Commit 0489393e authored by Mark Karpilovskij's avatar Mark Karpilovskij

dnssec: time formatting in keymgr and python tests

parent 090ba308
...@@ -84,7 +84,7 @@ static bool genkeyargs(int argc, char *argv[], bool just_timing, ...@@ -84,7 +84,7 @@ static bool genkeyargs(int argc, char *argv[], bool just_timing,
strncasecmp(argv[i], "retire=", 7) == 0 || strncasecmp(argv[i], "retire=", 7) == 0 ||
strncasecmp(argv[i], "remove=", 7) == 0) { strncasecmp(argv[i], "remove=", 7) == 0) {
knot_time_t stamp; knot_time_t stamp;
int ret = knot_time_parse("YMDhms|'now'+-#u|'t'+-#u|+-#u|#", int ret = knot_time_parse("YMDhms|'now'+-#u|'t'+-#u|+-#u|'t'+-#|+-#|#",
strchr(argv[i], '=') + 1, &stamp); strchr(argv[i], '=') + 1, &stamp);
if (ret < 0) { if (ret < 0) {
printf("Invalid timestamp: %s\n", argv[i]); printf("Invalid timestamp: %s\n", argv[i]);
......
...@@ -48,8 +48,8 @@ ZONE = "example.com." ...@@ -48,8 +48,8 @@ ZONE = "example.com."
WAIT_SIGN = 2 WAIT_SIGN = 2
# generate initial keys (one always enabled, one for testing) # generate initial keys (one always enabled, one for testing)
knot.key_gen(ZONE, ksk="true", created="t+0", publish="t+0", ready="t+0", active="t+0", retire="t+1d", remove="t+1d") knot.key_gen(ZONE, ksk="true", created="+0", publish="+0", ready="+0", active="+0", retire="+1d", remove="+1d")
knot.key_gen(ZONE, ksk="false", created="t+0", publish="t+0", ready="t+0", active="t+0", retire="t+1d", remove="t+1d") knot.key_gen(ZONE, ksk="false", created="+0", publish="+0", ready="+0", active="+0", retire="+1d", remove="+1d")
# #
# Common cases # Common cases
...@@ -58,37 +58,37 @@ knot.key_gen(ZONE, ksk="false", created="t+0", publish="t+0", ready="t+0", activ ...@@ -58,37 +58,37 @@ knot.key_gen(ZONE, ksk="false", created="t+0", publish="t+0", ready="t+0", activ
check_log("Common cases") check_log("Common cases")
# key not published, not active # key not published, not active
KEYID = knot.key_gen(ZONE, ksk="false", publish="t+10y", ready="t+10y", active="t+10y", retire="t+11y", remove="t+12y") KEYID = knot.key_gen(ZONE, ksk="false", publish="+10y", ready="+10y", active="+10y", retire="+11y", remove="+12y")
t.start() t.start()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, False, False, "not published, not active") check_zone(knot, False, False, "not published, not active")
# key published, not active # key published, not active
knot.key_set(ZONE, KEYID, publish="t-10y") knot.key_set(ZONE, KEYID, publish="-10y")
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, True, False, "published, not active") check_zone(knot, True, False, "published, not active")
# key published, active # key published, active
knot.key_set(ZONE, KEYID, active="t-10y") knot.key_set(ZONE, KEYID, active="-10y")
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, True, True, "published, active") check_zone(knot, True, True, "published, active")
# key published, inactive # key published, inactive
knot.key_set(ZONE, KEYID, retire="t-10y") knot.key_set(ZONE, KEYID, retire="-10y")
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, True, False, "published, inactive") check_zone(knot, True, False, "published, inactive")
# key deleted, inactive # key deleted, inactive
knot.key_set(ZONE, KEYID, remove="t-10y") knot.key_set(ZONE, KEYID, remove="-10y")
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, False, False, "deleted, inactive") check_zone(knot, False, False, "deleted, inactive")
# key not published, active (algorithm rotation) # key not published, active (algorithm rotation)
knot.key_set(ZONE, KEYID, publish="t+10y", ready="t-10y", active="t-10y", retire="0", remove="0") knot.key_set(ZONE, KEYID, publish="+10y", ready="-10y", active="-10y", retire="0", remove="0")
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, False, True, "not published, active") check_zone(knot, False, True, "not published, active")
...@@ -101,7 +101,7 @@ check_log("Planned events") ...@@ -101,7 +101,7 @@ check_log("Planned events")
# key about to be published # key about to be published
event_in = 7 event_in = 7
knot.key_set(ZONE, KEYID, publish=("t+%d" % event_in), ready="t+10y", active="t+10y", retire="0", remove="0") knot.key_set(ZONE, KEYID, publish=("+%d" % event_in), ready="+10y", active="+10y", retire="0", remove="0")
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, False, False, "to be published - pre") check_zone(knot, False, False, "to be published - pre")
...@@ -109,7 +109,7 @@ t.sleep(event_in) ...@@ -109,7 +109,7 @@ t.sleep(event_in)
check_zone(knot, True, False, "to be published - post") check_zone(knot, True, False, "to be published - post")
# key about to be activated # key about to be activated
knot.key_set(ZONE, KEYID, publish="t-10y", ready=("t+%d" % event_in), active=("t+%d" % event_in), retire="0", remove="0") knot.key_set(ZONE, KEYID, publish="-10y", ready=("+%d" % event_in), active=("+%d" % event_in), retire="0", remove="0")
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, True, False, "to be activated - pre") check_zone(knot, True, False, "to be activated - pre")
...@@ -117,7 +117,7 @@ t.sleep(event_in) ...@@ -117,7 +117,7 @@ t.sleep(event_in)
check_zone(knot, True, True, "to be activated - post") check_zone(knot, True, True, "to be activated - post")
#key about to be inactivated #key about to be inactivated
knot.key_set(ZONE, KEYID, publish="t-10y", ready="t-10y", active="t-10y", retire=("t+%d" % event_in), remove="0") knot.key_set(ZONE, KEYID, publish="-10y", ready="-10y", active="-10y", retire=("+%d" % event_in), remove="0")
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, True, True, "to be inactivated - pre") check_zone(knot, True, True, "to be inactivated - pre")
...@@ -125,7 +125,7 @@ t.sleep(event_in) ...@@ -125,7 +125,7 @@ t.sleep(event_in)
check_zone(knot, True, False, "to be inactivated - post") check_zone(knot, True, False, "to be inactivated - post")
#key about to be deleted #key about to be deleted
knot.key_set(ZONE, KEYID, publish="t-10y", ready="t-10y", active="t-10y", retire="t-10y", remove=("t+%d" % event_in)) knot.key_set(ZONE, KEYID, publish="-10y", ready="-10y", active="-10y", retire="-10y", remove=("+%d" % event_in))
knot.reload() knot.reload()
t.sleep(WAIT_SIGN) t.sleep(WAIT_SIGN)
check_zone(knot, True, False, "to be deleted - pre") check_zone(knot, True, False, "to be deleted - pre")
......
