mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

dnssec-settime: Allow manipulating state files

Browse Source 
Introduce a new option '-s' for dnssec-settime that when manipulating
timing metadata, it also updates the key state file.

For testing purposes, add options to dnssec-settime to set key
states and when they last changed.

The dst code adds ways to write and read the new key states and
timing metadata. It updates the parsing code for private key files
to not parse the newly introduced metadata (these are for state
files only).

Introduce key goal (the state the key wants to be in).
This commit is contained in:
Matthijs Mekking
2019-09-12 11:57:55 +02:00
parent c55625b035
commit 72042a06d6
10 changed files with 618 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/dns/dst_internal.h
View File

@@ -108,11 +108,16 @@ struct dst_key {
isc_stdtime_t times[DST_MAX_TIMES + 1]; /*%< timing metadata */
bool timeset[DST_MAX_TIMES + 1]; /*%< data set? */
uint32_t nums[DST_MAX_NUMERIC + 1]; /*%< numeric metadata */
bool numset[DST_MAX_NUMERIC + 1]; /*%< data set? */
bool bools[DST_MAX_BOOLEAN + 1]; /*%< boolean metadata */
bool boolset[DST_MAX_BOOLEAN + 1]; /*%< data set? */
dst_key_state_t keystates[DST_MAX_KEYSTATES + 1]; /*%< key states */
bool keystateset[DST_MAX_KEYSTATES + 1]; /*%< data set? */
bool inactive; /*%< private key not present as it is inactive */
bool external; /*%< external key */