print " $zone not exist\n "; } } # gibt alle zonen mit abgelaufenen keycounter in die liste @change -for (<$master_dir/*>) { +while (<$master_dir/*>) { chomp ($zone = $_); my $key; - if (-e "$zone/.keycounter") { + unless (-f "$zone/.keycounter") { + next + } - open (KEY, "$zone/.keycounter"); - $key = ; - close (KEY); + open (KEY, "$zone/.keycounter") or die "$zone/.keycounter: $!\n"; + $key = ; + close (KEY); - if ($key_counter_end < $key) { - $zone =~ s#($master_dir/)(.*)#$2#; - push (@change, $zone); - } + if ($key_counter_end <= $key) { + $zone =~ s#($master_dir/)(.*)#$2#; + push (@change, $zone); } } @@ -70,15 +72,16 @@ for (@change, @manu) { $zone = $_; - chdir "$master_dir/$zone" or die "chdir nach / nicht moeglich: $1"; + chdir "$master_dir/$zone" or die "$master_dir/$zone: $!\n"; $keyname = `dnssec-keygen -a RSASHA1 -b 512 -n ZONE $zone`; - if (-e ".index.zsk") { - open (INDEX, ".index.zsk"); + unless (-f ".index.zsk") { + @index = (); + } + else { + open (INDEX, ".index.zsk") or die "$master_dir/$zone/.index.zsk: $!\n"; @index = ; close (INDEX); - } else { - @index = (); } push @index, $keyname; @@ -86,14 +89,14 @@ shift (@index); } - open (INDEX, ">.index.zsk"); + open (INDEX, ">.index.zsk") or die "$master_dir/$zone/.index.zsk: $!\n"; print INDEX @index; close (INDEX); chomp ($keyname); print "$keyname (ZSK) erzeugt fuer $zone \n"; - open (KC, ">.keycounter"); + open (KC, ">.keycounter") or die "$master_dir/$zone/keycounter: $!\n"; print KC "0"; close (KC); } @@ -102,15 +105,15 @@ for (@manu) { $zone = $_; - chdir "$master_dir/$zone" or die "chdir nach / nicht moeglich: $1"; + chdir "$master_dir/$zone" or die "$master_dir/$zone: $!\n"; $keyname = `dnssec-keygen -a RSASHA1 -b 2048 -f KSK -n ZONE $zone`; - if (-e ".index.ksk") { - open (INDEX, ".index.ksk"); + unless (-f ".index.ksk") { + @index = (); + } else { + open (INDEX, ".index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; @index = ; close (INDEX); - } else { - @index = (); } push @index, $keyname; @@ -118,7 +121,7 @@ shift (@index); } - open (INDEX, ">.index.ksk"); + open (INDEX, ">.index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; print INDEX @index; close (INDEX); @@ -136,28 +139,29 @@ my @keylist = (); my $file = (); - open (INDEX, "$master_dir/$zone/.index.zsk"); + + open (INDEX, "<$master_dir/$zone/.index.zsk") or die "$master_dir/$zone/.index.zsk: $!\n"; @keylist = ; close (INDEX); - open (INDEX, "$master_dir/$zone/.index.ksk"); + open (INDEX, "<$master_dir/$zone/.index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; push @keylist, ; close (INDEX); - open (ZONE, "$master_dir/$zone/$zone"); + open (ZONE, "<$master_dir/$zone/$zone") or die "$master_dir/$zone/$zone: $!\n"; @old_zone_content = ; close (ZONE); # kuerzt die schluessel-bezeichnung aus der indexdatei auf die id um sie # besser vergleichen zu koennen. - foreach (@keylist) { + for (@keylist) { chomp; s#K.*\+.*\+(.*)#$1#; } # filtert alle schluessel aus der zonedatei # old_zone_content ==> new_zone_content - foreach (@old_zone_content) { + for (@old_zone_content) { unless (/IN\sDNSKEY/) { push @new_zone_content, $_; } @@ -165,12 +169,12 @@ # prueft alle schluesseldateien (ksk, zsk) ob sie in der jeweiligen # indexdatei beschrieben sind. wenn nicht werden sie geloescht. - foreach (`ls $master_dir/$zone/K*[key,private]`){ + for (`ls $master_dir/$zone/K*[key,private]`){ chomp; $file = $_; my $rm_count = 1; - foreach (@keylist) { + for (@keylist) { if ($file =~ /$_/) { $rm_count = 0; @@ -178,7 +182,7 @@ # schluessel die in der indexdatei standen, werden an die # zonedatei angehangen. if ($file =~ /.