--- a/dnssec-keytool.pl Thu Dec 30 16:20:27 2010 +0100
+++ b/dnssec-keytool.pl Thu Dec 30 17:05:31 2010 +0100
@@ -1,93 +1,97 @@
#! /usr/bin/perl
+use v5.10;
use warnings;
use strict;
use FindBin;
use File::Temp;
use Getopt::Long;
use Pod::Usage;
+use File::Basename;
+use if $ENV{DEBUG} => "Smart::Comments";
-sub read_conf;
+my $ME = basename $0;
+
+sub read_conf(@);
sub read_argv($);
-sub rm_keys(@);
-sub ck_zone(@);
-sub creat_ksk(@);
-sub creat_zsk(@);
-sub post_creat(@);
+sub rm_keys($@);
+sub ck_zone($@);
+sub create_ksk($@);
+sub create_zsk($@);
+sub post_create($@);
MAIN: {
- my @zone;
- my $do;
+ ### reading config
+ my %conf = read_conf("$FindBin::Bin/dnstools.conf", "/etc/dnstools.conf");
- my %conf = read_conf();
- ($do, @zone) = read_argv($conf{master_dir});
+ my ($cmd, @zones) = read_argv($conf{master_dir});
- # completed the program, if not a valid zones was handed over
- unless (@zone) { exit; }
+ given ($cmd) {
+ when ("rm") { rm_keys($conf{master_dir}, @zones); exit }
+ when ("ck") { ck_zone($conf{master_dir}, @zones) }
+ when ("ksk") { create_ksk($conf{master_dir}, @zones) }
+ };
- if ($do eq "rm") { rm_keys($conf{master_dir}, @zone); exit; }
- if ($do eq "ck") { ck_zone($conf{master_dir}, @zone); }
- if ($do eq "ksk") { creat_ksk($conf{master_dir}, @zone); }
-
- creat_zsk($conf{master_dir}, @zone);
- post_creat($conf{master_dir}, @zone);
+ create_zsk($conf{master_dir}, @zones);
+ post_create($conf{master_dir}, @zones);
}
sub read_argv ($) {
- my $master_dir = $_[0];
- my $zone;
- my $do; # return
- my @zone; # return
+ my ($master_dir) = @_;
+ my ($cmd, @zones); # return
GetOptions(
- "z" => sub { $do = "zsk" },
- "k" => sub { $do = "ksk" },
- "h" => sub { pod2usage },
- "r" => sub { $do = "rm" },
- "c" => sub { $do = "ck" },
- ) or pod2usage;
+ "zsk" => sub { $cmd = "zsk" },
+ "ksk" => sub { $cmd = "ksk" },
+ "rm" => sub { $cmd = "rm" },
+ "ck|check" => sub { $cmd = "ck" },
+ "h|help" => sub { pod2usage(-exitvalue => 0, -verbose => 1) },
+ "m|man" => sub {
+ pod2usage(
+ -exitvalue => 0,
+ -noperldoc => system("perldoc -V &>/dev/null"),
+ -verbose => 2
+ );
+ },
+ )
+ and @ARGV
+ or pod2usage;
# checks the zones in argv if there are managed zones
- for (@ARGV) {
- chomp($zone = `idn --quiet "$_"`);
- if (-e "$master_dir/$zone/$zone") {
- push @zone, $zone;
- }
+ foreach (@ARGV) {
+ chomp(my $zone = `idn --quiet "$_"`);
+
+ die "zone $zone is not managed\n"
+ if not -f "$master_dir/$zone/$zone";
+
+ push @zones, $zone;
}
- return ($do, @zone);
+ return ($cmd, @zones);
}
-sub read_conf {
+sub read_conf(@) {
# read configuration
- my @conffile = ("etc/dnstools.conf", "$FindBin::Bin/dnstools.conf");
+ my @conffiles = @_;
my %return;
- for (grep { -f } @conffile) {
- open(CONFIG, "<", $_) or die "Can't open $_: $!\n";
- }
- unless (seek(CONFIG, 0, 0)) {
- die "Can't open config (searched: @conffile)\n";
- }
- while (<CONFIG>) {
- chomp;
+ my ($_) = grep { -f } @conffiles;
+ open(my $cf, $_) or die "Can't open $_: $!\n";
+
+ while (<$cf>) {
s/#.*//;
s/\s//g;
-
next unless length;
my ($cname, $ccont) = split(/\s*=\s*/, $_, 2);
$return{$cname} = $ccont;
}
- close(CONFIG);
return %return;
}
-sub rm_keys (@) {
+sub rm_keys ($@) {
# deletes all the keys were handed over -rm in argv
my ($master_dir, @zone) = @_;
- my @new_zone_content;
- my @old_zone_content;
for (@zone) {
my $zone = $_;
@@ -123,29 +127,15 @@
print " * $zone: removed key-set\n";
}
- open(ZONE, "$zpf/$zone")
- or die "$zpf/$zone: $!\n";
- @old_zone_content = <ZONE>;
- close(ZONE);
-
- for (@old_zone_content) {
- unless (m#\$INCLUDE.*\"K$zone.*\.key\"#) {
- push @new_zone_content, $_;
- }
- }
-
- {
- my $fh = File::Temp->new(DIR => "$zpf")
- or die "Can't create tmpdir: $!\n";
- print $fh join "" => @new_zone_content, "";
- rename($fh->filename => "$zpf/$zone")
- or die "Can't rename " . $fh->filename . " to $zpf/$zone: $!\n";
- }
-
+ open(my $old, "$zpf/$zone") or die "$zpf/$zone: $!\n";
+ my $fh = File::Temp->new(DIR => $zpf) or die "Can't create tmpfile: $!\n";
+ print $fh grep { not /^\s*\$INCLUDE.*"K$zone.*\.key"/i } <$old>;
+ rename($fh->filename => "$zpf/$zone")
+ or die "Can't rename " . $fh->filename . " to $zpf/$zone: $!\n";
}
}
-sub creat_ksk (@) {
+sub create_ksk ($@) {
my ($master_dir, @zone) = @_;
my @index;
my $keyname;
@@ -184,7 +174,7 @@
}
}
-sub creat_zsk (@) {
+sub create_zsk ($@) {
my ($master_dir, @zone) = @_;
my @index;
my $keyname;
@@ -225,7 +215,7 @@
}
}
-sub ck_zone (@) {
+sub ck_zone ($@) {
my ($master_dir, @zone) = @_;
for (@zone) {
@@ -264,7 +254,7 @@
}
}
-sub post_creat (@) {
+sub post_create ($@) {
my ($master_dir, @zone) = @_;
for (@zone) {
my $zone = $_;
@@ -274,7 +264,7 @@
}
}
-sub kill_useless_keys (@) {
+sub kill_useless_keys ($@) {
# the function deletes all keys that are not available in the zone
@@ -315,7 +305,7 @@
}
}
-sub key_to_zonefile (@) {
+sub key_to_zonefile ($@) {
# the function added all keys to the indexfile
my $zone = $_[0];
@@ -352,16 +342,26 @@
=head1 SYNOPSIS
-dnssec-keytool <option> zone
-
-=item -z created a new ZSK
-
-=item -k created a new ZSK and KSK
-
-=item -r delete the key-set of a zone
-
-=item -c created configuration files for the dnstools and a new ZSK for an existing KSK
+dnssec-keytool {-z|-k|-r|-c} zone
=head1 DESCRIPTION
-kommt bald
+Blabla.
+
+=head1 OPTIONS
+
+=over
+
+=item B<-z> created a new ZSK
+
+=item B<-k> created a new ZSK and KSK
+
+=item B<-r> delete the key-set of a zone
+
+=item B<-c> created configuration files for the dnstools and a new ZSK for an existing KSK
+
+=back
+
+=cut
+
+# vim:sts=4 sw=4 aw ai sm: