36 #include "clientpipe.h" 43 static const char *module_str =
"keystate_rollover_cmd";
46 perform_keystate_rollover(
int sockfd,
db_connection_t *dbconn,
const char * policyname,
47 const char *zonename,
int nkeyrole)
61 client_printf_err(sockfd,
"unknown policy %s\n", policyname);
66 client_printf_err(sockfd,
"[%s] Error fetching zones", module_str);
74 client_printf (sockfd,
"No zones on policy %s\n",
policy_name(policy));
75 client_printf (sockfd,
"No keys to be rolled\n");
84 client_printf(sockfd,
"zone %s not found\n", zonename);
89 while (listsize > 0) {
96 client_printf(sockfd,
"rolling all keys for zone %s\n",
zone_name(zone));
97 ods_log_info(
"[%s] Manual rollover initiated for all keys on Zone: %s",
102 client_printf(sockfd,
"rolling KSK for zone %s\n",
zone_name(zone));
107 client_printf(sockfd,
"rolling ZSK for zone %s\n",
zone_name(zone));
112 client_printf(sockfd,
"rolling CSK for zone %s\n",
zone_name(zone));
116 ods_log_assert(
false &&
"nkeyrole out of range");
117 ods_log_error_and_printf(sockfd, module_str,
118 "nkeyrole out of range");
123 ods_log_error_and_printf(sockfd, module_str,
124 "updating zone %s in the database failed",
zone_name(zone));
126 reterror = error || reterror;
139 client_printf(sockfd,
141 " --zone <zone> | --policy <policy> aka -z | -p \n" 142 " [--keytype <keytype>] aka -t\n" 150 client_printf(sockfd,
151 "Start a key rollover of the desired type *now*. The process is the same\n" 152 "as for the scheduled automated rollovers however it does not wait for\n" 153 "the keys lifetime to expire before rolling. The next rollover is due\n" 154 "after the newest key aged passed its lifetime.\n" 156 "zone limit the output to the given the zone\n" 157 "policy limit the output to the given the policy\n" 158 "keytype limit the output to the given type, can be KSK, ZSK or CSK (default is all)\n\n" 163 handles(
const char *cmd, ssize_t n)
172 char buf[ODS_SE_MAXLINE];
174 const char *argv[
NARGV];
175 int argc, error, nkeytype = 0;
176 const char *zone = NULL, *keytype = NULL, *policy = NULL;
183 strncpy(buf, cmd,
sizeof(buf));
184 buf[
sizeof(buf)-1] =
'\0';
187 argc = ods_str_explode(buf,
NARGV, argv);
191 client_printf(sockfd,
"too many arguments\n");
195 (void)ods_find_arg_and_param(&argc,argv,
"policy",
"p",&policy);
196 (void)ods_find_arg_and_param(&argc,argv,
"zone",
"z",&zone);
197 (void)ods_find_arg_and_param(&argc,argv,
"keytype",
"t",&keytype);
202 client_printf(sockfd,
"unknown arguments\n");
205 if (!zone && !policy) {
206 ods_log_warning(
"[%s] expected either --zone <zone> or --policy <policy> for %s command",
208 client_printf(sockfd,
"expected either --zone <zone> or --policy <policy> option\n");
211 else if (zone && policy) {
212 ods_log_warning(
"[%s] expected either --zone <zone> or --policy <policy> for %s command",
214 client_printf(sockfd,
"expected either --zone <zone> or --policy <policy> option\n");
219 if (!strncasecmp(keytype,
"KSK", 3)) {
221 }
else if (!strncasecmp(keytype,
"ZSK", 3)) {
223 }
else if (!strncasecmp(keytype,
"CSK", 3)) {
228 client_printf(sockfd,
"given keytype \"%s\" invalid\n",
234 error = perform_keystate_rollover(sockfd, dbconn, policy, zone, nkeytype);
zone_list_t * policy_zone_list(policy_t *policy)
int zone_set_roll_csk_now(zone_t *zone, unsigned int roll_csk_now)
void ods_log_debug(const char *format,...)
const char * policy_name(const policy_t *policy)
int zone_set_roll_zsk_now(zone_t *zone, unsigned int roll_zsk_now)
int zone_update(zone_t *zone)
void ods_log_info(const char *format,...)
int(* run)(int sockfd, struct engine_struct *engine, const char *cmd, ssize_t n, db_connection_t *dbconn)
void ods_log_error(const char *format,...)
void zone_free(zone_t *zone)
void(* usage)(int sockfd)
void policy_free(policy_t *policy)
int zone_set_next_change(zone_t *zone, int next_change)
int zone_set_roll_ksk_now(zone_t *zone, unsigned int roll_ksk_now)
policy_t * policy_new(const db_connection_t *connection)
int policy_retrieve_zone_list(policy_t *policy)
zone_t * zone_new_get_by_name(const db_connection_t *connection, const char *name)
size_t zone_list_size(zone_list_t *zone_list)
const char * zone_name(const zone_t *zone)
zone_t * zone_list_get_next(zone_list_t *zone_list)
int policy_get_by_name(policy_t *policy, const char *name)
struct cmd_func_block * key_rollover_funcblock(void)
int(* handles)(const char *cmd, ssize_t n)
void ods_log_warning(const char *format,...)
int flush_enforce_task(engine_type *engine, bool enforce_all)