dnssec-makekeyset.c revision 6fda1577669dca9e0d8e4832e407bac34cc12de6
/*
* Portions Copyright (C) 2000 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND
* NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS
* SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
* FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM OR NETWORK
* ASSOCIATES BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
* CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
* USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
* OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-makekeyset.c,v 1.45 2000/12/07 20:15:43 marka Exp $ */
#include <config.h>
#include <stdlib.h>
#include <isc/commandline.h>
#include <dns/fixedname.h>
#include <dns/rdatalist.h>
#include <dns/rdataset.h>
#include "dnssectool.h"
#define BUFSIZE 2048
const char *program = "dnssec-makekeyset";
int verbose;
struct keynode {
};
static int ttl = -1;
static void
usage(void) {
"absolute|from start|from now (now + 30 days)\n");
exit(0);
}
int
int i, ch;
char *randomfile = NULL;
char *endp;
unsigned char *data;
isc_buffer_t b;
isc_region_t r;
unsigned int eflags;
if (result != ISC_R_SUCCESS)
fatal("failed to create memory context: %s",
{
switch (ch) {
case 'a':
break;
case 's':
break;
case 'e':
break;
case 't':
if (*endp != '\0')
fatal("TTL must be numeric");
break;
case 'r':
break;
case 'v':
if (*endp != '\0')
fatal("verbose level must be numeric");
break;
case 'p':
break;
case 'h':
default:
usage();
}
}
if (argc < 1)
usage();
if (!pseudorandom)
if (result != ISC_R_SUCCESS)
fatal("could not initialize dst");
else
else
if (ttl == -1) {
ttl = 3600;
program);
}
for (i = 0; i < argc; i++) {
char namestr[DNS_NAME_FORMATSIZE];
if (result != ISC_R_SUCCESS)
&namebuf);
isc_buffer_putuint8(&namebuf, 0);
fatal("out of memory");
if (result != ISC_R_SUCCESS)
fatal("out of memory");
} else {
char savednamestr[DNS_NAME_FORMATSIZE];
sizeof savednamestr);
fatal("all keys must have the same owner - %s "
"and %s do not match",
}
strlen("keyset-") +
fatal("out of memory");
}
if (result != ISC_R_SUCCESS)
fatal("%s is not a valid name: %s",
}
if (dst_key_iszonekey(key)) {
if (result != ISC_R_SUCCESS)
fatal("failed to read private key %s: %s",
fatal("out of memory");
}
fatal("out of memory");
fatal("out of memory");
if (result != ISC_R_SUCCESS)
fatal("failed to convert key %s to a DNS KEY: %s",
isc_buffer_usedregion(&b, &r);
dns_rdatatype_key, &r);
dst_key_free(&key);
}
if (ISC_LIST_EMPTY(keylist))
"%s: no private zone key found; not self-signing\n",
program);
{
fatal("out of memory");
fatal("out of memory");
rdata);
if (result != ISC_R_SUCCESS) {
char keystr[KEY_FORMATSIZE];
fatal("failed to sign keyset with key %s: %s",
}
if (tryverify) {
if (result != ISC_R_SUCCESS) {
char keystr[KEY_FORMATSIZE];
fatal("signature from key '%s' failed to "
"verify: %s",
}
}
}
if (result != ISC_R_SUCCESS) {
char domainstr[DNS_NAME_FORMATSIZE];
}
if (!ISC_LIST_EMPTY(keylist))
NULL);
if (result != ISC_R_SUCCESS) {
char domainstr[DNS_NAME_FORMATSIZE];
fatal("failed to write database for %s to %s",
}
dns_db_detach(&db);
}
}
while (!ISC_LIST_EMPTY(keylist)) {
}
}
if (verbose > 10)
return (0);
}