pdnsutil: add list-algorithms

diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc
index 3d477eead8f025c1dc3c48fa250d40ab4ba9abcf..7c59814d6a1d64d0f39d6840273fc585c1266cb6 100644 (file)
--- a/pdns/dnssecinfra.cc
+++ b/pdns/dnssecinfra.cc
@@ -123,6 +123,21 @@ DNSCryptoKeyEngine* DNSCryptoKeyEngine::make(unsigned int algo)
   }
 }
 
+/**
+ * Returns the supported DNSSEC algorithms with the name of the Crypto Backend used
+ *
+ * @return   A vector with pairs of (algorithm-number (int), backend-name (string))
+ */
+vector<pair<uint8_t, string>> DNSCryptoKeyEngine::listAllAlgosWithBackend()
+{
+  vector<pair<uint8_t, string>> ret;
+  for (auto const& value : getMakers()) {
+    shared_ptr<DNSCryptoKeyEngine> dcke(value.second(value.first));
+    ret.push_back(make_pair(value.first, dcke->getName()));
+  }
+  return ret;
+}
+
 void DNSCryptoKeyEngine::report(unsigned int algo, maker_t* maker, bool fallback)
 {
   getAllMakers()[algo].push_back(maker);

diff --git a/pdns/dnssecinfra.hh b/pdns/dnssecinfra.hh
index 5d8e20302165af2bbcb28d682fe11b706505b5f3..e0d15335e1cbb646d6fbe581c844d21cd2caa989 100644 (file)
--- a/pdns/dnssecinfra.hh
+++ b/pdns/dnssecinfra.hh
@@ -49,6 +49,7 @@ class DNSCryptoKeyEngine
     
     static void report(unsigned int algorithm, maker_t* maker, bool fallback=false);
     static std::pair<unsigned int, unsigned int> testMakers(unsigned int algorithm, maker_t* creator, maker_t* signer, maker_t* verifier);
+    static vector<pair<uint8_t, string>> listAllAlgosWithBackend();
     static bool testAll();
     static bool testOne(int algo);
   private:

diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc
index 6c02e6bcf37d7022b6b8cd3487b4e39b5702d161..e324cffff4691f6c42f618845bb46eb20b3c7fa8 100644 (file)
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -1856,6 +1856,7 @@ try
     cerr<<"       [active|inactive] [ksk|zsk]  Defaults to KSK and active"<<endl;
     cerr<<"load-zone ZONE FILE                Load ZONE from FILE, possibly creating zone or atomically"<<endl;
     cerr<<"                                   replacing contents"<<endl;
+    cerr<<"list-algorithms [with-backend]     List all DNSSEC algorithms supported, optionally also listing the crypto library used"<<endl;
     cerr<<"list-keys [ZONE]                   List DNSSEC keys for ZONE. When ZONE is unset or \"all\", display all keys for all zones"<<endl;
     cerr<<"list-zone ZONE                     List zone contents"<<endl;
     cerr<<"list-all-zones [master|slave|native]"<<endl;
@@ -1915,6 +1916,25 @@ seedRandom(::arg()["entropy-source"]);
     return 1;
   }
 
+  if(cmds[0] == "list-algorithms") {
+    if((cmds.size() == 2 && cmds[1] != "with-backend") || cmds.size() > 2) {
+      cerr<<"Syntax: pdnsutil list-algorithms [with-backend]"<<endl;
+      return 1;
+    }
+
+    cout<<"DNSKEY algorithms supported by this installation of PowerDNS:"<<endl;
+
+    auto algosWithBackend = DNSCryptoKeyEngine::listAllAlgosWithBackend();
+    for (auto const algoWithBackend : algosWithBackend){
+      string algoName = DNSSECKeeper::algorithm2name(algoWithBackend.first);
+      cout<<std::to_string(algoWithBackend.first)<<" - "<<algoName;
+      if (cmds.size() == 2 && cmds[1] == "with-backend")
+        cout<<" using "<<algoWithBackend.second;
+      cout<<endl;
+    }
+    return 0;
+  }
+
   reportAllTypes();
 
   if(cmds[0] == "create-bind-db") {