From 53ab040fdc5372f58ce355d4ea966470af489902 Mon Sep 17 00:00:00 2001 From: Hugo Landau Date: Thu, 13 Nov 2014 03:02:57 +0000 Subject: [PATCH] DNSSEC tweaks --- .travis.yml | 4 ++++ server/server.go | 46 ++++++++++++++++++++++------------------------ 2 files changed, 26 insertions(+), 24 deletions(-) create mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..2fd7aed --- /dev/null +++ b/.travis.yml @@ -0,0 +1,4 @@ +language: go +go: + - 1.3 + - tip diff --git a/server/server.go b/server/server.go index 53c54ab..878b002 100644 --- a/server/server.go +++ b/server/server.go @@ -55,35 +55,33 @@ func NewServer(cfg *ServerConfig) (s *Server, err error) { return } - // key setup - ksk, kskPrivate, err := s.loadKey(cfg.PublicKey, cfg.PrivateKey) - log.Fatale(err, "error reading KSK key") + ecfg := &madns.EngineConfig{ + Backend: b, + } - var zsk *dns.DNSKEY - var zskPrivate dns.PrivateKey + // key setup + if cfg.PublicKey != "" { + ksk, kskPrivate, err := s.loadKey(cfg.PublicKey, cfg.PrivateKey) + if err != nil { + return nil, err + } + + ecfg.KSK = ksk + ecfg.KSKPrivate = kskPrivate + } if cfg.ZonePublicKey != "" { - zsk, zskPrivate, err = s.loadKey(cfg.ZonePublicKey, cfg.ZonePrivateKey) - log.Fatale(err, "error reading ZSK key") - } else { - zsk = &dns.DNSKEY{} - zsk.Hdr.Rrtype = dns.TypeDNSKEY - zsk.Hdr.Class = dns.ClassINET - zsk.Hdr.Ttl = 3600 - zsk.Algorithm = dns.RSASHA256 - zsk.Protocol = 3 - zsk.Flags = dns.ZONE - - zskPrivate, err = zsk.Generate(2048) - log.Fatale(err) + zsk, zskPrivate, err := s.loadKey(cfg.ZonePublicKey, cfg.ZonePrivateKey) + if err != nil { + return nil, err + } + + ecfg.ZSK = zsk + ecfg.ZSKPrivate = zskPrivate } - ecfg := &madns.EngineConfig { - Backend: b, - KSK: ksk, - KSKPrivate: kskPrivate, - ZSK: zsk, - ZSKPrivate: zskPrivate, + if ecfg.KSK != nil && ecfg.ZSK == nil { + return nil, fmt.Errorf("Must specify ZSK if KSK is specified") } e, err := madns.NewEngine(ecfg)