Habbie/20130423_pdnssec_show_zone.patch

## 20130423_pdnssec_show_zone.patch
Index: pdns/pdnssec.cc
===================================================================
--- pdns/pdnssec.cc	(revision 3174)
+++ pdns/pdnssec.cc	(working copy)
@@ -42,6 +42,49 @@
   return ret;
 }

+static void algorithm2name(uint8_t algo, string &name) {
+        switch(algo) {
+        case 0:
+           name = "Reserved"; return;
+        case 1:
+           name = "RSAMD5"; return;
+        case 2:
+           name = "DH"; return;
+        case 3:
+           name = "DSA"; return;
+        case 4:
+           name = "ECC"; return;
+        case 5:
+           name = "RSASHA1"; return;
+        case 6:
+           name = "DSA-NSEC3-SHA1"; return;
+        case 7:
+           name = "RSASHA1-NSEC3-SHA1"; return;
+        case 8:
+           name = "RSASHA256"; return;
+        case 9:
+           name = "Reserved"; return;
+        case 10:
+           name = "RSASHA512"; return;
+        case 11:
+           name = "Reserved"; return;
+        case 12:
+           name = "ECC-GOST"; return;
+        case 13:
+           name = "ECDSAP256SHA256"; return;
+        case 14:
+           name = "ECDSAP384SHA384"; return;
+        case 252:
+           name = "INDIRECT"; return;
+        case 253:
+           name = "PRIVATEDNS"; return;
+        case 254:
+           name = "PRIVATEOID"; return;
+        default:
+           name = "Unallocated/Reserved"; return;
+	}
+};
+
 static int shorthand2algorithm(const string &algorithm)
 {
   if (!algorithm.compare("rsamd5")) return 1;
@@ -254,6 +297,8 @@
     }
   }

+
+
   if(realrr)
   {
     //cerr<<"Total: "<<nonterm.size()<<" Insert: "<<insnonterm.size()<<" Delete: "<<delnonterm.size()<<endl;
@@ -568,19 +613,28 @@

     cout << "keys: "<<endl;
     BOOST_FOREACH(DNSSECKeeper::keyset_t::value_type value, keyset) {
+      string algname;
+      algorithm2name(value.first.d_algorithm, algname);
       cout<<"ID = "<<value.second.id<<" ("<<(value.second.keyOrZone ? "KSK" : "ZSK")<<"), tag = "<<value.first.getDNSKEY().getTag();
-      cout<<", algo = "<<(int)value.first.d_algorithm<<", bits = "<<value.first.getKey()->getBits()<<"\tActive: "<<value.second.active<< endl;
+      cout<<", algo = "<<(int)value.first.d_algorithm<<", bits = "<<value.first.getKey()->getBits()<<"\tActive: "<<value.second.active<< " ( " + algname + " ) "<<endl;
       if(value.second.keyOrZone) {
-        cout<<"KSK DNSKEY = "<<zone<<" IN DNSKEY "<< value.first.getDNSKEY().getZoneRepresentation() << endl;
-        cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 1).getZoneRepresentation() << endl;
-        cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 2).getZoneRepresentation() << endl;
+        cout<<"KSK DNSKEY = "<<zone<<" IN DNSKEY "<< value.first.getDNSKEY().getZoneRepresentation() << " ; ( "  + algname + " )" << endl;
+        cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 1).getZoneRepresentation() << " ; ( SHA1 digest )" << endl;
+        cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 2).getZoneRepresentation() << " ; ( SHA256 digest )" << endl;
         try {
           string output=makeDSFromDNSKey(zone, value.first.getDNSKEY(), 3).getZoneRepresentation();
-          cout<<"DS = "<<zone<<" IN DS "<< output << endl;
+          cout<<"DS = "<<zone<<" IN DS "<< output << " ; ( GOST R 34.11-94 digest )" << endl;
         }
         catch(...)
         {
         }
+        try {
+          string output=makeDSFromDNSKey(zone, value.first.getDNSKEY(), 4).getZoneRepresentation();
+          cout<<"DS = "<<zone<<" IN DS "<< output << " ; ( SHA-384 digest )" << endl;
+        }
+        catch(...)
+        {
+        }
         cout<<endl;
       }
     }
@@ -811,6 +865,8 @@
     cerr<<"add-zone-key ZONE zsk|ksk [bits]\n";
     cerr<<"             [rsasha1|rsasha256|rsasha512|gost|ecdsa256|ecdsa384]\n";
     cerr<<"                                   Add a ZSK or KSK to zone and specify algo&bits\n";
+    cerr<<"generate-zone-key zsk|ksk [bits] [algorithm]\n";
+    cerr<<"                                   Generate a ZSK or KSK to stdout with specified algo&bits\n";
     cerr<<"check-zone ZONE                    Check a zone for correctness\n";
     cerr<<"check-all-zones                    Check all zones for correctness\n";
     cerr<<"create-bind-db FNAME               Create DNSSEC db for BIND backend (bind-dnssec-db)\n";
@@ -1277,6 +1333,18 @@
     cout << "Flags: " << dspk.d_flags << endl <<
              dspk.getKey()->convertToISC() << endl;
   }
+  else if(cmds[0] == "remove-zone-key") {
+    if(cmds.size() < 3) {
+      cerr<<"Syntax: pdnssec remove-zone-key ZONE KEY-ID"<<endl;
+      return 0;
+    }
+    const string& zone=cmds[1];
+    unsigned int id=atoi(cmds[2].c_str());
+    if (!dk.removeKey(zone, id)) {
+      return 1;
+    }
+    return 0;
+  }
   else {
     cerr<<"Unknown command '"<<cmds[0]<<"'\n";
     return 1;
	Index: pdns/pdnssec.cc
	===================================================================
	--- pdns/pdnssec.cc (revision 3174)
	+++ pdns/pdnssec.cc (working copy)
	@@ -42,6 +42,49 @@
	return ret;
	}

	+static void algorithm2name(uint8_t algo, string &name) {
	+ switch(algo) {
	+ case 0:
	+ name = "Reserved"; return;
	+ case 1:
	+ name = "RSAMD5"; return;
	+ case 2:
	+ name = "DH"; return;
	+ case 3:
	+ name = "DSA"; return;
	+ case 4:
	+ name = "ECC"; return;
	+ case 5:
	+ name = "RSASHA1"; return;
	+ case 6:
	+ name = "DSA-NSEC3-SHA1"; return;
	+ case 7:
	+ name = "RSASHA1-NSEC3-SHA1"; return;
	+ case 8:
	+ name = "RSASHA256"; return;
	+ case 9:
	+ name = "Reserved"; return;
	+ case 10:
	+ name = "RSASHA512"; return;
	+ case 11:
	+ name = "Reserved"; return;
	+ case 12:
	+ name = "ECC-GOST"; return;
	+ case 13:
	+ name = "ECDSAP256SHA256"; return;
	+ case 14:
	+ name = "ECDSAP384SHA384"; return;
	+ case 252:
	+ name = "INDIRECT"; return;
	+ case 253:
	+ name = "PRIVATEDNS"; return;
	+ case 254:
	+ name = "PRIVATEOID"; return;
	+ default:
	+ name = "Unallocated/Reserved"; return;
	+ }
	+};
	+
	static int shorthand2algorithm(const string &algorithm)
	{
	if (!algorithm.compare("rsamd5")) return 1;
	@@ -254,6 +297,8 @@
	}
	}

	+
	+
	if(realrr)
	{
	//cerr<<"Total: "<<nonterm.size()<<" Insert: "<<insnonterm.size()<<" Delete: "<<delnonterm.size()<<endl;
	@@ -568,19 +613,28 @@

	cout << "keys: "<<endl;
	BOOST_FOREACH(DNSSECKeeper::keyset_t::value_type value, keyset) {
	+ string algname;
	+ algorithm2name(value.first.d_algorithm, algname);
	cout<<"ID = "<<value.second.id<<" ("<<(value.second.keyOrZone ? "KSK" : "ZSK")<<"), tag = "<<value.first.getDNSKEY().getTag();
	- cout<<", algo = "<<(int)value.first.d_algorithm<<", bits = "<<value.first.getKey()->getBits()<<"\tActive: "<<value.second.active<< endl;
	+ cout<<", algo = "<<(int)value.first.d_algorithm<<", bits = "<<value.first.getKey()->getBits()<<"\tActive: "<<value.second.active<< " ( " + algname + " ) "<<endl;
	if(value.second.keyOrZone) {
	- cout<<"KSK DNSKEY = "<<zone<<" IN DNSKEY "<< value.first.getDNSKEY().getZoneRepresentation() << endl;
	- cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 1).getZoneRepresentation() << endl;
	- cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 2).getZoneRepresentation() << endl;
	+ cout<<"KSK DNSKEY = "<<zone<<" IN DNSKEY "<< value.first.getDNSKEY().getZoneRepresentation() << " ; ( " + algname + " )" << endl;
	+ cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 1).getZoneRepresentation() << " ; ( SHA1 digest )" << endl;
	+ cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 2).getZoneRepresentation() << " ; ( SHA256 digest )" << endl;
	try {
	string output=makeDSFromDNSKey(zone, value.first.getDNSKEY(), 3).getZoneRepresentation();
	- cout<<"DS = "<<zone<<" IN DS "<< output << endl;
	+ cout<<"DS = "<<zone<<" IN DS "<< output << " ; ( GOST R 34.11-94 digest )" << endl;
	}
	catch(...)
	{
	}
	+ try {
	+ string output=makeDSFromDNSKey(zone, value.first.getDNSKEY(), 4).getZoneRepresentation();
	+ cout<<"DS = "<<zone<<" IN DS "<< output << " ; ( SHA-384 digest )" << endl;
	+ }
	+ catch(...)
	+ {
	+ }
	cout<<endl;
	}
	}
	@@ -811,6 +865,8 @@
	cerr<<"add-zone-key ZONE zsk\|ksk [bits]\n";
	cerr<<" [rsasha1\|rsasha256\|rsasha512\|gost\|ecdsa256\|ecdsa384]\n";
	cerr<<" Add a ZSK or KSK to zone and specify algo&bits\n";
	+ cerr<<"generate-zone-key zsk\|ksk [bits] [algorithm]\n";
	+ cerr<<" Generate a ZSK or KSK to stdout with specified algo&bits\n";
	cerr<<"check-zone ZONE Check a zone for correctness\n";
	cerr<<"check-all-zones Check all zones for correctness\n";
	cerr<<"create-bind-db FNAME Create DNSSEC db for BIND backend (bind-dnssec-db)\n";
	@@ -1277,6 +1333,18 @@
	cout << "Flags: " << dspk.d_flags << endl <<
	dspk.getKey()->convertToISC() << endl;
	}
	+ else if(cmds[0] == "remove-zone-key") {
	+ if(cmds.size() < 3) {
	+ cerr<<"Syntax: pdnssec remove-zone-key ZONE KEY-ID"<<endl;
	+ return 0;
	+ }
	+ const string& zone=cmds[1];
	+ unsigned int id=atoi(cmds[2].c_str());
	+ if (!dk.removeKey(zone, id)) {
	+ return 1;
	+ }
	+ return 0;
	+ }
	else {
	cerr<<"Unknown command '"<<cmds[0]<<"'\n";
	return 1;