New -p option for ldns-read-zone to prepend-pad SOA serial to take up ten characters.
answering nameserver to the answer packet in ldns_send_buffer, so
the original value may be deep freed with the ldns_resolver struct.
Thanks Michael Meisel.
+ * New -0 option for ldns-read-zone to replace inception, expiration
+ and signature rdata fields with (null). Thanks Paul Wouters.
+ * New -p option for ldns-read-zone to prepend-pad SOA serial to take
+ up ten characters.
1.6.13 2012-05-21
* New -S option for ldns-verify-zone to chase signatures online.
that is not of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are not
printed.
+.TP
+\fB-0\fR
+Print a (null) for the RRSIG inception, expiry and key data. This option
+can be used when comparing different signing systems that use the same
+DNSKEYs for signing but would have a slightly different timings/jitter.
+
.TP
\fB-h\fR
Show usage and exit
\fB-n\fR
Do not print the SOA record
+.TP
+\fB-p\fR
+Pad the SOA serial number with spaces so the number and the spaces together
+take ten characters. This is useful for in file serial number increments.
+
.TP
\fB-s\fR
Strip DNSSEC data from the zone. This option skips every record
ldns_rr_list *stripped_list;
ldns_rr *cur_rr;
ldns_rr_type cur_rr_type;
- const ldns_output_format *fmt = NULL;
+ ldns_output_format fmt = {
+ ldns_output_format_default->flags,
+ ldns_output_format_default->data
+ };
ldns_soa_serial_increment_func_t soa_serial_increment_func = NULL;
int soa_serial_increment_func_data = 0;
- while ((c = getopt(argc, argv, "bcdhnsvzS:")) != -1) {
+ while ((c = getopt(argc, argv, "0bcdhnpsvzS:")) != -1) {
switch(c) {
case 'b':
- fmt = ldns_output_format_bubblebabble;
+ fmt.flags |=
+ ( LDNS_COMMENT_BUBBLEBABBLE |
+ LDNS_COMMENT_FLAGS );
+ case '0':
+ fmt.flags |= LDNS_FMT_ZEROIZE_RRSIGS;
case 'c':
canonicalize = true;
break;
printf("\tReads the zonefile and prints it.\n");
printf("\tThe RR count of the zone is printed to stderr.\n");
printf("\t-b include bubblebabble of DS's.\n");
+ printf("\t-0 zeroize timestamps and signature in RRSIG records.\n");
printf("\t-c canonicalize all rrs in the zone.\n");
printf("\t-d only show DNSSEC data from the zone\n");
printf("\t-h show this text\n");
printf("\t-n do not print the SOA record\n");
+ printf("\t-p prepend SOA serial with spaces so"
+ " it takes exactly ten characters.\n");
printf("\t-s strip DNSSEC data from the zone\n");
printf("\t-S [[+|-]<number> | YYYYMMDDxx | "
" unixtime ]\n"
case 'n':
print_soa = false;
break;
+ case 'p':
+ fmt.flags |= LDNS_FMT_PAD_SOA_SERIAL;
case 's':
strip = true;
if (only_dnssec) {
, soa_serial_increment_func_data
);
}
- ldns_rr_print_fmt(stdout, fmt, ldns_zone_soa(z));
+ ldns_rr_print_fmt(stdout, &fmt, ldns_zone_soa(z));
}
- ldns_rr_list_print_fmt(stdout, fmt, ldns_zone_rrs(z));
+ ldns_rr_list_print_fmt(stdout, &fmt, ldns_zone_rrs(z));
ldns_zone_deep_free(z);
} else {
= &ldns_output_format_onlykeyids_record;
const ldns_output_format *ldns_output_format_default
= &ldns_output_format_onlykeyids_record;
+
const ldns_output_format ldns_output_format_bubblebabble_record = {
LDNS_COMMENT_KEY | LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS, NULL
};
for (i = 0; i < ldns_rr_rd_count(rr); i++) {
/* ldns_rdf2buffer_str handles NULL input fine! */
- status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i));
+ if ((fmt->flags & LDNS_FMT_ZEROIZE_RRSIGS) &&
+ (ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) &&
+ ((/* inception */ i == 4 &&
+ ldns_rdf_get_type(ldns_rr_rdf(rr, 4)) ==
+ LDNS_RDF_TYPE_TIME) ||
+ (/* expiration */ i == 5 &&
+ ldns_rdf_get_type(ldns_rr_rdf(rr, 5)) ==
+ LDNS_RDF_TYPE_TIME) ||
+ (/* signature */ i == 8 &&
+ ldns_rdf_get_type(ldns_rr_rdf(rr, 8)) ==
+ LDNS_RDF_TYPE_B64))) {
+
+ ldns_buffer_printf(output, "(null)");
+ status = ldns_buffer_status(output);
+ } else if ((fmt->flags & LDNS_FMT_PAD_SOA_SERIAL) &&
+ (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) &&
+ /* serial */ i == 2 &&
+ ldns_rdf_get_type(ldns_rr_rdf(rr, 2)) ==
+ LDNS_RDF_TYPE_INT32) {
+ ldns_buffer_printf(output, "%10lu",
+ (unsigned long) ldns_read_uint32(
+ ldns_rdf_data(ldns_rr_rdf(rr, 2))));
+ status = ldns_buffer_status(output);
+ } else {
+ status = ldns_rdf2buffer_str(output,
+ ldns_rr_rdf(rr, i));
+ }
if(status != LDNS_STATUS_OK)
return status;
if (i < ldns_rr_rd_count(rr) - 1) {
#define LDNS_COMMENT_LAYOUT 0x0080
/** Also comment KEY_ID with RRSIGS **/
#define LDNS_COMMENT_RRSIGS 0x0100
+#define LDNS_FMT_ZEROIZE_RRSIGS 0x0200
+#define LDNS_FMT_PAD_SOA_SERIAL 0x0400
/**
* Output format specifier
projects / thirdparty / ldns.git / commitdiff
