[Opendnssec-commits] [keihatsu.kirei.se/svn/dnssec] r3823 - in trunk/OpenDNSSEC/enforcer: ksm ksm/include/ksm utils

Sion Lloyd sion at nominet.org.uk
Fri Aug 27 16:10:01 CEST 2010


Author: sion
Date: 2010-08-27 16:10:01 +0200 (Fri, 27 Aug 2010)
New Revision: 3823

Added:
   trunk/OpenDNSSEC/enforcer/utils/migrate_100827_1.sqlite3
Modified:
   trunk/OpenDNSSEC/enforcer/ksm/include/ksm/ksm.h
   trunk/OpenDNSSEC/enforcer/ksm/ksm_import.c
   trunk/OpenDNSSEC/enforcer/utils/database_create.mysql
   trunk/OpenDNSSEC/enforcer/utils/database_create.sqlite3
   trunk/OpenDNSSEC/enforcer/utils/ksmutil.c
   trunk/OpenDNSSEC/enforcer/utils/migrate_keyshare_mysql.pl
   trunk/OpenDNSSEC/enforcer/utils/migrate_keyshare_sqlite3.pl
   trunk/OpenDNSSEC/enforcer/utils/ods-ksmutil.1.in
Log:
Introducing --no-xml; allow zone add/delete without touching zonelist. Pivotal story 3998459.


Modified: trunk/OpenDNSSEC/enforcer/ksm/include/ksm/ksm.h
===================================================================
--- trunk/OpenDNSSEC/enforcer/ksm/include/ksm/ksm.h	2010-08-27 10:27:42 UTC (rev 3822)
+++ trunk/OpenDNSSEC/enforcer/ksm/include/ksm/ksm.h	2010-08-27 14:10:01 UTC (rev 3823)
@@ -606,7 +606,7 @@
 /* KsmImport */
 int KsmImportRepository(const char* repo_name, const char* repo_capacity, int require_backup);
 int KsmImportPolicy(const char* policy_name, const char* policy_description);
-int KsmImportZone(const char* zone_name, int policy_id, int fail_if_exists, int *new_zone);
+int KsmImportZone(const char* zone_name, int policy_id, int fail_if_exists, int *new_zone, const char* signconf, const char* input, const char* output);
 int KsmImportAudit(int policy_id, const char* audit_contents);
 int KsmImportKeyPair(int policy_id, const char* HSMKeyID, int smID, int size, int alg, int state, const char* time, DB_ID* id);
 int KsmSmIdFromName(const char* name, int *id);

Modified: trunk/OpenDNSSEC/enforcer/ksm/ksm_import.c
===================================================================
--- trunk/OpenDNSSEC/enforcer/ksm/ksm_import.c	2010-08-27 10:27:42 UTC (rev 3822)
+++ trunk/OpenDNSSEC/enforcer/ksm/ksm_import.c	2010-08-27 14:10:01 UTC (rev 3823)
@@ -186,6 +186,15 @@
  *      int *new_zone
  *          (returned) indicate if the zone was new to the database
  *
+ *      const char* signconf
+ *          Where is the signconf saved
+ *
+ *      const char* input
+ *          Where is the input file
+ *
+ *      const char* output
+ *          Where is the output file
+ *
  * Returns:
  *      int
  *          Status return.  0 on success.
@@ -193,7 +202,7 @@
  *                         -2 if the zone exists and fail_if_exists == 1
 -*/
 
-int KsmImportZone(const char* zone_name, int policy_id, int fail_if_exists, int *new_zone)
+int KsmImportZone(const char* zone_name, int policy_id, int fail_if_exists, int *new_zone, const char* signconf, const char* input, const char* output)
 {
     char*       sql = NULL;     /* SQL query */
     int         status = 0;     /* Status return */
@@ -224,9 +233,12 @@
     /* If the count was 0 then we do an insert, otherwise we do an update */
     if (count == 0)
     {
-        sql = DisSpecifyInit(DB_ZONE_TABLE, "name, policy_id");
+        sql = DisSpecifyInit(DB_ZONE_TABLE, "name, policy_id, signconf, input, output");
         DisAppendString(&sql, zone_name);
         DisAppendInt(&sql, policy_id);
+        DisAppendString(&sql, signconf);
+        DisAppendString(&sql, input);
+        DisAppendString(&sql, output);
         DisEnd(&sql);
 
         status = DbExecuteSqlNoResult(DbHandle(), sql);
@@ -241,6 +253,9 @@
         }
         sql = DusInit(DB_ZONE_TABLE);
         DusSetInt(&sql, "policy_id", policy_id, 0);
+        DusSetString(&sql, "signconf", signconf, 1);
+        DusSetString(&sql, "input", input, 2);
+        DusSetString(&sql, "output", output, 3);
         DusConditionString(&sql, "name", DQS_COMPARE_EQ, zone_name, 0);
         DusEnd(&sql);
 

