aboutsummaryrefslogtreecommitdiff
path: root/bin/dnssec
diff options
context:
space:
mode:
Diffstat (limited to 'bin/dnssec')
-rw-r--r--bin/dnssec/Makefile.in4
-rw-r--r--bin/dnssec/dnssec-dsfromkey.86
-rw-r--r--bin/dnssec/dnssec-dsfromkey.c16
-rw-r--r--bin/dnssec/dnssec-dsfromkey.docbook5
-rw-r--r--bin/dnssec/dnssec-dsfromkey.html18
-rw-r--r--bin/dnssec/dnssec-keyfromlabel.86
-rw-r--r--bin/dnssec/dnssec-keyfromlabel.c11
-rw-r--r--bin/dnssec/dnssec-keyfromlabel.docbook5
-rw-r--r--bin/dnssec/dnssec-keyfromlabel.html14
-rw-r--r--bin/dnssec/dnssec-keygen.86
-rw-r--r--bin/dnssec/dnssec-keygen.c13
-rw-r--r--bin/dnssec/dnssec-keygen.docbook5
-rw-r--r--bin/dnssec/dnssec-keygen.html16
-rw-r--r--bin/dnssec/dnssec-signzone.86
-rw-r--r--bin/dnssec/dnssec-signzone.c46
-rw-r--r--bin/dnssec/dnssec-signzone.docbook5
-rw-r--r--bin/dnssec/dnssec-signzone.html16
-rw-r--r--bin/dnssec/dnssectool.c4
-rw-r--r--bin/dnssec/dnssectool.h9
19 files changed, 118 insertions, 93 deletions
diff --git a/bin/dnssec/Makefile.in b/bin/dnssec/Makefile.in
index 50429be61337..a82ade228444 100644
--- a/bin/dnssec/Makefile.in
+++ b/bin/dnssec/Makefile.in
@@ -1,4 +1,4 @@
-# Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC")
+# Copyright (C) 2004, 2005, 2007, 2008, 2012 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2000-2002 Internet Software Consortium.
#
# Permission to use, copy, modify, and/or distribute this software for any
@@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: Makefile.in,v 1.35 2008-11-07 02:28:49 marka Exp $
+# $Id$
srcdir = @srcdir@
VPATH = @srcdir@
diff --git a/bin/dnssec/dnssec-dsfromkey.8 b/bin/dnssec/dnssec-dsfromkey.8
index c49ccdc82377..9525b40c31cb 100644
--- a/bin/dnssec/dnssec-dsfromkey.8
+++ b/bin/dnssec/dnssec-dsfromkey.8
@@ -1,4 +1,4 @@
-.\" Copyright (C) 2008 Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (C) 2008, 2012 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
@@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-dsfromkey.8,v 1.5.14.1 2010-05-19 02:06:11 tbox Exp $
+.\" $Id$
.\"
.hy 0
.ad l
@@ -120,5 +120,5 @@ RFC 4509.