*key/) { - open (KEYFILE, "$file"); + open (KEYFILE, "<$file") or next "$file: $!\n"; push @new_zone_content, ; close (KEYFILE); @@ -189,11 +193,12 @@ #loescht alle unbenoetigten schluessel if ($rm_count == 1) { - print `rm -f $file`; + unlink "$file"; } } - open (ZONE, ">$master_dir/$zone/$zone"); + + open (ZONE, ">$master_dir/$zone/$zone") or die "$master_dir/$zone/$zone: $!\n"; print ZONE @new_zone_content; close (ZONE); diff -r c02caf4e0eb6 -r 0342c09abf97 dnssec-killkey --- a/dnssec-killkey Wed Aug 04 11:27:21 2010 +0200 +++ b/dnssec-killkey Thu Aug 05 10:49:36 2010 +0200 @@ -40,19 +40,16 @@ for (@ARGV) { chomp ($zone = `idn --quiet $_`); my $zdir = "$master_dir/$zone"; - if (-e "$master_dir/$zone") { - + unless (-e "$master_dir/$zone") { + print "$zone ist keine verwaltete zone \n"; + } else { if (-e "$zdir/$zone.signed") { unlink "$zdir/$zone.signed"} if (-e "$zdir/.keycounter") { unlink "$zdir/.keycounter"} if (-e "$zdir/.index.ksk") { unlink "$zdir/.index.ksk"} if (-e "$zdir/.index.zsk") { unlink "$zdir/.index.zsk"} if (-e "$zdir/dsset-$zone.") { unlink "$zdir/dsset-$zone."} if (-e "$zdir/keyset-$zone.") { unlink "$zdir/keyset-$zone."} - for (`ls $master_dir/$zone/K*[key,private]`){ unlink $_} - - } else { - print "$zone ist keine verwaltete zone \n"; } } @@ -69,7 +66,10 @@ if (-e "$master_dir/$zone/.index.zsk") { @status = stat("$master_dir/$zone/.index.zsk"); $status[9] += (3600 * $ablauf_zeit); - } else { next; } + } + else { + next; + } # prueft ob das key-rollover-ende erreicht ist unless ($status[9] < $now_time ) { @@ -78,12 +78,12 @@ # prueft die anzahl der schluessel in der ".index.zsk" # loescht alte schluessel - open (INDEX, "$master_dir/$zone/.index.zsk"); + open (INDEX, "$master_dir/$zone/.index.zsk") or die "$master_dir/$zone/.index.zsk: $!\n"; @index = ; $index_wc = @index; close (INDEX); if ($index_wc > 1) { - open (INDEX, ">$master_dir/$zone/.index.zsk"); + open (INDEX, ">$master_dir/$zone/.index.zsk")or die "$master_dir/$zone/.index.zsk: $!\n"; print INDEX $index[1]; close (INDEX); push @auto, $zone; @@ -91,12 +91,12 @@ # prueft die anzahl der schluessel in der ".index.ksk" # loescht alte schluessel - open (INDEX, "$master_dir/$zone/.index.ksk"); + open (INDEX, "$master_dir/$zone/.index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; @index = ; $index_wc = @index; close (INDEX); if ($index_wc > 1) { - open (INDEX, ">$master_dir/$zone/.index.ksk"); + open (INDEX, ">$master_dir/$zone/.index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; print INDEX $index[1]; close (INDEX); push @auto, $zone; @@ -114,15 +114,15 @@ my @keylist = (); my $file; - open (INDEX, "$master_dir/$zone/.index.zsk"); + open (INDEX, "$master_dir/$zone/.index.zsk") or die "$master_dir/$zone/.index.zsk: $!\n"; @keylist = ; close (INDEX); - open (INDEX, "$master_dir/$zone/.index.ksk"); + open (INDEX, "$master_dir/$zone/.index.ksk") or die "$master_dir/$zone/.index.ksk: $!\n"; push @keylist, ; close (INDEX); - open (ZONE, "$master_dir/$zone/$zone"); + open (ZONE, "$master_dir/$zone/$zone") or die "$master_dir/$zone/$zone: $!\n"; @old_zone_content = ; close (ZONE); @@ -156,7 +156,7 @@ # schluessel die in der indexdatei standen, werden an die # zonedatei angehangen. if ($file =~ /.*key/) { - open (KEYFILE, "$file"); + open (KEYFILE, "$file") or die "$file: $!\n"; push @new_zone_content, ; close (KEYFILE); @@ -171,7 +171,7 @@ } } - open (ZONE, ">$master_dir/$zone/$zone"); + open (ZONE, ">$master_dir/$zone/$zone") or die "$master_dir/$zone/$zone: $!\n"; print ZONE @new_zone_content; close (ZONE);