named-checkconf

Name

named-checkconf — named configuration file syntax checking tool

@@ -32,14 +32,14 @@

named-checkconf [-v] [-t directory] {filename}

DESCRIPTION

named-checkconf checks the syntax, but not the semantics, of a named configuration file.

OPTIONS

-t directory: @@ -60,21 +60,21 @@

RETURN VALUES

named-checkconf returns an exit status of 1 if errors were detected and 0 otherwise.

AUTHOR

Internet Systems Consortium

diff --git a/bin/check/named-checkzone.8 b/bin/check/named-checkzone.8 index 6fa7369f32b..c71a485714c 100644 --- a/bin/check/named-checkzone.8 +++ b/bin/check/named-checkzone.8 @@ -13,66 +13,65 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: named-checkzone.8,v 1.11.2.5 2005/05/12 23:55:33 sra Exp $ +.\" $Id: named-checkzone.8,v 1.11.2.6 2005/10/13 02:23:25 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "NAMED-CHECKZONE" 8 "June 13, 2000" "" "" -.SH NAME -named-checkzone \- zone file validity checking tool +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "NAMED\-CHECKZONE" "8" "June 13, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +named\-checkzone \- zone file validity checking tool .SH "SYNOPSIS" .HP 16 -\fBnamed\-checkzone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fIclass\fR\fR] {zonename} {filename} +\fBnamed\-checkzone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] {zonename} {filename} .SH "DESCRIPTION" .PP - \fBnamed\-checkzone\fR checks the syntax and integrity of a zone file\&. It performs the same checks as \fBnamed\fR does when loading a zone\&. This makes\fBnamed\-checkzone\fR useful for checking zone files before configuring them into a name server\&. +\fBnamed\-checkzone\fR +checks the syntax and integrity of a zone file. It performs the same checks as +\fBnamed\fR +does when loading a zone. This makes +\fBnamed\-checkzone\fR +useful for checking zone files before configuring them into a name server. .SH "OPTIONS" .TP \-d -Enable debugging\&. +Enable debugging. .TP \-q -Quiet mode \- exit code only\&. +Quiet mode \- exit code only. .TP \-v -Print the version of the \fBnamed\-checkzone\fR program and exit\&. +Print the version of the +\fBnamed\-checkzone\fR +program and exit. .TP \-j -When loading the zone file read the journal if it exists\&. +When loading the zone file read the journal if it exists. .TP \-c \fIclass\fR -Specify the class of the zone\&. If not specified "IN" is assumed\&. +Specify the class of the zone. If not specified "IN" is assumed. .TP zonename -The domain name of the zone being checked\&. +The domain name of the zone being checked. .TP filename -The name of the zone file\&. +The name of the zone file. .SH "RETURN VALUES" .PP - \fBnamed\-checkzone\fR returns an exit status of 1 if errors were detected and 0 otherwise\&. +\fBnamed\-checkzone\fR +returns an exit status of 1 if errors were detected and 0 otherwise. .SH "SEE ALSO" .PP - \fBnamed\fR(8), RFC 1035, BIND 9 Administrator Reference Manual\&. +\fBnamed\fR(8), +RFC 1035, +BIND 9 Administrator Reference Manual. .SH "AUTHOR" .PP - Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/check/named-checkzone.html b/bin/check/named-checkzone.html index c01e507874c..1940a68cf45 100644 --- a/bin/check/named-checkzone.html +++ b/bin/check/named-checkzone.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + named-checkzone - +

Name

named-checkzone — zone file validity checking tool

@@ -32,7 +32,7 @@

named-checkzone [-d] [-j] [-q] [-v] [-c class] {zonename} {filename}

DESCRIPTION

named-checkzone checks the syntax and integrity of a zone file. It performs the same checks as named @@ -42,7 +42,7 @@

OPTIONS

-d: @@ -76,14 +76,14 @@

RETURN VALUES

named-checkzone returns an exit status of 1 if errors were detected and 0 otherwise.

AUTHOR

Internet Systems Consortium

diff --git a/bin/dig/dig.1 b/bin/dig/dig.1 index e5c9ea0cd60..3526420ddc4 100644 --- a/bin/dig/dig.1 +++ b/bin/dig/dig.1 @@ -13,198 +13,367 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: dig.1,v 1.14.2.8 2005/05/12 23:55:34 sra Exp $ +.\" $Id: dig.1,v 1.14.2.9 2005/10/13 02:23:26 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "DIG" 1 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "DIG" "1" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" dig \- DNS lookup utility .SH "SYNOPSIS" .HP 4 -\fBdig\fR [@server] [\fB\-b\ \fIaddress\fR\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-f\ \fIfilename\fR\fR] [\fB\-k\ \fIfilename\fR\fR] [\fB\-p\ \fIport#\fR\fR] [\fB\-t\ \fItype\fR\fR] [\fB\-x\ \fIaddr\fR\fR] [\fB\-y\ \fIname:key\fR\fR] [name] [type] [class] [queryopt...] +\fBdig\fR [@server] [\fB\-b\ \fR\fB\fIaddress\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-f\ \fR\fB\fIfilename\fR\fR] [\fB\-k\ \fR\fB\fIfilename\fR\fR] [\fB\-p\ \fR\fB\fIport#\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-x\ \fR\fB\fIaddr\fR\fR] [\fB\-y\ \fR\fB\fIname:key\fR\fR] [name] [type] [class] [queryopt...] .HP 4 \fBdig\fR [\fB\-h\fR] .HP 4 \fBdig\fR [global\-queryopt...] [query...] .SH "DESCRIPTION" .PP - \fBdig\fR (domain information groper) is a flexible tool for interrogating DNS name servers\&. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried\&. Most DNS administrators use \fBdig\fR to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output\&. Other lookup tools tend to have less functionality than \fBdig\fR\&. +\fBdig\fR +(domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use +\fBdig\fR +to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than +\fBdig\fR. .PP -Although \fBdig\fR is normally used with command\-line arguments, it also has a batch mode of operation for reading lookup requests from a file\&. A brief summary of its command\-line arguments and options is printed when the \fB\-h\fR option is given\&. Unlike earlier versions, the BIND9 implementation of \fBdig\fR allows multiple lookups to be issued from the command line\&. +Although +\fBdig\fR +is normally used with command\-line arguments, it also has a batch mode of operation for reading lookup requests from a file. A brief summary of its command\-line arguments and options is printed when the +\fB\-h\fR +option is given. Unlike earlier versions, the BIND9 implementation of +\fBdig\fR +allows multiple lookups to be issued from the command line. .PP -Unless it is told to query a specific name server, \fBdig\fR will try each of the servers listed in \fI/etc/resolv\&.conf\fR\&. +Unless it is told to query a specific name server, +\fBdig\fR +will try each of the servers listed in +\fI/etc/resolv.conf\fR. .PP -When no command line arguments or options are given, will perform an NS query for "\&." (the root)\&. +When no command line arguments or options are given, will perform an NS query for "." (the root). .PP -It is possible to set per user defaults for \fBdig\fR via \fI${HOME}/\&.digrc\fR\&. This file is read and any options in it are applied before the command line arguments\&. +It is possible to set per user defaults for +\fBdig\fR +via +\fI${HOME}/.digrc\fR. This file is read and any options in it are applied before the command line arguments. .SH "SIMPLE USAGE" .PP -A typical invocation of \fBdig\fR looks like: +A typical invocation of +\fBdig\fR +looks like: +.sp .nf dig @server name type .fi - where: +.sp +where: .TP \fBserver\fR -is the name or IP address of the name server to query\&. This can be an IPv4 address in dotted\-decimal notation or an IPv6 address in colon\-delimited notation\&. When the supplied \fIserver\fR argument is a hostname, \fBdig\fR resolves that name before querying that name server\&. If no \fIserver\fR argument is provided, \fBdig\fR consults \fI/etc/resolv\&.conf\fR and queries the name servers listed there\&. The reply from the name server that responds is displayed\&. +is the name or IP address of the name server to query. This can be an IPv4 address in dotted\-decimal notation or an IPv6 address in colon\-delimited notation. When the supplied +\fIserver\fR +argument is a hostname, +\fBdig\fR +resolves that name before querying that name server. If no +\fIserver\fR +argument is provided, +\fBdig\fR +consults +\fI/etc/resolv.conf\fR +and queries the name servers listed there. The reply from the name server that responds is displayed. .TP \fBname\fR -is the name of the resource record that is to be looked up\&. +is the name of the resource record that is to be looked up. .TP \fBtype\fR -indicates what type of query is required -- ANY, A, MX, SIG, etc\&. \fItype\fR can be any valid query type\&. If no \fItype\fR argument is supplied, \fBdig\fR will perform a lookup for an A record\&. +indicates what type of query is required \(em ANY, A, MX, SIG, etc. +\fItype\fR +can be any valid query type. If no +\fItype\fR +argument is supplied, +\fBdig\fR +will perform a lookup for an A record. .SH "OPTIONS" .PP -The \fB\-b\fR option sets the source IP address of the query to \fIaddress\fR\&. This must be a valid address on one of the host's network interfaces\&. +The +\fB\-b\fR +option sets the source IP address of the query to +\fIaddress\fR. This must be a valid address on one of the host's network interfaces. .PP -The default query class (IN for internet) is overridden by the \fB\-c\fR option\&. \fIclass\fR is any valid class, such as HS for Hesiod records or CH for CHAOSNET records\&. +The default query class (IN for internet) is overridden by the +\fB\-c\fR +option. +\fIclass\fR +is any valid class, such as HS for Hesiod records or CH for CHAOSNET records. .PP -The \fB\-f\fR option makes \fBdig \fR operate in batch mode by reading a list of lookup requests to process from the file \fIfilename\fR\&. The file contains a number of queries, one per line\&. Each entry in the file should be organised in the same way they would be presented as queries to \fBdig\fR using the command\-line interface\&. +The +\fB\-f\fR +option makes +\fBdig \fR +operate in batch mode by reading a list of lookup requests to process from the file +\fIfilename\fR. The file contains a number of queries, one per line. Each entry in the file should be organised in the same way they would be presented as queries to +\fBdig\fR +using the command\-line interface. .PP -If a non\-standard port number is to be queried, the \fB\-p\fR option is used\&. \fIport#\fR is the port number that \fBdig\fR will send its queries instead of the standard DNS port number 53\&. This option would be used to test a name server that has been configured to listen for queries on a non\-standard port number\&. +If a non\-standard port number is to be queried, the +\fB\-p\fR +option is used. +\fIport#\fR +is the port number that +\fBdig\fR +will send its queries instead of the standard DNS port number 53. This option would be used to test a name server that has been configured to listen for queries on a non\-standard port number. .PP -The \fB\-t\fR option sets the query type to \fItype\fR\&. It can be any valid query type which is supported in BIND9\&. The default query type "A", unless the \fB\-x\fR option is supplied to indicate a reverse lookup\&. A zone transfer can be requested by specifying a type of AXFR\&. When an incremental zone transfer (IXFR) is required, \fItype\fR is set to ixfr=N\&. The incremental zone transfer will contain the changes made to the zone since the serial number in the zone's SOA record was \fIN\fR\&. +The +\fB\-t\fR +option sets the query type to +\fItype\fR. It can be any valid query type which is supported in BIND9. The default query type "A", unless the +\fB\-x\fR +option is supplied to indicate a reverse lookup. A zone transfer can be requested by specifying a type of AXFR. When an incremental zone transfer (IXFR) is required, +\fItype\fR +is set to +ixfr=N. The incremental zone transfer will contain the changes made to the zone since the serial number in the zone's SOA record was +\fIN\fR. .PP -Reverse lookups \- mapping addresses to names \- are simplified by the \fB\-x\fR option\&. \fIaddr\fR is an IPv4 address in dotted\-decimal notation, or a colon\-delimited IPv6 address\&. When this option is used, there is no need to provide the \fIname\fR, \fIclass\fR and \fItype\fR arguments\&. \fBdig\fR automatically performs a lookup for a name like 11\&.12\&.13\&.10\&.in\-addr\&.arpa and sets the query type and class to PTR and IN respectively\&. By default, IPv6 addresses are looked up using the IP6\&.ARPA domain and binary labels as defined in RFC2874\&. To use the older RFC1886 method using the IP6\&.INT domain and "nibble" labels, specify the \fB\-n\fR (nibble) option\&. +Reverse lookups \- mapping addresses to names \- are simplified by the +\fB\-x\fR +option. +\fIaddr\fR +is an IPv4 address in dotted\-decimal notation, or a colon\-delimited IPv6 address. When this option is used, there is no need to provide the +\fIname\fR, +\fIclass\fR +and +\fItype\fR +arguments. +\fBdig\fR +automatically performs a lookup for a name like +11.12.13.10.in\-addr.arpa +and sets the query type and class to PTR and IN respectively. By default, IPv6 addresses are looked up using the IP6.ARPA domain and binary labels as defined in RFC2874. To use the older RFC1886 method using the IP6.INT domain and "nibble" labels, specify the +\fB\-n\fR +(nibble) option. .PP -To sign the DNS queries sent by \fBdig\fR and their responses using transaction signatures (TSIG), specify a TSIG key file using the \fB\-k\fR option\&. You can also specify the TSIG key itself on the command line using the \fB\-y\fR option; \fIname\fR is the name of the TSIG key and \fIkey\fR is the actual key\&. The key is a base\-64 encoded string, typically generated by \fBdnssec\-keygen\fR(8)\&. Caution should be taken when using the \fB\-y\fR option on multi\-user systems as the key can be visible in the output from \fBps\fR(1 ) or in the shell's history file\&. When using TSIG authentication with \fBdig\fR, the name server that is queried needs to know the key and algorithm that is being used\&. In BIND, this is done by providing appropriate \fBkey\fR and \fBserver\fR statements in \fInamed\&.conf\fR\&. +To sign the DNS queries sent by +\fBdig\fR +and their responses using transaction signatures (TSIG), specify a TSIG key file using the +\fB\-k\fR +option. You can also specify the TSIG key itself on the command line using the +\fB\-y\fR +option; +\fIname\fR +is the name of the TSIG key and +\fIkey\fR +is the actual key. The key is a base\-64 encoded string, typically generated by +\fBdnssec\-keygen\fR(8). Caution should be taken when using the +\fB\-y\fR +option on multi\-user systems as the key can be visible in the output from +\fBps\fR(1 ) +or in the shell's history file. When using TSIG authentication with +\fBdig\fR, the name server that is queried needs to know the key and algorithm that is being used. In BIND, this is done by providing appropriate +\fBkey\fR +and +\fBserver\fR +statements in +\fInamed.conf\fR. .SH "QUERY OPTIONS" .PP - \fBdig\fR provides a number of query options which affect the way in which lookups are made and the results displayed\&. Some of these set or reset flag bits in the query header, some determine which sections of the answer get printed, and others determine the timeout and retry strategies\&. +\fBdig\fR +provides a number of query options which affect the way in which lookups are made and the results displayed. Some of these set or reset flag bits in the query header, some determine which sections of the answer get printed, and others determine the timeout and retry strategies. .PP -Each query option is identified by a keyword preceded by a plus sign (+)\&. Some keywords set or reset an option\&. These may be preceded by the string no to negate the meaning of that keyword\&. Other keywords assign values to options like the timeout interval\&. They have the form \fB+keyword=value\fR\&. The query options are: +Each query option is identified by a keyword preceded by a plus sign (+). Some keywords set or reset an option. These may be preceded by the string +no +to negate the meaning of that keyword. Other keywords assign values to options like the timeout interval. They have the form +\fB+keyword=value\fR. The query options are: .TP \fB+[no]tcp\fR -Use [do not use] TCP when querying name servers\&. The default behaviour is to use UDP unless an AXFR or IXFR query is requested, in which case a TCP connection is used\&. +Use [do not use] TCP when querying name servers. The default behaviour is to use UDP unless an AXFR or IXFR query is requested, in which case a TCP connection is used. .TP \fB+[no]vc\fR -Use [do not use] TCP when querying name servers\&. This alternate syntax to \fI+[no]tcp\fR is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&. +Use [do not use] TCP when querying name servers. This alternate syntax to +\fI+[no]tcp\fR +is provided for backwards compatibility. The "vc" stands for "virtual circuit". .TP \fB+[no]ignore\fR -Ignore truncation in UDP responses instead of retrying with TCP\&. By default, TCP retries are performed\&. +Ignore truncation in UDP responses instead of retrying with TCP. By default, TCP retries are performed. .TP \fB+domain=somename\fR -Set the search list to contain the single domain \fIsomename\fR, as if specified in a \fBdomain\fR directive in \fI/etc/resolv\&.conf\fR, and enable search list processing as if the \fI+search\fR option were given\&. +Set the search list to contain the single domain +\fIsomename\fR, as if specified in a +\fBdomain\fR +directive in +\fI/etc/resolv.conf\fR, and enable search list processing as if the +\fI+search\fR +option were given. .TP \fB+[no]search\fR -Use [do not use] the search list defined by the searchlist or domain directive in \fIresolv\&.conf\fR (if any)\&. The search list is not used by default\&. +Use [do not use] the search list defined by the searchlist or domain directive in +\fIresolv.conf\fR +(if any). The search list is not used by default. .TP \fB+[no]defname\fR -Deprecated, treated as a synonym for \fI+[no]search\fR +Deprecated, treated as a synonym for +\fI+[no]search\fR .TP \fB+[no]aaonly\fR -This option does nothing\&. It is provided for compatibility with old versions of \fBdig\fR where it set an unimplemented resolver flag\&. +This option does nothing. It is provided for compatibility with old versions of +\fBdig\fR +where it set an unimplemented resolver flag. .TP \fB+[no]adflag\fR -Set [do not set] the AD (authentic data) bit in the query\&. The AD bit currently has a standard meaning only in responses, not in queries, but the ability to set the bit in the query is provided for completeness\&. +Set [do not set] the AD (authentic data) bit in the query. The AD bit currently has a standard meaning only in responses, not in queries, but the ability to set the bit in the query is provided for completeness. .TP \fB+[no]cdflag\fR -Set [do not set] the CD (checking disabled) bit in the query\&. This requests the server to not perform DNSSEC validation of responses\&. +Set [do not set] the CD (checking disabled) bit in the query. This requests the server to not perform DNSSEC validation of responses. .TP \fB+[no]recurse\fR -Toggle the setting of the RD (recursion desired) bit in the query\&. This bit is set by default, which means \fBdig\fR normally sends recursive queries\&. Recursion is automatically disabled when the \fI+nssearch\fR or \fI+trace\fR query options are used\&. +Toggle the setting of the RD (recursion desired) bit in the query. This bit is set by default, which means +\fBdig\fR +normally sends recursive queries. Recursion is automatically disabled when the +\fI+nssearch\fR +or +\fI+trace\fR +query options are used. .TP \fB+[no]nssearch\fR -When this option is set, \fBdig\fR attempts to find the authoritative name servers for the zone containing the name being looked up and display the SOA record that each name server has for the zone\&. +When this option is set, +\fBdig\fR +attempts to find the authoritative name servers for the zone containing the name being looked up and display the SOA record that each name server has for the zone. .TP \fB+[no]trace\fR -Toggle tracing of the delegation path from the root name servers for the name being looked up\&. Tracing is disabled by default\&. When tracing is enabled, \fBdig\fR makes iterative queries to resolve the name being looked up\&. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup\&. +Toggle tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When tracing is enabled, +\fBdig\fR +makes iterative queries to resolve the name being looked up. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup. .TP \fB+[no]cmd\fR -toggles the printing of the initial comment in the output identifying the version of \fBdig\fR and the query options that have been applied\&. This comment is printed by default\&. +toggles the printing of the initial comment in the output identifying the version of +\fBdig\fR +and the query options that have been applied. This comment is printed by default. .TP \fB+[no]short\fR -Provide a terse answer\&. The default is to print the answer in a verbose form\&. +Provide a terse answer. The default is to print the answer in a verbose form. .TP \fB+[no]identify\fR -Show [or do not show] the IP address and port number that supplied the answer when the \fI+short\fR option is enabled\&. If short form answers are requested, the default is not to show the source address and port number of the server that provided the answer\&. +Show [or do not show] the IP address and port number that supplied the answer when the +\fI+short\fR +option is enabled. If short form answers are requested, the default is not to show the source address and port number of the server that provided the answer. .TP \fB+[no]comments\fR -Toggle the display of comment lines in the output\&. The default is to print comments\&. +Toggle the display of comment lines in the output. The default is to print comments. .TP \fB+[no]stats\fR -This query option toggles the printing of statistics: when the query was made, the size of the reply and so on\&. The default behaviour is to print the query statistics\&. +This query option toggles the printing of statistics: when the query was made, the size of the reply and so on. The default behaviour is to print the query statistics. .TP \fB+[no]qr\fR -Print [do not print] the query as it is sent\&. By default, the query is not printed\&. +Print [do not print] the query as it is sent. By default, the query is not printed. .TP \fB+[no]question\fR -Print [do not print] the question section of a query when an answer is returned\&. The default is to print the question section as a comment\&. +Print [do not print] the question section of a query when an answer is returned. The default is to print the question section as a comment. .TP \fB+[no]answer\fR -Display [do not display] the answer section of a reply\&. The default is to display it\&. +Display [do not display] the answer section of a reply. The default is to display it. .TP \fB+[no]authority\fR -Display [do not display] the authority section of a reply\&. The default is to display it\&. +Display [do not display] the authority section of a reply. The default is to display it. .TP \fB+[no]additional\fR -Display [do not display] the additional section of a reply\&. The default is to display it\&. +Display [do not display] the additional section of a reply. The default is to display it. .TP \fB+[no]all\fR -Set or clear all display flags\&. +Set or clear all display flags. .TP \fB+time=T\fR -Sets the timeout for a query to \fIT\fR seconds\&. The default time out is 5 seconds\&. An attempt to set \fIT\fR to less than 1 will result in a query timeout of 1 second being applied\&. +Sets the timeout for a query to +\fIT\fR +seconds. The default time out is 5 seconds. An attempt to set +\fIT\fR +to less than 1 will result in a query timeout of 1 second being applied. .TP \fB+tries=T\fR -Sets the number of times to retry UDP queries to server to \fIT\fR instead of the default, 3\&. If \fIT\fR is less than or equal to zero, the number of retries is silently rounded up to 1\&. +Sets the number of times to retry UDP queries to server to +\fIT\fR +instead of the default, 3. If +\fIT\fR +is less than or equal to zero, the number of retries is silently rounded up to 1. .TP \fB+ndots=D\fR -Set the number of dots that have to appear in \fIname\fR to \fID\fR for it to be considered absolute\&. The default value is that defined using the ndots statement in \fI/etc/resolv\&.conf\fR, or 1 if no ndots statement is present\&. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the \fBsearch\fR or \fBdomain\fR directive in \fI/etc/resolv\&.conf\fR\&. +Set the number of dots that have to appear in +\fIname\fR +to +\fID\fR +for it to be considered absolute. The default value is that defined using the ndots statement in +\fI/etc/resolv.conf\fR, or 1 if no ndots statement is present. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the +\fBsearch\fR +or +\fBdomain\fR +directive in +\fI/etc/resolv.conf\fR. .TP \fB+bufsize=B\fR -Set the UDP message buffer size advertised using EDNS0 to \fIB\fR bytes\&. The maximum and minimum sizes of this buffer are 65535 and 0 respectively\&. Values outside this range are rounded up or down appropriately\&. +Set the UDP message buffer size advertised using EDNS0 to +\fIB\fR +bytes. The maximum and minimum sizes of this buffer are 65535 and 0 respectively. Values outside this range are rounded up or down appropriately. .TP \fB+[no]multiline\fR -Print records like the SOA records in a verbose multi\-line format with human\-readable comments\&. The default is to print each record on a single line, to facilitate machine parsing of the \fBdig\fR output\&. +Print records like the SOA records in a verbose multi\-line format with human\-readable comments. The default is to print each record on a single line, to facilitate machine parsing of the +\fBdig\fR +output. .TP \fB+[no]fail\fR -Do not try the next server if you receive a SERVFAIL\&. The default is to not try the next server which is the reverse of normal stub resolver behaviour\&. +Do not try the next server if you receive a SERVFAIL. The default is to not try the next server which is the reverse of normal stub resolver behaviour. .TP \fB+[no]besteffort\fR -Attempt to display the contents of messages which are malformed\&. The default is to not display malformed answers\&. +Attempt to display the contents of messages which are malformed. The default is to not display malformed answers. .TP \fB+[no]dnssec\fR -Requests DNSSEC records be sent by setting the DNSSEC OK bit (DO) in the OPT record in the additional section of the query\&. +Requests DNSSEC records be sent by setting the DNSSEC OK bit (DO) in the OPT record in the additional section of the query. .SH "MULTIPLE QUERIES" .PP -The BIND 9 implementation of \fBdig \fR supports specifying multiple queries on the command line (in addition to supporting the \fB\-f\fR batch file option)\&. Each of those queries can be supplied with its own set of flags, options and query options\&. +The BIND 9 implementation of +\fBdig \fR +supports specifying multiple queries on the command line (in addition to supporting the +\fB\-f\fR +batch file option). Each of those queries can be supplied with its own set of flags, options and query options. .PP -In this case, each \fIquery\fR argument represent an individual query in the command\-line syntax described above\&. Each consists of any of the standard options and flags, the name to be looked up, an optional query type and class and any query options that should be applied to that query\&. +In this case, each +\fIquery\fR +argument represent an individual query in the command\-line syntax described above. Each consists of any of the standard options and flags, the name to be looked up, an optional query type and class and any query options that should be applied to that query. .PP -A global set of query options, which should be applied to all queries, can also be supplied\&. These global query options must precede the first tuple of name, class, type, options, flags, and query options supplied on the command line\&. Any global query options (except the \fB+[no]cmd\fR option) can be overridden by a query\-specific set of query options\&. For example: +A global set of query options, which should be applied to all queries, can also be supplied. These global query options must precede the first tuple of name, class, type, options, flags, and query options supplied on the command line. Any global query options (except the +\fB+[no]cmd\fR +option) can be overridden by a query\-specific set of query options. For example: +.sp .nf -dig +qr www\&.isc\&.org any \-x 127\&.0\&.0\&.1 isc\&.org ns +noqr +dig +qr www.isc.org any \-x 127.0.0.1 isc.org ns +noqr .fi - shows how \fBdig\fR could be used from the command line to make three lookups: an ANY query for www\&.isc\&.org, a reverse lookup of 127\&.0\&.0\&.1 and a query for the NS records of isc\&.org\&. A global query option of \fI+qr\fR is applied, so that \fBdig\fR shows the initial query it made for each lookup\&. The final query has a local query option of \fI+noqr\fR which means that \fBdig\fR will not print the initial query when it looks up the NS records for isc\&.org\&. +.sp +shows how +\fBdig\fR +could be used from the command line to make three lookups: an ANY query for +www.isc.org, a reverse lookup of 127.0.0.1 and a query for the NS records of +isc.org. A global query option of +\fI+qr\fR +is applied, so that +\fBdig\fR +shows the initial query it made for each lookup. The final query has a local query option of +\fI+noqr\fR +which means that +\fBdig\fR +will not print the initial query when it looks up the NS records for +isc.org. .SH "FILES" .PP - \fI/etc/resolv\&.conf\fR +\fI/etc/resolv.conf\fR .PP - \fI${HOME}/\&.digrc\fR +\fI${HOME}/.digrc\fR .SH "SEE ALSO" .PP - \fBhost\fR(1), \fBnamed\fR(8), \fBdnssec\-keygen\fR(8), RFC1035\&. +\fBhost\fR(1), +\fBnamed\fR(8), +\fBdnssec\-keygen\fR(8), +RFC1035. .SH "BUGS " .PP -There are probably too many query options\&. +There are probably too many query options. diff --git a/bin/dig/dig.html b/bin/dig/dig.html index 4a5963b08c4..28bc44bc9de 100644 --- a/bin/dig/dig.html +++ b/bin/dig/dig.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + dig - +

Name

dig — DNS lookup utility

@@ -34,7 +34,7 @@

dig [global-queryopt...] [query...]

DESCRIPTION

dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and @@ -69,7 +69,7 @@ are applied before the command line arguments.

SIMPLE USAGE

A typical invocation of dig looks like:

@@ -107,7 +107,7 @@ ANY, A, MX, SIG, etc.

OPTIONS

The -b option sets the source IP address of the query to address. This must be a valid address on @@ -181,7 +181,7 @@ being used. In BIND, this is done by providing appropriate

QUERY OPTIONS

dig provides a number of query options which affect the way in which lookups are made and the results displayed. Some of @@ -396,7 +396,7 @@ in the OPT record in the additional section of the query.

MULTIPLE QUERIES

The BIND 9 implementation of dig supports specifying multiple queries on the command line (in addition to @@ -437,7 +437,7 @@ will not print the initial query when it looks up the NS records for

FILES

/etc/resolv.conf

@@ -446,7 +446,7 @@ will not print the initial query when it looks up the NS records for

BUGS

There are probably too many query options.

diff --git a/bin/dig/host.1 b/bin/dig/host.1 index bb46a31ebe5..3916d81cff2 100644 --- a/bin/dig/host.1 +++ b/bin/dig/host.1 @@ -13,67 +13,161 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: host.1,v 1.11.2.4 2005/05/12 23:55:34 sra Exp $ +.\" $Id: host.1,v 1.11.2.5 2005/10/13 02:23:26 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "HOST" 1 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "HOST" "1" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" host \- DNS lookup utility .SH "SYNOPSIS" .HP 5 -\fBhost\fR [\fB\-aCdlnrTwv\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-N\ \fIndots\fR\fR] [\fB\-R\ \fInumber\fR\fR] [\fB\-t\ \fItype\fR\fR] [\fB\-W\ \fIwait\fR\fR] {name} [server] +\fBhost\fR [\fB\-aCdlnrTwv\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-N\ \fR\fB\fIndots\fR\fR] [\fB\-R\ \fR\fB\fInumber\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-W\ \fR\fB\fIwait\fR\fR] {name} [server] .SH "DESCRIPTION" .PP - \fBhost\fR is a simple utility for performing DNS lookups\&. It is normally used to convert names to IP addresses and vice versa\&. When no arguments or options are given, \fBhost\fR prints a short summary of its command line arguments and options\&. -.PP - \fIname\fR is the domain name that is to be looked up\&. It can also be a dotted\-decimal IPv4 address or a colon\-delimited IPv6 address, in which case \fBhost\fR will by default perform a reverse lookup for that address\&. \fIserver\fR is an optional argument which is either the name or IP address of the name server that \fBhost\fR should query instead of the server or servers listed in \fI/etc/resolv\&.conf\fR\&. -.PP -The \fB\-a\fR (all) option is equivalent to setting the \fB\-v\fR option and asking \fBhost\fR to make a query of type ANY\&. -.PP -When the \fB\-C\fR option is used, \fBhost\fR will attempt to display the SOA records for zone \fIname\fR from all the listed authoritative name servers for that zone\&. The list of name servers is defined by the NS records that are found for the zone\&. -.PP -The \fB\-c\fR option instructs to make a DNS query of class \fIclass\fR\&. This can be used to lookup Hesiod or Chaosnet class resource records\&. The default class is IN (Internet)\&. -.PP -Verbose output is generated by \fBhost\fR when the \fB\-d\fR or \fB\-v\fR option is used\&. The two options are equivalent\&. They have been provided for backwards compatibility\&. In previous versions, the \fB\-d\fR option switched on debugging traces and \fB\-v\fR enabled verbose output\&. -.PP -List mode is selected by the \fB\-l\fR option\&. This makes \fBhost\fR perform a zone transfer for zone \fIname\fR\&. The argument is provided for compatibility with older implementations\&. This option is equivalent to making a query of type AXFR\&. -.PP -The \fB\-n\fR option specifies that reverse lookups of IPv6 addresses should use the IP6\&.INT domain and "nibble" labels as defined in RFC1886\&. The default is to use IP6\&.ARPA and binary labels as defined in RFC2874\&. -.PP -The \fB\-N\fR option sets the number of dots that have to be in \fIname\fR for it to be considered absolute\&. The default value is that defined using the ndots statement in \fI/etc/resolv\&.conf\fR, or 1 if no ndots statement is present\&. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the \fBsearch\fR or \fBdomain\fR directive in \fI/etc/resolv\&.conf\fR\&. -.PP -The number of UDP retries for a lookup can be changed with the \fB\-R\fR option\&. \fInumber\fR indicates how many times \fBhost\fR will repeat a query that does not get answered\&. The default number of retries is 1\&. If \fInumber\fR is negative or zero, the number of retries will default to 1\&. -.PP -Non\-recursive queries can be made via the \fB\-r\fR option\&. Setting this option clears the \fBRD\fR -- recursion desired -- bit in the query which \fBhost\fR makes\&. This should mean that the name server receiving the query will not attempt to resolve \fIname\fR\&. The \fB\-r\fR option enables \fBhost\fR to mimic the behaviour of a name server by making non\-recursive queries and expecting to receive answers to those queries that are usually referrals to other name servers\&. -.PP -By default \fBhost\fR uses UDP when making queries\&. The \fB\-T\fR option makes it use a TCP connection when querying the name server\&. TCP will be automatically selected for queries that require it, such as zone transfer (AXFR) requests\&. -.PP -The \fB\-t\fR option is used to select the query type\&. \fItype\fR can be any recognised query type: CNAME, NS, SOA, SIG, KEY, AXFR, etc\&. When no query type is specified, \fBhost\fR automatically selects an appropriate query type\&. By default it looks for A records, but if the \fB\-C\fR option was given, queries will be made for SOA records, and if \fIname\fR is a dotted\-decimal IPv4 address or colon\-delimited IPv6 address, \fBhost\fR will query for PTR records\&. -.PP -The time to wait for a reply can be controlled through the \fB\-W\fR and \fB\-w\fR options\&. The \fB\-W\fR option makes \fBhost\fR wait for \fIwait\fR seconds\&. If \fIwait\fR is less than one, the wait interval is set to one second\&. When the \fB\-w\fR option is used, \fBhost\fR will effectively wait forever for a reply\&. The time to wait for a response will be set to the number of seconds given by the hardware's maximum value for an integer quantity\&. +\fBhost\fR +is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa. When no arguments or options are given, +\fBhost\fR +prints a short summary of its command line arguments and options. +.PP +\fIname\fR +is the domain name that is to be looked up. It can also be a dotted\-decimal IPv4 address or a colon\-delimited IPv6 address, in which case +\fBhost\fR +will by default perform a reverse lookup for that address. +\fIserver\fR +is an optional argument which is either the name or IP address of the name server that +\fBhost\fR +should query instead of the server or servers listed in +\fI/etc/resolv.conf\fR. +.PP +The +\fB\-a\fR +(all) option is equivalent to setting the +\fB\-v\fR +option and asking +\fBhost\fR +to make a query of type ANY. +.PP +When the +\fB\-C\fR +option is used, +\fBhost\fR +will attempt to display the SOA records for zone +\fIname\fR +from all the listed authoritative name servers for that zone. The list of name servers is defined by the NS records that are found for the zone. +.PP +The +\fB\-c\fR +option instructs to make a DNS query of class +\fIclass\fR. This can be used to lookup Hesiod or Chaosnet class resource records. The default class is IN (Internet). +.PP +Verbose output is generated by +\fBhost\fR +when the +\fB\-d\fR +or +\fB\-v\fR +option is used. The two options are equivalent. They have been provided for backwards compatibility. In previous versions, the +\fB\-d\fR +option switched on debugging traces and +\fB\-v\fR +enabled verbose output. +.PP +List mode is selected by the +\fB\-l\fR +option. This makes +\fBhost\fR +perform a zone transfer for zone +\fIname\fR. The argument is provided for compatibility with older implementations. This option is equivalent to making a query of type AXFR. +.PP +The +\fB\-n\fR +option specifies that reverse lookups of IPv6 addresses should use the IP6.INT domain and "nibble" labels as defined in RFC1886. The default is to use IP6.ARPA and binary labels as defined in RFC2874. +.PP +The +\fB\-N\fR +option sets the number of dots that have to be in +\fIname\fR +for it to be considered absolute. The default value is that defined using the ndots statement in +\fI/etc/resolv.conf\fR, or 1 if no ndots statement is present. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the +\fBsearch\fR +or +\fBdomain\fR +directive in +\fI/etc/resolv.conf\fR. +.PP +The number of UDP retries for a lookup can be changed with the +\fB\-R\fR +option. +\fInumber\fR +indicates how many times +\fBhost\fR +will repeat a query that does not get answered. The default number of retries is 1. If +\fInumber\fR +is negative or zero, the number of retries will default to 1. +.PP +Non\-recursive queries can be made via the +\fB\-r\fR +option. Setting this option clears the +\fBRD\fR +\(em recursion desired \(em bit in the query which +\fBhost\fR +makes. This should mean that the name server receiving the query will not attempt to resolve +\fIname\fR. The +\fB\-r\fR +option enables +\fBhost\fR +to mimic the behaviour of a name server by making non\-recursive queries and expecting to receive answers to those queries that are usually referrals to other name servers. +.PP +By default +\fBhost\fR +uses UDP when making queries. The +\fB\-T\fR +option makes it use a TCP connection when querying the name server. TCP will be automatically selected for queries that require it, such as zone transfer (AXFR) requests. +.PP +The +\fB\-t\fR +option is used to select the query type. +\fItype\fR +can be any recognised query type: CNAME, NS, SOA, SIG, KEY, AXFR, etc. When no query type is specified, +\fBhost\fR +automatically selects an appropriate query type. By default it looks for A records, but if the +\fB\-C\fR +option was given, queries will be made for SOA records, and if +\fIname\fR +is a dotted\-decimal IPv4 address or colon\-delimited IPv6 address, +\fBhost\fR +will query for PTR records. +.PP +The time to wait for a reply can be controlled through the +\fB\-W\fR +and +\fB\-w\fR +options. The +\fB\-W\fR +option makes +\fBhost\fR +wait for +\fIwait\fR +seconds. If +\fIwait\fR +is less than one, the wait interval is set to one second. When the +\fB\-w\fR +option is used, +\fBhost\fR +will effectively wait forever for a reply. The time to wait for a response will be set to the number of seconds given by the hardware's maximum value for an integer quantity. .SH "FILES" .PP - \fI/etc/resolv\&.conf\fR +\fI/etc/resolv.conf\fR .SH "SEE ALSO" .PP - \fBdig\fR(1), \fBnamed\fR(8)\&. +\fBdig\fR(1), +\fBnamed\fR(8). diff --git a/bin/dig/host.html b/bin/dig/host.html index 27d72952792..e1fa3dd91e4 100644 --- a/bin/dig/host.html +++ b/bin/dig/host.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + host - +

Name

host — DNS lookup utility

@@ -32,7 +32,7 @@

host [-aCdlnrTwv] [-c class] [-N ndots] [-R number] [-t type] [-W wait] {name} [server]

DESCRIPTION

host is a simple utility for performing DNS lookups. @@ -148,13 +148,13 @@ value for an integer quantity.

FILES

/etc/resolv.conf

Name

nslookup — query Internet name servers interactively

@@ -31,7 +31,7 @@

nslookup [-option] [name | -] [server]

DESCRIPTION

Nslookup is a program to query Internet domain name servers. Nslookup @@ -43,7 +43,7 @@ domain.