.PP
Internet Systems Consortium
.SH "COPYRIGHT"
-Copyright \(co 2008 Internet Systems Consortium, Inc. ("ISC")
+Copyright \(co 2008, 2012 Internet Systems Consortium, Inc. ("ISC")
.br
diff --git a/bin/dnssec/dnssec-dsfromkey.c b/bin/dnssec/dnssec-dsfromkey.c
index 934d25bd35ab..6cffeb641b33 100644
--- a/bin/dnssec/dnssec-dsfromkey.c
+++ b/bin/dnssec/dnssec-dsfromkey.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2010 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2008-2012 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dnssec-dsfromkey.c,v 1.2.14.6 2010-01-11 23:47:22 tbox Exp $ */
+/* $Id$ */
/*! \file */
@@ -215,18 +215,16 @@ emitds(unsigned int dtype, dns_rdata_t *rdata)
if (result != ISC_R_SUCCESS)
fatal("can't print DS name");
- putchar(' ');
-
isc_buffer_usedregion(&classb, &r);
- isc_util_fwrite(r.base, 1, r.length, stdout);
-
- printf(" DS ");
+ printf(" %.*s", (int)r.length, r.base);
isc_buffer_usedregion(&textb, &r);
- isc_util_fwrite(r.base, 1, r.length, stdout);
- putchar('\n');
+ printf(" DS %.*s\n", (int)r.length, r.base);
}
+ISC_PLATFORM_NORETURN_PRE static void
+usage(void) ISC_PLATFORM_NORETURN_POST;
+
static void
usage(void) {
fprintf(stderr, "Usage:\n");
diff --git a/bin/dnssec/dnssec-dsfromkey.docbook b/bin/dnssec/dnssec-dsfromkey.docbook
index c4ea38d68d94..b992fd2d3df7 100644
--- a/bin/dnssec/dnssec-dsfromkey.docbook
+++ b/bin/dnssec/dnssec-dsfromkey.docbook
@@ -2,7 +2,7 @@
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
[<!ENTITY mdash "&#8212;">]>
<!--
- - Copyright (C) 2008 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2008, 2012 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
@@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-dsfromkey.docbook,v 1.6 2008-11-07 13:54:11 jreed Exp $ -->
+<!-- $Id$ -->
<refentry id="man.dnssec-dsfromkey">
<refentryinfo>
<date>November 29, 2008</date>
@@ -37,6 +37,7 @@
<docinfo>
<copyright>
<year>2008</year>
+ <year>2012</year>
<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
</copyright>
</docinfo>
diff --git a/bin/dnssec/dnssec-dsfromkey.html b/bin/dnssec/dnssec-dsfromkey.html
index 618648118dd6..8f4bfc45d031 100644
--- a/bin/dnssec/dnssec-dsfromkey.html
+++ b/bin/dnssec/dnssec-dsfromkey.html
@@ -1,5 +1,5 @@
<!--
- - Copyright (C) 2008 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2008, 2012 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
@@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-dsfromkey.html,v 1.5.14.1 2010-05-19 02:06:11 tbox Exp $ -->
+<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -32,14 +32,14 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code> {-s} [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-1</code>] [<code class="option">-2</code>] [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>dir</code></em></code>] {dnsname}</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543424"></a><h2>DESCRIPTION</h2>
+<a name="id2543427"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-dsfromkey</strong></span>
outputs the Delegation Signer (DS) resource record (RR), as defined in
RFC 3658 and RFC 4509, for the given key(s).
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543435"></a><h2>OPTIONS</h2>
+<a name="id2543438"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-1</span></dt>
<dd><p>
@@ -80,7 +80,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543563"></a><h2>EXAMPLE</h2>
+<a name="id2543566"></a><h2>EXAMPLE</h2>
<p>
To build the SHA-256 DS RR from the
<strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
@@ -95,7 +95,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543593"></a><h2>FILES</h2>
+<a name="id2543596"></a><h2>FILES</h2>
<p>
The keyfile can be designed by the key identification
<code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
@@ -109,13 +109,13 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543628"></a><h2>CAVEAT</h2>
+<a name="id2543632"></a><h2>CAVEAT</h2>
<p>
A keyfile error can give a "file not found" even if the file exists.
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543638"></a><h2>SEE ALSO</h2>
+<a name="id2543641"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@@ -124,7 +124,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543674"></a><h2>AUTHOR</h2>
+<a name="id2543677"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
diff --git a/bin/dnssec/dnssec-keyfromlabel.8 b/bin/dnssec/dnssec-keyfromlabel.8
index 45fc0877b725..73586d140c8d 100644
--- a/bin/dnssec/dnssec-keyfromlabel.8
+++ b/bin/dnssec/dnssec-keyfromlabel.8
@@ -1,4 +1,4 @@
-.\" Copyright (C) 2008, 2010 Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (C) 2008, 2010, 2012 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
@@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-keyfromlabel.8,v 1.6.14.3 2010-01-16 01:55:32 tbox Exp $
+.\" $Id$
.\"
.hy 0
.ad l
@@ -149,5 +149,5 @@ RFC 4034.
.PP
Internet Systems Consortium
.SH "COPYRIGHT"
-Copyright \(co 2008, 2010 Internet Systems Consortium, Inc. ("ISC")
+Copyright \(co 2008, 2010, 2012 Internet Systems Consortium, Inc. ("ISC")
.br
diff --git a/bin/dnssec/dnssec-keyfromlabel.c b/bin/dnssec/dnssec-keyfromlabel.c
index ac909943c1b8..bf5b09032833 100644
--- a/bin/dnssec/dnssec-keyfromlabel.c
+++ b/bin/dnssec/dnssec-keyfromlabel.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2007, 2008, 2010, 2011 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2007, 2008, 2010-2012 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dnssec-keyfromlabel.c,v 1.4.50.4 2011-03-12 04:57:22 tbox Exp $ */
+/* $Id$ */
/*! \file */
@@ -51,6 +51,9 @@ static const char *algs = "RSA | RSAMD5 | DH | DSA | RSASHA1 |"
" NSEC3DSA | NSEC3RSASHA1 |"
" RSASHA256 | RSASHA512";
+ISC_PLATFORM_NORETURN_PRE static void
+usage(void) ISC_PLATFORM_NORETURN_POST;
+
static void
usage(void) {
fprintf(stderr, "Usage:\n");
@@ -90,7 +93,6 @@ main(int argc, char **argv) {
dns_name_t *name;
isc_uint16_t flags = 0, ksk = 0;
dns_secalg_t alg;
- isc_boolean_t null_key = ISC_FALSE;
isc_mem_t *mctx = NULL;
int ch;
int protocol = -1, signatory = 0;
@@ -265,9 +267,6 @@ main(int argc, char **argv) {
fatal("invalid key name %s: %s", argv[isc_commandline_index],
isc_result_totext(ret));
- if ((flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY)
- null_key = ISC_TRUE;
-
isc_buffer_init(&buf, filename, sizeof(filename) - 1);
/* associate the key */
diff --git a/bin/dnssec/dnssec-keyfromlabel.docbook b/bin/dnssec/dnssec-keyfromlabel.docbook
index a2fff5a0d4b5..021a83c55451 100644
--- a/bin/dnssec/dnssec-keyfromlabel.docbook
+++ b/bin/dnssec/dnssec-keyfromlabel.docbook
@@ -2,7 +2,7 @@
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
[<!ENTITY mdash "&#8212;">]>
<!--
- - Copyright (C) 2008, 2010 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2008, 2010, 2012 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
@@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-keyfromlabel.docbook,v 1.6.14.2 2010-01-15 23:47:31 tbox Exp $ -->
+<!-- $Id$ -->
<refentry id="man.dnssec-keyfromlabel">
<refentryinfo>
<date>February 8, 2008</date>
@@ -38,6 +38,7 @@
<copyright>
<year>2008</year>
<year>2010</year>
+ <year>2012</year>
<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
</copyright>
</docinfo>
diff --git a/bin/dnssec/dnssec-keyfromlabel.html b/bin/dnssec/dnssec-keyfromlabel.html
index ad2a5621ba99..e7440e42a95b 100644
--- a/bin/dnssec/dnssec-keyfromlabel.html
+++ b/bin/dnssec/dnssec-keyfromlabel.html
@@ -1,5 +1,5 @@
<!--
- - Copyright (C) 2008, 2010 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2008, 2010, 2012 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
@@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-keyfromlabel.html,v 1.5.44.3 2010-01-16 01:55:32 tbox Exp $ -->
+<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -31,7 +31,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-keyfromlabel</code> {-a <em class="replaceable"><code>algorithm</code></em>} {-l <em class="replaceable"><code>label</code></em>} [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-k</code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {name}</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543416"></a><h2>DESCRIPTION</h2>
+<a name="id2543419"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-keyfromlabel</strong></span>
gets keys with the given label from a crypto hardware and builds
key files for DNSSEC (Secure DNS), as defined in RFC 2535
@@ -39,7 +39,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543428"></a><h2>OPTIONS</h2>
+<a name="id2543431"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
@@ -120,7 +120,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543632"></a><h2>GENERATED KEY FILES</h2>
+<a name="id2543635"></a><h2>GENERATED KEY FILES</h2>
<p>
When <span><strong class="command">dnssec-keyfromlabel</strong></span> completes
successfully,
@@ -161,7 +161,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543704"></a><h2>SEE ALSO</h2>
+<a name="id2543707"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@@ -169,7 +169,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543737"></a><h2>AUTHOR</h2>
+<a name="id2543740"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
diff --git a/bin/dnssec/dnssec-keygen.8 b/bin/dnssec/dnssec-keygen.8
index c4be24eba0cf..d94ce4f83808 100644
--- a/bin/dnssec/dnssec-keygen.8
+++ b/bin/dnssec/dnssec-keygen.8
@@ -1,4 +1,4 @@
-.\" Copyright (C) 2004, 2005, 2007-2010 Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (C) 2004, 2005, 2007-2010, 2012 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium.
.\"
.\" Permission to use, copy, modify, and/or distribute this software for any
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-keygen.8,v 1.40.44.4 2010-01-16 01:55:32 tbox Exp $
+.\" $Id$
.\"
.hy 0
.ad l
@@ -198,7 +198,7 @@ RFC 4034.
.PP
Internet Systems Consortium
.SH "COPYRIGHT"
-Copyright \(co 2004, 2005, 2007\-2010 Internet Systems Consortium, Inc. ("ISC")
+Copyright \(co 2004, 2005, 2007\-2010, 2012 Internet Systems Consortium, Inc. ("ISC")
.br
Copyright \(co 2000\-2003 Internet Software Consortium.
.br
diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c
index c469a7d1b52d..feef3b3d84dc 100644
--- a/bin/dnssec/dnssec-keygen.c
+++ b/bin/dnssec/dnssec-keygen.c
@@ -1,5 +1,5 @@
/*
- * Portions Copyright (C) 2004-2008, 2010, 2011 Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (C) 2004-2008, 2010-2012 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -29,7 +29,7 @@
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dnssec-keygen.c,v 1.81.48.4 2011-03-12 04:57:23 tbox Exp $ */
+/* $Id$ */
/*! \file */
@@ -72,6 +72,9 @@ dsa_size_ok(int size) {
return (ISC_TF(size >= 512 && size <= 1024 && size % 64 == 0));
}
+ISC_PLATFORM_NORETURN_PRE static void
+usage(void) ISC_PLATFORM_NORETURN_POST;
+
static void
usage(void) {
fprintf(stderr, "Usage:\n");
@@ -124,7 +127,8 @@ usage(void) {
int
main(int argc, char **argv) {
- char *algname = NULL, *nametype = NULL, *type = NULL;
+ char *algname = NULL, *freeit = NULL;
+ char *nametype = NULL, *type = NULL;
char *classname = NULL;
char *endp;
dst_key_t *key = NULL, *oldkey;
@@ -552,5 +556,8 @@ main(int argc, char **argv) {
isc_mem_stats(mctx, stdout);
isc_mem_destroy(&mctx);
+ if (freeit != NULL)
+ free(freeit);
+
return (0);
}
diff --git a/bin/dnssec/dnssec-keygen.docbook b/bin/dnssec/dnssec-keygen.docbook
index 5c7d1649fe67..d35a9b7c986c 100644
--- a/bin/dnssec/dnssec-keygen.docbook
+++ b/bin/dnssec/dnssec-keygen.docbook
@@ -2,7 +2,7 @@
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
[<!ENTITY mdash "&#8212;">]>
<!--
- - Copyright (C) 2004, 2005, 2007-2010 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2004, 2005, 2007-2010, 2012 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium.
-
- Permission to use, copy, modify, and/or distribute this software for any
@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-keygen.docbook,v 1.22.44.4 2010-01-15 23:47:33 tbox Exp $ -->
+<!-- $Id$ -->
<refentry id="man.dnssec-keygen">
<refentryinfo>
<date>June 30, 2000</date>
@@ -43,6 +43,7 @@
<year>2008</year>
<year>2009</year>
<year>2010</year>
+ <year>2012</year>
<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
</copyright>
<copyright>
diff --git a/bin/dnssec/dnssec-keygen.html b/bin/dnssec/dnssec-keygen.html
index 7ca7d577e8fb..70b881ef4d73 100644
--- a/bin/dnssec/dnssec-keygen.html
+++ b/bin/dnssec/dnssec-keygen.html
@@ -1,5 +1,5 @@
<!--
- - Copyright (C) 2004, 2005, 2007-2010 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2004, 2005, 2007-2010, 2012 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium.
-
- Permission to use, copy, modify, and/or distribute this software for any
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-keygen.html,v 1.32.44.4 2010-01-16 01:55:32 tbox Exp $ -->
+<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-keygen</code> {-a <em class="replaceable"><code>algorithm</code></em>} {-b <em class="replaceable"><code>keysize</code></em>} {-n <em class="replaceable"><code>nametype</code></em>} [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-e</code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-g <em class="replaceable"><code>generator</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k</code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-s <em class="replaceable"><code>strength</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {name}</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543483"></a><h2>DESCRIPTION</h2>
+<a name="id2543486"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-keygen</strong></span>
generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
and RFC 4034. It can also generate keys for use with
@@ -45,7 +45,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543501"></a><h2>OPTIONS</h2>
+<a name="id2543505"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
@@ -155,7 +155,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543836"></a><h2>GENERATED KEYS</h2>
+<a name="id2543840"></a><h2>GENERATED KEYS</h2>
<p>
When <span><strong class="command">dnssec-keygen</strong></span> completes
successfully,
@@ -201,7 +201,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543918"></a><h2>EXAMPLE</h2>
+<a name="id2543922"></a><h2>EXAMPLE</h2>
<p>
To generate a 768-bit DSA key for the domain
<strong class="userinput"><code>example.com</code></strong>, the following command would be
@@ -222,7 +222,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2544030"></a><h2>SEE ALSO</h2>
+<a name="id2544034"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 2539</em>,
@@ -231,7 +231,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2544061"></a><h2>AUTHOR</h2>
+<a name="id2544065"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
diff --git a/bin/dnssec/dnssec-signzone.8 b/bin/dnssec/dnssec-signzone.8
index bfe7a2013b18..1596bfdbc950 100644
--- a/bin/dnssec/dnssec-signzone.8
+++ b/bin/dnssec/dnssec-signzone.8
@@ -1,4 +1,4 @@
-.\" Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (C) 2004-2009, 2012 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium.
.\"
.\" Permission to use, copy, modify, and/or distribute this software for any
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-signzone.8,v 1.47.44.8 2009-11-07 01:56:11 tbox Exp $
+.\" $Id$
.\"
.hy 0
.ad l
@@ -304,7 +304,7 @@ RFC 4033.
.PP
Internet Systems Consortium
.SH "COPYRIGHT"
-Copyright \(co 2004\-2009 Internet Systems Consortium, Inc. ("ISC")
+Copyright \(co 2004\-2009, 2012 Internet Systems Consortium, Inc. ("ISC")
.br
Copyright \(co 2000\-2003 Internet Software Consortium.
.br
diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c
index 9feb192de592..92697100c4c1 100644
--- a/bin/dnssec/dnssec-signzone.c
+++ b/bin/dnssec/dnssec-signzone.c
@@ -1,5 +1,5 @@
/*
- * Portions Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -29,7 +29,7 @@
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dnssec-signzone.c,v 1.209.12.24 2011-05-07 00:23:50 each Exp $ */
+/* $Id$ */
/*! \file */
@@ -533,7 +533,8 @@ signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name,
}
if (keep) {
- nowsignedby[key->position] = ISC_TRUE;
+ if (key != NULL)
+ nowsignedby[key->position] = ISC_TRUE;
INCSTAT(nretained);
if (sigset.ttl != ttl) {
vbprintf(2, "\tfixing ttl %s\n", sigstr);
@@ -2899,6 +2900,9 @@ print_version(FILE *fp) {
fprintf(fp, "; dnssec_signzone version " VERSION "\n");
}
+ISC_PLATFORM_NORETURN_PRE static void
+usage(void) ISC_PLATFORM_NORETURN_POST;
+
