a 4i@sddlmZddlZddlZddlZddlZddlZddlZddlZddl Z ddl m Z dZ ddl mZmZmZmZmZmZddZddd Zd d Zd d ZdS))print_functionN) defaultdictz dnssec-keymgr)dnskeykeydict keyseriespolicyparsetabutilscOst|i|tddS)N)printsysexit)argskwargsr,/usr/lib/python3/dist-packages/isc/keymgr.pyfatalsrcCs~|}|r"tj|r"t|tjsztjd}|s8tjj}|tjD]4}|tj |}tj|rtt|tjrtqzd}qD|S)a1find the location of a specified command. If a default is supplied, exists and it's an executable, we use it; otherwise we search PATH for an alternative. :param command: command to look for :param default: default value to use :return: PATH with the location of a suitable binary PATHN) ospathisfileaccessX_OKenvirondefpathsplitpathsepsep)ZcommanddefaultZfpathrZ directoryrrrset_path s rcCstdtjtdd}tdtjtdd}tjtdd}|j dt ddd d |j d d t d dd|j ddt ddd|j dd|t dd d|j ddt ddd d|j dd|t dd d|j dd d!d"d#d$|j d%d&d!d"d'd$|j d(d)d*d!d"d+d$|j d,d-d.d!d"d/d$|j d0d1d2tj d3| }|j rBtd4|jrZ|jrZtd5|jdurntd6|jdurtd7|jdurtj|jstd8|jn(tjtjd9|_tj|jsd|_|S):zbRead command line arguments, returns 'args' object :return: args object properly prepared z dnssec-keygenZsbinzdnssec-settimezA: schedule DNSSEC key rollovers according to a pre-defined policy)Z descriptionzone*NzSZone(s) to which the policy should be applied (default: all zones in the directory))typenargsrhelpz-KrzDirectory containing keysdir)destr"r$metavarz-c policyfilezPolicy definition filefilez-gkeygenzPath to 'dnssec-keygen')r&rr"r$r'z-r randomdevZ DEPRECATED)r&r"rr$r'z-ssettimezPath to 'dnssec-settime'z-kno_zsk store_trueFz,Only apply policy to key-signing keys (KSKs))r&actionrr$z-zno_kskz-Only apply policy to zone-signing keys (ZSKs)z-fz--forceforcez8Force updates to key events even if they are in the pastz-qz--quietquietzUpdate keys silentlyz-vz --versionversion)r/r3z%ERROR: -r option has been deprecated.z)ERROR: -z and -k cannot be used together.zERROR: dnssec-keygen not foundzERROR: dnssec-settime not foundz!ERROR: Policy file "%s" not foundzdnssec-policy.conf)rrrjoinr prefixargparseArgumentParserprog add_argumentstrr3 parse_argsr+rr-r0r*r,r(existsZ sysconfdir)r*r,parserrrrrr;9s     r;c CsPt}|j|j|j|jd}zt|j}Wn4ty`}zt dt |WYd}~n d}~00zt ||j|j d}Wn4ty}zt dt |WYd}~n d}~00zt ||d}Wn4ty}zt dt |WYd}~n d}~00z |j||j|j|j|jdWn6tyJ}zt dt |WYd}~n d}~00dS) N)Z keygen_pathZ settime_pathZ keys_pathr+zUnable to load DNSSEC policy: )rZzonesz Unable to build key dictionary: )contextzUnable to build key series: )ZkskZzskr1r2zUnable to apply policy: )r;r*r,rr+rZ dnssec_policyr( Exceptionrr:rr rZenforce_policyr-r0r1r2)rr>ZdpeZkdZksrrrmains0&&& rA)N)Z __future__rrr r6ZglobretimeZcalendarZpprint collectionsrr8Ziscrrrrrr rrr;rArrrr s @   v