opendnssec-common 1:1.4.9-2 / usr / share / opendnssec / enforcerstate.rnc

This file is indexed.

/usr/share/opendnssec/enforcerstate.rnc is in opendnssec-common 1:1.4.9-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# Copyright (c) 2012 OpenDNSSEC AB (svb). All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
# IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes"

start = element EnforcerState {
	element Zones { zone+ },
	element KeyPairs { keypair+ }
}


# create table zones(
#   id            integer primary key autoincrement,    -- id
#   name          varchar(300) not null ,  -- name of the parameter
#   policy_id     mediumint not null,
#   signconf      varchar(4096),  -- where is the signconf
#   input         varchar(4096),  -- where is the input
#   output        varchar(4096),  -- where is the output
#   in_type       varchar(512),   -- input adapter type
#   out_type      varchar(512),   -- output adapter type
#   
#   foreign key (policy_id) references policies (id)
# );

zone = element Zone {
	# Name of zone
	attribute name { xsd:string },

	element Keys { key+ },

	element NSEC3 {
		element Salt { xsd:string },

		# when was the Salt generated
		element Generated { xsd:dateTime }?
	}?
}


# create table dnsseckeys (
#   id            integer primary key autoincrement,  -- unique id of the key
#   keypair_id    smallint,
#   zone_id        mediumint,
#   keytype       smallint not null,             -- zsk or ksk (use code in dnskey record)
#   state         tinyint,                      -- state of the key (defines valid fields)
#   publish       varchar(64) null default null,  -- time when key published into the zone
#   ready         varchar(64) null default null,  -- time when the key is ready for use
#   active        varchar(64) null default null,  -- time when the key was made active
#   retire        varchar(64) null default null,  -- time when the key retires
#   dead          varchar(64) null default null,  -- time when key is slated for removal
# 
# 
#   foreign key (zone_id) references zones (id),
#   foreign key (keypair_id) references keypairs (id)
# );

key = element Key {
	attribute id { xsd:string },

	# reference to KeyPair@id
	element KeyPairId { xsd:string },

	element Type { "KSK" | "ZSK" | "CSK" },
	element Standby { empty }?,

	element Publish { xsd:dateTime | empty }?,
	element Ready { xsd:dateTime | empty }?,
	element Active { xsd:dateTime | empty }?,
	element Retire { xsd:dateTime | empty }?,
	element Dead { xsd:dateTime | empty }?
}


# create table keypairs(
#   id     integer primary key autoincrement,
#   HSMkey_id  varchar(255) not null,
#   algorithm     tinyint not null,             -- algorithm code
#   size          smallint,
#   securitymodule_id          tinyint,                      -- where the key is stored
#   generate      varchar(64) null default null,  -- time key inserted into database
#   policy_id        mediumint,
#   compromisedflag tinyint,
#   publickey     varchar(1024),                -- public key data
#   pre_backup    varchar(64) null default null,  -- time when backup was started
#   backup        varchar(64) null default null,  -- time when backup was finished
#   fixedDate     tinyint default 0,            -- Set to 1 to stop dates from being set according to the policy timings        
#   
#   foreign key (securitymodule_id) references securitymodules (id),
#   foreign key (policy_id) references policies (id)
# );

keypair = element KeyPair {
	attribute id { xsd:string },

	element Algorithm { xsd:nonNegativeInteger },
	element Size { xsd:nonNegativeInteger },

	# where to locate the key; HSM and CKA_ID
	element Repository { xsd:string },
	element Locator { xsd:string },

	# under what policy was the key pair generated (if applicable)
	element Policy { xsd:string }?,

	# when was the key originally generated
	element Generated { xsd:dateTime }?,
	
	# when was the key last backed up
	element LastBackup { xsd:dateTime }?,

	# is the key compromised?
	element Compromised { empty }?
}

APT Browse - Built by Thomas Orozco.