rename it config - to be more in line with clientconfig
This commit is contained in:
parent
b3bd072081
commit
c5cb6cdcb0
20
zone.go
20
zone.go
|
@ -18,10 +18,10 @@ type Zone struct {
|
||||||
mutex *sync.RWMutex
|
mutex *sync.RWMutex
|
||||||
}
|
}
|
||||||
|
|
||||||
// SignaturePolicy holds the parameters for the zone (re)signing. This
|
// SignatureConfig holds the parameters for zone (re)signing. This
|
||||||
// is mimicked from OpenDNSSEC. See:
|
// is copied from OpenDNSSEC. See:
|
||||||
// https://wiki.opendnssec.org/display/DOCS/kasp.xml
|
// https://wiki.opendnssec.org/display/DOCS/kasp.xml
|
||||||
type SignaturePolicy struct {
|
type SignatureConfig struct {
|
||||||
// Validity period of the signatures, typically 2 to 4 weeks.
|
// Validity period of the signatures, typically 2 to 4 weeks.
|
||||||
Validity time.Duration
|
Validity time.Duration
|
||||||
// When the end of the validity approaches, how much time should remain
|
// When the end of the validity approaches, how much time should remain
|
||||||
|
@ -37,13 +37,13 @@ type SignaturePolicy struct {
|
||||||
InceptionOffset time.Duration
|
InceptionOffset time.Duration
|
||||||
}
|
}
|
||||||
|
|
||||||
func newSignaturePolicy() *SignaturePolicy {
|
func newSignatureConfig() *SignatureConfig {
|
||||||
return &SignaturePolicy{time.Duration(4*7*24) * time.Hour, time.Duration(3*24) * time.Hour, time.Duration(12) * time.Hour, time.Duration(300) * time.Second}
|
return &SignatureConfig{time.Duration(4*7*24) * time.Hour, time.Duration(3*24) * time.Hour, time.Duration(12) * time.Hour, time.Duration(300) * time.Second}
|
||||||
}
|
}
|
||||||
|
|
||||||
// DefaultSignaturePolicy has the following values. Validity is 4 weeks,
|
// DefaultSignaturePolicy has the following values. Validity is 4 weeks,
|
||||||
// Refresh is set to 3 days, Jitter to 12 hours and InceptionOffset to 300 seconds.
|
// Refresh is set to 3 days, Jitter to 12 hours and InceptionOffset to 300 seconds.
|
||||||
var DefaultSignaturePolicy = newSignaturePolicy()
|
var DefaultSignatureConfig = newSignatureConfig()
|
||||||
|
|
||||||
// NewZone creates an initialized zone with Origin set to origin.
|
// NewZone creates an initialized zone with Origin set to origin.
|
||||||
func NewZone(origin string) *Zone {
|
func NewZone(origin string) *Zone {
|
||||||
|
@ -212,10 +212,10 @@ func (z *Zone) Predecessor(s string) *ZoneData {
|
||||||
// Sign (re)signes the zone z. It adds keys to the zone (if not already there)
|
// Sign (re)signes the zone z. It adds keys to the zone (if not already there)
|
||||||
// and signs the keys with the KSKs and the rest of the zone with the ZSKs. For
|
// and signs the keys with the KSKs and the rest of the zone with the ZSKs. For
|
||||||
// authenticated denial of existence NSEC is used.
|
// authenticated denial of existence NSEC is used.
|
||||||
// If policy is nil DefaultSignaturePolicy is used.
|
// If config is nil DefaultSignatureConfig is used.
|
||||||
func (z *Zone) Sign(keys []*RR_DNSKEY, policy *SignaturePolicy) error {
|
func (z *Zone) Sign(keys []*RR_DNSKEY, config *SignatureConfig) error {
|
||||||
if policy == nil {
|
if config == nil {
|
||||||
policy = DefaultSignaturePolicy
|
config = DefaultSignatureConfig
|
||||||
}
|
}
|
||||||
// concurrently walk the zone and sign the rrsets
|
// concurrently walk the zone and sign the rrsets
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue