d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Vendor import of BIND 9.8.2

Browse Source
This commit is contained in:
Doug Barton 2012-04-04 23:11:25 +00:00
parent 3939884dc9
commit 42d3eba523
992 changed files with 15763 additions and 13740 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

358
CHANGES
View File

@ -1,9 +1,309 @@
--- 9.8.1-P1 released ---
--- 9.8.2 released ---
3298. [bug] Named could dereference a NULL pointer in
zmgr_start_xfrin_ifquota if the zone was being removed.
[RT #28419]
3297. [bug] Named could die on a malformed master file. [RT #28467]
3295. [bug] Adjust isc_time_secondsastimet range check to be more
portable. [RT # 26542]
3294. [bug] isccc/cc.c:table_fromwire failed to free alist on
error. [RT #28265]
3291. [port] Fixed a build error on systems without ENOTSUP.
[RT #28200]
3290. [bug] <isc/hmacsha.h> was not being installed. [RT #28169]
3288. [bug] dlz_destroy() function wasn't correctly registered
by the DLZ dlopen driver. [RT #28056]
3287. [port] Update ans.pl to work with Net::DNS 0.68. [RT #28028]
3286. [bug] Managed key maintenance timer could fail to start
after 'rndc reconfig'. [RT #26786]
--- 9.8.2rc2 released ---
3285. [bug] val-frdataset was incorrectly disassociated in
proveunsecure after calling startfinddlvsep.
[RT #27928]
3284. [bug] Address race conditions with the handling of
rbtnode.deadlink. [RT #27738]
3283. [bug] Raw zones with with more than 512 records in a RRset
failed to load. [RT #27863]
3282. [bug] Restrict the TTL of NS RRset to no more than that
of the old NS RRset when replacing it.
[RT #27792] [RT #27884]
3281. [bug] SOA refresh queries could be treated as cancelled
despite succeeding over the loopback interface.
[RT #27782]
3280. [bug] Potential double free of a rdataset on out of memory
with DNS64. [RT #27762]
3278. [bug] Make sure automatic key maintenance is started
when "auto-dnssec maintain" is turned on during
"rndc reconfig". [RT #26805]
3276. [bug] win32: ns_os_openfile failed to return NULL on
safe_open failure. [RT #27696]
3274. [bug] Log when a zone is not reusable. Only set loadtime
on successful loads. [RT #27650]
3273. [bug] AAAA responses could be returned in the additional
section even when filter-aaaa-on-v4 was in use.
[RT #27292]
3271. [port] darwin: mksymtbl is not always stable, loop several
times before giving up. mksymtbl was using non
portable perl to covert 64 bit hex strings. [RT #27653]
3268. [bug] Convert RRSIG expiry times to 64 timestamps to work
out the earliest expiry time. [RT #23311]
3267. [bug] Memory allocation failures could be mis-reported as
unexpected error. New ISC_R_UNSET result code.
[RT #27336]
3266. [bug] The maximum number of NSEC3 iterations for a
DNSKEY RRset was not being properly computed.
[RT #26543]
3262. [bug] Signed responses were handled incorrectly by RPZ.
[RT #27316]
--- 9.8.2rc1 released ---
3260. [bug] "rrset-order cyclic" could appear not to rotate
for some query patterns. [RT #27170/27185]
3259. [bug] named-compilezone: Suppress "dump zone to <file>"
message when writing to stdout. [RT #27109]
3258. [test] Add "forcing full sign with unreadable keys" test.
[RT #27153]
3257. [bug] Do not generate a error message when calling fsync()
in a pipe or socket. [RT #27109]
3256. [bug] Disable empty zones for lwresd -C. [RT #27139]
3254. [bug] Set isc_socket_ipv6only() on the IPv6 control channels.
[RT #22249]
3253. [bug] Return DNS_R_SYNTAX when the input to a text field is
too long. [RT #26956]
3251. [bug] Enforce a upper bound (65535 bytes) on the amount of
memory dns_sdlz_putrr() can allocate per record to
prevent run away memory consumption on ISC_R_NOSPACE.
[RT #26956]
3250. [func] 'configure --enable-developer'; turn on various
configure options, normally off by default, that
we want developers to build and test with. [RT #27103]
3249. [bug] Update log message when saving slave zones files for
analysis after load failures. [RT #27087]
3248. [bug] Configure options --enable-fixed-rrset and
--enable-exportlib were incompatible with each
other. [RT #27087]
3247. [bug] 'raw' format zones failed to preserve load order
breaking 'fixed' sort order. [RT #27087]
3243. [port] netbsd,bsdi: the thread defaults were not being
properly set.
3241. [bug] Address race conditions in the resolver code.
[RT #26889]
3240. [bug] DNSKEY state change events could be missed. [RT #26874]
3239. [bug] dns_dnssec_findmatchingkeys needs to use a consistent
timestamp. [RT #26883]
3238. [bug] keyrdata was not being reinitialized in
lib/dns/rbtdb.c:iszonesecure. [RT#26913]
3237. [bug] dig -6 didn't work with +trace. [RT #26906]
--- 9.8.2b1 released ---
3234. [bug] 'make depend' produced invalid makefiles. [RT #26830]
3231. [bug] named could fail to send a uncompressable zone.
[RT #26796]
3230. [bug] 'dig axfr' failed to properly handle a multi-message
axfr with a serial of 0. [RT #26796]
3229. [bug] Fix local variable to struct var assignment
found by CLANG warning.
3228. [tuning] Dynamically grow symbol table to improve zone
loading performance. [RT #26523]
3227. [bug] Interim fix to make WKS's use of getprotobyname()
and getservbyname() self thread safe. [RT #26232]
3226. [bug] Address minor resource leakages. [RT #26624]
3221. [bug] Fixed a potential coredump on shutdown due to
referencing fetch context after it's been freed.
[RT #26720]
3220. [bug] Change #3186 was incomplete; dns_db_rpz_findips()
could fail to set the database version correctly,
causing an assertion failure. [RT #26180]
3218. [security] Cache lookup could return RRSIG data associated with
nonexistent records, leading to an assertion
failure. [RT #26590]
3217. [cleanup] Fix build problem with --disable-static. [RT #26476]
3216. [bug] resolver.c:validated() was not thread-safe. [RT #26478]
3213. [doc] Clarify ixfr-from-differences behavior. [RT #25188]
3212. [bug] rbtdb.c: failed to remove a node from the deadnodes
list prior to adding a reference to it leading a
possible assertion failure. [RT #23219]
3209. [func] Add "dnssec-lookaside 'no'". [RT #24858]
3208. [bug] 'dig -y' handle unknown tsig alorithm better.
[RT #25522]
3207. [contrib] Fixed build error in Berkeley DB DLZ module. [RT #26444]
3206. [cleanup] Add ISC information to log at start time. [RT #25484]
3204. [bug] When a master server that has been marked as
unreachable sends a NOTIFY, mark it reachable
again. [RT #25960]
3203. [bug] Increase log level to 'info' for validation failures
from expired or not-yet-valid RRSIGs. [RT #21796]
3200. [doc] Some rndc functions were undocumented or were
missing from 'rndc -h' output. [RT #25555]
3198. [doc] Clarified that dnssec-settime can alter keyfile
permissions. [RT #24866]
3196. [bug] nsupdate: return nonzero exit code when target zone
doesn't exist. [RT #25783]
3195. [cleanup] Silence "file not found" warnings when loading
managed-keys zone. [RT #26340]
3194. [doc] Updated RFC references in the 'empty-zones-enable'
documentation. [RT #25203]
3193. [cleanup] Changed MAXZONEKEYS to DNS_MAXZONEKEYS, moved to
dnssec.h. [RT #26415]
3192. [bug] A query structure could be used after being freed.
[RT #22208]
3191. [bug] Print NULL records using "unknown" format. [RT #26392]
3190. [bug] Underflow in error handling in isc_mutexblock_init.
[RT #26397]
3189. [test] Added a summary report after system tests. [RT #25517]
3188. [bug] zone.c:zone_refreshkeys() could fail to detach
references correctly when errors occurred, causing
a hang on shutdown. [RT #26372]
3187. [port] win32: support for Visual Studio 2008. [RT #26356]
3186. [bug] Version/db mis-match in rpz code. [RT #26180]
3179. [port] kfreebsd: build issues. [RT #26273]
3175. [bug] Fix how DNSSEC positive wildcard responses from a
NSEC3 signed zone are validated. Stop sending a
unnecessary NSEC3 record when generating such
responses. [RT #26200]
3174. [bug] Always compute to revoked key tag from scratch.
[RT #26186]
3173. [port] Correctly validate root DS responses. [RT #25726]
3171. [bug] Exclusively lock the task when adding a zone using
'rndc addzone'. [RT #25600]
3170. [func] RPZ update:
- fix precedence among competing rules
- improve ARM text including documenting rule precedence
- try to rewrite CNAME chains until first hit
- new "rpz" logging channel
- RDATA for CNAME rules can include wildcards
- replace "NO-OP" named.conf policy override with
"PASSTHRU" and add "DISABLED" override ("NO-OP"
is still recognized)
[RT #25172]
3169. [func] Catch db/version mis-matches when calling dns_db_*().
[RT #26017]
3167. [bug] Negative answers from forwarders were not being
correctly tagged making them appear to not be cached.
[RT #25380]
3162. [test] start.pl: modified to allow for "named.args" in
ns*/ subdirectory to override stock arguments to
named. Largely from RT#26044, but no separate ticket.
3161. [bug] zone.c:del_sigs failed to always reset rdata leading
assertion failures. [RT #25880]
3157. [tuning] Reduce the time spent in "rndc reconfig" by parsing
the config file before pausing the server. [RT #21373]
3155. [bug] Fixed a build failure when using contrib DLZ
drivers (e.g., mysql, postgresql, etc). [RT #25710]
3154. [bug] Attempting to print an empty rdataset could trigger
an assert. [RT #25452]
3152. [cleanup] Some versions of gcc and clang failed due to
incorrect use of __builtin_expect. [RT #25183]
3151. [bug] Queries for type RRSIG or SIG could be handled
incorrectly. [RT #21050]
3148. [bug] Processing of normal queries could be stalled when
forwarding a UPDATE message. [RT #24711]
3146. [test] Fixed gcc4.6.0 errors in ATF. [RT #25598]
3145. [test] Capture output of ATF unit tests in "./atf.out" if
there were any errors while running them. [RT #25527]
3144. [bug] dns_dbiterator_seek() could trigger an assert when
used with a nonexistent database node. [RT #25358]
3143. [bug] Silence clang compiler warnings. [RT #25174]
3139. [test] Added tests from RFC 6234, RFC 2202, and RFC 1321
for the hashing algorithms (md5, sha1 - sha512, and
their hmac counterparts). [RT #25067]
--- 9.8.1 released ---
--- 9.8.1rc1 released ---
@ -14,7 +314,7 @@
3138. [bug] Address memory leaks and out-of-order operations when
shutting named down. [RT #25210]
3136. [func] Add RFC 1918 reverse zones to the list of built-in
3136. [func] Add RFC 1918 reverse zones to the list of built-in
empty zones switched on by the 'empty-zones-enable'
option. [RT #24990]
@ -34,9 +334,9 @@
3133. [bug] Change #3114 was incomplete. [RT #24577]
3131. [tuning] Improve scalability by allocating one zone task
per 100 zones at startup time, rather than using a
fixed-size task table. [RT #24406]
3131. [tuning] Improve scalability by allocating one zone task
per 100 zones at startup time, rather than using a
fixed-size task table. [RT #24406]
3129. [bug] Named could crash on 'rndc reconfig' when
allow-new-zones was set to yes and named ACLs
@ -62,10 +362,10 @@
3122. [cleanup] dnssec-settime: corrected usage message. [RT #24664]
3121. [security] An authoritative name server sending a negative
response containing a very large RRset could
trigger an off-by-one error in the ncache code
and crash named. [RT #24650]
3121. [security] An authoritative name server sending a negative
response containing a very large RRset could
trigger an off-by-one error in the ncache code
and crash named. [RT #24650]
3120. [bug] Named could fail to validate zones listed in a DLV
that validated insecure without using DLV and had
@ -99,9 +399,9 @@
"krb5-subdomain", which allow machines to update
their own records, to the BIND 9 ARM.
3111. [bug] Improved consistency checks for dnssec-enable and
dnssec-validation, added test cases to the
checkconf system test. [RT #24398]
3111. [bug] Improved consistency checks for dnssec-enable and
dnssec-validation, added test cases to the
checkconf system test. [RT #24398]
3110. [bug] dnssec-signzone: Wrong error message could appear
when attempting to sign with no KSK. [RT #24369]
@ -109,10 +409,10 @@
3107. [bug] dnssec-signzone: Report the correct number of ZSKs
when using -x. [RT #20852]
3105. [bug] GOST support can be suppressed by "configure
--without-gost" [RT #24367]
3105. [bug] GOST support can be suppressed by "configure
--without-gost" [RT #24367]
3104. [bug] Better support for cross-compiling. [RT #24367]
3104. [bug] Better support for cross-compiling. [RT #24367]
3103. [bug] Configuring 'dnssec-validation auto' in a view
instead of in the options statement could trigger
@ -142,7 +442,7 @@
3094. [doc] Expand dns64 documentation.
3093. [bug] Fix gssapi/kerberos dependencies [RT #23836]
3093. [bug] Fix gssapi/kerberos dependencies [RT #23836]
3092. [bug] Signatures for records at the zone apex could go
stale due to an incorrect timer setting. [RT #23769]
@ -151,7 +451,7 @@
and then subsequently activated could fail to trigger
automatic signing. [RT #22911]
3090. [func] Make --with-gssapi default [RT #23738]
3090. [func] Make --with-gssapi default [RT #23738]
3088. [bug] Remove bin/tests/system/logfileconfig/ns1/named.conf
and add setup.sh in order to resolve changing
@ -269,9 +569,9 @@
3043. [test] Merged in the NetBSD ATF test framework (currently
version 0.12) for development of future unit tests.
Use configure --with-atf to build ATF internally
or configure --with-atf=prefix to use an external
copy. [RT #23209]
Use configure --with-atf to build ATF internally
or configure --with-atf=prefix to use an external
copy. [RT #23209]
3042. [bug] dig +trace could fail attempting to use IPv6
addresses on systems with only IPv4 connectivity.
@ -706,7 +1006,7 @@
2929. [bug] Improved handling of GSS security contexts:
- added LRU expiration for generated TSIGs
- added the ability to use a non-default realm
- added new "realm" keyword in nsupdate
- added new "realm" keyword in nsupdate
- limited lifetime of generated keys to 1 hour
or the lifetime of the context (whichever is
smaller)
@ -1535,7 +1835,7 @@
--with-export-includedir. [RT #20252]
2675. [bug] dnssec-signzone could crash if the key directory
did not exist. [RT #20232]
did not exist. [RT #20232]
--- 9.7.0a3 released ---
@ -1626,7 +1926,7 @@
64-bit systems. [RT #20076]
2650. [bug] Assertion failure in dnssec-signzone when trying
to read keyset-* files. [RT #20075]
to read keyset-* files. [RT #20075]
2649. [bug] Set the domain for forward only zones. [RT #19944]
@ -1698,7 +1998,7 @@
2630. [func] Improved syntax for DDNS autoconfiguration: use
"update-policy local;" to switch on local DDNS in a
zone. (The "ddns-autoconf" option has been removed.)
[RT #19875]
[RT #19875]
2629. [port] Check for seteuid()/setegid(), use setresuid()/
setresgid() if not present. [RT #19932]
@ -2383,10 +2683,10 @@
time. [RT #18277]
2423. [security] Randomize server selection on queries, so as to
make forgery a little more difficult. Instead of
always preferring the server with the lowest RTT,
pick a server with RTT within the same 128
millisecond band. [RT #18441]
make forgery a little more difficult. Instead of
always preferring the server with the lowest RTT,
pick a server with RTT within the same 128
millisecond band. [RT #18441]
2422. [bug] Handle the special return value of a empty node as
if it was a NXRRSET in the validator. [RT #18447]
@ -2467,7 +2767,7 @@
2399. [placeholder]
2398. [bug] Improve file descriptor management. New,
2398. [bug] Improve file descriptor management. New,
temporary, named.conf option reserved-sockets,
default 512. [RT #18344]

4
COPYRIGHT
View File

@ -1,4 +1,4 @@
Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
Copyright (C) 1996-2003 Internet Software Consortium.
Permission to use, copy, modify, and/or distribute this software for any
@ -13,7 +13,7 @@ LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
$Id: COPYRIGHT,v 1.17.14.1 2011-02-22 06:34:47 marka Exp $
$Id: COPYRIGHT,v 1.17.14.2 2012/01/04 23:46:18 tbox Exp $
Portions of this code release fall under one or more of the
following Copyright notices. Please see individual source

2
FAQ.xml
View File

@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: FAQ.xml,v 1.54 2010-01-19 23:48:55 tbox Exp $ -->
<!-- $Id: FAQ.xml,v 1.54 2010/01/19 23:48:55 tbox Exp $ -->
<article class="faq">
<title>Frequently Asked Questions about BIND 9</title>

8
Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.58.250.2 2011-02-28 01:19:57 tbox Exp $
# $Id: Makefile.in,v 1.58.250.4 2011/09/06 04:06:11 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
@ -64,8 +64,10 @@ tags:
check: test
test:
(cd bin/tests && ${MAKE} ${MAKEDEFS} test)
(test -f unit/unittest.sh && $(SHELL) unit/unittest.sh)
status=0; \
(cd bin/tests && ${MAKE} ${MAKEDEFS} test) || status=1; \
(test -f unit/unittest.sh && $(SHELL) unit/unittest.sh) || status=1; \
exit $$status
FAQ: FAQ.xml
${XSLTPROC} doc/xsl/isc-docbook-text.xsl FAQ.xml | \

51
README
View File

@ -48,6 +48,14 @@ BIND 9
For a detailed list of user-visible changes from
previous releases, see the CHANGES file.
For up-to-date release notes and errata, see
http://www.isc.org/software/bind9/releasenotes
BIND 9.8.2
BIND 9.8.2 includes a number of bug fixes and prevents a security
problem described in CVE-2011-4313
BIND 9.8.1
BIND 9.8.1 includes a number of bug fixes and enhancements from
@ -314,6 +322,7 @@ Building
libraries. sh-utils-1.16 provides a "printf" which compiles
on SunOS 4.
Documentation
The BIND 9 Administrator Reference Manual is included with the
@ -336,6 +345,48 @@ Documentation
in the other README files.
Change Log
A detailed list of all changes to BIND 9 is included in the
file CHANGES, with the most recent changes listed first.
Change notes include tags indicating the category of the
change that was made; these categories are:
[func] New feature
[bug] General bug fix
[security] Fix for a significant security flaw
[experimental] Used for new features when the syntax
or other aspects of the design are still
in flux and may change
[port] Portability enhancement
[maint] Updates to built-in data such as root
server addresses and keys
[tuning] Changes to built-in configuration defaults
and constants to improve performanceo
[protocol] Updates to the DNS protocol such as new
RR types
[test] Changes to the automatic tests, not
affecting server functionality
[cleanup] Minor corrections and refactoring
[doc] Documentation
In general, [func] and [experimental] tags will only appear
in new-feature releases (i.e., those with version numbers
ending in zero). Some new functionality may be backported to
older releases on a case-by-case basis. All other change
types may be applied to all currently-supported releases.
Bug Reports and Mailing Lists
Bugs reports should be sent to

2
acconfig.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: acconfig.h,v 1.53 2008-12-01 23:47:44 tbox Exp $ */
/* $Id: acconfig.h,v 1.53 2008/12/01 23:47:44 tbox Exp $ */
/*! \file */

2
bin/Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.29 2009-10-05 12:07:08 fdupont Exp $
# $Id: Makefile.in,v 1.29 2009/10/05 12:07:08 fdupont Exp $
srcdir = @srcdir@
VPATH = @srcdir@

2
bin/check/Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.36 2009-12-05 23:31:40 each Exp $
# $Id: Makefile.in,v 1.36 2009/12/05 23:31:40 each Exp $
srcdir = @srcdir@
VPATH = @srcdir@

2
bin/check/check-tool.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: check-tool.c,v 1.41 2010-09-07 23:46:59 tbox Exp $ */
/* $Id: check-tool.c,v 1.41 2010/09/07 23:46:59 tbox Exp $ */
/*! \file */

2
bin/check/check-tool.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: check-tool.h,v 1.16 2010-09-07 23:46:59 tbox Exp $ */
/* $Id: check-tool.h,v 1.16 2010/09/07 23:46:59 tbox Exp $ */
#ifndef CHECK_TOOL_H
#define CHECK_TOOL_H

2
bin/check/named-checkconf.8
View File

@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named-checkconf.8,v 1.33 2009-12-29 01:14:03 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

2
bin/check/named-checkconf.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named-checkconf.c,v 1.54.62.2 2011-03-12 04:59:13 tbox Exp $ */
/* $Id: named-checkconf.c,v 1.54.62.2 2011/03/12 04:59:13 tbox Exp $ */
/*! \file */

2
bin/check/named-checkconf.docbook
View File

@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named-checkconf.docbook,v 1.22 2009-12-28 23:21:16 each Exp $ -->
<!-- $Id: named-checkconf.docbook,v 1.22 2009/12/28 23:21:16 each Exp $ -->
<refentry id="man.named-checkconf">
<refentryinfo>
<date>June 14, 2000</date>

12
bin/check/named-checkconf.html
View File

@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named-checkconf.html,v 1.33 2009-12-29 01:14:03 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">named-checkconf</code> [<code class="option">-h</code>] [<code class="option">-v</code>] [<code class="option">-j</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] {filename} [<code class="option">-p</code>] [<code class="option">-z</code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543395"></a><h2>DESCRIPTION</h2>
<a name="id2543396"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">named-checkconf</strong></span>
checks the syntax, but not the semantics, of a
<span><strong class="command">named</strong></span> configuration file. The file is parsed
@ -52,7 +52,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543444"></a><h2>OPTIONS</h2>
<a name="id2543445"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-h</span></dt>
<dd><p>
@ -91,21 +91,21 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543568"></a><h2>RETURN VALUES</h2>
<a name="id2543569"></a><h2>RETURN VALUES</h2>
<p><span><strong class="command">named-checkconf</strong></span>
returns an exit status of 1 if
errors were detected and 0 otherwise.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543579"></a><h2>SEE ALSO</h2>
<a name="id2543580"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543609"></a><h2>AUTHOR</h2>
<a name="id2543610"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
bin/check/named-checkzone.8
View File

@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named-checkzone.8,v 1.47 2010-01-17 01:14:02 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

14
bin/check/named-checkzone.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named-checkzone.c,v 1.61 2010-09-07 23:46:59 tbox Exp $ */
/* $Id: named-checkzone.c,v 1.61.62.2 2011/12/22 23:45:54 tbox Exp $ */
/*! \file */
@ -112,6 +112,7 @@ main(int argc, char **argv) {
const char *outputformatstr = NULL;
dns_masterformat_t inputformat = dns_masterformat_text;
dns_masterformat_t outputformat = dns_masterformat_text;
isc_boolean_t logdump = ISC_FALSE;
FILE *errout = stdout;
outputstyle = &dns_master_style_full;
@ -418,6 +419,7 @@ main(int argc, char **argv) {
if (progmode == progmode_compile) {
dumpzone = 1; /* always dump */
logdump = !quiet;
if (output_filename == NULL) {
fprintf(stderr,
"output file required, but not specified\n");
@ -436,8 +438,10 @@ main(int argc, char **argv) {
(output_filename == NULL ||
strcmp(output_filename, "-") == 0 ||
strcmp(output_filename, "/dev/fd/1") == 0 ||
strcmp(output_filename, "/dev/stdout") == 0))
strcmp(output_filename, "/dev/stdout") == 0)) {
errout = stderr;
logdump = ISC_FALSE;
}
if (isc_commandline_index + 2 != argc)
usage();
@ -462,13 +466,13 @@ main(int argc, char **argv) {
&zone);
if (result == ISC_R_SUCCESS && dumpzone) {
if (!quiet && progmode == progmode_compile) {
if (logdump) {
fprintf(errout, "dump zone to %s...", output_filename);
fflush(errout);
}
result = dump_zone(origin, zone, output_filename,
outputformat, outputstyle);
if (!quiet && progmode == progmode_compile)
if (logdump)
fprintf(errout, "done\n");
}

2
bin/check/named-checkzone.docbook
View File

@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named-checkzone.docbook,v 1.40 2010-01-16 23:48:15 tbox Exp $ -->
<!-- $Id: named-checkzone.docbook,v 1.40 2010/01/16 23:48:15 tbox Exp $ -->
<refentry id="man.named-checkzone">
<refentryinfo>
<date>June 13, 2000</date>

12
bin/check/named-checkzone.html
View File

@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named-checkzone.html,v 1.47 2010-01-17 01:14:02 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -33,7 +33,7 @@
<div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {<code class="option">-o <em class="replaceable"><code>filename</code></em></code>} {zonename} {filename}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543694"></a><h2>DESCRIPTION</h2>
<a name="id2543696"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">named-checkzone</strong></span>
checks the syntax and integrity of a zone file. It performs the
same checks as <span><strong class="command">named</strong></span> does when loading a
@ -53,7 +53,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543730"></a><h2>OPTIONS</h2>
<a name="id2543731"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-d</span></dt>
<dd><p>
@ -247,14 +247,14 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544377"></a><h2>RETURN VALUES</h2>
<a name="id2544446"></a><h2>RETURN VALUES</h2>
<p><span><strong class="command">named-checkzone</strong></span>
returns an exit status of 1 if
errors were detected and 0 otherwise.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544389"></a><h2>SEE ALSO</h2>
<a name="id2544458"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
<em class="citetitle">RFC 1035</em>,
@ -262,7 +262,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544422"></a><h2>AUTHOR</h2>
<a name="id2544491"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
bin/confgen/Makefile.in
View File

@ -12,7 +12,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.8 2009-12-05 23:31:40 each Exp $
# $Id: Makefile.in,v 1.8 2009/12/05 23:31:40 each Exp $
srcdir = @srcdir@
VPATH = @srcdir@

2
bin/confgen/ddns-confgen.8
View File

@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: ddns-confgen.8,v 1.10 2009-09-19 01:14:52 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

2
bin/confgen/ddns-confgen.c
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: ddns-confgen.c,v 1.9.308.2 2011-03-12 04:59:13 tbox Exp $ */
/* $Id: ddns-confgen.c,v 1.9.308.2 2011/03/12 04:59:13 tbox Exp $ */
/*! \file */

2
bin/confgen/ddns-confgen.docbook
View File

@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: ddns-confgen.docbook,v 1.6 2009-09-18 22:08:55 fdupont Exp $ -->
<!-- $Id: ddns-confgen.docbook,v 1.6 2009/09/18 22:08:55 fdupont Exp $ -->
<refentry id="man.ddns-confgen">
<refentryinfo>
<date>Jan 29, 2009</date>

10
bin/confgen/ddns-confgen.html
View File

@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: ddns-confgen.html,v 1.10 2009-09-19 01:14:52 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -31,7 +31,7 @@
<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ] [<code class="option">-q</code>] [name]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543395"></a><h2>DESCRIPTION</h2>
<a name="id2543396"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">ddns-confgen</strong></span>
generates a key for use by <span><strong class="command">nsupdate</strong></span>
and <span><strong class="command">named</strong></span>. It simplifies configuration
@ -58,7 +58,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543454"></a><h2>OPTIONS</h2>
<a name="id2543456"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd><p>
@ -125,7 +125,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543642"></a><h2>SEE ALSO</h2>
<a name="id2543643"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@ -133,7 +133,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543681"></a><h2>AUTHOR</h2>
<a name="id2543682"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
bin/confgen/include/confgen/os.h
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: os.h,v 1.3 2009-06-11 23:47:55 tbox Exp $ */
/* $Id: os.h,v 1.3 2009/06/11 23:47:55 tbox Exp $ */
/*! \file */

2
bin/confgen/keygen.c
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: keygen.c,v 1.4 2009-11-12 14:02:38 marka Exp $ */
/* $Id: keygen.c,v 1.4 2009/11/12 14:02:38 marka Exp $ */
/*! \file */

2
bin/confgen/keygen.h
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: keygen.h,v 1.3 2009-06-11 23:47:55 tbox Exp $ */
/* $Id: keygen.h,v 1.3 2009/06/11 23:47:55 tbox Exp $ */
#ifndef RNDC_KEYGEN_H
#define RNDC_KEYGEN_H 1

2
bin/confgen/rndc-confgen.8
View File

@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: rndc-confgen.8,v 1.7 2009-07-11 01:12:45 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

2
bin/confgen/rndc-confgen.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: rndc-confgen.c,v 1.5.308.2 2011-03-12 04:59:13 tbox Exp $ */
/* $Id: rndc-confgen.c,v 1.5.308.2 2011/03/12 04:59:13 tbox Exp $ */
/*! \file */

2
bin/confgen/rndc-confgen.docbook
View File

@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: rndc-confgen.docbook,v 1.4 2009-06-15 23:47:59 tbox Exp $ -->
<!-- $Id: rndc-confgen.docbook,v 1.4 2009/06/15 23:47:59 tbox Exp $ -->
<refentry id="man.rndc-confgen">
<refentryinfo>
<date>Aug 27, 2001</date>

12
bin/confgen/rndc-confgen.html
View File

@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: rndc-confgen.html,v 1.7 2009-07-11 01:12:45 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">rndc-confgen</code> [<code class="option">-a</code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543432"></a><h2>DESCRIPTION</h2>
<a name="id2543433"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">rndc-confgen</strong></span>
generates configuration files
for <span><strong class="command">rndc</strong></span>. It can be used as a
@ -48,7 +48,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543477"></a><h2>OPTIONS</h2>
<a name="id2543478"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a</span></dt>
<dd>
@ -155,7 +155,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543790"></a><h2>EXAMPLES</h2>
<a name="id2543792"></a><h2>EXAMPLES</h2>
<p>
To allow <span><strong class="command">rndc</strong></span> to be used with
no manual configuration, run
@ -172,7 +172,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543832"></a><h2>SEE ALSO</h2>
<a name="id2543833"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@ -180,7 +180,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543870"></a><h2>AUTHOR</h2>
<a name="id2543872"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
bin/confgen/unix/Makefile.in
View File

@ -12,7 +12,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.3 2009-06-11 23:47:55 tbox Exp $
# $Id: Makefile.in,v 1.3 2009/06/11 23:47:55 tbox Exp $
srcdir = @srcdir@
VPATH = @srcdir@

2
bin/confgen/unix/os.c
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: os.c,v 1.3 2009-06-11 23:47:55 tbox Exp $ */
/* $Id: os.c,v 1.3 2009/06/11 23:47:55 tbox Exp $ */
/*! \file */

2
bin/confgen/util.c
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: util.c,v 1.3 2009-06-11 23:47:55 tbox Exp $ */
/* $Id: util.c,v 1.3 2009/06/11 23:47:55 tbox Exp $ */
/*! \file */

2
bin/confgen/util.h
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: util.h,v 1.4 2009-09-29 15:06:05 fdupont Exp $ */
/* $Id: util.h,v 1.4 2009/09/29 15:06:05 fdupont Exp $ */
#ifndef RNDC_UTIL_H
#define RNDC_UTIL_H 1

2
bin/dig/Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.47 2009-12-05 23:31:40 each Exp $
# $Id: Makefile.in,v 1.47 2009/12/05 23:31:40 each Exp $
srcdir = @srcdir@
VPATH = @srcdir@

2
bin/dig/dig.1
View File

@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dig.1,v 1.54 2010-03-05 01:14:15 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

4
bin/dig/dig.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dig.c,v 1.237.124.3 2011-03-11 06:46:58 marka Exp $ */
/* $Id: dig.c,v 1.237.124.4 2011/12/07 17:23:55 each Exp $ */
/*! \file */
@ -1527,7 +1527,7 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only,
if (strncmp(rv[0], "%", 1) == 0)
break;
if (strncmp(rv[0], "@", 1) == 0) {
addresscount = getaddresses(lookup, &rv[0][1]);
addresscount = getaddresses(lookup, &rv[0][1], NULL);
} else if (rv[0][0] == '+') {
plus_option(&rv[0][1], is_batchfile,
lookup);

2
bin/dig/dig.docbook
View File

@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dig.docbook,v 1.47 2010-03-04 23:50:34 tbox Exp $ -->
<!-- $Id: dig.docbook,v 1.47 2010/03/04 23:50:34 tbox Exp $ -->
<refentry id="man.dig">
<refentryinfo>