ARGUMENTS

Interactive mode is entered in the following cases:

@@ -75,7 +75,7 @@ nslookup -query=hinfo -timeout=10

INTERACTIVE COMMANDS

host [server]: @@ -241,13 +241,13 @@ the lookups. Valid keywords are:

FILES

/etc/resolv.conf

Author

Andrew Cherenson

diff --git a/bin/dnssec/dnssec-keygen.8 b/bin/dnssec/dnssec-keygen.8 index f3790e3787c..a708ed3e357 100644 --- a/bin/dnssec/dnssec-keygen.8 +++ b/bin/dnssec/dnssec-keygen.8 @@ -13,111 +13,147 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: dnssec-keygen.8,v 1.19.2.4 2005/05/12 23:55:36 sra Exp $ +.\" $Id: dnssec-keygen.8,v 1.19.2.5 2005/10/13 02:23:28 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "DNSSEC-KEYGEN" 8 "June 30, 2000" "" "" -.SH NAME -dnssec-keygen \- DNSSEC key generation tool +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "DNSSEC\-KEYGEN" "8" "June 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +dnssec\-keygen \- DNSSEC key generation tool .SH "SYNOPSIS" .HP 14 -\fBdnssec\-keygen\fR {\-a\ \fIalgorithm\fR} {\-b\ \fIkeysize\fR} {\-n\ \fInametype\fR} [\fB\-c\ \fIclass\fR\fR] [\fB\-e\fR] [\fB\-g\ \fIgenerator\fR\fR] [\fB\-h\fR] [\fB\-p\ \fIprotocol\fR\fR] [\fB\-r\ \fIrandomdev\fR\fR] [\fB\-s\ \fIstrength\fR\fR] [\fB\-t\ \fItype\fR\fR] [\fB\-v\ \fIlevel\fR\fR] {name} +\fBdnssec\-keygen\fR {\-a\ \fIalgorithm\fR} {\-b\ \fIkeysize\fR} {\-n\ \fInametype\fR} [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-e\fR] [\fB\-g\ \fR\fB\fIgenerator\fR\fR] [\fB\-h\fR] [\fB\-p\ \fR\fB\fIprotocol\fR\fR] [\fB\-r\ \fR\fB\fIrandomdev\fR\fR] [\fB\-s\ \fR\fB\fIstrength\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] {name} .SH "DESCRIPTION" .PP - \fBdnssec\-keygen\fR generates keys for DNSSEC (Secure DNS), as defined in RFC 2535\&. It can also generate keys for use with TSIG (Transaction Signatures), as defined in RFC 2845\&. +\fBdnssec\-keygen\fR +generates keys for DNSSEC (Secure DNS), as defined in RFC 2535. It can also generate keys for use with TSIG (Transaction Signatures), as defined in RFC 2845. .SH "OPTIONS" .TP \-a \fIalgorithm\fR -Selects the cryptographic algorithm\&. The value of \fBalgorithm\fR must be one of RSAMD5 or RSA, DSA, DH (Diffie Hellman), or HMAC\-MD5\&. These values are case insensitive\&. -Note that for DNSSEC, DSA is a mandatory to implement algorithm, and RSA is recommended\&. For TSIG, HMAC\-MD5 is mandatory\&. +Selects the cryptographic algorithm. The value of +\fBalgorithm\fR +must be one of RSAMD5 or RSA, DSA, DH (Diffie Hellman), or HMAC\-MD5. These values are case insensitive. +.sp +Note that for DNSSEC, DSA is a mandatory to implement algorithm, and RSA is recommended. For TSIG, HMAC\-MD5 is mandatory. .TP \-b \fIkeysize\fR -Specifies the number of bits in the key\&. The choice of key size depends on the algorithm used\&. RSA keys must be between 512 and 2048 bits\&. Diffie Hellman keys must be between 128 and 4096 bits\&. DSA keys must be between 512 and 1024 bits and an exact multiple of 64\&. HMAC\-MD5 keys must be between 1 and 512 bits\&. +Specifies the number of bits in the key. The choice of key size depends on the algorithm used. RSA keys must be between 512 and 2048 bits. Diffie Hellman keys must be between 128 and 4096 bits. DSA keys must be between 512 and 1024 bits and an exact multiple of 64. HMAC\-MD5 keys must be between 1 and 512 bits. .TP \-n \fInametype\fR -Specifies the owner type of the key\&. The value of \fBnametype\fR must either be ZONE (for a DNSSEC zone key), HOST or ENTITY (for a key associated with a host), or USER (for a key associated with a user)\&. These values are case insensitive\&. +Specifies the owner type of the key. The value of +\fBnametype\fR +must either be ZONE (for a DNSSEC zone key), HOST or ENTITY (for a key associated with a host), or USER (for a key associated with a user). These values are case insensitive. .TP \-c \fIclass\fR -Indicates that the DNS record containing the key should have the specified class\&. If not specified, class IN is used\&. +Indicates that the DNS record containing the key should have the specified class. If not specified, class IN is used. .TP \-e -If generating an RSA key, use a large exponent\&. +If generating an RSA key, use a large exponent. .TP \-g \fIgenerator\fR -If generating a Diffie Hellman key, use this generator\&. Allowed values are 2 and 5\&. If no generator is specified, a known prime from RFC 2539 will be used if possible; otherwise the default is 2\&. +If generating a Diffie Hellman key, use this generator. Allowed values are 2 and 5. If no generator is specified, a known prime from RFC 2539 will be used if possible; otherwise the default is 2. .TP \-h -Prints a short summary of the options and arguments to \fBdnssec\-keygen\fR\&. +Prints a short summary of the options and arguments to +\fBdnssec\-keygen\fR. .TP \-p \fIprotocol\fR -Sets the protocol value for the generated key\&. The protocol is a number between 0 and 255\&. The default is 2 (email) for keys of type USER and 3 (DNSSEC) for all other key types\&. Other possible values for this argument are listed in RFC 2535 and its successors\&. +Sets the protocol value for the generated key. The protocol is a number between 0 and 255. The default is 2 (email) for keys of type USER and 3 (DNSSEC) for all other key types. Other possible values for this argument are listed in RFC 2535 and its successors. .TP \-r \fIrandomdev\fR -Specifies the source of randomness\&. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input\&. \fIrandomdev\fR specifies the name of a character device or file containing random data to be used instead of the default\&. The special value \fIkeyboard\fR indicates that keyboard input should be used\&. +Specifies the source of randomness. If the operating system does not provide a +\fI/dev/random\fR +or equivalent device, the default source of randomness is keyboard input. +\fIrandomdev\fR +specifies the name of a character device or file containing random data to be used instead of the default. The special value +\fIkeyboard\fR +indicates that keyboard input should be used. .TP \-s \fIstrength\fR -Specifies the strength value of the key\&. The strength is a number between 0 and 15, and currently has no defined purpose in DNSSEC\&. +Specifies the strength value of the key. The strength is a number between 0 and 15, and currently has no defined purpose in DNSSEC. .TP \-t \fItype\fR -Indicates the use of the key\&. \fBtype\fR must be one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF\&. The default is AUTHCONF\&. AUTH refers to the ability to authenticate data, and CONF the ability to encrypt data\&. +Indicates the use of the key. +\fBtype\fR +must be one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default is AUTHCONF. AUTH refers to the ability to authenticate data, and CONF the ability to encrypt data. .TP \-v \fIlevel\fR -Sets the debugging level\&. +Sets the debugging level. .SH "GENERATED KEYS" .PP -When \fBdnssec\-keygen\fR completes successfully, it prints a string of the form \fIKnnnn\&.+aaa+iiiii\fR to the standard output\&. This is an identification string for the key it has generated\&. These strings can be used as arguments to \fBdnssec\-makekeyset\fR\&. +When +\fBdnssec\-keygen\fR +completes successfully, it prints a string of the form +\fIKnnnn.+aaa+iiiii\fR +to the standard output. This is an identification string for the key it has generated. These strings can be used as arguments to +\fBdnssec\-makekeyset\fR. .TP 3 \(bu - \fInnnn\fR is the key name\&. +\fInnnn\fR +is the key name. .TP \(bu - \fIaaa\fR is the numeric representation of the algorithm\&. +\fIaaa\fR +is the numeric representation of the algorithm. .TP \(bu - \fIiiiii\fR is the key identifier (or footprint)\&. -.LP +\fIiiiii\fR +is the key identifier (or footprint). .PP - \fBdnssec\-keygen\fR creates two file, with names based on the printed string\&. \fIKnnnn\&.+aaa+iiiii\&.key\fR contains the public key, and\fIKnnnn\&.+aaa+iiiii\&.private\fR contains the private key\&. +\fBdnssec\-keygen\fR +creates two file, with names based on the printed string. +\fIKnnnn.+aaa+iiiii.key\fR +contains the public key, and +\fIKnnnn.+aaa+iiiii.private\fR +contains the private key. .PP -The \fI\&.key\fR file contains a DNS KEY record that can be inserted into a zone file (directly or with a $INCLUDE statement)\&. +The +\fI.key\fR +file contains a DNS KEY record that can be inserted into a zone file (directly or with a $INCLUDE statement). .PP -The \fI\&.private\fR file contains algorithm specific fields\&. For obvious security reasons, this file does not have general read permission\&. +The +\fI.private\fR +file contains algorithm specific fields. For obvious security reasons, this file does not have general read permission. .PP -Both \fI\&.key\fR and \fI\&.private\fR files are generated for symmetric encryption algorithm such as HMAC\-MD5, even though the public and private key are equivalent\&. +Both +\fI.key\fR +and +\fI.private\fR +files are generated for symmetric encryption algorithm such as HMAC\-MD5, even though the public and private key are equivalent. .SH "EXAMPLE" .PP -To generate a 768\-bit DSA key for the domain\fBexample\&.com\fR, the following command would be issued: +To generate a 768\-bit DSA key for the domain +\fBexample.com\fR, the following command would be issued: .PP - \fBdnssec\-keygen \-a DSA \-b 768 \-n ZONE example\&.com\fR +\fBdnssec\-keygen \-a DSA \-b 768 \-n ZONE example.com\fR .PP The command would print a string of the form: .PP - \fBKexample\&.com\&.+003+26160\fR +\fBKexample.com.+003+26160\fR .PP -In this example, \fBdnssec\-keygen\fR creates the files \fIKexample\&.com\&.+003+26160\&.key\fR and\fIKexample\&.com\&.+003+26160\&.private\fR +In this example, +\fBdnssec\-keygen\fR +creates the files +\fIKexample.com.+003+26160.key\fR +and +\fIKexample.com.+003+26160.private\fR .SH "SEE ALSO" .PP - \fBdnssec\-makekeyset\fR(8), \fBdnssec\-signkey\fR(8), \fBdnssec\-signzone\fR(8), BIND 9 Administrator Reference Manual, RFC 2535, RFC 2845, RFC 2539\&. +\fBdnssec\-makekeyset\fR(8), +\fBdnssec\-signkey\fR(8), +\fBdnssec\-signzone\fR(8), +BIND 9 Administrator Reference Manual, +RFC 2535, +RFC 2845, +RFC 2539. .SH "AUTHOR" .PP - Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/dnssec/dnssec-keygen.html b/bin/dnssec/dnssec-keygen.html index eb19aa8aeae..ab9f370ee67 100644 --- a/bin/dnssec/dnssec-keygen.html +++ b/bin/dnssec/dnssec-keygen.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + dnssec-keygen - +

Name

dnssec-keygen — DNSSEC key generation tool

@@ -32,7 +32,7 @@

dnssec-keygen {-a algorithm} {-b keysize} {-n nametype} [-c class] [-e] [-g generator] [-h] [-p protocol] [-r randomdev] [-s strength] [-t type] [-v level] {name}

DESCRIPTION

dnssec-keygen generates keys for DNSSEC (Secure DNS), as defined in RFC 2535. It can also generate @@ -41,7 +41,7 @@

OPTIONS

-a algorithm: @@ -133,7 +133,7 @@

GENERATED KEYS

When dnssec-keygen completes successfully, it prints a string of the form Knnnn.+aaa+iiiii @@ -177,7 +177,7 @@

EXAMPLE

To generate a 768-bit DSA key for the domain example.com, the following command would be @@ -199,7 +199,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/bin/dnssec/dnssec-makekeyset.8 b/bin/dnssec/dnssec-makekeyset.8 index ce1875dd380..e49930077fd 100644 --- a/bin/dnssec/dnssec-makekeyset.8 +++ b/bin/dnssec/dnssec-makekeyset.8 @@ -13,78 +13,103 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: dnssec-makekeyset.8,v 1.16.2.6 2005/05/12 23:55:36 sra Exp $ +.\" $Id: dnssec-makekeyset.8,v 1.16.2.7 2005/10/13 02:23:28 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "DNSSEC-MAKEKEYSET" 8 "June 30, 2000" "" "" -.SH NAME -dnssec-makekeyset \- DNSSEC zone signing tool +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "DNSSEC\-MAKEKEYSET" "8" "June 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +dnssec\-makekeyset \- DNSSEC zone signing tool .SH "SYNOPSIS" .HP 18 -\fBdnssec\-makekeyset\fR [\fB\-a\fR] [\fB\-s\ \fIstart\-time\fR\fR] [\fB\-e\ \fIend\-time\fR\fR] [\fB\-h\fR] [\fB\-p\fR] [\fB\-r\ \fIrandomdev\fR\fR] [\fB\-t\fR\fIttl\fR] [\fB\-v\ \fIlevel\fR\fR] {key...} +\fBdnssec\-makekeyset\fR [\fB\-a\fR] [\fB\-s\ \fR\fB\fIstart\-time\fR\fR] [\fB\-e\ \fR\fB\fIend\-time\fR\fR] [\fB\-h\fR] [\fB\-p\fR] [\fB\-r\ \fR\fB\fIrandomdev\fR\fR] [\fB\-t\fR\fIttl\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] {key...} .SH "DESCRIPTION" .PP - \fBdnssec\-makekeyset\fR generates a key set from one or more keys created by \fBdnssec\-keygen\fR\&. It creates a file containing a KEY record for each key, and self\-signs the key set with each zone key\&. The output file is of the form\fIkeyset\-nnnn\&.\fR, where \fInnnn\fR is the zone name\&. +\fBdnssec\-makekeyset\fR +generates a key set from one or more keys created by +\fBdnssec\-keygen\fR. It creates a file containing a KEY record for each key, and self\-signs the key set with each zone key. The output file is of the form +\fIkeyset\-nnnn.\fR, where +\fInnnn\fR +is the zone name. .SH "OPTIONS" .TP \-a -Verify all generated signatures\&. +Verify all generated signatures. .TP \-s \fIstart\-time\fR -Specify the date and time when the generated SIG records become valid\&. This can be either an absolute or relative time\&. An absolute start time is indicated by a number in YYYYMMDDHHMMSS notation; 20000530144500 denotes 14:45:00 UTC on May 30th, 2000\&. A relative start time is indicated by +N, which is N seconds from the current time\&. If no \fBstart\-time\fR is specified, the current time is used\&. +Specify the date and time when the generated SIG records become valid. This can be either an absolute or relative time. An absolute start time is indicated by a number in YYYYMMDDHHMMSS notation; 20000530144500 denotes 14:45:00 UTC on May 30th, 2000. A relative start time is indicated by +N, which is N seconds from the current time. If no +\fBstart\-time\fR +is specified, the current time is used. .TP \-e \fIend\-time\fR -Specify the date and time when the generated SIG records expire\&. As with \fBstart\-time\fR, an absolute time is indicated in YYYYMMDDHHMMSS notation\&. A time relative to the start time is indicated with +N, which is N seconds from the start time\&. A time relative to the current time is indicated with now+N\&. If no \fBend\-time\fR is specified, 30 days from the start time is used as a default\&. +Specify the date and time when the generated SIG records expire. As with +\fBstart\-time\fR, an absolute time is indicated in YYYYMMDDHHMMSS notation. A time relative to the start time is indicated with +N, which is N seconds from the start time. A time relative to the current time is indicated with now+N. If no +\fBend\-time\fR +is specified, 30 days from the start time is used as a default. .TP \-h -Prints a short summary of the options and arguments to \fBdnssec\-makekeyset\fR\&. +Prints a short summary of the options and arguments to +\fBdnssec\-makekeyset\fR. .TP \-p -Use pseudo\-random data when signing the zone\&. This is faster, but less secure, than using real random data\&. This option may be useful when signing large zones or when the entropy source is limited\&. +Use pseudo\-random data when signing the zone. This is faster, but less secure, than using real random data. This option may be useful when signing large zones or when the entropy source is limited. .TP \-r \fIrandomdev\fR -Specifies the source of randomness\&. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input\&. \fIrandomdev\fR specifies the name of a character device or file containing random data to be used instead of the default\&. The special value \fIkeyboard\fR indicates that keyboard input should be used\&. +Specifies the source of randomness. If the operating system does not provide a +\fI/dev/random\fR +or equivalent device, the default source of randomness is keyboard input. +\fIrandomdev\fR +specifies the name of a character device or file containing random data to be used instead of the default. The special value +\fIkeyboard\fR +indicates that keyboard input should be used. .TP \-t \fIttl\fR -Specify the TTL (time to live) of the KEY and SIG records\&. The default is 3600 seconds\&. +Specify the TTL (time to live) of the KEY and SIG records. The default is 3600 seconds. .TP \-v \fIlevel\fR -Sets the debugging level\&. +Sets the debugging level. .TP key -The list of keys to be included in the keyset file\&. These keys are expressed in the form \fIKnnnn\&.+aaa+iiiii\fR as generated by \fBdnssec\-keygen\fR\&. +The list of keys to be included in the keyset file. These keys are expressed in the form +\fIKnnnn.+aaa+iiiii\fR +as generated by +\fBdnssec\-keygen\fR. .SH "EXAMPLE" .PP -The following command generates a keyset containing the DSA key for\fBexample\&.com\fR generated in the\fBdnssec\-keygen\fR man page\&. +The following command generates a keyset containing the DSA key for +\fBexample.com\fR +generated in the +\fBdnssec\-keygen\fR +man page. .PP - \fBdnssec\-makekeyset \-t 86400 \-s 20000701120000 \-e +2592000 Kexample\&.com\&.+003+26160\fR +\fBdnssec\-makekeyset \-t 86400 \-s 20000701120000 \-e +2592000 Kexample.com.+003+26160\fR .PP -In this example, \fBdnssec\-makekeyset\fR creates the file \fIkeyset\-example\&.com\&.\fR\&. This file contains the specified key and a self\-generated signature\&. +In this example, +\fBdnssec\-makekeyset\fR +creates the file +\fIkeyset\-example.com.\fR. This file contains the specified key and a self\-generated signature. .PP -The DNS administrator for \fBexample\&.com\fR could send \fIkeyset\-example\&.com\&.\fR to the DNS administrator for \fB\&.com\fR for signing, if the \&.com zone is DNSSEC\-aware and the administrators of the two zones have some mechanism for authenticating each other and exchanging the keys and signatures securely\&. +The DNS administrator for +\fBexample.com\fR +could send +\fIkeyset\-example.com.\fR +to the DNS administrator for +\fB.com\fR +for signing, if the .com zone is DNSSEC\-aware and the administrators of the two zones have some mechanism for authenticating each other and exchanging the keys and signatures securely. .SH "SEE ALSO" .PP - \fBdnssec\-keygen\fR(8), \fBdnssec\-signkey\fR(8), BIND 9 Administrator Reference Manual, RFC 2535\&. +\fBdnssec\-keygen\fR(8), +\fBdnssec\-signkey\fR(8), +BIND 9 Administrator Reference Manual, +RFC 2535. .SH "AUTHOR" .PP - Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/dnssec/dnssec-makekeyset.html b/bin/dnssec/dnssec-makekeyset.html index 1c4de0b82a7..b8b127093cd 100644 --- a/bin/dnssec/dnssec-makekeyset.html +++ b/bin/dnssec/dnssec-makekeyset.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + dnssec-makekeyset - +

Name

dnssec-makekeyset — DNSSEC zone signing tool

@@ -32,7 +32,7 @@

dnssec-makekeyset [-a] [-s start-time] [-e end-time] [-h] [-p] [-r randomdev] [-tttl] [-v level] {key...}

DESCRIPTION

dnssec-makekeyset generates a key set from one or more keys created by dnssec-keygen. It creates @@ -43,7 +43,7 @@

OPTIONS

-a: @@ -111,7 +111,7 @@

EXAMPLE

The following command generates a keyset containing the DSA key for example.com generated in the @@ -135,7 +135,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/bin/dnssec/dnssec-signkey.8 b/bin/dnssec/dnssec-signkey.8 index 0d8797f4e99..5bee564e95b 100644 --- a/bin/dnssec/dnssec-signkey.8 +++ b/bin/dnssec/dnssec-signkey.8 @@ -13,79 +13,103 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: dnssec-signkey.8,v 1.18.2.5 2005/05/12 23:55:37 sra Exp $ +.\" $Id: dnssec-signkey.8,v 1.18.2.6 2005/10/13 02:23:28 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "DNSSEC-SIGNKEY" 8 "June 30, 2000" "" "" -.SH NAME -dnssec-signkey \- DNSSEC key set signing tool +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "DNSSEC\-SIGNKEY" "8" "June 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +dnssec\-signkey \- DNSSEC key set signing tool .SH "SYNOPSIS" .HP 15 -\fBdnssec\-signkey\fR [\fB\-a\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-s\ \fIstart\-time\fR\fR] [\fB\-e\ \fIend\-time\fR\fR] [\fB\-h\fR] [\fB\-p\fR] [\fB\-r\ \fIrandomdev\fR\fR] [\fB\-v\ \fIlevel\fR\fR] {keyset} {key...} +\fBdnssec\-signkey\fR [\fB\-a\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-s\ \fR\fB\fIstart\-time\fR\fR] [\fB\-e\ \fR\fB\fIend\-time\fR\fR] [\fB\-h\fR] [\fB\-p\fR] [\fB\-r\ \fR\fB\fIrandomdev\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] {keyset} {key...} .SH "DESCRIPTION" .PP - \fBdnssec\-signkey\fR signs a keyset\&. Typically the keyset will be for a child zone, and will have been generated by \fBdnssec\-makekeyset\fR\&. The child zone's keyset is signed with the zone keys for its parent zone\&. The output file is of the form \fIsignedkey\-nnnn\&.\fR, where\fInnnn\fR is the zone name\&. +\fBdnssec\-signkey\fR +signs a keyset. Typically the keyset will be for a child zone, and will have been generated by +\fBdnssec\-makekeyset\fR. The child zone's keyset is signed with the zone keys for its parent zone. The output file is of the form +\fIsignedkey\-nnnn.\fR, where +\fInnnn\fR +is the zone name. .SH "OPTIONS" .TP \-a -Verify all generated signatures\&. +Verify all generated signatures. .TP \-c \fIclass\fR -Specifies the DNS class of the key sets\&. +Specifies the DNS class of the key sets. .TP \-s \fIstart\-time\fR -Specify the date and time when the generated SIG records become valid\&. This can be either an absolute or relative time\&. An absolute start time is indicated by a number in YYYYMMDDHHMMSS notation; 20000530144500 denotes 14:45:00 UTC on May 30th, 2000\&. A relative start time is indicated by +N, which is N seconds from the current time\&. If no \fBstart\-time\fR is specified, the current time is used\&. +Specify the date and time when the generated SIG records become valid. This can be either an absolute or relative time. An absolute start time is indicated by a number in YYYYMMDDHHMMSS notation; 20000530144500 denotes 14:45:00 UTC on May 30th, 2000. A relative start time is indicated by +N, which is N seconds from the current time. If no +\fBstart\-time\fR +is specified, the current time is used. .TP \-e \fIend\-time\fR -Specify the date and time when the generated SIG records expire\&. As with \fBstart\-time\fR, an absolute time is indicated in YYYYMMDDHHMMSS notation\&. A time relative to the start time is indicated with +N, which is N seconds from the start time\&. A time relative to the current time is indicated with now+N\&. If no \fBend\-time\fR is specified, 30 days from the start time is used as a default\&. +Specify the date and time when the generated SIG records expire. As with +\fBstart\-time\fR, an absolute time is indicated in YYYYMMDDHHMMSS notation. A time relative to the start time is indicated with +N, which is N seconds from the start time. A time relative to the current time is indicated with now+N. If no +\fBend\-time\fR +is specified, 30 days from the start time is used as a default. .TP \-h -Prints a short summary of the options and arguments to \fBdnssec\-signkey\fR\&. +Prints a short summary of the options and arguments to +\fBdnssec\-signkey\fR. .TP \-p -Use pseudo\-random data when signing the zone\&. This is faster, but less secure, than using real random data\&. This option may be useful when signing large zones or when the entropy source is limited\&. +Use pseudo\-random data when signing the zone. This is faster, but less secure, than using real random data. This option may be useful when signing large zones or when the entropy source is limited. .TP \-r \fIrandomdev\fR -Specifies the source of randomness\&. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input\&. \fIrandomdev\fR specifies the name of a character device or file containing random data to be used instead of the default\&. The special value \fIkeyboard\fR indicates that keyboard input should be used\&. +Specifies the source of randomness. If the operating system does not provide a +\fI/dev/random\fR +or equivalent device, the default source of randomness is keyboard input. +\fIrandomdev\fR +specifies the name of a character device or file containing random data to be used instead of the default. The special value +\fIkeyboard\fR +indicates that keyboard input should be used. .TP \-v \fIlevel\fR -Sets the debugging level\&. +Sets the debugging level. .TP keyset -The file containing the child's keyset\&. +The file containing the child's keyset. .TP key -The keys used to sign the child's keyset\&. +The keys used to sign the child's keyset. .SH "EXAMPLE" .PP -The DNS administrator for a DNSSEC\-aware \fB\&.com\fR zone would use the following command to sign the\fIkeyset\fR file for \fBexample\&.com\fR created by \fBdnssec\-makekeyset\fR with a key generated by \fBdnssec\-keygen\fR: +The DNS administrator for a DNSSEC\-aware +\fB.com\fR +zone would use the following command to sign the +\fIkeyset\fR +file for +\fBexample.com\fR +created by +\fBdnssec\-makekeyset\fR +with a key generated by +\fBdnssec\-keygen\fR: .PP - \fBdnssec\-signkey keyset\-example\&.com\&. Kcom\&.+003+51944\fR +\fBdnssec\-signkey keyset\-example.com. Kcom.+003+51944\fR .PP -In this example, \fBdnssec\-signkey\fR creates the file \fIsignedkey\-example\&.com\&.\fR, which contains the \fBexample\&.com\fR keys and the signatures by the \fB\&.com\fR keys\&. +In this example, +\fBdnssec\-signkey\fR +creates the file +\fIsignedkey\-example.com.\fR, which contains the +\fBexample.com\fR +keys and the signatures by the +\fB.com\fR +keys. .SH "SEE ALSO" .PP - \fBdnssec\-keygen\fR(8), \fBdnssec\-makekeyset\fR(8), \fBdnssec\-signzone\fR(8)\&. +\fBdnssec\-keygen\fR(8), +\fBdnssec\-makekeyset\fR(8), +\fBdnssec\-signzone\fR(8). .SH "AUTHOR" .PP - Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/dnssec/dnssec-signkey.html b/bin/dnssec/dnssec-signkey.html index 67d16b98392..661d6a16bd1 100644 --- a/bin/dnssec/dnssec-signkey.html +++ b/bin/dnssec/dnssec-signkey.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + dnssec-signkey - +

Name

dnssec-signkey — DNSSEC key set signing tool

@@ -32,7 +32,7 @@

dnssec-signkey [-a] [-c class] [-s start-time] [-e end-time] [-h] [-p] [-r randomdev] [-v level] {keyset} {key...}

DESCRIPTION

dnssec-signkey signs a keyset. Typically the keyset will be for a child zone, and will have been generated @@ -43,7 +43,7 @@

OPTIONS

-a: @@ -112,7 +112,7 @@

EXAMPLE

The DNS administrator for a DNSSEC-aware .com zone would use the following command to sign the @@ -131,7 +131,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/bin/dnssec/dnssec-signzone.8 b/bin/dnssec/dnssec-signzone.8 index adb0041c43e..7cb55290300 100644 --- a/bin/dnssec/dnssec-signzone.8 +++ b/bin/dnssec/dnssec-signzone.8 @@ -13,100 +13,136 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: dnssec-signzone.8,v 1.23.2.7 2005/06/26 00:04:39 marka Exp $ +.\" $Id: dnssec-signzone.8,v 1.23.2.8 2005/10/13 02:23:28 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "DNSSEC-SIGNZONE" 8 "June 30, 2000" "" "" -.SH NAME -dnssec-signzone \- DNSSEC zone signing tool +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "DNSSEC\-SIGNZONE" "8" "June 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +dnssec\-signzone \- DNSSEC zone signing tool .SH "SYNOPSIS" .HP 16 -\fBdnssec\-signzone\fR [\fB\-a\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-d\ \fIdirectory\fR\fR] [\fB\-s\ \fIstart\-time\fR\fR] [\fB\-e\ \fIend\-time\fR\fR] [\fB\-f\ \fIoutput\-file\fR\fR] [\fB\-h\fR] [\fB\-i\ \fIinterval\fR\fR] [\fB\-n\ \fInthreads\fR\fR] [\fB\-o\ \fIorigin\fR\fR] [\fB\-p\fR] [\fB\-r\ \fIrandomdev\fR\fR] [\fB\-t\fR] [\fB\-v\ \fIlevel\fR\fR] {zonefile} [key...] +\fBdnssec\-signzone\fR [\fB\-a\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-d\ \fR\fB\fIdirectory\fR\fR] [\fB\-s\ \fR\fB\fIstart\-time\fR\fR] [\fB\-e\ \fR\fB\fIend\-time\fR\fR] [\fB\-f\ \fR\fB\fIoutput\-file\fR\fR] [\fB\-h\fR] [\fB\-i\ \fR\fB\fIinterval\fR\fR] [\fB\-n\ \fR\fB\fInthreads\fR\fR] [\fB\-o\ \fR\fB\fIorigin\fR\fR] [\fB\-p\fR] [\fB\-r\ \fR\fB\fIrandomdev\fR\fR] [\fB\-t\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] {zonefile} [key...] .SH "DESCRIPTION" .PP - \fBdnssec\-signzone\fR signs a zone\&. It generates NXT and SIG records and produces a signed version of the zone\&. If there is a \fIsignedkey\fR file from the zone's parent, the parent's signatures will be incorporated into the generated signed zone file\&. The security status of delegations from the signed zone (that is, whether the child zones are secure or not) is determined by the presence or absence of a\fIsignedkey\fR file for each child zone\&. +\fBdnssec\-signzone\fR +signs a zone. It generates NXT and SIG records and produces a signed version of the zone. If there is a +\fIsignedkey\fR +file from the zone's parent, the parent's signatures will be incorporated into the generated signed zone file. The security status of delegations from the signed zone (that is, whether the child zones are secure or not) is determined by the presence or absence of a +\fIsignedkey\fR +file for each child zone. .SH "OPTIONS" .TP \-a -Verify all generated signatures\&. +Verify all generated signatures. .TP \-c \fIclass\fR -Specifies the DNS class of the zone\&. +Specifies the DNS class of the zone. .TP \-d \fIdirectory\fR -Look for \fIsignedkey\fR files in \fBdirectory\fR as the directory +Look for +\fIsignedkey\fR +files in +\fBdirectory\fR +as the directory .TP \-s \fIstart\-time\fR -Specify the date and time when the generated SIG records become valid\&. This can be either an absolute or relative time\&. An absolute start time is indicated by a number in YYYYMMDDHHMMSS notation; 20000530144500 denotes 14:45:00 UTC on May 30th, 2000\&. A relative start time is indicated by +N, which is N seconds from the current time\&. If no \fBstart\-time\fR is specified, the current time is used\&. +Specify the date and time when the generated SIG records become valid. This can be either an absolute or relative time. An absolute start time is indicated by a number in YYYYMMDDHHMMSS notation; 20000530144500 denotes 14:45:00 UTC on May 30th, 2000. A relative start time is indicated by +N, which is N seconds from the current time. If no +\fBstart\-time\fR +is specified, the current time is used. .TP \-e \fIend\-time\fR -Specify the date and time when the generated SIG records expire\&. As with \fBstart\-time\fR, an absolute time is indicated in YYYYMMDDHHMMSS notation\&. A time relative to the start time is indicated with +N, which is N seconds from the start time\&. A time relative to the current time is indicated with now+N\&. If no \fBend\-time\fR is specified, 30 days from the start time is used as a default\&. +Specify the date and time when the generated SIG records expire. As with +\fBstart\-time\fR, an absolute time is indicated in YYYYMMDDHHMMSS notation. A time relative to the start time is indicated with +N, which is N seconds from the start time. A time relative to the current time is indicated with now+N. If no +\fBend\-time\fR +is specified, 30 days from the start time is used as a default. .TP \-f \fIoutput\-file\fR -The name of the output file containing the signed zone\&. The default is to append \fI\&.signed\fR to the input file\&. +The name of the output file containing the signed zone. The default is to append +\fI.signed\fR +to the input file. .TP \-h -Prints a short summary of the options and arguments to \fBdnssec\-signzone\fR\&. +Prints a short summary of the options and arguments to +\fBdnssec\-signzone\fR. .TP \-i \fIinterval\fR -When a previously signed zone is passed as input, records may be resigned\&. The \fBinterval\fR option specifies the cycle interval as an offset from the current time (in seconds)\&. If a SIG record expires after the cycle interval, it is retained\&. Otherwise, it is considered to be expiring soon, and it will be replaced\&. -The default cycle interval is one quarter of the difference between the signature end and start times\&. So if neither \fBend\-time\fR or \fBstart\-time\fR are specified, \fBdnssec\-signzone\fR generates signatures that are valid for 30 days, with a cycle interval of 7\&.5 days\&. Therefore, if any existing SIG records are due to expire in less than 7\&.5 days, they would be replaced\&. +When a previously signed zone is passed as input, records may be resigned. The +\fBinterval\fR +option specifies the cycle interval as an offset from the current time (in seconds). If a SIG record expires after the cycle interval, it is retained. Otherwise, it is considered to be expiring soon, and it will be replaced. +.sp +The default cycle interval is one quarter of the difference between the signature end and start times. So if neither +\fBend\-time\fR +or +\fBstart\-time\fR +are specified, +\fBdnssec\-signzone\fR +generates signatures that are valid for 30 days, with a cycle interval of 7.5 days. Therefore, if any existing SIG records are due to expire in less than 7.5 days, they would be replaced. .TP \-n \fIncpus\fR -Specifies the number of threads to use\&. By default, one thread is started for each detected CPU\&. +Specifies the number of threads to use. By default, one thread is started for each detected CPU. .TP \-o \fIorigin\fR -The zone origin\&. If not specified, the name of the zone file is assumed to be the origin\&. +The zone origin. If not specified, the name of the zone file is assumed to be the origin. .TP \-p -Use pseudo\-random data when signing the zone\&. This is faster, but less secure, than using real random data\&. This option may be useful when signing large zones or when the entropy source is limited\&. +Use pseudo\-random data when signing the zone. This is faster, but less secure, than using real random data. This option may be useful when signing large zones or when the entropy source is limited. .TP \-r \fIrandomdev\fR -Specifies the source of randomness\&. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input\&. \fIrandomdev\fR specifies the name of a character device or file containing random data to be used instead of the default\&. The special value \fIkeyboard\fR indicates that keyboard input should be used\&. +Specifies the source of randomness. If the operating system does not provide a +\fI/dev/random\fR +or equivalent device, the default source of randomness is keyboard input. +\fIrandomdev\fR +specifies the name of a character device or file containing random data to be used instead of the default. The special value +\fIkeyboard\fR +indicates that keyboard input should be used. .TP \-t -Print statistics at completion\&. +Print statistics at completion. .TP \-v \fIlevel\fR -Sets the debugging level\&. +Sets the debugging level. .TP zonefile -The file containing the zone to be signed\&. +The file containing the zone to be signed. .TP key -The keys used to sign the zone\&. If no keys are specified, the default all zone keys that have private key files in the current directory\&. +The keys used to sign the zone. If no keys are specified, the default all zone keys that have private key files in the current directory. .SH "EXAMPLE" .PP -The following command signs the \fBexample\&.com\fR zone with the DSA key generated in the \fBdnssec\-keygen\fR man page\&. The zone's keys must be in the zone\&. If there are\fIsignedkey\fR files associated with this zone or any child zones, they must be in the current directory\&.\fBexample\&.com\fR, the following command would be issued: +The following command signs the +\fBexample.com\fR +zone with the DSA key generated in the +\fBdnssec\-keygen\fR +man page. The zone's keys must be in the zone. If there are +\fIsignedkey\fR +files associated with this zone or any child zones, they must be in the current directory. +\fBexample.com\fR, the following command would be issued: .PP - \fBdnssec\-signzone \-o example\&.com db\&.example\&.com Kexample\&.com\&.+003+26160\fR +\fBdnssec\-signzone \-o example.com db.example.com Kexample.com.+003+26160\fR .PP The command would print a string of the form: .PP -In this example, \fBdnssec\-signzone\fR creates the file \fIdb\&.example\&.com\&.signed\fR\&. This file should be referenced in a zone statement in a\fInamed\&.conf\fR file\&. +In this example, +\fBdnssec\-signzone\fR +creates the file +\fIdb.example.com.signed\fR. This file should be referenced in a zone statement in a +\fInamed.conf\fR +file. .SH "SEE ALSO" .PP - \fBdnssec\-keygen\fR(8), \fBdnssec\-signkey\fR(8), BIND 9 Administrator Reference Manual, RFC 2535\&. +\fBdnssec\-keygen\fR(8), +\fBdnssec\-signkey\fR(8), +BIND 9 Administrator Reference Manual, +RFC 2535. .SH "AUTHOR" .PP - Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/dnssec/dnssec-signzone.html b/bin/dnssec/dnssec-signzone.html index 3cb21063b5f..a454e8d1433 100644 --- a/bin/dnssec/dnssec-signzone.html +++ b/bin/dnssec/dnssec-signzone.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + dnssec-signzone - +

Name

dnssec-signzone — DNSSEC zone signing tool

@@ -32,7 +32,7 @@

dnssec-signzone [-a] [-c class] [-d directory] [-s start-time] [-e end-time] [-f output-file] [-h] [-i interval] [-n nthreads] [-o origin] [-p] [-r randomdev] [-t] [-v level] {zonefile} [key...]

DESCRIPTION

dnssec-signzone signs a zone. It generates NXT and SIG records and produces a signed version of the zone. If there @@ -45,7 +45,7 @@

OPTIONS

-a: @@ -162,7 +162,7 @@

EXAMPLE

The following command signs the example.com zone with the DSA key generated in the dnssec-keygen @@ -186,7 +186,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/bin/named/lwresd.8 b/bin/named/lwresd.8 index cf2e354bccc..0a3c3364a87 100644 --- a/bin/named/lwresd.8 +++ b/bin/named/lwresd.8 @@ -13,96 +13,128 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwresd.8,v 1.13.2.4 2005/05/12 23:55:38 sra Exp $ +.\" $Id: lwresd.8,v 1.13.2.5 2005/10/13 02:23:29 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRESD" 8 "June 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRESD" "8" "June 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwresd \- lightweight resolver daemon .SH "SYNOPSIS" .HP 7 -\fBlwresd\fR [\fB\-C\ \fIconfig\-file\fR\fR] [\fB\-d\ \fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-i\ \fIpid\-file\fR\fR] [\fB\-n\ \fI#cpus\fR\fR] [\fB\-P\ \fIport\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fIdirectory\fR\fR] [\fB\-u\ \fIuser\fR\fR] [\fB\-v\fR] +\fBlwresd\fR [\fB\-C\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-i\ \fR\fB\fIpid\-file\fR\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-P\ \fR\fB\fIport\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] .SH "DESCRIPTION" .PP -\fBlwresd\fR is the daemon providing name lookup services to clients that use the BIND 9 lightweight resolver library\&. It is essentially a stripped\-down, caching\-only name server that answers queries using the BIND 9 lightweight resolver protocol rather than the DNS protocol\&. +\fBlwresd\fR +is the daemon providing name lookup services to clients that use the BIND 9 lightweight resolver library. It is essentially a stripped\-down, caching\-only name server that answers queries using the BIND 9 lightweight resolver protocol rather than the DNS protocol. .PP -\fBlwresd\fR listens for resolver queries on a UDP port on the IPv4 loopback interface, 127\&.0\&.0\&.1\&. This means that \fBlwresd\fR can only be used by processes running on the local machine\&. By default UDP port number 921 is used for lightweight resolver requests and responses\&. +\fBlwresd\fR +listens for resolver queries on a UDP port on the IPv4 loopback interface, 127.0.0.1. This means that +\fBlwresd\fR +can only be used by processes running on the local machine. By default UDP port number 921 is used for lightweight resolver requests and responses. .PP -Incoming lightweight resolver requests are decoded by the server which then resolves them using the DNS protocol\&. When the DNS lookup completes, \fBlwresd\fR encodes the answers in the lightweight resolver format and returns them to the client that made the request\&. +Incoming lightweight resolver requests are decoded by the server which then resolves them using the DNS protocol. When the DNS lookup completes, +\fBlwresd\fR +encodes the answers in the lightweight resolver format and returns them to the client that made the request. .PP -If \fI/etc/resolv\&.conf\fR contains any\fBnameserver\fR entries, \fBlwresd\fR sends recursive DNS queries to those servers\&. This is similar to the use of forwarders in a caching name server\&. If no\fBnameserver\fR entries are present, or if forwarding fails, \fBlwresd\fR resolves the queries autonomously starting at the root name servers, using a built\-in list of root server hints\&. +If +\fI/etc/resolv.conf\fR +contains any +\fBnameserver\fR +entries, +\fBlwresd\fR +sends recursive DNS queries to those servers. This is similar to the use of forwarders in a caching name server. If no +\fBnameserver\fR +entries are present, or if forwarding fails, +\fBlwresd\fR +resolves the queries autonomously starting at the root name servers, using a built\-in list of root server hints. .SH "OPTIONS" .TP \-C \fIconfig\-file\fR -Use \fIconfig\-file\fR as the configuration file instead of the default,\fI/etc/resolv\&.conf\fR\&. +Use +\fIconfig\-file\fR +as the configuration file instead of the default, +\fI/etc/resolv.conf\fR. .TP \-d \fIdebug\-level\fR -Set the daemon's debug level to \fIdebug\-level\fR\&. Debugging traces from \fBlwresd\fR become more verbose as the debug level increases\&. +Set the daemon's debug level to +\fIdebug\-level\fR. Debugging traces from +\fBlwresd\fR +become more verbose as the debug level increases. .TP \-f -Run the server in the foreground (i\&.e\&. do not daemonize)\&. +Run the server in the foreground (i.e. do not daemonize). .TP \-g -Run the server in the foreground and force all logging to \fIstderr\fR\&. +Run the server in the foreground and force all logging to +\fIstderr\fR. .TP \-n \fI#cpus\fR -Create \fI#cpus\fR worker threads to take advantage of multiple CPUs\&. If not specified,\fBlwresd\fR will try to determine the number of CPUs present and create one thread per CPU\&. If it is unable to determine the number of CPUs, a single worker thread will be created\&. +Create +\fI#cpus\fR +worker threads to take advantage of multiple CPUs. If not specified, +\fBlwresd\fR +will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. .TP \-P \fIport\fR -Listen for lightweight resolver queries on port\fIport\fR\&. If not specified, the default is port 921\&. +Listen for lightweight resolver queries on port +\fIport\fR. If not specified, the default is port 921. .TP \-p \fIport\fR -Send DNS lookups to port \fIport\fR\&. If not specified, the default is port 53\&. This provides a way of testing the lightweight resolver daemon with a name server that listens for queries on a non\-standard port number\&. +Send DNS lookups to port +\fIport\fR. If not specified, the default is port 53. This provides a way of testing the lightweight resolver daemon with a name server that listens for queries on a non\-standard port number. .TP \-s -Write memory usage statistics to \fIstdout\fR on exit\&. +Write memory usage statistics to +\fIstdout\fR +on exit. .RS .B "Note:" -This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release\&. +This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release. .RE .TP \-t \fIdirectory\fR -\fBchroot()\fR to \fIdirectory\fR after processing the command line arguments, but before reading the configuration file\&. +\fBchroot()\fR +to +\fIdirectory\fR +after processing the command line arguments, but before reading the configuration file. .RS .B "Warning:" -This option should be used in conjunction with the\fB\-u\fR option, as chrooting a process running as root doesn't enhance security on most systems; the way \fBchroot()\fR is defined allows a process with root privileges to escape a chroot jail\&. +This option should be used in conjunction with the +\fB\-u\fR +option, as chrooting a process running as root doesn't enhance security on most systems; the way +\fBchroot()\fR +is defined allows a process with root privileges to escape a chroot jail. .RE .TP \-u \fIuser\fR -\fBsetuid()\fR to \fIuser\fR after completing privileged operations, such as creating sockets that listen on privileged ports\&. +\fBsetuid()\fR +to +\fIuser\fR +after completing privileged operations, such as creating sockets that listen on privileged ports. .TP \-v -Report the version number and exit\&. +Report the version number and exit. .SH "FILES" .TP -\fI/etc/resolv\&.conf\fR -The default configuration file\&. +\fI/etc/resolv.conf\fR +The default configuration file. .TP -\fI/var/run/lwresd\&.pid\fR -The default process\-id file\&. +\fI/var/run/lwresd.pid\fR +The default process\-id file. .SH "SEE ALSO" .PP -\fBnamed\fR(8),\fBlwres\fR(3),\fBresolver\fR(5)\&. +\fBnamed\fR(8), +\fBlwres\fR(3), +\fBresolver\fR(5). .SH "AUTHOR" .PP -Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/named/lwresd.html b/bin/named/lwresd.html index a6073e75e85..d9fc331bcf6 100644 --- a/bin/named/lwresd.html +++ b/bin/named/lwresd.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwresd - +

Name

lwresd — lightweight resolver daemon

@@ -32,7 +32,7 @@

lwresd [-C config-file] [-d debug-level] [-f] [-g] [-i pid-file] [-n #cpus] [-P port] [-p port] [-s] [-t directory] [-u user] [-v]

DESCRIPTION

lwresd is the daemon providing name lookup services to clients that use the BIND 9 lightweight resolver @@ -67,7 +67,7 @@

OPTIONS

-C config-file: @@ -159,7 +159,7 @@

FILES

/etc/resolv.conf: @@ -172,7 +172,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/bin/named/named.8 b/bin/named/named.8 index 05685b6d53b..08f5e8733d0 100644 --- a/bin/named/named.8 +++ b/bin/named/named.8 @@ -13,114 +13,156 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: named.8,v 1.17.2.4 2005/05/12 23:55:39 sra Exp $ +.\" $Id: named.8,v 1.17.2.5 2005/10/13 02:23:29 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "NAMED" 8 "June 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "NAMED" "8" "June 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" named \- Internet domain name server .SH "SYNOPSIS" .HP 6 -\fBnamed\fR [\fB\-c\ \fIconfig\-file\fR\fR] [\fB\-d\ \fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fI#cpus\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fIdirectory\fR\fR] [\fB\-u\ \fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fIcache\-file\fR\fR] +\fBnamed\fR [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] .SH "DESCRIPTION" .PP -\fBnamed\fR is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC\&. For more information on the DNS, see RFCs 1033, 1034, and 1035\&. +\fBnamed\fR +is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more information on the DNS, see RFCs 1033, 1034, and 1035. .PP -When invoked without arguments, \fBnamed\fR will read the default configuration file\fI/etc/named\&.conf\fR, read any initial data, and listen for queries\&. +When invoked without arguments, +\fBnamed\fR +will read the default configuration file +\fI/etc/named.conf\fR, read any initial data, and listen for queries. .SH "OPTIONS" .TP \-c \fIconfig\-file\fR -Use \fIconfig\-file\fR as the configuration file instead of the default,\fI/etc/named\&.conf\fR\&. To ensure that reloading the configuration file continues to work after the server has changed its working directory due to to a possible\fBdirectory\fR option in the configuration file, \fIconfig\-file\fR should be an absolute pathname\&. +Use +\fIconfig\-file\fR +as the configuration file instead of the default, +\fI/etc/named.conf\fR. To ensure that reloading the configuration file continues to work after the server has changed its working directory due to to a possible +\fBdirectory\fR +option in the configuration file, +\fIconfig\-file\fR +should be an absolute pathname. .TP \-d \fIdebug\-level\fR -Set the daemon's debug level to \fIdebug\-level\fR\&. Debugging traces from \fBnamed\fR become more verbose as the debug level increases\&. +Set the daemon's debug level to +\fIdebug\-level\fR. Debugging traces from +\fBnamed\fR +become more verbose as the debug level increases. .TP \-f -Run the server in the foreground (i\&.e\&. do not daemonize)\&. +Run the server in the foreground (i.e. do not daemonize). .TP \-g -Run the server in the foreground and force all logging to \fIstderr\fR\&. +Run the server in the foreground and force all logging to +\fIstderr\fR. .TP \-n \fI#cpus\fR -Create \fI#cpus\fR worker threads to take advantage of multiple CPUs\&. If not specified,\fBnamed\fR will try to determine the number of CPUs present and create one thread per CPU\&. If it is unable to determine the number of CPUs, a single worker thread will be created\&. +Create +\fI#cpus\fR +worker threads to take advantage of multiple CPUs. If not specified, +\fBnamed\fR +will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. .TP \-p \fIport\fR -Listen for queries on port \fIport\fR\&. If not specified, the default is port 53\&. +Listen for queries on port +\fIport\fR. If not specified, the default is port 53. .TP \-s -Write memory usage statistics to \fIstdout\fR on exit\&. +Write memory usage statistics to +\fIstdout\fR +on exit. .RS .B "Note:" -This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release\&. +This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release. .RE .TP \-t \fIdirectory\fR -\fBchroot()\fR to \fIdirectory\fR after processing the command line arguments, but before reading the configuration file\&. +\fBchroot()\fR +to +\fIdirectory\fR +after processing the command line arguments, but before reading the configuration file. .RS .B "Warning:" -This option should be used in conjunction with the\fB\-u\fR option, as chrooting a process running as root doesn't enhance security on most systems; the way \fBchroot()\fR is defined allows a process with root privileges to escape a chroot jail\&. +This option should be used in conjunction with the +\fB\-u\fR +option, as chrooting a process running as root doesn't enhance security on most systems; the way +\fBchroot()\fR +is defined allows a process with root privileges to escape a chroot jail. .RE .TP \-u \fIuser\fR -\fBsetuid()\fR to \fIuser\fR after completing privileged operations, such as creating sockets that listen on privileged ports\&. +\fBsetuid()\fR +to +\fIuser\fR +after completing privileged operations, such as creating sockets that listen on privileged ports. .RS .B "Note:" -On Linux, \fBnamed\fR uses the kernel's capability mechanism to drop all root privileges except the ability to \fBbind()\fR to a privileged port and set process resource limits\&. Unfortunately, this means that the \fB\-u\fR option only works when \fBnamed\fR is run on kernel 2\&.2\&.18 or later, or kernel 2\&.3\&.99\-pre3 or later, since previous kernels did not allow privileges to be retained after \fBsetuid()\fR\&. +On Linux, +\fBnamed\fR +uses the kernel's capability mechanism to drop all root privileges except the ability to +\fBbind()\fR +to a privileged port and set process resource limits. Unfortunately, this means that the +\fB\-u\fR +option only works when +\fBnamed\fR +is run on kernel 2.2.18 or later, or kernel 2.3.99\-pre3 or later, since previous kernels did not allow privileges to be retained after +\fBsetuid()\fR. .RE .TP \-v -Report the version number and exit\&. +Report the version number and exit. .TP \-x \fIcache\-file\fR -Load data from \fIcache\-file\fR into the cache of the default view\&. +Load data from +\fIcache\-file\fR +into the cache of the default view. .RS .B "Warning:" -This option must not be used\&. It is only of interest to BIND 9 developers and may be removed or changed in a future release\&. +This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release. .RE .SH "SIGNALS" .PP -In routine operation, signals should not be used to control the nameserver; \fBrndc\fR should be used instead\&. +In routine operation, signals should not be used to control the nameserver; +\fBrndc\fR +should be used instead. .TP SIGHUP -Force a reload of the server\&. +Force a reload of the server. .TP SIGINT, SIGTERM -Shut down the server\&. +Shut down the server. .PP -The result of sending any other signals to the server is undefined\&. +The result of sending any other signals to the server is undefined. .SH "CONFIGURATION" .PP -The \fBnamed\fR configuration file is too complex to describe in detail here\&. A complete description is provided in the BIND 9 Administrator Reference Manual\&. +The +\fBnamed\fR +configuration file is too complex to describe in detail here. A complete description is provided in the +BIND 9 Administrator Reference Manual. .SH "FILES" .TP -\fI/etc/named\&.conf\fR -The default configuration file\&. +\fI/etc/named.conf\fR +The default configuration file. .TP -\fI/var/run/named\&.pid\fR -The default process\-id file\&. +\fI/var/run/named.pid\fR +The default process\-id file. .SH "SEE ALSO" .PP -RFC 1033,RFC 1034,RFC 1035,\fBrndc\fR(8),\fBlwresd\fR(8),BIND 9 Administrator Reference Manual\&. +RFC 1033, +RFC 1034, +RFC 1035, +\fBrndc\fR(8), +\fBlwresd\fR(8), +BIND 9 Administrator Reference Manual. .SH "AUTHOR" .PP -Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/named/named.conf.5 b/bin/named/named.conf.5 index 39551150bdb..9f31bd929b4 100644 --- a/bin/named/named.conf.5 +++ b/bin/named/named.conf.5 @@ -12,38 +12,29 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: named.conf.5,v 1.1.6.6 2005/05/12 23:55:39 sra Exp $ +.\" $Id: named.conf.5,v 1.1.6.7 2005/10/13 02:23:30 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "NAMED.CONF" 5 "Aug 13, 2004" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "\\FINAMED.CONF\\FR" "5" "Aug 13, 2004" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" named.conf \- configuration file for named .SH "SYNOPSIS" .HP 11 -\fBnamed\&.conf\fR +\fBnamed.conf\fR .SH "DESCRIPTION" .PP -\fInamed\&.conf\fR is the configuration file for\fBnamed\fR\&. Statements are enclosed in braces and terminated with a semi\-colon\&. Clauses in the statements are also semi\-colon terminated\&. The usual comment styles are supported: +\fInamed.conf\fR +is the configuration file for +\fBnamed\fR. Statements are enclosed in braces and terminated with a semi\-colon. Clauses in the statements are also semi\-colon terminated. The usual comment styles are supported: .PP C style: /* */ .PP @@ -51,10 +42,12 @@ C++ style: // to end of line .PP Unix style: # to end of line .SH "ACL" +.sp .nf -acl \fIstring\fR { \fIaddress_match_element\fR; \&.\&.\&. }; +acl \fIstring\fR { \fIaddress_match_element\fR; ... }; .fi .SH "KEY" +.sp .nf key \fIdomain_name\fR { algorithm \fIstring\fR; @@ -62,6 +55,7 @@ key \fIdomain_name\fR { }; .fi .SH "SERVER" +.sp .nf server ( \fIipv4_address\fR | \fIipv6_address\fR ) { bogus \fIboolean\fR; @@ -78,23 +72,26 @@ server ( \fIipv4_address\fR | \fIipv6_address\fR ) { support\-ixfr \fIboolean\fR; // obsolete }; .fi -.SH "TRUSTED-KEYS" +.SH "TRUSTED\-KEYS" +.sp .nf trusted\-keys { - \fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; \&.\&.\&. + \fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ... }; .fi .SH "CONTROLS" +.sp .nf controls { inet ( \fIipv4_address\fR | \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ] - allow { \fIaddress_match_element\fR; \&.\&.\&. } - [ keys { \fIstring\fR; \&.\&.\&. } ]; + allow { \fIaddress_match_element\fR; ... } + [ keys { \fIstring\fR; ... } ]; unix \fIunsupported\fR; // not implemented }; .fi .SH "LOGGING" +.sp .nf logging { channel \fIstring\fR { @@ -107,24 +104,26 @@ logging { print\-severity \fIboolean\fR; print\-category \fIboolean\fR; }; - category \fIstring\fR { \fIstring\fR; \&.\&.\&. }; + category \fIstring\fR { \fIstring\fR; ... }; }; .fi .SH "LWRES" +.sp .nf lwres { listen\-on [ port \fIinteger\fR ] { - ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; \&.\&.\&. + ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... }; view \fIstring\fR \fIoptional_class\fR; - search { \fIstring\fR; \&.\&.\&. }; + search { \fIstring\fR; ... }; ndots \fIinteger\fR; }; .fi .SH "OPTIONS" +.sp .nf options { - blackhole { \fIaddress_match_element\fR; \&.\&.\&. }; + blackhole { \fIaddress_match_element\fR; ... }; coresize \fIsize\fR; datasize \fIsize\fR; directory \fIquoted_string\fR; @@ -134,8 +133,8 @@ options { host\-statistics \fIboolean\fR; // not implemented host\-statistics\-max \fInumber\fR; // not implemented interface\-interval \fIinteger\fR; - listen\-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; \&.\&.\&. }; - listen\-on\-v6 [ port \fIinteger\fR ] { \fIaddress_match_element\fR; \&.\&.\&. }; + listen\-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... }; + listen\-on\-v6 [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... }; match\-mapped\-addresses \fIboolean\fR; memstatistics\-file \fIquoted_string\fR; // not implemented pid\-file \fIquoted_string\fR; @@ -155,15 +154,15 @@ options { transfers\-out \fIinteger\fR; use\-ixfr \fIboolean\fR; version \fIquoted_string\fR; - allow\-recursion { \fIaddress_match_element\fR; \&.\&.\&. }; - sortlist { \fIaddress_match_element\fR; \&.\&.\&. }; - topology { \fIaddress_match_element\fR; \&.\&.\&. }; // not implemented + allow\-recursion { \fIaddress_match_element\fR; ... }; + sortlist { \fIaddress_match_element\fR; ... }; + topology { \fIaddress_match_element\fR; ... }; // not implemented auth\-nxdomain \fIboolean\fR; // default changed minimal\-responses \fIboolean\fR; recursion \fIboolean\fR; rrset\-order { [ class \fIstring\fR ] [ type \fIstring\fR ] - [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; \&.\&.\&. + [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ... }; // not implemented provide\-ixfr \fIboolean\fR; request\-ixfr \fIboolean\fR; @@ -182,20 +181,20 @@ options { check\-names ( master | slave | response ) ( fail | warn | ignore ); // not implemented cache\-file \fIquoted_string\fR; - root\-delegation\-only [ exclude { \fIquoted_string\fR; \&.\&.\&. } ]; + root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ]; dialup \fIdialuptype\fR; - allow\-query { \fIaddress_match_element\fR; \&.\&.\&. }; - allow\-transfer { \fIaddress_match_element\fR; \&.\&.\&. }; - allow\-update\-forwarding { \fIaddress_match_element\fR; \&.\&.\&. }; + allow\-query { \fIaddress_match_element\fR; ... }; + allow\-transfer { \fIaddress_match_element\fR; ... }; + allow\-update\-forwarding { \fIaddress_match_element\fR; ... }; notify \fInotifytype\fR; notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR ) - [ port \fIinteger\fR ]; \&.\&.\&. }; - allow\-notify { \fIaddress_match_element\fR; \&.\&.\&. }; + [ port \fIinteger\fR ]; ... }; + allow\-notify { \fIaddress_match_element\fR; ... }; forward ( first | only ); forwarders [ port \fIinteger\fR ] { - ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; \&.\&.\&. + ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... }; max\-transfer\-time\-in \fIinteger\fR; max\-transfer\-time\-out \fIinteger\fR; @@ -211,7 +210,7 @@ options { transfer\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; zone\-statistics \fIboolean\fR; - allow\-v6\-synthesis { \fIaddress_match_element\fR; \&.\&.\&. }; + allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; deallocate\-on\-exit \fIboolean\fR; // obsolete fake\-iquery \fIboolean\fR; // obsolete fetch\-glue \fIboolean\fR; // obsolete @@ -226,33 +225,34 @@ options { }; .fi .SH "VIEW" +.sp .nf view \fIstring\fR \fIoptional_class\fR { - match\-clients { \fIaddress_match_element\fR; \&.\&.\&. }; - match\-destinations { \fIaddress_match_element\fR; \&.\&.\&. }; + match\-clients { \fIaddress_match_element\fR; ... }; + match\-destinations { \fIaddress_match_element\fR; ... }; match\-recursive\-only \fIboolean\fR; key \fIstring\fR { algorithm \fIstring\fR; secret \fIstring\fR; }; zone \fIstring\fR \fIoptional_class\fR { - \&.\&.\&. + ... }; server ( \fIipv4_address\fR | \fIipv6_address\fR ) { - \&.\&.\&. + ... }; trusted\-keys { - \fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; \&.\&.\&. + \fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; ... }; - allow\-recursion { \fIaddress_match_element\fR; \&.\&.\&. }; - sortlist { \fIaddress_match_element\fR; \&.\&.\&. }; - topology { \fIaddress_match_element\fR; \&.\&.\&. }; // not implemented + allow\-recursion { \fIaddress_match_element\fR; ... }; + sortlist { \fIaddress_match_element\fR; ... }; + topology { \fIaddress_match_element\fR; ... }; // not implemented auth\-nxdomain \fIboolean\fR; // default changed minimal\-responses \fIboolean\fR; recursion \fIboolean\fR; rrset\-order { [ class \fIstring\fR ] [ type \fIstring\fR ] - [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; \&.\&.\&. + [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ... }; // not implemented provide\-ixfr \fIboolean\fR; request\-ixfr \fIboolean\fR; @@ -272,20 +272,20 @@ view \fIstring\fR \fIoptional_class\fR { ( fail | warn | ignore ); cache\-file \fIquoted_string\fR; suppress\-initial\-notify \fIboolean\fR; // not yet implemented - root\-delegation\-only [ exclude { \fIquoted_string\fR; \&.\&.\&. } ]; + root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ]; dialup \fIdialuptype\fR; - allow\-query { \fIaddress_match_element\fR; \&.\&.\&. }; - allow\-transfer { \fIaddress_match_element\fR; \&.\&.\&. }; - allow\-update\-forwarding { \fIaddress_match_element\fR; \&.\&.\&. }; + allow\-query { \fIaddress_match_element\fR; ... }; + allow\-transfer { \fIaddress_match_element\fR; ... }; + allow\-update\-forwarding { \fIaddress_match_element\fR; ... }; notify \fInotifytype\fR; notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR ) - [ port \fIinteger\fR ]; \&.\&.\&. }; - allow\-notify { \fIaddress_match_element\fR; \&.\&.\&. }; + [ port \fIinteger\fR ]; ... }; + allow\-notify { \fIaddress_match_element\fR; ... }; forward ( first | only ); forwarders [ port \fIinteger\fR ] { - ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; \&.\&.\&. + ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... }; max\-transfer\-time\-in \fIinteger\fR; max\-transfer\-time\-out \fIinteger\fR; @@ -301,13 +301,14 @@ view \fIstring\fR \fIoptional_class\fR { transfer\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; zone\-statistics \fIboolean\fR; - allow\-v6\-synthesis { \fIaddress_match_element\fR; \&.\&.\&. }; // obsolete + allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete fetch\-glue \fIboolean\fR; // obsolete maintain\-ixfr\-base \fIboolean\fR; // obsolete max\-ixfr\-log\-size \fIsize\fR; // obsolete }; .fi .SH "ZONE" +.sp .nf zone \fIstring\fR \fIoptional_class\fR { type ( master | slave | stub | hint | @@ -315,30 +316,30 @@ zone \fIstring\fR \fIoptional_class\fR { file \fIquoted_string\fR; masters [ port \fIinteger\fR ] { ( \fIipv4_address\fR [port \fIinteger\fR] | - \fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; \&.\&.\&. + \fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; ... }; database \fIstring\fR; delegation\-only \fIboolean\fR; check\-names ( fail | warn | ignore ); dialup \fIdialuptype\fR; - allow\-query { \fIaddress_match_element\fR; \&.\&.\&. }; - allow\-transfer { \fIaddress_match_element\fR; \&.\&.\&. }; - allow\-update { \fIaddress_match_element\fR; \&.\&.\&. }; - allow\-update\-forwarding { \fIaddress_match_element\fR; \&.\&.\&. }; + allow\-query { \fIaddress_match_element\fR; ... }; + allow\-transfer { \fIaddress_match_element\fR; ... }; + allow\-update { \fIaddress_match_element\fR; ... }; + allow\-update\-forwarding { \fIaddress_match_element\fR; ... }; update\-policy { ( grant | deny ) \fIstring\fR ( name | subdomain | wildcard | self ) \fIstring\fR - \fIrrtypelist\fR; \&.\&.\&. + \fIrrtypelist\fR; ... }; notify \fInotifytype\fR; notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR ) - [ port \fIinteger\fR ]; \&.\&.\&. }; - allow\-notify { \fIaddress_match_element\fR; \&.\&.\&. }; + [ port \fIinteger\fR ]; ... }; + allow\-notify { \fIaddress_match_element\fR; ... }; forward ( first | only ); forwarders [ port \fIinteger\fR ] { - ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; \&.\&.\&. + ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... }; max\-transfer\-time\-in \fIinteger\fR; max\-transfer\-time\-out \fIinteger\fR; @@ -363,7 +364,9 @@ zone \fIstring\fR \fIoptional_class\fR { .fi .SH "FILES" .PP - \fI/etc/named\&.conf\fR +\fI/etc/named.conf\fR .SH "SEE ALSO" .PP - \fBnamed\fR(8), \fBrndc\fR(8), \fBBIND 9 Adminstrators Reference Manual\fR()\&. +\fBnamed\fR(8), +\fBrndc\fR(8), +\fBBIND 9 Adminstrators Reference Manual\fR(). diff --git a/bin/named/named.conf.html b/bin/named/named.conf.html index a0c714cda3b..be9b0c01e91 100644 --- a/bin/named/named.conf.html +++ b/bin/named/named.conf.html @@ -13,15 +13,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + named.conf - +

Name

named.conf — configuration file for named

@@ -31,7 +31,7 @@

named.conf

DESCRIPTION

named.conf is the configuration file for named. Statements are enclosed @@ -50,14 +50,14 @@

ACL

acl string { address_match_element; ... };

KEY

key domain_name {
algorithm string;
@@ -66,7 +66,7 @@ key

SERVER

server ( ipv4_address | ipv6_address ) {
bogus boolean;
@@ -86,7 +86,7 @@ server

TRUSTED-KEYS

trusted-keys {
domain_name flags protocol algorithm key; ...
@@ -94,7 +94,7 @@ trusted-keys

CONTROLS

controls {
inet ( ipv4_address | ipv6_address | * )
@@ -106,7 +106,7 @@ controls

LOGGING

logging {
channel string {
@@ -124,7 +124,7 @@ logging

LWRES

lwres {
listen-on [ port integer ] {
@@ -137,7 +137,7 @@ lwres

OPTIONS

options {
blackhole { address_match_element; ... };
@@ -251,7 +251,7 @@ options

VIEW

view string optional_class {
match-clients { address_match_element; ... };
@@ -348,7 +348,7 @@ view

ZONE

zone string optional_class {
type ( master | slave | stub | hint |
@@ -413,13 +413,13 @@ zone

FILES

/etc/named.conf

Name

named — Internet domain name server

@@ -32,7 +32,7 @@

named [-c config-file] [-d debug-level] [-f] [-g] [-n #cpus] [-p port] [-s] [-t directory] [-u user] [-v] [-x cache-file]

DESCRIPTION

named is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more @@ -46,7 +46,7 @@

OPTIONS

-c config-file: @@ -165,7 +165,7 @@

SIGNALS

In routine operation, signals should not be used to control the nameserver; rndc should be used @@ -186,7 +186,7 @@

CONFIGURATION

The named configuration file is too complex to describe in detail here. A complete description is @@ -195,7 +195,7 @@

FILES

/etc/named.conf: @@ -208,7 +208,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/bin/nsupdate/nsupdate.8 b/bin/nsupdate/nsupdate.8 index 018e5d7899a..5e4a2b07cf2 100644 --- a/bin/nsupdate/nsupdate.8 +++ b/bin/nsupdate/nsupdate.8 @@ -13,133 +13,266 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: nsupdate.8,v 1.24.2.6 2005/05/12 23:55:40 sra Exp $ +.\" $Id: nsupdate.8,v 1.24.2.7 2005/10/13 02:23:31 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "NSUPDATE" 8 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "NSUPDATE" "8" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" nsupdate \- Dynamic DNS update utility .SH "SYNOPSIS" .HP 9 -\fBnsupdate\fR [\fB\-d\fR] [\fB\fB\-y\ \fIkeyname:secret\fR\fR\fR | \fB\fB\-k\ \fIkeyfile\fR\fR\fR] [\fB\-v\fR] [filename] +\fBnsupdate\fR [\fB\-d\fR] [[\fB\-y\ \fR\fB\fIkeyname:secret\fR\fR] [\fB\-k\ \fR\fB\fIkeyfile\fR\fR]] [\fB\-v\fR] [filename] .SH "DESCRIPTION" .PP - \fBnsupdate\fR is used to submit Dynamic DNS Update requests as defined in RFC2136 to a name server\&. This allows resource records to be added or removed from a zone without manually editing the zone file\&. A single update request can contain requests to add or remove more than one resource record\&. +\fBnsupdate\fR +is used to submit Dynamic DNS Update requests as defined in RFC2136 to a name server. This allows resource records to be added or removed from a zone without manually editing the zone file. A single update request can contain requests to add or remove more than one resource record. .PP -Zones that are under dynamic control via \fBnsupdate\fR or a DHCP server should not be edited by hand\&. Manual edits could conflict with dynamic updates and cause data to be lost\&. +Zones that are under dynamic control via +\fBnsupdate\fR +or a DHCP server should not be edited by hand. Manual edits could conflict with dynamic updates and cause data to be lost. .PP -The resource records that are dynamically added or removed with \fBnsupdate\fR have to be in the same zone\&. Requests are sent to the zone's master server\&. This is identified by the MNAME field of the zone's SOA record\&. +The resource records that are dynamically added or removed with +\fBnsupdate\fR +have to be in the same zone. Requests are sent to the zone's master server. This is identified by the MNAME field of the zone's SOA record. .PP -The \fB\-d\fR option makes \fBnsupdate\fR operate in debug mode\&. This provides tracing information about the update requests that are made and the replies received from the name server\&. +The +\fB\-d\fR +option makes +\fBnsupdate\fR +operate in debug mode. This provides tracing information about the update requests that are made and the replies received from the name server. .PP -Transaction signatures can be used to authenticate the Dynamic DNS updates\&. These use the TSIG resource record type described in RFC2845\&. The signatures rely on a shared secret that should only be known to \fBnsupdate\fR and the name server\&. Currently, the only supported encryption algorithm for TSIG is HMAC\-MD5, which is defined in RFC 2104\&. Once other algorithms are defined for TSIG, applications will need to ensure they select the appropriate algorithm as well as the key when authenticating each other\&. For instance suitable \fBkey\fR and \fBserver\fR statements would be added to \fI/etc/named\&.conf\fR so that the name server can associate the appropriate secret key and algorithm with the IP address of the client application that will be using TSIG authentication\&. \fBnsupdate\fR does not read \fI/etc/named\&.conf\fR\&. +Transaction signatures can be used to authenticate the Dynamic DNS updates. These use the TSIG resource record type described in RFC2845. The signatures rely on a shared secret that should only be known to +\fBnsupdate\fR +and the name server. Currently, the only supported encryption algorithm for TSIG is HMAC\-MD5, which is defined in RFC 2104. Once other algorithms are defined for TSIG, applications will need to ensure they select the appropriate algorithm as well as the key when authenticating each other. For instance suitable +\fBkey\fR +and +\fBserver\fR +statements would be added to +\fI/etc/named.conf\fR +so that the name server can associate the appropriate secret key and algorithm with the IP address of the client application that will be using TSIG authentication. +\fBnsupdate\fR +does not read +\fI/etc/named.conf\fR. .PP - \fBnsupdate\fR uses the \fB\-y\fR or \fB\-k\fR option to provide the shared secret needed to generate a TSIG record for authenticating Dynamic DNS update requests\&. These options are mutually exclusive\&. With the \fB\-k\fR option, \fBnsupdate\fR reads the shared secret from the file \fIkeyfile\fR, whose name is of the form \fIK{name}\&.+157\&.+{random}\&.private\fR\&. For historical reasons, the file \fIK{name}\&.+157\&.+{random}\&.key\fR must also be present\&. When the \fB\-y\fR option is used, a signature is generated from \fIkeyname:secret\&.\fR \fIkeyname\fR is the name of the key, and \fIsecret\fR is the base64 encoded shared secret\&. Use of the \fB\-y\fR option is discouraged because the shared secret is supplied as a command line argument in clear text\&. This may be visible in the output from \fBps\fR(1 ) or in a history file maintained by the user's shell\&. +\fBnsupdate\fR +uses the +\fB\-y\fR +or +\fB\-k\fR +option to provide the shared secret needed to generate a TSIG record for authenticating Dynamic DNS update requests. These options are mutually exclusive. With the +\fB\-k\fR +option, +\fBnsupdate\fR +reads the shared secret from the file +\fIkeyfile\fR, whose name is of the form +\fIK{name}.+157.+{random}.private\fR. For historical reasons, the file +\fIK{name}.+157.+{random}.key\fR +must also be present. When the +\fB\-y\fR +option is used, a signature is generated from +\fIkeyname:secret.\fR\fIkeyname\fR +is the name of the key, and +\fIsecret\fR +is the base64 encoded shared secret. Use of the +\fB\-y\fR +option is discouraged because the shared secret is supplied as a command line argument in clear text. This may be visible in the output from +\fBps\fR(1 ) +or in a history file maintained by the user's shell. .PP -By default \fBnsupdate\fR uses UDP to send update requests to the name server\&. The \fB\-v\fR option makes \fBnsupdate\fR use a TCP connection\&. This may be preferable when a batch of update requests is made\&. +By default +\fBnsupdate\fR +uses UDP to send update requests to the name server. The +\fB\-v\fR +option makes +\fBnsupdate\fR +use a TCP connection. This may be preferable when a batch of update requests is made. .SH "INPUT FORMAT" .PP - \fBnsupdate\fR reads input from \fIfilename\fR or standard input\&. Each command is supplied on exactly one line of input\&. Some commands are for administrative purposes\&. The others are either update instructions or prerequisite checks on the contents of the zone\&. These checks set conditions that some name or set of resource records (RRset) either exists or is absent from the zone\&. These conditions must be met if the entire update request is to succeed\&. Updates will be rejected if the tests for the prerequisite conditions fail\&. +\fBnsupdate\fR +reads input from +\fIfilename\fR +or standard input. Each command is supplied on exactly one line of input. Some commands are for administrative purposes. The others are either update instructions or prerequisite checks on the contents of the zone. These checks set conditions that some name or set of resource records (RRset) either exists or is absent from the zone. These conditions must be met if the entire update request is to succeed. Updates will be rejected if the tests for the prerequisite conditions fail. .PP -Every update request consists of zero or more prerequisites and zero or more updates\&. This allows a suitably authenticated update request to proceed if some specified resource records are present or missing from the zone\&. A blank input line (or the \fBsend\fR command) causes the accumulated commands to be sent as one Dynamic DNS update request to the name server\&. +Every update request consists of zero or more prerequisites and zero or more updates. This allows a suitably authenticated update request to proceed if some specified resource records are present or missing from the zone. A blank input line (or the +\fBsend\fR +command) causes the accumulated commands to be sent as one Dynamic DNS update request to the name server. .PP -The command formats and their meaning are as follows: +The command formats and their meaning are as follows: .TP .HP 7 \fBserver\fR {servername} [port] -Sends all dynamic update requests to the name server \fIservername\fR\&. When no server statement is provided, \fBnsupdate\fR will send updates to the master server of the correct zone\&. The MNAME field of that zone's SOA record will identify the master server for that zone\&. \fIport\fR is the port number on \fIservername\fR where the dynamic update requests get sent\&. If no port number is specified, the default DNS port number of 53 is used\&. +Sends all dynamic update requests to the name server +\fIservername\fR. When no server statement is provided, +\fBnsupdate\fR +will send updates to the master server of the correct zone. The MNAME field of that zone's SOA record will identify the master server for that zone. +\fIport\fR +is the port number on +\fIservername\fR +where the dynamic update requests get sent. If no port number is specified, the default DNS port number of 53 is used. .TP .HP 6 \fBlocal\fR {address} [port] -Sends all dynamic update requests using the local \fIaddress\fR\&. When no local statement is provided, \fBnsupdate\fR will send updates using an address and port chosen by the system\&. \fIport\fR can additionally be used to make requests come from a specific port\&. If no port number is specified, the system will assign one\&. +Sends all dynamic update requests using the local +\fIaddress\fR. When no local statement is provided, +\fBnsupdate\fR +will send updates using an address and port chosen by the system. +\fIport\fR +can additionally be used to make requests come from a specific port. If no port number is specified, the system will assign one. .TP .HP 5 \fBzone\fR {zonename} -Specifies that all updates are to be made to the zone \fIzonename\fR\&. If no \fIzone\fR statement is provided, \fBnsupdate\fR will attempt determine the correct zone to update based on the rest of the input\&. +Specifies that all updates are to be made to the zone +\fIzonename\fR. If no +\fIzone\fR +statement is provided, +\fBnsupdate\fR +will attempt determine the correct zone to update based on the rest of the input. .TP .HP 6 \fBclass\fR {classname} -Specify the default class\&. If no \fIclass\fR is specified the default class is \fIIN\fR\&. +Specify the default class. If no +\fIclass\fR +is specified the default class is +\fIIN\fR. .TP .HP 4 \fBkey\fR {name} {secret} -Specifies that all updates are to be TSIG signed using the \fIkeyname\fR \fIkeysecret\fR pair\&. The \fBkey\fR command overrides any key specified on the command line via \fB\-y\fR or \fB\-k\fR\&. +Specifies that all updates are to be TSIG signed using the +\fIkeyname\fR\fIkeysecret\fR +pair. The +\fBkey\fR +command overrides any key specified on the command line via +\fB\-y\fR +or +\fB\-k\fR. .TP .HP 16 \fBprereq nxdomain\fR {domain\-name} -Requires that no resource record of any type exists with name \fIdomain\-name\fR\&. +Requires that no resource record of any type exists with name +\fIdomain\-name\fR. .TP .HP 16 \fBprereq yxdomain\fR {domain\-name} -Requires that \fIdomain\-name\fR exists (has as at least one resource record, of any type)\&. +Requires that +\fIdomain\-name\fR +exists (has as at least one resource record, of any type). .TP .HP 15 \fBprereq nxrrset\fR {domain\-name} [class] {type} -Requires that no resource record exists of the specified \fItype\fR, \fIclass\fR and \fIdomain\-name\fR\&. If \fIclass\fR is omitted, IN (internet) is assumed\&. +Requires that no resource record exists of the specified +\fItype\fR, +\fIclass\fR +and +\fIdomain\-name\fR. If +\fIclass\fR +is omitted, IN (internet) is assumed. .TP .HP 15 \fBprereq yxrrset\fR {domain\-name} [class] {type} -This requires that a resource record of the specified \fItype\fR, \fIclass\fR and \fIdomain\-name\fR must exist\&. If \fIclass\fR is omitted, IN (internet) is assumed\&. +This requires that a resource record of the specified +\fItype\fR, +\fIclass\fR +and +\fIdomain\-name\fR +must exist. If +\fIclass\fR +is omitted, IN (internet) is assumed. .TP .HP 15 \fBprereq yxrrset\fR {domain\-name} [class] {type} {data...} -The \fIdata\fR from each set of prerequisites of this form sharing a common \fItype\fR, \fIclass\fR, and \fIdomain\-name\fR are combined to form a set of RRs\&. This set of RRs must exactly match the set of RRs existing in the zone at the given \fItype\fR, \fIclass\fR, and \fIdomain\-name\fR\&. The \fIdata\fR are written in the standard text representation of the resource record's RDATA\&. +The +\fIdata\fR +from each set of prerequisites of this form sharing a common +\fItype\fR, +\fIclass\fR, and +\fIdomain\-name\fR +are combined to form a set of RRs. This set of RRs must exactly match the set of RRs existing in the zone at the given +\fItype\fR, +\fIclass\fR, and +\fIdomain\-name\fR. The +\fIdata\fR +are written in the standard text representation of the resource record's RDATA. .TP .HP 14 \fBupdate delete\fR {domain\-name} [ttl] [class] [type\ [data...]] -Deletes any resource records named \fIdomain\-name\fR\&. If \fItype\fR and \fIdata\fR is provided, only matching resource records will be removed\&. The internet class is assumed if \fIclass\fR is not supplied\&. The \fIttl\fR is ignored, and is only allowed for compatibility\&. +Deletes any resource records named +\fIdomain\-name\fR. If +\fItype\fR +and +\fIdata\fR +is provided, only matching resource records will be removed. The internet class is assumed if +\fIclass\fR +is not supplied. The +\fIttl\fR +is ignored, and is only allowed for compatibility. .TP .HP 11 \fBupdate add\fR {domain\-name} {ttl} [class] {type} {data...} -Adds a new resource record with the specified \fIttl\fR, \fIclass\fR and \fIdata\fR\&. +Adds a new resource record with the specified +\fIttl\fR, +\fIclass\fR +and +\fIdata\fR. .TP .HP 5 \fBshow\fR -Displays the current message, containing all of the prerequisites and updates specified since the last send\&. +Displays the current message, containing all of the prerequisites and updates specified since the last send. .TP .HP 5 \fBsend\fR -Sends the current message\&. This is equivalent to entering a blank line\&. +Sends the current message. This is equivalent to entering a blank line. .PP -Lines beginning with a semicolon are comments and are ignored\&. +Lines beginning with a semicolon are comments and are ignored. .SH "EXAMPLES" .PP -The examples below show how \fBnsupdate\fR could be used to insert and delete resource records from the \fBexample\&.com\fR zone\&. Notice that the input in each example contains a trailing blank line so that a group of commands are sent as one dynamic update request to the master name server for \fBexample\&.com\fR\&. +The examples below show how +\fBnsupdate\fR +could be used to insert and delete resource records from the +\fBexample.com\fR +zone. Notice that the input in each example contains a trailing blank line so that a group of commands are sent as one dynamic update request to the master name server for +\fBexample.com\fR. +.sp .nf # nsupdate -> update delete oldhost\&.example\&.com A -> update add newhost\&.example\&.com 86400 A 172\&.16\&.1\&.1 +> update delete oldhost.example.com A +> update add newhost.example.com 86400 A 172.16.1.1 > send .fi +.sp .PP -Any A records for \fBoldhost\&.example\&.com\fR are deleted\&. and an A record for \fBnewhost\&.example\&.com\fR it IP address 172\&.16\&.1\&.1 is added\&. The newly\-added record has a 1 day TTL (86400 seconds) +Any A records for +\fBoldhost.example.com\fR +are deleted. and an A record for +\fBnewhost.example.com\fR +it IP address 172.16.1.1 is added. The newly\-added record has a 1 day TTL (86400 seconds) +.sp .nf # nsupdate -> prereq nxdomain nickname\&.example\&.com -> update add nickname\&.example\&.com 86400 CNAME somehost\&.example\&.com +> prereq nxdomain nickname.example.com +> update add nickname.example.com 86400 CNAME somehost.example.com > send .fi +.sp .PP -The prerequisite condition gets the name server to check that there are no resource records of any type for \fBnickname\&.example\&.com\fR\&. If there are, the update request fails\&. If this name does not exist, a CNAME for it is added\&. This ensures that when the CNAME is added, it cannot conflict with the long\-standing rule in RFC1034 that a name must not exist as any other record type if it exists as a CNAME\&. (The rule has been updated for DNSSEC in RFC2535 to allow CNAMEs to have SIG, KEY and NXT records\&.) +The prerequisite condition gets the name server to check that there are no resource records of any type for +\fBnickname.example.com\fR. If there are, the update request fails. If this name does not exist, a CNAME for it is added. This ensures that when the CNAME is added, it cannot conflict with the long\-standing rule in RFC1034 that a name must not exist as any other record type if it exists as a CNAME. (The rule has been updated for DNSSEC in RFC2535 to allow CNAMEs to have SIG, KEY and NXT records.) .SH "FILES" .TP -\fB/etc/resolv\&.conf\fR +\fB/etc/resolv.conf\fR used to identify default name server .TP -\fBK{name}\&.+157\&.+{random}\&.key\fR -base\-64 encoding of HMAC\-MD5 key created by \fBdnssec\-keygen\fR(8)\&. +\fBK{name}.+157.+{random}.key\fR +base\-64 encoding of HMAC\-MD5 key created by +\fBdnssec\-keygen\fR(8). .TP -\fBK{name}\&.+157\&.+{random}\&.private\fR -base\-64 encoding of HMAC\-MD5 key created by \fBdnssec\-keygen\fR(8)\&. +\fBK{name}.+157.+{random}.private\fR +base\-64 encoding of HMAC\-MD5 key created by +\fBdnssec\-keygen\fR(8). .SH "SEE ALSO" .PP - \fBRFC2136\fR(), \fBRFC3007\fR(), \fBRFC2104\fR(), \fBRFC2845\fR(), \fBRFC1034\fR(), \fBRFC2535\fR(), \fBnamed\fR(8), \fBdnssec\-keygen\fR(8)\&. +\fBRFC2136\fR(), +\fBRFC3007\fR(), +\fBRFC2104\fR(), +\fBRFC2845\fR(), +\fBRFC1034\fR(), +\fBRFC2535\fR(), +\fBnamed\fR(8), +\fBdnssec\-keygen\fR(8). .SH "BUGS" .PP -The TSIG key is redundantly stored in two separate files\&. This is a consequence of nsupdate using the DST library for its cryptographic operations, and may change in future releases\&. +The TSIG key is redundantly stored in two separate files. This is a consequence of nsupdate using the DST library for its cryptographic operations, and may change in future releases. diff --git a/bin/nsupdate/nsupdate.html b/bin/nsupdate/nsupdate.html index 75f177dc26a..30dd81ad0d9 100644 --- a/bin/nsupdate/nsupdate.html +++ b/bin/nsupdate/nsupdate.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + nsupdate - +

Name

nsupdate — Dynamic DNS update utility

@@ -32,7 +32,7 @@

nsupdate [-d] [[-y keyname:secret] | [-k keyfile]] [-v] [filename]

DESCRIPTION

nsupdate is used to submit Dynamic DNS Update requests as defined in RFC2136 @@ -141,7 +141,7 @@ This may be preferable when a batch of update requests is made.

INPUT FORMAT

nsupdate reads input from @@ -345,7 +345,7 @@ Lines beginning with a semicolon are comments and are ignored.

EXAMPLES

The examples below show how nsupdate @@ -398,7 +398,7 @@ SIG, KEY and NXT records.)

FILES

/etc/resolv.conf: @@ -417,7 +417,7 @@ base-64 encoding of HMAC-MD5 key created by

BUGS

The TSIG key is redundantly stored in two separate files. This is a consequence of nsupdate using the DST library diff --git a/bin/rndc/rndc-confgen.8 b/bin/rndc/rndc-confgen.8 index 3ea2ad37d3c..df441a69e19 100644 --- a/bin/rndc/rndc-confgen.8 +++ b/bin/rndc/rndc-confgen.8 @@ -13,82 +13,159 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: rndc-confgen.8,v 1.3.2.10 2005/05/12 23:55:41 sra Exp $ +.\" $Id: rndc-confgen.8,v 1.3.2.11 2005/10/13 02:23:32 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "RNDC-CONFGEN" 8 "Aug 27, 2001" "" "" -.SH NAME -rndc-confgen \- rndc key generation tool +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "RNDC\-CONFGEN" "8" "Aug 27, 2001" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +rndc\-confgen \- rndc key generation tool .SH "SYNOPSIS" .HP 13 -\fBrndc\-confgen\fR [\fB\-a\fR] [\fB\-b\ \fIkeysize\fR\fR] [\fB\-c\ \fIkeyfile\fR\fR] [\fB\-h\fR] [\fB\-k\ \fIkeyname\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-r\ \fIrandomfile\fR\fR] [\fB\-s\ \fIaddress\fR\fR] [\fB\-t\ \fIchrootdir\fR\fR] [\fB\-u\ \fIuser\fR\fR] +\fBrndc\-confgen\fR [\fB\-a\fR] [\fB\-b\ \fR\fB\fIkeysize\fR\fR] [\fB\-c\ \fR\fB\fIkeyfile\fR\fR] [\fB\-h\fR] [\fB\-k\ \fR\fB\fIkeyname\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-r\ \fR\fB\fIrandomfile\fR\fR] [\fB\-s\ \fR\fB\fIaddress\fR\fR] [\fB\-t\ \fR\fB\fIchrootdir\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] .SH "DESCRIPTION" .PP - \fBrndc\-confgen\fR generates configuration files for \fBrndc\fR\&. It can be used as a convenient alternative to writing the \fIrndc\&.conf\fR file and the corresponding \fBcontrols\fR and \fBkey\fR statements in \fInamed\&.conf\fR by hand\&. Alternatively, it can be run with the \fB\-a\fR option to set up a \fIrndc\&.key\fR file and avoid the need for a \fIrndc\&.conf\fR file and a \fBcontrols\fR statement altogether\&. +\fBrndc\-confgen\fR +generates configuration files for +\fBrndc\fR. It can be used as a convenient alternative to writing the +\fIrndc.conf\fR +file and the corresponding +\fBcontrols\fR +and +\fBkey\fR +statements in +\fInamed.conf\fR +by hand. Alternatively, it can be run with the +\fB\-a\fR +option to set up a +\fIrndc.key\fR +file and avoid the need for a +\fIrndc.conf\fR +file and a +\fBcontrols\fR +statement altogether. .SH "OPTIONS" .TP \-a -Do automatic \fBrndc\fR configuration\&. This creates a file \fIrndc\&.key\fR in \fI/etc\fR (or whatever \fIsysconfdir\fR was specified as when BIND was built) that is read by both \fBrndc\fR and \fBnamed\fR on startup\&. The \fIrndc\&.key\fR file defines a default command channel and authentication key allowing \fBrndc\fR to communicate with \fBnamed\fR with no further configuration\&. -Running \fBrndc\-confgen \-a\fR allows BIND 9 and \fBrndc\fR to be used as drop\-in replacements for BIND 8 and \fBndc\fR, with no changes to the existing BIND 8 \fInamed\&.conf\fR file\&. +Do automatic +\fBrndc\fR +configuration. This creates a file +\fIrndc.key\fR +in +\fI/etc\fR +(or whatever +\fIsysconfdir\fR +was specified as when +BIND +was built) that is read by both +\fBrndc\fR +and +\fBnamed\fR +on startup. The +\fIrndc.key\fR +file defines a default command channel and authentication key allowing +\fBrndc\fR +to communicate with +\fBnamed\fR +with no further configuration. +.sp +Running +\fBrndc\-confgen \-a\fR +allows BIND 9 and +\fBrndc\fR +to be used as drop\-in replacements for BIND 8 and +\fBndc\fR, with no changes to the existing BIND 8 +\fInamed.conf\fR +file. .TP \-b \fIkeysize\fR -Specifies the size of the authentication key in bits\&. Must be between 1 and 512 bits; the default is 128\&. +Specifies the size of the authentication key in bits. Must be between 1 and 512 bits; the default is 128. .TP \-c \fIkeyfile\fR -Used with the \fB\-a\fR option to specify an alternate location for \fIrndc\&.key\fR\&. +Used with the +\fB\-a\fR +option to specify an alternate location for +\fIrndc.key\fR. .TP \-h -Prints a short summary of the options and arguments to \fBrndc\-confgen\fR\&. +Prints a short summary of the options and arguments to +\fBrndc\-confgen\fR. .TP \-k \fIkeyname\fR -Specifies the key name of the rndc authentication key\&. This must be a valid domain name\&. The default is \fBrndc\-key\fR\&. +Specifies the key name of the rndc authentication key. This must be a valid domain name. The default is +\fBrndc\-key\fR. .TP \-p \fIport\fR -Specifies the command channel port where \fBnamed\fR listens for connections from \fBrndc\fR\&. The default is 953\&. +Specifies the command channel port where +\fBnamed\fR +listens for connections from +\fBrndc\fR. The default is 953. .TP \-r \fIrandomfile\fR -Specifies a source of random data for generating the authorization\&. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input\&. \fIrandomdev\fR specifies the name of a character device or file containing random data to be used instead of the default\&. The special value \fIkeyboard\fR indicates that keyboard input should be used\&. +Specifies a source of random data for generating the authorization. If the operating system does not provide a +\fI/dev/random\fR +or equivalent device, the default source of randomness is keyboard input. +\fIrandomdev\fR +specifies the name of a character device or file containing random data to be used instead of the default. The special value +\fIkeyboard\fR +indicates that keyboard input should be used. .TP \-s \fIaddress\fR -Specifies the IP address where \fBnamed\fR listens for command channel connections from \fBrndc\fR\&. The default is the loopback address 127\&.0\&.0\&.1\&. +Specifies the IP address where +\fBnamed\fR +listens for command channel connections from +\fBrndc\fR. The default is the loopback address 127.0.0.1. .TP \-t \fIchrootdir\fR -Used with the \fB\-a\fR option to specify a directory where \fBnamed\fR will run chrooted\&. An additional copy of the \fIrndc\&.key\fR will be written relative to this directory so that it will be found by the chrooted \fBnamed\fR\&. +Used with the +\fB\-a\fR +option to specify a directory where +\fBnamed\fR +will run chrooted. An additional copy of the +\fIrndc.key\fR +will be written relative to this directory so that it will be found by the chrooted +\fBnamed\fR. .TP \-u \fIuser\fR -Used with the \fB\-a\fR option to set the owner of the \fIrndc\&.key\fR file generated\&. If \fB\-t\fR is also specified only the file in the chroot area has its owner changed\&. +Used with the +\fB\-a\fR +option to set the owner of the +\fIrndc.key\fR +file generated. If +\fB\-t\fR +is also specified only the file in the chroot area has its owner changed. .SH "EXAMPLES" .PP -To allow \fBrndc\fR to be used with no manual configuration, run +To allow +\fBrndc\fR +to be used with no manual configuration, run .PP - \fBrndc\-confgen \-a\fR +\fBrndc\-confgen \-a\fR .PP -To print a sample \fIrndc\&.conf\fR file and corresponding \fBcontrols\fR and \fBkey\fR statements to be manually inserted into \fInamed\&.conf\fR, run +To print a sample +\fIrndc.conf\fR +file and corresponding +\fBcontrols\fR +and +\fBkey\fR +statements to be manually inserted into +\fInamed.conf\fR, run .PP - \fBrndc\-confgen\fR +\fBrndc\-confgen\fR .SH "SEE ALSO" .PP - \fBrndc\fR(8), \fBrndc\&.conf\fR(5), \fBnamed\fR(8), BIND 9 Administrator Reference Manual\&. +\fBrndc\fR(8), +\fBrndc.conf\fR(5), +\fBnamed\fR(8), +BIND 9 Administrator Reference Manual. .SH "AUTHOR" .PP - Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/rndc/rndc-confgen.html b/bin/rndc/rndc-confgen.html index 580dca36477..0957daa844c 100644 --- a/bin/rndc/rndc-confgen.html +++ b/bin/rndc/rndc-confgen.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + rndc-confgen - +

Name

rndc-confgen — rndc key generation tool

@@ -32,7 +32,7 @@

rndc-confgen [-a] [-b keysize] [-c keyfile] [-h] [-k keyname] [-p port] [-r randomfile] [-s address] [-t chrootdir] [-u user]

DESCRIPTION

rndc-confgen generates configuration files for rndc. It can be used as a @@ -48,7 +48,7 @@

OPTIONS

-a: @@ -137,7 +137,7 @@

EXAMPLES

To allow rndc to be used with no manual configuration, run @@ -156,7 +156,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/bin/rndc/rndc.8 b/bin/rndc/rndc.8 index d3ce8c9a04d..22602a35b30 100644 --- a/bin/rndc/rndc.8 +++ b/bin/rndc/rndc.8 @@ -13,73 +13,106 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: rndc.8,v 1.24.2.4 2005/05/12 23:55:41 sra Exp $ +.\" $Id: rndc.8,v 1.24.2.5 2005/10/13 02:23:31 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "RNDC" 8 "June 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "RNDC" "8" "June 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" rndc \- name server control utility .SH "SYNOPSIS" .HP 5 -\fBrndc\fR [\fB\-c\ \fIconfig\-file\fR\fR] [\fB\-k\ \fIkey\-file\fR\fR] [\fB\-s\ \fIserver\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-V\fR] [\fB\-y\ \fIkey_id\fR\fR] {command} +\fBrndc\fR [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-k\ \fR\fB\fIkey\-file\fR\fR] [\fB\-s\ \fR\fB\fIserver\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-V\fR] [\fB\-y\ \fR\fB\fIkey_id\fR\fR] {command} .SH "DESCRIPTION" .PP - \fBrndc\fR controls the operation of a name server\&. It supersedes the \fBndc\fR utility that was provided in old BIND releases\&. If\fBrndc\fR is invoked with no command line options or arguments, it prints a short summary of the supported commands and the available options and their arguments\&. +\fBrndc\fR +controls the operation of a name server. It supersedes the +\fBndc\fR +utility that was provided in old BIND releases. If +\fBrndc\fR +is invoked with no command line options or arguments, it prints a short summary of the supported commands and the available options and their arguments. .PP - \fBrndc\fR communicates with the name server over a TCP connection, sending commands authenticated with digital signatures\&. In the current versions of\fBrndc\fR and \fBnamed\fR named the only supported authentication algorithm is HMAC\-MD5, which uses a shared secret on each end of the connection\&. This provides TSIG\-style authentication for the command request and the name server's response\&. All commands sent over the channel must be signed by a key_id known to the server\&. +\fBrndc\fR +communicates with the name server over a TCP connection, sending commands authenticated with digital signatures. In the current versions of +\fBrndc\fR +and +\fBnamed\fR +named the only supported authentication algorithm is HMAC\-MD5, which uses a shared secret on each end of the connection. This provides TSIG\-style authentication for the command request and the name server's response. All commands sent over the channel must be signed by a key_id known to the server. .PP - \fBrndc\fR reads a configuration file to determine how to contact the name server and decide what algorithm and key it should use\&. +\fBrndc\fR +reads a configuration file to determine how to contact the name server and decide what algorithm and key it should use. .SH "OPTIONS" .TP \-c \fIconfig\-file\fR -Use \fIconfig\-file\fR as the configuration file instead of the default, \fI/etc/rndc\&.conf\fR\&. +Use +\fIconfig\-file\fR +as the configuration file instead of the default, +\fI/etc/rndc.conf\fR. .TP \-k \fIkey\-file\fR -Use \fIkey\-file\fR as the key file instead of the default, \fI/etc/rndc\&.key\fR\&. The key in \fI/etc/rndc\&.key\fR will be used to authenticate commands sent to the server if the \fIconfig\-file\fR does not exist\&. +Use +\fIkey\-file\fR +as the key file instead of the default, +\fI/etc/rndc.key\fR. The key in +\fI/etc/rndc.key\fR +will be used to authenticate commands sent to the server if the +\fIconfig\-file\fR +does not exist. .TP \-s \fIserver\fR - \fIserver\fR is the name or address of the server which matches a server statement in the configuration file for \fBrndc\fR\&. If no server is supplied on the command line, the host named by the default\-server clause in the option statement of the configuration file will be used\&. +\fIserver\fR +is the name or address of the server which matches a server statement in the configuration file for +\fBrndc\fR. If no server is supplied on the command line, the host named by the default\-server clause in the option statement of the configuration file will be used. .TP \-p \fIport\fR -Send commands to TCP port \fIport\fR instead of BIND 9's default control channel port, 953\&. +Send commands to TCP port +\fIport\fR +instead of BIND 9's default control channel port, 953. .TP \-V -Enable verbose logging\&. +Enable verbose logging. .TP \-y \fIkeyid\fR -Use the key \fIkeyid\fR from the configuration file\&. \fIkeyid\fR must be known by named with the same algorithm and secret string in order for control message validation to succeed\&. If no \fIkeyid\fR is specified, \fBrndc\fR will first look for a key clause in the server statement of the server being used, or if no server statement is present for that host, then the default\-key clause of the options statement\&. Note that the configuration file contains shared secrets which are used to send authenticated control commands to name servers\&. It should therefore not have general read or write access\&. +Use the key +\fIkeyid\fR +from the configuration file. +\fIkeyid\fR +must be known by named with the same algorithm and secret string in order for control message validation to succeed. If no +\fIkeyid\fR +is specified, +\fBrndc\fR +will first look for a key clause in the server statement of the server being used, or if no server statement is present for that host, then the default\-key clause of the options statement. Note that the configuration file contains shared secrets which are used to send authenticated control commands to name servers. It should therefore not have general read or write access. .PP -For the complete set of commands supported by \fBrndc\fR, see the BIND 9 Administrator Reference Manual or run \fBrndc\fR without arguments to see its help message\&. +For the complete set of commands supported by +\fBrndc\fR, see the BIND 9 Administrator Reference Manual or run +\fBrndc\fR +without arguments to see its help message. .SH "LIMITATIONS" .PP - \fBrndc\fR does not yet support all the commands of the BIND 8 \fBndc\fR utility\&. +\fBrndc\fR +does not yet support all the commands of the BIND 8 +\fBndc\fR +utility. .PP -There is currently no way to provide the shared secret for a \fBkey_id\fR without using the configuration file\&. +There is currently no way to provide the shared secret for a +\fBkey_id\fR +without using the configuration file. .PP -Several error messages could be clearer\&. +Several error messages could be clearer. .SH "SEE ALSO" .PP - \fBrndc\&.conf\fR(5), \fBnamed\fR(8), \fBnamed\&.conf\fR(5) \fBndc\fR(8), BIND 9 Administrator Reference Manual\&. +\fBrndc.conf\fR(5), +\fBnamed\fR(8), +\fBnamed.conf\fR(5)\fBndc\fR(8), +BIND 9 Administrator Reference Manual. .SH "AUTHOR" .PP - Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/rndc/rndc.conf.5 b/bin/rndc/rndc.conf.5 index c3b057237df..4586899bef8 100644 --- a/bin/rndc/rndc.conf.5 +++ b/bin/rndc/rndc.conf.5 @@ -13,38 +13,30 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: rndc.conf.5,v 1.21.2.4 2005/05/12 23:55:42 sra Exp $ +.\" $Id: rndc.conf.5,v 1.21.2.5 2005/10/13 02:23:32 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "RNDC.CONF" 5 "June 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "\\FIRNDC.CONF\\FR" "5" "June 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" rndc.conf \- rndc configuration file .SH "SYNOPSIS" .HP 10 -\fBrndc\&.conf\fR +\fBrndc.conf\fR .SH "DESCRIPTION" .PP - \fIrndc\&.conf\fR is the configuration file for \fBrndc\fR, the BIND 9 name server control utility\&. This file has a similar structure and syntax to\fInamed\&.conf\fR\&. Statements are enclosed in braces and terminated with a semi\-colon\&. Clauses in the statements are also semi\-colon terminated\&. The usual comment styles are supported: +\fIrndc.conf\fR +is the configuration file for +\fBrndc\fR, the BIND 9 name server control utility. This file has a similar structure and syntax to +\fInamed.conf\fR. Statements are enclosed in braces and terminated with a semi\-colon. Clauses in the statements are also semi\-colon terminated. The usual comment styles are supported: .PP C style: /* */ .PP @@ -52,16 +44,60 @@ C++ style: // to end of line .PP Unix style: # to end of line .PP - \fIrndc\&.conf\fR is much simpler than\fInamed\&.conf\fR\&. The file uses three statements: an options statement, a server statement and a key statement\&. -.PP -The \fBoptions\fR statement contains three clauses\&. The \fBdefault\-server\fR clause is followed by the name or address of a name server\&. This host will be used when no name server is given as an argument to\fBrndc\fR\&. The \fBdefault\-key\fR clause is followed by the name of a key which is identified by a \fBkey\fR statement\&. If no\fBkeyid\fR is provided on the rndc command line, and no \fBkey\fR clause is found in a matching\fBserver\fR statement, this default key will be used to authenticate the server's commands and responses\&. The\fBdefault\-port\fR clause is followed by the port to connect to on the remote name server\&. If no\fBport\fR option is provided on the rndc command line, and no \fBport\fR clause is found in a matching \fBserver\fR statement, this default port will be used to connect\&. -.PP -After the \fBserver\fR keyword, the server statement includes a string which is the hostname or address for a name server\&. The statement has two possible clauses:\fBkey\fR and \fBport\fR\&. The key name must match the name of a key statement in the file\&. The port number specifies the port to connect to\&. -.PP -The \fBkey\fR statement begins with an identifying string, the name of the key\&. The statement has two clauses\&.\fBalgorithm\fR identifies the encryption algorithm for \fBrndc\fR to use; currently only HMAC\-MD5 is supported\&. This is followed by a secret clause which contains the base\-64 encoding of the algorithm's encryption key\&. The base\-64 string is enclosed in double quotes\&. -.PP -There are two common ways to generate the base\-64 string for the secret\&. The BIND 9 program \fBrndc\-confgen\fR can be used to generate a random key, or the\fBmmencode\fR program, also known as\fBmimencode\fR, can be used to generate a base\-64 string from known input\&. \fBmmencode\fR does not ship with BIND 9 but is available on many systems\&. See the EXAMPLE section for sample command lines for each\&. +\fIrndc.conf\fR +is much simpler than +\fInamed.conf\fR. The file uses three statements: an options statement, a server statement and a key statement. +.PP +The +\fBoptions\fR +statement contains three clauses. The +\fBdefault\-server\fR +clause is followed by the name or address of a name server. This host will be used when no name server is given as an argument to +\fBrndc\fR. The +\fBdefault\-key\fR +clause is followed by the name of a key which is identified by a +\fBkey\fR +statement. If no +\fBkeyid\fR +is provided on the rndc command line, and no +\fBkey\fR +clause is found in a matching +\fBserver\fR +statement, this default key will be used to authenticate the server's commands and responses. The +\fBdefault\-port\fR +clause is followed by the port to connect to on the remote name server. If no +\fBport\fR +option is provided on the rndc command line, and no +\fBport\fR +clause is found in a matching +\fBserver\fR +statement, this default port will be used to connect. +.PP +After the +\fBserver\fR +keyword, the server statement includes a string which is the hostname or address for a name server. The statement has two possible clauses: +\fBkey\fR +and +\fBport\fR. The key name must match the name of a key statement in the file. The port number specifies the port to connect to. +.PP +The +\fBkey\fR +statement begins with an identifying string, the name of the key. The statement has two clauses. +\fBalgorithm\fR +identifies the encryption algorithm for +\fBrndc\fR +to use; currently only HMAC\-MD5 is supported. This is followed by a secret clause which contains the base\-64 encoding of the algorithm's encryption key. The base\-64 string is enclosed in double quotes. +.PP +There are two common ways to generate the base\-64 string for the secret. The BIND 9 program +\fBrndc\-confgen\fR +can be used to generate a random key, or the +\fBmmencode\fR +program, also known as +\fBmimencode\fR, can be used to generate a base\-64 string from known input. +\fBmmencode\fR +does not ship with BIND 9 but is available on many systems. See the EXAMPLE section for sample command lines for each. .SH "EXAMPLE" +.sp .nf options { default\-server localhost; @@ -76,23 +112,43 @@ There are two common ways to generate the base\-64 string for the secret\&. The }; .fi .PP -In the above example, \fBrndc\fR will by default use the server at localhost (127\&.0\&.0\&.1) and the key called samplekey\&. Commands to the localhost server will use the samplekey key, which must also be defined in the server's configuration file with the same name and secret\&. The key statement indicates that samplekey uses the HMAC\-MD5 algorithm and its secret clause contains the base\-64 encoding of the HMAC\-MD5 secret enclosed in double quotes\&. +In the above example, +\fBrndc\fR +will by default use the server at localhost (127.0.0.1) and the key called samplekey. Commands to the localhost server will use the samplekey key, which must also be defined in the server's configuration file with the same name and secret. The key statement indicates that samplekey uses the HMAC\-MD5 algorithm and its secret clause contains the base\-64 encoding of the HMAC\-MD5 secret enclosed in double quotes. .PP -To generate a random secret with \fBrndc\-confgen\fR: +To generate a random secret with +\fBrndc\-confgen\fR: .PP - \fBrndc\-confgen\fR +\fBrndc\-confgen\fR .PP -A complete \fIrndc\&.conf\fR file, including the randomly generated key, will be written to the standard output\&. Commented out \fBkey\fR and \fBcontrols\fR statements for \fInamed\&.conf\fR are also printed\&. +A complete +\fIrndc.conf\fR +file, including the randomly generated key, will be written to the standard output. Commented out +\fBkey\fR +and +\fBcontrols\fR +statements for +\fInamed.conf\fR +are also printed. .PP -To generate a base\-64 secret with \fBmmencode\fR: +To generate a base\-64 secret with +\fBmmencode\fR: .PP - \fBecho "known plaintext for a secret" | mmencode\fR +\fBecho "known plaintext for a secret" | mmencode\fR .SH "NAME SERVER CONFIGURATION" .PP -The name server must be configured to accept rndc connections and to recognize the key specified in the \fIrndc\&.conf\fR file, using the controls statement in \fInamed\&.conf\fR\&. See the sections on the \fBcontrols\fR statement in the BIND 9 Administrator Reference Manual for details\&. +The name server must be configured to accept rndc connections and to recognize the key specified in the +\fIrndc.conf\fR +file, using the controls statement in +\fInamed.conf\fR. See the sections on the +\fBcontrols\fR +statement in the BIND 9 Administrator Reference Manual for details. .SH "SEE ALSO" .PP - \fBrndc\fR(8), \fBrndc\-confgen\fR(8), \fBmmencode\fR(1), BIND 9 Administrator Reference Manual\&. +\fBrndc\fR(8), +\fBrndc\-confgen\fR(8), +\fBmmencode\fR(1), +BIND 9 Administrator Reference Manual. .SH "AUTHOR" .PP - Internet Systems Consortium +Internet Systems Consortium diff --git a/bin/rndc/rndc.conf.html b/bin/rndc/rndc.conf.html index 7d3db0dff84..dc557181fe2 100644 --- a/bin/rndc/rndc.conf.html +++ b/bin/rndc/rndc.conf.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + rndc.conf - +

Name

rndc.conf — rndc configuration file

@@ -32,7 +32,7 @@

rndc.conf

DESCRIPTION

rndc.conf is the configuration file for rndc, the BIND 9 name server control @@ -105,7 +105,7 @@

EXAMPLE

     options {
         default-server  localhost;
@@ -151,7 +151,7 @@

NAME SERVER CONFIGURATION

The name server must be configured to accept rndc connections and to recognize the key specified in the rndc.conf @@ -161,7 +161,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/bin/rndc/rndc.html b/bin/rndc/rndc.html index c7d9672ad3e..1b2d5f37072 100644 --- a/bin/rndc/rndc.html +++ b/bin/rndc/rndc.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + rndc - +

Name

rndc — name server control utility

@@ -32,7 +32,7 @@

rndc [-c config-file] [-k key-file] [-s server] [-p port] [-V] [-y key_id] {command}

DESCRIPTION

rndc controls the operation of a name server. It supersedes the ndc utility @@ -61,7 +61,7 @@

OPTIONS

-c config-file: @@ -123,7 +123,7 @@

LIMITATIONS

rndc does not yet support all the commands of the BIND 8 ndc utility. @@ -137,7 +137,7 @@

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/Bv9ARM.ch01.html b/doc/arm/Bv9ARM.ch01.html index f89fb5a1b31..803f40eda35 100644 --- a/doc/arm/Bv9ARM.ch01.html +++ b/doc/arm/Bv9ARM.ch01.html @@ -14,12 +14,12 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + Chapter 1. Introduction - + @@ -45,17 +45,17 @@ @@ -67,7 +67,7 @@ hierarchical databases.

-Scope of Document

+Scope of Document

The Berkeley Internet Name Domain (BIND) implements an domain name server for a number of operating systems. This document provides basic information about the installation and @@ -78,7 +78,7 @@

-Organization of This Document

+Organization of This Document

In this document, Section 1 introduces the basic DNS and BIND concepts. Section 2 describes resource requirements for running BIND in various @@ -103,7 +103,7 @@

-Conventions Used in This Document

+Conventions Used in This Document

In this document, we use the following general typographic conventions:

@@ -169,7 +169,7 @@ describe:

-The Domain Name System (DNS)

+The Domain Name System (DNS)

The purpose of this document is to explain the installation and upkeep of the BIND software package, and we begin by reviewing the fundamentals of the Domain Name System @@ -177,7 +177,7 @@ begin by reviewing the fundamentals of the Domain Name System

-DNS Fundamentals

+DNS Fundamentals

The Domain Name System (DNS) is the hierarchical, distributed database. It stores information for mapping Internet host names to IP addresses and vice versa, mail routing information, and other data @@ -190,7 +190,7 @@ name server and a resolver library.

-Domains and Domain Names

+Domains and Domain Names

The data stored in the DNS is identified by domain names that are organized as a tree according to organizational or administrative boundaries. Each node of the tree, @@ -227,7 +227,7 @@ the DNS protocol, please refer to the standards documents listed in

-Zones

+Zones

To properly operate a name server, it is important to understand the difference between a zone and a domain.

@@ -267,7 +267,7 @@ actually asking for slave service for some collection of zones.

-Authoritative Name Servers

+Authoritative Name Servers

Each zone is served by at least one authoritative name server, which contains the complete data for the zone. @@ -280,7 +280,7 @@ easy to identify when debugging DNS configurations using tools like dig (the section called “Diagnostic Tools”).

-The Primary Master

+The Primary Master

The authoritative server where the master copy of the zone data is maintained is called the primary master server, or simply the @@ -291,7 +291,7 @@ the zone file or <

-Slave Servers

+Slave Servers

The other authoritative servers, the slave servers (also known as secondary servers) load the zone contents from another server using a replication process @@ -302,7 +302,7 @@ may itself act as a master to a subordinate slave server.

-Stealth Servers

+Stealth Servers

Usually all of the zone's authoritative servers are listed in NS records in the parent zone. These NS records constitute a delegation of the zone from the parent. @@ -327,7 +327,7 @@ with the outside world.

-Caching Name Servers

+Caching Name Servers

The resolver libraries provided by most operating systems are stub resolvers, meaning that they are not capable of performing the full DNS resolution process by themselves by talking @@ -346,7 +346,7 @@ Time To Live (TTL) field associated with each resource record.

-Forwarding

+Forwarding

Even a caching name server does not necessarily perform the complete recursive lookup itself. Instead, it can forward some or all of the queries @@ -369,7 +369,7 @@ of.

-Name Servers in Multiple Roles

+Name Servers in Multiple Roles

The BIND name server can simultaneously act as a master for some zones, a slave for other zones, and as a caching (recursive) server for a set of local clients.

diff --git a/doc/arm/Bv9ARM.ch02.html b/doc/arm/Bv9ARM.ch02.html index e22087072a1..2b80add7cbd 100644 --- a/doc/arm/Bv9ARM.ch02.html +++ b/doc/arm/Bv9ARM.ch02.html @@ -14,12 +14,12 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - +Chapter 2. BIND Resource Requirements - + @@ -45,16 +45,16 @@

Table of Contents

Hardware requirements
CPU Requirements
Memory Requirements
Nameserver Intensive Environment Issues
Supported Operating Systems
Hardware requirements
CPU Requirements
Memory Requirements
Nameserver Intensive Environment Issues
Supported Operating Systems

-Hardware requirements

+Hardware requirements

DNS hardware requirements have traditionally been quite modest. For many installations, servers that have been pensioned off from active duty have performed admirably as DNS servers.

@@ -66,7 +66,7 @@ multiprocessor systems for installations that need it.

-CPU Requirements

+CPU Requirements

CPU requirements for BIND 9 range from i486-class machines for serving of static zones without caching, to enterprise-class machines if you intend to process many dynamic updates and DNSSEC @@ -74,7 +74,7 @@ signed zones, serving many thousands of queries per second.

-Memory Requirements

+Memory Requirements

The memory of the server has to be large enough to fit the cache and zones loaded off disk. The max-cache-size option can be used to limit the amount of memory used by the cache, @@ -89,7 +89,7 @@ be set higher than this stable size.

-Nameserver Intensive Environment Issues

+Nameserver Intensive Environment Issues

For nameserver intensive environments, there are two alternative configurations that may be used. The first is where clients and any second-level internal nameservers query a main nameserver, which @@ -103,7 +103,7 @@ as none of the nameservers share their cached data.