Modified: trunk/OpenDNSSEC/enforcer/utils/database_create.mysql
===================================================================
--- trunk/OpenDNSSEC/enforcer/utils/database_create.mysql	2010-08-27 10:27:42 UTC (rev 3822)
+++ trunk/OpenDNSSEC/enforcer/utils/database_create.mysql	2010-08-27 14:10:01 UTC (rev 3823)
@@ -83,6 +83,9 @@
   id            mediumint not null auto_increment,    # id
   name          varchar(300) not null ,  # name of the parameter
   policy_id     mediumint not null,
+  signconf      varchar(4096),  # where is the signconf
+  input         varchar(4096),  # where is the input
+  output        varchar(4096),  # where is the output
 
   constraint primary key (id),
   constraint foreign key (policy_id) references policies (id)

Modified: trunk/OpenDNSSEC/enforcer/utils/database_create.sqlite3
===================================================================
--- trunk/OpenDNSSEC/enforcer/utils/database_create.sqlite3	2010-08-27 10:27:42 UTC (rev 3822)
+++ trunk/OpenDNSSEC/enforcer/utils/database_create.sqlite3	2010-08-27 14:10:01 UTC (rev 3823)
@@ -75,6 +75,9 @@
   id            integer primary key autoincrement,    -- id
   name          varchar(300) not null ,  -- name of the parameter
   policy_id     mediumint not null,
+  signconf      varchar(4096),  -- where is the signconf
+  input         varchar(4096),  -- where is the input
+  output        varchar(4096),  -- where is the output
   
   foreign key (policy_id) references policies (id)
 );

Modified: trunk/OpenDNSSEC/enforcer/utils/ksmutil.c
===================================================================
--- trunk/OpenDNSSEC/enforcer/utils/ksmutil.c	2010-08-27 10:27:42 UTC (rev 3822)
+++ trunk/OpenDNSSEC/enforcer/utils/ksmutil.c	2010-08-27 14:10:01 UTC (rev 3823)
@@ -104,6 +104,7 @@
 static int ds_flag = 0;
 static int retire_flag = 1;
 static int verbose_flag = 0;
+static int xml_flag = 1;
 
 static int restart_enforcerd(void);
 
@@ -849,7 +850,7 @@
         StrFree(output_name);
         return(1);
     }
-    status = KsmImportZone(o_zone, policy_id, 1, &new_zone);
+    status = KsmImportZone(o_zone, policy_id, 1, &new_zone, sig_conf_name, input_name, output_name);
     if (status != 0) {
         if (status == -2) {
             printf("Failed to Import zone; it already exists\n");
@@ -906,46 +907,53 @@
     db_disconnect(lock_fd);
     DbDisconnect(dbhandle);
 
-    /* Read the file and add our new node in memory */
-    /* TODO don't add if it already exists */
-    xmlKeepBlanksDefault(0);
-    xmlTreeIndentString = "\t";
-    doc = add_zone_node(zonelist_filename, o_zone, o_policy, sig_conf_name, input_name, output_name);
+    if (xml_flag == 1) {
+        /* Read the file and add our new node in memory */
+        /* TODO don't add if it already exists */
+        xmlKeepBlanksDefault(0);
+        xmlTreeIndentString = "\t";
+        doc = add_zone_node(zonelist_filename, o_zone, o_policy, sig_conf_name, input_name, output_name);
 
-    StrFree(sig_conf_name);
-    StrFree(input_name);
-    StrFree(output_name);
+        StrFree(sig_conf_name);
+        StrFree(input_name);
+        StrFree(output_name);
 
-    if (doc == NULL) {
-        StrFree(zonelist_filename);
-        return(1);
-    }
+        if (doc == NULL) {
+            StrFree(zonelist_filename);
+            return(1);
+        }
 
-    /* Backup the current zonelist */
-    StrAppend(&backup_filename, zonelist_filename);
-    StrAppend(&backup_filename, ".backup");
-    status = backup_file(zonelist_filename, backup_filename);
-    StrFree(backup_filename);
-    if (status != 0) {
+        /* Backup the current zonelist */
+        StrAppend(&backup_filename, zonelist_filename);
+        StrAppend(&backup_filename, ".backup");
+        status = backup_file(zonelist_filename, backup_filename);
+        StrFree(backup_filename);
+        if (status != 0) {
+            StrFree(zonelist_filename);
+            return(status);
+        }
+
+        /* Save our new one over, TODO should we validate it first? */
+        status = xmlSaveFormatFile(zonelist_filename, doc, 1);
         StrFree(zonelist_filename);
-        return(status);
-    }
+        xmlFreeDoc(doc);
 
-    /* Save our new one over, TODO should we validate it first? */
-    status = xmlSaveFormatFile(zonelist_filename, doc, 1);
-    StrFree(zonelist_filename);
-    xmlFreeDoc(doc);
-
-    if (status == -1) {
-        printf("couldn't save zonelist\n");
-        return(1);
+        if (status == -1) {
+            printf("couldn't save zonelist\n");
+            return(1);
+        }
     }
 
     /* TODO - KICK THE ENFORCER? */
     /* <matthijs> TODO - ods-signer update? */
 
-    printf("Imported zone: %s\n", o_zone);
+    if (xml_flag == 0) {
+        printf("Imported zone: %s into database only, please run \"ods-ksmutil zonelist export\" to update zonelist.xml\n", o_zone);
+    } else {
+        printf("Imported zone: %s\n", o_zone);
+    }
 
+
     return 0;
 }
 
@@ -1009,44 +1017,46 @@
      * DO XML STUFF FIRST
      */
 
-    /* Set zonelist from the conf.xml that we have got */
-    status = read_zonelist_filename(&zonelist_filename);
-    if (status != 0) {
-        printf("couldn't read zonelist\n");
-        db_disconnect(lock_fd);
-        StrFree(zonelist_filename);
-        return(1);
-    }
+    if (xml_flag == 1) {
+        /* Set zonelist from the conf.xml that we have got */
+        status = read_zonelist_filename(&zonelist_filename);
+        if (status != 0) {
+            printf("couldn't read zonelist\n");
+            db_disconnect(lock_fd);
+            StrFree(zonelist_filename);
+            return(1);
+        }
 
-    /* Read the file and delete our zone node(s) in memory */
-    doc = del_zone_node(zonelist_filename, o_zone);
-    if (doc == NULL) {
-        db_disconnect(lock_fd);
-        StrFree(zonelist_filename);
-        return(1);
-    }
+        /* Read the file and delete our zone node(s) in memory */
+        doc = del_zone_node(zonelist_filename, o_zone);
+        if (doc == NULL) {
+            db_disconnect(lock_fd);
+            StrFree(zonelist_filename);
+            return(1);
+        }
 
-    /* Backup the current zonelist */
-    StrAppend(&backup_filename, zonelist_filename);
-    StrAppend(&backup_filename, ".backup");
-    status = backup_file(zonelist_filename, backup_filename);
-    StrFree(backup_filename);
-    if (status != 0) {
+        /* Backup the current zonelist */
+        StrAppend(&backup_filename, zonelist_filename);
+        StrAppend(&backup_filename, ".backup");
+        status = backup_file(zonelist_filename, backup_filename);
+        StrFree(backup_filename);
+        if (status != 0) {
+            StrFree(zonelist_filename);
+            db_disconnect(lock_fd);
+            return(status);
+        }
+
+        /* Save our new one over, TODO should we validate it first? */
+        status = xmlSaveFormatFile(zonelist_filename, doc, 1);
+        xmlFreeDoc(doc);
         StrFree(zonelist_filename);
-        db_disconnect(lock_fd);
-        return(status);
+        if (status == -1) {
+            printf("Could not save %s\n", zonelist_filename);
+            db_disconnect(lock_fd);
+            return(1);
+        }
     }
 
-    /* Save our new one over, TODO should we validate it first? */
-    status = xmlSaveFormatFile(zonelist_filename, doc, 1);
-    xmlFreeDoc(doc);
-    StrFree(zonelist_filename);
-    if (status == -1) {
-        printf("Could not save %s\n", zonelist_filename);
-        db_disconnect(lock_fd);
-        return(1);
-    }
-
     /*
      * NOW SORT OUT THE DATABASE (zone_id will still be -1 if we are deleting all)
      */
@@ -1112,6 +1122,10 @@
     /* Release sqlite lock file (if we have it) */
     db_disconnect(lock_fd);
 
+    if (xml_flag == 0) {
+        printf("Deleted zone: %s from database only, please run \"ods-ksmutil zonelist export\" to update zonelist.xml\n", o_zone);
+    }
+
     return 0;
 }
 
@@ -2809,6 +2823,7 @@
         {"help",    no_argument,       0, 'h'},
         {"input",   required_argument, 0, 'i'},
         {"cka_id",  required_argument, 0, 'k'},
+        {"no-xml",  no_argument,        0, 'm'},
         {"interval",  required_argument, 0, 'n'},
         {"output",  required_argument, 0, 'o'},
         {"policy",  required_argument, 0, 'p'},
@@ -2861,6 +2876,9 @@
             case 'k':
                 o_cka_id = StrStrdup(optarg);
                 break;
+            case 'm':
+                xml_flag = 0;
+                break;
             case 'n':
                 o_interval = StrStrdup(optarg);
                 break;
@@ -3930,6 +3948,9 @@
     char* zone_name = NULL;
     char* policy_name = NULL;
     char* current_policy = NULL;
+    char* current_signconf = NULL;
+    char* current_input = NULL;
+    char* current_output = NULL;
     char* temp_char = NULL;
     char* tag_name = NULL;
     int policy_id = 0;
@@ -3951,6 +3972,9 @@
 
     xmlChar *name_expr = (unsigned char*) "name";
     xmlChar *policy_expr = (unsigned char*) "//Zone/Policy";
+    xmlChar *signconf_expr = (unsigned char*) "//Zone/SignerConfiguration";
+    xmlChar *input_expr = (unsigned char*) "//Zone/Adapters/Input/File";
+    xmlChar *output_expr = (unsigned char*) "//Zone/Adapters/Output/File";
 
     /* TODO validate the file ? */
     /* Read through the file counting zones TODO better way to do this? */
@@ -4027,7 +4051,6 @@
                 /* Extract the Policy name for this zone */
                 /* Evaluate xpath expression for policy */
                 xpathObj = xmlXPathEvalExpression(policy_expr, xpathCtx);
-                xmlXPathFreeContext(xpathCtx);
                 if(xpathObj == NULL) {
                     printf("Error: unable to evaluate xpath expression: %s; skipping zone\n", policy_expr);
                     /* Don't return? try to parse the rest of the zones? */
@@ -4056,10 +4079,59 @@
                     }
                 }
 
+                /* Extract the Signconf name for this zone */
+                /* Evaluate xpath expression */
+                xpathObj = xmlXPathEvalExpression(signconf_expr, xpathCtx);
+                if(xpathObj == NULL) {
+                    printf("Error: unable to evaluate xpath expression: %s; skipping zone\n", signconf_expr);
+                    /* Don't return? try to parse the rest of the zones? */
+                    ret = xmlTextReaderRead(reader);
+                    continue;
+                }
+
+                current_signconf = NULL;
+                temp_char = (char *)xmlXPathCastToString(xpathObj);
+                StrAppend(&current_signconf, temp_char);
+                StrFree(temp_char);
+                xmlXPathFreeObject(xpathObj);
+
+                /* Extract the Input name for this zone */
+                /* Evaluate xpath expression */
+                xpathObj = xmlXPathEvalExpression(input_expr, xpathCtx);
+                if(xpathObj == NULL) {
+                    printf("Error: unable to evaluate xpath expression: %s; skipping zone\n", input_expr);
+                    /* Don't return? try to parse the rest of the zones? */
+                    ret = xmlTextReaderRead(reader);
+                    continue;
+                }
+
+                current_input = NULL;
+                temp_char = (char *)xmlXPathCastToString(xpathObj);
+                StrAppend(&current_input, temp_char);
+                StrFree(temp_char);
+                xmlXPathFreeObject(xpathObj);
+
+                /* Extract the Output name for this zone */
+                /* Evaluate xpath expression */
+                xpathObj = xmlXPathEvalExpression(output_expr, xpathCtx);
+                xmlXPathFreeContext(xpathCtx);
+                if(xpathObj == NULL) {
+                    printf("Error: unable to evaluate xpath expression: %s; skipping zone\n", output_expr);
+                    /* Don't return? try to parse the rest of the zones? */
+                    ret = xmlTextReaderRead(reader);
+                    continue;
+                }
+
+                current_output = NULL;
+                temp_char = (char *)xmlXPathCastToString(xpathObj);
+                StrAppend(&current_output, temp_char);
+                StrFree(temp_char);
+                xmlXPathFreeObject(xpathObj);
+
                 /*
                  * Now we have all the information update/insert this repository
                  */
-                status = KsmImportZone(zone_name, policy_id, 0, &new_zone);
+                status = KsmImportZone(zone_name, policy_id, 0, &new_zone, current_signconf, current_input, current_output);
                 if (status != 0) {
                     printf("Error Importing Zone %s\n", zone_name);
                     /* Don't return? try to parse the rest of the zones? */
@@ -4094,6 +4166,9 @@
 
