DNSSEC tweaks

.travis.yml

@@ -0,0 +1,4 @@
+language: go
+go:
+  - 1.3
+  - tip

server/server.go

@@ -55,35 +55,33 @@ func NewServer(cfg *ServerConfig) (s *Server, err error) {
     return
   }
 
-  // key setup
+  ecfg := &madns.EngineConfig{
-  ksk, kskPrivate, err := s.loadKey(cfg.PublicKey, cfg.PrivateKey)
+    Backend: b,
-  log.Fatale(err, "error reading KSK key")
+  }
 
-  var zsk *dns.DNSKEY
+  // key setup
-  var zskPrivate dns.PrivateKey
+  if cfg.PublicKey != "" {
+    ksk, kskPrivate, err := s.loadKey(cfg.PublicKey, cfg.PrivateKey)
+    if err != nil {
+      return nil, err
+    }
+
+    ecfg.KSK = ksk
+    ecfg.KSKPrivate = kskPrivate
+  }
 
   if cfg.ZonePublicKey != "" {
-    zsk, zskPrivate, err = s.loadKey(cfg.ZonePublicKey, cfg.ZonePrivateKey)
+    zsk, zskPrivate, err := s.loadKey(cfg.ZonePublicKey, cfg.ZonePrivateKey)
-    log.Fatale(err, "error reading ZSK key")
+    if err != nil {
-  } else {
+      return nil, err
-    zsk = &dns.DNSKEY{}
+    }
-    zsk.Hdr.Rrtype = dns.TypeDNSKEY
+
-    zsk.Hdr.Class  = dns.ClassINET
+    ecfg.ZSK = zsk
-    zsk.Hdr.Ttl    = 3600
+    ecfg.ZSKPrivate = zskPrivate
-    zsk.Algorithm = dns.RSASHA256
-    zsk.Protocol = 3
-    zsk.Flags = dns.ZONE
-
-    zskPrivate, err = zsk.Generate(2048)
-    log.Fatale(err)
   }
 
-  ecfg := &madns.EngineConfig {
+  if ecfg.KSK != nil && ecfg.ZSK == nil {
-    Backend: b,
+    return nil, fmt.Errorf("Must specify ZSK if KSK is specified")
-    KSK: ksk,
-    KSKPrivate: kskPrivate,
-    ZSK: zsk,
-    ZSKPrivate: zskPrivate,
   }
 
   e, err := madns.NewEngine(ecfg)