use English;
use Net::DNS::Resolver;
use Getopt::Long;
+use File::Basename;
$SIG{'__DIE__'} = sub { print @_; exit 4; };
sub what_to_check {
my $zone = shift;
- my $indir = shift;
+ my $zonefile = shift;
my $do_dlv = 0;
my $do_ds = 0;
- open(F, "<", $indir."/".$zone) or die ("Cannot open zonefile for $zone: $!\n");
+ open(F, "<", $zonefile) or die ("Cannot open zonefile $zonefile for $zone: $!\n");
while (<F>) {
- if (/^;\s*dlv-submit\s*=\s*yes\s*$/) { $do_dlv = 1; }
- if (/^;\s*ds-in-parent\s*=\s*yes\s*$/) { $do_ds = 1; }
+ if (/^[#;]\s*dlv-submit\s*=\s*yes\s*$/) { $do_dlv = 1; }
+ if (/^[#;]\s*ds-in-parent\s*=\s*yes\s*$/) { $do_ds = 1; }
}
close(F);
Getopt::Long::config('bundling');
GetOptions (
'--help' => \$params->{'help'},
- '--dir=s' => \$params->{'dir'},
+ '--dir=s@' => \$params->{'dir'},
'--dlv=s' => \$params->{'dlv'},
'--verbose' => \$params->{'verbose'},
) or usage(\*STDERR, 1);
usage(\*STDOUT, 0) unless (defined $mode && $mode =~ /^(overview|check-dlv|check-ds|check-header)$/);
die ("check-header needs --dir") if ($mode eq 'check-header' && !defined $params->{'dir'});
-my @zones;
+my %zones;
if (scalar @ARGV) {
if (defined $params->{'dir'} && $mode ne 'check-header') {
warn "--dir option ignored"
}
- @zones = @ARGV;
+ %zones = map { $_ => $_} @ARGV;
} else {
- my $dir = $params->{'dir'};
- usage(\*STDOUT, 0) unless (defined $dir);
-
- chdir $dir or die "chdir $dir failed? $!\n";
- opendir DIR, '.' or die ("Cannot opendir $dir\n");
- for my $file (readdir DIR) {
- next if ( -l "$file" );
- next unless ( -f "$file" );
- next if $file =~ /^(dsset|keyset)-/;
-
- push @zones, $file;
- }
- closedir(DIR);
+ my $dirs = $params->{'dir'};
+ usage(\*STDOUT, 0) unless (defined $dirs);
+
+ for my $dir (@$dirs) {
+ chdir $dir or die "chdir $dir failed? $!\n";
+ opendir DIR, '.' or die ("Cannot opendir $dir\n");
+ for my $file (readdir DIR) {
+ next if ( -l "$file" );
+ next unless ( -f "$file" );
+ next if $file =~ /^(dsset|keyset)-/;
+
+ my $zone = $file;
+ if ($file =~ /\.zone$/) { # it's one of our yaml things
+ $zone = basename($file, '.zone');
+ };
+ $zones{$zone} = "$dir/$file";
+ }
+ closedir(DIR);
+ };
};
$DLV = $params->{'dlv'} if $params->{'dlv'};
-my %data;
-for my $zone (@zones) {
- $data{$zone} = { 'dnskey' => join(', ', get_dnskeytags($zone)),
- 'ds' => join(', ', get_dstags($zone)),
- 'dlv' => join(', ', get_dlvtags($zone)),
- 'parent_dnssec' => get_parent_dnssec_status($zone) };
-}
if ($mode eq 'overview') {
+ my %data;
+ for my $zone (keys %zones) {
+ $data{$zone} = { 'dnskey' => join(', ', get_dnskeytags($zone)),
+ 'ds' => join(', ', get_dstags($zone)),
+ 'dlv' => join(', ', get_dlvtags($zone)),
+ 'parent_dnssec' => get_parent_dnssec_status($zone) };
+ }
+
my $format = "%60s %-10s %-10s %-10s %-10s\n";
printf $format, "zone", "DNSKEY", "DS\@parent", "DLV", "dnssec\@parent";
printf $format, "-"x 60, "-"x 10, "-"x 10, "-"x 10, "-"x 10;
my @warn;
my @ok;
- for my $zone (sort {$a cmp $b} keys %data) {
- my @thiskeys = $key eq 'per-zone' ? what_to_check($zone, $params->{'dir'}) : ($key);
+ for my $zone (sort {$a cmp $b} keys %zones) {
+ my @thiskeys = $key eq 'per-zone' ? what_to_check($zone, $zones{$zone}) : ($key);
+ my $dnskey = join(', ', get_dnskeytags($zone)) || '-';
for my $thiskey (@thiskeys) {
- my $dnskey = $data{$zone}->{'dnskey'} || '-';
- my $target = $data{$zone}->{$thiskey} || '-';
+ my $target = join(', ', $thiskey eq 'ds' ? get_dstags($zone) : get_dlvtags($zone)) || '-';
if ($dnskey ne $target) {
- push @warn, "$zone ($dnskey != $target)";
+ push @warn, "$zone ([$dnskey] != [$target])";
} else {
push @ok, "$zone ($dnskey)";
};