Clarify pdnsutil activate-tsig-key description

This clarifies the description of pdnsutil {de,}activate-tsig-key.
The command enables TSIG authenticated AXFR for a given zone + key,
which was not clear from the previous description.

(cherry picked from commit ad7568d52bdd29eb708e16176f8b410f0e07b891)

diff --git a/docs/manpages/pdnsutil.1.md b/docs/manpages/pdnsutil.1.md
index 3e2f5d231c1c237e674d458a9147809b9d1b606d..c58ff8c35f1bcaacd5210380b671b66033909344 100644 (file)
--- a/docs/manpages/pdnsutil.1.md
+++ b/docs/manpages/pdnsutil.1.md
@@ -133,10 +133,12 @@ require an *ALGORITHM*, the following are available:
  * hmac-sha512
 
 activate-tsig-key *ZONE* *NAME* {**master**,**slave**}
-:    Enable TSIG key *NAME* for zone *ZONE*.
+:    Enable TSIG authenticated AXFR using the key *NAME* for zone *ZONE*.
+     This sets the `TSIG-ALLOW-AXFR` (master) or `AXFR-MASTER-TSIG` (slave)
+     zone metadata.
 
 deactivate-tsig-key *ZONE* *NAME* {**master**,**slave**}
-:    Disable TSIG key *NAME* for zone *ZONE*.
+:    Disable TSIG authenticated AXFR using the key *NAME* for zone *ZONE*.
 
 delete-tsig-key *NAME*
 :    Delete the TSIG key *NAME*. Warning, this does not deactivate said key.

diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc
index ba05b99d2ad6b880de1b863db2c698d5fb38443f..d194bd8e54188ad23d382642f4175cf62bca9c54 100644 (file)
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -1903,7 +1903,7 @@ try
     cout<<"Usage: \npdnsutil [options] <command> [params ..]\n"<<endl;
     cout<<"Commands:"<<endl;
     cout<<"activate-tsig-key ZONE NAME {master|slave}"<<endl;
-    cout<<"                                   Enable TSIG key for a zone"<<endl;
+    cout<<"                                   Enable TSIG authenticated AXFR using the key NAME for ZONE"<<endl;
     cout<<"activate-zone-key ZONE KEY-ID      Activate the key with key id KEY-ID in ZONE"<<endl;
     cout<<"add-record ZONE NAME TYPE [ttl] content"<<endl;
     cout<<"             [content..]           Add one or more records to ZONE"<<endl;
@@ -1926,7 +1926,7 @@ try
     cout<<"                                   Create slave zone ZONE with master IP address master-ip"<<endl;
     cout<<"create-zone ZONE [nsname]          Create empty zone ZONE"<<endl;
     cout<<"deactivate-tsig-key ZONE NAME {master|slave}"<<endl;
-    cout<<"                                   Disable TSIG key for a zone"<<endl;
+    cout<<"                                   Disable TSIG authenticated AXFR using the key NAME for ZONE"<<endl;
     cout<<"deactivate-zone-key ZONE KEY-ID    Deactivate the key with key id KEY-ID in ZONE"<<endl;
     cout<<"delete-rrset ZONE NAME TYPE        Delete named RRSET from zone"<<endl;
     cout<<"delete-tsig-key NAME               Delete TSIG key (warning! will not unmap key!)"<<endl;