Commit e67380af authored by Libor Peltan's avatar Libor Peltan Committed by Daniel Salzman

offline_ksk: delete offline record before importing skr

parent 2642d78c
......@@ -148,7 +148,9 @@ Read KeySigingRequest from a text file, sign it using local keyset and print Sig
.TP
\fBimport\-skr\fP \fIskr_file\fP
Read SignedKeyResponse from a text file and import the signatures for later use in zone. (The signatures
are not at all checked at import time, but they will be ignored at signing time if invalid.)
are not checked at import time, but they will be ignored at signing time if invalid.) If some
signatures have already been imported, they will be deleted for the period from beginning of the SKR
to infinity.
.UNINDENT
.SS Generate arguments
.sp
......
......@@ -125,7 +125,9 @@ Commands related to Offline KSK feature
**import-skr** *skr_file*
Read SignedKeyResponse from a text file and import the signatures for later use in zone. (The signatures
are not at all checked at import time, but they will be ignored at signing time if invalid.)
are not checked at import time, but they will be ignored at signing time if invalid.) If some
signatures have already been imported, they will be deleted for the period from beginning of the SKR
to infinity.
Generate arguments
..................
......
......@@ -370,8 +370,13 @@ static void skr_import_header(zs_scanner_t *sc)
}
(void)header_ver;
// delete possibly existing conflicting offline records
sc->error.code = kasp_db_delete_offline_records(
*ctx->kctx->kasp_db, ctx->kctx->zone->dname, next_timestamp, 0
);
// store previous SKR
if (ctx->timestamp > 0) {
if (ctx->timestamp > 0 && sc->error.code == KNOT_EOK) {
sc->error.code = kasp_db_store_offline_records(*ctx->kctx->kasp_db,
ctx->timestamp, &ctx->r);
key_records_clear_rdatasets(&ctx->r);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment