mirror of
https://github.com/webmin/webmin.git
synced 2026-02-06 15:32:20 +00:00
48 lines
1.3 KiB
Perl
Executable File
48 lines
1.3 KiB
Perl
Executable File
#!/usr/local/bin/perl
|
|
# Add lookaside and trusted key records for ICS's DLV zone
|
|
|
|
require './bind8-lib.pl';
|
|
$access{'defaults'} || &error($text{'trusted_ecannot'});
|
|
&error_setup($text{'trusted_err'});
|
|
&ReadParse();
|
|
|
|
&lock_file(&make_chroot($config{'named_conf'}));
|
|
$parent = &get_config_parent();
|
|
$conf = $parent->{'members'};
|
|
$options = &find("options", $conf);
|
|
|
|
# Enable DNSSEC
|
|
&save_directive($options, "dnssec-enable",
|
|
[ { 'name' => 'dnssec-enable',
|
|
'values' => [ 'yes' ] } ], 1);
|
|
if (&supports_dnssec_client() == 2) {
|
|
&save_directive($options, "dnssec-validation",
|
|
[ { 'name' => 'dnssec-validation',
|
|
'values' => [ 'yes' ] } ], 1);
|
|
}
|
|
|
|
# Lookaside
|
|
&save_directive($options, "dnssec-lookaside",
|
|
[ { 'name' => 'dnssec-lookaside',
|
|
'values' => [ ".", "trust-anchor", $dnssec_dlv_zone ] } ],
|
|
1);
|
|
|
|
# ICS's key
|
|
$trusted = &find("trusted-keys", $conf);
|
|
if (!$trusted) {
|
|
# Need to create block
|
|
$trusted = { 'name' => 'trusted-keys',
|
|
'type' => 1,
|
|
'members' => [ ] };
|
|
&save_directive($parent, "trusted-keys", [ $trusted ]);
|
|
}
|
|
&save_directive($trusted, [ ],
|
|
[ { 'name' => $dnssec_dlv_zone,
|
|
'values' => \@dnssec_dlv_key } ], 1);
|
|
|
|
&flush_file_lines();
|
|
&unlock_file(&make_chroot($config{'named_conf'}));
|
|
&restart_bind();
|
|
&webmin_log("trusted");
|
|
&redirect("");
|