[Opendnssec-commits] [keihatsu.kirei.se/svn/dnssec] r3759 - in trunk/OpenDNSSEC/auditor/lib: . kasp_auditor

Alex Dalitz alexd at nominet.org.uk
Fri Aug 13 17:02:55 CEST 2010


Author: alex
Date: 2010-08-13 17:02:55 +0200 (Fri, 13 Aug 2010)
New Revision: 3759

Modified:
   trunk/OpenDNSSEC/auditor/lib/kasp_auditor.rb
   trunk/OpenDNSSEC/auditor/lib/kasp_auditor/changed_config.rb
   trunk/OpenDNSSEC/auditor/lib/kasp_auditor/key_tracker.rb
   trunk/OpenDNSSEC/auditor/lib/kasp_checker.rb
Log:
Updating comments for rdoc

Modified: trunk/OpenDNSSEC/auditor/lib/kasp_auditor/changed_config.rb
===================================================================
--- trunk/OpenDNSSEC/auditor/lib/kasp_auditor/changed_config.rb	2010-08-13 13:45:30 UTC (rev 3758)
+++ trunk/OpenDNSSEC/auditor/lib/kasp_auditor/changed_config.rb	2010-08-13 15:02:55 UTC (rev 3759)
@@ -30,10 +30,14 @@
   # It keeps a list of the elements which we are interested in, the last value they
   # were seen to have, and the timestamp at which that value changed (0 if they
   # have not been seen to change).
+  # It allows the auditor to respond to changes in policy, and not raise errors
+  # when it sees records in the zone which still conform to the old policy.
   # @TODO@ TEST CODE FOR THIS CLASS!
   # @TODO@ TEST CODE FOR THE POLICY CHANGES FUNCTIONALITY - check that the auditor
   #   does not produce errors as a result of changes in policy.
   class ChangedConfig
+     # This class holds some data, along with the timestamp at which is was last
+     # seen to change
     class Element
       attr_accessor :timestamp
       attr_reader :value
@@ -60,10 +64,11 @@
           return "#{@value}, #{@timestamp}"
         end
       end
-      # @TODO@ Need some way to get key algorithm, length etc. out of here
 
     end
 
+    # This class allows a Key config element to be stored in a single Element,
+    # with meaningful methods to access the data within.
     class Key < Element
       def algorithm
         return @value[0]
@@ -82,6 +87,9 @@
     attr_accessor :rrsig_inception_offset, :zsks, :ksks
     attr_accessor :kasp_timestamp, :conf_timestamp
 
+    # Initialised by the config parsing system - works out what has changed on
+    # startup, and stores the data internally. The only other public methods are
+    # inspection methods
     def initialize(*args)
       zone = args[0]
       conf_file = args[1]
@@ -218,6 +226,7 @@
       return false
     end
 
+    # Reset the cache
     def reset_elements(config, conf_file, kasp_file)
       @zsks = []
       @ksks = []
@@ -311,6 +320,7 @@
       end
     end
 
+    # Has the Signature configuration for this policy changed?
     def signature_config_changed?
       if (get_signature_timestamp != 0)
         return true

Modified: trunk/OpenDNSSEC/auditor/lib/kasp_auditor/key_tracker.rb
===================================================================
--- trunk/OpenDNSSEC/auditor/lib/kasp_auditor/key_tracker.rb	2010-08-13 13:45:30 UTC (rev 3758)
+++ trunk/OpenDNSSEC/auditor/lib/kasp_auditor/key_tracker.rb	2010-08-13 15:02:55 UTC (rev 3759)
@@ -60,6 +60,9 @@
 
     # The Cache holds the data for each of the Status levels.
     # It is dynamically generated from the Status levels.
+    # The dynamic methods created here will not show up in RDoc,
+    # but consist of methods to add, remove and find keys in
+    # different states. Timestamps are also held here.
     class Cache
       # Set up add_inuse_key, etc.
       Status.strings.each {|s| eval "attr_reader :#{s.downcase}"}
@@ -108,7 +111,7 @@
     attr_reader :cache
     attr_accessor :last_soa_serial
 
