mirror of
https://github.com/isc-projects/bind9.git
synced 2026-06-13 20:00:01 -04:00
2741. [func] Allow the dnssec-keygen progress messages to be
suppressed (dnssec-keygen -q). Automatically
suppress the progress messages when stdin is not
a tty. [RT #20474]
This commit is contained in:
Mark Andrews
parent
990dca4605
commit
c6d2578fd6
7 changed files with 85 additions and 36 deletions
5
CHANGES
5
CHANGES
|
|
@ -1,3 +1,8 @@
|
|||
2741. [func] Allow the dnssec-keygen progress messages to be
|
||||
suppressed (dnssec-keygen -q). Automatically
|
||||
suppress the progress messages when stdin is not
|
||||
a tty. [RT #20474]
|
||||
|
||||
2740. [func] Identify bad answers from GTLD servers and treat them
|
||||
as referrals. [RT #18884]
|
||||
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@
|
|||
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: dnssec-keygen.c,v 1.105 2009/10/27 18:56:48 each Exp $ */
|
||||
/* $Id: dnssec-keygen.c,v 1.106 2009/10/28 00:27:10 marka Exp $ */
|
||||
|
||||
/*! \file */
|
||||
|
||||
|
|
@ -37,6 +37,7 @@
|
|||
|
||||
#include <ctype.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <isc/buffer.h>
|
||||
#include <isc/commandline.h>
|
||||
|
|
@ -175,7 +176,7 @@ progress(int p)
|
|||
c = '*';
|
||||
break;
|
||||
case 3:
|
||||
c = '\n';
|
||||
c = ' ';
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
|
|
@ -225,6 +226,8 @@ main(int argc, char **argv) {
|
|||
isc_boolean_t unsetrev = ISC_FALSE, unsetinact = ISC_FALSE;
|
||||
isc_boolean_t unsetdel = ISC_FALSE;
|
||||
isc_boolean_t genonly = ISC_FALSE;
|
||||
isc_boolean_t quiet = ISC_FALSE;
|
||||
isc_boolean_t show_progress = ISC_FALSE;
|
||||
|
||||
if (argc == 1)
|
||||
usage();
|
||||
|
|
@ -236,7 +239,7 @@ main(int argc, char **argv) {
|
|||
/*
|
||||
* Process memory debugging argument first.
|
||||
*/
|
||||
#define CMDLINE_FLAGS "3a:b:Cc:d:E:eFf:g:K:km:n:p:r:s:T:t:v:hGP:A:R:I:D:"
|
||||
#define CMDLINE_FLAGS "3a:b:Cc:d:E:eFf:g:K:km:n:p:qr:s:T:t:v:hGP:A:R:I:D:"
|
||||
while ((ch = isc_commandline_parse(argc, argv, CMDLINE_FLAGS)) != -1) {
|
||||
switch (ch) {
|
||||
case 'm':
|
||||
|
|
@ -329,6 +332,9 @@ main(int argc, char **argv) {
|
|||
fatal("-p must be followed by a number "
|
||||
"[0..255]");
|
||||
break;
|
||||
case 'q':
|
||||
quiet = ISC_TRUE;
|
||||
break;
|
||||
case 'r':
|
||||
setup_entropy(mctx, isc_commandline_argument, &ectx);
|
||||
break;
|
||||
|
|
@ -443,6 +449,9 @@ main(int argc, char **argv) {
|
|||
}
|
||||
}
|
||||
|
||||
if (!isatty(0))
|
||||
quiet = ISC_TRUE;
|
||||
|
||||
if (ectx == NULL)
|
||||
setup_entropy(mctx, NULL, &ectx);
|
||||
ret = dst_lib_init2(mctx, ectx, engine,
|
||||
|
|
@ -688,12 +697,18 @@ main(int argc, char **argv) {
|
|||
case DNS_KEYALG_RSASHA256:
|
||||
case DNS_KEYALG_RSASHA512:
|
||||
param = rsa_exp;
|
||||
show_progress = ISC_TRUE;
|
||||
break;
|
||||
|
||||
case DNS_KEYALG_DH:
|
||||
param = generator;
|
||||
break;
|
||||
|
||||
case DNS_KEYALG_DSA:
|
||||
case DNS_KEYALG_NSEC3DSA:
|
||||
show_progress = ISC_TRUE;
|
||||
/* fall through */
|
||||
|
||||
case DST_ALG_HMACMD5:
|
||||
case DST_ALG_HMACSHA1:
|
||||
case DST_ALG_HMACSHA224:
|
||||
|
|
@ -713,10 +728,19 @@ main(int argc, char **argv) {
|
|||
conflict = ISC_FALSE;
|
||||
oldkey = NULL;
|
||||
|
||||
/* generate the key */
|
||||
ret = dst_key_generate2(name, alg, size, param, flags,
|
||||
protocol, rdclass, mctx, &key,
|
||||
&progress);
|
||||
if (!quiet && show_progress) {
|
||||
fprintf(stderr, "Generating key pair.");
|
||||
ret = dst_key_generate2(name, alg, size, param, flags,
|
||||
protocol, rdclass, mctx, &key,
|
||||
&progress);
|
||||
putc('\n', stderr);
|
||||
fflush(stderr);
|
||||
} else {
|
||||
ret = dst_key_generate2(name, alg, size, param, flags,
|
||||
protocol, rdclass, mctx, &key,
|
||||
NULL);
|
||||
}
|
||||
|
||||
isc_entropy_stopcallbacksources(ectx);
|
||||
|
||||
if (ret != ISC_R_SUCCESS) {
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
- PERFORMANCE OF THIS SOFTWARE.
