summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/DnsSec.hs
diff options
context:
space:
mode:
authorJoey Hess2015-01-04 13:13:06 -0400
committerJoey Hess2015-01-04 13:13:06 -0400
commitd6c8ddb955707cd73f66fcb662ea4616c5715d39 (patch)
treeef298b9111dbdfaf53180530f5ecf18ebb7fdf12 /src/Propellor/Property/DnsSec.hs
parent01d8ab0cfd5e65395afc242f8307a67c48ec8544 (diff)
resign zone if keys change
Diffstat (limited to 'src/Propellor/Property/DnsSec.hs')
-rw-r--r--src/Propellor/Property/DnsSec.hs13
1 files changed, 8 insertions, 5 deletions
diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs
index 201cc003..ba9c2a1b 100644
--- a/src/Propellor/Property/DnsSec.hs
+++ b/src/Propellor/Property/DnsSec.hs
@@ -53,15 +53,18 @@ zoneSigned domain zonefile = RevertableProperty setup cleanup
dssetfile = dir </> "-" ++ domain ++ "."
dir = takeDirectory zonefile
- -- Need to update the signed zone if the zone file
- -- has a newer timestamp.
+ -- Need to update the signed zone file if the zone file or
+ -- any of the keys have a newer timestamp.
needupdate = do
v <- catchMaybeIO $ getModificationTime signedzonefile
case v of
Nothing -> return True
- Just t1 -> do
- t2 <- getModificationTime zonefile
- return (t2 >= t1)
+ Just t1 -> anyM (newerthan t1) $
+ zonefile : map (keyFn domain) [minBound..maxBound]
+
+ newerthan t1 f = do
+ t2 <- getModificationTime f
+ return (t2 >= t1)
forceZoneSigned :: Domain -> FilePath -> Property
forceZoneSigned domain zonefile = property ("zone signed for " ++ domain) $ liftIO $ do