X-Git-Url: http://mj.ucw.cz/gitweb/?a=blobdiff_plain;f=bin%2Fgenzone;h=432ad43e8e8cd6503d6b6b5f37c50300141f6360;hb=1b94db37379e7f3d042ae7aeb3275a6a1ddd9081;hp=4af086795f5b878f423f8652e2190082b72f4b6c;hpb=01d87a6fdf13de165ec6b2bfc48827e4ee5f60a4;p=nsc-5.git

diff --git a/bin/genzone b/bin/genzone
index 4af0867..432ad43 100755
--- a/bin/genzone
+++ b/bin/genzone
@@ -33,7 +33,12 @@ else
 			echo >&2 "FATAL: Cannot establish zone origin for $Z"
 			exit 1
 		fi
-		if ! dnssec-signzone -a -d tmp -K keys/$Z $SIGNZONE_OPTIONS -f zone/$Z.signed -o $ORIGIN -S -3 - zone/$Z.new &>zone/$Z.tmp ; then
+		NSEC="-3 -"
+		if [ -f bin/dnssec-hacks ] ; then
+			# Undocumented hook for hacks
+			. bin/dnssec-hacks
+		fi
+		if ! dnssec-signzone -a -d tmp -K keys/$Z $SIGNZONE_OPTIONS -f zone/$Z.signed -o $ORIGIN -S $NSEC zone/$Z.new &>zone/$Z.tmp ; then
 			cat zone/$Z.tmp
 			echo >&2 "FATAL: Cannot sign $Z"
 			exit 1
@@ -41,6 +46,7 @@ else
 		rm -f zone/$Z.tmp
 		rm -f tmp/dsset-*
 		mv zone/$Z.signed zone/$Z
+		rm -f zone/$Z.new
 		SIGNED=" (signed)"
 	else
 		mv zone/$Z.new zone/$Z