OpenDNSSEC-enforcer  2.1.10
key_purge_cmd.c
Go to the documentation of this file.
1 #include "daemon/engine.h"
2 #include "cmdhandler.h"
4 #include "log.h"
5 #include "str.h"
6 #include "clientpipe.h"
8 #include "db/key_data.h"
9 #include "keystate/key_purge.h"
10 
11 #include "keystate/key_purge_cmd.h"
12 
13 #include <getopt.h>
14 
15 #define MAX_ARGS 4
16 
17 static const char *module_str = "key_purge_cmd";
18 
19 static void
20 usage(int sockfd)
21 {
22  client_printf(sockfd,
23  "key purge\n"
24  " --policy <policy> | --zone <zone> aka -p | -z\n"
25  " --delete or -d\n");
26 }
27 
28 static void
29 help(int sockfd)
30 {
31  client_printf(sockfd,
32  "This command will remove keys from the database (and HSM) that "
33  "are dead. Use with caution.\n"
34  "\nOptions:\n"
35  "policy limit the purge to the given policy\n"
36  "zone limit the purge to the given zone\n"
37  "the -d flag will cause the keys to be deleted from the HSM\n\n"
38  );
39 }
40 
41 
49 static int
50 run(int sockfd, cmdhandler_ctx_type* context, const char *cmd)
51 {
52  zone_db_t *zone;
54  const char *zone_name = NULL;
55  const char *policy_name = NULL;
56  char *buf;
57  int argc = 0;
58  const char *argv[MAX_ARGS];
59  int long_index = 0, opt = 0;
60  int error = 0;
61  int hsmPurge = 0;
62  db_connection_t* dbconn = getconnectioncontext(context);
63 
64  static struct option long_options[] = {
65  {"zone", required_argument, 0, 'z'},
66  {"policy", required_argument, 0, 'p'},
67  {"delete", no_argument, 0, 'd'},
68  {0, 0, 0, 0}
69  };
70 
71  if (!dbconn) return 1;
72 
73  ods_log_debug("[%s] %s command", module_str, key_purge_funcblock.cmdname);
74 
75  if (!(buf = strdup(cmd))) {
76  client_printf_err(sockfd, "memory error\n");
77  return -1;
78  }
79 
80  argc = ods_str_explode(buf, MAX_ARGS, argv);
81  if (argc == -1) {
82  client_printf_err(sockfd, "too many arguments\n");
83  ods_log_error("[%s] too many arguments for %s command",
84  module_str, key_purge_funcblock.cmdname);
85  free(buf);
86  return -1;
87  }
88 
89  optind = 0;
90  while ((opt = getopt_long(argc, (char* const*)argv, "z:p:d", long_options, &long_index)) != -1) {
91  switch (opt) {
92  case 'z':
93  zone_name = optarg;
94  break;
95  case 'p':
96  policy_name = optarg;
97  break;
98  case 'd':
99  hsmPurge = 1;
100  break;
101  default:
102  client_printf_err(sockfd, "unknown arguments\n");
103  ods_log_error("[%s] unknown arguments for %s command",
104  module_str, key_purge_funcblock.cmdname);
105  free(buf);
106  return -1;
107  }
108  }
109 
110  if ((!zone_name && !policy_name) || (zone_name && policy_name)) {
111  ods_log_error("[%s] expected either --zone or --policy", module_str);
112  client_printf_err(sockfd, "expected either --zone or --policy \n");
113  free(buf);
114  return -1;
115  }
116 
117  if (zone_name) {
118  zone = zone_db_new(dbconn);
119  if (zone_db_get_by_name(zone, zone_name)) {
120  client_printf_err(sockfd, "unknown zone %s\n", zone_name);
121  zone_db_free(zone);
122  zone = NULL;
123  free(buf);
124  return -1;
125  }
126  error = removeDeadKeysNow(sockfd, dbconn, NULL, zone, hsmPurge);
127  zone_db_free(zone);
128  zone = NULL;
129  free(buf);
130  return error;
131  }
132 
133  /* have policy_name since it is mutualy exlusive with zone_name */
134  policy = policy_new(dbconn);
137  policy = NULL;
138  free(buf);
139  client_printf_err(sockfd, "unknown policy %s\n", policy_name);
140  return -1;
141  }
142  error = removeDeadKeysNow(sockfd, dbconn, policy, NULL, hsmPurge);
144  policy = NULL;
145  free(buf);
146  return error;
147 }
148 
149 struct cmd_func_block key_purge_funcblock = {
150  "key purge", &usage, &help, NULL, &run
151 };
db_connection_t * getconnectioncontext(cmdhandler_ctx_type *context)
int removeDeadKeysNow(int sockfd, db_connection_t *dbconn, policy_t *policy, zone_db_t *rzone, int purge)
Definition: key_purge.c:40
#define MAX_ARGS
Definition: key_purge_cmd.c:15
struct cmd_func_block key_purge_funcblock
const char * policy_name(const policy_t *policy)
Definition: policy.c:813
int policy_get_by_name(policy_t *policy, const char *name)
Definition: policy.c:2040
void policy_free(policy_t *policy)
Definition: policy.c:518
policy_t * policy_new(const db_connection_t *connection)
Definition: policy.c:479
Definition: policy.h:60
void zone_db_free(zone_db_t *zone)
Definition: zone_db.c:325
zone_db_t * zone_db_new(const db_connection_t *connection)
Definition: zone_db.c:287
int zone_db_get_by_name(zone_db_t *zone, const char *name)
Definition: zone_db.c:1519