20
bin/dig/dig.html
View File

@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dig.html,v 1.49 2010-03-05 01:14:15 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -34,7 +34,7 @@
<div class="cmdsynopsis"><p><code class="command">dig</code> [global-queryopt...] [query...]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543522"></a><h2>DESCRIPTION</h2>
<a name="id2543524"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dig</strong></span>
(domain information groper) is a flexible tool
for interrogating DNS name servers. It performs DNS lookups and
@ -80,7 +80,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543595"></a><h2>SIMPLE USAGE</h2>
<a name="id2543597"></a><h2>SIMPLE USAGE</h2>
<p>
A typical invocation of <span><strong class="command">dig</strong></span> looks like:
</p>
@ -126,7 +126,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543686"></a><h2>OPTIONS</h2>
<a name="id2543688"></a><h2>OPTIONS</h2>
<p>
The <code class="option">-b</code> option sets the source IP address of the query
to <em class="parameter"><code>address</code></em>. This must be a valid
@ -230,7 +230,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544035"></a><h2>QUERY OPTIONS</h2>
<a name="id2544037"></a><h2>QUERY OPTIONS</h2>
<p><span><strong class="command">dig</strong></span>
provides a number of query options which affect
the way in which lookups are made and the results displayed. Some of
@ -561,7 +561,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545184"></a><h2>MULTIPLE QUERIES</h2>
<a name="id2545186"></a><h2>MULTIPLE QUERIES</h2>
<p>
The BIND 9 implementation of <span><strong class="command">dig </strong></span>
supports
@ -607,7 +607,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545245"></a><h2>IDN SUPPORT</h2>
<a name="id2545248"></a><h2>IDN SUPPORT</h2>
<p>
If <span><strong class="command">dig</strong></span> has been built with IDN (internationalized
domain name) support, it can accept and display non-ASCII domain names.
@ -621,14 +621,14 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545336"></a><h2>FILES</h2>
<a name="id2545338"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
<p><code class="filename">${HOME}/.digrc</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545353"></a><h2>SEE ALSO</h2>
<a name="id2545355"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
@ -636,7 +636,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545390"></a><h2>BUGS</h2>
<a name="id2545393"></a><h2>BUGS</h2>
<p>
There are probably too many query options.
</p>

96
bin/dig/dighost.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dighost.c,v 1.336.22.4 2011-03-11 06:46:58 marka Exp $ */
/* $Id: dighost.c,v 1.336.22.9 2011/12/07 17:23:55 each Exp $ */
/*! \file
* \note
@ -66,6 +66,7 @@
#include <dns/tsig.h>
#include <dst/dst.h>
#include <dst/result.h>
#include <isc/app.h>
#include <isc/base64.h>
@ -81,6 +82,7 @@
#include <isc/print.h>
#include <isc/random.h>
#include <isc/result.h>
#include <isc/serial.h>
#include <isc/string.h>
#include <isc/task.h>
#include <isc/timer.h>
@ -360,6 +362,8 @@ connect_timeout(isc_task_t *task, isc_event_t *event);
static void
launch_next_query(dig_query_t *query, isc_boolean_t include_question);
static void
send_tcp_connect(dig_query_t *query);
static void *
mem_alloc(void *arg, size_t size) {
@ -742,7 +746,7 @@ make_empty_lookup(void) {
looknew->xfr_q = NULL;
looknew->current_query = NULL;
looknew->doing_xfr = ISC_FALSE;
looknew->ixfr_serial = ISC_FALSE;
looknew->ixfr_serial = 0;
looknew->trace = ISC_FALSE;
looknew->trace_root = ISC_FALSE;
looknew->identify = ISC_FALSE;
@ -787,6 +791,7 @@ make_empty_lookup(void) {
looknew->new_search = ISC_FALSE;
looknew->done_as_is = ISC_FALSE;
looknew->need_search = ISC_FALSE;
dns_fixedname_init(&looknew->fdomain);
ISC_LINK_INIT(looknew, link);
ISC_LIST_INIT(looknew->q);
ISC_LIST_INIT(looknew->my_server_list);
@ -862,6 +867,8 @@ clone_lookup(dig_lookup_t *lookold, isc_boolean_t servers) {
looknew->tsigctx = NULL;
looknew->need_search = lookold->need_search;
looknew->done_as_is = lookold->done_as_is;
dns_name_copy(dns_fixedname_name(&lookold->fdomain),
dns_fixedname_name(&looknew->fdomain), NULL);
if (servers)
clone_server_list(lookold->my_server_list,
@ -925,6 +932,11 @@ setup_text_key(void) {
secretsize = isc_buffer_usedlength(&secretbuf);
if (hmacname == NULL) {
result = DST_R_UNSUPPORTEDALG;
goto failure;
}
result = dns_name_fromtext(&keyname, namebuf, dns_rootname, 0, namebuf);
if (result != ISC_R_SUCCESS)
goto failure;
@ -1698,6 +1710,9 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section)
isc_result_t result;
isc_boolean_t success = ISC_FALSE;
int numLookups = 0;
int num;
isc_result_t lresult, addresses_result;
char bad_namestr[DNS_NAME_FORMATSIZE];
dns_name_t *domain;
isc_boolean_t horizontal = ISC_FALSE, bad = ISC_FALSE;
@ -1705,6 +1720,8 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section)
debug("following up %s", query->lookup->textname);
addresses_result = ISC_R_SUCCESS;
bad_namestr[0] = '\0';
for (result = dns_message_firstname(msg, section);
result == ISC_R_SUCCESS;
result = dns_message_nextname(msg, section)) {
@ -1783,15 +1800,27 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section)
lookup->trace_root = ISC_FALSE;
if (lookup->ns_search_only)
lookup->recurse = ISC_FALSE;
dns_fixedname_init(&lookup->fdomain);
domain = dns_fixedname_name(&lookup->fdomain);
dns_name_copy(name, domain, NULL);
}
debug("adding server %s", namestr);
numLookups += getaddresses(lookup, namestr);
num = getaddresses(lookup, namestr, &lresult);
if (lresult != ISC_R_SUCCESS) {
debug("couldn't get address for '%s': %s",
namestr, isc_result_totext(lresult));
if (addresses_result == ISC_R_SUCCESS) {
addresses_result = lresult;
strcpy(bad_namestr, namestr);
}
}
numLookups += num;
dns_rdata_reset(&rdata);
}
}
if (numLookups == 0 && addresses_result != ISC_R_SUCCESS) {
fatal("couldn't get address for '%s': %s",
bad_namestr, isc_result_totext(result));
}
if (lookup == NULL &&
section == DNS_SECTION_ANSWER &&
@ -1838,12 +1867,10 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section)
* Return ISC_TRUE iff there was another searchlist entry.
*/
static isc_boolean_t
next_origin(dns_message_t *msg, dig_query_t *query) {
next_origin(dig_query_t *query) {
dig_lookup_t *lookup;
dig_searchlist_t *search;
UNUSED(msg);
INSIST(!free_now);
debug("next_origin()");
@ -2318,7 +2345,7 @@ send_done(isc_task_t *_task, isc_event_t *event) {
query->waiting_senddone = ISC_FALSE;
l = query->lookup;
if (l->ns_search_only && !l->trace_root) {
if (l->ns_search_only && !l->trace_root && !l->tcp_mode) {
debug("sending next, since searching");
next = ISC_LIST_NEXT(query, link);
if (next != NULL)
@ -2865,8 +2892,10 @@ check_for_more_data(dig_query_t *query, dns_message_t *msg,
dns_rdataset_t *rdataset = NULL;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_soa_t soa;
isc_uint32_t serial;
isc_uint32_t ixfr_serial = query->lookup->ixfr_serial, serial;
isc_result_t result;
isc_boolean_t ixfr = query->lookup->rdtype == dns_rdatatype_ixfr;
isc_boolean_t axfr = query->lookup->rdtype == dns_rdatatype_axfr;
debug("check_for_more_data()");
@ -2916,6 +2945,7 @@ check_for_more_data(dig_query_t *query, dns_message_t *msg,
query->second_rr_rcvd = ISC_TRUE;
query->second_rr_serial = 0;
debug("got the second rr as nonsoa");
axfr = ISC_TRUE;
goto next_rdata;
}
@ -2925,6 +2955,7 @@ check_for_more_data(dig_query_t *query, dns_message_t *msg,
*/
if (rdata.type != dns_rdatatype_soa)
goto next_rdata;
/* Now we have an SOA. Work with it. */
debug("got an SOA");
result = dns_rdata_tostruct(&rdata, &soa, NULL);
@ -2934,15 +2965,17 @@ check_for_more_data(dig_query_t *query, dns_message_t *msg,
if (!query->first_soa_rcvd) {
query->first_soa_rcvd = ISC_TRUE;
query->first_rr_serial = serial;
debug("this is the first %d",
query->lookup->ixfr_serial);
if (query->lookup->ixfr_serial >=
serial)
debug("this is the first serial %u",
serial);
if (ixfr && isc_serial_ge(ixfr_serial,
serial)) {
debug("got up to date "
"response");
goto doexit;
}
goto next_rdata;
}
if (query->lookup->rdtype ==
dns_rdatatype_axfr) {
if (axfr) {
debug("doing axfr, got second SOA");
goto doexit;
}
@ -2952,22 +2985,12 @@ check_for_more_data(dig_query_t *query, dns_message_t *msg,
"empty zone");
goto doexit;
}
debug("this is the second %d",
query->lookup->ixfr_serial);
debug("this is the second serial %u",
serial);
query->second_rr_rcvd = ISC_TRUE;
query->second_rr_serial = serial;
goto next_rdata;
}
if (query->second_rr_serial == 0) {
/*
* If the second RR was a non-SOA
* record, and we're getting any
* other SOA, then this is an
* AXFR, and we're done.
*/
debug("done, since axfr");
goto doexit;
}
/*
* If we get to this point, we're doing an
* IXFR and have to start really looking
@ -2983,7 +3006,7 @@ check_for_more_data(dig_query_t *query, dns_message_t *msg,
debug("done with ixfr");
goto doexit;
}
debug("meaningless soa %d", serial);
debug("meaningless soa %u", serial);
next_rdata:
result = dns_rdataset_next(rdataset);
} while (result == ISC_R_SUCCESS);
@ -3360,7 +3383,7 @@ recv_done(isc_task_t *task, isc_event_t *event) {
if (!l->doing_xfr || l->xfr_q == query) {
if (msg->rcode != dns_rcode_noerror &&
(l->origin != NULL || l->need_search)) {
if (!next_origin(msg, query) || showsearch) {
if (!next_origin(query) || showsearch) {
printmessage(query, msg, ISC_TRUE);
received(b->used, &sevent->address, query);
}
@ -3546,7 +3569,7 @@ get_address(char *host, in_port_t port, isc_sockaddr_t *sockaddr) {
}
int
getaddresses(dig_lookup_t *lookup, const char *host) {
getaddresses(dig_lookup_t *lookup, const char *host, isc_result_t *resultp) {
isc_result_t result;
isc_sockaddr_t sockaddrs[DIG_MAX_ADDRESSES];
isc_netaddr_t netaddr;
@ -3556,9 +3579,14 @@ getaddresses(dig_lookup_t *lookup, const char *host) {
result = bind9_getaddresses(host, 0, sockaddrs,
DIG_MAX_ADDRESSES, &count);
if (result != ISC_R_SUCCESS)
fatal("couldn't get address for '%s': %s",
host, isc_result_totext(result));
if (resultp != NULL)
*resultp = result;
if (result != ISC_R_SUCCESS) {
if (resultp == NULL)
fatal("couldn't get address for '%s': %s",
host, isc_result_totext(result));
return 0;
}
for (i = 0; i < count; i++) {
isc_netaddr_fromsockaddr(&netaddr, &sockaddrs[i]);
@ -4208,7 +4236,6 @@ opentmpkey(isc_mem_t *mctx, const char *file, char **tempp, FILE **fp) {
return (result);
}
isc_result_t
get_trusted_key(isc_mem_t *mctx)
{
@ -4270,6 +4297,7 @@ get_trusted_key(isc_mem_t *mctx)
if (key != NULL)
dst_key_free(&key);
}
fclose(fp);
return (ISC_R_SUCCESS);
}

2
bin/dig/host.1
View File

@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: host.1,v 1.31 2009-07-11 01:12:45 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

2
bin/dig/host.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: host.c,v 1.124.40.3 2011-03-11 06:46:59 marka Exp $ */
/* $Id: host.c,v 1.124.40.3 2011/03/11 06:46:59 marka Exp $ */
/*! \file */

2
bin/dig/host.docbook
View File

@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: host.docbook,v 1.20 2009-01-20 23:47:56 tbox Exp $ -->
<!-- $Id: host.docbook,v 1.20 2009/01/20 23:47:56 tbox Exp $ -->
<refentry id="man.host">
<refentryinfo>

10
bin/dig/host.html
View File

@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: host.html,v 1.30 2009-07-11 01:12:45 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">host</code> [<code class="option">-aCdlnrsTwv</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-N <em class="replaceable"><code>ndots</code></em></code>] [<code class="option">-R <em class="replaceable"><code>number</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-W <em class="replaceable"><code>wait</code></em></code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-4</code>] [<code class="option">-6</code>] {name} [server]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543434"></a><h2>DESCRIPTION</h2>
<a name="id2543436"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">host</strong></span>
is a simple utility for performing DNS lookups.
It is normally used to convert names to IP addresses and vice versa.
@ -184,7 +184,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543800"></a><h2>IDN SUPPORT</h2>
<a name="id2543802"></a><h2>IDN SUPPORT</h2>
<p>
If <span><strong class="command">host</strong></span> has been built with IDN (internationalized
domain name) support, it can accept and display non-ASCII domain names.
@ -198,12 +198,12 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543822"></a><h2>FILES</h2>
<a name="id2543825"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543834"></a><h2>SEE ALSO</h2>
<a name="id2543836"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>.
</p>

4
bin/dig/include/dig/dig.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dig.h,v 1.111.306.2 2011-02-28 01:19:58 tbox Exp $ */
/* $Id: dig.h,v 1.111.306.3 2011/12/07 17:23:55 each Exp $ */
#ifndef DIG_H
#define DIG_H
@ -289,7 +289,7 @@ isc_result_t
get_address(char *host, in_port_t port, isc_sockaddr_t *sockaddr);
int
getaddresses(dig_lookup_t *lookup, const char *host);
getaddresses(dig_lookup_t *lookup, const char *host, isc_result_t *resultp);
isc_result_t
get_reverse(char *reverse, size_t len, char *value, isc_boolean_t ip6_int,

2
bin/dig/nslookup.1
View File

@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: nslookup.1,v 1.16 2010-02-23 01:14:31 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

2
bin/dig/nslookup.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: nslookup.c,v 1.127.38.2 2011-02-28 01:19:58 tbox Exp $ */
/* $Id: nslookup.c,v 1.127.38.2 2011/02/28 01:19:58 tbox Exp $ */
#include <config.h>

2
bin/dig/nslookup.docbook
View File

@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: nslookup.docbook,v 1.18 2010-02-22 23:49:11 tbox Exp $ -->
<!-- $Id: nslookup.docbook,v 1.18 2010/02/22 23:49:11 tbox Exp $ -->
<!--
- Copyright (c) 1985, 1989
- The Regents of the University of California. All rights reserved.

16
bin/dig/nslookup.html
View File

@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: nslookup.html,v 1.23 2010-02-23 01:14:31 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -21,7 +21,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2476276"></a><div class="titlepage"></div>
<a name="id2476277"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>nslookup &#8212; query Internet name servers interactively</p>
@ -31,7 +31,7 @@
<div class="cmdsynopsis"><p><code class="command">nslookup</code> [<code class="option">-option</code>] [name | -] [server]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543358"></a><h2>DESCRIPTION</h2>
<a name="id2543361"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">Nslookup</strong></span>
is a program to query Internet domain name servers. <span><strong class="command">Nslookup</strong></span>
has two modes: interactive and non-interactive. Interactive mode allows
@ -43,7 +43,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543374"></a><h2>ARGUMENTS</h2>
<a name="id2543377"></a><h2>ARGUMENTS</h2>
<p>
Interactive mode is entered in the following cases:
</p>
@ -78,7 +78,7 @@ nslookup -query=hinfo -timeout=10
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543418"></a><h2>INTERACTIVE COMMANDS</h2>
<a name="id2543420"></a><h2>INTERACTIVE COMMANDS</h2>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">host</code> [<span class="optional">server</span>]</span></dt>
<dd>
@ -288,19 +288,19 @@ nslookup -query=hinfo -timeout=10
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2546284"></a><h2>FILES</h2>
<a name="id2546286"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2546296"></a><h2>SEE ALSO</h2>
<a name="id2546298"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2546330"></a><h2>Author</h2>
<a name="id2546332"></a><h2>Author</h2>
<p>
Andrew Cherenson
</p>

2
bin/dnssec/Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.42 2009-12-05 23:31:40 each Exp $
# $Id: Makefile.in,v 1.42 2009/12/05 23:31:40 each Exp $
srcdir = @srcdir@
VPATH = @srcdir@

2
bin/dnssec/dnssec-dsfromkey.8
View File

@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dnssec-dsfromkey.8,v 1.13 2010-12-24 01:14:20 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

13
bin/dnssec/dnssec-dsfromkey.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2008-2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2008-2011 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-dsfromkey.c,v 1.19 2010-12-23 04:07:59 marka Exp $ */
/* $Id: dnssec-dsfromkey.c,v 1.19.14.2 2011/09/05 23:45:53 tbox Exp $ */
/*! \file */
@ -265,12 +265,10 @@ emit(unsigned int dtype, isc_boolean_t showall, char *lookaside,
fatal("can't print class");
isc_buffer_usedregion(&nameb, &r);
isc_util_fwrite(r.base, 1, r.length, stdout);
putchar(' ');
printf("%.*s ", (int)r.length, r.base);
isc_buffer_usedregion(&classb, &r);
isc_util_fwrite(r.base, 1, r.length, stdout);
printf("%.*s", (int)r.length, r.base);
if (lookaside == NULL)
printf(" DS ");
@ -278,8 +276,7 @@ emit(unsigned int dtype, isc_boolean_t showall, char *lookaside,
printf(" DLV ");
isc_buffer_usedregion(&textb, &r);
isc_util_fwrite(r.base, 1, r.length, stdout);
putchar('\n');
printf("%.*s\n", (int)r.length, r.base);
}
ISC_PLATFORM_NORETURN_PRE static void

2
bin/dnssec/dnssec-dsfromkey.docbook
View File

@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-dsfromkey.docbook,v 1.12 2010-12-23 23:47:08 tbox Exp $ -->
<!-- $Id: dnssec-dsfromkey.docbook,v 1.12 2010/12/23 23:47:08 tbox Exp $ -->
<refentry id="man.dnssec-dsfromkey">
<refentryinfo>
<date>August 26, 2009</date>

16
bin/dnssec/dnssec-dsfromkey.html
View File

@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-dsfromkey.html,v 1.13 2010-12-24 01:14:19 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -32,14 +32,14 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code> {-s} [<code class="option">-1</code>] [<code class="option">-2</code>] [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-s</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-A</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {dnsname}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543464"></a><h2>DESCRIPTION</h2>
<a name="id2543465"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-dsfromkey</strong></span>
outputs the Delegation Signer (DS) resource record (RR), as defined in
RFC 3658 and RFC 4509, for the given key(s).
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543476"></a><h2>OPTIONS</h2>
<a name="id2543477"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-1</span></dt>
<dd><p>
@ -100,7 +100,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543662"></a><h2>EXAMPLE</h2>
<a name="id2543664"></a><h2>EXAMPLE</h2>
<p>
To build the SHA-256 DS RR from the
<strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
@ -115,7 +115,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543692"></a><h2>FILES</h2>
<a name="id2543693"></a><h2>FILES</h2>
<p>
The keyfile can be designed by the key identification
<code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
@ -129,13 +129,13 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543728"></a><h2>CAVEAT</h2>
<a name="id2543729"></a><h2>CAVEAT</h2>
<p>
A keyfile error can give a "file not found" even if the file exists.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543737"></a><h2>SEE ALSO</h2>
<a name="id2543738"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -145,7 +145,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543777"></a><h2>AUTHOR</h2>
<a name="id2543778"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
bin/dnssec/dnssec-keyfromlabel.8
View File

@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dnssec-keyfromlabel.8,v 1.18.14.2 2011-02-28 02:37:42 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

14
bin/dnssec/dnssec-keyfromlabel.c
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-keyfromlabel.c,v 1.32.14.2 2011-03-12 04:59:14 tbox Exp $ */
/* $Id: dnssec-keyfromlabel.c,v 1.32.14.4 2011/11/30 00:51:38 marka Exp $ */
/*! \file */
@ -110,7 +110,8 @@ usage(void) {
int
main(int argc, char **argv) {
char *algname = NULL, *nametype = NULL, *type = NULL;
char *algname = NULL, *freeit = NULL;
char *nametype = NULL, *type = NULL;
const char *directory = NULL;
#ifdef USE_PKCS11
const char *engine = "pkcs11";
@ -342,6 +343,9 @@ main(int argc, char **argv) {
algname = strdup(DEFAULT_NSEC3_ALGORITHM);
else
algname = strdup(DEFAULT_ALGORITHM);
if (algname == NULL)
fatal("strdup failed");
freeit = algname;
if (verbose > 0)
fprintf(stderr, "no algorithm specified; "
"defaulting to %s\n", algname);
@ -514,8 +518,7 @@ main(int argc, char **argv) {
* is a risk of ID collision due to this key or another key
* being revoked.
*/
if (key_collision(dst_key_id(key), name, directory, alg, mctx, &exact))
{
if (key_collision(key, name, directory, mctx, &exact)) {
isc_buffer_clear(&buf);
ret = dst_key_buildfilename(key, 0, directory, &buf);
if (ret != ISC_R_SUCCESS)
@ -560,5 +563,8 @@ main(int argc, char **argv) {
isc_mem_free(mctx, label);
isc_mem_destroy(&mctx);
if (freeit != NULL)
free(freeit);
return (0);
}

2
bin/dnssec/dnssec-keyfromlabel.docbook
View File

@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-keyfromlabel.docbook,v 1.18.14.2 2011-02-28 01:19:58 tbox Exp $ -->
<!-- $Id: dnssec-keyfromlabel.docbook,v 1.18.14.2 2011/02/28 01:19:58 tbox Exp $ -->
<refentry id="man.dnssec-keyfromlabel">
<refentryinfo>
<date>February 8, 2008</date>

14
bin/dnssec/dnssec-keyfromlabel.html
View File

@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-keyfromlabel.html,v 1.17.14.2 2011-02-28 02:37:42 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -31,7 +31,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-keyfromlabel</code> {-l <em class="replaceable"><code>label</code></em>} [<code class="option">-3</code>] [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-k</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-y</code>] {name}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543494"></a><h2>DESCRIPTION</h2>
<a name="id2543495"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-keyfromlabel</strong></span>
gets keys with the given label from a crypto hardware and builds
key files for DNSSEC (Secure DNS), as defined in RFC 2535
@ -44,7 +44,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543512"></a><h2>OPTIONS</h2>
<a name="id2543513"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
@ -163,7 +163,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543876"></a><h2>TIMING OPTIONS</h2>
<a name="id2543877"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@ -210,7 +210,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544042"></a><h2>GENERATED KEY FILES</h2>
<a name="id2544043"></a><h2>GENERATED KEY FILES</h2>
<p>
When <span><strong class="command">dnssec-keyfromlabel</strong></span> completes
successfully,
@ -249,7 +249,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544115"></a><h2>SEE ALSO</h2>
<a name="id2544116"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -257,7 +257,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544148"></a><h2>AUTHOR</h2>
<a name="id2544149"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
bin/dnssec/dnssec-keygen.8
View File

@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dnssec-keygen.8,v 1.55 2010-12-24 01:14:19 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

14
bin/dnssec/dnssec-keygen.c
View File

@ -29,7 +29,7 @@
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-keygen.c,v 1.115.14.2 2011-03-12 04:59:14 tbox Exp $ */
/* $Id: dnssec-keygen.c,v 1.115.14.4 2011/11/30 00:51:38 marka Exp $ */
/*! \file */
@ -197,7 +197,8 @@ progress(int p)
int
main(int argc, char **argv) {
char *algname = NULL, *nametype = NULL, *type = NULL;
char *algname = NULL, *freeit = NULL;
char *nametype = NULL, *type = NULL;
char *classname = NULL;
char *endp;
dst_key_t *key = NULL;
@ -509,6 +510,9 @@ main(int argc, char **argv) {
algname = strdup(DEFAULT_NSEC3_ALGORITHM);
else
algname = strdup(DEFAULT_ALGORITHM);
if (algname == NULL)
fatal("strdup failed");
freeit = algname;
if (verbose > 0)
fprintf(stderr, "no algorithm specified; "
"defaulting to %s\n", algname);
@ -965,8 +969,7 @@ main(int argc, char **argv) {
* if there is a risk of ID collision due to this key
* or another key being revoked.
*/
if (key_collision(dst_key_id(key), name, directory,
alg, mctx, NULL)) {
if (key_collision(key, name, directory, mctx, NULL)) {
conflict = ISC_TRUE;
if (null_key) {
dst_key_free(&key);
@ -1020,5 +1023,8 @@ main(int argc, char **argv) {
isc_mem_stats(mctx, stdout);
isc_mem_destroy(&mctx);
if (freeit != NULL)
free(freeit);
return (0);
}

2
bin/dnssec/dnssec-keygen.docbook
View File

@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-keygen.docbook,v 1.36 2010-12-23 04:07:59 marka Exp $ -->
<!-- $Id: dnssec-keygen.docbook,v 1.36 2010/12/23 04:07:59 marka Exp $ -->
<refentry id="man.dnssec-keygen">
<refentryinfo>
<date>June 30, 2000</date>

16
bin/dnssec/dnssec-keygen.html
View File

@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-keygen.html,v 1.47 2010-12-24 01:14:20 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-3</code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-C</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-e</code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-g <em class="replaceable"><code>generator</code></em></code>] [<code class="option">-h</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-k</code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-q</code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S <em class="replaceable"><code>key</code></em></code>] [<code class="option">-s <em class="replaceable"><code>strength</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-z</code>] {name}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543578"></a><h2>DESCRIPTION</h2>
<a name="id2543579"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-keygen</strong></span>
generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
and RFC 4034. It can also generate keys for use with
@ -46,7 +46,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543596"></a><h2>OPTIONS</h2>
<a name="id2543597"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
@ -248,7 +248,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544301"></a><h2>TIMING OPTIONS</h2>
<a name="id2544166"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@ -319,7 +319,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544491"></a><h2>GENERATED KEYS</h2>
<a name="id2544356"></a><h2>GENERATED KEYS</h2>
<p>
When <span><strong class="command">dnssec-keygen</strong></span> completes
successfully,
@ -365,7 +365,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544642"></a><h2>EXAMPLE</h2>
<a name="id2544506"></a><h2>EXAMPLE</h2>
<p>
To generate a 768-bit DSA key for the domain
<strong class="userinput"><code>example.com</code></strong>, the following command would be
@ -386,7 +386,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544685"></a><h2>SEE ALSO</h2>
<a name="id2544550"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 2539</em>,
@ -395,7 +395,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544716"></a><h2>AUTHOR</h2>
<a name="id2544581"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

13
bin/dnssec/dnssec-revoke.8
View File

@ -1,4 +1,4 @@
.\" Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2011 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dnssec-revoke.8,v 1.9 2010-05-19 01:14:14 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l
@ -32,7 +32,7 @@
dnssec\-revoke \- Set the REVOKED bit on a DNSSEC key
.SH "SYNOPSIS"
.HP 14
\fBdnssec\-revoke\fR [\fB\-hr\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-f\fR] {keyfile}
\fBdnssec\-revoke\fR [\fB\-hr\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-f\fR] [\fB\-R\fR] {keyfile}
.SH "DESCRIPTION"
.PP
\fBdnssec\-revoke\fR
@ -70,6 +70,11 @@ Force overwrite: Causes
\fBdnssec\-revoke\fR
to write the new key pair even if a file already exists matching the algorithm and key ID of the revoked key.
.RE
.PP
\-R
.RS 4
Print the key tag of the key with the REVOKE bit set but do not revoke the key.
.RE
.SH "SEE ALSO"
.PP
\fBdnssec\-keygen\fR(8),
@ -79,5 +84,5 @@ RFC 5011.
.PP
Internet Systems Consortium
.SH "COPYRIGHT"
Copyright \(co 2009 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2011 Internet Systems Consortium, Inc. ("ISC")
.br

14
bin/dnssec/dnssec-revoke.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2009, 2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2009-2011 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-revoke.c,v 1.22 2010-05-06 23:50:56 tbox Exp $ */
/* $Id: dnssec-revoke.c,v 1.22.124.2 2011/10/20 23:46:27 tbox Exp $ */
/*! \file */
@ -92,6 +92,7 @@ main(int argc, char **argv) {
isc_buffer_t buf;
isc_boolean_t force = ISC_FALSE;
isc_boolean_t remove = ISC_FALSE;
isc_boolean_t id = ISC_FALSE;
if (argc == 1)
usage();
@ -104,7 +105,7 @@ main(int argc, char **argv) {
isc_commandline_errprint = ISC_FALSE;
while ((ch = isc_commandline_parse(argc, argv, "E:fK:rhv:")) != -1) {
while ((ch = isc_commandline_parse(argc, argv, "E:fK:rRhv:")) != -1) {
switch (ch) {
case 'E':
engine = isc_commandline_argument;
@ -126,6 +127,9 @@ main(int argc, char **argv) {
case 'r':
remove = ISC_TRUE;
break;
case 'R':
id = ISC_TRUE;
break;
case 'v':
verbose = strtol(isc_commandline_argument, &endp, 0);
if (*endp != '\0')
@ -186,6 +190,10 @@ main(int argc, char **argv) {
fatal("Invalid keyfile name %s: %s",
filename, isc_result_totext(result));
if (id) {
fprintf(stdout, "%u\n", dst_key_rid(key));
goto cleanup;
}
dst_key_format(key, keystr, sizeof(keystr));
if (verbose > 2)

16
bin/dnssec/dnssec-revoke.docbook
View File

@ -2,7 +2,7 @@
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
[<!ENTITY mdash "&#8212;">]>
<!--
- Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2011 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-revoke.docbook,v 1.7 2009-11-03 21:44:46 each Exp $ -->
<!-- $Id: dnssec-revoke.docbook,v 1.7.266.2 2011/10/20 23:46:27 tbox Exp $ -->
<refentry id="man.dnssec-revoke">
<refentryinfo>
<date>June 1, 2009</date>
@ -37,6 +37,7 @@
<docinfo>
<copyright>
<year>2009</year>
<year>2011</year>
<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
</copyright>
</docinfo>
@ -49,6 +50,7 @@
<arg><option>-K <replaceable class="parameter">directory</replaceable></option></arg>
<arg><option>-E <replaceable class="parameter">engine</replaceable></option></arg>
<arg><option>-f</option></arg>
<arg><option>-R</option></arg>
<arg choice="req">keyfile</arg>
</cmdsynopsis>
</refsynopsisdiv>
@ -123,6 +125,16 @@
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-R</term>
<listitem>
<para>
Print the key tag of the key with the REVOKE bit set but do
not revoke the key.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>

19
bin/dnssec/dnssec-revoke.html
View File

@ -1,5 +1,5 @@
<!--
- Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2011 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-revoke.html,v 1.9 2010-05-19 01:14:14 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -28,10 +28,10 @@
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code> [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] {keyfile}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code> [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] [<code class="option">-R</code>] {keyfile}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543373"></a><h2>DESCRIPTION</h2>
<a name="id2543382"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-revoke</strong></span>
reads a DNSSEC key file, sets the REVOKED bit on the key as defined
in RFC 5011, and creates a new pair of key files containing the
@ -39,7 +39,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543385"></a><h2>OPTIONS</h2>
<a name="id2543394"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-h</span></dt>
<dd><p>
@ -69,17 +69,22 @@
write the new key pair even if a file already exists matching
the algorithm and key ID of the revoked key.
</p></dd>
<dt><span class="term">-R</span></dt>
<dd><p>
Print the key tag of the key with the REVOKE bit set but do
not revoke the key.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543491"></a><h2>SEE ALSO</h2>
<a name="id2543512"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 5011</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543515"></a><h2>AUTHOR</h2>
<a name="id2543537"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

