1#!/bin/sh -e 2# 3# Copyright (C) 2004, 2006-2012 Internet Systems Consortium, Inc. ("ISC") 4# Copyright (C) 2000-2003 Internet Software Consortium. 5# 6# Permission to use, copy, modify, and/or distribute this software for any 7# purpose with or without fee is hereby granted, provided that the above 8# copyright notice and this permission notice appear in all copies. 9# 10# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 11# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 12# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 13# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 14# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 15# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 16# PERFORMANCE OF THIS SOFTWARE. 17 18# Id: sign.sh,v 1.37 2011/05/03 16:07:44 marka Exp 19 20SYSTEMTESTTOP=../.. 21. $SYSTEMTESTTOP/conf.sh 22 23RANDFILE=../random.data 24 25zone=. 26infile=root.db.in 27zonefile=root.db 28 29(cd ../ns2 && sh sign.sh ) 30 31cp ../ns2/dsset-example. . 32cp ../ns2/dsset-dlv. . 33grep "8 [12] " ../ns2/dsset-algroll. > dsset-algroll. 34 35keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone` 36 37cat $infile $keyname.key > $zonefile 38 39$SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null 40 41# Configure the resolving server with a trusted key. 42cat $keyname.key | grep -v '^; ' | $PERL -n -e ' 43local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; 44local $key = join("", @rest); 45print <<EOF 46trusted-keys { 47 "$dn" $flags $proto $alg "$key"; 48}; 49EOF 50' > trusted.conf 51 52# ...or with a managed key. 53cat $keyname.key | grep -v '^; ' | $PERL -n -e ' 54local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; 55local $key = join("", @rest); 56print <<EOF 57managed-keys { 58 "$dn" initial-key $flags $proto $alg "$key"; 59}; 60EOF 61' > managed.conf 62cp trusted.conf ../ns2/trusted.conf 63cp trusted.conf ../ns3/trusted.conf 64cp trusted.conf ../ns4/trusted.conf 65cp trusted.conf ../ns6/trusted.conf 66cp trusted.conf ../ns7/trusted.conf 67cp managed.conf ../ns4/managed.conf 68# 69# Save keyid for managed key id test. 70# 71keyid=`expr $keyname : 'K.+001+\(.*\)'` 72keyid=`expr $keyid + 0` 73echo "$keyid" > managed.key.id 74