--- a/dnssec-keytool.pl Tue Dec 21 17:00:11 2010 +0100
+++ b/dnssec-keytool.pl Thu Dec 23 23:59:27 2010 +0100
@@ -4,12 +4,6 @@
use strict;
use FindBin;
-sub del_double {
- my %all;
- grep { $all{$_} = 0 } @_;
- return (keys %all);
-}
-
sub read_conf {
# read configuration
--- a/update-serial.pl Tue Dec 21 17:00:11 2010 +0100
+++ b/update-serial.pl Thu Dec 23 23:59:27 2010 +0100
@@ -1,41 +1,111 @@
#!/usr/bin/perl
+use v5.10;
use strict;
use warnings;
use FindBin;
use File::Basename;
+use Pod::Usage;
+use Getopt::Long;
-sub del_double {
+sub uniq(@);
+sub read_conf(@);
+sub add_argv;
+sub changed_zone;
+sub sign_end;
+sub sign_zone;
+sub update_serial;
+sub mk_zone_conf;
+sub update_index;
+sub file_entry;
+sub server_reload;
+sub to_begin_ro;
+sub to_end_ro;
+sub begin_ro;
+sub key_to_zonefile;
+sub kill_useless_keys;
+sub end_ro;
+
+my %config;
+
+MAIN: {
+
+ GetOptions(
+ "h|help" => sub { pod2usage(-exit 0, -verbose => 1) },
+ "m|man" => sub {
+ pod2usage(
+ -exit 0,
+ -verbose => 2,
+ -noperldoc => system("perldoc -v &>/dev/null")
+ );
+ },
+ ) or pod2usage;
- # remove duplicate entries
- my %all;
- grep { $all{$_} = 0 } @_;
- return (keys %all);
+ %config = read_conf("$FindBin::Bin/dnstools.conf", "/etc/dnstools.conf");
+
+ our @new_serial; # liste fuer neuen serial
+ our @begin_ro_list; # liste mit zonen deren key-rollover beginnt
+ our @end_ro_list; # liste mit zonen deren key-rollover fertig ist
+ our $master_dir = $config{master_dir};
+ our $bind_dir = $config{bind_dir};
+ our $conf_dir = $config{zone_conf_dir};
+ our $sign_alert_time = $config{sign_alert_time};
+ our $indexzone = $config{indexzone};
+ our $key_counter_end = $config{key_counter_end};
+ our $ablauf_zeit = $config{abl_zeit};
+
+ add_argv;
+ changed_zone;
+ sign_end;
+
+ to_begin_ro; # prueft nach beginnenden rollover-verfahren
+ to_end_ro; # prueft nach endenden rollover-verfahren
+
+ if (@begin_ro_list) {
+ begin_ro; # eine rollover-beginn-sequenz
+ }
+
+ if (@end_ro_list) {
+ end_ro; # eine rollover-end-squenz
+ }
+
+ if (@new_serial) {
+ update_index; # index zone aktuallisieren
+ update_serial; # serial aktuallisieren
+ sign_zone; # zone signieren
+ }
+
+ file_entry; # bearbeitet die file-eintraege der konfigurations-datei
+ mk_zone_conf; # konfiguration zusammenfuegen
+ server_reload; # server neu laden
+
}
-sub read_conf {
-
- # read the configuration
- my @configs = ("$FindBin::Bin/dnstools.conf", "/etc/dnstools.conf");
- our %config;
+sub uniq(@) {
+ # remove duplicate entries
+ my %all;
+ @all{@_} = ();
+ keys %all;
+}
- for (grep { -f } @configs) {
- open(CONFIG, $_) or die "Can't open $_: $!\n";
- }
- unless (seek(CONFIG, 0, 0)) {
- die "Can't open config (searched: @configs)\n";
- }
- while (<CONFIG>) {
+sub read_conf(@) {
+ my @configs = @_;
+ my %config;
+
+ my ($config) = grep { -f } @configs
