Commit b864bafe authored by Libor Peltan's avatar Libor Peltan Committed by Daniel Salzman

ksk rollover: renamed "zsk_rollover" identifiers to comply to what they're related to

parent 502cb95d
......@@ -228,7 +228,7 @@ src/knot/events/handlers/notify.c
src/knot/events/handlers/nsec3resalt.c
src/knot/events/handlers/refresh.c
src/knot/events/handlers/update.c
src/knot/events/handlers/zsk_rollover.c
src/knot/events/handlers/key_rollover.c
src/knot/events/log.c
src/knot/events/log.h
src/knot/events/replan.c
......
......@@ -288,7 +288,7 @@ libknotd_la_SOURCES = \
knot/events/handlers/nsec3resalt.c \
knot/events/handlers/refresh.c \
knot/events/handlers/update.c \
knot/events/handlers/zsk_rollover.c \
knot/events/handlers/key_rollover.c \
knot/events/log.c \
knot/events/log.h \
knot/events/replan.c \
......
......@@ -279,7 +279,7 @@ static int exec_remove_old_key(kdnssec_ctx_t *ctx, knot_kasp_key_t *key)
return kdnssec_delete_key(ctx, key);
}
int knot_dnssec_zsk_rollover(kdnssec_ctx_t *ctx, bool *keys_changed, time_t *next_rollover)
int knot_dnssec_key_rollover(kdnssec_ctx_t *ctx, bool *keys_changed, time_t *next_rollover)
{
if (ctx->policy->manual) {
return KNOT_EOK;
......
......@@ -21,13 +21,13 @@
#include "knot/dnssec/context.h"
/*!
* \brief Perform correct ZSK rollover action and plan next one.
* \brief Perform correct ZSK and KSK rollover action and plan next one.
*
* For given zone, check keys in KASP db and decide what shall be done
* according to their timers. Perform the action if they shall be done now,
* and tell the user the next time it shall be called.
*
* This function is optimized to be called from ZSK_ROLLOVER_EVENT,
* This function is optimized to be called from KEY_ROLLOVER_EVENT,
* but also during zone load so that the zone gets loaded already with
* proper DNSSEC chain.
*
......@@ -37,6 +37,6 @@
*
* \return KNOT_E*
*/
int knot_dnssec_zsk_rollover(kdnssec_ctx_t *ctx, bool *keys_changed, time_t *next_rollover);
int knot_dnssec_key_rollover(kdnssec_ctx_t *ctx, bool *keys_changed, time_t *next_rollover);
int knot_dnssec_ksk_submittion_confirm(kdnssec_ctx_t *ctx, uint16_t for_key);
......@@ -47,7 +47,7 @@ static const event_info_t EVENT_INFO[] = {
{ ZONE_EVENT_UFREEZE, event_ufreeze, "update freeze" },
{ ZONE_EVENT_UTHAW, event_uthaw, "update thaw" },
{ ZONE_EVENT_NSEC3RESALT, event_nsec3resalt, "NSEC3 resalt" },
{ ZONE_EVENT_ZSK_ROLLOVER, event_zsk_rollover, "ZSK rollover" },
{ ZONE_EVENT_KEY_ROLLOVER, event_key_rollover, "KEY rollover" },
{ 0 }
};
......@@ -78,7 +78,7 @@ bool ufreeze_applies(zone_event_type_t type)
case ZONE_EVENT_FLUSH:
case ZONE_EVENT_DNSSEC:
case ZONE_EVENT_NSEC3RESALT:
case ZONE_EVENT_ZSK_ROLLOVER:
case ZONE_EVENT_KEY_ROLLOVER:
return true;
default:
return false;
......
......@@ -40,7 +40,7 @@ typedef enum zone_event_type {
ZONE_EVENT_UFREEZE,
ZONE_EVENT_UTHAW,
ZONE_EVENT_NSEC3RESALT,
ZONE_EVENT_ZSK_ROLLOVER,
ZONE_EVENT_KEY_ROLLOVER,
// terminator
ZONE_EVENT_COUNT,
} zone_event_type_t;
......
......@@ -40,4 +40,4 @@ int event_uthaw(conf_t *conf, zone_t *zone);
/*! \brief Recreates salt for NSEC3 hashing. */
int event_nsec3resalt(conf_t *conf, zone_t *zone);
/*! \brief ZSK rollover related actions (key creation, publishing, deleting...). */
int event_zsk_rollover(conf_t *conf, zone_t *zone);
int event_key_rollover(conf_t *conf, zone_t *zone);
......@@ -17,7 +17,7 @@
#include "knot/dnssec/key-events.h"
#include "knot/zone/zone.h"
int event_zsk_rollover(conf_t *conf, zone_t *zone)
int event_key_rollover(conf_t *conf, zone_t *zone)
{
bool keys_updated = false;
time_t next_rollover = 0;
......@@ -29,11 +29,11 @@ int event_zsk_rollover(conf_t *conf, zone_t *zone)
return ret;
}
ret = knot_dnssec_zsk_rollover(&kctx, &keys_updated, &next_rollover);
ret = knot_dnssec_key_rollover(&kctx, &keys_updated, &next_rollover);
kdnssec_ctx_deinit(&kctx);
if (next_rollover) {
zone_events_schedule_at(zone, ZONE_EVENT_ZSK_ROLLOVER, next_rollover);
zone_events_schedule_at(zone, ZONE_EVENT_KEY_ROLLOVER, next_rollover);
}
if (ret != KNOT_EOK) {
......
......@@ -112,7 +112,7 @@ load_post:
conf_val_t val = conf_zone_get(conf, C_DNSSEC_SIGNING, zone->name);
if (conf_bool(&val)) {
zone_events_schedule_now(zone, ZONE_EVENT_ZSK_ROLLOVER);
zone_events_schedule_now(zone, ZONE_EVENT_KEY_ROLLOVER);
zone_events_schedule_now(zone, ZONE_EVENT_NSEC3RESALT);
// if nothing to be done NOW for any of those, they will replan themselves for later
......
......@@ -73,7 +73,7 @@ static void replan_dnssec(conf_t *conf, zone_t *zone)
conf_val_t val = conf_zone_get(conf, C_DNSSEC_SIGNING, zone->name);
if (conf_bool(&val)) {
zone_events_schedule_now(zone, ZONE_EVENT_ZSK_ROLLOVER);
zone_events_schedule_now(zone, ZONE_EVENT_KEY_ROLLOVER);
zone_events_schedule_now(zone, ZONE_EVENT_NSEC3RESALT);
zone_events_schedule_now(zone, ZONE_EVENT_DNSSEC);
}
......
......@@ -453,7 +453,7 @@ static int get_online_key(dnssec_key_t **key_ptr, knotd_mod_t *mod)
bool ignore1 = false;
time_t ignore2 = 0;
r = knot_dnssec_zsk_rollover(&kctx, &ignore1, &ignore2);
r = knot_dnssec_key_rollover(&kctx, &ignore1, &ignore2);
if (r != DNSSEC_EOK) {
goto fail;
}
......
......@@ -244,7 +244,7 @@ int zone_load_post(conf_t *conf, zone_t *zone, zone_contents_t *contents,
}
ignore1 = false; ignore2 = 0;
ret = knot_dnssec_zsk_rollover(&kctx, &ignore1, &ignore2);
ret = knot_dnssec_key_rollover(&kctx, &ignore1, &ignore2);
kdnssec_ctx_deinit(&kctx);
if (ret != KNOT_EOK) {
changeset_clear(&change);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment