\fB-o\fR \fIorigin\fR
Use this as the origin of the zone
+.TP
+\fB-u\fR
+set SOA serial to the number of seconds since 1-1-1970
+
.TP
\fB-v\fR
Print the version and exit
+.TP
+\fB-z\fR \fI[scheme:]hash\fR
+Calculate the zone's digest and add those as ZONEMD RRs. The (optional)
+`scheme' must be `simple` (or 1) and `hash' should be `sha384' (or 1) or
+`sha512' (or 2). This option can be given more than once.
+
.TP
\fB-A\fR
Sign the DNSKEY record with all keys. By default it is signed with a
fprintf(fp, " -o <domain>\torigin for the zone\n");
fprintf(fp, " -u\t\tset SOA serial to the number of seconds since 1-1-1970\n");
fprintf(fp, " -v\t\tprint version and exit\n");
- fprintf(fp, " -z <algorithm>\tAdd ZONEMD resource record\n");
- fprintf(fp, " \t"
- "<algorithm> can be 1 for SHA384 or 2 for SHA512\n");
- fprintf(fp, " \t"
- "this option can be given more than once\n");
+ fprintf(fp, " -z <[scheme:]hash>\tAdd ZONEMD resource record\n");
+ fprintf(fp, "\t\t<scheme> should be \"simple\" (or 1)\n");
+ fprintf(fp, "\t\t<hash> should be \"sha384\" or \"sha512\" (or 1 or 2)\n");
+ fprintf(fp, "\t\tthis option can be given more than once\n");
fprintf(fp, " -A\t\tsign DNSKEY with all keys instead of minimal\n");
fprintf(fp, " -U\t\tSign with every unique algorithm in the provided keys\n");
#ifndef OPENSSL_NO_ENGINE
if (!strcasecmp(str, "2") || !strcasecmp(str, "sha512"))
return LDNS_SIGN_WITH_ZONEMD_SIMPLE_SHA512;
- if (reason) *reason = reason[2];
+ if (reason) *reason = reasons[2];
return 0;
}
projects / thirdparty / ldns.git / commitdiff
