From: Bert Hubert <bert.hubert@netherlabs.nl>
Date: Sun, 2 Jan 2011 19:40:46 +0000 (+0000)
Subject: hook up activate-domain-key, deactivate-domain-key, remove-domain-key
X-Git-Tag: auth-3.0~456
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4496f66f5521297a07e4caafc18d22fdb4a90540;p=pdns

hook up activate-domain-key, deactivate-domain-key, remove-domain-key


git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1791 d19b8d6e-7fed-0310-83ef-9ca221ded41b
---

diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc
index 62fbaac38..443525bab 100644
--- a/pdns/backends/gsql/gsqlbackend.cc
+++ b/pdns/backends/gsql/gsqlbackend.cc
@@ -101,9 +101,9 @@ bool GSQLBackend::getDomainInfo(const string &domain, DomainInfo &di)
     try {
       SOAData sd;
       if(!getSOA(domain,sd)) 
-	L<<Logger::Notice<<"No serial for '"<<domain<<"' found - zone is missing?"<<endl;
+        L<<Logger::Notice<<"No serial for '"<<domain<<"' found - zone is missing?"<<endl;
       else
-	di.serial=sd.serial;
+        di.serial=sd.serial;
     }
     catch(AhuException &ae){
       L<<Logger::Error<<"Error retrieving serial for '"<<domain<<"': "<<ae.reason<<endl;
@@ -250,6 +250,10 @@ GSQLBackend::GSQLBackend(const string &mode, const string &suffix)
   d_GetDomainMetadataQuery = "select content from domains, domainmetadata where domain_id=domains.id and name='%s' and domainmetadata.kind='%s'";
   d_ClearDomainMetadataQuery = "delete from domainmetadata where domain_id=(select id from domains where name='%s') and domainmetadata.kind='%s'";
   d_SetDomainMetadataQuery = "insert into domainmetadata (domain_id, kind, content) select id, '%s', '%s' from domains where name='%s'";
+  
+  d_ActivateDomainKeyQuery = "update cryptokeys set active=1 where domain_id=(select id from domains where name='%s') and  cryptokeys.id=%d";
+  d_DeactivateDomainKeyQuery = "update cryptokeys set active=0 where domain_id=(select id from domains where name='%s') and  cryptokeys.id=%d";
+  d_RemoveDomainKeyQuery = "delete from cryptokeys where domain_id=(select id from domains where name='%s') and cryptokeys.id=%d";
 }
 
 bool GSQLBackend::updateDNSSECOrderAndAuth(uint32_t domain_id, const std::string& zonename, const std::string& qname, bool auth)
@@ -327,6 +331,50 @@ int GSQLBackend::addDomainKey(const string& name, const KeyData& key)
   return 1; // XXX FIXME, no idea how to get the id
 }
 
+bool GSQLBackend::activateDomainKey(const string& name, unsigned int id)
+{
+  char output[1024];
+  snprintf(output,sizeof(output)-1,d_ActivateDomainKeyQuery.c_str(), sqlEscape(name).c_str(), id);
+
+  try {
+    d_db->doCommand(output);
+  }
+  catch (SSqlException &e) {
+    throw AhuException("GSQLBackend unable to activate key: "+e.txtReason());
+  }
+  return true;
+}
+
+bool GSQLBackend::deactivateDomainKey(const string& name, unsigned int id)
+{
+  char output[1024];
+  snprintf(output,sizeof(output)-1,d_DeactivateDomainKeyQuery.c_str(), sqlEscape(name).c_str(), id);
+
+  try {
+    d_db->doCommand(output);
+  }
+  catch (SSqlException &e) {
+    throw AhuException("GSQLBackend unable to deactivate key: "+e.txtReason());
+  }
+  return true;
+}
+
+bool GSQLBackend::removeDomainKey(const string& name, unsigned int id)
+{
+  char output[1024];
+  snprintf(output,sizeof(output)-1,d_RemoveDomainKeyQuery.c_str(), sqlEscape(name).c_str(), id);
+
+  try {
+    d_db->doCommand(output);
+  }
+  catch (SSqlException &e) {
+    throw AhuException("GSQLBackend unable to remove key: "+e.txtReason());
+  }
+  return true;
+}
+
+
+
 bool GSQLBackend::getDomainKeys(const string& name, unsigned int kind, std::vector<KeyData>& keys)
 {
   char output[1024];  
diff --git a/pdns/backends/gsql/gsqlbackend.hh b/pdns/backends/gsql/gsqlbackend.hh
index dde766216..78ff4ae30 100644
--- a/pdns/backends/gsql/gsqlbackend.hh
+++ b/pdns/backends/gsql/gsqlbackend.hh
@@ -47,6 +47,11 @@ public:
   bool getDomainKeys(const string& name, unsigned int kind, std::vector<KeyData>& keys);
   bool getDomainMetadata(const string& name, const std::string& kind, std::vector<std::string>& meta);
   bool setDomainMetadata(const string& name, const std::string& kind, const std::vector<std::string>& meta);
+  
+  bool removeDomainKey(const string& name, unsigned int id);
+  bool activateDomainKey(const string& name, unsigned int id);
+  bool deactivateDomainKey(const string& name, unsigned int id);
+  
 private:
   string d_qname;
   QType d_qtype;
@@ -86,6 +91,10 @@ private:
   string d_GetDomainMetadataQuery;
   string d_ClearDomainMetadataQuery;
   string d_SetDomainMetadataQuery;
+
+  string d_RemoveDomainKeyQuery;
+  string d_ActivateDomainKeyQuery;
+  string d_DeactivateDomainKeyQuery;
 protected:  
   bool d_dnssecQueries;
 };
diff --git a/pdns/dbdnsseckeeper.cc b/pdns/dbdnsseckeeper.cc
index 944e15f49..f09d8ffd6 100644
--- a/pdns/dbdnsseckeeper.cc
+++ b/pdns/dbdnsseckeeper.cc
@@ -88,17 +88,20 @@ DNSSECPrivateKey DNSSECKeeper::getKeyById(const std::string& zname, unsigned int
 