-Supported Operating Systems

+Supported Operating Systems

ISC BIND 9 compiles and runs on the following operating systems:

Chapter 3. Nameserver Configuration

Sample Configurations

A Caching-only Nameserver
An Authoritative-only Nameserver
A Caching-only Nameserver
An Authoritative-only Nameserver

Load Balancing

Notify

Nameserver Operations

Tools for Use With the Nameserver Daemon
Signals
Tools for Use With the Nameserver Daemon
Signals

@@ -67,7 +67,7 @@ option setting.

Sample Configurations

-A Caching-only Nameserver

+A Caching-only Nameserver

The following sample configuration is appropriate for a caching-only name server for use by clients internal to a corporation. All queries from outside clients are refused.

@@ -91,7 +91,7 @@ zone "0.0.127.in-addr.arpa" {

-An Authoritative-only Nameserver

+An Authoritative-only Nameserver

This sample configuration is for an authoritative-only server that is the master server for "example.com" and a slave for the subdomain "eng.example.com".

@@ -133,7 +133,7 @@ zone "eng.example.com" {

-Load Balancing

+Load Balancing

Primitive load balancing can be achieved in DNS using multiple A records for one name.

For example, if you have three WWW servers with network addresses @@ -208,10 +208,10 @@ of the time:

-Nameserver Operations

+Nameserver Operations

-Tools for Use With the Nameserver Daemon

+Tools for Use With the Nameserver Daemon

There are several indispensable diagnostic, administrative and monitoring tools available to the system administrator for controlling and debugging the nameserver daemon. We describe several in this @@ -451,7 +451,7 @@ a rndc.key file and not modify

-Signals

+Signals

Certain UNIX signals cause the name server to take specific actions, as described in the following table. These signals can be sent using the kill command.

diff --git a/doc/arm/Bv9ARM.ch04.html b/doc/arm/Bv9ARM.ch04.html index d880c0d6c3a..a05d47bc788 100644 --- a/doc/arm/Bv9ARM.ch04.html +++ b/doc/arm/Bv9ARM.ch04.html @@ -14,12 +14,12 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - +Chapter 4. Advanced Concepts - + @@ -48,30 +48,30 @@

Dynamic Update

The journal file

Incremental Zone Transfers (IXFR)

Split DNS

TSIG

Generate Shared Keys for Each Pair of Hosts
Copying the Shared Secret to Both Machines
Informing the Servers of the Key's Existence
Instructing the Server to Use the Key
TSIG Key Based Access Control
Errors
Generate Shared Keys for Each Pair of Hosts
Copying the Shared Secret to Both Machines
Informing the Servers of the Key's Existence
Instructing the Server to Use the Key
TSIG Key Based Access Control
Errors

Generating Keys
Creating a Keyset
Signing the Child's Keyset
Signing the Zone
Configuring Servers
Generating Keys
Creating a Keyset
Signing the Child's Keyset
Signing the Zone
Configuring Servers

IPv6 Support in BIND 9

Address Lookups Using AAAA Records
Address to Name Lookups Using Nibble Format
Address Lookups Using AAAA Records
Address to Name Lookups Using Nibble Format

@@ -150,7 +150,7 @@ of the server statement.

-Split DNS

+Split DNS

Setting up different views, or visibility, of DNS space to internal and external resolvers is usually referred to as a Split DNS setup. There are several reasons an organization @@ -352,13 +352,13 @@ for TSIG.

-y command line options.

-Generate Shared Keys for Each Pair of Hosts

+Generate Shared Keys for Each Pair of Hosts

A shared secret is generated to be shared between host1 and host2. An arbitrary key name is chosen: "host1-host2.". The key name must be the same on both hosts.

-Automatic Generation

+Automatic Generation

The following command will generate a 128 bit (16 byte) HMAC-MD5 key as described above. Longer keys are better, but shorter keys are easier to read. Note that the maximum key length is 512 bits; @@ -375,7 +375,7 @@ be used as the shared secret.

-Manual Generation

+Manual Generation

The shared secret is simply a random sequence of bits, encoded in base-64. Most ASCII strings are valid base-64 strings (assuming the length is a multiple of 4 and only valid characters are used), @@ -386,13 +386,13 @@ a similar program to generate base-64 encoded data.

-Copying the Shared Secret to Both Machines

+Copying the Shared Secret to Both Machines

This is beyond the scope of DNS. A secure transport mechanism should be used. This could be secure FTP, ssh, telephone, etc.

-Informing the Servers of the Key's Existence

+Informing the Servers of the Key's Existence

Imagine host1 and host 2 are both servers. The following is added to each server's named.conf file:

@@ -413,7 +413,7 @@ the same key.
 
 
 
-Instructing the Server to Use the Key
+Instructing the Server to Use the Key
 Since keys are shared between two hosts only, the server must
 be told when keys are to be used. The following is added to the named.conf file
 for host1, if the IP address of host2 is
@@ -436,7 +436,7 @@ sign request messages to host1.
 
 
 
-TSIG Key Based Access Control
+TSIG Key Based Access Control
 BIND allows IP addresses and ranges to be specified in ACL
 definitions and
 allow-{ query | transfer | update } directives.
@@ -454,7 +454,7 @@ allow-update { key host1-host2. ;};
 
 

 
-Errors
+Errors
 The processing of TSIG signed messages can result in
       several errors. If a signed message is sent to a non-TSIG aware
       server, a FORMERR will be returned, since the server will not
@@ -476,7 +476,7 @@ allow-update { key host1-host2. ;};
 
 

 
-TKEY
+TKEY
 TKEY is a mechanism for automatically
     generating a shared secret between two hosts.  There are several
     "modes" of TKEY that specify how the key is
@@ -502,7 +502,7 @@ allow-update { key host1-host2. ;};
 
 

 
-SIG(0)
+SIG(0)
 BIND 9 partially supports DNSSEC SIG(0) transaction
     signatures as specified in RFC 2535.  SIG(0) uses public/private
     keys to authenticate messages.  Access control is performed in the
@@ -541,7 +541,7 @@ allow-update { key host1-host2. ;};
     zone key of another zone above this one in the DNS tree.
 
 
-Generating Keys
+Generating Keys
 The dnssec-keygen program is used to
       generate keys.
 A secure zone must contain one or more zone keys.  The
@@ -574,7 +574,7 @@ allow-update { key host1-host2. ;};
 
 

 
-Creating a Keyset
+Creating a Keyset
 The dnssec-makekeyset program is used
       to create a key set from one or more keys.
 Once the zone keys have been generated, a key set must be
@@ -602,7 +602,7 @@ allow-update { key host1-host2. ;};
 
 

 
-Signing the Child's Keyset
+Signing the Child's Keyset
 The dnssec-signkey program is used to
       sign one child's keyset.
 If the child.example zone has any
@@ -622,7 +622,7 @@ allow-update { key host1-host2. ;};
 
 

 
-Signing the Zone
+Signing the Zone
 The dnssec-signzone program is used to
       sign a zone.
 Any signedkey files corresponding to
@@ -645,7 +645,7 @@ allow-update { key host1-host2. ;};
 
 

 
-Configuring Servers
+Configuring Servers
 Unlike in BIND 8, 
 data is not verified on load in BIND 9,
 so zone keys for authoritative zones do not need to be specified
@@ -657,7 +657,7 @@ statement, as described later in this document. 
 
 
 
-IPv6 Support in BIND 9
+IPv6 Support in BIND 9
 BIND 9 fully supports all currently
     defined forms of IPv6 name to address and address to name
     lookups.  It will also use IPv6 addresses to make queries when
@@ -679,7 +679,7 @@ statement, as described later in this document. 
     see the section called “IPv6 addresses (A6)”.
 
 
-Address Lookups Using AAAA Records
+Address Lookups Using AAAA Records
 The AAAA record is a parallel to the IPv4 A record.  It
       specifies the entire address in a single record.  For
       example,
@@ -690,7 +690,7 @@ host            3600    IN      AAAA    2001:db8::1
 
 
 
-Address to Name Lookups Using Nibble Format
+Address to Name Lookups Using Nibble Format
 When looking up an address in nibble format, the address
       components are simply reversed, just as in IPv4, and
       IP6.ARPA. is appended to the resulting name.
diff --git a/doc/arm/Bv9ARM.ch05.html b/doc/arm/Bv9ARM.ch05.html
index d3183267636..8fb79394331 100644
--- a/doc/arm/Bv9ARM.ch05.html
+++ b/doc/arm/Bv9ARM.ch05.html
@@ -14,12 +14,12 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-
+
 
 
 
 Chapter 5. The BIND 9 Lightweight Resolver
-
+
 
 
 
@@ -45,13 +45,13 @@
 

 Table of Contents
 
-The Lightweight Resolver Library
+The Lightweight Resolver Library
 Running a Resolver Daemon
 
 
 
 
-The Lightweight Resolver Library
+The Lightweight Resolver Library
 Traditionally applications have been linked with a stub resolver
 library that sends recursive DNS queries to a local caching name
 server.
diff --git a/doc/arm/Bv9ARM.ch06.html b/doc/arm/Bv9ARM.ch06.html
index 74201b36026..f6bb81c0920 100644
--- a/doc/arm/Bv9ARM.ch06.html
+++ b/doc/arm/Bv9ARM.ch06.html
@@ -14,12 +14,12 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-
+
 
 
 
 Chapter 6. BIND 9 Configuration Reference
-
+
 
 
 
@@ -48,44 +48,44 @@
 Configuration File Elements
 
 Address Match Lists
-Comment Syntax
+Comment Syntax
 
 Configuration File Grammar
 
-acl Statement Grammar
+acl Statement Grammar
 acl Statement Definition and
 Usage
-controls Statement Grammar
+controls Statement Grammar
 controls Statement Definition and Usage
-include Statement Grammar
-include Statement Definition and Usage
-key Statement Grammar
-key Statement Definition and Usage
-logging Statement Grammar
-logging Statement Definition and Usage
-lwres Statement Grammar
-lwres Statement Definition and Usage
-options Statement Grammar
-options Statement Definition and Usage
+include Statement Grammar
+include Statement Definition and Usage
+key Statement Grammar
+key Statement Definition and Usage
+logging Statement Grammar
+logging Statement Definition and Usage
+lwres Statement Grammar
+lwres Statement Definition and Usage
+options Statement Grammar
+options Statement Definition and Usage
 server Statement Grammar
 server Statement Definition and Usage
-trusted-keys Statement Grammar
-trusted-keys Statement Definition
+
trusted-keys Statement Grammar
+trusted-keys Statement Definition
 and Usage
-view Statement Grammar
-view Statement Definition and Usage
+view Statement Grammar
+view Statement Definition and Usage
 zone
 Statement Grammar
-zone Statement Definition and Usage
+zone Statement Definition and Usage
 
-Zone File
+Zone File
 
 Types of Resource Records and When to Use Them
-Discussion of MX Records
+Discussion of MX Records
 Setting TTLs
-Inverse Mapping in IPv4
-Other Zone File Directives
-BIND Master File Extension: the  $GENERATE Directive
+Inverse Mapping in IPv4
+Other Zone File Directives
+BIND Master File Extension: the  $GENERATE Directive
 
 
 
@@ -224,7 +224,7 @@ are restricted to slave and stub zones.
 Address Match Lists
 
 
-Syntax
+Syntax
 address_match_list = address_match_list_element ;
   [ address_match_list_element; ... ]
 address_match_list_element = [ ! ] (ip_address [/length] |
@@ -233,7 +233,7 @@ are restricted to slave and stub zones.
 
 
 
-Definition and Usage
+Definition and Usage
 Address match lists are primarily used to determine access
 control for various server operations. They are also used to define
 priorities for querying other nameservers and to set the addresses
@@ -288,14 +288,14 @@ other 1.2.3.* hosts fall through.
 
 
 
-Comment Syntax
+Comment Syntax
 The BIND 9 comment syntax allows for comments to appear
       anywhere that white space may appear in a BIND configuration
       file. To appeal to programmers of all kinds, they can be written
       in C, C++, or shell/perl constructs.
 
 
-Syntax
+Syntax
 /* This is a BIND comment as in C */
 
 
@@ -308,7 +308,7 @@ other 1.2.3.* hosts fall through.
 
 
 
-Definition and Usage
+Definition and Usage
 Comments may appear anywhere that whitespace may appear in
 a BIND configuration file.
 C-style comments start with the two characters /* (slash,
@@ -417,7 +417,7 @@ a per-server basis.
     configuration.
 
 
-acl Statement Grammar
+acl Statement Grammar
 acl acl-name { 
     address_match_list 
 };
@@ -470,7 +470,7 @@ complete set of local IPv6 addresses for a host.
 
 
 
-controls Statement Grammar
+controls Statement Grammar
 controls {
    inet ( ip_addr | * ) [ port ip_port ] allow {  address_match_list  }
                 keys {  key_list  };
@@ -568,12 +568,12 @@ statement: controls { };.
 
 
 
-include Statement Grammar
+include Statement Grammar
 include filename;
 
 
 
-include Statement Definition and Usage
+include Statement Definition and Usage
 The include statement inserts the
       specified file at the point that the include
       statement is encountered. The include
@@ -584,7 +584,7 @@ statement: controls { };.
 
 

 
-key Statement Grammar
+key Statement Grammar
 key key_id {
     algorithm string;
     secret string;
@@ -593,7 +593,7 @@ statement: controls { };.
 
 
 
-key Statement Definition and Usage
+key Statement Definition and Usage
 The key statement defines a shared
 secret key for use with TSIG, see the section called “TSIG”.
 
@@ -621,7 +621,7 @@ string.
 
 
 
-logging Statement Grammar
+logging Statement Grammar
 logging {
    [ channel channel_name {
      ( file path name
@@ -645,7 +645,7 @@ string.
 
 
 
-logging Statement Definition and Usage
+logging Statement Definition and Usage
 The logging statement configures a wide
 variety of logging options for the nameserver. Its channel phrase
 associates output methods, format options and severity levels with
@@ -668,7 +668,7 @@ channels, or to standard error if the "-g" option
 was specified.
 
 
-The channel Phrase
+The channel Phrase
 All log output goes to one or more channels;
 you can make as many of them as you want.
 Every channel definition must include a destination clause that
@@ -963,7 +963,7 @@ a delegation-only in a hint or stu
 
 

 
-lwres Statement Grammar
+lwres Statement Grammar
  This is the grammar of the lwres
 statement in the named.conf file:
 lwres {
@@ -976,7 +976,7 @@ statement in the named.conf file:
 
 
 
-lwres Statement Definition and Usage
+lwres Statement Definition and Usage
 The lwres statement configures the name
 server to also act as a lightweight resolver server, see
 the section called “Running a Resolver Daemon”.  There may be be multiple
@@ -1004,7 +1004,7 @@ exact match lookup before search path elements are appended.
 
 
 
-options Statement Grammar
+options Statement Grammar
 This is the grammar of the options
 statement in the named.conf file:
 options {
@@ -1102,7 +1102,7 @@ statement in the named.conf file:
 
 
 
-options Statement Definition and Usage
+options Statement Definition and Usage
 The options statement sets up global options
 to be used by BIND. This statement may appear only
 once in a configuration file. If more than one occurrence is found,
@@ -1453,7 +1453,7 @@ The use of this option for any other purpose is discouraged.
 
 

 
-Forwarding
+Forwarding
 The forwarding facility can be used to create a large site-wide
 cache on a few servers, reducing traffic over links to external
 nameservers. It can also be used to allow queries by servers that
@@ -1530,7 +1530,7 @@ from these addresses will not be responded to. The default is 
 

-Interfaces

+Interfaces
 The interfaces and ports that the server will answer queries
 from may be specified using the listen-on option. listen-on takes
 an optional port, and an address_match_list.
@@ -1572,7 +1572,7 @@ the server will not listen on any IPv6 address.
 
 
 
-Query Address
+Query Address
 If the server doesn't know the answer to a question, it will
 query other nameservers. query-source specifies
 the address and port used for such queries. For queries sent over
@@ -1718,7 +1718,7 @@ but applies to notify messages sent to IPv6 addresses.
 
 
 
-Operating System Resource Limits
+Operating System Resource Limits
 The server's usage of many system resources can be limited.
 Scaled values are allowed when specifying resource limits.  For
 example, 1G can be used instead of
@@ -1762,7 +1762,7 @@ may use. The default is default.
 
 
 
-Server  Resource Limits
+Server  Resource Limits
 The following options set limits on the server's
 resource consumption that are enforced internally by the
 server rather than the operating system.
@@ -1795,7 +1795,7 @@ records are purged from the cache only when their TTLs expire.
 
 
 
-Periodic Task Intervals
+Periodic Task Intervals
 
 cleaning-interval
 The server will remove expired resource records
@@ -2251,7 +2251,7 @@ supported.
 
 
 
-trusted-keys Statement Grammar
+trusted-keys Statement Grammar
 trusted-keys {
     string number number number string ;
     [ string number number number string ; [...]]
@@ -2260,7 +2260,7 @@ supported.
 
 
 
-trusted-keys Statement Definition
+trusted-keys Statement Definition
 and Usage
 The trusted-keys statement defines DNSSEC
 security roots. DNSSEC is described in the section called “DNSSEC”. A security root is defined when the public key for a non-authoritative
@@ -2276,7 +2276,7 @@ key data.
 
 
 
-view Statement Grammar
+view Statement Grammar
 view view_name [class] {
       match-clients { address_match_list } ;
       match-destinations { address_match_list } ;
@@ -2289,7 +2289,7 @@ key data.
 
 
 
-view Statement Definition and Usage
+view Statement Definition and Usage
 The view statement is a powerful new feature
 of BIND 9 that lets a name server answer a DNS query differently
 depending on who is asking. It is particularly useful for implementing
@@ -2404,10 +2404,10 @@ Statement Grammar
 
 

 
-zone Statement Definition and Usage
+zone Statement Definition and Usage
 
 
-Zone Types
+Zone Types

@@ -2518,7 +2518,7 @@ from forwarders.