4
bin/dnssec/dnssec-settime.8
View File

@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dnssec-settime.8,v 1.14.70.1 2011-03-22 02:37:44 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l
@ -52,7 +52,7 @@ simply prints the key timing metadata already stored in the key.
.PP
When key metadata fields are changed, both files of a key pair (\fIKnnnn.+aaa+iiiii.key\fR
and
\fIKnnnn.+aaa+iiiii.private\fR) are regenerated. Metadata fields are stored in the private file. A human\-readable description of the metadata is also placed in comments in the key file.
\fIKnnnn.+aaa+iiiii.private\fR) are regenerated. Metadata fields are stored in the private file. A human\-readable description of the metadata is also placed in comments in the key file. The private file's permissions are always set to be inaccessible to anyone other than the owner (mode 0600).
.SH "OPTIONS"
.PP
\-f

2
bin/dnssec/dnssec-settime.c
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-settime.c,v 1.28.16.3 2011-06-02 20:24:11 each Exp $ */
/* $Id: dnssec-settime.c,v 1.28.16.3 2011/06/02 20:24:11 each Exp $ */
/*! \file */

5
bin/dnssec/dnssec-settime.docbook
View File

@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-settime.docbook,v 1.11.70.2 2011-03-21 23:46:58 tbox Exp $ -->
<!-- $Id: dnssec-settime.docbook,v 1.11.70.3 2011/11/03 20:21:30 each Exp $ -->
<refentry id="man.dnssec-settime">
<refentryinfo>
<date>July 15, 2009</date>
@ -82,7 +82,8 @@
<filename>Knnnn.+aaa+iiiii.private</filename>) are regenerated.
Metadata fields are stored in the private file. A human-readable
description of the metadata is also placed in comments in the key
file.
file. The private file's permissions are always set to be
inaccessible to anyone other than the owner (mode 0600).
</para>
</refsect1>

17
bin/dnssec/dnssec-settime.html
View File

@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-settime.html,v 1.14.70.1 2011-03-22 02:37:44 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -31,7 +31,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-settime</code> [<code class="option">-f</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] {keyfile}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543422"></a><h2>DESCRIPTION</h2>
<a name="id2543424"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-settime</strong></span>
reads a DNSSEC private key file and sets the key timing metadata
as specified by the <code class="option">-P</code>, <code class="option">-A</code>,
@ -52,11 +52,12 @@
<code class="filename">Knnnn.+aaa+iiiii.private</code>) are regenerated.
Metadata fields are stored in the private file. A human-readable
description of the metadata is also placed in comments in the key
file.
file. The private file's permissions are always set to be
inaccessible to anyone other than the owner (mode 0600).
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543470"></a><h2>OPTIONS</h2>
<a name="id2543472"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-f</span></dt>
<dd><p>
@ -89,7 +90,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543562"></a><h2>TIMING OPTIONS</h2>
<a name="id2543563"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@ -168,7 +169,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543701"></a><h2>PRINTING OPTIONS</h2>
<a name="id2543770"></a><h2>PRINTING OPTIONS</h2>
<p>
<span><strong class="command">dnssec-settime</strong></span> can also be used to print the
timing metadata associated with a key.
@ -194,7 +195,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543915"></a><h2>SEE ALSO</h2>
<a name="id2543848"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -202,7 +203,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543948"></a><h2>AUTHOR</h2>
<a name="id2543881"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
bin/dnssec/dnssec-signzone.8
View File

@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dnssec-signzone.8,v 1.59 2009-12-04 01:13:44 tbox Exp $
.\" $Id$
.\"
.hy 0
.ad l

2
bin/dnssec/dnssec-signzone.c
View File

@ -29,7 +29,7 @@
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-signzone.c,v 1.262.110.9 2011-07-19 23:47:12 tbox Exp $ */
/* $Id: dnssec-signzone.c,v 1.262.110.9 2011/07/19 23:47:12 tbox Exp $ */
/*! \file */

2
bin/dnssec/dnssec-signzone.docbook
View File

@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-signzone.docbook,v 1.44 2009-12-03 23:18:16 each Exp $ -->
<!-- $Id: dnssec-signzone.docbook,v 1.44 2009/12/03 23:18:16 each Exp $ -->
<refentry id="man.dnssec-signzone">
<refentryinfo>
<date>June 05, 2009</date>

12
bin/dnssec/dnssec-signzone.html
View File

@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-signzone.html,v 1.45 2009-12-04 01:13:44 tbox Exp $ -->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-signzone</code> [<code class="option">-a</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-e <em class="replaceable"><code>end-time</code></em></code>] [<code class="option">-f <em class="replaceable"><code>output-file</code></em></code>] [<code class="option">-g</code>] [<code class="option">-h</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-I <em class="replaceable"><code>input-format</code></em></code>] [<code class="option">-j <em class="replaceable"><code>jitter</code></em></code>] [<code class="option">-N <em class="replaceable"><code>soa-serial-format</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-O <em class="replaceable"><code>output-format</code></em></code>] [<code class="option">-p</code>] [<code class="option">-P</code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S</code>] [<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>] [<code class="option">-T <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-t</code>] [<code class="option">-u</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-x</code>] [<code class="option">-z</code>] [<code class="option">-3 <em class="replaceable"><code>salt</code></em></code>] [<code class="option">-H <em class="replaceable"><code>iterations</code></em></code>] [<code class="option">-A</code>] {zonefile} [key...]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543596"></a><h2>DESCRIPTION</h2>
<a name="id2543597"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-signzone</strong></span>
signs a zone. It generates
NSEC and RRSIG records and produces a signed version of the
@ -43,7 +43,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543611"></a><h2>OPTIONS</h2>
<a name="id2543612"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a</span></dt>
<dd><p>
@ -379,7 +379,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544896"></a><h2>EXAMPLE</h2>
<a name="id2544965"></a><h2>EXAMPLE</h2>
<p>
The following command signs the <strong class="userinput"><code>example.com</code></strong>
zone with the DSA key generated by <span><strong class="command">dnssec-keygen</strong></span>
@ -409,14 +409,14 @@ db.example.com.signed
%</pre>
</div>
<div class="refsect1" lang="en">
<a name="id2545019"></a><h2>SEE ALSO</h2>
<a name="id2545020"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 4033</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545044"></a><h2>AUTHOR</h2>
<a name="id2545045"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

25
bin/dnssec/dnssectool.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2004, 2005, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004, 2005, 2007, 2009-2011 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssectool.c,v 1.60 2010-01-19 23:48:56 tbox Exp $ */
/* $Id: dnssectool.c,v 1.60.162.3 2011/10/21 03:56:32 marka Exp $ */
/*! \file */
@ -406,19 +406,24 @@ set_keyversion(dst_key_t *key) {
}
isc_boolean_t
key_collision(isc_uint16_t id, dns_name_t *name, const char *dir,
dns_secalg_t alg, isc_mem_t *mctx, isc_boolean_t *exact)
key_collision(dst_key_t *dstkey, dns_name_t *name, const char *dir,
isc_mem_t *mctx, isc_boolean_t *exact)
{
isc_result_t result;
isc_boolean_t conflict = ISC_FALSE;
dns_dnsseckeylist_t matchkeys;
dns_dnsseckey_t *key = NULL;
isc_uint16_t oldid, diff;
isc_uint16_t bits = DNS_KEYFLAG_REVOKE; /* flag bits to look for */
isc_uint16_t id, oldid;
isc_uint32_t rid, roldid;
dns_secalg_t alg;
if (exact != NULL)
*exact = ISC_FALSE;
id = dst_key_id(dstkey);
rid = dst_key_rid(dstkey);
alg = dst_key_alg(dstkey);
ISC_LIST_INIT(matchkeys);
result = dns_dnssec_findmatchingkeys(name, dir, mctx, &matchkeys);
if (result == ISC_R_NOTFOUND)
@ -430,10 +435,11 @@ key_collision(isc_uint16_t id, dns_name_t *name, const char *dir,
goto next;
oldid = dst_key_id(key->key);
diff = (oldid > id) ? (oldid - id) : (id - oldid);
if ((diff & ~bits) == 0) {
roldid = dst_key_rid(key->key);
if (oldid == rid || roldid == id || id == oldid) {
conflict = ISC_TRUE;
if (diff != 0) {
if (id != oldid) {
if (verbose > 1)
fprintf(stderr, "Key ID %d could "
"collide with %d\n",
@ -461,4 +467,3 @@ key_collision(isc_uint16_t id, dns_name_t *name, const char *dir,
return (conflict);
}

9
bin/dnssec/dnssectool.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2004, 2007-2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004, 2007-2011 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssectool.h,v 1.31 2010-01-19 23:48:56 tbox Exp $ */
/* $Id: dnssectool.h,v 1.31.162.2 2011/10/20 23:46:27 tbox Exp $ */
#ifndef DNSSECTOOL_H
#define DNSSECTOOL_H 1
@ -78,6 +78,7 @@ void
set_keyversion(dst_key_t *key);
isc_boolean_t
key_collision(isc_uint16_t id, dns_name_t *name, const char *dir,
dns_secalg_t alg, isc_mem_t *mctx, isc_boolean_t *exact);
key_collision(dst_key_t *key, dns_name_t *name, const char *dir,
isc_mem_t *mctx, isc_boolean_t *exact);
#endif /* DNSSEC_DNSSECTOOL_H */

2
bin/named/Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.114.14.2 2011-03-10 23:47:25 tbox Exp $
# $Id: Makefile.in,v 1.114.14.2 2011/03/10 23:47:25 tbox Exp $
srcdir = @srcdir@
VPATH = @srcdir@

4
bin/named/bind.keys.h
View File

@ -1,6 +1,6 @@
/*
* Generated by bindkeys.pl 1.7 2011-01-04 23:47:13 tbox Exp
* From bind.keys 1.7 2011-01-03 23:45:07 each Exp
* Generated by bindkeys.pl 1.7 2011/01/04 23:47:13 tbox Exp
* From bind.keys 1.7 2011/01/03 23:45:07 each Exp
*/
#define TRUSTED_KEYS "\
# The bind.keys file is used to override the built-in DNSSEC trust anchors\n\

2
bin/named/bind9.xsl
View File

@ -15,7 +15,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: bind9.xsl,v 1.21 2009-01-27 23:47:54 tbox Exp $ -->
<!-- $Id: bind9.xsl,v 1.21 2009/01/27 23:47:54 tbox Exp $ -->
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"

6
bin/named/bind9.xsl.h
View File

@ -1,6 +1,6 @@
/*
* Generated by convertxsl.pl 1.14 2008-07-17 23:43:26 jinmei Exp
* From bind9.xsl 1.21 2009-01-27 23:47:54 tbox Exp
* Generated by convertxsl.pl 1.14 2008/07/17 23:43:26 jinmei Exp
* From bind9.xsl 1.21 2009/01/27 23:47:54 tbox Exp
*/
static char xslmsg[] =
"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
@ -20,7 +20,7 @@ static char xslmsg[] =
" - PERFORMANCE OF THIS SOFTWARE.\n"
"-->\n"
"\n"
"<!-- \045Id: bind9.xsl,v 1.21 2009-01-27 23:47:54 tbox Exp \045 -->\n"
"<!-- \045Id: bind9.xsl,v 1.21 2009/01/27 23:47:54 tbox Exp \045 -->\n"
"\n"
"<xsl:stylesheet version=\"1.0\"\n"
" xmlns:xsl=\"http://www.w3.org/1999/XSL/Transform\"\n"

