From: Willem Toorop <willem@nlnetlabs.nl>
Date: Mon, 31 Oct 2016 13:01:08 +0000 (+0100)
Subject: Fix manpage & DS key generation for new HMACs
X-Git-Tag: release-1.7.0-rc1~36
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=93f1d738474d715d87413fab045e34009c501162;p=thirdparty%2Fldns.git

Fix manpage & DS key generation for new HMACs

Thanks Harald Jenny
---

diff --git a/examples/ldns-keygen.1 b/examples/ldns-keygen.1
index 734ad6d1..fea30d88 100644
--- a/examples/ldns-keygen.1
+++ b/examples/ldns-keygen.1
@@ -16,7 +16,7 @@ DNSKEY record.
 
 \fBldns-keygen\fR can also be used to create symmetric keys (for TSIG) by
 selecting the appropriate algorithm: \%\fIhmac-md5.sig-alg.reg.int\fR,
-\%\fIhmac-sha1\fR or \%\fIhmac-sha256\fR.
+\%\fIhmac-sha1\fR, \%\fIhmac-sha224\fR, \%\fIhmac-sha256\fR, \%\fIhmac-sha385\fR or \%\fIhmac-sha512\fR.
 In that case no DS record will be created and no .ds file.
 
 \fBldns-keygen\fR prints the basename for the key files:
diff --git a/examples/ldns-keygen.c b/examples/ldns-keygen.c
index e6088fbb..62b8d228 100644
--- a/examples/ldns-keygen.c
+++ b/examples/ldns-keygen.c
@@ -345,7 +345,10 @@ main(int argc, char *argv[])
 	/* print the DS to .ds */
 	if (ksk && algorithm != LDNS_SIGN_HMACMD5 &&
 		algorithm != LDNS_SIGN_HMACSHA1 &&
-		algorithm != LDNS_SIGN_HMACSHA256) {
+		algorithm != LDNS_SIGN_HMACSHA224 &&
+		algorithm != LDNS_SIGN_HMACSHA256 &&
+		algorithm != LDNS_SIGN_HMACSHA384 &&
+		algorithm != LDNS_SIGN_HMACSHA512) {
 		filename = LDNS_XMALLOC(char, strlen(owner) + 16);
 		snprintf(filename, strlen(owner) + 15, "K%s+%03u+%05u.ds", owner, algorithm, (unsigned int) ldns_key_keytag(key));
 		file = fopen(filename, "w");