File Coverage

blib/lib/Lim/Plugin/OpenDNSSEC.pm

Criterion	Covered	Total	%
statement	6	6	100.0
branch			n/a
condition			n/a
subroutine	2	2	100.0
pod			n/a
total	8	8	100.0

line	stmt	sub	time	code
1				package Lim::Plugin::OpenDNSSEC;
2
3	1	1	27602	use common::sense;
	1		9
	1		4
4
5	1	1	54	use base qw(Lim::Component);
	1		2
	1		979
6
7				=encoding utf8
8
9				=head1 NAME
10
11				Lim::Plugin::OpenDNSSEC - OpenDNSSEC management plugin for Lim
12
13				=head1 VERSION
14
15				Version 0.14
16
17				=cut
18
19				our $VERSION = '0.14';
20
21				=head1 SYNOPSIS
22
23				use Lim::Plugin::OpenDNSSEC;
24
25				# Create a Server object
26				$server = Lim::Plugin::OpenDNSSEC->Server;
27
28				# Create a Client object
29				$client = Lim::Plugin::OpenDNSSEC->Client;
30
31				# Create a CLI object
32				$cli = Lim::Plugin::OpenDNSSEC->CLI;
33
34				=head1 DESCRIPTION
35
36				This plugin lets you manage a OpenDNSSEC installation via Lim.
37
38				=head1 METHODS
39
40				=over 4
41
42				=item $plugin_name = Lim::Plugin::OpenDNSSEC->Name
43
44				Returns the plugin's name.
45
46				=cut
47
48				sub Name {
49				'OpenDNSSEC';
50				}
51
52				=item $plugin_description = Lim::Plugin::OpenDNSSEC->Description
53
54				Returns the plugin's description.
55
56				=cut
57
58				sub Description {
59				'This plugin lets you manage a OpenDNSSEC installation via Lim.';
60				}
61
62				=item $call_hash_ref = Lim::Plugin::OpenDNSSEC->Calls
63
64				Returns a hash reference to the calls that can be made to this plugin, used both
65				in Server and Client to verify input and output arguments.
66
67				See CALLS for list of calls and arguments.
68
69				=cut
70
71				sub Calls {
72				{
73				ReadVersion => {
74				out => {
75				version => 'string',
76				program => {
77				name => 'string',
78				version => 'string'
79				}
80				}
81				},
82				#
83				# Calls for config files: conf.xml kasp.xml zonelist.xml zonefetch.xml addns.xml
84				#
85				ReadConfigs => {
86				out => {
87				file => {
88				name => 'string',
89				write => 'integer',
90				read => 'integer'
91				}
92				}
93				},
94				CreateConfig => {
95				uri_map => [
96				'file.name=.+'
97				],
98				in => {
99				file => {
100				'' => 'required',
101				name => 'string',
102				content => 'string'
103				}
104				}
105				},
106				ReadConfig => {
107				uri_map => [
108				'file.name=.+'
109				],
110				in => {
111				file => {
112				'' => 'required',
113				name => 'string'
114				}
115				},
116				out => {
117				file => {
118				name => 'string',
119				content => 'string'
120				}
121				}
122				},
123				UpdateConfig => {
124				uri_map => [
125				'file.name=.+'
126				],
127				in => {
128				file => {
129				'' => 'required',
130				name => 'string',
131				content => 'string'
132				}
133				}
134				},
135				DeleteConfig => {
136				uri_map => [
137				'file.name=.+'
138				],
139				in => {
140				file => {
141				'' => 'required',
142				name => 'string'
143				}
144				}
145				},
146				#
147				# Calls for ods-control
148				#
149				UpdateControl => {
150				uri_map => [
151				'start/program.name=\w+ => UpdateControlStart',
152				'stop/program.name=\w+ => UpdateControlStop'
153				]
154				},
155				UpdateControlStart => {
156				uri_map => [
157				'program.name=\w+'
158				],
159				in => {
160				program => {
161				name => 'string'
162				}
163				}
164				},
165				UpdateControlStop => {
166				uri_map => [
167				'program.name=\w+'
168				],
169				in => {
170				program => {
171				name => 'string'
172				}
173				}
174				},
175				#
176				# Redirect calls for (Create\|Read\|Update\|Delete)Enforcer*
177				#
178				CreateEnforcer => {
179				uri_map => [
180				'setup => CreateEnforcerSetup',
181				'zone/zone.name=[\w\.]+ => CreateEnforcerZone',
182				'key/import/key.zone=[\w\.]+ => CreateEnforcerKeyImport',
183				'database/backup => CreateEnforcerDatabaseBackup'
184				]
185				},
186				ReadEnforcer => {
187				uri_map => [
188				'zones => ReadEnforcerZoneList',
189				'repositories => ReadEnforcerRepositoryList',
190				'policies => ReadEnforcerPolicyList',
191				'policy/policy.name=\w+/export => ReadEnforcerPolicyExport',
192				'keys => ReadEnforcerKeyList',
193				'zone/zone.name=[\w\.]+/keys => ReadEnforcerKeyList',
194				'key => ReadEnforcerKeyExport',
195				'zone/zone.name=[\w\.]+/key => ReadEnforcerKeyExport',
196				'backups => ReadEnforcerBackupList',
197				'rollovers => ReadEnforcerRolloverList',
198				'zonelist => ReadEnforcerZonelistExport'
199				]
200				},
201				UpdateEnforcer => {
202				uri_map => [
203				'update => UpdateEnforcerUpdate',
204				'update/update.section=\w+ => UpdateEnforcerUpdate',
205				'zone/zone.name=[\w\.]+/rollover => UpdateEnforcerKeyRollover',
206				'zone/zone.name=[\w\.]+/key/zone.keytype=\w+/rollover => UpdateEnforcerKeyRollover',
207				'policy/policy.name=[\w\.]+/rollover => UpdateEnforcerKeyRollover',
208				'policy/policy.name=[\w\.]+/key/zone.keytype=\w+/rollover => UpdateEnforcerKeyRollover',
209				'zone/zone.name=[\w\.]+/key/ksk/retire => UpdateEnforcerKeyKskRetire',
210				'zone/zone.name=[\w\.]+/key/zone.cka_id=\w+/retire => UpdateEnforcerKeyKskRetire',
211				'zone/zone.name=[\w\.]+/key/dsseen => UpdateEnforcerKeyDsSeen',
212				'zone/zone.name=[\w\.]+/key/zone.cka_id=\w+/dsseen => UpdateEnforcerKeyDsSeen',
213				'backup/prepare => UpdateEnforcerBackupPrepare',
214				'repository/repository.name=\w+/backup/prepare => UpdateEnforcerBackupPrepare',