6
bin/named/builtin.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2004, 2005, 2007, 2009-2011 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004, 2005, 2007, 2009-2012 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: builtin.c,v 1.20 2011-01-07 23:47:07 tbox Exp $ */
/* $Id: builtin.c,v 1.20.14.3 2012/01/11 20:19:40 ckb Exp $ */
/*! \file
* \brief
@ -300,6 +300,7 @@ do_authors_lookup(dns_sdblookup_t *lookup) {
const char **p;
static const char *authors[] = {
"Mark Andrews",
"Curtis Blackburn",
"James Brister",
"Ben Cottrell",
"Michael Graff",
@ -308,6 +309,7 @@ do_authors_lookup(dns_sdblookup_t *lookup) {
"Evan Hunt",
"JINMEI Tatuya",
"David Lawrence",
"Scott Mann",
"Danny Mayer",
"Damien Neil",
"Matt Nelson",

28
bin/named/client.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: client.c,v 1.271.10.2 2011-07-28 04:30:54 marka Exp $ */
/* $Id: client.c,v 1.271.10.4 2012/01/31 23:46:39 tbox Exp $ */
#include <config.h>
@ -934,6 +934,15 @@ ns_client_send(ns_client_t *client) {
render_opts = 0;
else
render_opts = DNS_MESSAGERENDER_OMITDNSSEC;
preferred_glue = 0;
if (client->view != NULL) {
if (client->view->preferred_glue == dns_rdatatype_a)
preferred_glue = DNS_MESSAGERENDER_PREFER_A;
else if (client->view->preferred_glue == dns_rdatatype_aaaa)
preferred_glue = DNS_MESSAGERENDER_PREFER_AAAA;
}
#ifdef ALLOW_FILTER_AAAA_ON_V4
/*
* filter-aaaa-on-v4 yes or break-dnssec option to suppress
@ -942,17 +951,15 @@ ns_client_send(ns_client_t *client) {
* that we have both AAAA and A records,
* and that we either have no signatures that the client wants
* or we are supposed to break DNSSEC.
*
* Override preferred glue if necessary.
*/
if ((client->attributes & NS_CLIENTATTR_FILTER_AAAA) != 0)
if ((client->attributes & NS_CLIENTATTR_FILTER_AAAA) != 0) {
render_opts |= DNS_MESSAGERENDER_FILTER_AAAA;
#endif
preferred_glue = 0;
if (client->view != NULL) {
if (client->view->preferred_glue == dns_rdatatype_a)
if (preferred_glue == DNS_MESSAGERENDER_PREFER_AAAA)
preferred_glue = DNS_MESSAGERENDER_PREFER_A;
else if (client->view->preferred_glue == dns_rdatatype_aaaa)
preferred_glue = DNS_MESSAGERENDER_PREFER_AAAA;
}
#endif
/*
* XXXRTH The following doesn't deal with TCP buffer resizing.
@ -2109,6 +2116,9 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp) {
client->recursionquota = NULL;
client->interface = NULL;
client->peeraddr_valid = ISC_FALSE;
#ifdef ALLOW_FILTER_AAAA_ON_V4
client->filter_aaaa = dns_v4_aaaa_ok;
#endif
ISC_EVENT_INIT(&client->ctlevent, sizeof(client->ctlevent), 0, NULL,
NS_EVENT_CLIENTCONTROL, client_start, client, client,
NULL, NULL);

2
bin/named/config.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.c,v 1.113.16.2 2011-02-28 01:19:58 tbox Exp $ */
/* $Id: config.c,v 1.113.16.2 2011/02/28 01:19:58 tbox Exp $ */
/*! \file */

2
bin/named/control.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: control.c,v 1.41 2010-12-03 22:05:19 each Exp $ */
/* $Id: control.c,v 1.41 2010/12/03 22:05:19 each Exp $ */
/*! \file */

22
bin/named/controlconf.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2004-2008, 2011 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004-2008, 2011, 2012 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: controlconf.c,v 1.60.544.2 2011-03-12 04:59:14 tbox Exp $ */
/* $Id: controlconf.c,v 1.60.544.3 2011/12/22 08:10:09 marka Exp $ */
/*! \file */
@ -373,17 +373,8 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) {
if (result == ISC_R_SUCCESS)
break;
isc_mem_put(listener->mctx, secret.rstart, REGION_SIZE(secret));
if (result == ISCCC_R_BADAUTH) {
/*
* For some reason, request is non-NULL when
* isccc_cc_fromwire returns ISCCC_R_BADAUTH.
*/
if (request != NULL)
isccc_sexpr_free(&request);
} else {
log_invalid(&conn->ccmsg, result);
goto cleanup;
}
log_invalid(&conn->ccmsg, result);
goto cleanup;
}
if (key == NULL) {
@ -1148,6 +1139,11 @@ add_listener(ns_controls_t *cp, controllistener_t **listenerp,
if (result == ISC_R_SUCCESS)
isc_socket_setname(listener->sock, "control", NULL);
#ifndef ISC_ALLOW_MAPPED
if (result == ISC_R_SUCCESS)
isc_socket_ipv6only(listener->sock, ISC_TRUE);
#endif
if (result == ISC_R_SUCCESS)
result = isc_socket_bind(listener->sock, &listener->address,
ISC_SOCKET_REUSEADDRESS);

4
bin/named/convertxsl.pl
View File

@ -14,12 +14,12 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: convertxsl.pl,v 1.14 2008-07-17 23:43:26 jinmei Exp $
# $Id: convertxsl.pl,v 1.14 2008/07/17 23:43:26 jinmei Exp $
use strict;
use warnings;
my $rev = '$Id: convertxsl.pl,v 1.14 2008-07-17 23:43:26 jinmei Exp $';
my $rev = '$Id: convertxsl.pl,v 1.14 2008/07/17 23:43:26 jinmei Exp $';
$rev =~ s/\$//g;
$rev =~ s/,v//g;
$rev =~ s/Id: //;

2
bin/named/include/dlz/dlz_dlopen_driver.h
View File

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dlz_dlopen_driver.h,v 1.1.4.4 2011-03-17 09:41:06 fdupont Exp $ */
/* $Id: dlz_dlopen_driver.h,v 1.1.4.4 2011/03/17 09:41:06 fdupont Exp $ */
#ifndef DLZ_DLOPEN_DRIVER_H
#define DLZ_DLOPEN_DRIVER_H

2
bin/named/include/named/builtin.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: builtin.h,v 1.6 2007-06-19 23:46:59 tbox Exp $ */
/* $Id: builtin.h,v 1.6 2007/06/19 23:46:59 tbox Exp $ */
#ifndef NAMED_BUILTIN_H
#define NAMED_BUILTIN_H 1

7
bin/named/include/named/client.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004-2009, 2012 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: client.h,v 1.91 2009-10-26 23:14:53 each Exp $ */
/* $Id: client.h,v 1.91.278.2 2012/01/31 23:46:39 tbox Exp $ */
#ifndef NAMED_CLIENT_H
#define NAMED_CLIENT_H 1
@ -141,6 +141,9 @@ struct ns_client {
isc_netaddr_t destaddr;
struct in6_pktinfo pktinfo;
isc_event_t ctlevent;
#ifdef ALLOW_FILTER_AAAA_ON_V4
dns_v4_aaaa_t filter_aaaa;
#endif
/*%
* Information about recent FORMERR response(s), for
* FORMERR loop avoidance. This is separate for each

2
bin/named/include/named/config.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.h,v 1.16 2009-06-11 23:47:55 tbox Exp $ */
/* $Id: config.h,v 1.16 2009/06/11 23:47:55 tbox Exp $ */
#ifndef NAMED_CONFIG_H
#define NAMED_CONFIG_H 1

2
bin/named/include/named/control.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: control.h,v 1.31 2010-08-16 22:21:06 marka Exp $ */
/* $Id: control.h,v 1.31 2010/08/16 22:21:06 marka Exp $ */
#ifndef NAMED_CONTROL_H
#define NAMED_CONTROL_H 1

2
bin/named/include/named/globals.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: globals.h,v 1.89.54.2 2011-06-17 23:47:10 tbox Exp $ */
/* $Id: globals.h,v 1.89.54.2 2011/06/17 23:47:10 tbox Exp $ */
#ifndef NAMED_GLOBALS_H
#define NAMED_GLOBALS_H 1

2
bin/named/include/named/interfacemgr.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: interfacemgr.h,v 1.33 2007-06-19 23:46:59 tbox Exp $ */
/* $Id: interfacemgr.h,v 1.33 2007/06/19 23:46:59 tbox Exp $ */
#ifndef NAMED_INTERFACEMGR_H
#define NAMED_INTERFACEMGR_H 1

2
bin/named/include/named/listenlist.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: listenlist.h,v 1.15 2007-06-19 23:46:59 tbox Exp $ */
/* $Id: listenlist.h,v 1.15 2007/06/19 23:46:59 tbox Exp $ */
#ifndef NAMED_LISTENLIST_H
#define NAMED_LISTENLIST_H 1

2
bin/named/include/named/log.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: log.h,v 1.27 2009-01-07 23:47:46 tbox Exp $ */
/* $Id: log.h,v 1.27 2009/01/07 23:47:46 tbox Exp $ */
#ifndef NAMED_LOG_H
#define NAMED_LOG_H 1

2
bin/named/include/named/logconf.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: logconf.h,v 1.17 2007-06-19 23:46:59 tbox Exp $ */
/* $Id: logconf.h,v 1.17 2007/06/19 23:46:59 tbox Exp $ */
#ifndef NAMED_LOGCONF_H
#define NAMED_LOGCONF_H 1

2
bin/named/include/named/lwaddr.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: lwaddr.h,v 1.8 2007-06-19 23:46:59 tbox Exp $ */
/* $Id: lwaddr.h,v 1.8 2007/06/19 23:46:59 tbox Exp $ */
/*! \file */

2
bin/named/include/named/lwdclient.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: lwdclient.h,v 1.20 2009-01-17 23:47:42 tbox Exp $ */
/* $Id: lwdclient.h,v 1.20 2009/01/17 23:47:42 tbox Exp $ */
#ifndef NAMED_LWDCLIENT_H
#define NAMED_LWDCLIENT_H 1

2
bin/named/include/named/lwresd.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: lwresd.h,v 1.19 2007-06-19 23:46:59 tbox Exp $ */
/* $Id: lwresd.h,v 1.19 2007/06/19 23:46:59 tbox Exp $ */
#ifndef NAMED_LWRESD_H
#define NAMED_LWRESD_H 1

2
bin/named/include/named/lwsearch.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: lwsearch.h,v 1.9 2007-06-19 23:46:59 tbox Exp $ */
/* $Id: lwsearch.h,v 1.9 2007/06/19 23:46:59 tbox Exp $ */
#ifndef NAMED_LWSEARCH_H
#define NAMED_LWSEARCH_H 1

Some files were not shown because too many files have changed in this diff Show More