-Class
+Class

The zone's name may optionally be followed by a class. If a class is not specified, class IN (for Internet), is assumed. This is correct for the vast majority of cases.
@@ -2533,7 +2533,7 @@ in the mid-1970s. Zone data for it can be specified with the -Zone Options +Zone Options allow-notify See the description of @@ -2749,7 +2749,7 @@ SIG, NS, SOA, and NXT. Types may be specified by name, including -Zone File +Zone File Types of Resource Records and When to Use Them @@ -2759,7 +2759,7 @@ Since the publication of RFC 1034, several new RRs have been identified and implemented in the DNS. These are also included. -Resource Records +Resource Records A domain name identifies a node. Each node has a set of resource information, which may be empty. The set of resource information associated with a particular name is composed of @@ -3034,7 +3034,7 @@ used as "pointers" to other data in the DNS. -Textual expression of RRs +Textual expression of RRs RRs are represented in binary form in the packets of the DNS protocol, and are usually represented in highly encoded form when stored in a nameserver or resolver. In the examples provided in @@ -3124,7 +3124,7 @@ each of a different class. -Discussion of MX Records +Discussion of MX Records As described above, domain servers store information as a series of resource records, each of which contains a particular piece of information about a given domain name (which is usually, @@ -3241,7 +3241,7 @@ can be explicitly specified, for example, 1h30m. -Inverse Mapping in IPv4 +Inverse Mapping in IPv4 Reverse name resolution (that is, translation from IP address to name) is achieved by means of the in-addr.arpa domain and PTR records. Entries in the in-addr.arpa domain are made in @@ -3279,7 +3279,7 @@ that the example is relative to the listed origin. -Other Zone File Directives +Other Zone File Directives The Master File Format was initially defined in RFC 1035 and has subsequently been extended. While the Master File Format itself is class independent all records in a Master File must be of the same @@ -3288,7 +3288,7 @@ class. and $TTL. -The $ORIGIN Directive +The $ORIGIN Directive Syntax: $ORIGIN domain-name [ comment] $ORIGIN sets the domain name that will @@ -3303,7 +3303,7 @@ WWW CNAME MAIN-SERVER -The $INCLUDE Directive +The $INCLUDE Directive Syntax: $INCLUDE filename [ origin ] [ comment ] @@ -3327,7 +3327,7 @@ This could be construed as a deviation from RFC 1035, a feature, or both. -The $TTL Directive +The $TTL Directive Syntax: $TTL default-ttl [ comment ] @@ -3338,7 +3338,7 @@ with undefined TTLs. Valid TTLs are of the range 0-2147483647 seconds. -BIND Master File Extension: the $GENERATE Directive +BIND Master File Extension: the $GENERATE Directive Syntax: $GENERATE range lhs type rhs [ comment ] $GENERATE is used to create a series of resource records that only differ from each other by an iterator. $GENERATE can diff --git a/doc/arm/Bv9ARM.ch07.html b/doc/arm/Bv9ARM.ch07.html index 4dd5855c74e..77c9db9b6bb 100644 --- a/doc/arm/Bv9ARM.ch07.html +++ b/doc/arm/Bv9ARM.ch07.html @@ -14,12 +14,12 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + Chapter 7. BIND 9 Security Considerations - + @@ -46,11 +46,11 @@ Table of Contents Access Control Lists -chroot and setuid (for + chroot and setuid (for UNIX servers) -The chroot Environment -Using the setuid Function +The chroot Environment +Using the setuid Function Dynamic Update Security @@ -100,7 +100,7 @@ see the AUSCERT advisory at -chroot and setuid (for +chroot and setuid (for UNIX servers) On UNIX servers, it is possible to run BIND in a chrooted environment (chroot()) by specifying the "-t" @@ -115,7 +115,7 @@ user 202: /usr/local/bin/named -u 202 -t /var/named -The chroot Environment +The chroot Environment In order for a chroot() environment to work properly in a particular directory (for example, /var/named), @@ -140,7 +140,7 @@ to set up things like -Using the setuid Function +Using the setuid Function Prior to running the named daemon, use the touch utility (to change file access and modification times) or the chown utility (to diff --git a/doc/arm/Bv9ARM.ch08.html b/doc/arm/Bv9ARM.ch08.html index b689e78c5ff..6264448e25f 100644 --- a/doc/arm/Bv9ARM.ch08.html +++ b/doc/arm/Bv9ARM.ch08.html @@ -14,12 +14,12 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + Chapter 8. Troubleshooting - + @@ -45,18 +45,18 @@ Table of Contents -Common Problems -It's not working; how can I figure out what's wrong? -Incrementing and Changing the Serial Number -Where Can I Get Help? +Common Problems +It's not working; how can I figure out what's wrong? +Incrementing and Changing the Serial Number +Where Can I Get Help? -Common Problems +Common Problems -It's not working; how can I figure out what's wrong? +It's not working; how can I figure out what's wrong? The best solution to solving installation and configuration issues is to take preventative measures by setting up logging files beforehand. The log files provide a @@ -66,7 +66,7 @@ -Incrementing and Changing the Serial Number +Incrementing and Changing the Serial Number Zone serial numbers are just numbers-they aren't date related. A lot of people set them to a number that represents a date, usually of the form YYYYMMDDRR. A number of people have been @@ -87,7 +87,7 @@ -Where Can I Get Help? +Where Can I Get Help? The Internet Software Consortium (ISC) offers a wide range of support and service agreements for BIND and DHCP servers. Four levels of premium support are available and each level includes diff --git a/doc/arm/Bv9ARM.ch09.html b/doc/arm/Bv9ARM.ch09.html index 7b986b05b6b..684d03af20e 100644 --- a/doc/arm/Bv9ARM.ch09.html +++ b/doc/arm/Bv9ARM.ch09.html @@ -14,12 +14,12 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + Appendix A. Appendices - + @@ -43,26 +43,26 @@ Table of Contents -Acknowledgements -A Brief History of the DNS and BIND +Acknowledgements +A Brief History of the DNS and BIND Historical DNS Information Classes of Resource Records -General DNS Reference Information +General DNS Reference Information IPv6 addresses (A6) Bibliography (and Suggested Reading) Request for Comments (RFCs) Internet Drafts -Other Documents About BIND +Other Documents About BIND -Acknowledgements +Acknowledgements -A Brief History of the DNS and BIND +A Brief History of the DNS and BIND Although the "official" beginning of the Domain Name System occurred in 1984 with the publication of RFC 920, the core of the new system was described in 1983 in RFCs 882 and @@ -122,7 +122,7 @@ individuals. Classes of Resource Records -HS = hesiod +HS = hesiod The [hesiod] class is an information service developed by MIT's Project Athena. It is used to share information about various systems databases, such as users, groups, printers @@ -131,7 +131,7 @@ hesiod. -CH = chaos +CH = chaos The chaos class is used to specify zone data for the MIT-developed CHAOSnet, a LAN protocol created in the mid-1970s. @@ -140,7 +140,7 @@ mid-1970s. -General DNS Reference Information +General DNS Reference Information IPv6 addresses (A6) @@ -320,7 +320,7 @@ the number of the RFC). RFCs are also available via the Web at -Bibliography +Bibliography Standards [RFC974] C. Partridge. Mail Routing and the Domain System. January 1986. @@ -421,11 +421,11 @@ after which they are deleted unless updated by their authors. -Other Documents About BIND +Other Documents About BIND -Bibliography +Bibliography Paul Albitz and Cricket Liu. DNS and BIND. Copyright © 1998 Sebastopol, CA: O'Reilly and Associates. diff --git a/doc/arm/Bv9ARM.html b/doc/arm/Bv9ARM.html index 258abbb67e0..656542929c7 100644 --- a/doc/arm/Bv9ARM.html +++ b/doc/arm/Bv9ARM.html @@ -14,12 +14,12 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + BIND 9 Administrator Reference Manual - + @@ -40,7 +40,7 @@ -BIND 9 Administrator Reference Manual +BIND 9 Administrator Reference Manual Copyright © 2004, 2005 Internet Systems Consortium, Inc. ("ISC") Copyright © 2000-2003 Internet Software Consortium. @@ -51,40 +51,40 @@ 1. Introduction -Scope of Document -Organization of This Document -Conventions Used in This Document -The Domain Name System (DNS) +Scope of Document +Organization of This Document +Conventions Used in This Document +The Domain Name System (DNS) -DNS Fundamentals -Domains and Domain Names -Zones -Authoritative Name Servers -Caching Name Servers -Name Servers in Multiple Roles +DNS Fundamentals +Domains and Domain Names +Zones +Authoritative Name Servers +Caching Name Servers +Name Servers in Multiple Roles 2. BIND Resource Requirements -Hardware requirements -CPU Requirements -Memory Requirements -Nameserver Intensive Environment Issues -Supported Operating Systems +Hardware requirements +CPU Requirements +Memory Requirements +Nameserver Intensive Environment Issues +Supported Operating Systems 3. Nameserver Configuration Sample Configurations -A Caching-only Nameserver -An Authoritative-only Nameserver +A Caching-only Nameserver +An Authoritative-only Nameserver -Load Balancing +Load Balancing Notify -Nameserver Operations +Nameserver Operations -Tools for Use With the Nameserver Daemon -Signals +Tools for Use With the Nameserver Daemon +Signals 4. Advanced Concepts @@ -92,35 +92,35 @@ Dynamic Update The journal file Incremental Zone Transfers (IXFR) -Split DNS +Split DNS TSIG -Generate Shared Keys for Each Pair of Hosts -Copying the Shared Secret to Both Machines -Informing the Servers of the Key's Existence -Instructing the Server to Use the Key -TSIG Key Based Access Control -Errors +Generate Shared Keys for Each Pair of Hosts +Copying the Shared Secret to Both Machines +Informing the Servers of the Key's Existence +Instructing the Server to Use the Key +TSIG Key Based Access Control +Errors -TKEY -SIG(0) +TKEY +SIG(0) DNSSEC -Generating Keys -Creating a Keyset -Signing the Child's Keyset -Signing the Zone -Configuring Servers +Generating Keys +Creating a Keyset +Signing the Child's Keyset +Signing the Zone +Configuring Servers -IPv6 Support in BIND 9 +IPv6 Support in BIND 9 -Address Lookups Using AAAA Records -Address to Name Lookups Using Nibble Format +Address Lookups Using AAAA Records +Address to Name Lookups Using Nibble Format 5. The BIND 9 Lightweight Resolver -The Lightweight Resolver Library +The Lightweight Resolver Library Running a Resolver Daemon 6. BIND 9 Configuration Reference @@ -128,77 +128,77 @@ Configuration File Elements Address Match Lists -Comment Syntax +Comment Syntax Configuration File Grammar -acl Statement Grammar +acl Statement Grammar acl Statement Definition and Usage -controls Statement Grammar +controls Statement Grammar controls Statement Definition and Usage -include Statement Grammar -include Statement Definition and Usage -key Statement Grammar -key Statement Definition and Usage -logging Statement Grammar -logging Statement Definition and Usage -lwres Statement Grammar -lwres Statement Definition and Usage -options Statement Grammar -options Statement Definition and Usage +include Statement Grammar +include Statement Definition and Usage +key Statement Grammar +key Statement Definition and Usage +logging Statement Grammar +logging Statement Definition and Usage +lwres Statement Grammar +lwres Statement Definition and Usage +options Statement Grammar +options Statement Definition and Usage server Statement Grammar server Statement Definition and Usage -trusted-keys Statement Grammar -trusted-keys Statement Definition + trusted-keys Statement Grammar +trusted-keys Statement Definition and Usage -view Statement Grammar -view Statement Definition and Usage +view Statement Grammar +view Statement Definition and Usage zone Statement Grammar -zone Statement Definition and Usage +zone Statement Definition and Usage -Zone File +Zone File Types of Resource Records and When to Use Them -Discussion of MX Records +Discussion of MX Records Setting TTLs -Inverse Mapping in IPv4 -Other Zone File Directives -BIND Master File Extension: the $GENERATE Directive +Inverse Mapping in IPv4 +Other Zone File Directives +BIND Master File Extension: the $GENERATE Directive 7. BIND 9 Security Considerations Access Control Lists -chroot and setuid (for + chroot and setuid (for UNIX servers) -The chroot Environment -Using the setuid Function +The chroot Environment +Using the setuid Function Dynamic Update Security 8. Troubleshooting -Common Problems -It's not working; how can I figure out what's wrong? -Incrementing and Changing the Serial Number -Where Can I Get Help? +Common Problems +It's not working; how can I figure out what's wrong? +Incrementing and Changing the Serial Number +Where Can I Get Help? A. Appendices -Acknowledgements -A Brief History of the DNS and BIND +Acknowledgements +A Brief History of the DNS and BIND Historical DNS Information Classes of Resource Records -General DNS Reference Information +General DNS Reference Information IPv6 addresses (A6) Bibliography (and Suggested Reading) Request for Comments (RFCs) Internet Drafts -Other Documents About BIND +Other Documents About BIND diff --git a/lib/lwres/man/lwres.3 b/lib/lwres/man/lwres.3 index 4d0a8468f3f..fb018323044 100644 --- a/lib/lwres/man/lwres.3 +++ b/lib/lwres/man/lwres.3 @@ -13,85 +13,145 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres.3,v 1.15.2.4 2005/09/12 00:29:02 marka Exp $ +.\" $Id: lwres.3,v 1.15.2.5 2005/10/13 02:23:40 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres \- introduction to the lightweight resolver library .SH "SYNOPSIS" .nf -#include +#include .fi .SH "DESCRIPTION" .PP -The BIND 9 lightweight resolver library is a simple, name service independent stub resolver library\&. It provides hostname\-to\-address and address\-to\-hostname lookup services to applications by transmitting lookup requests to a resolver daemon \fBlwresd\fR running on the local host\&. The resover daemon performs the lookup using the DNS or possibly other name service protocols, and returns the results to the application through the library\&. The library and resolver daemon communicate using a simple UDP\-based protocol\&. +The BIND 9 lightweight resolver library is a simple, name service independent stub resolver library. It provides hostname\-to\-address and address\-to\-hostname lookup services to applications by transmitting lookup requests to a resolver daemon +\fBlwresd\fR +running on the local host. The resover daemon performs the lookup using the DNS or possibly other name service protocols, and returns the results to the application through the library. The library and resolver daemon communicate using a simple UDP\-based protocol. .SH "OVERVIEW" .PP -The lwresd library implements multiple name service APIs\&. The standard \fBgethostbyname()\fR, \fBgethostbyaddr()\fR, \fBgethostbyname_r()\fR, \fBgethostbyaddr_r()\fR, \fBgetaddrinfo()\fR, \fBgetipnodebyname()\fR, and \fBgetipnodebyaddr()\fR functions are all supported\&. To allow the lwres library to coexist with system libraries that define functions of the same name, the library defines these functions with names prefixed by lwres_\&. To define the standard names, applications must include the header file \fI\fR which contains macro definitions mapping the standard function names into lwres_ prefixed ones\&. Operating system vendors who integrate the lwres library into their base distributions should rename the functions in the library proper so that the renaming macros are not needed\&. -.PP -The library also provides a native API consisting of the functions \fBlwres_getaddrsbyname()\fR and \fBlwres_getnamebyaddr()\fR\&. These may be called by applications that require more detailed control over the lookup process than the standard functions provide\&. -.PP -In addition to these name service independent address lookup functions, the library implements a new, experimental API for looking up arbitrary DNS resource records, using the \fBlwres_getaddrsbyname()\fR function\&. -.PP -Finally, there is a low\-level API for converting lookup requests and responses to and from raw lwres protocol packets\&. This API can be used by clients requiring nonblocking operation, and is also used when implementing the server side of the lwres protocol, for example in the \fBlwresd\fR resolver daemon\&. The use of this low\-level API in clients and servers is outlined in the following sections\&. -.SH "CLIENT-SIDE LOW-LEVEL API CALL FLOW" -.PP -When a client program wishes to make an lwres request using the native low\-level API, it typically performs the following sequence of actions\&. -.PP -(1) Allocate or use an existing \fBlwres_packet_t\fR, called \fIpkt\fR below\&. -.PP -(2) Set pkt\&.recvlength to the maximum length we will accept\&. This is done so the receiver of our packets knows how large our receive buffer is\&. The "default" is a constant in \fIlwres\&.h\fR: \fBLWRES_RECVLENGTH = 4096\fR\&. -.PP -(3) Set pkt\&.serial to a unique serial number\&. This value is echoed back to the application by the remote server\&. -.PP -(4) Set pkt\&.pktflags\&. Usually this is set to 0\&. -.PP -(5) Set pkt\&.result to 0\&. -.PP -(6) Call \fBlwres_*request_render()\fR, or marshall in the data using the primitives such as \fBlwres_packet_render()\fR and storing the packet data\&. -.PP -(7) Transmit the resulting buffer\&. -.PP -(8) Call \fBlwres_*response_parse()\fR to parse any packets received\&. -.PP -(9) Verify that the opcode and serial match a request, and process the packet specific information contained in the body\&. -.SH "SERVER-SIDE LOW-LEVEL API CALL FLOW" -.PP -When implementing the server side of the lightweight resolver protocol using the lwres library, a sequence of actions like the following is typically involved in processing each request packet\&. -.PP -Note that the same \fBlwres_packet_t\fR is used in both the \fB_parse()\fR and \fB_render()\fR calls, with only a few modifications made to the packet header's contents between uses\&. This method is recommended as it keeps the serial, opcode, and other fields correct\&. -.PP -(1) When a packet is received, call \fBlwres_*request_parse()\fR to unmarshall it\&. This returns a \fBlwres_packet_t\fR (also called \fIpkt\fR, below) as well as a data specific type, such as \fBlwres_gabnrequest_t\fR\&. -.PP -(2) Process the request in the data specific type\&. -.PP -(3) Set the pkt\&.result, pkt\&.recvlength as above\&. All other fields can be left untouched since they were filled in by the \fB*_parse()\fR call above\&. If using \fBlwres_*response_render()\fR, pkt\&.pktflags will be set up properly\&. Otherwise, the \fBLWRES_LWPACKETFLAG_RESPONSE\fR bit should be set\&. -.PP -(4) Call the data specific rendering function, such as \fBlwres_gabnresponse_render()\fR\&. -.PP -(5) Send the resulting packet to the client\&. +The lwresd library implements multiple name service APIs. The standard +\fBgethostbyname()\fR, +\fBgethostbyaddr()\fR, +\fBgethostbyname_r()\fR, +\fBgethostbyaddr_r()\fR, +\fBgetaddrinfo()\fR, +\fBgetipnodebyname()\fR, and +\fBgetipnodebyaddr()\fR +functions are all supported. To allow the lwres library to coexist with system libraries that define functions of the same name, the library defines these functions with names prefixed by +lwres_. To define the standard names, applications must include the header file +\fI\fR +which contains macro definitions mapping the standard function names into +lwres_ +prefixed ones. Operating system vendors who integrate the lwres library into their base distributions should rename the functions in the library proper so that the renaming macros are not needed. +.PP +The library also provides a native API consisting of the functions +\fBlwres_getaddrsbyname()\fR +and +\fBlwres_getnamebyaddr()\fR. These may be called by applications that require more detailed control over the lookup process than the standard functions provide. +.PP +In addition to these name service independent address lookup functions, the library implements a new, experimental API for looking up arbitrary DNS resource records, using the +\fBlwres_getaddrsbyname()\fR +function. +.PP +Finally, there is a low\-level API for converting lookup requests and responses to and from raw lwres protocol packets. This API can be used by clients requiring nonblocking operation, and is also used when implementing the server side of the lwres protocol, for example in the +\fBlwresd\fR +resolver daemon. The use of this low\-level API in clients and servers is outlined in the following sections. +.SH "CLIENT\-SIDE LOW\-LEVEL API CALL FLOW" +.PP +When a client program wishes to make an lwres request using the native low\-level API, it typically performs the following sequence of actions. +.PP +(1) Allocate or use an existing +\fBlwres_packet_t\fR, called +\fIpkt\fR +below. +.PP +(2) Set +pkt.recvlength +to the maximum length we will accept. This is done so the receiver of our packets knows how large our receive buffer is. The "default" is a constant in +\fIlwres.h\fR: +\fBLWRES_RECVLENGTH = 4096\fR. +.PP +(3) Set +pkt.serial +to a unique serial number. This value is echoed back to the application by the remote server. +.PP +(4) Set +pkt.pktflags. Usually this is set to 0. +.PP +(5) Set +pkt.result +to 0. +.PP +(6) Call +\fBlwres_*request_render()\fR, or marshall in the data using the primitives such as +\fBlwres_packet_render()\fR +and storing the packet data. +.PP +(7) Transmit the resulting buffer. +.PP +(8) Call +\fBlwres_*response_parse()\fR +to parse any packets received. +.PP +(9) Verify that the opcode and serial match a request, and process the packet specific information contained in the body. +.SH "SERVER\-SIDE LOW\-LEVEL API CALL FLOW" +.PP +When implementing the server side of the lightweight resolver protocol using the lwres library, a sequence of actions like the following is typically involved in processing each request packet. +.PP +Note that the same +\fBlwres_packet_t\fR +is used in both the +\fB_parse()\fR +and +\fB_render()\fR +calls, with only a few modifications made to the packet header's contents between uses. This method is recommended as it keeps the serial, opcode, and other fields correct. +.PP +(1) When a packet is received, call +\fBlwres_*request_parse()\fR +to unmarshall it. This returns a +\fBlwres_packet_t\fR +(also called +\fIpkt\fR, below) as well as a data specific type, such as +\fBlwres_gabnrequest_t\fR. +.PP +(2) Process the request in the data specific type. +.PP +(3) Set the +pkt.result, +pkt.recvlength +as above. All other fields can be left untouched since they were filled in by the +\fB*_parse()\fR +call above. If using +\fBlwres_*response_render()\fR, +pkt.pktflags +will be set up properly. Otherwise, the +\fBLWRES_LWPACKETFLAG_RESPONSE\fR +bit should be set. +.PP +(4) Call the data specific rendering function, such as +\fBlwres_gabnresponse_render()\fR. +.PP +(5) Send the resulting packet to the client. .PP .SH "SEE ALSO" .PP - \fBlwres_gethostent\fR(3), \fBlwres_getipnode\fR(3), \fBlwres_getnameinfo\fR(3), \fBlwres_noop\fR(3), \fBlwres_gabn\fR(3), \fBlwres_gnba\fR(3), \fBlwres_context\fR(3), \fBlwres_config\fR(3), \fBresolver\fR(5), \fBlwresd\fR(8)\&. +\fBlwres_gethostent\fR(3), +\fBlwres_getipnode\fR(3), +\fBlwres_getnameinfo\fR(3), +\fBlwres_noop\fR(3), +\fBlwres_gabn\fR(3), +\fBlwres_gnba\fR(3), +\fBlwres_context\fR(3), +\fBlwres_config\fR(3), +\fBresolver\fR(5), +\fBlwresd\fR(8). diff --git a/lib/lwres/man/lwres.html b/lib/lwres/man/lwres.html index 6a261410053..f0a56a478b4 100644 --- a/lib/lwres/man/lwres.html +++ b/lib/lwres/man/lwres.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres - + - + Name lwres — introduction to the lightweight resolver library @@ -32,7 +32,7 @@ #include <lwres/lwres.h> -DESCRIPTION +DESCRIPTION The BIND 9 lightweight resolver library is a simple, name service independent stub resolver library. It provides hostname-to-address @@ -47,7 +47,7 @@ UDP-based protocol. -OVERVIEW +OVERVIEW The lwresd library implements multiple name service APIs. The standard @@ -101,7 +101,7 @@ and servers is outlined in the following sections. -CLIENT-SIDE LOW-LEVEL API CALL FLOW +CLIENT-SIDE LOW-LEVEL API CALL FLOW When a client program wishes to make an lwres request using the native low-level API, it typically performs the following @@ -147,7 +147,7 @@ packet specific information contained in the body. -SERVER-SIDE LOW-LEVEL API CALL FLOW +SERVER-SIDE LOW-LEVEL API CALL FLOW When implementing the server side of the lightweight resolver protocol using the lwres library, a sequence of actions like the @@ -188,7 +188,7 @@ set. -SEE ALSO +SEE ALSO lwres_gethostent(3), diff --git a/lib/lwres/man/lwres_buffer.3 b/lib/lwres/man/lwres_buffer.3 index 193fc6ab3b7..fbf0992faf0 100644 --- a/lib/lwres/man/lwres_buffer.3 +++ b/lib/lwres/man/lwres_buffer.3 @@ -13,77 +13,81 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_buffer.3,v 1.12.2.5 2005/09/12 00:29:03 marka Exp $ +.\" $Id: lwres_buffer.3,v 1.12.2.6 2005/10/13 02:23:40 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_BUFFER" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_BUFFER" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtract, lwres_buffer_clear, lwres_buffer_first, lwres_buffer_forward, lwres_buffer_back, lwres_buffer_getuint8, lwres_buffer_putuint8, lwres_buffer_getuint16, lwres_buffer_putuint16, lwres_buffer_getuint32, lwres_buffer_putuint32, lwres_buffer_putmem, lwres_buffer_getmem \- lightweight resolver buffer management .SH "SYNOPSIS" .nf -#include +#include .fi +.HP 23 +\fBvoid\ \fBlwres_buffer_init\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBvoid\ *base\fR\fB, \fR\fBunsigned\ int\ length\fR\fB);\fR +.HP 29 +\fBvoid\ \fBlwres_buffer_invalidate\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB);\fR +.HP 22 +\fBvoid\ \fBlwres_buffer_add\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBunsigned\ int\ n\fR\fB);\fR +.HP 27 +\fBvoid\ \fBlwres_buffer_subtract\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBunsigned\ int\ n\fR\fB);\fR .HP 24 -void\ \fBlwres_buffer_init\fR\ (lwres_buffer_t\ *b, void\ *base, unsigned\ int\ length); -.HP 30 -void\ \fBlwres_buffer_invalidate\fR\ (lwres_buffer_t\ *b); +\fBvoid\ \fBlwres_buffer_clear\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB);\fR +.HP 24 +\fBvoid\ \fBlwres_buffer_first\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB);\fR +.HP 26 +\fBvoid\ \fBlwres_buffer_forward\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBunsigned\ int\ n\fR\fB);\fR .HP 23 -void\ \fBlwres_buffer_add\fR\ (lwres_buffer_t\ *b, unsigned\ int\ n); +\fBvoid\ \fBlwres_buffer_back\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBunsigned\ int\ n\fR\fB);\fR +.HP 36 +\fBlwres_uint8_t\ \fBlwres_buffer_getuint8\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB);\fR +.HP 27 +\fBvoid\ \fBlwres_buffer_putuint8\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_uint8_t\ val\fR\fB);\fR +.HP 38 +\fBlwres_uint16_t\ \fBlwres_buffer_getuint16\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB);\fR +.HP 28 +\fBvoid\ \fBlwres_buffer_putuint16\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_uint16_t\ val\fR\fB);\fR +.HP 38 +\fBlwres_uint32_t\ \fBlwres_buffer_getuint32\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB);\fR .HP 28 -void\ \fBlwres_buffer_subtract\fR\ (lwres_buffer_t\ *b, unsigned\ int\ n); +\fBvoid\ \fBlwres_buffer_putuint32\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_uint32_t\ val\fR\fB);\fR .HP 25 -void\ \fBlwres_buffer_clear\fR\ (lwres_buffer_t\ *b); +\fBvoid\ \fBlwres_buffer_putmem\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBconst\ unsigned\ char\ *base\fR\fB, \fR\fBunsigned\ int\ length\fR\fB);\fR .HP 25 -void\ \fBlwres_buffer_first\fR\ (lwres_buffer_t\ *b); -.HP 27 -void\ \fBlwres_buffer_forward\fR\ (lwres_buffer_t\ *b, unsigned\ int\ n); -.HP 24 -void\ \fBlwres_buffer_back\fR\ (lwres_buffer_t\ *b, unsigned\ int\ n); -.HP 37 -lwres_uint8_t\ \fBlwres_buffer_getuint8\fR\ (lwres_buffer_t\ *b); -.HP 28 -void\ \fBlwres_buffer_putuint8\fR\ (lwres_buffer_t\ *b, lwres_uint8_t\ val); -.HP 39 -lwres_uint16_t\ \fBlwres_buffer_getuint16\fR\ (lwres_buffer_t\ *b); -.HP 29 -void\ \fBlwres_buffer_putuint16\fR\ (lwres_buffer_t\ *b, lwres_uint16_t\ val); -.HP 39 -lwres_uint32_t\ \fBlwres_buffer_getuint32\fR\ (lwres_buffer_t\ *b); -.HP 29 -void\ \fBlwres_buffer_putuint32\fR\ (lwres_buffer_t\ *b, lwres_uint32_t\ val); -.HP 26 -void\ \fBlwres_buffer_putmem\fR\ (lwres_buffer_t\ *b, const\ unsigned\ char\ *base, unsigned\ int\ length); -.HP 26 -void\ \fBlwres_buffer_getmem\fR\ (lwres_buffer_t\ *b, unsigned\ char\ *base, unsigned\ int\ length); +\fBvoid\ \fBlwres_buffer_getmem\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBunsigned\ char\ *base\fR\fB, \fR\fBunsigned\ int\ length\fR\fB);\fR .SH "DESCRIPTION" .PP -These functions provide bounds checked access to a region of memory where data is being read or written\&. They are based on, and similar to, the isc_buffer_ functions in the ISC library\&. -.PP -A buffer is a region of memory, together with a set of related subregions\&. The \fIused region\fR and the \fIavailable\fR region are disjoint, and their union is the buffer's region\&. The used region extends from the beginning of the buffer region to the last used byte\&. The available region extends from one byte greater than the last used byte to the end of the buffer's region\&. The size of the used region can be changed using various buffer commands\&. Initially, the used region is empty\&. -.PP -The used region is further subdivided into two disjoint regions: the \fIconsumed region\fR and the \fIremaining region\fR\&. The union of these two regions is the used region\&. The consumed region extends from the beginning of the used region to the byte before the \fIcurrent\fR offset (if any)\&. The \fIremaining\fR region the current pointer to the end of the used region\&. The size of the consumed region can be changed using various buffer commands\&. Initially, the consumed region is empty\&. -.PP -The \fIactive region\fR is an (optional) subregion of the remaining region\&. It extends from the current offset to an offset in the remaining region\&. Initially, the active region is empty\&. If the current offset advances beyond the chosen offset, the active region will also be empty\&. +These functions provide bounds checked access to a region of memory where data is being read or written. They are based on, and similar to, the +isc_buffer_ +functions in the ISC library. +.PP +A buffer is a region of memory, together with a set of related subregions. The +\fIused region\fR +and the +\fIavailable\fR +region are disjoint, and their union is the buffer's region. The used region extends from the beginning of the buffer region to the last used byte. The available region extends from one byte greater than the last used byte to the end of the buffer's region. The size of the used region can be changed using various buffer commands. Initially, the used region is empty. +.PP +The used region is further subdivided into two disjoint regions: the +\fIconsumed region\fR +and the +\fIremaining region\fR. The union of these two regions is the used region. The consumed region extends from the beginning of the used region to the byte before the +\fIcurrent\fR +offset (if any). The +\fIremaining\fR +region the current pointer to the end of the used region. The size of the consumed region can be changed using various buffer commands. Initially, the consumed region is empty. +.PP +The +\fIactive region\fR +is an (optional) subregion of the remaining region. It extends from the current offset to an offset in the remaining region. Initially, the active region is empty. If the current offset advances beyond the chosen offset, the active region will also be empty. .PP .nf /\-\-\-\-\-\-\-\-\-\-\-\-entire length\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\\\\ @@ -92,32 +96,116 @@ The \fIactive region\fR is an (optional) subregion of the remaining region\&. It | consumed | remaining | | +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+ a b c d e - a == base of buffer\&. - b == current pointer\&. Can be anywhere between a and d\&. - c == active pointer\&. Meaningful between b and d\&. - d == used pointer\&. - e == length of buffer\&. - a\-e == entire length of buffer\&. - a\-d == used region\&. - a\-b == consumed region\&. - b\-d == remaining region\&. - b\-c == optional active region\&. + a == base of buffer. + b == current pointer. Can be anywhere between a and d. + c == active pointer. Meaningful between b and d. + d == used pointer. + e == length of buffer. + a\-e == entire length of buffer. + a\-d == used region. + a\-b == consumed region. + b\-d == remaining region. + b\-c == optional active region. .fi -.PP - \fBlwres_buffer_init()\fR initializes the \fBlwres_buffer_t\fR \fI*b\fR and assocates it with the memory region of size \fIlength\fR bytes starting at location \fIbase\&.\fR -.PP - \fBlwres_buffer_invalidate()\fR marks the buffer \fI*b\fR as invalid\&. Invalidating a buffer after use is not required, but makes it possible to catch its possible accidental use\&. -.PP -The functions \fBlwres_buffer_add()\fR and \fBlwres_buffer_subtract()\fR respectively increase and decrease the used space in buffer \fI*b\fR by \fIn\fR bytes\&. \fBlwres_buffer_add()\fR checks for buffer overflow and \fBlwres_buffer_subtract()\fR checks for underflow\&. These functions do not allocate or deallocate memory\&. They just change the value of used\&. -.PP -A buffer is re\-initialised by \fBlwres_buffer_clear()\fR\&. The function sets used , current and active to zero\&. -.PP - \fBlwres_buffer_first\fR makes the consumed region of buffer \fI*p\fR empty by setting current to zero (the start of the buffer)\&. -.PP - \fBlwres_buffer_forward()\fR increases the consumed region of buffer \fI*b\fR by \fIn\fR bytes, checking for overflow\&. Similarly, \fBlwres_buffer_back()\fR decreases buffer \fIb\fR's consumed region by \fIn\fR bytes and checks for underflow\&. -.PP - \fBlwres_buffer_getuint8()\fR reads an unsigned 8\-bit integer from \fI*b\fR and returns it\&. \fBlwres_buffer_putuint8()\fR writes the unsigned 8\-bit integer \fIval\fR to buffer \fI*b\fR\&. -.PP - \fBlwres_buffer_getuint16()\fR and \fBlwres_buffer_getuint32()\fR are identical to \fBlwres_buffer_putuint8()\fR except that they respectively read an unsigned 16\-bit or 32\-bit integer in network byte order from \fIb\fR\&. Similarly, \fBlwres_buffer_putuint16()\fR and \fBlwres_buffer_putuint32()\fR writes the unsigned 16\-bit or 32\-bit integer \fIval\fR to buffer \fIb\fR, in network byte order\&. -.PP -Arbitrary amounts of data are read or written from a lightweight resolver buffer with \fBlwres_buffer_getmem()\fR and \fBlwres_buffer_putmem()\fR respectively\&. \fBlwres_buffer_putmem()\fR copies \fIlength\fR bytes of memory at \fIbase\fR to \fIb\fR\&. Conversely, \fBlwres_buffer_getmem()\fR copies \fIlength\fR bytes of memory from \fIb\fR to \fIbase\fR\&. +.sp +.PP +\fBlwres_buffer_init()\fR +initializes the +\fBlwres_buffer_t\fR\fI*b\fR +and assocates it with the memory region of size +\fIlength\fR +bytes starting at location +\fIbase.\fR +.PP +\fBlwres_buffer_invalidate()\fR +marks the buffer +\fI*b\fR +as invalid. Invalidating a buffer after use is not required, but makes it possible to catch its possible accidental use. +.PP +The functions +\fBlwres_buffer_add()\fR +and +\fBlwres_buffer_subtract()\fR +respectively increase and decrease the used space in buffer +\fI*b\fR +by +\fIn\fR +bytes. +\fBlwres_buffer_add()\fR +checks for buffer overflow and +\fBlwres_buffer_subtract()\fR +checks for underflow. These functions do not allocate or deallocate memory. They just change the value of +used. +.PP +A buffer is re\-initialised by +\fBlwres_buffer_clear()\fR. The function sets +used +, +current +and +active +to zero. +.PP +\fBlwres_buffer_first\fR +makes the consumed region of buffer +\fI*p\fR +empty by setting +current +to zero (the start of the buffer). +.PP +\fBlwres_buffer_forward()\fR +increases the consumed region of buffer +\fI*b\fR +by +\fIn\fR +bytes, checking for overflow. Similarly, +\fBlwres_buffer_back()\fR +decreases buffer +\fIb\fR's consumed region by +\fIn\fR +bytes and checks for underflow. +.PP +\fBlwres_buffer_getuint8()\fR +reads an unsigned 8\-bit integer from +\fI*b\fR +and returns it. +\fBlwres_buffer_putuint8()\fR +writes the unsigned 8\-bit integer +\fIval\fR +to buffer +\fI*b\fR. +.PP +\fBlwres_buffer_getuint16()\fR +and +\fBlwres_buffer_getuint32()\fR +are identical to +\fBlwres_buffer_putuint8()\fR +except that they respectively read an unsigned 16\-bit or 32\-bit integer in network byte order from +\fIb\fR. Similarly, +\fBlwres_buffer_putuint16()\fR +and +\fBlwres_buffer_putuint32()\fR +writes the unsigned 16\-bit or 32\-bit integer +\fIval\fR +to buffer +\fIb\fR, in network byte order. +.PP +Arbitrary amounts of data are read or written from a lightweight resolver buffer with +\fBlwres_buffer_getmem()\fR +and +\fBlwres_buffer_putmem()\fR +respectively. +\fBlwres_buffer_putmem()\fR +copies +\fIlength\fR +bytes of memory at +\fIbase\fR +to +\fIb\fR. Conversely, +\fBlwres_buffer_getmem()\fR +copies +\fIlength\fR +bytes of memory from +\fIb\fR +to +\fIbase\fR. diff --git a/lib/lwres/man/lwres_buffer.html b/lib/lwres/man/lwres_buffer.html index d3d32c14220..7c8e8e91353 100644 --- a/lib/lwres/man/lwres_buffer.html +++ b/lib/lwres/man/lwres_buffer.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_buffer - + - + Name lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtract, lwres_buffer_clear, lwres_buffer_first, lwres_buffer_forward, lwres_buffer_back, lwres_buffer_getuint8, lwres_buffer_putuint8, lwres_buffer_getuint16, lwres_buffer_putuint16, lwres_buffer_getuint32, lwres_buffer_putuint32, lwres_buffer_putmem, lwres_buffer_getmem — lightweight resolver buffer management @@ -249,7 +249,7 @@ void -DESCRIPTION +DESCRIPTION These functions provide bounds checked access to a region of memory where data is being read or written. diff --git a/lib/lwres/man/lwres_config.3 b/lib/lwres/man/lwres_config.3 index d9e1b267cc9..2e9791217ae 100644 --- a/lib/lwres/man/lwres_config.3 +++ b/lib/lwres/man/lwres_config.3 @@ -13,63 +13,85 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_config.3,v 1.12.2.5 2005/09/12 00:29:03 marka Exp $ +.\" $Id: lwres_config.3,v 1.12.2.6 2005/10/13 02:23:40 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_CONFIG" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_CONFIG" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get \- lightweight resolver configuration .SH "SYNOPSIS" .nf -#include +#include .fi +.HP 21 +\fBvoid\ \fBlwres_conf_init\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB);\fR .HP 22 -void\ \fBlwres_conf_init\fR\ (lwres_context_t\ *ctx); -.HP 23 -void\ \fBlwres_conf_clear\fR\ (lwres_context_t\ *ctx); -.HP 33 -lwres_result_t\ \fBlwres_conf_parse\fR\ (lwres_context_t\ *ctx, const\ char\ *filename); -.HP 33 -lwres_result_t\ \fBlwres_conf_print\fR\ (lwres_context_t\ *ctx, FILE\ *fp); +\fBvoid\ \fBlwres_conf_clear\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB);\fR +.HP 32 +\fBlwres_result_t\ \fBlwres_conf_parse\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBconst\ char\ *filename\fR\fB);\fR .HP 32 -lwres_conf_t\ *\ \fBlwres_conf_get\fR\ (lwres_context_t\ *ctx); +\fBlwres_result_t\ \fBlwres_conf_print\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBFILE\ *fp\fR\fB);\fR +.HP 30 +\fBlwres_conf_t\ *\ \fBlwres_conf_get\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB);\fR .SH "DESCRIPTION" .PP - \fBlwres_conf_init()\fR creates an empty \fBlwres_conf_t\fR structure for lightweight resolver context \fIctx\fR\&. +\fBlwres_conf_init()\fR +creates an empty +\fBlwres_conf_t\fR +structure for lightweight resolver context +\fIctx\fR. .PP - \fBlwres_conf_clear()\fR frees up all the internal memory used by that \fBlwres_conf_t\fR structure in resolver context \fIctx\fR\&. +\fBlwres_conf_clear()\fR +frees up all the internal memory used by that +\fBlwres_conf_t\fR +structure in resolver context +\fIctx\fR. .PP - \fBlwres_conf_parse()\fR opens the file \fIfilename\fR and parses it to initialise the resolver context \fIctx\fR's \fBlwres_conf_t\fR structure\&. +\fBlwres_conf_parse()\fR +opens the file +\fIfilename\fR +and parses it to initialise the resolver context +\fIctx\fR's +\fBlwres_conf_t\fR +structure. .PP - \fBlwres_conf_print()\fR prints the \fBlwres_conf_t\fR structure for resolver context \fIctx\fR to the \fBFILE\fR \fIfp\fR\&. +\fBlwres_conf_print()\fR +prints the +\fBlwres_conf_t\fR +structure for resolver context +\fIctx\fR +to the +\fBFILE\fR\fIfp\fR. .SH "RETURN VALUES" .PP - \fBlwres_conf_parse()\fR returns \fBLWRES_R_SUCCESS\fR if it successfully read and parsed \fIfilename\fR\&. It returns \fBLWRES_R_FAILURE\fR if \fIfilename\fR could not be opened or contained incorrect resolver statements\&. +\fBlwres_conf_parse()\fR +returns +\fBLWRES_R_SUCCESS\fR +if it successfully read and parsed +\fIfilename\fR. It returns +\fBLWRES_R_FAILURE\fR +if +\fIfilename\fR +could not be opened or contained incorrect resolver statements. .PP - \fBlwres_conf_print()\fR returns \fBLWRES_R_SUCCESS\fR unless an error occurred when converting the network addresses to a numeric host address string\&. If this happens, the function returns \fBLWRES_R_FAILURE\fR\&. +\fBlwres_conf_print()\fR +returns +\fBLWRES_R_SUCCESS\fR +unless an error occurred when converting the network addresses to a numeric host address string. If this happens, the function returns +\fBLWRES_R_FAILURE\fR. .SH "SEE ALSO" .PP - \fBstdio\fR(3), \fBresolver\fR(5)\&. +\fBstdio\fR(3), +\fBresolver\fR(5). .SH "FILES" .PP - \fI/etc/resolv\&.conf\fR +\fI/etc/resolv.conf\fR diff --git a/lib/lwres/man/lwres_config.html b/lib/lwres/man/lwres_config.html index 95df403f2d8..cb42b163c85 100644 --- a/lib/lwres/man/lwres_config.html +++ b/lib/lwres/man/lwres_config.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_config - + - + Name lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get — lightweight resolver configuration @@ -88,7 +88,7 @@ lwres_conf_t * -DESCRIPTION +DESCRIPTION lwres_conf_init() creates an empty @@ -125,7 +125,7 @@ to the -RETURN VALUES +RETURN VALUES lwres_conf_parse() returns @@ -150,14 +150,14 @@ If this happens, the function returns -SEE ALSO +SEE ALSO stdio(3), resolver(5). -FILES +FILES /etc/resolv.conf diff --git a/lib/lwres/man/lwres_context.3 b/lib/lwres/man/lwres_context.3 index f037147258e..b781a7c6012 100644 --- a/lib/lwres/man/lwres_context.3 +++ b/lib/lwres/man/lwres_context.3 @@ -13,72 +13,149 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_context.3,v 1.13.2.6 2005/09/12 00:29:04 marka Exp $ +.\" $Id: lwres_context.3,v 1.13.2.7 2005/10/13 02:23:40 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_CONTEXT" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_CONTEXT" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv \- lightweight resolver context management .SH "SYNOPSIS" .nf -#include +#include .fi +.HP 36 +\fBlwres_result_t\ \fBlwres_context_create\fR\fR\fB(\fR\fBlwres_context_t\ **contextp\fR\fB, \fR\fBvoid\ *arg\fR\fB, \fR\fBlwres_malloc_t\ malloc_function\fR\fB, \fR\fBlwres_free_t\ free_function\fR\fB);\fR .HP 37 -lwres_result_t\ \fBlwres_context_create\fR\ (lwres_context_t\ **contextp, void\ *arg, lwres_malloc_t\ malloc_function, lwres_free_t\ free_function); -.HP 38 -lwres_result_t\ \fBlwres_context_destroy\fR\ (lwres_context_t\ **contextp); -.HP 31 -void\ \fBlwres_context_initserial\fR\ (lwres_context_t\ *ctx, lwres_uint32_t\ serial); -.HP 41 -lwres_uint32_t\ \fBlwres_context_nextserial\fR\ (lwres_context_t\ *ctx); +\fBlwres_result_t\ \fBlwres_context_destroy\fR\fR\fB(\fR\fBlwres_context_t\ **contextp\fR\fB);\fR +.HP 30 +\fBvoid\ \fBlwres_context_initserial\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_uint32_t\ serial\fR\fB);\fR +.HP 40 +\fBlwres_uint32_t\ \fBlwres_context_nextserial\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB);\fR +.HP 27 +\fBvoid\ \fBlwres_context_freemem\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBvoid\ *mem\fR\fB, \fR\fBsize_t\ len\fR\fB);\fR .HP 28 -void\ \fBlwres_context_freemem\fR\ (lwres_context_t\ *ctx, void\ *mem, size_t\ len); -.HP 29 -void\ \fBlwres_context_allocmem\fR\ (lwres_context_t\ *ctx, size_t\ len); -.HP 32 -void\ *\ \fBlwres_context_sendrecv\fR\ (lwres_context_t\ *ctx, void\ *sendbase, int\ sendlen, void\ *recvbase, int\ recvlen, int\ *recvd_len); +\fBvoid\ \fBlwres_context_allocmem\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBsize_t\ len\fR\fB);\fR +.HP 30 +\fBvoid\ *\ \fBlwres_context_sendrecv\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBvoid\ *sendbase\fR\fB, \fR\fBint\ sendlen\fR\fB, \fR\fBvoid\ *recvbase\fR\fB, \fR\fBint\ recvlen\fR\fB, \fR\fBint\ *recvd_len\fR\fB);\fR .SH "DESCRIPTION" .PP - \fBlwres_context_create()\fR creates a \fBlwres_context_t\fR structure for use in lightweight resolver operations\&. It holds a socket and other data needed for communicating with a resolver daemon\&. The new \fBlwres_context_t\fR is returned through \fIcontextp\fR, a pointer to a \fBlwres_context_t\fR pointer\&. This \fBlwres_context_t\fR pointer must initially be NULL, and is modified to point to the newly created \fBlwres_context_t\fR\&. +\fBlwres_context_create()\fR +creates a +\fBlwres_context_t\fR +structure for use in lightweight resolver operations. It holds a socket and other data needed for communicating with a resolver daemon. The new +\fBlwres_context_t\fR +is returned through +\fIcontextp\fR, a pointer to a +\fBlwres_context_t\fR +pointer. This +\fBlwres_context_t\fR +pointer must initially be NULL, and is modified to point to the newly created +\fBlwres_context_t\fR. .PP -When the lightweight resolver needs to perform dynamic memory allocation, it will call \fImalloc_function\fR to allocate memory and \fIfree_function\fR to free it\&. If \fImalloc_function\fR and \fIfree_function\fR are NULL, memory is allocated using \&.Xr malloc 3 and \fBfree\fR(3)\&. It is not permitted to have a NULL \fImalloc_function\fR and a non\-NULL \fIfree_function\fR or vice versa\&. \fIarg\fR is passed as the first parameter to the memory allocation functions\&. If \fImalloc_function\fR and \fIfree_function\fR are NULL, \fIarg\fR is unused and should be passed as NULL\&. +When the lightweight resolver needs to perform dynamic memory allocation, it will call +\fImalloc_function\fR +to allocate memory and +\fIfree_function\fR +to free it. If +\fImalloc_function\fR +and +\fIfree_function\fR +are NULL, memory is allocated using .Xr malloc 3 and +\fBfree\fR(3). It is not permitted to have a NULL +\fImalloc_function\fR +and a non\-NULL +\fIfree_function\fR +or vice versa. +\fIarg\fR +is passed as the first parameter to the memory allocation functions. If +\fImalloc_function\fR +and +\fIfree_function\fR +are NULL, +\fIarg\fR +is unused and should be passed as NULL. .PP -Once memory for the structure has been allocated, it is initialized using \fBlwres_conf_init\fR(3) and returned via \fI*contextp\fR\&. +Once memory for the structure has been allocated, it is initialized using +\fBlwres_conf_init\fR(3) +and returned via +\fI*contextp\fR. .PP - \fBlwres_context_destroy()\fR destroys a \fBlwres_context_t\fR, closing its socket\&. \fIcontextp\fR is a pointer to a pointer to the context that is to be destroyed\&. The pointer will be set to NULL when the context has been destroyed\&. +\fBlwres_context_destroy()\fR +destroys a +\fBlwres_context_t\fR, closing its socket. +\fIcontextp\fR +is a pointer to a pointer to the context that is to be destroyed. The pointer will be set to NULL when the context has been destroyed. .PP -The context holds a serial number that is used to identify resolver request packets and associate responses with the corresponding requests\&. This serial number is controlled using \fBlwres_context_initserial()\fR and \fBlwres_context_nextserial()\fR\&. \fBlwres_context_initserial()\fR sets the serial number for context \fI*ctx\fR to \fIserial\fR\&. \fBlwres_context_nextserial()\fR increments the serial number and returns the previous value\&. +The context holds a serial number that is used to identify resolver request packets and associate responses with the corresponding requests. This serial number is controlled using +\fBlwres_context_initserial()\fR +and +\fBlwres_context_nextserial()\fR. +\fBlwres_context_initserial()\fR +sets the serial number for context +\fI*ctx\fR +to +\fIserial\fR. +\fBlwres_context_nextserial()\fR +increments the serial number and returns the previous value. .PP -Memory for a lightweight resolver context is allocated and freed using \fBlwres_context_allocmem()\fR and \fBlwres_context_freemem()\fR\&. These use whatever allocations were defined when the context was created with \fBlwres_context_create()\fR\&. \fBlwres_context_allocmem()\fR allocates \fIlen\fR bytes of memory and if successful returns a pointer to the allocated storage\&. \fBlwres_context_freemem()\fR frees \fIlen\fR bytes of space starting at location \fImem\fR\&. +Memory for a lightweight resolver context is allocated and freed using +\fBlwres_context_allocmem()\fR +and +\fBlwres_context_freemem()\fR. These use whatever allocations were defined when the context was created with +\fBlwres_context_create()\fR. +\fBlwres_context_allocmem()\fR +allocates +\fIlen\fR +bytes of memory and if successful returns a pointer to the allocated storage. +\fBlwres_context_freemem()\fR +frees +\fIlen\fR +bytes of space starting at location +\fImem\fR. .PP - \fBlwres_context_sendrecv()\fR performs I/O for the context \fIctx\fR\&. Data are read and written from the context's socket\&. It writes data from \fIsendbase\fR -- typically a lightweight resolver query packet -- and waits for a reply which is copied to the receive buffer at \fIrecvbase\fR\&. The number of bytes that were written to this receive buffer is returned in \fI*recvd_len\fR\&. +\fBlwres_context_sendrecv()\fR +performs I/O for the context +\fIctx\fR. Data are read and written from the context's socket. It writes data from +\fIsendbase\fR +\(em typically a lightweight resolver query packet \(em and waits for a reply which is copied to the receive buffer at +\fIrecvbase\fR. The number of bytes that were written to this receive buffer is returned in +\fI*recvd_len\fR. .SH "RETURN VALUES" .PP - \fBlwres_context_create()\fR returns \fBLWRES_R_NOMEMORY\fR if memory for the \fBstruct lwres_context\fR could not be allocated, \fBLWRES_R_SUCCESS\fR otherwise\&. +\fBlwres_context_create()\fR +returns +\fBLWRES_R_NOMEMORY\fR +if memory for the +\fBstruct lwres_context\fR +could not be allocated, +\fBLWRES_R_SUCCESS\fR +otherwise. .PP -Successful calls to the memory allocator \fBlwres_context_allocmem()\fR return a pointer to the start of the allocated space\&. It returns NULL if memory could not be allocated\&. +Successful calls to the memory allocator +\fBlwres_context_allocmem()\fR +return a pointer to the start of the allocated space. It returns NULL if memory could not be allocated. .PP - \fBLWRES_R_SUCCESS\fR is returned when \fBlwres_context_sendrecv()\fR completes successfully\&. \fBLWRES_R_IOERROR\fR is returned if an I/O error occurs and \fBLWRES_R_TIMEOUT\fR is returned if \fBlwres_context_sendrecv()\fR times out waiting for a response\&. +\fBLWRES_R_SUCCESS\fR +is returned when +\fBlwres_context_sendrecv()\fR +completes successfully. +\fBLWRES_R_IOERROR\fR +is returned if an I/O error occurs and +\fBLWRES_R_TIMEOUT\fR +is returned if +\fBlwres_context_sendrecv()\fR +times out waiting for a response. .SH "SEE ALSO" .PP - \fBlwres_conf_init\fR(3), \fBmalloc\fR(3), \fBfree\fR(3 )\&. +\fBlwres_conf_init\fR(3), +\fBmalloc\fR(3), +\fBfree\fR(3 ). diff --git a/lib/lwres/man/lwres_context.html b/lib/lwres/man/lwres_context.html index be29fa57b02..03de10cb08b 100644 --- a/lib/lwres/man/lwres_context.html +++ b/lib/lwres/man/lwres_context.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_context - + - + Name lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv — lightweight resolver context management @@ -160,7 +160,7 @@ void * -DESCRIPTION +DESCRIPTION lwres_context_create() creates a @@ -290,7 +290,7 @@ returned in -RETURN VALUES +RETURN VALUES lwres_context_create() returns @@ -321,7 +321,7 @@ times out waiting for a response. -SEE ALSO +SEE ALSO lwres_conf_init(3), diff --git a/lib/lwres/man/lwres_gabn.3 b/lib/lwres/man/lwres_gabn.3 index 212bdb3d14a..1c2b0f8348b 100644 --- a/lib/lwres/man/lwres_gabn.3 +++ b/lib/lwres/man/lwres_gabn.3 @@ -13,55 +13,50 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_gabn.3,v 1.13.2.5 2005/09/12 00:29:05 marka Exp $ +.\" $Id: lwres_gabn.3,v 1.13.2.6 2005/10/13 02:23:41 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_GABN" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_GABN" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free \- lightweight resolver getaddrbyname message handling .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 41 -lwres_result_t\ \fBlwres_gabnrequest_render\fR\ (lwres_context_t\ *ctx, lwres_gabnrequest_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b); -.HP 42 -lwres_result_t\ \fBlwres_gabnresponse_render\fR\ (lwres_context_t\ *ctx, lwres_gabnresponse_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b); .HP 40 -lwres_result_t\ \fBlwres_gabnrequest_parse\fR\ (lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_gabnrequest_t\ **structp); +\fBlwres_result_t\ \fBlwres_gabnrequest_render\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_gabnrequest_t\ *req\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB);\fR .HP 41 -lwres_result_t\ \fBlwres_gabnresponse_parse\fR\ (lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_gabnresponse_t\ **structp); -.HP 30 -void\ \fBlwres_gabnresponse_free\fR\ (lwres_context_t\ *ctx, lwres_gabnresponse_t\ **structp); +\fBlwres_result_t\ \fBlwres_gabnresponse_render\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_gabnresponse_t\ *req\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB);\fR +.HP 39 +\fBlwres_result_t\ \fBlwres_gabnrequest_parse\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_gabnrequest_t\ **structp\fR\fB);\fR +.HP 40 +\fBlwres_result_t\ \fBlwres_gabnresponse_parse\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_gabnresponse_t\ **structp\fR\fB);\fR .HP 29 -void\ \fBlwres_gabnrequest_free\fR\ (lwres_context_t\ *ctx, lwres_gabnrequest_t\ **structp); +\fBvoid\ \fBlwres_gabnresponse_free\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_gabnresponse_t\ **structp\fR\fB);\fR +.HP 28 +\fBvoid\ \fBlwres_gabnrequest_free\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_gabnrequest_t\ **structp\fR\fB);\fR .SH "DESCRIPTION" .PP -These are low\-level routines for creating and parsing lightweight resolver name\-to\-address lookup request and response messages\&. +These are low\-level routines for creating and parsing lightweight resolver name\-to\-address lookup request and response messages. .PP -There are four main functions for the getaddrbyname opcode\&. One render function converts a getaddrbyname request structure -- \fBlwres_gabnrequest_t\fR -- to the lighweight resolver's canonical format\&. It is complemented by a parse function that converts a packet in this canonical format to a getaddrbyname request structure\&. Another render function converts the getaddrbyname response structure -- \fBlwres_gabnresponse_t\fR -- to the canonical format\&. This is complemented by a parse function which converts a packet in canonical format to a getaddrbyname response structure\&. +There are four main functions for the getaddrbyname opcode. One render function converts a getaddrbyname request structure \(em +\fBlwres_gabnrequest_t\fR +\(em to the lighweight resolver's canonical format. It is complemented by a parse function that converts a packet in this canonical format to a getaddrbyname request structure. Another render function converts the getaddrbyname response structure \(em +\fBlwres_gabnresponse_t\fR +\(em to the canonical format. This is complemented by a parse function which converts a packet in canonical format to a getaddrbyname response structure. .PP -These structures are defined in \fI\fR\&. They are shown below\&. +These structures are defined in +\fI\fR. They are shown below. +.sp .nf #define LWRES_OPCODE_GETADDRSBYNAME 0x00010001U typedef struct lwres_addr lwres_addr_t; @@ -85,15 +80,87 @@ typedef struct { size_t baselen; } lwres_gabnresponse_t; .fi +.sp .PP - \fBlwres_gabnrequest_render()\fR uses resolver context \fIctx\fR to convert getaddrbyname request structure \fIreq\fR to canonical format\&. The packet header structure \fIpkt\fR is initialised and transferred to buffer \fIb\fR\&. The contents of \fI*req\fR are then appended to the buffer in canonical format\&. \fBlwres_gabnresponse_render()\fR performs the same task, except it converts a getaddrbyname response structure \fBlwres_gabnresponse_t\fR to the lightweight resolver's canonical format\&. +\fBlwres_gabnrequest_render()\fR +uses resolver context +\fIctx\fR +to convert getaddrbyname request structure +\fIreq\fR +to canonical format. The packet header structure +\fIpkt\fR +is initialised and transferred to buffer +\fIb\fR. The contents of +\fI*req\fR +are then appended to the buffer in canonical format. +\fBlwres_gabnresponse_render()\fR +performs the same task, except it converts a getaddrbyname response structure +\fBlwres_gabnresponse_t\fR +to the lightweight resolver's canonical format. .PP - \fBlwres_gabnrequest_parse()\fR uses context \fIctx\fR to convert the contents of packet \fIpkt\fR to a \fBlwres_gabnrequest_t\fR structure\&. Buffer \fIb\fR provides space to be used for storing this structure\&. When the function succeeds, the resulting \fBlwres_gabnrequest_t\fR is made available through \fI*structp\fR\&. \fBlwres_gabnresponse_parse()\fR offers the same semantics as \fBlwres_gabnrequest_parse()\fR except it yields a \fBlwres_gabnresponse_t\fR structure\&. +\fBlwres_gabnrequest_parse()\fR +uses context +\fIctx\fR +to convert the contents of packet +\fIpkt\fR +to a +\fBlwres_gabnrequest_t\fR +structure. Buffer +\fIb\fR +provides space to be used for storing this structure. When the function succeeds, the resulting +\fBlwres_gabnrequest_t\fR +is made available through +\fI*structp\fR. +\fBlwres_gabnresponse_parse()\fR +offers the same semantics as +\fBlwres_gabnrequest_parse()\fR +except it yields a +\fBlwres_gabnresponse_t\fR +structure. .PP - \fBlwres_gabnresponse_free()\fR and \fBlwres_gabnrequest_free()\fR release the memory in resolver context \fIctx\fR that was allocated to the \fBlwres_gabnresponse_t\fR or \fBlwres_gabnrequest_t\fR structures referenced via \fIstructp\fR\&. Any memory associated with ancillary buffers and strings for those structures is also discarded\&. +\fBlwres_gabnresponse_free()\fR +and +\fBlwres_gabnrequest_free()\fR +release the memory in resolver context +\fIctx\fR +that was allocated to the +\fBlwres_gabnresponse_t\fR +or +\fBlwres_gabnrequest_t\fR +structures referenced via +\fIstructp\fR. Any memory associated with ancillary buffers and strings for those structures is also discarded. .SH "RETURN VALUES" .PP -The getaddrbyname opcode functions \fBlwres_gabnrequest_render()\fR, \fBlwres_gabnresponse_render()\fR \fBlwres_gabnrequest_parse()\fR and \fBlwres_gabnresponse_parse()\fR all return \fBLWRES_R_SUCCESS\fR on success\&. They return \fBLWRES_R_NOMEMORY\fR if memory allocation fails\&. \fBLWRES_R_UNEXPECTEDEND\fR is returned if the available space in the buffer \fIb\fR is too small to accommodate the packet header or the \fBlwres_gabnrequest_t\fR and \fBlwres_gabnresponse_t\fR structures\&. \fBlwres_gabnrequest_parse()\fR and \fBlwres_gabnresponse_parse()\fR will return \fBLWRES_R_UNEXPECTEDEND\fR if the buffer is not empty after decoding the received packet\&. These functions will return \fBLWRES_R_FAILURE\fR if pktflags in the packet header structure \fBlwres_lwpacket_t\fR indicate that the packet is not a response to an earlier query\&. +The getaddrbyname opcode functions +\fBlwres_gabnrequest_render()\fR, +\fBlwres_gabnresponse_render()\fR\fBlwres_gabnrequest_parse()\fR +and +\fBlwres_gabnresponse_parse()\fR +all return +\fBLWRES_R_SUCCESS\fR +on success. They return +\fBLWRES_R_NOMEMORY\fR +if memory allocation fails. +\fBLWRES_R_UNEXPECTEDEND\fR +is returned if the available space in the buffer +\fIb\fR +is too small to accommodate the packet header or the +\fBlwres_gabnrequest_t\fR +and +\fBlwres_gabnresponse_t\fR +structures. +\fBlwres_gabnrequest_parse()\fR +and +\fBlwres_gabnresponse_parse()\fR +will return +\fBLWRES_R_UNEXPECTEDEND\fR +if the buffer is not empty after decoding the received packet. These functions will return +\fBLWRES_R_FAILURE\fR +if +pktflags +in the packet header structure +\fBlwres_lwpacket_t\fR +indicate that the packet is not a response to an earlier query. .SH "SEE ALSO" .PP - \fBlwres_packet\fR(3 ) +\fBlwres_packet\fR(3 ) diff --git a/lib/lwres/man/lwres_gabn.html b/lib/lwres/man/lwres_gabn.html index 36585ac4b07..7a38a551a3e 100644 --- a/lib/lwres/man/lwres_gabn.html +++ b/lib/lwres/man/lwres_gabn.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_gabn - + - + Name lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free — lightweight resolver getaddrbyname message handling @@ -164,7 +164,7 @@ void -DESCRIPTION +DESCRIPTION These are low-level routines for creating and parsing lightweight resolver name-to-address lookup request and @@ -279,7 +279,7 @@ structures is also discarded. -RETURN VALUES +RETURN VALUES The getaddrbyname opcode functions lwres_gabnrequest_render(), @@ -317,7 +317,7 @@ indicate that the packet is not a response to an earlier query. -SEE ALSO +SEE ALSO lwres_packet(3 ) diff --git a/lib/lwres/man/lwres_gai_strerror.3 b/lib/lwres/man/lwres_gai_strerror.3 index c35ac4f2fd9..c4fb3191c3b 100644 --- a/lib/lwres/man/lwres_gai_strerror.3 +++ b/lib/lwres/man/lwres_gai_strerror.3 @@ -13,41 +13,33 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_gai_strerror.3,v 1.13.2.5 2005/09/12 00:29:00 marka Exp $ +.\" $Id: lwres_gai_strerror.3,v 1.13.2.6 2005/10/13 02:23:39 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_GAI_STRERROR" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_GAI_STRERROR" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" gai_strerror \- print suitable error string .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 22 -char\ *\ \fBgai_strerror\fR\ (int\ ecode); +.HP 20 +\fBchar\ *\ \fBgai_strerror\fR\fR\fB(\fR\fBint\ ecode\fR\fB);\fR .SH "DESCRIPTION" .PP - \fBlwres_gai_strerror()\fR returns an error message corresponding to an error code returned by \fBgetaddrinfo()\fR\&. The following error codes and their meaning are defined in \fIinclude/lwres/netdb\&.h\fR\&. +\fBlwres_gai_strerror()\fR +returns an error message corresponding to an error code returned by +\fBgetaddrinfo()\fR. The following error codes and their meaning are defined in +\fIinclude/lwres/netdb.h\fR. .TP \fBEAI_ADDRFAMILY\fR address family for hostname not supported @@ -56,13 +48,15 @@ address family for hostname not supported temporary failure in name resolution .TP \fBEAI_BADFLAGS\fR -invalid value for \fBai_flags\fR +invalid value for +\fBai_flags\fR .TP \fBEAI_FAIL\fR non\-recoverable failure in name resolution .TP \fBEAI_FAMILY\fR - \fBai_family\fR not supported +\fBai_family\fR +not supported .TP \fBEAI_MEMORY\fR memory allocation failure @@ -74,16 +68,32 @@ no address associated with hostname hostname or servname not provided, or not known .TP \fBEAI_SERVICE\fR -servname not supported for \fBai_socktype\fR +servname not supported for +\fBai_socktype\fR .TP \fBEAI_SOCKTYPE\fR - \fBai_socktype\fR not supported +\fBai_socktype\fR +not supported .TP \fBEAI_SYSTEM\fR system error returned in errno - The message invalid error code is returned if \fIecode\fR is out of range\&. +The message +invalid error code +is returned if +\fIecode\fR +is out of range. .PP - \fBai_flags\fR, \fBai_family\fR and \fBai_socktype\fR are elements of the \fBstruct addrinfo\fR used by \fBlwres_getaddrinfo()\fR\&. +\fBai_flags\fR, +\fBai_family\fR +and +\fBai_socktype\fR +are elements of the +\fBstruct addrinfo\fR +used by +\fBlwres_getaddrinfo()\fR. .SH "SEE ALSO" .PP - \fBstrerror\fR(3), \fBlwres_getaddrinfo\fR(3), \fBgetaddrinfo\fR(3), \fBRFC2133\fR()\&. +\fBstrerror\fR(3), +\fBlwres_getaddrinfo\fR(3), +\fBgetaddrinfo\fR(3), +\fBRFC2133\fR(). diff --git a/lib/lwres/man/lwres_gai_strerror.html b/lib/lwres/man/lwres_gai_strerror.html index 392ebc53fc8..2f387b424f8 100644 --- a/lib/lwres/man/lwres_gai_strerror.html +++ b/lib/lwres/man/lwres_gai_strerror.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_gai_strerror - + - + Name gai_strerror — print suitable error string @@ -37,7 +37,7 @@ char * -DESCRIPTION +DESCRIPTION lwres_gai_strerror() returns an error message corresponding to an error code returned by @@ -109,7 +109,7 @@ used by -SEE ALSO +SEE ALSO strerror(3), diff --git a/lib/lwres/man/lwres_getaddrinfo.3 b/lib/lwres/man/lwres_getaddrinfo.3 index feea94ad945..fb855ef25e7 100644 --- a/lib/lwres/man/lwres_getaddrinfo.3 +++ b/lib/lwres/man/lwres_getaddrinfo.3 @@ -13,42 +13,33 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_getaddrinfo.3,v 1.16.2.6 2005/09/12 00:29:01 marka Exp $ +.\" $Id: lwres_getaddrinfo.3,v 1.16.2.7 2005/10/13 02:23:39 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_GETADDRINFO" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_GETADDRINFO" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_getaddrinfo, lwres_freeaddrinfo \- socket address structure to host and service name .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 23 -int\ \fBlwres_getaddrinfo\fR\ (const\ char\ *hostname, const\ char\ *servname, const\ struct\ addrinfo\ *hints, struct\ addrinfo\ **res); -.HP 25 -void\ \fBlwres_freeaddrinfo\fR\ (struct\ addrinfo\ *ai); +.HP 22 +\fBint\ \fBlwres_getaddrinfo\fR\fR\fB(\fR\fBconst\ char\ *hostname\fR\fB, \fR\fBconst\ char\ *servname\fR\fB, \fR\fBconst\ struct\ addrinfo\ *hints\fR\fB, \fR\fBstruct\ addrinfo\ **res\fR\fB);\fR +.HP 24 +\fBvoid\ \fBlwres_freeaddrinfo\fR\fR\fB(\fR\fBstruct\ addrinfo\ *ai\fR\fB);\fR .PP -If the operating system does not provide a \fBstruct addrinfo\fR, the following structure is used: +If the operating system does not provide a +\fBstruct addrinfo\fR, the following structure is used: +.sp .nf struct addrinfo { int ai_flags; /* AI_PASSIVE, AI_CANONNAME */ @@ -61,36 +52,176 @@ struct addrinfo { struct addrinfo *ai_next; /* next structure in linked list */ }; .fi +.sp .SH "DESCRIPTION" .PP - \fBlwres_getaddrinfo()\fR is used to get a list of IP addresses and port numbers for host \fIhostname\fR and service \fIservname\fR\&. The function is the lightweight resolver's implementation of \fBgetaddrinfo()\fR as defined in RFC2133\&. \fIhostname\fR and \fIservname\fR are pointers to null\-terminated strings or \fBNULL\fR\&. \fIhostname\fR is either a host name or a numeric host address string: a dotted decimal IPv4 address or an IPv6 address\&. \fIservname\fR is either a decimal port number or a service name as listed in \fI/etc/services\fR\&. +\fBlwres_getaddrinfo()\fR +is used to get a list of IP addresses and port numbers for host +\fIhostname\fR +and service +\fIservname\fR. The function is the lightweight resolver's implementation of +\fBgetaddrinfo()\fR +as defined in RFC2133. +\fIhostname\fR +and +\fIservname\fR +are pointers to null\-terminated strings or +\fBNULL\fR. +\fIhostname\fR +is either a host name or a numeric host address string: a dotted decimal IPv4 address or an IPv6 address. +\fIservname\fR +is either a decimal port number or a service name as listed in +\fI/etc/services\fR. .PP - \fIhints\fR is an optional pointer to a \fBstruct addrinfo\fR\&. This structure can be used to provide hints concerning the type of socket that the caller supports or wishes to use\&. The caller can supply the following structure elements in \fI*hints\fR: +\fIhints\fR +is an optional pointer to a +\fBstruct addrinfo\fR. This structure can be used to provide hints concerning the type of socket that the caller supports or wishes to use. The caller can supply the following structure elements in +\fI*hints\fR: .TP \fBai_family\fR -The protocol family that should be used\&. When \fBai_family\fR is set to \fBPF_UNSPEC\fR, it means the caller will accept any protocol family supported by the operating system\&. +The protocol family that should be used. When +\fBai_family\fR +is set to +\fBPF_UNSPEC\fR, it means the caller will accept any protocol family supported by the operating system. .TP \fBai_socktype\fR -denotes the type of socket -- \fBSOCK_STREAM\fR, \fBSOCK_DGRAM\fR or \fBSOCK_RAW\fR -- that is wanted\&. When \fBai_socktype\fR is zero the caller will accept any socket type\&. +denotes the type of socket \(em +\fBSOCK_STREAM\fR, +\fBSOCK_DGRAM\fR +or +\fBSOCK_RAW\fR +\(em that is wanted. When +\fBai_socktype\fR +is zero the caller will accept any socket type. .TP \fBai_protocol\fR -indicates which transport protocol is wanted: IPPROTO_UDP or IPPROTO_TCP\&. If \fBai_protocol\fR is zero the caller will accept any protocol\&. +indicates which transport protocol is wanted: IPPROTO_UDP or IPPROTO_TCP. If +\fBai_protocol\fR +is zero the caller will accept any protocol. .TP \fBai_flags\fR -Flag bits\&. If the \fBAI_CANONNAME\fR bit is set, a successful call to \fBlwres_getaddrinfo()\fR will return a null\-terminated string containing the canonical name of the specified hostname in \fBai_canonname\fR of the first \fBaddrinfo\fR structure returned\&. Setting the \fBAI_PASSIVE\fR bit indicates that the returned socket address structure is intended for used in a call to \fBbind\fR(2)\&. In this case, if the hostname argument is a \fBNULL\fR pointer, then the IP address portion of the socket address structure will be set to \fBINADDR_ANY\fR for an IPv4 address or \fBIN6ADDR_ANY_INIT\fR for an IPv6 address\&. -When \fBai_flags\fR does not set the \fBAI_PASSIVE\fR bit, the returned socket address structure will be ready for use in a call to \fBconnect\fR(2 ) for a connection\-oriented protocol or \fBconnect\fR(2), \fBsendto\fR(2), or \fBsendmsg\fR(2 ) if a connectionless protocol was chosen\&. The IP address portion of the socket address structure will be set to the loopback address if \fIhostname\fR is a \fBNULL\fR pointer and \fBAI_PASSIVE\fR is not set in \fBai_flags\fR\&. -If \fBai_flags\fR is set to \fBAI_NUMERICHOST\fR it indicates that \fIhostname\fR should be treated as a numeric string defining an IPv4 or IPv6 address and no name resolution should be attempted\&. +Flag bits. If the +\fBAI_CANONNAME\fR +bit is set, a successful call to +\fBlwres_getaddrinfo()\fR +will return a null\-terminated string containing the canonical name of the specified hostname in +\fBai_canonname\fR +of the first +\fBaddrinfo\fR +structure returned. Setting the +\fBAI_PASSIVE\fR +bit indicates that the returned socket address structure is intended for used in a call to +\fBbind\fR(2). In this case, if the hostname argument is a +\fBNULL\fR +pointer, then the IP address portion of the socket address structure will be set to +\fBINADDR_ANY\fR +for an IPv4 address or +\fBIN6ADDR_ANY_INIT\fR +for an IPv6 address. +.sp +When +\fBai_flags\fR +does not set the +\fBAI_PASSIVE\fR +bit, the returned socket address structure will be ready for use in a call to +\fBconnect\fR(2 ) +for a connection\-oriented protocol or +\fBconnect\fR(2), +\fBsendto\fR(2), or +\fBsendmsg\fR(2 ) +if a connectionless protocol was chosen. The IP address portion of the socket address structure will be set to the loopback address if +\fIhostname\fR +is a +\fBNULL\fR +pointer and +\fBAI_PASSIVE\fR +is not set in +\fBai_flags\fR. +.sp +If +\fBai_flags\fR +is set to +\fBAI_NUMERICHOST\fR +it indicates that +\fIhostname\fR +should be treated as a numeric string defining an IPv4 or IPv6 address and no name resolution should be attempted. .PP -All other elements of the \fBstruct addrinfo\fR passed via \fIhints\fR must be zero\&. +All other elements of the +\fBstruct addrinfo\fR +passed via +\fIhints\fR +must be zero. .PP -A \fIhints\fR of \fBNULL\fR is treated as if the caller provided a \fBstruct addrinfo\fR initialized to zero with \fBai_family\fRset to \fBPF_UNSPEC\fR\&. +A +\fIhints\fR +of +\fBNULL\fR +is treated as if the caller provided a +\fBstruct addrinfo\fR +initialized to zero with +\fBai_family\fRset to +\fBPF_UNSPEC\fR. .PP -After a successful call to \fBlwres_getaddrinfo()\fR, \fI*res\fR is a pointer to a linked list of one or more \fBaddrinfo\fR structures\&. Each \fBstruct addrinfo\fR in this list cn be processed by following the \fBai_next\fR pointer, until a \fBNULL\fR pointer is encountered\&. The three members \fBai_family\fR, \fBai_socktype\fR, and \fBai_protocol\fR in each returned \fBaddrinfo\fR structure contain the corresponding arguments for a call to \fBsocket\fR(2)\&. For each \fBaddrinfo\fR structure in the list, the \fBai_addr\fR member points to a filled\-in socket address structure of length \fBai_addrlen\fR\&. +After a successful call to +\fBlwres_getaddrinfo()\fR, +\fI*res\fR +is a pointer to a linked list of one or more +\fBaddrinfo\fR +structures. Each +\fBstruct addrinfo\fR +in this list cn be processed by following the +\fBai_next\fR +pointer, until a +\fBNULL\fR +pointer is encountered. The three members +\fBai_family\fR, +\fBai_socktype\fR, and +\fBai_protocol\fR +in each returned +\fBaddrinfo\fR +structure contain the corresponding arguments for a call to +\fBsocket\fR(2). For each +\fBaddrinfo\fR +structure in the list, the +\fBai_addr\fR +member points to a filled\-in socket address structure of length +\fBai_addrlen\fR. .PP -All of the information returned by \fBlwres_getaddrinfo()\fR is dynamically allocated: the addrinfo structures, and the socket address structures and canonical host name strings pointed to by the \fBaddrinfo\fRstructures\&. Memory allocated for the dynamically allocated structures created by a successful call to \fBlwres_getaddrinfo()\fR is released by \fBlwres_freeaddrinfo()\fR\&. \fIai\fR is a pointer to a \fBstruct addrinfo\fR created by a call to \fBlwres_getaddrinfo()\fR\&. +All of the information returned by +\fBlwres_getaddrinfo()\fR +is dynamically allocated: the addrinfo structures, and the socket address structures and canonical host name strings pointed to by the +\fBaddrinfo\fRstructures. Memory allocated for the dynamically allocated structures created by a successful call to +\fBlwres_getaddrinfo()\fR +is released by +\fBlwres_freeaddrinfo()\fR. +\fIai\fR +is a pointer to a +\fBstruct addrinfo\fR +created by a call to +\fBlwres_getaddrinfo()\fR. .SH "RETURN VALUES" .PP - \fBlwres_getaddrinfo()\fR returns zero on success or one of the error codes listed in \fBgai_strerror\fR(3 ) if an error occurs\&. If both \fIhostname\fR and \fIservname\fR are \fBNULL\fR \fBlwres_getaddrinfo()\fR returns \fBEAI_NONAME\fR\&. +\fBlwres_getaddrinfo()\fR +returns zero on success or one of the error codes listed in +\fBgai_strerror\fR(3 ) +if an error occurs. If both +\fIhostname\fR +and +\fIservname\fR +are +\fBNULL\fR\fBlwres_getaddrinfo()\fR +returns +\fBEAI_NONAME\fR. .SH "SEE ALSO" .PP - \fBlwres\fR(3), \fBlwres_getaddrinfo\fR(3), \fBlwres_freeaddrinfo\fR(3), \fBlwres_gai_strerror\fR(3), \fBRFC2133\fR(), \fBgetservbyname\fR(3), \fBbind\fR(2), \fBconnect\fR(2), \fBsendto\fR(2), \fBsendmsg\fR(2), \fBsocket\fR(2)\&. +\fBlwres\fR(3), +\fBlwres_getaddrinfo\fR(3), +\fBlwres_freeaddrinfo\fR(3), +\fBlwres_gai_strerror\fR(3), +\fBRFC2133\fR(), +\fBgetservbyname\fR(3), +\fBbind\fR(2), +\fBconnect\fR(2), +\fBsendto\fR(2), +\fBsendmsg\fR(2), +\fBsocket\fR(2). diff --git a/lib/lwres/man/lwres_getaddrinfo.html b/lib/lwres/man/lwres_getaddrinfo.html index 5cd281b99b8..b99977a9507 100644 --- a/lib/lwres/man/lwres_getaddrinfo.html +++ b/lib/lwres/man/lwres_getaddrinfo.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_getaddrinfo - + - + Name lwres_getaddrinfo, lwres_freeaddrinfo — socket address structure to host and service name @@ -87,7 +87,7 @@ struct addrinfo { -DESCRIPTION +DESCRIPTION lwres_getaddrinfo() is used to get a list of IP addresses and port numbers for host @@ -284,7 +284,7 @@ created by a call to -RETURN VALUES +RETURN VALUES lwres_getaddrinfo() returns zero on success or one of the error codes listed in @@ -304,7 +304,7 @@ returns -SEE ALSO +SEE ALSO lwres(3), diff --git a/lib/lwres/man/lwres_gethostent.3 b/lib/lwres/man/lwres_gethostent.3 index 4e4c22c2751..0cd523fac75 100644 --- a/lib/lwres/man/lwres_gethostent.3 +++ b/lib/lwres/man/lwres_gethostent.3 @@ -13,61 +13,56 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_gethostent.3,v 1.16.2.5 2005/09/12 00:29:01 marka Exp $ +.\" $Id: lwres_gethostent.3,v 1.16.2.6 2005/10/13 02:23:39 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_GETHOSTENT" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_GETHOSTENT" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent, lwres_sethostent, lwres_endhostent, lwres_gethostbyname_r, lwres_gethostbyaddr_r, lwres_gethostent_r, lwres_sethostent_r, lwres_endhostent_r \- lightweight resolver get network host entry .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 40 -struct\ hostent\ *\ \fBlwres_gethostbyname\fR\ (const\ char\ *name); -.HP 41 -struct\ hostent\ *\ \fBlwres_gethostbyname2\fR\ (const\ char\ *name, int\ af); -.HP 40 -struct\ hostent\ *\ \fBlwres_gethostbyaddr\fR\ (const\ char\ *addr, int\ len, int\ type); .HP 37 -struct\ hostent\ *\ \fBlwres_gethostent\fR\ (void); -.HP 23 -void\ \fBlwres_sethostent\fR\ (int\ stayopen); -.HP 23 -void\ \fBlwres_endhostent\fR\ (void); -.HP 42 -struct\ hostent\ *\ \fBlwres_gethostbyname_r\fR\ (const\ char\ *name, struct\ hostent\ *resbuf, char\ *buf, int\ buflen, int\ *error); -.HP 42 -struct\ hostent\ *\ \fBlwres_gethostbyaddr_r\fR\ (const\ char\ *addr, int\ len, int\ type, struct\ hostent\ *resbuf, char\ *buf, int\ buflen, int\ *error); +\fBstruct\ hostent\ *\ \fBlwres_gethostbyname\fR\fR\fB(\fR\fBconst\ char\ *name\fR\fB);\fR +.HP 38 +\fBstruct\ hostent\ *\ \fBlwres_gethostbyname2\fR\fR\fB(\fR\fBconst\ char\ *name\fR\fB, \fR\fBint\ af\fR\fB);\fR +.HP 37 +\fBstruct\ hostent\ *\ \fBlwres_gethostbyaddr\fR\fR\fB(\fR\fBconst\ char\ *addr\fR\fB, \fR\fBint\ len\fR\fB, \fR\fBint\ type\fR\fB);\fR +.HP 34 +\fBstruct\ hostent\ *\ \fBlwres_gethostent\fR\fR\fB(\fR\fBvoid\fR\fB);\fR +.HP 22 +\fBvoid\ \fBlwres_sethostent\fR\fR\fB(\fR\fBint\ stayopen\fR\fB);\fR +.HP 22 +\fBvoid\ \fBlwres_endhostent\fR\fR\fB(\fR\fBvoid\fR\fB);\fR .HP 39 -struct\ hostent\ *\ \fBlwres_gethostent_r\fR\ (struct\ hostent\ *resbuf, char\ *buf, int\ buflen, int\ *error); -.HP 25 -void\ \fBlwres_sethostent_r\fR\ (int\ stayopen); -.HP 25 -void\ \fBlwres_endhostent_r\fR\ (void); +\fBstruct\ hostent\ *\ \fBlwres_gethostbyname_r\fR\fR\fB(\fR\fBconst\ char\ *name\fR\fB, \fR\fBstruct\ hostent\ *resbuf\fR\fB, \fR\fBchar\ *buf\fR\fB, \fR\fBint\ buflen\fR\fB, \fR\fBint\ *error\fR\fB);\fR +.HP 39 +\fBstruct\ hostent\ *\ \fBlwres_gethostbyaddr_r\fR\fR\fB(\fR\fBconst\ char\ *addr\fR\fB, \fR\fBint\ len\fR\fB, \fR\fBint\ type\fR\fB, \fR\fBstruct\ hostent\ *resbuf\fR\fB, \fR\fBchar\ *buf\fR\fB, \fR\fBint\ buflen\fR\fB, \fR\fBint\ *error\fR\fB);\fR +.HP 36 +\fBstruct\ hostent\ *\ \fBlwres_gethostent_r\fR\fR\fB(\fR\fBstruct\ hostent\ *resbuf\fR\fB, \fR\fBchar\ *buf\fR\fB, \fR\fBint\ buflen\fR\fB, \fR\fBint\ *error\fR\fB);\fR +.HP 24 +\fBvoid\ \fBlwres_sethostent_r\fR\fR\fB(\fR\fBint\ stayopen\fR\fB);\fR +.HP 24 +\fBvoid\ \fBlwres_endhostent_r\fR\fR\fB(\fR\fBvoid\fR\fB);\fR .SH "DESCRIPTION" .PP -These functions provide hostname\-to\-address and address\-to\-hostname lookups by means of the lightweight resolver\&. They are similar to the standard \fBgethostent\fR(3 ) functions provided by most operating systems\&. They use a \fBstruct hostent\fR which is usually defined in \fI\fR\&. +These functions provide hostname\-to\-address and address\-to\-hostname lookups by means of the lightweight resolver. They are similar to the standard +\fBgethostent\fR(3 ) +functions provided by most operating systems. They use a +\fBstruct hostent\fR +which is usually defined in +\fI\fR. +.sp .nf struct hostent { char *h_name; /* official name of host */ @@ -78,59 +73,216 @@ struct hostent { }; #define h_addr h_addr_list[0] /* address, for backward compatibility */ .fi +.sp .PP -The members of this structure are: +The members of this structure are: .TP \fBh_name\fR -The official (canonical) name of the host\&. +The official (canonical) name of the host. .TP \fBh_aliases\fR -A NULL\-terminated array of alternate names (nicknames) for the host\&. +A NULL\-terminated array of alternate names (nicknames) for the host. .TP \fBh_addrtype\fR -The type of address being returned -- \fBPF_INET\fR or \fBPF_INET6\fR\&. +The type of address being returned \(em +\fBPF_INET\fR +or +\fBPF_INET6\fR. .TP \fBh_length\fR -The length of the address in bytes\&. +The length of the address in bytes. .TP \fBh_addr_list\fR -A \fBNULL\fR terminated array of network addresses for the host\&. Host addresses are returned in network byte order\&. +A +\fBNULL\fR +terminated array of network addresses for the host. Host addresses are returned in network byte order. .PP -For backward compatibility with very old software, \fBh_addr\fR is the first address in \fBh_addr_list\&.\fR +For backward compatibility with very old software, +\fBh_addr\fR +is the first address in +\fBh_addr_list.