 void DNSSECKeeper::removeKey(const std::string& zname, unsigned int id)
 {
-  // XXX
+  UeberBackend db;
+  db.removeDomainKey(zname, id);
 }
 
 void DNSSECKeeper::deactivateKey(const std::string& zname, unsigned int id)
 {
-  // XX
+  UeberBackend db;
+  db.deactivateDomainKey(zname, id);
 }
 
 void DNSSECKeeper::activateKey(const std::string& zname, unsigned int id)
 {
-  // XXX
+  UeberBackend db;
+  db.activateDomainKey(zname, id);
 }
 
 bool DNSSECKeeper::getNSEC3PARAM(const std::string& zname, NSEC3PARAMRecordContent* ns3p)
diff --git a/pdns/pdnssec.cc b/pdns/pdnssec.cc
index 381a8d7d5..646f14584 100644
--- a/pdns/pdnssec.cc
+++ b/pdns/pdnssec.cc
@@ -24,7 +24,6 @@ ArgvMap &arg()
   return arg;
 }
 
-
 string humanTime(time_t t)
 {
   char ret[256];
@@ -256,8 +255,8 @@ try
   else if(cmds[0] == "add-zone-key") {
     const string& zone=cmds[1];
     // need to get algorithm & ksk or zsk from commandline
+    cerr<<"Adding a ZSK"<<endl;
     dk.addKey(zone, 1, 5, 0); 
-    cerr<<"Not implemented"<<endl;
   }
   else if(cmds[0] == "remove-zone-key") {
     const string& zone=cmds[1];
@@ -322,9 +321,12 @@ try
     unsigned int id=atoi(cmds[2].c_str());
     DNSSECPrivateKey dpk=dk.getKeyById(zone, id);
     cout << dpk.d_key.convertToISC(dpk.d_algorithm) <<endl;
-  }
+  }  
   else if(cmds[0]=="import-zone-key") {
-    cerr<<"This isn't quite right yet!"<<endl; /// XXX FIXME
+    if(cmds.size()!=3) {
+      cerr<<"Syntax: pdnssec import-zone-key zone-name filename"<<endl;
+      exit(1);
+    }
     string zone=cmds[1];
     string fname=cmds[2];
     DNSSECPrivateKey dpk;
diff --git a/pdns/ueberbackend.cc b/pdns/ueberbackend.cc
index 46710205d..f324c195b 100644
--- a/pdns/ueberbackend.cc
+++ b/pdns/ueberbackend.cc
@@ -134,6 +134,33 @@ bool UeberBackend::setDomainMetadata(const string& name, const std::string& kind
   return false;
 }
 
+bool UeberBackend::activateDomainKey(const string& name, unsigned int id)
+{
+  BOOST_FOREACH(DNSBackend* db, backends) {
+    if(db->activateDomainKey(name, id))
+      return true;
+  }
+  return false;
+}
+
+bool UeberBackend::deactivateDomainKey(const string& name, unsigned int id)
+{
+  BOOST_FOREACH(DNSBackend* db, backends) {
+    if(db->deactivateDomainKey(name, id))
+      return true;
+  }
+  return false;
+}
+
+bool UeberBackend::removeDomainKey(const string& name, unsigned int id)
+{
+  BOOST_FOREACH(DNSBackend* db, backends) {
+    if(db->removeDomainKey(name, id))
+      return true;
+  }
+  return false;
+}
+
 
 void UeberBackend::reload()
 {
diff --git a/pdns/ueberbackend.hh b/pdns/ueberbackend.hh
index 27f07bc57..24b1c45a8 100644
--- a/pdns/ueberbackend.hh
+++ b/pdns/ueberbackend.hh
@@ -127,6 +127,10 @@ public:
   bool getDomainKeys(const string& name, unsigned int kind, std::vector<KeyData>& keys);
   bool getDomainMetadata(const string& name, const std::string& kind, std::vector<std::string>& meta);
   bool setDomainMetadata(const string& name, const std::string& kind, const std::vector<std::string>& meta);
+
+  bool removeDomainKey(const string& name, unsigned int id);
+  bool activateDomainKey(const string& name, unsigned int id);
+  bool deactivateDomainKey(const string& name, unsigned int id);
   
   void alsoNotifies(const string &domain, set<string> *ips); 
   void rediscover(string* status=0);