33 #include "cmdhandler.h"
38 #include "clientpipe.h"
45 static const char *module_str =
"keystate_rollover_cmd";
48 perform_keystate_rollover(
int sockfd,
db_connection_t *dbconn,
const char * policyname,
49 const char *zonename,
int nkeyrole)
63 client_printf_err(sockfd,
"unknown policy %s\n", policyname);
67 ods_log_error(
"[%s] Error fetching zones", module_str);
68 client_printf_err(sockfd,
"[%s] Error fetching zones", module_str);
77 client_printf (sockfd,
"No keys to be rolled\n");
86 client_printf(sockfd,
"zone %s not found\n", zonename);
91 while (listsize > 0) {
98 client_printf(sockfd,
"rolling all keys for zone %s\n",
zone_db_name(zone));
99 ods_log_info(
"[%s] Manual rollover initiated for all keys on Zone: %s",
104 client_printf(sockfd,
"rolling KSK for zone %s\n",
zone_db_name(zone));
105 ods_log_info(
"[%s] Manual rollover initiated for KSK on Zone: %s", module_str,
zone_db_name(zone));
109 client_printf(sockfd,
"rolling ZSK for zone %s\n",
zone_db_name(zone));
110 ods_log_info(
"[%s] Manual rollover initiated for ZSK on Zone: %s", module_str,
zone_db_name(zone));
114 client_printf(sockfd,
"rolling CSK for zone %s\n",
zone_db_name(zone));
115 ods_log_info(
"[%s] Manual rollover initiated for CSK on Zone: %s", module_str,
zone_db_name(zone));
118 ods_log_assert(
false &&
"nkeyrole out of range");
119 ods_log_error_and_printf(sockfd, module_str,
120 "nkeyrole out of range");
125 ods_log_error_and_printf(sockfd, module_str,
126 "updating zone %s in the database failed",
zone_db_name(zone));
128 reterror = error || reterror;
141 client_printf(sockfd,
143 " --zone <zone> | --policy <policy> aka -z | -p \n"
144 " [--keytype <keytype>] aka -t\n"
152 client_printf(sockfd,
153 "Start a key rollover of the desired type *now*. The process is the same\n"
154 "as for the scheduled automated rollovers however it does not wait for\n"
155 "the keys lifetime to expire before rolling. The next rollover is due\n"
156 "after the newest key aged passed its lifetime.\n"
158 "zone limit the output to the given the zone\n"
159 "policy limit the output to the given the policy\n"
160 "keytype limit the output to the given type, can be KSK, ZSK or CSK (default is all)\n\n"
165 run(
int sockfd, cmdhandler_ctx_type* context,
const char *cmd)
167 char buf[ODS_SE_MAXLINE];
169 const char *argv[
NARGV];
170 int argc = 0, error, nkeytype = 0;
171 int long_index = 0, opt = 0;
172 const char *zone = NULL, *keytype = NULL, *
policy = NULL;
176 static struct option long_options[] = {
177 {
"zone", required_argument, 0,
'z'},
178 {
"policy", required_argument, 0,
'p'},
179 {
"keytype", required_argument, 0,
't'},
186 strncpy(buf, cmd,
sizeof(buf));
187 buf[
sizeof(buf)-1] =
'\0';
190 argc = ods_str_explode(buf,
NARGV, argv);
192 client_printf_err(sockfd,
"too many arguments\n");
193 ods_log_error(
"[%s] too many arguments for %s command",
199 while ((opt = getopt_long(argc, (
char*
const*)argv,
"p:z:t:", long_options, &long_index)) != -1) {
211 client_printf_err(sockfd,
"unknown arguments\n");
212 ods_log_error(
"[%s] unknown arguments for %s command",
219 ods_log_warning(
"[%s] expected either --zone <zone> or --policy <policy> for %s command",
221 client_printf(sockfd,
"expected either --zone <zone> or --policy <policy> option\n");
224 else if (zone &&
policy) {
225 ods_log_warning(
"[%s] expected either --zone <zone> or --policy <policy> for %s command",
227 client_printf(sockfd,
"expected either --zone <zone> or --policy <policy> option\n");
232 if (!strncasecmp(keytype,
"KSK", 3)) {
234 }
else if (!strncasecmp(keytype,
"ZSK", 3)) {
236 }
else if (!strncasecmp(keytype,
"CSK", 3)) {
239 ods_log_warning(
"[%s] given keytype \"%s\" invalid",
241 client_printf(sockfd,
"given keytype \"%s\" invalid\n",
247 error = perform_keystate_rollover(sockfd, dbconn,
policy, zone, nkeytype);
255 "key rollover", &usage, &help, NULL, &run