OpenDNSSEC-enforcer 2.1.12
key_purge_cmd.c
Go to the documentation of this file.
1#include "daemon/engine.h"
2#include "cmdhandler.h"
4#include "log.h"
5#include "str.h"
6#include "clientpipe.h"
8#include "db/key_data.h"
10
12
13#include <getopt.h>
14
15#define MAX_ARGS 4
16
17static const char *module_str = "key_purge_cmd";
18
19static void
20usage(int sockfd)
21{
22 client_printf(sockfd,
23 "key purge\n"
24 " --policy <policy> | --zone <zone> aka -p | -z\n"
25 " --delete or -d\n");
26}
27
28static void
29help(int sockfd)
30{
31 client_printf(sockfd,
32 "This command will remove keys from the database (and HSM) that "
33 "are dead. Use with caution.\n"
34 "\nOptions:\n"
35 "policy limit the purge to the given policy\n"
36 "zone limit the purge to the given zone\n"
37 "the -d flag will cause the keys to be deleted from the HSM\n\n"
38 );
39}
40
41
49static int
50run(int sockfd, cmdhandler_ctx_type* context, const char *cmd)
51{
52 zone_db_t *zone;
54 const char *zone_name = NULL;
55 const char *policy_name = NULL;
56 char *buf;
57 int argc = 0;
58 const char *argv[MAX_ARGS];
59 int long_index = 0, opt = 0;
60 int error = 0;
61 int hsmPurge = 0;
62 db_connection_t* dbconn = getconnectioncontext(context);
63
64 static struct option long_options[] = {
65 {"zone", required_argument, 0, 'z'},
66 {"policy", required_argument, 0, 'p'},
67 {"delete", no_argument, 0, 'd'},
68 {0, 0, 0, 0}
69 };
70
71 if (!dbconn) return 1;
72
73 ods_log_debug("[%s] %s command", module_str, key_purge_funcblock.cmdname);
74
75 if (!(buf = strdup(cmd))) {
76 client_printf_err(sockfd, "memory error\n");
77 return -1;
78 }
79
80 argc = ods_str_explode(buf, MAX_ARGS, argv);
81 if (argc == -1) {
82 client_printf_err(sockfd, "too many arguments\n");
83 ods_log_error("[%s] too many arguments for %s command",
84 module_str, key_purge_funcblock.cmdname);
85 free(buf);
86 return -1;
87 }
88
89 optind = 0;
90 while ((opt = getopt_long(argc, (char* const*)argv, "z:p:d", long_options, &long_index)) != -1) {
91 switch (opt) {
92 case 'z':
93 zone_name = optarg;
94 break;
95 case 'p':
96 policy_name = optarg;
97 break;
98 case 'd':
99 hsmPurge = 1;
100 break;
101 default:
102 client_printf_err(sockfd, "unknown arguments\n");
103 ods_log_error("[%s] unknown arguments for %s command",
104 module_str, key_purge_funcblock.cmdname);
105 free(buf);
106 return -1;
107 }
108 }
109
110 if ((!zone_name && !policy_name) || (zone_name && policy_name)) {
111 ods_log_error("[%s] expected either --zone or --policy", module_str);
112 client_printf_err(sockfd, "expected either --zone or --policy \n");
113 free(buf);
114 return -1;
115 }
116
117 if (zone_name) {
118 zone = zone_db_new(dbconn);
119 if (zone_db_get_by_name(zone, zone_name)) {
120 client_printf_err(sockfd, "unknown zone %s\n", zone_name);
121 zone_db_free(zone);
122 zone = NULL;
123 free(buf);
124 return -1;
125 }
126 error = removeDeadKeysNow(sockfd, dbconn, NULL, zone, hsmPurge);
127 zone_db_free(zone);
128 zone = NULL;
129 free(buf);
130 return error;
131 }
132
133 /* have policy_name since it is mutualy exlusive with zone_name */
134 policy = policy_new(dbconn);
137 policy = NULL;
138 free(buf);
139 client_printf_err(sockfd, "unknown policy %s\n", policy_name);
140 return -1;
141 }
142 error = removeDeadKeysNow(sockfd, dbconn, policy, NULL, hsmPurge);
144 policy = NULL;
145 free(buf);
146 return error;
147}
148
149struct cmd_func_block key_purge_funcblock = {
150 "key purge", &usage, &help, NULL, &run
151};
db_connection_t * getconnectioncontext(cmdhandler_ctx_type *context)
int removeDeadKeysNow(int sockfd, db_connection_t *dbconn, policy_t *policy, zone_db_t *rzone, int purge)
Definition: key_purge.c:40
#define MAX_ARGS
Definition: key_purge_cmd.c:15
struct cmd_func_block key_purge_funcblock
policy_t * policy_new(const db_connection_t *connection)
Definition: policy.c:479
int policy_get_by_name(policy_t *policy, const char *name)
Definition: policy.c:2040
const char * policy_name(const policy_t *policy)
Definition: policy.c:813
void policy_free(policy_t *policy)
Definition: policy.c:518
Definition: policy.h:60
void zone_db_free(zone_db_t *zone)
Definition: zone_db.c:325
zone_db_t * zone_db_new(const db_connection_t *connection)
Definition: zone_db.c:287
int zone_db_get_by_name(zone_db_t *zone, const char *name)
Definition: zone_db.c:1519