215				'backup/commit => UpdateEnforcerBackupCommit',
216				'repository/repository.name=\w+backup/commit => UpdateEnforcerBackupCommit',
217				'backup/rollback => UpdateEnforcerBackupRollback',
218				'repository/repository.name=\w+backup/rollback => UpdateEnforcerBackupRollback',
219				'backup/done => UpdateEnforcerBackupDone',
220				'repository/repository.name=\w+backup/done => UpdateEnforcerBackupDone'
221				]
222				},
223				DeleteEnforcer => {
224				uri_map => [
225				'zones => DeleteEnforcerZone zone.all=1',
226				'zone/zone.name=[\w\.]+ => DeleteEnforcerZone',
227				'policies/purge => DeleteEnforcerPolicyPurge',
228				'zone/zone.name=[\w\.]+/purge => DeleteEnforcerKeyPurge',
229				'policy/policy.name=[\w\.]+/purge => DeleteEnforcerKeyPurge'
230				]
231				},
232				#
233				# Call for ods-ksmutil/ods-enforcer setup
234				#
235				CreateEnforcerSetup => {
236				},
237				#
238				# Call for ods-ksmutil/ods-enforcer update *
239				#
240				UpdateEnforcerUpdate => {
241				in => {
242				update => {
243				section => 'string'
244				}
245				}
246				},
247				#
248				# Call for ods-ksmutil/ods-enforcer zone *
249				#
250				CreateEnforcerZone => {
251				in => {
252				zone => {
253				'' => 'required',
254				name => 'string',
255				policy => 'string',
256				signerconf => 'string',
257				input => 'string',
258				output => 'string',
259				no_xml => 'bool optional'
260				}
261				}
262				},
263				ReadEnforcerZoneList => {
264				out => {
265				zone => {
266				name => 'string',
267				policy => 'string'
268				}
269				}
270				},
271				DeleteEnforcerZone => {
272				in => {
273				zone => {
274				'' => 'required',
275				all => 'bool optional',
276				name => 'string optional',
277				no_xml => 'bool optional'
278				},
279				}
280				},
281				#
282				# Call for ods-ksmutil/ods-enforcer repository *
283				#
284				ReadEnforcerRepositoryList => {
285				out => {
286				repository => {
287				name => 'string',
288				capacity => 'integer',
289				require_backup => 'bool'
290				}
291				}
292				},
293				#
294				# Calls for ods-ksmutil/ods-enforcer policy *
295				#
296				ReadEnforcerPolicyList => {
297				out => {
298				policy => {
299				name => 'string',
300				description => 'string'
301				}
302				}
303				},
304				ReadEnforcerPolicyExport => {
305				in => {
306				policy => {
307				name => 'string'
308				}
309				},
310				out => {
311				kasp => 'string optional',
312				policy => {
313				name => 'string',
314				kasp => 'string'
315				}
316				}
317				},
318				DeleteEnforcerPolicyPurge => {
319				},
320				#
321				# Calls for ods-ksmutil/ods-enforcer key *
322				#
323				ReadEnforcerKeyList => {
324				in => {
325				verbose => 'bool optional',
326				zone => {
327				name => 'string'
328				}
329				},
330				out => {
331				zone => {
332				name => 'string',
333				key => {
334				'' => 'required',
335				type => 'string',
336				state => 'string',
337				next_transaction => 'string',
338				cka_id => 'string optional',
339				repository => 'string optional',
340				keytag => 'string optional'
341				}
342				}
343				}
344				},
345				ReadEnforcerKeyExport => {
346				in => {
347				keystate => 'string optional',
348				keytype => 'string optional',
349				ds => 'bool optional',
350				zone => {
351				name => 'string',
352				keystate => 'string optional',
353				keytype => 'string optional',
354				ds => 'bool optional'
355				}
356				},
357				out => {
358				rr => {
359				name => 'string',
360				ttl => 'integer',
361				class => 'string',
362				type => 'string',
363				rdata => 'string'
364				}
365				}
366				},
367				CreateEnforcerKeyImport => {
368				in => {
369				key => {
370				'' => 'required',
371				zone => 'string',
372				cka_id => 'string',
373				repository => 'string',
374				bits => 'integer',
375				algorithm => 'integer',
376				keystate => 'string',
377				keytype => 'string',
378				time => 'string',
379				retire => 'string optional'
380				}
381				}
382				},
383				UpdateEnforcerKeyRollover => {
384				in => {
385				zone => {
386				name => 'string',
387				keytype => 'string optional'
388				},
389				policy => {
390				name => 'string',
391				keytype => 'string optional'
392				}
393				}
394				},
395				DeleteEnforcerKeyPurge => {
396				in => {
397				zone => {
398				name => 'string'
399				},
400				policy => {
401				name => 'string'
402				}
403				},
404				out => {
405				key => {
406				cka_id => 'string'
407				}
408				}
409				},
410				CreateEnforcerKeyGenerate => {
411				in => {
412				policy => {
413				'' => 'required',
414				name => 'string',
415				interval => 'string'
416				}
417				},
418				out => {
419				key => {
420				cka_id => 'string',
421				repository => 'string',
422				bits => 'integer',
423				algorithm => 'integer',
424				keytype => 'string'
425				}
426				}
427				},
428				UpdateEnforcerKeyKskRetire => {
429				in => {
430				zone => {
431				'' => 'required',
432				name => 'string',
433				cka_id => 'string optional',
434				keytag => 'string optional'
435				}
436				}
437				},
438				UpdateEnforcerKeyDsSeen => {
439				in => {
440				zone => {
441				'' => 'required',
442				name => 'string',
443				cka_id => 'string optional',
444				keytag => 'string optional',
445				no_retire => 'bool optional'
446				}
447				}
448				},
449				#
450				# Calls for ods-ksmutil/ods-enforcer backup *
451				#
452				UpdateEnforcerBackupPrepare => {
453				in => {
454				repository => {
455				name => 'string'
456				}
457				}
458				},
459				UpdateEnforcerBackupCommit => {
460				in => {
461				repository => {
462				name => 'string'
463				}
464				}
465				},
466				UpdateEnforcerBackupRollback => {
467				in => {
468				repository => {
469				name => 'string'
470				}
471				}
472				},
473				UpdateEnforcerBackupDone => {
474				in => {
475				repository => {
476				name => 'string'
477				}
478				}
479				},
480				ReadEnforcerBackupList => {
481				in => {
482				repository => {
483				name => 'string'
484				}
485				},
486				out => {
487				repository => {
488				name => 'string',
489				backup => {
490				date => 'string'
491				},
492				unbacked_up_keys => 'bool optional',
493				prepared_keys => 'bool optional'
494				}
495				}
496				},
497				#
498				# Call for ods-ksmutil/ods-enforcer rollover list
499				#
500				ReadEnforcerRolloverList => {
501				in => {
502				zone => {
503				name => 'string'
504				}
505				},
506				out => {
507				zone => {
508				name => 'string',
509				keytype => 'string',
510				rollover_expected => 'string'
511				}
512				}
513				},
514				#
515				# Call for ods-ksmutil/ods-enforcer database backup
516				#
517				CreateEnforcerDatabaseBackup => {
518				},
519				#
520				# Call for ods-ksmutil/ods-enforcer zonelist export
521				#
522				ReadEnforcerZonelistExport => {
523				out => {
524				zonelist => 'string'
525				}
526				},
527				#
528				# Redirect calls for (Create\|Read\|Update\|Delete)Signer*
529				#
530				ReadSigner => {
531				uri_map => [
532				'zones => ReadSignerZones',
533				'zone/zone.name=[\w\.]+ => ReadSignerZones',
534				'queue => ReadSignerQueue',
535				'running => ReadSignerRunning'
536				]
537				},
538				UpdateSigner => {
539				uri_map => [
540				'sign => UpdateSignerSign',
541				'sign/zone.name=[\w\.]+ => UpdateSignerSign',
542				'clear/zone.name=[\w\.]+ => UpdateSignerClear',
543				'flush => UpdateSignerFlush',
544				'update => UpdateSignerUpdate',
545				'update/zone.name=[\w\.]+ => UpdateSignerUpdate',
546				'reload => UpdateSignerReload',
547				'verbosity/verbosity=\d+ => UpdateSignerVerbosity'
548				]
549				},
550				#
551				# Calls for ods-signer *
552				#
553				ReadSignerZones => {
554				out => {
555				zone => {
556				name => 'string'
557				}
558				}
559				},
560				UpdateSignerSign => {
561				in => {
562				zone => {
563				name => 'string'
564				}
565				}
566				},
567				UpdateSignerClear => {
568				in => {
569				zone => {
570				'' => 'required',
571				name => 'string'
572				}
573				}
574				},
575				ReadSignerQueue => {
576				out => {
577				now => 'string optional',
578				task => {
579				type => 'string',
580				date => 'string',
581				zone => 'string'
582				}
583				}
584				},
585				UpdateSignerFlush => {
586				},
587				UpdateSignerUpdate => {
588				in => {
589				zone => {
590				name => 'string'
591				}
592				}
593				},
594				ReadSignerRunning => {
595				out => {
596				running => 'bool'
597				}
598				},
599				UpdateSignerReload => {
600				},
601				UpdateSignerVerbosity => {
602				in => {
603				verbosity => 'integer'
604				}
605				},
606				#
607				# Redirect calls for (Create\|Read\|Update\|Delete)Hsm*
608				#
609				CreateHsm => {
610				'generate => CreateHsmGenerate',
611				'dnskey => CreateHsmDnskey'
612				},
613				ReadHsm => {
614				'keys => ReadHsmList',
615				'repository/repository.name=\w+/keys => ReadHsmList',
616				'repository/repository.name=\w+/test => ReadHsmTest',
617				'info => ReadHsmInfo'
618				},
619				DeleteHsm => {
620				'key/key.id=\w+ => DeleteHsmRemove',
621				'repository/repository.name=\w+/purge => DeleteHsmPurge'
622				},
623				#
624				# Calls for ods-hsmutil *
625				#
626				ReadHsmList => {
627				in => {
628				repository => {
629				name => 'string'
630				}
631				},
632				out => {
633				key => {
634				repository => 'string',
635				id => 'string',
636				keytype => 'string',
637				keysize => 'integer'
638				}
639				}
640				},
641				CreateHsmGenerate => {
642				in => {
643				key => {
644				'' => 'required',
645				repository => 'string',
646				keysize => 'integer'
647				}
648				},
649				out => {
650				key => {
651				repository => 'string',
652				id => 'string',
653				keysize => 'integer',
654				keytype => 'string'
655				}
656				}
657				},
658				DeleteHsmRemove => {
659				in => {
660				key => {
661				'' => 'required',
662				id => 'string'
663				}
664				}
665				},
666				DeleteHsmPurge => {
667				in => {
668				repository => {
669				'' => 'required',
670				name => 'string'
671				}
672				}
673				},
674				CreateHsmDnskey => {
675				in => {
676				key => {
677				'' => 'required',
678				id => 'string',
679				name => 'string'
680				}
681				},
682				out => {
683				key => {
684				id => 'string',
685				name => 'string',
686				rr => 'string'
687				}
688				}
689				},
690				ReadHsmTest => {
691				in => {
692				repository => {
693				'' => 'required',
694				name => 'string'
695				}
696				}
697				},
698				ReadHsmInfo => {
699				out => {
700				repository => {
701				name => 'string',
702				module => 'string',
703				slot => 'integer',
704				token_label => 'string',
705				manufacturer => 'string',
706				model => 'string',
707				serial => 'string'
708				}
709				}
710				}
711				};