+ or die "No config found (looked at @configs)\n";
+
+ open(my $fh => $config) or die "$config: $!\n";
+
+ while (<$fh>) {
chomp;
s/#.*//;
- s/\t//g;
s/\s//g;
+ my ($k, $v) = split(/\s*=\s*/, $_, 2) or next;
+ $config{$k} = $v;
+ }
- next unless length;
- my ($cname, $ccont) = split(/\s*=\s*/, $_, 2);
- $config{$cname} = $ccont;
- }
- close(CONFIG);
+ return %config;
}
sub add_argv {
@@ -84,8 +154,7 @@
our @new_serial;
# erzeugt $time (die zeit ab der neu signiert werden soll)
- chomp(my $unixtime = `date +%s`);
- $unixtime = $unixtime + (3600 * $sign_alert_time);
+ my $unixtime = time + (3600 * $sign_alert_time);
my $time = `date -d \@$unixtime +%Y%m%d%H`;
## vergleicht fuer alle zonen im ordner $master_dir mit einer
@@ -120,7 +189,7 @@
my $zone;
my $kc;
- for (&del_double(@new_serial)) {
+ for (uniq(@new_serial)) {
$zone = $_;
unless (-e "$master_dir/$zone/.index.zsk") {
@@ -158,7 +227,7 @@
my $scount;
my $serial;
- for (&del_double(@new_serial)) {
+ for (uniq(@new_serial)) {
# erhoeht den serial
my $zone = $_;
@@ -392,7 +461,7 @@
our $master_dir;
our @new_serial;
- for (&del_double(@begin_ro_list)) {
+ for (uniq(@begin_ro_list)) {
#erzeugt zsks
my $zone = $_;
@@ -525,59 +594,29 @@
}
}
-&read_conf;
-
-our %config;
-our @new_serial; # liste fuer neuen serial
-our @begin_ro_list; # liste mit zonen deren key-rollover beginnt
-our @end_ro_list; # liste mit zonen deren key-rollover fertig ist
-our $master_dir = $config{master_dir};
-our $bind_dir = $config{bind_dir};
-our $conf_dir = $config{zone_conf_dir};
-our $sign_alert_time = $config{sign_alert_time};
-our $indexzone = $config{indexzone};
-our $key_counter_end = $config{key_counter_end};
-our $ablauf_zeit = $config{abl_zeit};
-
-&add_argv;
-&changed_zone;
-&sign_end;
-
-&to_begin_ro; # prueft nach beginnenden rollover-verfahren
-&to_end_ro; # prueft nach endenden rollover-verfahren
-
-if (@begin_ro_list) {
- &begin_ro; # eine rollover-beginn-sequenz
-}
-
-if (@end_ro_list) {
- &end_ro; # eine rollover-end-squenz
-}
-
-if (@new_serial) {
- &update_index; # index zone aktuallisieren
- &update_serial; # serial aktuallisieren
- &sign_zone; # zone signieren
-}
-
-&file_entry; # bearbeitet die file-eintraege der konfigurations-datei
-&mk_zone_conf; # konfiguration zusammenfuegen
-&server_reload; # server neu laden
-
-
-
__END__
-=pod
+=head1 NAME
+
+ update-serial - updates the serial numbers and re-signs the zone files
-=head1 TITLE
+=head1 SYNOPSIS
-update-serial
+ update-serial [zone...]
+
+=head1 DESCRIPTION
-=head1 SYNTAX
+B<update-serial> scans the configured directories for modified zone files. On any
+file found it increments the serial number and signs the zone, if approbiate.
+
+=head1 OPTIONS
-update-serial
+The common options B<-h>|B<--help>|B<-m>|B<--man> are supported.
-=head1 BESCHREIBUNG
+=head1 AUTHOR
+
+L<andre.suess@pipkin.cc>
=cut
+
+# vim:sts=4 sw=4 aw ai sm: