From: Jelte Jansen Date: Thu, 12 Jul 2007 13:41:14 +0000 (+0000) Subject: more manpages X-Git-Tag: ldns-1.3.0_pre_20070822~44 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6de98f625e876d528cd6dfbcdcc6f0c401e8f1f4;p=thirdparty%2Fldns.git more manpages --- diff --git a/examples/ldns-keyfetcher.1 b/examples/ldns-keyfetcher.1 index 9708261c..753d4989 100644 --- a/examples/ldns-keyfetcher.1 +++ b/examples/ldns-keyfetcher.1 @@ -3,6 +3,9 @@ ldns-keyfetcher \- retrieve the DNSSEC DNSKEYs for a zone .SH SYNOPSIS .B ldns-keyfetcher +[ +.IR OPTIONS +] .IR DOMAIN .SH DESCRIPTION @@ -15,6 +18,19 @@ the key resource record set is printed. .SH OPTIONS +\fB-4\f \fI\fR +Only use IPv4 + +\fB-6\f \fI\fR +Only use IPv6 + +\fB-h\f \fI\fR +Show a help text and exit + +\fB-i\fR +Insecurer mode; there will only be one query for the DNSKEYS. There will not +be crosschecking of all authoritative nameservers. + \fB-v\f \fIverbosity\fR Set the verbosity level. The following levels are available: @@ -31,6 +47,11 @@ Use file as the root hints file, should contain A records in presentation format. The default is /etc/named.root. You can get this file from http://www.internic.net/zones/named.root. +\fB-s\f \fI\fR +Don't print the keys to stdout, but store them in files. + +The filenames will be of the format K.+.+.key + .SH AUTHOR Written by Jelte Jansen for NLnet Labs. diff --git a/examples/ldns-keyfetcher.c b/examples/ldns-keyfetcher.c index 94f02166..2fb8ed30 100644 --- a/examples/ldns-keyfetcher.c +++ b/examples/ldns-keyfetcher.c @@ -24,10 +24,10 @@ usage(FILE *fp, char *prog) { fprintf(fp, "-4\t\tUse IPv4 only\n"); fprintf(fp, "-6\t\tUse IPv6 only\n"); fprintf(fp, "-h\t\tShow this help\n"); + fprintf(fp, "-i\t\tInsecurer mode; don't do checks, just query for the keys\n"); fprintf(fp, "-r \tUse file to read root hints from\n"); fprintf(fp, "-s\t\tDon't print the keys but store them in files\n\t\tcalled K.+.+.key\n"); fprintf(fp, "-v \tVerbosity level (0-5, not verbose-very verbose)\n"); - fprintf(fp, "-i\tInsecurer mode; don't do checks, just query for the keys\n"); } ldns_rr_list * @@ -597,6 +597,8 @@ main(int argc, char *argv[]) } else if (strncmp("-h", argv[i], 3) == 0) { usage(stdout, argv[0]); exit(EXIT_SUCCESS); + } else if (strncmp("-i", argv[i], 2) == 0) { + insecure = true; } else if (strncmp("-r", argv[i], 2) == 0) { if (strlen(argv[i]) > 2) { root_file = argv[i]+2; @@ -619,8 +621,6 @@ main(int argc, char *argv[]) verbosity = atoi(argv[i+1]); i++; } - } else if (strncmp("-i", argv[i], 2) == 0) { - insecure = true; } else { /* create a rdf from the command line arg */ if (domain) { diff --git a/examples/ldns-keygen.1 b/examples/ldns-keygen.1 index 343f5900..080361a5 100644 --- a/examples/ldns-keygen.1 +++ b/examples/ldns-keygen.1 @@ -1,6 +1,6 @@ .TH ldns-keygen 1 "30 May 2005" .SH NAME -ldns-keygen \- generate a keypair and print out the public part as a DNSKEY RR +ldns-keygen \- generate a DNSSEC key pair .SH SYNOPSIS .B ldns-keygen [ @@ -9,36 +9,40 @@ ldns-keygen \- generate a keypair and print out the public part as a DNSKEY RR .IR DOMAIN .SH DESCRIPTION -\fBldns-keygen\fR is used to generate a private/public keypair. When run it +\fBldns-keygen\fR is used to generate a private/public keypair. When run, it will create 3 files; a .key file with the public DNSKEY, a .private file with the private keydata and a .ds with the DS record of the DNSKEY record. -It prints out the basename for all these files: (K++ +It prints out the basename for these files: K++ .SH OPTIONS .TP -\fBR\fR +\fB-R\fR Generate a RSA key. .TP -\fBD\fR +\fB-D\fR Generate a DSA key. .TP -\fBk\fR +\fB-k\fR When given generate a key signing key. This just sets the flag field to 257 instead of 256. .TP -\fBb \fIbits\fR +\fB-b \fIbits\fR Use this many bits for the key length. .TP -\fbr \fdevice\fR +\fb-r \fIdevice\fR Make ldns-keygen use this file for its random data. This will default to /dev/random. +.TP +\fb-v\fR +Show the version and exit + .SH AUTHOR Written by the ldns team as an example for ldns usage. diff --git a/examples/ldns-signzone.1 b/examples/ldns-signzone.1 index 67cfeb62..1671b860 100644 --- a/examples/ldns-signzone.1 +++ b/examples/ldns-signzone.1 @@ -4,7 +4,7 @@ ldns-signzone \- sign a zonefile with DNSSEC data .SH SYNOPSIS .B ldns-signzone [ -.IR OPTION +.IR OPTIONS ] .IR ZONEFILE .IR @@ -30,19 +30,41 @@ location. Multiple keys can be specified. Set expiration date of the signatures to this date, the format can be YYYYMMDD[hhmmss], or a timestamp. +.TP +\fB-f\f \fIfile\fR +Use this file to store the signed zone in (default .signed) + .TP \fB-i\f \fIdate\fR Set inception date of the signatures to this date, the format can be YYYYMMDD[hhmmss], or a timestamp. .TP -\fB-f\f \fIfile\fR -Use this file to store the signed zone in (default .signed) +\fB-l\fR +Leave old DNSSEC RRSIGS and NSEC records intact (by default, they are removed from the zone) .TP \fB-o\f \fIorigin\fR Use this as the origin of the zone, if it cannot be read from the zonefile +.TP +\fB-v\fR +Print the version and exit + +.TP +\fB-E\f \fIname\fR +Use the EVP cryptographic engine with the given name for signing. This can have some extra options; see ENGINE OPTIONS for more information. + + +.TP +\fB-k\f \fIid,int\fR +Use the key with the given id as the signing key for algorithm int as a Zone signing key. + +.TP +\fB-K\f \fIid,int\fR +Use the key with the given id as the signing key for algorithm int as a Key signing key. + + .SH AUTHOR Written by the ldns team as an example for ldns usage.