712				}
713
714				=item $command_hash_ref = Lim::Plugin::OpenDNSSEC->Commands
715
716				Returns a hash reference to the CLI commands that can be made by this plugin.
717
718				See COMMANDS for list of commands and arguments.
719
720				=cut
721
722				sub Commands {
723				{
724				version => [ 'Show version of the plugin and OpenDNSSEC' ],
725				configs => [ 'List configuration files' ],
726				config => {
727				view => [ '', 'Display the content of a configuration file' ],
728				edit => [ '', 'Edit a configuration file' ]
729				},
730				start => {
731				enforcer => [ 'Start Enforcer' ],
732				signer => [ 'Start Signer' ]
733				},
734				stop => {
735				enforcer => [ 'Stop Enforcer' ],
736				signer => [ 'Stop Signer' ]
737				},
738				setup => [ 'Import configuration into the database and delete existing information' ],
739				update => {
740				all => [ 'Update datebase with all configurations' ],
741				kasp => [ 'Update database with the KASP configuration' ],
742				zonelist => [ 'Update database with the zonelist configuration' ],
743				conf => [ 'Update database with the configuration' ]
744				},
745				zone => {
746				add => [ '[--no-xml] ', 'Add a zone' ],
747				list => [ 'List zones' ],
748				delete => [ '[--no-xml] ', 'Delete a zone' ]
749				},
750				repository => {
751				list => [ 'List repositories' ]
752				},
753				policy => {
754				list => [ 'List policies' ],
755				export => [ '', 'Export the specified policies and display them' ]
756				},
757				key => {
758				list => [ '[--verbose] []', 'List keys for specified zones or all keys' ],
759				export => [ '[--keytype ] [--keystate ] [--ds] []', 'Export keys for specified zones or all keys as resource records' ],
760				import => [ '--cka_id --repository --bits --algorithm --keystate --keytype --time [--retire-time ] --zone ', 'Import a key into a zone' ],
761				rollover => {
762				zone => [ '[--keytype ] ', 'Do a key rollover for the specified zones' ],
763				policy => [ '[--keytype ] ', 'Do a key rollover for the specified policies' ]
764				},
765				purge => {
766				zone => [ '[--keytype ] ', 'Purge keys from the specified zones' ],
767				policy => [ '[--keytype ] ', 'Purge keys from the specified policies' ]
768				},
769				generate => [ ' ', 'Generate keys for the specified policy and interval' ],
770				ksk => {
771				retire => [ '[--cka_id ] [--keytag ] ', 'Retire the KSK for the specified zone' ]
772				},
773				ds => {
774				seen => [ '[--cka_id ] [--keytag ] [--no-retrie] ', 'Mark the DS seen for the specified zone' ]
775				}
776				},
777				backup => {
778				prepare => [ '[]', 'Prepare for backup on specified repositories or all' ],
779				commit => [ '[]', 'Commit the backup on specified repositories or all' ],
780				rollback => [ '[]', 'Rollback the backup on specified repositories or all' ],
781				done => [ '[]', 'Notify OpenDNSSEC that a backup has been done on specified repositories or all' ],
782				list => [ '[]', 'List backup for the specified repositories or all' ]
783				},
784				rollover => {
785				list => [ '[]', 'List schedualed rollover for specified zones or all' ]
786				},
787				database => {
788				backup => [ 'Create a database backup' ]
789				},
790				zonelist => {
791				export => [ 'Export the zonelist and display it' ]
792				},
793				signer => {
794				zones => [ 'List zones' ],
795				sign => [ '[]', 'Schedual specified zones or all for signing' ],
796				clear => [ '', 'Clear the internal state for the specified zones' ],
797				queue => [ 'Display the task queue' ],
798				flush => [ 'Flush all tasks on queue, executing them immediately' ],
799				update => [ '[]', 'Issue an update for the specified zones or all' ],
800				running => [ 'Check if the Signer is running' ],
801				reload => [ 'Tell the Signer to reload' ],
802				verbosity => [ '', 'Change the verbosity' ]
803				},
804				hsm => {
805				list => [ '[]', 'List repositories information for the specified one or all' ],
806				generate => [ ' ', 'Generate a key in the specified repository' ],
807				remove => [ '', 'Remove the specified keys' ],
808				purge => [ '', 'Purge the specified repositories' ],
809				dnskey => [ ' ', 'Create a DNSKEY' ],
810				test => [ '', 'Test the specified repositories' ],
811				info => [ 'Display HSM information' ]
812				}
813				};
814				}
815
816				=back
817
818				=head1 CALLS
819
820				See L on how calls and callback functions should be
821				used.
822
823				=over 4
824
825				=item $client->ReadVersion(sub { my ($call) = @_; })
826
827				Get the version of the plugin and version of OpenDNSSEC found.
828
829				$response = {
830				version => string, # Version of the plugin
831				program => # Single hash or an array of hashes as below:
832				{
833				name => string, # Program name
834				version => string, # Program version
835				}
836				};
837
838				=item $client->ReadConfigs(sub { my ($call) = @_; })
839
840				Get a list of all config files that can be managed by this plugin.
841
842				$response = {
843				file => # Single hash or an array of hashes as below:
844				{
845				name => string, # Full path file name
846				read => integer, # True if readable
847				write => integer, # True if writable
848				}
849				};
850
851				=item $client->CreateConfig($input, sub { my ($call) = @_; })
852
853				Create a new config file, returns an error if it failed to create the config
854				file otherwise there is no response.
855
856				$input = {
857				file => # Single hash or an array of hashes as below:
858				{
859				name => string, # Full path file name
860				content => string, # Configuration content
861				}
862				};
863
864				=item $client->ReadConfig($input, sub { my ($call) = @_; })
865
866				Returns a config file as a content.
867
868				$input = {
869				file => # Single hash or an array of hashes as below:
870				{
871				name => string, # Full path file name
872				}
873				};
874
875				$response = {
876				file => # Single hash or an array of hashes as below:
877				{
878				name => string, # Full path file name
879				content => string, # Configuration content
880				}
881				};
882
883				=item $client->UpdateConfig($input, sub { my ($call) = @_; })
884
885				Update a config file, this will overwrite the file. Returns an error if it
886				failed to update the config file otherwise there is no reponse.
887
888				$input = {
889				file => # Single hash or an array of hashes as below:
890				{
891				content => string, # ...
892				name => string, # ...
893				}
894				};
895
896				=item $client->DeleteConfig($input, sub { my ($call) = @_; })
897
898				Delete a config file, returns an error if it failed to delete the config file
899				otherwise there is no reponse.
900
901				$input = {
902				file => # Single hash or an array of hashes as below:
903				{
904				name => string, # ...
905				}
906				};
907
908				=item $client->UpdateControlStart($input, sub { my ($call) = @_; })
909
910				Start the specified OpenDNSSEC program (enforcer or signer) or all of them.
911				Returns an error if it failed to start otherwise there is no response.
912
913				$input = {
914				program => # (optional) Single hash or an array of hashes as below:
915				{
916				name => string, # ...
917				}
918				};
919
920				=item $client->UpdateControlStop($input, sub { my ($call) = @_; })
921
922				Stop the specified OpenDNSSEC program (enforcer or signer) or all of them.
923				Returns an error if it failed to stop otherwise there is no response.
924
925				$input = {
926				program => # (optional) Single hash or an array of hashes as below:
927				{
928				name => string, # ...
929				}
930				};
931
932				=item $client->CreateEnforcerSetup(sub { my ($call) = @_; })
933
934				Setup the Enforcer database by importing configurations, this will delete any
935				existing information. Returns an error if it failed to setup otherwise there is
936				no response.
937
938				=item $client->UpdateEnforcerUpdate($input, sub { my ($call) = @_; })
939
940				Update the specified configuration section (conf, kasp or zonelist) or all of
941				them. Returns an error if it failed to update otherwise there is no response.
942
943				$input = {
944				update => # (optional) Single hash or an array of hashes as below:
945				{
946				section => string, # ...
947				}
948				};
949
950				=item $client->CreateEnforcerZone($input, sub { my ($call) = @_; })
951
952				Add a new zone into OpenDNSSEC, returns an error if it failed to add the zone
953				otherwise there is no response.
954
955				$input = {
956				zone => # Single hash or an array of hashes as below:
957				{
958				input => string, # ...
959				name => string, # ...
960				no_xml => bool, # ... (optional)
961				output => string, # ...
962				policy => string, # ...
963				signerconf => string, # ...
964				}
965				};
966
967				=item $client->ReadEnforcerZoneList(sub { my ($call) = @_; })
968
969				Get a list of zones and related policies.
970
971				$response = {
972				zone => # Single hash or an array of hashes as below:
973				{
974				name => string, # ...
975				policy => string, # ...
976				}
977				};
978
979				=item $client->DeleteEnforcerZone($input, sub { my ($call) = @_; })
980
981				Remove a zone from OpenDNSSEC, returns an error if it failed to remove the zone
982				otherwise there is no response.
983
984				$input = {
985				zone => # Single hash or an array of hashes as below:
986				{
987				all => bool, # ... (optional)
988				name => string, # ... (optional)
989				no_xml => bool, # ... (optional)
990				}
991				};
992
993				=item $client->ReadEnforcerRepositoryList(sub { my ($call) = @_; })
994
995				Get a list of available repositories.
996
997				$response = {
998				repository => # Single hash or an array of hashes as below:
999				{
1000				capacity => integer, # ...
1001				name => string, # ...
1002				require_backup => bool, # ...
1003				}
1004				};
1005
1006				=item $client->ReadEnforcerPolicyList(sub { my ($call) = @_; })
1007
1008				Get a list of available policies.
1009
1010				$response = {
1011				policy => # Single hash or an array of hashes as below:
1012				{
1013				description => string, # ...
1014				name => string, # ...
1015				}
1016				};
1017
1018				=item $client->ReadEnforcerPolicyExport($input, sub { my ($call) = @_; })
1019
1020				Export the specified policy or all. Returns an error if it failed to export.
1021
1022				$input = {
1023				policy => # (optional) Single hash or an array of hashes as below:
1024				{
1025				name => string, # ...
1026				}
1027				};
1028
1029				$response = {
1030				kasp => string, # ... (optional)
1031				policy => # Single hash or an array of hashes as below:
1032				{
1033				kasp => string, # ...
1034				name => string, # ...
1035				}
1036				};
1037
1038				=item $client->DeleteEnforcerPolicyPurge(sub { my ($call) = @_; })
1039
1040				Undocumented
1041
1042				=item $client->ReadEnforcerKeyList($input, sub { my ($call) = @_; })
1043
1044				Get a list of keys for the specified zone or all. Returns an error if it failed
1045				to get the list of keys.
