mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-22 18:19:42 +00:00
Code Issues Releases Wiki Activity

1180. [func] dnssec-keygen should always generate keys with

Browse Source 
protocol 3 (DNSSEC), since it's less confusing
			that way.
This commit is contained in:
Brian Wellington 2002-01-21 10:13:20 +00:00
parent 930ecd3756
commit 2ca556300b
3 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -1,3 +1,7 @@
1180. [func] dnssec-keygen should always generate keys with
protocol 3 (DNSSEC), since it's less confusing
that way.
1179. [func] Add SIG(0) support to nsupdate. 1179. [func] Add SIG(0) support to nsupdate.
1178. [func] Follow and cache (if appropriate) A6 and other 1178. [func] Follow and cache (if appropriate) A6 and other

12
bin/dnssec/dnssec-keygen.c
View File

@ -17,7 +17,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: dnssec-keygen.c,v 1.59 2001/11/15 19:44:52 bwelling Exp $ */ /* $Id: dnssec-keygen.c,v 1.60 2002/01/21 10:13:19 bwelling Exp $ */
#include <config.h> #include <config.h>
@ -79,7 +79,7 @@ usage(void) {
"AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF " "AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF "
"(default: AUTHCONF)\n"); "(default: AUTHCONF)\n");
fprintf(stderr, " -p <protocol>: " fprintf(stderr, " -p <protocol>: "
"default: 2 [email] for USER, 3 [dnssec] otherwise\n"); "default: 3 [dnssec]\n");
fprintf(stderr, " -s <strength> strength value this key signs DNS " fprintf(stderr, " -s <strength> strength value this key signs DNS "
"records with (default: 0)\n"); "records with (default: 0)\n");
fprintf(stderr, " -r <randomdev>: a file containing random data\n"); fprintf(stderr, " -r <randomdev>: a file containing random data\n");
@ -270,12 +270,8 @@ main(int argc, char **argv) {
flags |= signatory; flags |= signatory;
if (protocol == -1) { if (protocol == -1)
if ((flags & DNS_KEYFLAG_OWNERMASK) == DNS_KEYOWNER_USER) protocol = DNS_KEYPROTO_DNSSEC;
protocol = DNS_KEYPROTO_EMAIL;
else
protocol = DNS_KEYPROTO_DNSSEC;
}
if ((flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) { if ((flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) {
if (size > 0) if (size > 0)

5
bin/dnssec/dnssec-keygen.docbook
View File

@ -16,7 +16,7 @@
- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
--> -->
<!-- $Id: dnssec-keygen.docbook,v 1.3 2001/04/10 21:50:26 bwelling Exp $ --> <!-- $Id: dnssec-keygen.docbook,v 1.4 2002/01/21 10:13:20 bwelling Exp $ -->
<refentry> <refentry>
<refentryinfo> <refentryinfo>
@ -156,8 +156,7 @@
<listitem> <listitem>
<para> <para>
Sets the protocol value for the generated key. The protocol Sets the protocol value for the generated key. The protocol
is a number between 0 and 255. The default is 2 (email) for is a number between 0 and 255. The default is 3 (DNSSEC).
keys of type USER and 3 (DNSSEC) for all other key types.
Other possible values for this argument are listed in Other possible values for this argument are listed in
RFC 2535 and its successors. RFC 2535 and its successors.
</para> </para>