-    # So, each run, the auditor needs to load the key caches for the zone, then
+    # Each run, the auditor needs to load the key caches for the zone, then
     # audit the zone, keeping track of which keys are used. The key caches are
     # then updated. The auditor needs to run the lifetime, numStandby checks
     # on the keys as well.
@@ -222,6 +225,7 @@
     end
 
     # The auditor calls this method at the end of the auditing run.
+    # This is the only public method in this class.
     # It passes in all the keys it has seen, and the keys it has seen used.
     # keys is a list of DNSKeys, and keys_used is a list of the key_tags
     # used to sign RRSIGs in the zone.
@@ -242,7 +246,7 @@
       save_tracker_cache
     end
 
-    # run the checks on the new zone data
+    # run the checks on the new zone data - called internally
     def run_checks(soa_ttl)
       # We also need to perform the auditing checks against the config
       # Checks to be performed :

Modified: trunk/OpenDNSSEC/auditor/lib/kasp_auditor.rb
===================================================================
--- trunk/OpenDNSSEC/auditor/lib/kasp_auditor.rb	2010-08-13 13:45:30 UTC (rev 3758)
+++ trunk/OpenDNSSEC/auditor/lib/kasp_auditor.rb	2010-08-13 15:02:55 UTC (rev 3759)
@@ -70,7 +70,7 @@
   # sorted into canonical order. These files are then processed by the
   # Auditor. If processing an NSEC3-signed file, the Auditor will create
   # additional temporary files, which are processed after the main auditing
-  # run.
+  # run. This class controls the process.
   class Runner
 
     attr_accessor :kasp_file, :zone_name, :signed_temp, :unsigned_zone
@@ -178,8 +178,8 @@
       exit(ret)
     end
     
+    # Invoke the partial auditor
     def partial_audit(ret, input_file, output_file, working, config, syslog, enforcer_interval)
-      # Invoke the partial auditor
       auditor = PartialAuditor.new(syslog, working)
       ret_val = auditor.check_zone(config, input_file, output_file, enforcer_interval)
       ret = ret_val if (ret_val < ret)
@@ -189,6 +189,7 @@
       return ret
     end
 
+    # Invoked the full auditor
     def full_audit(ret, input_file, output_file, pid, working, config, syslog, enforcer_interval)
       # Perform a full audit of every record. This requires sorting the zones canonically.
       # Preparse the input and output files
@@ -230,6 +231,7 @@
       return ret
     end
 
+    # Prepare the input unsigned and signed files for auditing
     def normalise_and_sort(f, prefix, pid, working, config)
       pp = Preparser.new(config)
       parsed_file = working+get_name(f)+".#{prefix}.parsed.#{pid}"
@@ -330,17 +332,17 @@
           rescue Exception
             KASPAuditor.exit("Can't read Enforcer->Interval from Configuration", 1)
           end
-            begin
-              working = doc.elements['Configuration/Auditor/WorkingDirectory'].text
-            rescue Exception
-              working = @working_folder
-            end
-            begin
-              signer_working = doc.elements['Configuration/Signer/WorkingDirectory'].text
-            rescue Exception
-              signer_working = @working_folder
-            end
           begin
+            working = doc.elements['Configuration/Auditor/WorkingDirectory'].text
+          rescue Exception
+            working = @working_folder
+          end
+          begin
+            signer_working = doc.elements['Configuration/Signer/WorkingDirectory'].text
+          rescue Exception
+            signer_working = @working_folder
+          end
+          begin
             zonelist = doc.elements['Configuration/Common/ZoneListFile'].text
           rescue Exception
             KASPAuditor.exit("Can't read zonelist location from conf.xml - exiting", 1)

Modified: trunk/OpenDNSSEC/auditor/lib/kasp_checker.rb
===================================================================
--- trunk/OpenDNSSEC/auditor/lib/kasp_checker.rb	2010-08-13 13:45:30 UTC (rev 3758)
+++ trunk/OpenDNSSEC/auditor/lib/kasp_checker.rb	2010-08-13 15:02:55 UTC (rev 3759)
@@ -36,6 +36,9 @@
 
 
 module KASPChecker
+  # This class checks the conf.xml and kasp.xml files to make sure that they
+  # syntactically valid, and also semantically valid. Any oddities in the
+  # configuration are reported to the user.
   class Checker
     $SAFE = 1
     KASP_FILE = "kasp"




More information about the Opendnssec-commits mailing list