...@@ -57,10 +57,10 @@ ZSK1 = "712d0d0d57fa0aa006b5e20cd84e23941e5f3ab2" ...@@ -57,10 +57,10 @@ ZSK1 = "712d0d0d57fa0aa006b5e20cd84e23941e5f3ab2"
ZSK2 = "301d3fc5392e83ea02312dc5bdc1a9f0b7937ddf" ZSK2 = "301d3fc5392e83ea02312dc5bdc1a9f0b7937ddf"
ZSK3 = "6abddc73bcb46c4e6078cf764290ac315fff03f0" ZSK3 = "6abddc73bcb46c4e6078cf764290ac315fff03f0"
knot.key_set(ZONE, KSK, publish="t-2y", ready="t-1y", active="t-1y", retire="t+1y", remove="t+2y") knot.key_set(ZONE, KSK, publish="-2y", ready="-1y", active="-1y", retire="+1y", remove="+2y")
knot.key_set(ZONE, ZSK1, publish="t-20", ready="t-10", active="t-10", retire="t+15", remove="t+20") knot.key_set(ZONE, ZSK1, publish="-20", ready="-10", active="-10", retire="+15", remove="+20")
knot.key_set(ZONE, ZSK2, publish="t+8", ready="t+14", active="t+14", retire="t+31", remove="t+36") knot.key_set(ZONE, ZSK2, publish="+8", ready="+14", active="+14", retire="+31", remove="+36")
knot.key_set(ZONE, ZSK3, publish="t+24", ready="t+30", active="t+30", retire="t+1y", remove="t+2y") knot.key_set(ZONE, ZSK3, publish="+24", ready="+30", active="+30", retire="+1y", remove="+2y")
t.start() t.start()
t.sleep(4) t.sleep(4)
......
...@@ -68,12 +68,12 @@ child.dnssec(child_zone).ksk_sbm_check_interval = 2 ...@@ -68,12 +68,12 @@ child.dnssec(child_zone).ksk_sbm_check_interval = 2
ZONE = "example.com." ZONE = "example.com."
# note that some of these paraneters will be immediately or later modified by automated key management # note that some of these paraneters will be immediately or later modified by automated key management
KSK1 = child.key_gen(ZONE, ksk="true", created="t-2y", publish="t-2y", ready="t-1y", active="t-1y", retire="t+10y", remove="t+20y") KSK1 = child.key_gen(ZONE, ksk="true", created="-2y", publish="-2y", ready="-1y", active="-1y", retire="+10y", remove="+20y")
# KSK1's retire and remove shall be reconfigured by Knot to soon as KSK2 takes place # KSK1's retire and remove shall be reconfigured by Knot to soon as KSK2 takes place
KSK2 = child.key_gen(ZONE, ksk="true", created="t+0", publish="t+0", ready="t+1h", active="t+10y", retire="t+11y", remove="t+12y") KSK2 = child.key_gen(ZONE, ksk="true", created="+0", publish="+0", ready="+1h", active="+10y", retire="+11y", remove="+12y")
ZSK1 = child.key_gen(ZONE, ksk="false", created="t-20", publish="t-20", ready="t-10", active="t-10", retire="t+15y", remove="t+20y") ZSK1 = child.key_gen(ZONE, ksk="false", created="-20", publish="-20", ready="-10", active="-10", retire="+15y", remove="+20y")
# ZSK1 simply valid for all the time # ZSK1 simply valid for all the time
ZSK2 = child.key_gen(ZONE, ksk="false", created="t-2", publish="t-2", ready="t+14y", active="t+14y", retire="t+31y", remove="t+36y") ZSK2 = child.key_gen(ZONE, ksk="false", created="-2", publish="-2", ready="+14y", active="+14y", retire="+31y", remove="+36y")
# ZSK2 only reason: prevents Knot from publishing another ZSK # ZSK2 only reason: prevents Knot from publishing another ZSK
t.start() t.start()
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment