Commit 02b4e9ae authored by Andreas Gustafsson's avatar Andreas Gustafsson
Browse files

be compatible with new dnssec tool command line argument

usage; bug fixes
parent 98225f5d
......@@ -6,7 +6,7 @@ zonefile=example.db
keyname=`$KEYGEN -a RSA -b 768 -n zone $zone`
tag=`echo $keykname | sed -n 's/^.*\+\([0-9][0-9]*\)$/\1/p'`
tag=`echo $keyname | sed -n 's/^.*\+\([0-9][0-9]*\)$/\1/p'`
echo "key=$keyname, tag=$tag"
......@@ -14,23 +14,24 @@ echo "key=$keyname, tag=$tag"
# sign it, and pass it back
( cd ../ns3 && sh sign.sh )
cp ../ns3/secure.example.keyset .
/local/bind9/bin/tests/keysigner -v 9 secure.example.keyset example./$tag/001
$KEYSIGNER -v 9 secure.example.keyset $keyname
# This will leave two copies of the child's zone key in the signed db file;
# that shouldn't cause any problems.
cat secure.example.signedkey >>../ns3/secure.example.db.signed
pubkeyfile="$keyname.key"
$KEYSETTOOL $zone $tag/001
$KEYSETTOOL $keyname
cat $infile $pubkeyfile >$zonefile
cat $infile $keyname.key >$zonefile
$SIGNER -v 1 -o $zone $zonefile
# Configure the resolving server with a trusted key.
cat $pubkeyfile | perl -n -e '
cat $keyname.key | perl -n -e '
my ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
my $key = join("", @rest);
print <<EOF
......
......@@ -4,21 +4,15 @@ zone=secure.example.
infile=secure.example.db.in
zonefile=secure.example.db
rm -f K$zone*.key
rm -f K$zone*.private
rm -f $zone*.keyset
keyname=`$KEYGEN -a RSA -b 768 -n zone $zone`
tag=`echo $keykname | sed -n 's/^.*\+\([0-9][0-9]*\)$/\1/p'`
tag=`echo $keyname | sed -n 's/^.*\+\([0-9][0-9]*\)$/\1/p'`
echo "key=$keyname, tag=$tag"
pubkeyfile="$keyname.key"
$KEYSETTOOL $zone $tag/001
$KEYSETTOOL $keyname.key
cat $infile $pubkeyfile >$zonefile
cat $infile $keyname.key >$zonefile
$SIGNER -v 1 -o $zone $zonefile
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment