1 /*
2 * Copyright (c) 2011 Surfnet
3 * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation).
4 * Copyright (c) 2011 OpenDNSSEC AB (svb)
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
22 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
24 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
25 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
26 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 *
28 */
29
30 #include "config.h"
31
32 #include "daemon/engine.h"
33 #include "cmdhandler.h"
34 #include "daemon/enforcercommands.h"
35 #include "enforcer/enforce_task.h"
36 #include "file.h"
37 #include "log.h"
38 #include "str.h"
39 #include "clientpipe.h"
40 #include "db/key_data.h"
41 #include "keystate/keystate_ds.h"
42
43 #include "keystate/keystate_ds_seen_cmd.h"
44
45 static void
usage(int sockfd)46 usage(int sockfd)
47 {
48 client_printf(sockfd,
49 "key ds-seen\n"
50 " --zone <zone> aka -z \n"
51 " --keytag <keytag> | --cka_id <CKA_ID> aka -x | -k\n"
52 "key ds-seen\n"
53 " --all aka -a \n"
54 );
55 }
56
57 static void
help(int sockfd)58 help(int sockfd)
59 {
60 client_printf(sockfd,
61 "Issue a ds-seen to the enforcer for a KSK/ or all 'ready for ds-seen' KSKs. This command indicates to OpenDNSSEC taht a submitted DS record has appreared in the parent zone, and thereby trigger the completion of KSK rollover.\n"
62 "(This command with no parameters lists eligible keys.)\n"
63 "\nOptions:\n"
64 "zone name of the zone\n"
65 "keytag|cka_id specify the keytag or the locator of the key\n\n"
66 "all for all 'ready for ds-seen' KSKs");
67 }
68
69 static int
run(int sockfd,cmdhandler_ctx_type * context,const char * cmd)70 run(int sockfd, cmdhandler_ctx_type* context, const char *cmd)
71 {
72 int error;
73 db_connection_t* dbconn = getconnectioncontext(context);
74 engine_type* engine = getglobalcontext(context);
75 error = run_ds_cmd(sockfd, cmd, dbconn,
76 KEY_DATA_DS_AT_PARENT_SUBMITTED,
77 KEY_DATA_DS_AT_PARENT_SEEN, engine);
78 if (error == 0) {
79 /* YBS: TODO only affected zones */
80 enforce_task_flush_all(engine, dbconn);
81 }
82 return error;
83
84 }
85
86 struct cmd_func_block key_ds_seen_funcblock = {
87 "key ds-seen", &usage, &help, NULL, &run
88 };
89