Mercurial Mercurial > hg > ius > dnstools / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lifted begin_rollover hs12
authorHeiko Schlittermann <hs@schlittermann.de>
Wed, 29 Dec 2010 00:08:03 +0100
branchhs12
changeset 59 35a116258422
parent 58 3d3e09a0c028
child 60 2c45d68844bf
lifted begin_rollover
.hgignore file | annotate | diff | comparison | revisions
dnstools.conf file | annotate | diff | comparison | revisions
update-serial.pl file | annotate | diff | comparison | revisions 
--- a/.hgignore	Tue Dec 28 15:36:19 2010 +0100
+++ b/.hgignore	Wed Dec 29 00:08:03 2010 +0100
@@ -4,3 +4,4 @@
 zone-ls
 zone-mk
 zone-rm
+bind
--- a/dnstools.conf	Tue Dec 28 15:36:19 2010 +0100
+++ b/dnstools.conf	Wed Dec 29 00:08:03 2010 +0100
@@ -1,6 +1,6 @@
-bind_dir = /etc/bind			# bind-Hauptverzeichnis
-master_dir = /etc/bind/master		# Verzeichnis für die einzelnen Zonen-Verzeichnisse
-zone_conf_dir = /etc/bind/zones.d	# Verzeichnis für die Zonen-Konfigurationdateien
+bind_dir = ./bind			# bind-Hauptverzeichnis
+master_dir = ./bind/master		# Verzeichnis für die einzelnen Zonen-Verzeichnisse
+zone_conf_dir = ./bind/zones.d		# Verzeichnis für die Zonen-Konfigurationdateien
 
 key_counter_end = 15			# Anzahl der Signierungen bis zum Key-Rollover
 sign_alert_time = 168			# Warn-Zeitraum vor dem Ablauf einer Zone-Signatur in h
--- a/update-serial.pl	Tue Dec 28 15:36:19 2010 +0100
+++ b/update-serial.pl	Wed Dec 29 00:08:03 2010 +0100
@@ -20,13 +20,13 @@
 sub sign_expired($);
 sub need_rollover();
 sub done_rollover();
+sub begin_rollover(@);
 
 sub sign_zone;
 sub update_serial;
 sub mk_zone_conf;
 sub file_entry;
 sub server_reload;
-sub begin_ro;
 sub key_to_zonefile;
 sub kill_useless_keys;
 sub end_ro;
@@ -68,12 +68,10 @@
     ### @candidates
     ### @need_rollover
     ### @done_rollover
+
+    begin_rollover(@need_rollover);    # eine rollover-beginn-sequenz
     exit;
 
-    if (@need_rollover) {
-        begin_ro;    # eine rollover-beginn-sequenz
-    }
-
     if (@end_ro_list) {
         end_ro;      # eine rollover-end-squenz
     }
@@ -428,44 +426,43 @@
     return @r;
 }
 
-sub begin_ro {
+sub begin_rollover(@) {
+    my @zones = @_;
+    my @r;
 
     # anfang des key-rollovers
-    our @begin_ro_list;
-    our @new_serial;
 
-    for (uniq(@begin_ro_list)) {
+    #??  for (uniq(@begin_ro_list)) {
+    foreach my $zone (@zones) {
 
         #erzeugt zsks
-        my $zone = $_;
-        my $zpf  = "$config{master_dir}/$zone";
-        my @index;
+        my $dir  = "$config{master_dir}/$zone";
+        my @keys;
 
-        chdir "$zpf" or die "$zpf: $!\n";
-        my $keyname = `dnssec-keygen -a RSASHA1 -b 512 -n ZONE $zone`;
+        chomp(my $keyname = `cd $dir && dnssec-keygen -a RSASHA1 -b 512 -n ZONE $zone`);
+
+        open(my $fh, "+<$dir/.index.zsk") or die "$dir/.index.zsk: $!\n";
+        chomp(@keys = <$fh>);
 
-        open(INDEX, ".index.zsk") or die "$zpf/.index.zsk: $!\n";
-        @index = <INDEX>;
-        close(INDEX);
+        push @keys, $keyname;
+	shift @keys if @keys > 2;
 
-        push @index, $keyname;
-        if (@index > 2) { shift(@index); }
+	seek($fh, 0, 0) or die "seek";		# FIXME
+	truncate($fh, 0) or die "truncate";	# FIXME
+        print $fh join "\n" => @keys;
 
-        open(INDEX, ">.index.zsk") or die "$zpf/.index.zsk: $!\n";
-        print INDEX @index;
-        close(INDEX);
-
-        chomp($keyname);
         print " * $zone: neuer ZSK $keyname erstellt\n";
 
-        open(KC, ">.keycounter") or die "$zpf/keycounter: $!\n";
-        print KC "0";
-        close(KC);
+        open($fh, ">$dir/.keycounter") or die "$dir/.keycounter: $!\n";
+        say $fh 0;
+	close($fh);
 
         &kill_useless_keys($zone);
         &key_to_zonefile($zone);
-        push @new_serial, $zone;
+        push @r, $zone;
     }
+
+    return @r;
 }
 
 sub key_to_zonefile {
ius/dnstools