ksksby=`$KEYGEN -3 -a RSASHA1 -q -P now -A now+15s -fk $zone`
kskrev=`$KEYGEN -3 -a RSASHA1 -q -R now+15s -fk $zone`
-cat $ksksby.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $ksksby > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf
-cat $kskrev.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $kskrev > trusted.conf
cp trusted.conf ../ns5/trusted.conf
echo $zskact > ../active.key
infile="${zonefile}.in"
ksk=`$KEYGEN -a RSASHA1 -3 -q -fk $zone`
$KEYGEN -a RSASHA1 -3 -q $zone > /dev/null
-cat $ksk.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > private.conf
+keyfile_to_trusted_keys $ksk > private.conf
cp private.conf ../ns4/private.conf
$SIGNER -S -3 beef -A -o $zone -f $zonefile $infile > /dev/null 2>&1
echo_i "signed $zone"
-grep -v '^;' $keyname2.key | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $keyname2 > trusted.conf
cp trusted.conf ../ns5
-
$SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
echo_i "signed $zone"
-
-grep -v '^;' $keyname2.key | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted-dlv.conf
+keyfile_to_trusted_keys $keyname2 > trusted-dlv.conf
cp trusted-dlv.conf ../ns5
cp $dssets ../ns2
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
-
-# ...or with a managed key.
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-managed-keys {
- "$dn" initial-key $flags $proto $alg "$key";
-};
-EOF
-' > managed.conf
+keyfile_to_trusted_keys $keyname > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf
cp trusted.conf ../ns6/trusted.conf
cp trusted.conf ../ns7/trusted.conf
+
+# ...or with a managed key.
+keyfile_to_managed_keys $keyname > managed.conf
cp managed.conf ../ns4/managed.conf
+
#
# Save keyid for managed key id test.
#
keyname=`$KEYGEN -a RSASHA1 -qfk $zone`
# copy the KSK out first, then revoke it
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-managed-keys {
- "$dn" initial-key $flags $proto $alg "$key";
-};
-EOF
-' > revoked.conf
+keyfile_to_managed_keys $keyname > revoked.conf
$SETTIME -R now ${keyname}.key > /dev/null
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
-
-cat $key2.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $key2 > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf
$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err
# Configure the resolving server with a trusted key.
-
-cat $key1.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $key1 > trusted.conf
cp trusted.conf ../ns2/trusted.conf
$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err
# Configure the resolving server with a trusted key.
-
-cat $key1.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $key1 > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cd ../ns2 && $SHELL sign.sh
$SIGNER -S -x -T 1200 -o ${zone} root.db > signer.out 2>&1
[ $? = 0 ] || cat signer.out
-cat ${keyname}.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
-
+keyfile_to_trusted_keys $keyname > trusted.conf
cp trusted.conf ../ns6/trusted.conf
$SIGNER -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err
-grep -v '^;' $keyname2.key | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $keyname2 > trusted.conf
cp trusted.conf ../ns1
$SIGNER -Sg -o $zone $zonefile > /dev/null 2>/dev/null
# Configure the resolving server with a managed trusted key.
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-managed-keys {
- "$dn" initial-key $flags $proto $alg "$key";
-};
-EOF
-' > managed.conf
+keyfile_to_managed_keys $keyname > managed.conf
cp managed.conf ../ns2/managed.conf
cp managed.conf ../ns4/managed.conf
cp managed.conf ../ns5/managed.conf
-# Configure a trusted key statement (used by delve)
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+# Configure a trusted key statement (used by delv)
+keyfile_to_trusted_keys $keyname > trusted.conf
#
# Save keyname and keyid for managed key id test.
echo_i "reinitialize trust anchors, add second key to bind.keys"
$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns2
rm -f ns2/managed-keys.bind*
-cat ns1/$standby1.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-local $originalkey = `grep initial-key ns2/managed1.conf`;
-print <<EOF
-managed-keys {
- $originalkey
- "$dn" initial-key $flags $proto $alg "$key";
-};
-EOF
-' > ns2/managed.conf
+keyfile_to_managed_keys ns1/`cat ns1/managed.key` ns1/$standby1 > ns2/managed.conf
nextpart ns2/named.run > /dev/null
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns2
$SIGNER -g -o $zone $zonefile > /dev/null 2>&1
# Configure the resolving server with a trusted key.
-
-cat $keyname2.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $keyname2 > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf
cat $ksk.key $zsk.key dsset-ds.example.net$TP >> $zonefile
$SIGNER -P -o $zone $zonefile > /dev/null 2>&1
-# Configure a trusted key statement (used by delve)
-cat $ksk.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > ../ns5/trusted.conf
+# Configure a trusted key statement (used by delv)
+keyfile_to_trusted_keys $ksk > ../ns5/trusted.conf
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
-
+keyfile_to_trusted_keys $keyname > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
-
+keyfile_to_trusted_keys $keyname > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $keyname > trusted.conf
+cp trusted.conf ../ns2/trusted.conf
# ...or with a managed key.
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-managed-keys {
- "$dn" initial-key $flags $proto $alg "$key";
-};
-EOF
-' > managed.conf
-cp trusted.conf ../ns2/trusted.conf
+keyfile_to_managed_keys $keyname > managed.conf
$SIGNER -g -o $zone $zonefile > /dev/null 2>&1
# Configure the resolving server with a trusted key.
-
-cat $keyname2.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $keyname2 > trusted.conf
zone=undelegated
infile=undelegated.db.in
$SIGNER -g -o $zone $zonefile > /dev/null 2>&1
-cat $keyname2.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' >> trusted.conf
-
+keyfile_to_trusted_keys $keyname2 >> trusted.conf
cp trusted.conf ../ns2/trusted.conf
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
-cat $keyname.key | grep -v '^; ' | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $keyname > trusted.conf
$SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
echo_i "signed $zone"
-grep -v '^;' $keyname2.key | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > private.nsec.conf
+keyfile_to_trusted_keys $keyname2 > private.nsec.conf
zone=nsec3.
infile=nsec3.db.in
$SIGNER -3 - -H 10 -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
echo_i "signed $zone"
-grep -v '^;' $keyname2.key | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > private.nsec3.conf
+keyfile_to_trusted_keys $keyname2 > private.nsec3.conf
zone=.
infile=root.db.in
$SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
echo_i "signed $zone"
-grep -v '^;' $keyname2.key | $PERL -n -e '
-local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
-local $key = join("", @rest);
-print <<EOF
-trusted-keys {
- "$dn" $flags $proto $alg "$key";
-};
-EOF
-' > trusted.conf
+keyfile_to_trusted_keys $keyname2 > trusted.conf
projects / thirdparty / bind9.git / commitdiff