|
||||
-->
|
||||
|
||||
<!-- $Id: dnssec-keygen.docbook,v 1.31 2009/10/22 02:21:30 each Exp $ -->
|
||||
<!-- $Id: dnssec-keygen.docbook,v 1.32 2009/10/28 00:27:10 marka Exp $ -->
|
||||
<refentry id="man.dnssec-keygen">
|
||||
<refentryinfo>
|
||||
<date>June 30, 2000</date>
|
||||
|
|
@ -75,6 +75,7 @@
|
|||
<arg><option>-k</option></arg>
|
||||
<arg><option>-P <replaceable class="parameter">date/offset</replaceable></option></arg>
|
||||
<arg><option>-p <replaceable class="parameter">protocol</replaceable></option></arg>
|
||||
<arg><option>-q</option></arg>
|
||||
<arg><option>-R <replaceable class="parameter">date/offset</replaceable></option></arg>
|
||||
<arg><option>-r <replaceable class="parameter">randomdev</replaceable></option></arg>
|
||||
<arg><option>-s <replaceable class="parameter">strength</replaceable></option></arg>
|
||||
|
|
@ -304,6 +305,25 @@
|
|||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>-q</term>
|
||||
<listitem>
|
||||
<para>
|
||||
Quiet mode: Suppresses unnecessary output, including
|
||||
progress indication. Without this option, when
|
||||
<command>dnssec-keygen</command> is run interactively
|
||||
to generate an RSA or DSA key pair, it will print a string
|
||||
of symbols to <filename>stderr</filename> indicating the
|
||||
progress of the key generation. A '.' indicates that a
|
||||
random number has been found which passed an initial
|
||||
sieve test; '+' means a number has passed a single
|
||||
round of the Miller-Rabin primality test; a space
|
||||
means that the number has passed all the tests and is
|
||||
a satisfactory key.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>-r <replaceable class="parameter">randomdev</replaceable></term>
|
||||
<listitem>
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
# PERFORMANCE OF THIS SOFTWARE.
|
||||
|
||||
# $Id: sign.sh,v 1.29 2009/10/27 22:25:37 marka Exp $
|
||||
# $Id: sign.sh,v 1.30 2009/10/28 00:27:10 marka Exp $
|
||||
|
||||
SYSTEMTESTTOP=../..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
|
|
@ -31,7 +31,7 @@ zonefile=root.db
|
|||
cp ../ns2/dsset-example. .
|
||||
cp ../ns2/dsset-dlv. .
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key > $zonefile
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
# PERFORMANCE OF THIS SOFTWARE.
|
||||
|
||||
# $Id: sign.sh,v 1.34 2009/10/27 22:25:37 marka Exp $
|
||||
# $Id: sign.sh,v 1.35 2009/10/28 00:27:10 marka Exp $
|
||||
|
||||
SYSTEMTESTTOP=../..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
|
|
@ -36,8 +36,8 @@ do
|
|||
cp ../ns3/dsset-$subdomain.example. .
|
||||
done
|
||||
|
||||
keyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone`
|
||||
keyname2=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone`
|
||||
keyname1=`$KEYGEN -q -r $RANDFILE -a DSA -b 768 -n zone $zone`
|
||||
keyname2=`$KEYGEN -q -r $RANDFILE -a DSA -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname1.key $keyname2.key >$zonefile
|
||||
|
||||
|
|
@ -49,7 +49,7 @@ privzone=private.secure.example.
|
|||
privinfile=private.secure.example.db.in
|
||||
privzonefile=private.secure.example.db
|
||||
|
||||
privkeyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $privzone`
|
||||
privkeyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $privzone`
|
||||
|
||||
cat $privinfile $privkeyname.key >$privzonefile
|
||||
|
||||
|
|
@ -62,7 +62,7 @@ dlvzone=dlv.
|
|||
dlvinfile=dlv.db.in
|
||||
dlvzonefile=dlv.db
|
||||
|
||||
dlvkeyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $dlvzone`
|
||||
dlvkeyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $dlvzone`
|
||||
|
||||
cat $dlvinfile $dlvkeyname.key dlvset-$privzone > $dlvzonefile
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
# PERFORMANCE OF THIS SOFTWARE.
|
||||
|
||||
# $Id: sign.sh,v 1.29 2009/10/27 22:25:37 marka Exp $
|
||||
# $Id: sign.sh,v 1.30 2009/10/28 00:27:10 marka Exp $
|
||||
|
||||
SYSTEMTESTTOP=../..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
|
|
@ -26,7 +26,7 @@ zone=secure.example.
|
|||
infile=secure.example.db.in
|
||||
zonefile=secure.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -36,7 +36,7 @@ zone=bogus.example.
|
|||
infile=bogus.example.db.in
|
||||
zonefile=bogus.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -46,8 +46,8 @@ zone=dynamic.example.
|
|||
infile=dynamic.example.db.in
|
||||
zonefile=dynamic.example.db
|
||||
|
||||
keyname1=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
keyname2=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 1024 -n zone -f KSK $zone`
|
||||
keyname1=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
keyname2=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 1024 -n zone -f KSK $zone`
|
||||
|
||||
cat $infile $keyname1.key $keyname2.key >$zonefile
|
||||
|
||||
|
|
@ -57,7 +57,7 @@ zone=keyless.example.
|
|||
infile=keyless.example.db.in
|
||||
zonefile=keyless.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -77,7 +77,7 @@ zone=secure.nsec3.example.
|
|||
infile=secure.nsec3.example.db.in
|
||||
zonefile=secure.nsec3.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -90,7 +90,7 @@ zone=nsec3.nsec3.example.
|
|||
infile=nsec3.nsec3.example.db.in
|
||||
zonefile=nsec3.nsec3.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -103,7 +103,7 @@ zone=optout.nsec3.example.
|
|||
infile=optout.nsec3.example.db.in
|
||||
zonefile=optout.nsec3.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -116,7 +116,7 @@ zone=nsec3.example.
|
|||
infile=nsec3.example.db.in
|
||||
zonefile=nsec3.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -129,7 +129,7 @@ zone=secure.optout.example.
|
|||
infile=secure.optout.example.db.in
|
||||
zonefile=secure.optout.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -142,7 +142,7 @@ zone=nsec3.optout.example.
|
|||
infile=nsec3.optout.example.db.in
|
||||
zonefile=nsec3.optout.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -155,7 +155,7 @@ zone=optout.optout.example.
|
|||
infile=optout.optout.example.db.in
|
||||
zonefile=optout.optout.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -168,7 +168,7 @@ zone=optout.example.
|
|||
infile=optout.example.db.in
|
||||
zonefile=optout.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -181,7 +181,7 @@ zone=nsec3-unknown.example.
|
|||
infile=nsec3-unknown.example.db.in
|
||||
zonefile=nsec3-unknown.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -194,7 +194,7 @@ zone=optout-unknown.example.
|
|||
infile=optout-unknown.example.db.in
|
||||
zonefile=optout-unknown.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -207,7 +207,7 @@ zone=multiple.example.
|
|||
infile=multiple.example.db.in
|
||||
zonefile=multiple.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -230,7 +230,7 @@ zone=rsasha256.example.
|
|||
infile=rsasha256.example.db.in
|
||||
zonefile=rsasha256.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSASHA256 -b 768 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA256 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
@ -243,7 +243,7 @@ zone=rsasha512.example.
|
|||
infile=rsasha512.example.db.in
|
||||
zonefile=rsasha512.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSASHA512 -b 1024 -n zone $zone`
|
||||
keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA512 -b 1024 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
|
|
|
|||
|
|
@ -15,11 +15,11 @@
|
|||
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
# PERFORMANCE OF THIS SOFTWARE.
|
||||
|
||||
# $Id: prereq.sh,v 1.12 2009/03/02 23:47:43 tbox Exp $
|
||||
# $Id: prereq.sh,v 1.13 2009/10/28 00:27:10 marka Exp $
|
||||
|
||||
../../../tools/genrandom 400 random.data
|
||||
|
||||
if $KEYGEN -a RSAMD5 -b 512 -n zone -r random.data foo > /dev/null 2>&1
|
||||
if $KEYGEN -q -a RSAMD5 -b 512 -n zone -r random.data foo > /dev/null 2>&1
|
||||
then
|
||||
rm -f Kfoo*
|
||||
else
|
||||
|
|
|
|||
Loading…
Reference in a new issue