1046
1047				$input = {
1048				verbose => bool, # ... (optional)
1049				zone => # (optional) Single hash or an array of hashes as below:
1050				{
1051				name => string, # ...
1052				}
1053				};
1054
1055				$response = {
1056				zone => # Single hash or an array of hashes as below:
1057				{
1058				name => string, # ...
1059				key => # Single hash or an array of hashes as below:
1060				{
1061				cka_id => string, # ... (optional)
1062				keytag => string, # ... (optional)
1063				next_transaction => string, # ...
1064				repository => string, # ... (optional)
1065				state => string, # ...
1066				type => string, # ...
1067				}
1068				}
1069				};
1070
1071				=item $client->ReadEnforcerKeyExport($input, sub { my ($call) = @_; })
1072
1073				Export the specified keys
1074
1075				$input = {
1076				ds => bool, # ... (optional)
1077				keystate => string, # ... (optional)
1078				keytype => string, # ... (optional)
1079				zone => # (optional) Single hash or an array of hashes as below:
1080				{
1081				ds => bool, # ... (optional)
1082				keystate => string, # ... (optional)
1083				keytype => string, # ... (optional)
1084				name => string, # ...
1085				}
1086				};
1087
1088				$response = {
1089				rr => # Single hash or an array of hashes as below:
1090				{
1091				class => string, # ...
1092				name => string, # ...
1093				rdata => string, # ...
1094				ttl => integer, # ...
1095				type => string, # ...
1096				}
1097				};
1098
1099				=item $client->CreateEnforcerKeyImport($input, sub { my ($call) = @_; })
1100
1101				...
1102
1103				$input = {
1104				key => # Single hash or an array of hashes as below:
1105				{
1106				algorithm => integer, # ...
1107				bits => integer, # ...
1108				cka_id => string, # ...
1109				keystate => string, # ...
1110				keytype => string, # ...
1111				repository => string, # ...
1112				retire => string, # ... (optional)
1113				time => string, # ...
1114				zone => string, # ...
1115				}
1116				};
1117
1118				=item $client->UpdateEnforcerKeyRollover($input, sub { my ($call) = @_; })
1119
1120				...
1121
1122				$input = {
1123				policy => # (optional) Single hash or an array of hashes as below:
1124				{
1125				keytype => string, # ... (optional)
1126				name => string, # ...
1127				},
1128				zone => # (optional) Single hash or an array of hashes as below:
1129				{
1130				keytype => string, # ... (optional)
1131				name => string, # ...
1132				}
1133				};
1134
1135				=item $client->DeleteEnforcerKeyPurge($input, sub { my ($call) = @_; })
1136
1137				...
1138
1139				$input = {
1140				policy => # (optional) Single hash or an array of hashes as below:
1141				{
1142				name => string, # ...
1143				},
1144				zone => # (optional) Single hash or an array of hashes as below:
1145				{
1146				name => string, # ...
1147				}
1148				};
1149
1150				$response = {
1151				key => # Single hash or an array of hashes as below:
1152				{
1153				cka_id => string, # ...
1154				}
1155				};
1156
1157				=item $client->CreateEnforcerKeyGenerate($input, sub { my ($call) = @_; })
1158
1159				...
1160
1161				$input = {
1162				policy => # Single hash or an array of hashes as below:
1163				{
1164				interval => string, # ...
1165				name => string, # ...
1166				}
1167				};
1168
1169				$response = {
1170				key => # Single hash or an array of hashes as below:
1171				{
1172				algorithm => integer, # ...
1173				bits => integer, # ...
1174				cka_id => string, # ...
1175				keytype => string, # ...
1176				repository => string, # ...
1177				}
1178				};
1179
1180				=item $client->UpdateEnforcerKeyKskRetire($input, sub { my ($call) = @_; })
1181
1182				...
1183
1184				$input = {
1185				zone => # Single hash or an array of hashes as below:
1186				{
1187				cka_id => string, # ... (optional)
1188				keytag => string, # ... (optional)
1189				name => string, # ...
1190				}
1191				};
1192
1193				=item $client->UpdateEnforcerKeyDsSeen($input, sub { my ($call) = @_; })
1194
1195				...
1196
1197				$input = {
1198				zone => # Single hash or an array of hashes as below:
1199				{
1200				cka_id => string, # ... (optional)
1201				keytag => string, # ... (optional)
1202				name => string, # ...
1203				no_retire => bool, # ... (optional)
1204				}
1205				};
1206
1207				=item $client->UpdateEnforcerBackupPrepare($input, sub { my ($call) = @_; })
1208
1209				...
1210
1211				$input = {
1212				repository => # (optional) Single hash or an array of hashes as below:
1213				{
1214				name => string, # ...
1215				}
1216				};
1217
1218				=item $client->UpdateEnforcerBackupCommit($input, sub { my ($call) = @_; })
1219
1220				...
1221
1222				$input = {
1223				repository => # (optional) Single hash or an array of hashes as below:
1224				{
1225				name => string, # ...
1226				}
1227				};
1228
1229				=item $client->UpdateEnforcerBackupRollback($input, sub { my ($call) = @_; })
1230
1231				...
1232
1233				$input = {
1234				repository => # (optional) Single hash or an array of hashes as below:
1235				{
1236				name => string, # ...
1237				}
1238				};
1239
1240				=item $client->UpdateEnforcerBackupDone($input, sub { my ($call) = @_; })
1241
1242				...
1243
1244				$input = {
1245				repository => # (optional) Single hash or an array of hashes as below:
1246				{
1247				name => string, # ...
1248				}
1249				};
1250
1251				=item $client->ReadEnforcerBackupList($input, sub { my ($call) = @_; })
1252
1253				...
1254
1255				$input = {
1256				repository => # (optional) Single hash or an array of hashes as below:
1257				{
1258				name => string, # ...
