Sophie: perl-Net-DNS-SEC-0.16-5.fc15 noarch

perl-Net-DNS-SEC-0.16-5.fc15.noarch.rpm

#!/usr/bin/perl
#
# takes a bind public key file and creates a self-signed keyset
#

use Getopt::Std;
use Net::DNS;
use File::Basename;

# global variables
$VERSION = "0.1";
$verbose = 0;
$printds = 0;
$progname = basename($0);
chomp($progname);

# main program
getopts('dvhVf:n:');

if (defined($opt_d)) {
  $printds = 1;
}
if (defined($opt_v)) {
  $verbose = 1;
}
if (defined($opt_h)) {
	&usage();
}
if (defined($opt_V)) {
	&version();
}
if ($#ARGV < 0) {
	&usage();
}
# silent some compiler warnings until i figure them out 
$opt_d=0;
$opt_v=0;
$opt_h=0;
$opt_V=0;
&make_keyset(@ARGV);
exit(0);

# print the usage and exit
sub usage {
	print("usage: $progname [-vhV] file\n");
	print("Options:\n");
  print("       -d    Print the DS record for each key in the keyset.\n");
  print("       -v    Be verbose.\n");
	print("       -h    Print this usage message.\n");
	print("       -V    Print version information.\n");
	print("       file  BIND public key file.\n");
	exit(0);
}

# print version information
sub version {
	print("$progname v$VERSION using Net::DNS v", Net::DNS->version, "\n");
	exit(0);
}

sub make_keyset {
	my $file = shift();
	my $directory = dirname($file);
	print("Processing file: $file\n");

  if ($verbose) {
    print("Opening $file\n");
  }
	open(FILE, $file) or die("$progname: unable to open $file.\n");

  if ($verbose) {
    print("Reading $file\n");
  }
  my $keyrr_txt;
  while (<FILE>) {
    if (m/^\$.*/) {
      if ($verbose) {
        print("Discarding BIND keyword in $file\n");
      }
      next;
    }
    $keyrr_txt = $keyrr_txt . $_;
  }

  if ($verbose) {
    print("Creating DNSKEY RR\n");
  }
	my $keyrr = Net::DNS::RR->new($keyrr_txt);

  if ($verbose) {
    print("Creating Keyset\n");
  }
	my @keys = ($keyrr);
	use Net::DNS::Keyset;
	my $keyset = Net::DNS::Keyset->new(\@keys, "$directory") or
	    die("$progname: unable to create keyset. $Net::DNS::Keyset::keyset_err.\n");

  if ($verbose) {
    print("Verifying Keyset\n");
  }
	$keyset->verify() or
	    die("$progname: unable to verify keyset. $Net::DNS::Keyset::keyset_err.\n");

  if ($verbose) {
    print("Keyset:\n");
	  $keyset->print();
    print("Writing Keyset\n");
  }
	$keyset->writekeyset("signed-") or
	    die("$progname: unable to write keyset. $Net::DNS::Keyset::keyset_err.\n");

  if ($printds) {
    if ($verbose) {
      print("Extracting DS RR\n");
    }
    my @ds=$keyset->extract_ds();
    foreach $ds (@ds) {
      $ds->print();
    }
  }
}

=head1 NAME

make-signed-keyset - create a self-signed keyset

=head1 SYNOPSIS

make-signed-keyset [-v] file

=head1 DESCRIPTION

make-signed-keyset is a program that creates a self-signed keyset from
a BIND public key file specified on the command line.

The options are as follows:

=over

=item

-v  Be verbose.
-d  Print the DS record for each key in the keyset.

=head2 Author

Contributed by Wes Griffin <wgriffin@jtan.com>

=back