static void
usage(void) {
fprintf(stderr, "Usage:\n");
@@ -2972,28 +2976,36 @@ removetempfile(void) {
}
static void
-print_stats(isc_time_t *timer_start, isc_time_t *timer_finish) {
- isc_uint64_t runtime_us; /* Runtime in microseconds */
- isc_uint64_t runtime_ms; /* Runtime in milliseconds */
+print_stats(isc_time_t *timer_start, isc_time_t *timer_finish,
+ isc_time_t *sign_start, isc_time_t *sign_finish)
+{
+ isc_uint64_t time_us; /* Time in microseconds */
+ isc_uint64_t time_ms; /* Time in milliseconds */
isc_uint64_t sig_ms; /* Signatures per millisecond */
- runtime_us = isc_time_microdiff(timer_finish, timer_start);
-
printf("Signatures generated: %10d\n", nsigned);
printf("Signatures retained: %10d\n", nretained);
printf("Signatures dropped: %10d\n", ndropped);
printf("Signatures successfully verified: %10d\n", nverified);
printf("Signatures unsuccessfully verified: %10d\n", nverifyfailed);
- runtime_ms = runtime_us / 1000;
- printf("Runtime in seconds: %7u.%03u\n",
- (unsigned int) (runtime_ms / 1000),
- (unsigned int) (runtime_ms % 1000));
- if (runtime_us > 0) {
- sig_ms = ((isc_uint64_t)nsigned * 1000000000) / runtime_us;
+
+ time_us = isc_time_microdiff(sign_finish, sign_start);
+ time_ms = time_us / 1000;
+ printf("Signing time in seconds: %7u.%03u\n",
+ (unsigned int) (time_ms / 1000),
+ (unsigned int) (time_ms % 1000));
+ if (time_us > 0) {
+ sig_ms = ((isc_uint64_t)nsigned * 1000000000) / time_us;
printf("Signatures per second: %7u.%03u\n",
(unsigned int) sig_ms / 1000,
(unsigned int) sig_ms % 1000);
}
+
+ time_us = isc_time_microdiff(timer_finish, timer_start);
+ time_ms = time_us / 1000;
+ printf("Runtime in seconds: %7u.%03u\n",
+ (unsigned int) (time_ms / 1000),
+ (unsigned int) (time_ms % 1000));
}
int
@@ -3007,6 +3019,7 @@ main(int argc, char *argv[]) {
int ndskeys = 0;
char *endp;
isc_time_t timer_start, timer_finish;
+ isc_time_t sign_start, sign_finish;
signer_key_t *key;
isc_result_t result;
isc_log_t *log = NULL;
@@ -3543,6 +3556,7 @@ main(int argc, char *argv[]) {
RUNTIME_CHECK(isc_mutex_init(&statslock) == ISC_R_SUCCESS);
presign();
+ TIME_NOW(&sign_start);
signapex();
if (!finished) {
/*
@@ -3567,6 +3581,7 @@ main(int argc, char *argv[]) {
isc_taskmgr_destroy(&taskmgr);
isc_mem_put(mctx, tasks, ntasks * sizeof(isc_task_t *));
postsign();
+ TIME_NOW(&sign_finish);
verifyzone();
if (outputformat != dns_masterformat_text) {
@@ -3621,7 +3636,8 @@ main(int argc, char *argv[]) {
if (printstats) {
TIME_NOW(&timer_finish);
- print_stats(&timer_start, &timer_finish);
+ print_stats(&timer_start, &timer_finish,
+ &sign_start, &sign_finish);
}
return (0);
diff --git a/bin/dnssec/dnssec-signzone.docbook b/bin/dnssec/dnssec-signzone.docbook
index 87a801e7442f..60b1224c7240 100644
--- a/bin/dnssec/dnssec-signzone.docbook
+++ b/bin/dnssec/dnssec-signzone.docbook
@@ -2,7 +2,7 @@
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
[<!ENTITY mdash "&#8212;">]>
<!--
- - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2004-2009, 2012 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium.
-
- Permission to use, copy, modify, and/or distribute this software for any
@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-signzone.docbook,v 1.31.44.8 2009-11-06 21:36:22 each Exp $ -->
+<!-- $Id$ -->
<refentry id="man.dnssec-signzone">
<refentryinfo>
<date>June 08, 2009</date>
@@ -43,6 +43,7 @@
<year>2007</year>
<year>2008</year>
<year>2009</year>
+ <year>2012</year>
<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
</copyright>
<copyright>
diff --git a/bin/dnssec/dnssec-signzone.html b/bin/dnssec/dnssec-signzone.html
index 1d4ecffc85b4..1a84044e36d3 100644
--- a/bin/dnssec/dnssec-signzone.html
+++ b/bin/dnssec/dnssec-signzone.html
@@ -1,5 +1,5 @@
<!--
- - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2004-2009, 2012 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium.