1259				}
1260				};
1261
1262				$response = {
1263				repository => # Single hash or an array of hashes as below:
1264				{
1265				name => string, # ...
1266				prepared_keys => bool, # ... (optional)
1267				unbacked_up_keys => bool, # ... (optional)
1268				backup => # Single hash or an array of hashes as below:
1269				{
1270				date => string, # ...
1271				}
1272				}
1273				};
1274
1275				=item $client->ReadEnforcerRolloverList($input, sub { my ($call) = @_; })
1276
1277				...
1278
1279				$input = {
1280				zone => # (optional) Single hash or an array of hashes as below:
1281				{
1282				name => string, # ...
1283				}
1284				};
1285
1286				$response = {
1287				zone => # Single hash or an array of hashes as below:
1288				{
1289				keytype => string, # ...
1290				name => string, # ...
1291				rollover_expected => string, # ...
1292				}
1293				};
1294
1295				=item $client->CreateEnforcerDatabaseBackup(sub { my ($call) = @_; })
1296
1297				...
1298
1299				=item $client->ReadEnforcerZonelistExport(sub { my ($call) = @_; })
1300
1301				...
1302
1303				$response = {
1304				zonelist => string, # ...
1305				};
1306
1307				=item $client->ReadSignerZones(sub { my ($call) = @_; })
1308
1309				...
1310
1311				$response = {
1312				zone => # Single hash or an array of hashes as below:
1313				{
1314				name => string, # ...
1315				}
1316				};
1317
1318				=item $client->UpdateSignerSign($input, sub { my ($call) = @_; })
1319
1320				...
1321
1322				$input = {
1323				zone => # (optional) Single hash or an array of hashes as below:
1324				{
1325				name => string, # ...
1326				}
1327				};
1328
1329				=item $client->UpdateSignerClear($input, sub { my ($call) = @_; })
1330
1331				...
1332
1333				$input = {
1334				zone => # Single hash or an array of hashes as below:
1335				{
1336				name => string, # ...
1337				}
1338				};
1339
1340				=item $client->ReadSignerQueue(sub { my ($call) = @_; })
1341
1342				...
1343
1344				$response = {
1345				now => string, # ... (optional)
1346				task => # Single hash or an array of hashes as below:
1347				{
1348				date => string, # ...
1349				type => string, # ...
1350				zone => string, # ...
1351				}
1352				};
1353
1354				=item $client->UpdateSignerFlush(sub { my ($call) = @_; })
1355
1356				...
1357
1358				=item $client->UpdateSignerUpdate($input, sub { my ($call) = @_; })
1359
1360				...
1361
1362				$input = {
1363				zone => # (optional) Single hash or an array of hashes as below:
1364				{
1365				name => string, # ...
1366				}
1367				};
1368
1369				=item $client->ReadSignerRunning(sub { my ($call) = @_; })
1370
1371				...
1372
1373				$response = {
1374				running => bool, # ...
1375				};
1376
1377				=item $client->UpdateSignerReload(sub { my ($call) = @_; })
1378
1379				...
1380
1381				=item $client->UpdateSignerVerbosity($input, sub { my ($call) = @_; })
1382
1383				...
1384
1385				$input = {
1386				verbosity => integer, # ...
1387				};
1388
1389				=item $client->ReadHsmList($input, sub { my ($call) = @_; })
1390
1391				...
1392
1393				$input = {
1394				repository => # (optional) Single hash or an array of hashes as below:
1395				{
1396				name => string, # ...
1397				}
1398				};
1399
1400				$response = {
1401				key => # Single hash or an array of hashes as below:
1402				{
1403				id => string, # ...
1404				keysize => integer, # ...
1405				keytype => string, # ...
1406				repository => string, # ...
1407				}
1408				};
1409
1410				=item $client->CreateHsmGenerate($input, sub { my ($call) = @_; })
1411
1412				...
1413
1414				$input = {
1415				key => # Single hash or an array of hashes as below:
1416				{
1417				keysize => integer, # ...
1418				repository => string, # ...
1419				}
1420				};
1421
1422				$response = {
1423				key => # Single hash or an array of hashes as below:
1424				{
1425				id => string, # ...
1426				keysize => integer, # ...
1427				keytype => string, # ...
1428				repository => string, # ...
1429				}
1430				};
1431
1432				=item $client->DeleteHsmRemove($input, sub { my ($call) = @_; })
1433
1434				...
1435
1436				$input = {
1437				key => # Single hash or an array of hashes as below:
1438				{
1439				id => string, # ...
1440				}
1441				};
1442
1443				=item $client->DeleteHsmPurge($input, sub { my ($call) = @_; })
1444
1445				...
1446
1447				$input = {
1448				repository => # Single hash or an array of hashes as below:
1449				{
1450				name => string, # ...
1451				}
1452				};
1453
1454				=item $client->CreateHsmDnskey($input, sub { my ($call) = @_; })
1455
1456				...
1457
1458				$input = {
1459				key => # Single hash or an array of hashes as below:
1460				{
1461				id => string, # ...
1462				name => string, # ...
1463				}
1464				};
1465
1466				$response = {
1467				key => # Single hash or an array of hashes as below:
1468				{
1469				id => string, # ...
1470				name => string, # ...
1471				rr => string, # ...
1472				}
1473				};
1474
1475				=item $client->ReadHsmTest($input, sub { my ($call) = @_; })
1476
1477				...
1478
1479				$input = {
1480				repository => # Single hash or an array of hashes as below:
1481				{
1482				name => string, # ...
1483				}
1484				};
1485
1486				=item $client->ReadHsmInfo(sub { my ($call) = @_; })
1487
1488				...
1489
1490				$response = {
1491				repository => # Single hash or an array of hashes as below:
1492				{
1493				manufacturer => string, # ...
1494				model => string, # ...
1495				module => string, # ...
