CloudHost/zonemaster.es
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
zonemaster.es/zonemaster/test-zone-data/utils/sign-rrset
Malin 8d4eaa1489 feat: add full Zonemaster stack with Docker and Spanish UI 
- Clone all 5 Zonemaster component repos (LDNS, Engine, CLI, Backend, GUI)
- Dockerfile.backend: 8-stage multi-stage build LDNS→Engine→CLI→Backend
- Dockerfile.gui: Astro static build served via nginx
- docker-compose.yml: backend (internal) + frontend (port 5353)
- nginx.conf: root redirects to /es/, /api/ proxied to backend
- zonemaster-gui/config.ts: defaultLanguage set to 'es' (Spanish)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 08:19:24 +02:00

100 lines
2.0 KiB
Perl
Executable File
Raw Permalink Blame History

#!/usr/bin/env perl
=pod
=head1 SUMMARY
This script supports signing an RRset (one or more DNS records)
by the provided private key
=head1 SYNOPSIS
cat data-file | sign-rrset.pl --key KEY --exp DATETIME --inc DATETIME
sign-rrset.pl --help
=over 3
=item *
KEY is the file with the private key matching the intended DNSKEY record.
=item *
DATETIME is the date-time in the format "YYYYMMDDHHMMSS" for RRSIG expiration (--exp)
and RRSIG inception (--inc) respectively.
=back
=head1 DATA FILE
Create a file with the complete RRset to be signed. You can freely add
comment lines starting with "#" anywhere.
=head1 EXAMPLE FILE
=begin text
err-mult-nsec-1.dnssec10.xa. 86400 IN NSEC ns1.err-mult-nsec-1.dnssec10.xa. NS SOA RRSIG NSEC DNSKEY TYPE65534
err-mult-nsec-1.dnssec10.xa. 86400 IN NSEC www.err-mult-nsec-1.dnssec10.xa. NS SOA RRSIG NSEC DNSKEY TYPE65534
=end text
=cut
use 5.16.0;
use warnings;
use Net::DNS::SEC 1.26;
use Net::DNS 1.47;
use Getopt::Long;
use Pod::Usage;
my ( $key, $exp, $inc, $help );
GetOptions( 'key=s' => \$key,
'exp=s' => \$exp,
'inc=s' => \$inc,
'help' => \$help
);
if ( $help ) {
pod2usage(-verbose => 99);
exit 0;
}
unless ( $key ) {
say STDERR "Missing private key file";
say STDERR "Run with --help to get help";
exit 1;
}
unless ( $exp and $inc ) {
say STDERR "Missing expiration and/or inception value";
say STDERR "Run with --help to get help";
exit 1;
}
my @rrsetref; # List of references to RRs.
while( my $line = <> ) {
chomp ( $line );
next if $line =~ /^\s*$/;
next if $line =~ /^#/;
my $rrref = Net::DNS::RR->new( $line );
push ( @rrsetref, $rrref );
}
unless ( @rrsetref ) {
say "Missing RRset to sign";
say STDERR "Run with --help to get help";
exit 1;
};
my $private = Net::DNS::SEC::Private->new($key);
my $sigrr= Net::DNS::RR::RRSIG->create( \@rrsetref, $private, sigex => $exp, sigin => $inc );
say $sigrr->plain;
Reference in New Issue View Git Blame Copy Permalink