                 StrFree(zone_name);
                 StrFree(current_policy);
+                StrFree(current_signconf);
+                StrFree(current_input);
+                StrFree(current_output);
 
                 new_zone = 0;
 

Modified: trunk/OpenDNSSEC/enforcer/utils/migrate_keyshare_mysql.pl
===================================================================
--- trunk/OpenDNSSEC/enforcer/utils/migrate_keyshare_mysql.pl	2010-08-27 10:27:42 UTC (rev 3822)
+++ trunk/OpenDNSSEC/enforcer/utils/migrate_keyshare_mysql.pl	2010-08-27 14:10:01 UTC (rev 3823)
@@ -192,6 +192,15 @@
     or die "Couldn't add column pre_backup: $!";
 
 ###
+# Add new columns to zones table
+$dbh->do("alter table zones add column signconf varchar(4096)")
+    or die "Couldn't add column signconf: $!";
+$dbh->do("alter table zones add column input varchar(4096)")
+    or die "Couldn't add column input: $!";
+$dbh->do("alter table zones add column output varchar(4096)")
+    or die "Couldn't add column output: $!";
+
+###
 # Update DB version number
 $dbh->do("update dbadmin set version = 2")
     or die "Couldn't update dbadmin: $!";

Modified: trunk/OpenDNSSEC/enforcer/utils/migrate_keyshare_sqlite3.pl
===================================================================
--- trunk/OpenDNSSEC/enforcer/utils/migrate_keyshare_sqlite3.pl	2010-08-27 10:27:42 UTC (rev 3822)
+++ trunk/OpenDNSSEC/enforcer/utils/migrate_keyshare_sqlite3.pl	2010-08-27 14:10:01 UTC (rev 3823)
@@ -187,6 +187,15 @@
 }
 
 ###
+# Add new columns to zones table
+$dbh->do("alter table zones add column signconf varchar(4096)")
+    or die "Couldn't add column signconf: $!";
+$dbh->do("alter table zones add column input varchar(4096)")
+    or die "Couldn't add column input: $!";
+$dbh->do("alter table zones add column output varchar(4096)")
+    or die "Couldn't add column output: $!";
+
+###
 # Update DB version number
 $dbh->do("update dbadmin set version = 2")
     or die "Couldn't update dbadmin: $!";

Modified: trunk/OpenDNSSEC/enforcer/utils/ods-ksmutil.1.in
===================================================================
--- trunk/OpenDNSSEC/enforcer/utils/ods-ksmutil.1.in	2010-08-27 10:27:42 UTC (rev 3822)
+++ trunk/OpenDNSSEC/enforcer/utils/ods-ksmutil.1.in	2010-08-27 14:10:01 UTC (rev 3823)
@@ -91,7 +91,7 @@
 .SH "ZONE MANAGEMENT SUBCOMMANDS"
 .LP
 .TP
-.B zone add \-\-zone|\-z \fIzone\fB [--policy|-p \fIname\fB] [--input|-i \fIinput\fB] [--output|-o \fIoutput\fB]
+.B zone add \-\-zone|\-z \fIzone\fB [--policy|-p \fIname\fB] [\-\-input|-i \fIinput\fB] [\-\-output|-o \fIoutput\fB] [\-\-no\-xml]
 Add a zone to both zonelist.xml and the database.  This is equivalent to
 manually editing zonelist.xml and then running the
 .B update zonelist
@@ -101,8 +101,11 @@
 non-standard location for the unsigned zone (default is 
 @OPENDNSSEC_STATE_DIR@/unsigned/ZONE); the \-\-output option specifies a non-standard 
 location for the signed zone (default is @OPENDNSSEC_STATE_DIR@/signed/ZONE).
+The \-\-no\-xml flag stops the zonelist.xml file from being updated. This is
+suitable for a batch mode where you will add multiple zones and then just write
+zonelist once at the end.
 .TP
-.B zone delete --zone|-z \fIname\fB
+.B zone delete --zone|-z \fIname\fB [\-\-no\-xml]
 .TP
 .B zone delete --all|-a
 Delete one zone (or all zones, respectively) from both zonelist.xml and
@@ -110,6 +113,9 @@
 running the
 .B update zonelist
 subcommand.
+The \-\-no\-xml flag stops the zonelist.xml file from being updated. This is
+suitable for a batch mode where you will delete multiple zones and then just 
+write zonelist once at the end.
 .TP
 .B zone list
 List zones from the zonelist.xml.




More information about the Opendnssec-commits mailing list