1496				name => string, # ...
1497				serial => string, # ...
1498				slot => integer, # ...
1499				token_label => string, # ...
1500				}
1501				};
1502
1503				=back
1504
1505				=head1 COMMANDS
1506
1507				=over 4
1508
1509				=item version
1510
1511				Show version of the plugin and OpenDNSSEC.
1512
1513				=item configs
1514
1515				List configuration files.
1516
1517				=item config view
1518
1519				Display the content of a configuration file.
1520
1521				=item config edit
1522
1523				Edit a configuration file.
1524
1525				=item start enforcer
1526
1527				Start Enforcer.
1528
1529				=item start signer
1530
1531				Start Signer.
1532
1533				=item stop enforcer
1534
1535				Stop Enforcer.
1536
1537				=item stop signer
1538
1539				Stop Signer.
1540
1541				=item setup
1542
1543				Import configuration into the database and delete existing information.
1544
1545				=item update all
1546
1547				Update datebase with all configurations.
1548
1549				=item update kasp
1550
1551				Update database with the KASP configuration.
1552
1553				=item update zonelist
1554
1555				Update database with the zonelist configuration.
1556
1557				=item update conf
1558
1559				Update database with the configuration.
1560
1561				=item zone add [--no-xml]
1562
1563				Add a zone.
1564
1565				=item zone list
1566
1567				List zones.
1568
1569				=item zone delete [--no-xml]
1570
1571				Delete a zone.
1572
1573				=item repository list
1574
1575				List repositories.
1576
1577				=item policy list
1578
1579				List policies.
1580
1581				=item policy export
1582
1583				Export the specified policies and display them.
1584
1585				=item key list [--verbose] []
1586
1587				List keys for specified zones or all keys.
1588
1589				=item key export [--keytype ] [--keystate ] [--ds] []
1590
1591				Export keys for specified zones or all keys as resource records.
1592
1593				=item key import --cka_id --repository --bits --algorithm --keystate --keytype --time [--retire-time ] --zone
1594
1595				Import a key into a zone.
1596
1597				=item key rollover zone [--keytype ]
1598
1599				Do a key rollover for the specified zones.
1600
1601				=item key rollover policy [--keytype ]
1602
1603				Do a key rollover for the specified policies.
1604
1605				=item key purge zone [--keytype ]
1606
1607				Purge keys from the specified zones.
1608
1609				=item key purge policy [--keytype ]
1610
1611				Purge keys from the specified policies.
1612
1613				=item key generate
1614
1615				Generate keys for the specified policy and interval.
1616
1617				=item key ksk retire [--cka_id ] [--keytag ]
1618
1619				Retire the KSK for the specified zone.
1620
1621				=item key ds seen [--cka_id ] [--keytag ] [--no-retrie]
1622
1623				Mark the DS seen for the specified zone.
1624
1625				=item backup prepare []
1626
1627				Prepare for backup on specified repositories or all.
1628
1629				=item backup commit []
1630
1631				Commit the backup on specified repositories or all.
1632
1633				=item backup rollback []
1634
1635				Rollback the backup on specified repositories or all.
1636
1637				=item backup done []
1638
1639				Notify OpenDNSSEC that a backup has been done on specified repositories or all.
1640
1641				=item backup list []
1642
1643				List backup for the specified repositories or all.
1644
1645				=item rollover list []
1646
1647				List schedualed rollover for specified zones or all.
1648
1649				=item database backup
1650
1651				Create a database backup.
1652
1653				=item zonelist export
1654
1655				Export the zonelist and display it.
1656
1657				=item signer zones
1658
1659				List zones.
1660
1661				=item signer sign []
1662
1663				Schedual specified zones or all for signing.
1664
1665				=item signer clear
1666
1667				Clear the internal state for the specified zones.
1668
1669				=item signer queue
1670
1671				Display the task queue.
1672
1673				=item signer flush
1674
1675				Flush all tasks on queue, executing them immediately.
1676
1677				=item signer update []
1678
1679				Issue an update for the specified zones or all.
1680
1681				=item signer running
1682
1683				Check if the Signer is running.
1684
1685				=item signer reload
1686
1687				Tell the Signer to reload.
1688
1689				=item signer verbosity
1690
1691				Change the verbosity.
1692
1693				=item hsm list []
1694
1695				List repositories information for the specified one or all.
1696
1697				=item hsm generate
1698
1699				Generate a key in the specified repository.
1700
1701				=item hsm remove
1702
1703				Remove the specified keys.
1704
1705				=item hsm purge
1706
1707				Purge the specified repositories.
1708
1709				=item hsm dnskey
1710
1711				Create a DNSKEY.
1712
1713				=item hsm test
1714
1715				Test the specified repositories.
1716
1717				=item hsm info
1718
1719				Display HSM information.
1720
1721				=back
1722
1723				=head1 AUTHOR
1724
1725				Jerry Lundström, C<< >>
1726
1727				=head1 BUGS
1728
1729				Please report any bugs or feature requests to L.
1730
1731				=head1 SUPPORT
1732
1733				You can find documentation for this module with the perldoc command.
1734
1735				perldoc Lim::Plugin::OpenDNSSEC
1736
1737				You can also look for information at:
1738
1739				=over 4
1740
1741				=item * Lim issue tracker (report bugs here)
1742
1743				L
1744
1745				=back
1746
1747				=head1 ACKNOWLEDGEMENTS
1748
1749				=head1 LICENSE AND COPYRIGHT
1750
1751				Copyright 2012-2013 Jerry Lundström.
1752
1753				This program is free software; you can redistribute it and/or modify it
1754				under the terms of either: the GNU General Public License as published
1755				by the Free Software Foundation; or the Artistic License.
1756
1757				See http://dev.perl.org/licenses/ for more information.
1758
1759
1760				=cut
1761
1762				1; # End of Lim::Plugin::OpenDNSSEC