[Opendnssec-commits] [keihatsu.kirei.se/svn/dnssec] r5283 - branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer

Yuri Schaeffer yuri at keihatsu.kirei.se
Mon Jul 4 12:20:53 CEST 2011


Author: yuri
Date: 2011-07-04 12:20:53 +0200 (Mon, 04 Jul 2011)
New Revision: 5283

Modified:
   branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer/enforcer.cpp
Log:
pending edits old model

Modified: branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer/enforcer.cpp
===================================================================
--- branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer/enforcer.cpp	2011-07-04 10:20:22 UTC (rev 5282)
+++ branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer/enforcer.cpp	2011-07-04 10:20:53 UTC (rev 5283)
@@ -41,7 +41,7 @@
 		min = t;
 }
 
-/** 
+/**
  * Translate the record state to something human readable.
  **/
 const char* stateName(const int state) {
@@ -75,8 +75,8 @@
 void setState(KeyState &record_state, const int new_state,
 		const time_t now ) {
 	const char *scmd = "setState";
-	
-	ods_log_verbose("[%s] %s to %s", module_str, scmd, 
+
+	ods_log_verbose("[%s] %s to %s", module_str, scmd,
 			stateName(new_state));
 	record_state.setState(new_state);
 	record_state.setLastChange(now);
@@ -138,7 +138,7 @@
 	const char *scmd = "updateDs";
 
 	KeyState &record_state = key.keyStateDS();
-	ods_log_verbose("[%s] %s state %s", module_str, scmd, 
+	ods_log_verbose("[%s] %s state %s", module_str, scmd,
 			stateName(record_state.state()));
 	switch ( record_state.state() ) {
 
@@ -352,7 +352,7 @@
 	const char *scmd = "updateDnskey";
 
 	KeyState &record_state = key.keyStateDNSKEY();
-	ods_log_verbose("[%s] %s state %s", module_str, scmd, 
+	ods_log_verbose("[%s] %s state %s", module_str, scmd,
 			stateName(record_state.state()));
 	switch ( record_state.state() ) {
 
@@ -544,7 +544,7 @@
 	bool safeToWithdraw;
 
 	KeyState &record_state = key.keyStateRRSIG();
-	ods_log_verbose("[%s] %s state %s", module_str, scmd, 
+	ods_log_verbose("[%s] %s state %s", module_str, scmd,
 			stateName(record_state.state()));
 	switch ( record_state.state() ) {
 
@@ -554,7 +554,8 @@
 		break;
 	}
 	exists = false;
-	if (!record_state.minimize()) {
+	//~ if (!record_state.minimize()) {
+	if (false) { // DEBUG
 		for (int i = 0; i < num_keys; i++) {
 			k = &key_list.key(i);
 			if ( key.algorithm() == k->algorithm() &&
@@ -564,14 +565,18 @@
 			}
 		}
 	}
-	if ( !exists || !record_state.minimize() ) {
-		/* submit stuff */
+	//~ if ( !exists || !record_state.minimize() ) {
+	//~ if ( !exists && !record_state.minimize() ) {
+	if ( !exists || false ) { //DEBUG
+		/* There exists no other propagated ZSK, so no use for a
+		 * gradual rollover. */
 		ods_log_info("[%s] %s, not exists", module_str, scmd);
 		setState(record_state, RUM, now);
 		record_changed = true;
 		break;
 	}
-	if ( key.keyStateRRSIG().minimize() &&
+	//~ if ( record_state.minimize() &&
+	if ( true && //DEBUG
 			key.keyStateDNSKEY().state() == OMN) {
 		/* submit stuff */
 		ods_log_info("[%s] %s, minimize", module_str, scmd);
@@ -704,7 +709,7 @@
 	const char *scmd = "updateKey";
 
 	ods_log_info("[%s] %s %s", module_str, scmd, key.locator().c_str());
-	
+
 	if (key.role() & KSK) { /* KSK and CSK */
 		key_changed |= updateDs(zone, key_list, key, now, next_update_for_record);
 		minTime(next_update_for_record, next_update_for_key);
@@ -730,7 +735,7 @@
 	KeyDataList &key_list = zone.keyDataList();
 	const char *scmd = "updateZone";
 	int dbg_cnt = 0;
-	
+
 	ods_log_verbose("[%s] %s", module_str, scmd);
 
 	/* Keep looping till there are no state changes.
@@ -754,7 +759,7 @@
 /* Abstraction to generalize different kind of keys. */
 int numberOfKeys(const ::ods::kasp::Keys *policyKeys, const KeyRole role) {
 	const char *scmd = "numberOfKeys";
-	
+
 	switch (role) {
 		case KSK:
 			return policyKeys->ksk_size();
@@ -797,13 +802,13 @@
             repository.assign(policyKeys->csk(index).repository());
 			return;
 		default:
-			ods_fatal_exit("[%s] %s Unknow Role: (%d)", 
+			ods_fatal_exit("[%s] %s Unknow Role: (%d)",
 					module_str, scmd, role); /* report a bug! */
 	}
 }
 
 /**
- * Finds the last inserted key in the list. It's role must be a 
+ * Finds the last inserted key in the list. It's role must be a
  * subset or equal to role.
  * \param[in] keys list of keys to search in
  * \param[in] role minimum role target must have
@@ -855,7 +860,7 @@
 				minTime( next_insert, return_at );
 				continue;
 			}
-			
+
 			/* time for a new key */
 			ods_log_verbose("[%s] %s New key needed for role %d", module_str, scmd, role);
 			string locator;
@@ -882,7 +887,6 @@
 				continue;
 			}
 
-
 			ods_log_verbose("[%s] %s got new key from HSM", module_str, scmd);
 
 			KeyData &new_key = zone.keyDataList().addNewKey( algorithm, now,




More information about the Opendnssec-commits mailing list