From: Ralph Dolmans Date: Mon, 14 Jan 2019 14:36:57 +0000 (+0100) Subject: Add ldns-signzone option to set SOA serial to unix time. X-Git-Tag: release-1.7.1-rc1~37^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1cfffbd9b5be0c9a03562c8fe843d26c2f312e28;p=thirdparty%2Fldns.git Add ldns-signzone option to set SOA serial to unix time. --- diff --git a/examples/ldns-signzone.c b/examples/ldns-signzone.c index 2adc9431..797bab43 100644 --- a/examples/ldns-signzone.c +++ b/examples/ldns-signzone.c @@ -37,6 +37,7 @@ usage(FILE *fp, const char *prog) { fprintf(fp, " -f \toutput zone to file (default .signed)\n"); fprintf(fp, " -i \tinception date\n"); fprintf(fp, " -o \torigin for the zone\n"); + fprintf(fp, " -u\t\tset SOA serial to the number of seconds since 1-1-1970\n"); fprintf(fp, " -v\t\tprint version and exit\n"); fprintf(fp, " -A\t\tsign DNSKEY with all keys instead of minimal\n"); fprintf(fp, " -U\t\tSign with every unique algorithm in the provided keys\n"); @@ -323,6 +324,7 @@ main(int argc, char *argv[]) bool use_nsec3 = false; int signflags = 0; + bool unixtime_serial = false; /* Add the given keys to the zone if they are not yet present */ bool add_keys = true; @@ -354,7 +356,7 @@ main(int argc, char *argv[]) keys = ldns_key_list_new(); - while ((c = getopt(argc, argv, "a:bde:f:i:k:no:ps:t:vAUE:K:")) != -1) { + while ((c = getopt(argc, argv, "a:bde:f:i:k:no:ps:t:uvAUE:K:")) != -1) { switch (c) { case 'a': nsec3_algorithm = (uint8_t) atoi(optarg); @@ -439,6 +441,9 @@ main(int argc, char *argv[]) case 'p': nsec3_flags = nsec3_flags | LDNS_NSEC3_VARS_OPTOUT_MASK; break; + case 'u': + unixtime_serial = true; + break; case 'v': printf("zone signer version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); exit(EXIT_SUCCESS); @@ -710,6 +715,10 @@ main(int argc, char *argv[]) } signed_zone = ldns_dnssec_zone_new(); + if (unixtime_serial) { + ldns_rr_soa_increment_func_int(ldns_zone_soa(orig_zone), + ldns_soa_serial_unixtime, 0); + } if (ldns_dnssec_zone_add_rr(signed_zone, ldns_zone_soa(orig_zone)) != LDNS_STATUS_OK) { fprintf(stderr,