mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-03 08:05:21 +00:00
Code Issues Releases Wiki Activity

minor additional improvements to ddns-confgen (see rt#19825)

Browse Source
This commit is contained in:
Tatuya JINMEI 神明達哉
2009-06-16 22:36:53 +00:00
parent 9210d8796e
commit 45d4d69a8d
2 changed files with 82 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
bin/confgen/ddns-confgen.c
View File

@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: ddns-confgen.c,v 1.4 2009/06/11 23:47:55 tbox Exp $ */ /* $Id: ddns-confgen.c,v 1.5 2009/06/16 22:36:53 jinmei Exp $ */
/*! \file */ /*! \file */
@@ -65,12 +65,13 @@ usage(int status) {
fprintf(stderr, "\ fprintf(stderr, "\
Usage:\n\ Usage:\n\
%s [-a alg] [-k keyname] [-r randomfile] [-q] [-z zone]\n\ %s [-a alg] [-k keyname] [-r randomfile] [-q] [-s name | -z zone]\n\
-a alg: algorithm (default hmac-sha256)\n\ -a alg: algorithm (default hmac-sha256)\n\
-k keyname: name of the key as it will be used in named.conf\n\ -k keyname: name of the key as it will be used in named.conf\n\
-r randomfile: source of random data (use \"keyboard\" for key timing)\n\ -r randomfile: source of random data (use \"keyboard\" for key timing)\n\
-z zone: name of the zone as it will be used named.conf\n\ -s name: domain name to be updated the created key\n\
-q: quiet mode: print the key, with no explanatory text\n", -z zone: name of the zone as it will be used in named.conf\n\
-q: quiet mode: print the key, with no explanatory text\n",
progname); progname);
exit (status); exit (status);
@@ -80,7 +81,6 @@ int
main(int argc, char **argv) { main(int argc, char **argv) {
isc_boolean_t show_final_mem = ISC_FALSE; isc_boolean_t show_final_mem = ISC_FALSE;
isc_boolean_t quiet = ISC_FALSE; isc_boolean_t quiet = ISC_FALSE;
isc_boolean_t self = ISC_FALSE;
isc_buffer_t key_txtbuffer; isc_buffer_t key_txtbuffer;
char key_txtsecret[256]; char key_txtsecret[256];
isc_mem_t *mctx = NULL; isc_mem_t *mctx = NULL;
@@ -88,6 +88,7 @@ main(int argc, char **argv) {
const char *randomfile = NULL; const char *randomfile = NULL;
const char *keyname = NULL; const char *keyname = NULL;
const char *zone = NULL; const char *zone = NULL;
const char *self_domain = NULL;
char *keybuf = NULL; char *keybuf = NULL;
dns_secalg_t alg = DST_ALG_HMACSHA256; dns_secalg_t alg = DST_ALG_HMACSHA256;
const char *algname = alg_totext(alg); const char *algname = alg_totext(alg);
@@ -103,7 +104,7 @@ main(int argc, char **argv) {
isc_commandline_errprint = ISC_FALSE; isc_commandline_errprint = ISC_FALSE;
while ((ch = isc_commandline_parse(argc, argv, while ((ch = isc_commandline_parse(argc, argv,
"a:hk:Mmr:qsVy:")) != -1) { "a:hk:Mmr:qs:Vy:z:")) != -1) {
switch (ch) { switch (ch) {
case 'a': case 'a':
algname = isc_commandline_argument; algname = isc_commandline_argument;
@@ -131,11 +132,14 @@ main(int argc, char **argv) {
randomfile = isc_commandline_argument; randomfile = isc_commandline_argument;
break; break;
case 's': case 's':
self = ISC_TRUE; self_domain = isc_commandline_argument;
break; break;
case 'V': case 'V':
verbose = ISC_TRUE; verbose = ISC_TRUE;
break; break;
case 'z':
zone = isc_commandline_argument;
break;
case '?': case '?':
if (isc_commandline_option != '?') { if (isc_commandline_option != '?') {
fprintf(stderr, "%s: invalid argument -%c\n", fprintf(stderr, "%s: invalid argument -%c\n",
@@ -154,26 +158,28 @@ main(int argc, char **argv) {
argc -= isc_commandline_index; argc -= isc_commandline_index;
argv += isc_commandline_index; argv += isc_commandline_index;
if (argc == 1) if (self_domain != NULL && zone != NULL)
zone = argv[0]; usage(1); /* -s and -z cannot coexist */
if (argc > 1) if (argc > 0)
usage(1); usage(1);
DO("create memory context", isc_mem_create(0, 0, &mctx)); DO("create memory context", isc_mem_create(0, 0, &mctx));
if (self) { if (keyname == NULL) {
if (zone == NULL) const char *suffix = NULL;
usage(1);
keyname = zone;
} else {
if (keyname == NULL)
keyname = DEFAULT_KEYNAME;
if (zone != NULL) { keyname = DEFAULT_KEYNAME;
len = strlen(keyname) + strlen(zone) + 2; if (self_domain != NULL)
suffix = self_domain;
else if (zone != NULL)
suffix = zone;
if (suffix != NULL) {
len = strlen(keyname) + strlen(suffix) + 2;
keybuf = isc_mem_get(mctx, len); keybuf = isc_mem_get(mctx, len);
snprintf(keybuf, len, "%s.%s", keyname, zone); if (keybuf == NULL)
fatal("failed to allocate memory for keyname");
snprintf(keybuf, len, "%s.%s", keyname, suffix);
keyname = (const char *) keybuf; keyname = (const char *) keybuf;
} }
} }
@@ -199,7 +205,25 @@ key \"%s\" {\n\
(char *)isc_buffer_base(&key_txtbuffer)); (char *)isc_buffer_base(&key_txtbuffer));
if (!quiet) { if (!quiet) {
if (zone == NULL) { if (self_domain != NULL) {
printf("\n\
# Then, in the \"zone\" statement for the zone containing the\n\
# name \"%s\", place an \"update-policy\" statement\n\
# like this one, adjusted as needed for your preferred permissions:\n\
update-policy {\n\
grant %s self . ANY;\n\
};\n",
self_domain, keyname);
} else if (zone != NULL) {
printf("\n\
# Then, in the \"zone\" definition statement for \"%s\",\n\
# place an \"update-policy\" statement like this one, adjusted as \n\
# needed for your preferred permissions:\n\
update-policy {\n\
grant %s zonesub ANY;\n\
};\n",
zone, keyname);
} else {
printf("\n\ printf("\n\
# Then, in the \"zone\" statement for each zone you wish to dynamically\n\ # Then, in the \"zone\" statement for each zone you wish to dynamically\n\
# update, place an \"update-policy\" statement granting update permission\n\ # update, place an \"update-policy\" statement granting update permission\n\
@@ -209,34 +233,15 @@ update-policy {\n\
grant %s zonesub ANY;\n\ grant %s zonesub ANY;\n\
};\n", };\n",
keyname); keyname);
} else if (self) {
printf("\n\
# Finally, in the \"zone\" statement for the zone containing the\n\
# name \"%s\", place an \"update-policy\" statement\n\
# like this one, adjusted as needed for your preferred permissions:\n\
update-policy {\n\
grant %s self . ANY;\n\
};\n",
zone, keyname);
} else {
printf("\n\
# Finally, in the \"zone\" definition statement for \"%s\",\n\
# place an \"update-policy\" statement like this one, adjusted as \n\
# needed for your preferred permissions:\n\
update-policy {\n\
grant %s subdomain %s%s ANY;\n\
};\n",
zone, keyname, zone,
zone[strlen(zone) - 1] == '.' ? "" : ".");
} }
printf("\n\
# After the keyfile has been created, the following command will\n\
# execute nsupdate using this key:\n\
nsupdate -k <keyfile>\n");
} }
if (zone != NULL && keybuf != NULL) printf("\n\
# After the keyfile has been placed, the following command will\n\
# execute nsupdate using this key:\n\
nsupdate -k <keyfile>\n");
if (keybuf != NULL)
isc_mem_put(mctx, keybuf, len); isc_mem_put(mctx, keybuf, len);
if (show_final_mem) if (show_final_mem)

38
bin/confgen/ddns-confgen.docbook
View File

@@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE. - PERFORMANCE OF THIS SOFTWARE.
--> -->
<!-- $Id: ddns-confgen.docbook,v 1.3 2009/06/11 23:47:55 tbox Exp $ --> <!-- $Id: ddns-confgen.docbook,v 1.4 2009/06/16 22:36:53 jinmei Exp $ -->
<refentry id="man.ddns-confgen"> <refentry id="man.ddns-confgen">
<refentryinfo> <refentryinfo>
<date>Jan 29, 2009</date> <date>Jan 29, 2009</date>
@@ -48,7 +48,7 @@
<arg><option>-h</option></arg> <arg><option>-h</option></arg>
<arg><option>-k <replaceable class="parameter">keyname</replaceable></option></arg> <arg><option>-k <replaceable class="parameter">keyname</replaceable></option></arg>
<arg><option>-r <replaceable class="parameter">randomfile</replaceable></option></arg> <arg><option>-r <replaceable class="parameter">randomfile</replaceable></option></arg>
<arg><option>-s</option></arg> <arg><option>-s name | -z zone</option></arg>
<arg><option>-q</option></arg> <arg><option>-q</option></arg>
<arg choice="opt">name</arg> <arg choice="opt">name</arg>
</cmdsynopsis> </cmdsynopsis>
@@ -114,7 +114,12 @@
<listitem> <listitem>
<para> <para>
Specifies the key name of the DDNS authentication key. Specifies the key name of the DDNS authentication key.
The default is <constant>ddns-key</constant>. The default is <constant>ddns-key</constant> when neither
the <command>-s</command> nor <command>-z</command> option is
specified; otherwise, the default
is <constant>ddns-key</constant> as a separate label
followed by the argument of the option, e.g.,
<constant>ddns-key.example.com.</constant>
The key name must have the format of a valid domain name, The key name must have the format of a valid domain name,
consisting of letters, digits, hyphens and periods. consisting of letters, digits, hyphens and periods.
</para> </para>
@@ -149,14 +154,31 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term>-s</term> <term>-s <replaceable class="parameter">name</replaceable></term>
<listitem> <listitem>
<para> <para>
Self mode: The example <command>named.conf</command> text Self mode: The example <command>named.conf</command> text
shows how to set an update policy using the "self" nametype, shows how to set an update policy for the specified
using a single key per each domain name for updates, instead of <replaceable class="parameter">name</replaceable>
the "subdomain" nametype which allows matching on any name using the "self" nametype, instead of the "subdomain"
within a specified domain. nametype which allows matching on any name within a
specified domain.
This option cannot be used with the <command>-z</command> option.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-z <replaceable class="parameter">zone</replaceable></term>
<listitem>
<para>
zone mode: The example <command>named.conf</command> text
shows how to set an update policy for the specified
<replaceable class="parameter">zone</replaceable>
using the "zonesub" nametype, allowing updates to all subdomain
names within
that <replaceable class="parameter">zone</replaceable>.
This option cannot be used with the <command>-s</command> option.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>