-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdnssec.go
89 lines (64 loc) · 2.64 KB
/
dnssec.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
// Copyright 2019 nic.at GmbH. All rights reserved.
//
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package rc0go
type DNSSECService service
// Starts DNSSEC signing of a zone
//
// rcode0 API doc: https://my.rcodezero.at/api-doc/#api-zone-management-dnssec-sign-zone-post
func (s *DNSSECService) Sign(zone string) (*StatusResponse, error) {
return dnssecRequest(s, zone, RC0ZoneDNSSecSign)
}
// Stops DNSSEC signing of a zone, reverting the zone to unsigned
//
// rcode0 API doc: https://my.rcodezero.at/api-doc/#api-zone-management-dnssec-unsign-zone-post
func (s *DNSSECService) Unsign(zone string) (*StatusResponse, error) {
return dnssecRequest(s, zone, RC0ZoneDNSSecUnsign)
}
// Starts a DNSSEC key rollover
//
// rcode0 API doc: https://my.rcodezero.at/api-doc/#api-zone-management-dnssec-key-rollover-post
func (s *DNSSECService) KeyRollover(zone string) (*StatusResponse, error) {
return dnssecRequest(s, zone, RC0ZoneDNSSecKeyRollover)
}
// Acknowledges a DS update
//
// rcode0 API doc: https://my.rcodezero.at/api-doc/#api-zone-management-dnssec-acknowledge-ds-update-post
func (s *DNSSECService) DSUpdate(zone string) (*StatusResponse, error) {
return dnssecRequest(s, zone, RC0ZoneDNSSecDSUpdate)
}
// Simulates that the DS records of all KSKs of a certain domain were seen in the parent zone.
// This allows to test key rollovers even if the DS of the currently active KSK was not seen in the parent zone.
// A DSSEEN event will be pushed ot the message queue.
// (available on test system only)
//
// rcode0 API doc: https://my.rcodezero.at/api-doc/#api-zone-management-simulate-dnssec-event-dsseen-post
func (s *DNSSECService) SimulateDSSEENEvent(zone string) (*StatusResponse, error) {
return dnssecRequest(s, zone, RC0ZoneDNSSecDSSEEN)
}
// Simulates that the DS records of all KSKs of a certain domain were removed from the parent zone.
// This allows to subsequently “unsign” a domain.
// (available on test system only)
//
// rcode0 API doc: https://my.rcodezero.at/api-doc/#api-zone-management-simulate-dnssec-event-dsremoved-post
func (s *DNSSECService) SimulateDSREMOVEDEvent(zone string) (*StatusResponse, error) {
return dnssecRequest(s, zone, RC0ZoneDNSSecDSREMOVED)
}
// Helper method to avoid code duplication
func dnssecRequest(s *DNSSECService, zone string, operation string) (*StatusResponse, error) {
resp, err := s.client.NewRequest().
SetPathParams(
map[string]string{
"zone": zone,
}).
Post(
s.client.BaseURL.String() +
s.client.APIVersion +
operation,
)
if err != nil {
return nil, err
}
return s.client.ResponseToRC0StatusResponse(resp)
}