ó ¼Š`c@sßddlmZddlZddlZddlZddlZddlZddlZddlZddl Z ddl m Z dZ ddl mZmZmZmZmZmZd„Zdd„Zd„Zd „ZdS( iÿÿÿÿ(tprint_functionN(t defaultdicts dnssec-keymgr(tdnskeytkeydictt keyseriestpolicytparsetabtutilscOst||ŽtjdƒdS(Ni(tprinttsystexit(targstkwargs((s./usr/lib/python2.7/site-packages/isc/keymgr.pytfatals cCs¾|}| s6tjj|ƒ s6tj|tjƒ rºtjd}|sXtjj}nx_|jtjƒD]H}|tj |}tjj|ƒr­tj|tjƒr­Pnd}qkWn|S(s2 find the location of a specified command. If a default is supplied, exists and it's an executable, we use it; otherwise we search PATH for an alternative. :param command: command to look for :param default: default value to use :return: PATH with the location of a suitable binary tPATHN( tostpathtisfiletaccesstX_OKtenvirontdefpathtsplittpathseptseptNone(tcommandtdefaulttfpathRt directory((s./usr/lib/python2.7/site-packages/isc/keymgr.pytset_paths0 ' c Csótdtjjtjdƒdƒƒ}tdtjjtjdƒdƒƒ}tjdtdƒ}|j ddt dd d d:d d d ƒ|j ddddt d dddƒ|j ddddt d dddƒ|j dddd |dt d dddƒ|j ddddt d d:d dddƒ|j dddd |dt d d ddƒ|j d!dd"d#d$d t d d%ƒ|j d&dd'd#d$d t d d(ƒ|j d)d*dd+d#d$d t d d,d-ƒ|j d.d/dd0d#d$d t d d1ƒ|j d2d3d#d4d4tj ƒ|jƒ}|jr@|jr@td5ƒn|jd:kr\td6ƒn|jd:krxtd7ƒn|jd:k r³tjj|jƒsïtd8|jƒqïn<tjjtjd9ƒ|_tjj|jƒsïd:|_n|S(;sc Read command line arguments, returns 'args' object :return: args object properly prepared s dnssec-keygentsbinsdnssec-settimet descriptionsA: schedule DNSSEC key rollovers according to a pre-defined policytzonettypetnargst*Rthelps.Zone(s) to which the policy should be applied s%(default: all zones in the directory)s-KtdestRsDirectory containing keystmetavartdirs-ct policyfilesPolicy definition filetfiles-gtkeygensPath to 'dnssec-keygen's-rt randomdevs@Path to a file containing random data to pass to 'dnssec-keygen's-stsettimesPath to 'dnssec-settime's-ktno_zsktactiont store_trues,Only apply policy to key-signing keys (KSKs)s-ztno_ksks-Only apply policy to zone-signing keys (ZSKs)s-fs--forcetforcesForce updates to key events seven if they are in the pasts-qs--quiettquietsUpdate keys silentlys-vs --versiontversions)ERROR: -z and -k cannot be used together.sERROR: dnssec-keygen not foundsERROR: dnssec-settime not founds!ERROR: Policy file "%s" not foundsdnssec-policy.confN(RRRtjoinRtprefixtargparsetArgumentParsertprogt add_argumenttstrRtFalseR4t parse_argsR.R1R R+R-R)texistst sysconfdir(R+R-tparserR ((s./usr/lib/python2.7/site-packages/isc/keymgr.pyR=6sb!!             c Csftƒ}i|jd6|jd6|jd6|jd6}ytj|jƒ}Wn'tk rv}t dt |ƒƒnXy"t |d|jd|j ƒ}Wn'tk rÂ}t dt |ƒƒnXyt |d |ƒ}Wn'tk r}t d t |ƒƒnXy5|j|d |jd |jd |jd|jƒWn'tk ra}t dt |ƒƒnXdS(Nt keygen_patht settime_patht keys_pathR,sUnable to load DNSSEC policy: Rtzoness Unable to build key dictionary: tcontextsUnable to build key series: tksktzskR2R3sUnable to apply policy: (R=R+R-RR,Rt dnssec_policyR)t ExceptionR R;RR!Rtenforce_policyR.R1R2R3(R REtdptetkdtks((s./usr/lib/python2.7/site-packages/isc/keymgr.pytmain}s,     "(t __future__RRR R7tglobtrettimetcalendartpprintt collectionsRR9tiscRRRRRRR RRR=RO(((s./usr/lib/python2.7/site-packages/isc/keymgr.pyt s`.   G