diff options
author | erwin <erwin@FreeBSD.org> | 2013-07-24 07:12:55 +0000 |
---|---|---|
committer | erwin <erwin@FreeBSD.org> | 2013-07-24 07:12:55 +0000 |
commit | dc235a59431db02e1a04d85de49af9e278510ac8 (patch) | |
tree | e392027bf54f7a1fd2a6f3a16ecb4487844b44e9 /bin/dnssec/dnssec-settime.c | |
parent | 9ef4e0591273b7d40b98ef46084442638150b2fc (diff) | |
download | FreeBSD-src-dc235a59431db02e1a04d85de49af9e278510ac8.zip FreeBSD-src-dc235a59431db02e1a04d85de49af9e278510ac8.tar.gz |
Vendor import of Bind 9.8.5-P1
Approved by: delphij (mentor)
Sponsored by: DK Hostmaster A/S
Diffstat (limited to 'bin/dnssec/dnssec-settime.c')
-rw-r--r-- | bin/dnssec/dnssec-settime.c | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/bin/dnssec/dnssec-settime.c b/bin/dnssec/dnssec-settime.c index f7f4486..a7fbed3 100644 --- a/bin/dnssec/dnssec-settime.c +++ b/bin/dnssec/dnssec-settime.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009-2013 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -20,7 +20,6 @@ #include <config.h> -#include <libgen.h> #include <stdlib.h> #include <unistd.h> #include <errno.h> @@ -140,6 +139,7 @@ main(int argc, char **argv) { int prepub = -1; isc_stdtime_t now; isc_stdtime_t pub = 0, act = 0, rev = 0, inact = 0, del = 0; + isc_stdtime_t prevact = 0, previnact = 0, prevdel = 0; isc_boolean_t setpub = ISC_FALSE, setact = ISC_FALSE; isc_boolean_t setrev = ISC_FALSE, setinact = ISC_FALSE; isc_boolean_t setdel = ISC_FALSE; @@ -344,7 +344,6 @@ main(int argc, char **argv) { if (predecessor != NULL) { char keystr[DST_KEY_FORMATSIZE]; - isc_stdtime_t when; int major, minor; if (prepub == -1) @@ -376,19 +375,20 @@ main(int argc, char **argv) { fatal("Predecessor has incompatible format " "version %d.%d\n\t", major, minor); - result = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); + result = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &prevact); if (result != ISC_R_SUCCESS) fatal("Predecessor has no activation date. " "You must set one before\n\t" "generating a successor."); - result = dst_key_gettime(prevkey, DST_TIME_INACTIVE, &act); + result = dst_key_gettime(prevkey, DST_TIME_INACTIVE, + &previnact); if (result != ISC_R_SUCCESS) fatal("Predecessor has no inactivation date. " "You must set one before\n\t" "generating a successor."); - pub = act - prepub; + pub = prevact - prepub; if (pub < now && prepub != 0) fatal("Predecessor will become inactive before the\n\t" "prepublication period ends. Either change " @@ -396,13 +396,18 @@ main(int argc, char **argv) { "or use the -i option to set a shorter " "prepublication interval."); - result = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); + result = dst_key_gettime(prevkey, DST_TIME_DELETE, &prevdel); if (result != ISC_R_SUCCESS) - fprintf(stderr, "%s: WARNING: Predecessor has no " + fprintf(stderr, "%s: warning: Predecessor has no " "removal date;\n\t" "it will remain in the zone " "indefinitely after rollover.\n", program); + else if (prevdel < previnact) + fprintf(stderr, "%s: warning: Predecessor is " + "scheduled to be deleted\n\t" + "before it is scheduled to be " + "inactive.\n", program); changed = setpub = setact = ISC_TRUE; dst_key_free(&prevkey); @@ -464,6 +469,20 @@ main(int argc, char **argv) { fatal("Key flags mismatch"); } + prevdel = previnact = 0; + if ((setdel && setinact && del < inact) || + (dst_key_gettime(key, DST_TIME_INACTIVE, + &previnact) == ISC_R_SUCCESS && + setdel && !setinact && del < previnact) || + (dst_key_gettime(key, DST_TIME_DELETE, + &prevdel) == ISC_R_SUCCESS && + setinact && !setdel && prevdel < inact) || + (!setdel && !setinact && prevdel < previnact)) + fprintf(stderr, "%s: warning: Key is scheduled to " + "be deleted before it is\n\t" + "scheduled to be inactive.\n", + program); + if (force) set_keyversion(key); else |