solving #2

Author: mdavids

-@

@@ -1,7 +1,13 @@
 #!/bin/sh
 
+# Create output dir if it does not exist:
+mkdir -p output/servers
+
 rm -rf output/servers/*
 
 PYTHONPATH=libs
 export PYTHONPATH
 ./tools/config_builders/config_builder.py
+
+echo "Done."
+echo "Please note: make sure you run this after create_zones.sh (if you have changed things there) and note before"

create_configs.sh

@@ -14,7 +14,12 @@ if [[ ! -f ./ext/ldns-3597/ldns-3597 ]] ; then
 fi
 
 # Create output dir if it does not exist:
-mkdir -p ./output
+mkdir -p output/final
+mkdir -p output/keys
+mkdir -p output/signed
+mkdir -p output/uncompleted
+mkdir -p output/unsigned
+mkdir -p output/zone_db
 
 # Do or don't? You pick...
 rm -rf output/final/*
@@ -28,7 +33,7 @@ rm -rf output/zone_db/*
 
 echo "Running static zones generator" &&\
 ./tools/generators/static_zones.py &&\
-echo "Running bad-dnssec zones generator" &&\
+echo "Running bad-dnssec zones and types zones generator" &&\
 ./tools/generators/bad_dnssec.py &&\
 echo "Running delegations zones generator" &&\
 ./tools/generators/delegations.py &&\

create_zones.sh

@@ -9,5 +9,5 @@
         IN  AAAA    2a00:d78:0:712:94:198:159:39
         IN  TXT     "Automatically generated by DNS workbench from basic_zone template"
         IN  TXT     "v=spf1 -all"
-        IN  MX       0 .
-        IN  TXT      "v=DMARC1; p=reject;"
+        IN  MX      0 .
+        IN  TXT     "v=DMARC1; p=reject;"

input/templates/basic_zone.templ

@@ -95,7 +95,7 @@ def add_standard_sign_options(zd):
     zd.add("signer_keys", dname_u + ".ksk")
 
 def execute(cmd, cwd=None):
-    print("[DEBUG] run command: %s" % cmd)
+    # print("[DEBUG] run command: %s" % cmd)
     cmdp = shlex.split(cmd)
     p = subprocess.Popen(cmdp, stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=cwd)
     (stdout, stderr) = p.communicate()
@@ -110,18 +110,19 @@ def get_keyfile(zone):
 
 def check_create_key(zone, keyfile):
     base_keyfile = keyfile[:-8]
-    if not base_keyfile.startswith("nods.") and not os.path.exists(keyfile):
+    if not os.path.exists(keyfile):
+        #print("  [dnsutil] zone found that might need key-material: " + zone)
         os.makedirs(os.path.dirname(keyfile), exist_ok=True)
         cmd = "ldns-keygen -k -r /dev/urandom -a RSASHA256 -b 1024 %s" % zone
         stdout = execute(cmd)
         basename = stdout.decode("utf-8").rstrip()
-        
-        #if (base_keyfile.startswith("nods.")):
-        #    os.unlink(basename + ".ds")
-        #else:
         os.rename(basename + ".ds", base_keyfile + ".ds")
         os.rename(basename + ".key", base_keyfile + ".key")
         os.rename(basename + ".private", base_keyfile + ".private")
+        # we fix this in bad_dnssec.py
+        #if os.path.basename(base_keyfile).startswith("nods."): 
+        #    print("[DEBUG] removing " + base_keyfile + ".ds" )
+        #    os.unlink(base_keyfile + ".ds")
 
 def get_all_db_files():
     # TODO: this needs improving

libs/workbench/dnsutil.py

@@ -109,6 +109,7 @@ def create_bad_dnssec_tree_zonelist(name, depth):
 
 def create_zone(zone, zonefile):
     zone = dnsutil.fqdn(zone)
+    #print("  [create_zone] zone: %s - zonefile: %s" %(zone,zonefile))
     # create tempfile and write zone data to is
     with open(zonefile, "w") as out:
         # TODO: serial... (and other values)
@@ -119,9 +120,11 @@ def create_zone(zone, zonefile):
         for delegation in bad_dnssec_tree_delegations:
             delname = delegation + "." + zone
             dsfile = env.KEYS_DIR + "/" + delname + "ds"
-            print("check for " + dsfile)
-            if os.path.exists(dsfile) or delname.startswith("nods."):
+            # print("  check for nods-delegation or " + dsfile)
+            if os.path.exists(dsfile):
                 dnsutil.add_template(out, "all_ns", delname, 3600)
+                if delname.startswith("nods."):
+                    os.unlink(dsfile)
                 # TODO: second check necessary?
                 #if os.path.exists(dsfile):
                 #    with open(dsfile, "r") as infile: