ddns-confgen.c revision c1aef54e14bb92518b1c062ba8c0292a7cb949cb
/*
* Copyright (C) 2009, 2011 Internet Systems Consortium, Inc. ("ISC")
*
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: ddns-confgen.c,v 1.11 2011/03/12 04:59:46 tbox Exp $ */
/*! \file */
/**
* ddns-confgen generates configuration files for dynamic DNS. It can
* be used as a convenient alternative to writing the ddns.key file
* and the corresponding key and update-policy statements in named.conf.
*/
#include <config.h>
#include <stdlib.h>
#include <stdarg.h>
#include <isc/assertions.h>
#include <isc/commandline.h>
#include <isc/keyboard.h>
#include <dns/keyvalues.h>
#include "util.h"
#include "keygen.h"
#define DEFAULT_KEYNAME "ddns-key"
static char program[256];
const char *progname;
ISC_PLATFORM_NORETURN_PRE static void
static void
Usage:\n\
%s [-a alg] [-k keyname] [-r randomfile] [-q] [-s name | -z zone]\n\
-a alg: algorithm (default hmac-sha256)\n\
-k keyname: name of the key as it will be used in named.conf\n\
-r randomfile: source of random data (use \"keyboard\" for key timing)\n\
-s name: domain name to be updated using the created key\n\
-z zone: name of the zone as it will be used in named.conf\n\
-q: quiet mode: print the key, with no explanatory text\n",
progname);
}
int
char key_txtsecret[256];
const char *randomfile = NULL;
const char *self_domain = NULL;
int keysize = 256;
int len = 0;
int ch;
if (result != ISC_R_SUCCESS)
"a:hk:Mmr:qs:Vy:z:")) != -1) {
switch (ch) {
case 'a':
if (alg == DST_ALG_UNKNOWN)
break;
case 'h':
usage(0);
case 'k':
case 'y':
break;
case 'M':
break;
case 'm':
break;
case 'q':
break;
case 'r':
break;
case 's':
break;
case 'V':
break;
case 'z':
break;
case '?':
if (isc_commandline_option != '?') {
usage(1);
} else
usage(0);
break;
default:
exit(1);
}
}
if (argc > 0)
usage(1);
if (self_domain != NULL)
fatal("failed to allocate memory for keyname");
}
}
if (!quiet)
printf("\
# To activate this key, place the following in named.conf, and\n\
# in a separate keyfile on the system or systems from which nsupdate\n\
# will be run:\n");
printf("\
key \"%s\" {\n\
algorithm %s;\n\
secret \"%.*s\";\n\
};\n",
(int)isc_buffer_usedlength(&key_txtbuffer),
(char *)isc_buffer_base(&key_txtbuffer));
if (!quiet) {
if (self_domain != NULL) {
printf("\n\
# Then, in the \"zone\" statement for the zone containing the\n\
# name \"%s\", place an \"update-policy\" statement\n\
# like this one, adjusted as needed for your preferred permissions:\n\
update-policy {\n\
grant %s name %s ANY;\n\
};\n",
printf("\n\
# Then, in the \"zone\" definition statement for \"%s\",\n\
# place an \"update-policy\" statement like this one, adjusted as \n\
# needed for your preferred permissions:\n\
update-policy {\n\
grant %s zonesub ANY;\n\
};\n",
} else {
printf("\n\
# Then, in the \"zone\" statement for each zone you wish to dynamically\n\
# update, place an \"update-policy\" statement granting update permission\n\
# to this key. For example, the following statement grants this key\n\
# permission to update any name within the zone:\n\
update-policy {\n\
grant %s zonesub ANY;\n\
};\n",
keyname);
}
printf("\n\
# After the keyfile has been placed, the following command will\n\
# execute nsupdate using this key:\n\
nsupdate -k <keyfile>\n");
}
if (show_final_mem)
return (0);
}