dnssec-settime: Allow manipulating state files

Introduce a new option '-s' for dnssec-settime that when manipulating timing metadata, it also updates the key state file. For testing purposes, add options to dnssec-settime to set key states and when they last changed. The dst code adds ways to write and read the new key states and timing metadata. It updates the parsing code for private key files to not parse the newly introduced metadata (these are for state files only). Introduce key goal (the state the key wants to be in).
2025-08-30 22:15:20 +00:00 · 2019-09-12 11:57:55 +02:00
parent c55625b035
commit 72042a06d6
10 changed files with 618 additions and 94 deletions
--- a/lib/dns/dst_parse.c
+++ b/lib/dns/dst_parse.c
@@ -61,7 +61,11 @@ static const char *timetags[TIMING_NTAGS] = {
 	"Delete:",
 	"DSPublish:",
 	"SyncPublish:",
-	"SyncDelete:"
+	"SyncDelete:",
+	NULL,
+	NULL,
+	NULL,
+	NULL
 };

 #define NUMERIC_NTAGS (DST_MAX_NUMERIC + 1)
@@ -69,7 +73,8 @@ static const char *numerictags[NUMERIC_NTAGS] = {
 	"Predecessor:",
 	"Successor:",
 	"MaxTTL:",
-	"RollPeriod:"
+	"RollPeriod:",
+	NULL
 };

 struct parse_map {
@@ -754,7 +759,7 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv,

 			if (timetags[i] != NULL) {
 				fprintf(fp, "%s %.*s\n", timetags[i],
-				        (int)r.length, r.base);
+					(int)r.length, r.base);
 			}
 		}
 	}