-
- Permission to use, copy, modify, and/or distribute this software for any
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-signzone.html,v 1.33.44.8 2009-11-07 01:56:11 tbox Exp $ -->
+<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-signzone</code> [<code class="option">-a</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-e <em class="replaceable"><code>end-time</code></em></code>] [<code class="option">-f <em class="replaceable"><code>output-file</code></em></code>] [<code class="option">-g</code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>key</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-I <em class="replaceable"><code>input-format</code></em></code>] [<code class="option">-j <em class="replaceable"><code>jitter</code></em></code>] [<code class="option">-N <em class="replaceable"><code>soa-serial-format</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-O <em class="replaceable"><code>output-format</code></em></code>] [<code class="option">-p</code>] [<code class="option">-P</code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>] [<code class="option">-t</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-z</code>] [<code class="option">-3 <em class="replaceable"><code>salt</code></em></code>] [<code class="option">-H <em class="replaceable"><code>iterations</code></em></code>] [<code class="option">-A</code>] {zonefile} [key...]</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543558"></a><h2>DESCRIPTION</h2>
+<a name="id2543561"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-signzone</strong></span>
signs a zone. It generates
NSEC and RRSIG records and produces a signed version of the
@@ -43,7 +43,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543576"></a><h2>OPTIONS</h2>
+<a name="id2543579"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a</span></dt>
<dd><p>
@@ -273,7 +273,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2544503"></a><h2>EXAMPLE</h2>
+<a name="id2544506"></a><h2>EXAMPLE</h2>
<p>
The following command signs the <strong class="userinput"><code>example.com</code></strong>
zone with the DSA key generated by <span><strong class="command">dnssec-keygen</strong></span>
@@ -302,7 +302,7 @@ db.example.com.signed
%</pre>
</div>
<div class="refsect1" lang="en">
-<a name="id2544554"></a><h2>KNOWN BUGS</h2>
+<a name="id2544557"></a><h2>KNOWN BUGS</h2>
<p>
<span><strong class="command">dnssec-signzone</strong></span> was designed so that it could
sign a zone partially, using only a subset of the DNSSEC keys
@@ -327,14 +327,14 @@ db.example.com.signed
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2544716"></a><h2>SEE ALSO</h2>
+<a name="id2544720"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 4033</em>.
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2544741"></a><h2>AUTHOR</h2>
+<a name="id2544744"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
diff --git a/bin/dnssec/dnssectool.c b/bin/dnssec/dnssectool.c
index 81120e34c49c..0223d9638a2d 100644
--- a/bin/dnssec/dnssectool.c
+++ b/bin/dnssec/dnssectool.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2009, 2012 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dnssectool.c,v 1.45.334.5 2009-06-22 05:05:00 marka Exp $ */
+/* $Id$ */
/*! \file */
diff --git a/bin/dnssec/dnssectool.h b/bin/dnssec/dnssectool.h
index 8cc133df42f4..ef8fce35b831 100644
--- a/bin/dnssec/dnssectool.h
+++ b/bin/dnssec/dnssectool.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2007-2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2007-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dnssectool.h,v 1.22.48.2 2009-09-04 23:46:58 tbox Exp $ */
+/* $Id$ */
#ifndef DNSSECTOOL_H
#define DNSSECTOOL_H 1
@@ -27,8 +27,9 @@
typedef void (fatalcallback_t)(void);
-void
-fatal(const char *format, ...) ISC_FORMAT_PRINTF(1, 2);
+ISC_PLATFORM_NORETURN_PRE void
+fatal(const char *format, ...)
+ISC_FORMAT_PRINTF(1, 2) ISC_PLATFORM_NORETURN_POST;
void
setfatalcallback(fatalcallback_t *callback);
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-12 17:13:18 +0000