\fR .PP - \fBlwres_gethostent()\fR, \fBlwres_sethostent()\fR, \fBlwres_endhostent()\fR, \fBlwres_gethostent_r()\fR, \fBlwres_sethostent_r()\fR and \fBlwres_endhostent_r()\fR provide iteration over the known host entries on systems that provide such functionality through facilities like \fI/etc/hosts\fR or NIS\&. The lightweight resolver does not currently implement these functions; it only provides them as stub functions that always return failure\&. +\fBlwres_gethostent()\fR, +\fBlwres_sethostent()\fR, +\fBlwres_endhostent()\fR, +\fBlwres_gethostent_r()\fR, +\fBlwres_sethostent_r()\fR +and +\fBlwres_endhostent_r()\fR +provide iteration over the known host entries on systems that provide such functionality through facilities like +\fI/etc/hosts\fR +or NIS. The lightweight resolver does not currently implement these functions; it only provides them as stub functions that always return failure. .PP - \fBlwres_gethostbyname()\fR and \fBlwres_gethostbyname2()\fR look up the hostname \fIname\fR\&. \fBlwres_gethostbyname()\fR always looks for an IPv4 address while \fBlwres_gethostbyname2()\fR looks for an address of protocol family \fIaf\fR: either \fBPF_INET\fR or \fBPF_INET6\fR -- IPv4 or IPV6 addresses respectively\&. Successful calls of the functions return a \fBstruct hostent\fRfor the name that was looked up\&. \fBNULL\fR is returned if the lookups by \fBlwres_gethostbyname()\fR or \fBlwres_gethostbyname2()\fR fail\&. +\fBlwres_gethostbyname()\fR +and +\fBlwres_gethostbyname2()\fR +look up the hostname +\fIname\fR. +\fBlwres_gethostbyname()\fR +always looks for an IPv4 address while +\fBlwres_gethostbyname2()\fR +looks for an address of protocol family +\fIaf\fR: either +\fBPF_INET\fR +or +\fBPF_INET6\fR +\(em IPv4 or IPV6 addresses respectively. Successful calls of the functions return a +\fBstruct hostent\fRfor the name that was looked up. +\fBNULL\fR +is returned if the lookups by +\fBlwres_gethostbyname()\fR +or +\fBlwres_gethostbyname2()\fR +fail. .PP -Reverse lookups of addresses are performed by \fBlwres_gethostbyaddr()\fR\&. \fIaddr\fR is an address of length \fIlen\fR bytes and protocol family \fItype\fR -- \fBPF_INET\fR or \fBPF_INET6\fR\&. \fBlwres_gethostbyname_r()\fR is a thread\-safe function for forward lookups\&. If an error occurs, an error code is returned in \fI*error\fR\&. \fIresbuf\fR is a pointer to a \fBstruct hostent\fR which is initialised by a successful call to \fBlwres_gethostbyname_r()\fR \&. \fIbuf\fR is a buffer of length \fIlen\fR bytes which is used to store the \fBh_name\fR, \fBh_aliases\fR, and \fBh_addr_list\fR elements of the \fBstruct hostent\fR returned in \fIresbuf\fR\&. Successful calls to \fBlwres_gethostbyname_r()\fR return \fIresbuf\fR, which is a pointer to the \fBstruct hostent\fR it created\&. +Reverse lookups of addresses are performed by +\fBlwres_gethostbyaddr()\fR. +\fIaddr\fR +is an address of length +\fIlen\fR +bytes and protocol family +\fItype\fR +\(em +\fBPF_INET\fR +or +\fBPF_INET6\fR. +\fBlwres_gethostbyname_r()\fR +is a thread\-safe function for forward lookups. If an error occurs, an error code is returned in +\fI*error\fR. +\fIresbuf\fR +is a pointer to a +\fBstruct hostent\fR +which is initialised by a successful call to +\fBlwres_gethostbyname_r()\fR +. +\fIbuf\fR +is a buffer of length +\fIlen\fR +bytes which is used to store the +\fBh_name\fR, +\fBh_aliases\fR, and +\fBh_addr_list\fR +elements of the +\fBstruct hostent\fR +returned in +\fIresbuf\fR. Successful calls to +\fBlwres_gethostbyname_r()\fR +return +\fIresbuf\fR, which is a pointer to the +\fBstruct hostent\fR +it created. .PP - \fBlwres_gethostbyaddr_r()\fR is a thread\-safe function that performs a reverse lookup of address \fIaddr\fR which is \fIlen\fR bytes long and is of protocol family \fItype\fR -- \fBPF_INET\fR or \fBPF_INET6\fR\&. If an error occurs, the error code is returned in \fI*error\fR\&. The other function parameters are identical to those in \fBlwres_gethostbyname_r()\fR\&. \fIresbuf\fR is a pointer to a \fBstruct hostent\fR which is initialised by a successful call to \fBlwres_gethostbyaddr_r()\fR\&. \fIbuf\fR is a buffer of length \fIlen\fR bytes which is used to store the \fBh_name\fR, \fBh_aliases\fR, and \fBh_addr_list\fR elements of the \fBstruct hostent\fR returned in \fIresbuf\fR\&. Successful calls to \fBlwres_gethostbyaddr_r()\fR return \fIresbuf\fR, which is a pointer to the \fBstruct hostent()\fR it created\&. +\fBlwres_gethostbyaddr_r()\fR +is a thread\-safe function that performs a reverse lookup of address +\fIaddr\fR +which is +\fIlen\fR +bytes long and is of protocol family +\fItype\fR +\(em +\fBPF_INET\fR +or +\fBPF_INET6\fR. If an error occurs, the error code is returned in +\fI*error\fR. The other function parameters are identical to those in +\fBlwres_gethostbyname_r()\fR. +\fIresbuf\fR +is a pointer to a +\fBstruct hostent\fR +which is initialised by a successful call to +\fBlwres_gethostbyaddr_r()\fR. +\fIbuf\fR +is a buffer of length +\fIlen\fR +bytes which is used to store the +\fBh_name\fR, +\fBh_aliases\fR, and +\fBh_addr_list\fR +elements of the +\fBstruct hostent\fR +returned in +\fIresbuf\fR. Successful calls to +\fBlwres_gethostbyaddr_r()\fR +return +\fIresbuf\fR, which is a pointer to the +\fBstruct hostent()\fR +it created. .SH "RETURN VALUES" .PP -The functions \fBlwres_gethostbyname()\fR, \fBlwres_gethostbyname2()\fR, \fBlwres_gethostbyaddr()\fR, and \fBlwres_gethostent()\fR return NULL to indicate an error\&. In this case the global variable \fBlwres_h_errno\fR will contain one of the following error codes defined in \fI\fR: +The functions +\fBlwres_gethostbyname()\fR, +\fBlwres_gethostbyname2()\fR, +\fBlwres_gethostbyaddr()\fR, and +\fBlwres_gethostent()\fR +return NULL to indicate an error. In this case the global variable +\fBlwres_h_errno\fR +will contain one of the following error codes defined in +\fI\fR: .TP \fBHOST_NOT_FOUND\fR -The host or address was not found\&. +The host or address was not found. .TP \fBTRY_AGAIN\fR -A recoverable error occurred, e\&.g\&., a timeout\&. Retrying the lookup may succeed\&. +A recoverable error occurred, e.g., a timeout. Retrying the lookup may succeed. .TP \fBNO_RECOVERY\fR -A non\-recoverable error occurred\&. +A non\-recoverable error occurred. .TP \fBNO_DATA\fR -The name exists, but has no address information associated with it (or vice versa in the case of a reverse lookup)\&. The code NO_ADDRESS is accepted as a synonym for NO_DATA for backwards compatibility\&. +The name exists, but has no address information associated with it (or vice versa in the case of a reverse lookup). The code NO_ADDRESS is accepted as a synonym for NO_DATA for backwards compatibility. .PP - \fBlwres_hstrerror\fR(3 ) translates these error codes to suitable error messages\&. +\fBlwres_hstrerror\fR(3 ) +translates these error codes to suitable error messages. .PP - \fBlwres_gethostent()\fR and \fBlwres_gethostent_r()\fR always return \fBNULL\fR\&. +\fBlwres_gethostent()\fR +and +\fBlwres_gethostent_r()\fR +always return +\fBNULL\fR. .PP -Successful calls to \fBlwres_gethostbyname_r()\fR and \fBlwres_gethostbyaddr_r()\fR return \fIresbuf\fR, a pointer to the \fBstruct hostent\fR that was initialised by these functions\&. They return \fBNULL\fR if the lookups fail or if \fIbuf\fR was too small to hold the list of addresses and names referenced by the \fBh_name\fR, \fBh_aliases\fR, and \fBh_addr_list\fR elements of the \fBstruct hostent\fR\&. If \fIbuf\fR was too small, both \fBlwres_gethostbyname_r()\fR and \fBlwres_gethostbyaddr_r()\fR set the global variable \fBerrno\fR to \fBERANGE\fR\&. +Successful calls to +\fBlwres_gethostbyname_r()\fR +and +\fBlwres_gethostbyaddr_r()\fR +return +\fIresbuf\fR, a pointer to the +\fBstruct hostent\fR +that was initialised by these functions. They return +\fBNULL\fR +if the lookups fail or if +\fIbuf\fR +was too small to hold the list of addresses and names referenced by the +\fBh_name\fR, +\fBh_aliases\fR, and +\fBh_addr_list\fR +elements of the +\fBstruct hostent\fR. If +\fIbuf\fR +was too small, both +\fBlwres_gethostbyname_r()\fR +and +\fBlwres_gethostbyaddr_r()\fR +set the global variable +\fBerrno\fR +to +\fBERANGE\fR. .SH "SEE ALSO" .PP - \fBgethostent\fR(3), \fBlwres_getipnode\fR(3), \fBlwres_hstrerror\fR(3 ) +\fBgethostent\fR(3), +\fBlwres_getipnode\fR(3), +\fBlwres_hstrerror\fR(3 ) .SH "BUGS" .PP - \fBlwres_gethostbyname()\fR, \fBlwres_gethostbyname2()\fR, \fBlwres_gethostbyaddr()\fR and \fBlwres_endhostent()\fR are not thread safe; they return pointers to static data and provide error codes through a global variable\&. Thread\-safe versions for name and address lookup are provided by \fBlwres_gethostbyname_r()\fR, and \fBlwres_gethostbyaddr_r()\fR respectively\&. +\fBlwres_gethostbyname()\fR, +\fBlwres_gethostbyname2()\fR, +\fBlwres_gethostbyaddr()\fR +and +\fBlwres_endhostent()\fR +are not thread safe; they return pointers to static data and provide error codes through a global variable. Thread\-safe versions for name and address lookup are provided by +\fBlwres_gethostbyname_r()\fR, and +\fBlwres_gethostbyaddr_r()\fR +respectively. .PP -The resolver daemon does not currently support any non\-DNS name services such as \fI/etc/hosts\fR or \fBNIS\fR, consequently the above functions don't, either\&. +The resolver daemon does not currently support any non\-DNS name services such as +\fI/etc/hosts\fR +or +\fBNIS\fR, consequently the above functions don't, either. diff --git a/lib/lwres/man/lwres_gethostent.html b/lib/lwres/man/lwres_gethostent.html index 63d0c9da866..ec742d2af26 100644 --- a/lib/lwres/man/lwres_gethostent.html +++ b/lib/lwres/man/lwres_gethostent.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_gethostent - + - + Name lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent, lwres_sethostent, lwres_endhostent, lwres_gethostbyname_r, lwres_gethostbyaddr_r, lwres_gethostent_r, lwres_sethostent_r, lwres_endhostent_r — lightweight resolver get network host entry @@ -187,7 +187,7 @@ void -DESCRIPTION +DESCRIPTION These functions provide hostname-to-address and address-to-hostname lookups by means of the lightweight resolver. @@ -324,7 +324,7 @@ calls to lwres_gethostbyaddr_r() return -RETURN VALUES +RETURN VALUES The functions lwres_gethostbyname(), @@ -391,7 +391,7 @@ hostent. If buf was too small, b -SEE ALSO +SEE ALSO gethostent(3), @@ -402,7 +402,7 @@ hostent. If buf was too small, b -BUGS +BUGS lwres_gethostbyname(), lwres_gethostbyname2(), diff --git a/lib/lwres/man/lwres_getipnode.3 b/lib/lwres/man/lwres_getipnode.3 index 75d480f5b79..170eae65c20 100644 --- a/lib/lwres/man/lwres_getipnode.3 +++ b/lib/lwres/man/lwres_getipnode.3 @@ -13,47 +13,40 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_getipnode.3,v 1.13.2.6 2005/09/12 00:29:02 marka Exp $ +.\" $Id: lwres_getipnode.3,v 1.13.2.7 2005/10/13 02:23:39 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_GETIPNODE" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_GETIPNODE" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent \- lightweight resolver nodename / address translation API .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 42 -struct\ hostent\ *\ \fBlwres_getipnodebyname\fR\ (const\ char\ *name, int\ af, int\ flags, int\ *error_num); -.HP 42 -struct\ hostent\ *\ \fBlwres_getipnodebyaddr\fR\ (const\ void\ *src, size_t\ len, int\ af, int\ *error_num); -.HP 24 -void\ \fBlwres_freehostent\fR\ (struct\ hostent\ *he); +.HP 39 +\fBstruct\ hostent\ *\ \fBlwres_getipnodebyname\fR\fR\fB(\fR\fBconst\ char\ *name\fR\fB, \fR\fBint\ af\fR\fB, \fR\fBint\ flags\fR\fB, \fR\fBint\ *error_num\fR\fB);\fR +.HP 39 +\fBstruct\ hostent\ *\ \fBlwres_getipnodebyaddr\fR\fR\fB(\fR\fBconst\ void\ *src\fR\fB, \fR\fBsize_t\ len\fR\fB, \fR\fBint\ af\fR\fB, \fR\fBint\ *error_num\fR\fB);\fR +.HP 23 +\fBvoid\ \fBlwres_freehostent\fR\fR\fB(\fR\fBstruct\ hostent\ *he\fR\fB);\fR .SH "DESCRIPTION" .PP -These functions perform thread safe, protocol independent nodename\-to\-address and address\-to\-nodename translation as defined in RFC2553\&. +These functions perform thread safe, protocol independent nodename\-to\-address and address\-to\-nodename translation as defined in RFC2553. .PP -They use a \fBstruct hostent\fR which is defined in \fInamedb\&.h\fR: +They use a +\fBstruct hostent\fR +which is defined in +\fInamedb.h\fR: +.sp .nf struct hostent { char *h_name; /* official name of host */ @@ -64,58 +57,114 @@ struct hostent { }; #define h_addr h_addr_list[0] /* address, for backward compatibility */ .fi +.sp .PP -The members of this structure are: +The members of this structure are: .TP \fBh_name\fR -The official (canonical) name of the host\&. +The official (canonical) name of the host. .TP \fBh_aliases\fR -A NULL\-terminated array of alternate names (nicknames) for the host\&. +A NULL\-terminated array of alternate names (nicknames) for the host. .TP \fBh_addrtype\fR -The type of address being returned \- usually \fBPF_INET\fR or \fBPF_INET6\fR\&. +The type of address being returned \- usually +\fBPF_INET\fR +or +\fBPF_INET6\fR. .TP \fBh_length\fR -The length of the address in bytes\&. +The length of the address in bytes. .TP \fBh_addr_list\fR -A \fBNULL\fR terminated array of network addresses for the host\&. Host addresses are returned in network byte order\&. +A +\fBNULL\fR +terminated array of network addresses for the host. Host addresses are returned in network byte order. .PP - \fBlwres_getipnodebyname()\fR looks up addresses of protocol family \fIaf\fR for the hostname \fIname\fR\&. The \fIflags\fR parameter contains ORed flag bits to specify the types of addresses that are searched for, and the types of addresses that are returned\&. The flag bits are: +\fBlwres_getipnodebyname()\fR +looks up addresses of protocol family +\fIaf\fR +for the hostname +\fIname\fR. The +\fIflags\fR +parameter contains ORed flag bits to specify the types of addresses that are searched for, and the types of addresses that are returned. The flag bits are: .TP \fBAI_V4MAPPED\fR -This is used with an \fIaf\fR of AF_INET6, and causes IPv4 addresses to be returned as IPv4\-mapped IPv6 addresses\&. +This is used with an +\fIaf\fR +of AF_INET6, and causes IPv4 addresses to be returned as IPv4\-mapped IPv6 addresses. .TP \fBAI_ALL\fR -This is used with an \fIaf\fR of AF_INET6, and causes all known addresses (IPv6 and IPv4) to be returned\&. If AI_V4MAPPED is also set, the IPv4 addresses are return as mapped IPv6 addresses\&. +This is used with an +\fIaf\fR +of AF_INET6, and causes all known addresses (IPv6 and IPv4) to be returned. If AI_V4MAPPED is also set, the IPv4 addresses are return as mapped IPv6 addresses. .TP \fBAI_ADDRCONFIG\fR -Only return an IPv6 or IPv4 address if here is an active network interface of that type\&. This is not currently implemented in the BIND 9 lightweight resolver, and the flag is ignored\&. +Only return an IPv6 or IPv4 address if here is an active network interface of that type. This is not currently implemented in the BIND 9 lightweight resolver, and the flag is ignored. .TP \fBAI_DEFAULT\fR -This default sets the \fBAI_V4MAPPED\fR and \fBAI_ADDRCONFIG\fR flag bits\&. +This default sets the +\fBAI_V4MAPPED\fR +and +\fBAI_ADDRCONFIG\fR +flag bits. .PP - \fBlwres_getipnodebyaddr()\fR performs a reverse lookup of address \fIsrc\fR which is \fIlen\fR bytes long\&. \fIaf\fR denotes the protocol family, typically \fBPF_INET\fR or \fBPF_INET6\fR\&. +\fBlwres_getipnodebyaddr()\fR +performs a reverse lookup of address +\fIsrc\fR +which is +\fIlen\fR +bytes long. +\fIaf\fR +denotes the protocol family, typically +\fBPF_INET\fR +or +\fBPF_INET6\fR. .PP - \fBlwres_freehostent()\fR releases all the memory associated with the \fBstruct hostent\fR pointer \fIhe\fR\&. Any memory allocated for the \fBh_name\fR, \fBh_addr_list\fR and \fBh_aliases\fR is freed, as is the memory for the \fBhostent\fR structure itself\&. +\fBlwres_freehostent()\fR +releases all the memory associated with the +\fBstruct hostent\fR +pointer +\fIhe\fR. Any memory allocated for the +\fBh_name\fR, +\fBh_addr_list\fR +and +\fBh_aliases\fR +is freed, as is the memory for the +\fBhostent\fR +structure itself. .SH "RETURN VALUES" .PP -If an error occurs, \fBlwres_getipnodebyname()\fR and \fBlwres_getipnodebyaddr()\fR set \fI*error_num\fR to an appropriate error code and the function returns a \fBNULL\fR pointer\&. The error codes and their meanings are defined in \fI\fR: +If an error occurs, +\fBlwres_getipnodebyname()\fR +and +\fBlwres_getipnodebyaddr()\fR +set +\fI*error_num\fR +to an appropriate error code and the function returns a +\fBNULL\fR +pointer. The error codes and their meanings are defined in +\fI\fR: .TP \fBHOST_NOT_FOUND\fR -No such host is known\&. +No such host is known. .TP \fBNO_ADDRESS\fR -The server recognised the request and the name but no address is available\&. Another type of request to the name server for the domain might return an answer\&. +The server recognised the request and the name but no address is available. Another type of request to the name server for the domain might return an answer. .TP \fBTRY_AGAIN\fR -A temporary and possibly transient error occurred, such as a failure of a server to respond\&. The request may succeed if retried\&. +A temporary and possibly transient error occurred, such as a failure of a server to respond. The request may succeed if retried. .TP \fBNO_RECOVERY\fR -An unexpected failure occurred, and retrying the request is pointless\&. +An unexpected failure occurred, and retrying the request is pointless. .PP - \fBlwres_hstrerror\fR(3 ) translates these error codes to suitable error messages\&. +\fBlwres_hstrerror\fR(3 ) +translates these error codes to suitable error messages. .SH "SEE ALSO" .PP - \fBRFC2553\fR(), \fBlwres\fR(3), \fBlwres_gethostent\fR(3), \fBlwres_getaddrinfo\fR(3), \fBlwres_getnameinfo\fR(3), \fBlwres_hstrerror\fR(3)\&. +\fBRFC2553\fR(), +\fBlwres\fR(3), +\fBlwres_gethostent\fR(3), +\fBlwres_getaddrinfo\fR(3), +\fBlwres_getnameinfo\fR(3), +\fBlwres_hstrerror\fR(3). diff --git a/lib/lwres/man/lwres_getipnode.html b/lib/lwres/man/lwres_getipnode.html index 104d264786c..08b4903e8f4 100644 --- a/lib/lwres/man/lwres_getipnode.html +++ b/lib/lwres/man/lwres_getipnode.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_getipnode - + - + Name lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent — lightweight resolver nodename / address translation API @@ -92,7 +92,7 @@ void -DESCRIPTION +DESCRIPTION These functions perform thread safe, protocol independent nodename-to-address and address-to-nodename @@ -233,7 +233,7 @@ structure itself. -RETURN VALUES +RETURN VALUES If an error occurs, lwres_getipnodebyname() @@ -279,7 +279,7 @@ translates these error codes to suitable error messages. -SEE ALSO +SEE ALSO RFC2553, diff --git a/lib/lwres/man/lwres_getnameinfo.3 b/lib/lwres/man/lwres_getnameinfo.3 index 5eeb784d467..b866f5ca6bc 100644 --- a/lib/lwres/man/lwres_getnameinfo.3 +++ b/lib/lwres/man/lwres_getnameinfo.3 @@ -13,66 +13,86 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_getnameinfo.3,v 1.15.2.5 2005/09/12 00:28:56 marka Exp $ +.\" $Id: lwres_getnameinfo.3,v 1.15.2.6 2005/10/13 02:23:33 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_GETNAMEINFO" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_GETNAMEINFO" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_getnameinfo \- lightweight resolver socket address structure to hostname and service name .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 23 -int\ \fBlwres_getnameinfo\fR\ (const\ struct\ sockaddr\ *sa, size_t\ salen, char\ *host, size_t\ hostlen, char\ *serv, size_t\ servlen, int\ flags); +.HP 22 +\fBint\ \fBlwres_getnameinfo\fR\fR\fB(\fR\fBconst\ struct\ sockaddr\ *sa\fR\fB, \fR\fBsize_t\ salen\fR\fB, \fR\fBchar\ *host\fR\fB, \fR\fBsize_t\ hostlen\fR\fB, \fR\fBchar\ *serv\fR\fB, \fR\fBsize_t\ servlen\fR\fB, \fR\fBint\ flags\fR\fB);\fR .SH "DESCRIPTION" .PP -This function is equivalent to the \fBgetnameinfo\fR(3) function defined in RFC2133\&. \fBlwres_getnameinfo()\fR returns the hostname for the \fBstruct sockaddr\fR \fIsa\fR which is \fIsalen\fR bytes long\&. The hostname is of length \fIhostlen\fR and is returned via \fI*host\&.\fR The maximum length of the hostname is 1025 bytes: \fBNI_MAXHOST\fR\&. +This function is equivalent to the +\fBgetnameinfo\fR(3) +function defined in RFC2133. +\fBlwres_getnameinfo()\fR +returns the hostname for the +\fBstruct sockaddr\fR\fIsa\fR +which is +\fIsalen\fR +bytes long. The hostname is of length +\fIhostlen\fR +and is returned via +\fI*host.\fR +The maximum length of the hostname is 1025 bytes: +\fBNI_MAXHOST\fR. .PP -The name of the service associated with the port number in \fIsa\fR is returned in \fI*serv\&.\fR It is \fIservlen\fR bytes long\&. The maximum length of the service name is \fBNI_MAXSERV\fR \- 32 bytes\&. +The name of the service associated with the port number in +\fIsa\fR +is returned in +\fI*serv.\fR +It is +\fIservlen\fR +bytes long. The maximum length of the service name is +\fBNI_MAXSERV\fR +\- 32 bytes. .PP -The \fIflags\fR argument sets the following bits: +The +\fIflags\fR +argument sets the following bits: .TP \fBNI_NOFQDN\fR -A fully qualified domain name is not required for local hosts\&. The local part of the fully qualified domain name is returned instead\&. +A fully qualified domain name is not required for local hosts. The local part of the fully qualified domain name is returned instead. .TP \fBNI_NUMERICHOST\fR -Return the address in numeric form, as if calling inet_ntop(), instead of a host name\&. +Return the address in numeric form, as if calling inet_ntop(), instead of a host name. .TP \fBNI_NAMEREQD\fR -A name is required\&. If the hostname cannot be found in the DNS and this flag is set, a non\-zero error code is returned\&. If the hostname is not found and the flag is not set, the address is returned in numeric form\&. +A name is required. If the hostname cannot be found in the DNS and this flag is set, a non\-zero error code is returned. If the hostname is not found and the flag is not set, the address is returned in numeric form. .TP \fBNI_NUMERICSERV\fR -The service name is returned as a digit string representing the port number\&. +The service name is returned as a digit string representing the port number. .TP \fBNI_DGRAM\fR -Specifies that the service being looked up is a datagram service, and causes getservbyport() to be called with a second argument of "udp" instead of its default of "tcp"\&. This is required for the few ports (512\-514) that have different services for UDP and TCP\&. +Specifies that the service being looked up is a datagram service, and causes getservbyport() to be called with a second argument of "udp" instead of its default of "tcp". This is required for the few ports (512\-514) that have different services for UDP and TCP. .SH "RETURN VALUES" .PP - \fBlwres_getnameinfo()\fR returns 0 on success or a non\-zero error code if an error occurs\&. +\fBlwres_getnameinfo()\fR +returns 0 on success or a non\-zero error code if an error occurs. .SH "SEE ALSO" .PP - \fBRFC2133\fR(), \fBgetservbyport\fR(3), \fBlwres\fR(3), \fBlwres_getnameinfo\fR(3), \fBlwres_getnamebyaddr\fR(3)\&. \fBlwres_net_ntop\fR(3)\&. +\fBRFC2133\fR(), +\fBgetservbyport\fR(3), +\fBlwres\fR(3), +\fBlwres_getnameinfo\fR(3), +\fBlwres_getnamebyaddr\fR(3). +\fBlwres_net_ntop\fR(3). .SH "BUGS" .PP -RFC2133 fails to define what the nonzero return values of \fBgetnameinfo\fR(3) are\&. +RFC2133 fails to define what the nonzero return values of +\fBgetnameinfo\fR(3) +are. diff --git a/lib/lwres/man/lwres_getnameinfo.html b/lib/lwres/man/lwres_getnameinfo.html index 62f0f20d3fa..f3ea5efdc20 100644 --- a/lib/lwres/man/lwres_getnameinfo.html +++ b/lib/lwres/man/lwres_getnameinfo.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_getnameinfo - + - + Name lwres_getnameinfo — lightweight resolver socket address structure to hostname and service name @@ -74,7 +74,7 @@ int -DESCRIPTION +DESCRIPTION This function is equivalent to the getnameinfo(3) function defined in RFC2133. lwres_getnameinfo() returns the hostname for the struct sockaddr sa which is @@ -125,14 +125,14 @@ TCP. -RETURN VALUES +RETURN VALUES lwres_getnameinfo() returns 0 on success or a non-zero error code if an error occurs. -SEE ALSO +SEE ALSO RFC2133, getservbyport(3), @@ -143,7 +143,7 @@ returns 0 on success or a non-zero error code if an error occurs. -BUGS +BUGS RFC2133 fails to define what the nonzero return values of getnameinfo(3) diff --git a/lib/lwres/man/lwres_getrrsetbyname.3 b/lib/lwres/man/lwres_getrrsetbyname.3 index 8ba3d5f6e73..612d2c33710 100644 --- a/lib/lwres/man/lwres_getrrsetbyname.3 +++ b/lib/lwres/man/lwres_getrrsetbyname.3 @@ -13,49 +13,39 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_getrrsetbyname.3,v 1.11.2.5 2005/09/12 00:28:57 marka Exp $ +.\" $Id: lwres_getrrsetbyname.3,v 1.11.2.6 2005/10/13 02:23:33 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_GETRRSETBYNA" 3 "Oct 18, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_GETRRSETBYNAME" "3" "Oct 18, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_getrrsetbyname, lwres_freerrset \- retrieve DNS records .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 26 -int\ \fBlwres_getrrsetbyname\fR\ (const\ char\ *hostname, unsigned\ int\ rdclass, unsigned\ int\ rdtype, unsigned\ int\ flags, struct\ rrsetinfo\ **res); -.HP 22 -void\ \fBlwres_freerrset\fR\ (struct\ rrsetinfo\ *rrset); +.HP 25 +\fBint\ \fBlwres_getrrsetbyname\fR\fR\fB(\fR\fBconst\ char\ *hostname\fR\fB, \fR\fBunsigned\ int\ rdclass\fR\fB, \fR\fBunsigned\ int\ rdtype\fR\fB, \fR\fBunsigned\ int\ flags\fR\fB, \fR\fBstruct\ rrsetinfo\ **res\fR\fB);\fR +.HP 21 +\fBvoid\ \fBlwres_freerrset\fR\fR\fB(\fR\fBstruct\ rrsetinfo\ *rrset\fR\fB);\fR .PP -The following structures are used: +The following structures are used: +.sp .nf struct rdatainfo { unsigned int rdi_length; /* length of data */ unsigned char *rdi_data; /* record data */ }; struct rrsetinfo { - unsigned int rri_flags; /* RRSET_VALIDATED\&.\&.\&. */ + unsigned int rri_flags; /* RRSET_VALIDATED... */ unsigned int rri_rdclass; /* class number */ unsigned int rri_rdtype; /* RR type number */ unsigned int rri_ttl; /* time to live */ @@ -66,17 +56,65 @@ struct rrsetinfo { struct rdatainfo *rri_sigs; /* individual signatures */ }; .fi +.sp .SH "DESCRIPTION" .PP - \fBlwres_getrrsetbyname()\fR gets a set of resource records associated with a \fIhostname\fR, \fIclass\fR, and \fItype\fR\&. \fIhostname\fR is a pointer a to null\-terminated string\&. The \fIflags\fR field is currently unused and must be zero\&. +\fBlwres_getrrsetbyname()\fR +gets a set of resource records associated with a +\fIhostname\fR, +\fIclass\fR, and +\fItype\fR. +\fIhostname\fR +is a pointer a to null\-terminated string. The +\fIflags\fR +field is currently unused and must be zero. .PP -After a successful call to \fBlwres_getrrsetbyname()\fR, \fI*res\fR is a pointer to an \fBrrsetinfo\fR structure, containing a list of one or more \fBrdatainfo\fR structures containing resource records and potentially another list of \fBrdatainfo\fR structures containing SIG resource records associated with those records\&. The members \fBrri_rdclass\fR and \fBrri_rdtype\fR are copied from the parameters\&. \fBrri_ttl\fR and \fBrri_name\fR are properties of the obtained rrset\&. The resource records contained in \fBrri_rdatas\fR and \fBrri_sigs\fR are in uncompressed DNS wire format\&. Properties of the rdataset are represented in the \fBrri_flags\fR bitfield\&. If the RRSET_VALIDATED bit is set, the data has been DNSSEC validated and the signatures verified\&. +After a successful call to +\fBlwres_getrrsetbyname()\fR, +\fI*res\fR +is a pointer to an +\fBrrsetinfo\fR +structure, containing a list of one or more +\fBrdatainfo\fR +structures containing resource records and potentially another list of +\fBrdatainfo\fR +structures containing SIG resource records associated with those records. The members +\fBrri_rdclass\fR +and +\fBrri_rdtype\fR +are copied from the parameters. +\fBrri_ttl\fR +and +\fBrri_name\fR +are properties of the obtained rrset. The resource records contained in +\fBrri_rdatas\fR +and +\fBrri_sigs\fR +are in uncompressed DNS wire format. Properties of the rdataset are represented in the +\fBrri_flags\fR +bitfield. If the RRSET_VALIDATED bit is set, the data has been DNSSEC validated and the signatures verified. .PP -All of the information returned by \fBlwres_getrrsetbyname()\fR is dynamically allocated: the \fBrrsetinfo\fR and \fBrdatainfo\fR structures, and the canonical host name strings pointed to by the \fBrrsetinfo\fRstructure\&. Memory allocated for the dynamically allocated structures created by a successful call to \fBlwres_getrrsetbyname()\fR is released by \fBlwres_freerrset()\fR\&. \fIrrset\fR is a pointer to a \fBstruct rrset\fR created by a call to \fBlwres_getrrsetbyname()\fR\&. +All of the information returned by +\fBlwres_getrrsetbyname()\fR +is dynamically allocated: the +\fBrrsetinfo\fR +and +\fBrdatainfo\fR +structures, and the canonical host name strings pointed to by the +\fBrrsetinfo\fRstructure. Memory allocated for the dynamically allocated structures created by a successful call to +\fBlwres_getrrsetbyname()\fR +is released by +\fBlwres_freerrset()\fR. +\fIrrset\fR +is a pointer to a +\fBstruct rrset\fR +created by a call to +\fBlwres_getrrsetbyname()\fR. .PP .SH "RETURN VALUES" .PP - \fBlwres_getrrsetbyname()\fR returns zero on success, and one of the following error codes if an error occurred: +\fBlwres_getrrsetbyname()\fR +returns zero on success, and one of the following error codes if an error occurred: .TP \fBERRSET_NONAME\fR the name does not exist @@ -93,7 +131,6 @@ a parameter is invalid \fBERRSET_FAIL\fR other failure .TP -\fB\fR .SH "SEE ALSO" .PP - \fBlwres\fR(3)\&. +\fBlwres\fR(3). diff --git a/lib/lwres/man/lwres_getrrsetbyname.html b/lib/lwres/man/lwres_getrrsetbyname.html index db669d4aa79..7cb14617d3d 100644 --- a/lib/lwres/man/lwres_getrrsetbyname.html +++ b/lib/lwres/man/lwres_getrrsetbyname.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_getrrsetbyname - + - + Name lwres_getrrsetbyname, lwres_freerrset — retrieve DNS records @@ -95,7 +95,7 @@ struct rrsetinfo { -DESCRIPTION +DESCRIPTION lwres_getrrsetbyname() gets a set of resource records associated with a @@ -172,7 +172,7 @@ created by a call to -RETURN VALUES +RETURN VALUES lwres_getrrsetbyname() returns zero on success, and one of the following error @@ -208,7 +208,7 @@ other failure -SEE ALSO +SEE ALSO lwres(3). diff --git a/lib/lwres/man/lwres_gnba.3 b/lib/lwres/man/lwres_gnba.3 index 80bb93134dc..48eb1f7f4b3 100644 --- a/lib/lwres/man/lwres_gnba.3 +++ b/lib/lwres/man/lwres_gnba.3 @@ -13,55 +13,50 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_gnba.3,v 1.13.2.5 2005/09/12 00:28:57 marka Exp $ +.\" $Id: lwres_gnba.3,v 1.13.2.6 2005/10/13 02:23:33 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_GNBA" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_GNBA" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free \- lightweight resolver getnamebyaddress message handling .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 41 -lwres_result_t\ \fBlwres_gnbarequest_render\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gnbarequest_t\ *\fIreq\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_buffer_t\ *\fIb\fR); -.HP 42 -lwres_result_t\ \fBlwres_gnbaresponse_render\fR\ (lwres_context_t\ *ctx, lwres_gnbaresponse_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b); .HP 40 -lwres_result_t\ \fBlwres_gnbarequest_parse\fR\ (lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_gnbarequest_t\ **structp); +\fBlwres_result_t\ \fBlwres_gnbarequest_render\fR\fR\fB(\fR\fBlwres_context_t\ *\fR\fB\fIctx\fR\fR\fB, \fR\fBlwres_gnbarequest_t\ *\fR\fB\fIreq\fR\fR\fB, \fR\fBlwres_lwpacket_t\ *\fR\fB\fIpkt\fR\fR\fB, \fR\fBlwres_buffer_t\ *\fR\fB\fIb\fR\fR\fB);\fR .HP 41 -lwres_result_t\ \fBlwres_gnbaresponse_parse\fR\ (lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_gnbaresponse_t\ **structp); -.HP 30 -void\ \fBlwres_gnbaresponse_free\fR\ (lwres_context_t\ *ctx, lwres_gnbaresponse_t\ **structp); +\fBlwres_result_t\ \fBlwres_gnbaresponse_render\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_gnbaresponse_t\ *req\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB);\fR +.HP 39 +\fBlwres_result_t\ \fBlwres_gnbarequest_parse\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_gnbarequest_t\ **structp\fR\fB);\fR +.HP 40 +\fBlwres_result_t\ \fBlwres_gnbaresponse_parse\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_gnbaresponse_t\ **structp\fR\fB);\fR .HP 29 -void\ \fBlwres_gnbarequest_free\fR\ (lwres_context_t\ *ctx, lwres_gnbarequest_t\ **structp); +\fBvoid\ \fBlwres_gnbaresponse_free\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_gnbaresponse_t\ **structp\fR\fB);\fR +.HP 28 +\fBvoid\ \fBlwres_gnbarequest_free\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_gnbarequest_t\ **structp\fR\fB);\fR .SH "DESCRIPTION" .PP -These are low\-level routines for creating and parsing lightweight resolver address\-to\-name lookup request and response messages\&. +These are low\-level routines for creating and parsing lightweight resolver address\-to\-name lookup request and response messages. .PP -There are four main functions for the getnamebyaddr opcode\&. One render function converts a getnamebyaddr request structure -- \fBlwres_gnbarequest_t\fR -- to the lightweight resolver's canonical format\&. It is complemented by a parse function that converts a packet in this canonical format to a getnamebyaddr request structure\&. Another render function converts the getnamebyaddr response structure -- \fBlwres_gnbaresponse_t\fR to the canonical format\&. This is complemented by a parse function which converts a packet in canonical format to a getnamebyaddr response structure\&. +There are four main functions for the getnamebyaddr opcode. One render function converts a getnamebyaddr request structure \(em +\fBlwres_gnbarequest_t\fR +\(em to the lightweight resolver's canonical format. It is complemented by a parse function that converts a packet in this canonical format to a getnamebyaddr request structure. Another render function converts the getnamebyaddr response structure \(em +\fBlwres_gnbaresponse_t\fR +to the canonical format. This is complemented by a parse function which converts a packet in canonical format to a getnamebyaddr response structure. .PP -These structures are defined in \fIlwres/lwres\&.h\fR\&. They are shown below\&. +These structures are defined in +\fIlwres/lwres.h\fR. They are shown below. +.sp .nf #define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U typedef struct { @@ -79,15 +74,87 @@ typedef struct { size_t baselen; } lwres_gnbaresponse_t; .fi +.sp .PP - \fBlwres_gnbarequest_render()\fR uses resolver context \fIctx\fR to convert getnamebyaddr request structure \fIreq\fR to canonical format\&. The packet header structure \fIpkt\fR is initialised and transferred to buffer \fIb\fR\&. The contents of \fI*req\fR are then appended to the buffer in canonical format\&. \fBlwres_gnbaresponse_render()\fR performs the same task, except it converts a getnamebyaddr response structure \fBlwres_gnbaresponse_t\fR to the lightweight resolver's canonical format\&. +\fBlwres_gnbarequest_render()\fR +uses resolver context +\fIctx\fR +to convert getnamebyaddr request structure +\fIreq\fR +to canonical format. The packet header structure +\fIpkt\fR +is initialised and transferred to buffer +\fIb\fR. The contents of +\fI*req\fR +are then appended to the buffer in canonical format. +\fBlwres_gnbaresponse_render()\fR +performs the same task, except it converts a getnamebyaddr response structure +\fBlwres_gnbaresponse_t\fR +to the lightweight resolver's canonical format. .PP - \fBlwres_gnbarequest_parse()\fR uses context \fIctx\fR to convert the contents of packet \fIpkt\fR to a \fBlwres_gnbarequest_t\fR structure\&. Buffer \fIb\fR provides space to be used for storing this structure\&. When the function succeeds, the resulting \fBlwres_gnbarequest_t\fR is made available through \fI*structp\fR\&. \fBlwres_gnbaresponse_parse()\fR offers the same semantics as \fBlwres_gnbarequest_parse()\fR except it yields a \fBlwres_gnbaresponse_t\fR structure\&. +\fBlwres_gnbarequest_parse()\fR +uses context +\fIctx\fR +to convert the contents of packet +\fIpkt\fR +to a +\fBlwres_gnbarequest_t\fR +structure. Buffer +\fIb\fR +provides space to be used for storing this structure. When the function succeeds, the resulting +\fBlwres_gnbarequest_t\fR +is made available through +\fI*structp\fR. +\fBlwres_gnbaresponse_parse()\fR +offers the same semantics as +\fBlwres_gnbarequest_parse()\fR +except it yields a +\fBlwres_gnbaresponse_t\fR +structure. .PP - \fBlwres_gnbaresponse_free()\fR and \fBlwres_gnbarequest_free()\fR release the memory in resolver context \fIctx\fR that was allocated to the \fBlwres_gnbaresponse_t\fR or \fBlwres_gnbarequest_t\fR structures referenced via \fIstructp\fR\&. Any memory associated with ancillary buffers and strings for those structures is also discarded\&. +\fBlwres_gnbaresponse_free()\fR +and +\fBlwres_gnbarequest_free()\fR +release the memory in resolver context +\fIctx\fR +that was allocated to the +\fBlwres_gnbaresponse_t\fR +or +\fBlwres_gnbarequest_t\fR +structures referenced via +\fIstructp\fR. Any memory associated with ancillary buffers and strings for those structures is also discarded. .SH "RETURN VALUES" .PP -The getnamebyaddr opcode functions \fBlwres_gnbarequest_render()\fR, \fBlwres_gnbaresponse_render()\fR \fBlwres_gnbarequest_parse()\fR and \fBlwres_gnbaresponse_parse()\fR all return \fBLWRES_R_SUCCESS\fR on success\&. They return \fBLWRES_R_NOMEMORY\fR if memory allocation fails\&. \fBLWRES_R_UNEXPECTEDEND\fR is returned if the available space in the buffer \fIb\fR is too small to accommodate the packet header or the \fBlwres_gnbarequest_t\fR and \fBlwres_gnbaresponse_t\fR structures\&. \fBlwres_gnbarequest_parse()\fR and \fBlwres_gnbaresponse_parse()\fR will return \fBLWRES_R_UNEXPECTEDEND\fR if the buffer is not empty after decoding the received packet\&. These functions will return \fBLWRES_R_FAILURE\fR if pktflags in the packet header structure \fBlwres_lwpacket_t\fR indicate that the packet is not a response to an earlier query\&. +The getnamebyaddr opcode functions +\fBlwres_gnbarequest_render()\fR, +\fBlwres_gnbaresponse_render()\fR\fBlwres_gnbarequest_parse()\fR +and +\fBlwres_gnbaresponse_parse()\fR +all return +\fBLWRES_R_SUCCESS\fR +on success. They return +\fBLWRES_R_NOMEMORY\fR +if memory allocation fails. +\fBLWRES_R_UNEXPECTEDEND\fR +is returned if the available space in the buffer +\fIb\fR +is too small to accommodate the packet header or the +\fBlwres_gnbarequest_t\fR +and +\fBlwres_gnbaresponse_t\fR +structures. +\fBlwres_gnbarequest_parse()\fR +and +\fBlwres_gnbaresponse_parse()\fR +will return +\fBLWRES_R_UNEXPECTEDEND\fR +if the buffer is not empty after decoding the received packet. These functions will return +\fBLWRES_R_FAILURE\fR +if +pktflags +in the packet header structure +\fBlwres_lwpacket_t\fR +indicate that the packet is not a response to an earlier query. .SH "SEE ALSO" .PP - \fBlwres_packet\fR(3)\&. +\fBlwres_packet\fR(3). diff --git a/lib/lwres/man/lwres_gnba.html b/lib/lwres/man/lwres_gnba.html index e33681969ca..aa257aeaa10 100644 --- a/lib/lwres/man/lwres_gnba.html +++ b/lib/lwres/man/lwres_gnba.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_gnba - + - + Name lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free — lightweight resolver getnamebyaddress message handling @@ -172,7 +172,7 @@ void -DESCRIPTION +DESCRIPTION These are low-level routines for creating and parsing lightweight resolver address-to-name lookup request and @@ -277,7 +277,7 @@ structures is also discarded. -RETURN VALUES +RETURN VALUES The getnamebyaddr opcode functions lwres_gnbarequest_render(), @@ -315,7 +315,7 @@ indicate that the packet is not a response to an earlier query. -SEE ALSO +SEE ALSO lwres_packet(3). diff --git a/lib/lwres/man/lwres_hstrerror.3 b/lib/lwres/man/lwres_hstrerror.3 index dfade358f61..6706c0ee065 100644 --- a/lib/lwres/man/lwres_hstrerror.3 +++ b/lib/lwres/man/lwres_hstrerror.3 @@ -13,63 +13,69 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_hstrerror.3,v 1.13.2.5 2005/09/12 00:28:57 marka Exp $ +.\" $Id: lwres_hstrerror.3,v 1.13.2.6 2005/10/13 02:23:34 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_HSTRERROR" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_HSTRERROR" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_herror, lwres_hstrerror \- lightweight resolver error message generation .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 19 -void\ \fBlwres_herror\fR\ (const\ char\ *s); -.HP 32 -const\ char\ *\ \fBlwres_hstrerror\fR\ (int\ err); +.HP 18 +\fBvoid\ \fBlwres_herror\fR\fR\fB(\fR\fBconst\ char\ *s\fR\fB);\fR +.HP 29 +\fBconst\ char\ *\ \fBlwres_hstrerror\fR\fR\fB(\fR\fBint\ err\fR\fB);\fR .SH "DESCRIPTION" .PP - \fBlwres_herror()\fR prints the string \fIs\fR on \fBstderr\fR followed by the string generated by \fBlwres_hstrerror()\fR for the error code stored in the global variable \fBlwres_h_errno\fR\&. +\fBlwres_herror()\fR +prints the string +\fIs\fR +on +\fBstderr\fR +followed by the string generated by +\fBlwres_hstrerror()\fR +for the error code stored in the global variable +\fBlwres_h_errno\fR. .PP - \fBlwres_hstrerror()\fR returns an appropriate string for the error code gievn by \fIerr\fR\&. The values of the error codes and messages are as follows: +\fBlwres_hstrerror()\fR +returns an appropriate string for the error code gievn by +\fIerr\fR. The values of the error codes and messages are as follows: .TP \fBNETDB_SUCCESS\fR - Resolver Error 0 (no error) +Resolver Error 0 (no error) .TP \fBHOST_NOT_FOUND\fR - Unknown host +Unknown host .TP \fBTRY_AGAIN\fR - Host name lookup failure +Host name lookup failure .TP \fBNO_RECOVERY\fR - Unknown server error +Unknown server error .TP \fBNO_DATA\fR - No address associated with name +No address associated with name .SH "RETURN VALUES" .PP -The string Unknown resolver error is returned by \fBlwres_hstrerror()\fR when the value of \fBlwres_h_errno\fR is not a valid error code\&. +The string +Unknown resolver error +is returned by +\fBlwres_hstrerror()\fR +when the value of +\fBlwres_h_errno\fR +is not a valid error code. .SH "SEE ALSO" .PP - \fBherror\fR(3), \fBlwres_hstrerror\fR(3)\&. +\fBherror\fR(3), +\fBlwres_hstrerror\fR(3). diff --git a/lib/lwres/man/lwres_hstrerror.html b/lib/lwres/man/lwres_hstrerror.html index f1624668402..8adc875b0ed 100644 --- a/lib/lwres/man/lwres_hstrerror.html +++ b/lib/lwres/man/lwres_hstrerror.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_hstrerror - + - + Name lwres_herror, lwres_hstrerror — lightweight resolver error message generation @@ -40,7 +40,7 @@ const char * -DESCRIPTION +DESCRIPTION lwres_herror() prints the string s on stderr followed by the string @@ -79,7 +79,7 @@ the error codes and messages are as follows: -RETURN VALUES +RETURN VALUES The string Unknown resolver error is returned by lwres_hstrerror() @@ -89,7 +89,7 @@ is not a valid error code. -SEE ALSO +SEE ALSO herror(3), diff --git a/lib/lwres/man/lwres_inetntop.3 b/lib/lwres/man/lwres_inetntop.3 index e8522388464..94e2dcee776 100644 --- a/lib/lwres/man/lwres_inetntop.3 +++ b/lib/lwres/man/lwres_inetntop.3 @@ -13,46 +13,57 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_inetntop.3,v 1.12.2.5 2005/09/12 00:28:58 marka Exp $ +.\" $Id: lwres_inetntop.3,v 1.12.2.6 2005/10/13 02:23:34 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_INETNTOP" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_INETNTOP" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_net_ntop \- lightweight resolver IP address presentation .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 31 -const\ char\ *\ \fBlwres_net_ntop\fR\ (int\ af, const\ void\ *src, char\ *dst, size_t\ size); +.HP 28 +\fBconst\ char\ *\ \fBlwres_net_ntop\fR\fR\fB(\fR\fBint\ af\fR\fB, \fR\fBconst\ void\ *src\fR\fB, \fR\fBchar\ *dst\fR\fB, \fR\fBsize_t\ size\fR\fB);\fR .SH "DESCRIPTION" .PP - \fBlwres_net_ntop()\fR converts an IP address of protocol family \fIaf\fR -- IPv4 or IPv6 -- at location \fIsrc\fR from network format to its conventional representation as a string\&. For IPv4 addresses, that string would be a dotted\-decimal\&. An IPv6 address would be represented in colon notation as described in RFC1884\&. +\fBlwres_net_ntop()\fR +converts an IP address of protocol family +\fIaf\fR +\(em IPv4 or IPv6 \(em at location +\fIsrc\fR +from network format to its conventional representation as a string. For IPv4 addresses, that string would be a dotted\-decimal. An IPv6 address would be represented in colon notation as described in RFC1884. .PP -The generated string is copied to \fIdst\fR provided \fIsize\fR indicates it is long enough to store the ASCII representation of the address\&. +The generated string is copied to +\fIdst\fR +provided +\fIsize\fR +indicates it is long enough to store the ASCII representation of the address. .SH "RETURN VALUES" .PP -If successful, the function returns \fIdst\fR: a pointer to a string containing the presentation format of the address\&. \fBlwres_net_ntop()\fR returns \fBNULL\fR and sets the global variable \fBerrno\fR to \fBEAFNOSUPPORT\fR if the protocol family given in \fIaf\fR is not supported\&. +If successful, the function returns +\fIdst\fR: a pointer to a string containing the presentation format of the address. +\fBlwres_net_ntop()\fR +returns +\fBNULL\fR +and sets the global variable +\fBerrno\fR +to +\fBEAFNOSUPPORT\fR +if the protocol family given in +\fIaf\fR +is not supported. .SH "SEE ALSO" .PP - \fBRFC1884\fR(), \fBinet_ntop\fR(3), \fBerrno\fR(3)\&. +\fBRFC1884\fR(), +\fBinet_ntop\fR(3), +\fBerrno\fR(3). diff --git a/lib/lwres/man/lwres_inetntop.html b/lib/lwres/man/lwres_inetntop.html index 67053d3db23..6840a171c24 100644 --- a/lib/lwres/man/lwres_inetntop.html +++ b/lib/lwres/man/lwres_inetntop.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_inetntop - + - + Name lwres_net_ntop — lightweight resolver IP address presentation @@ -59,7 +59,7 @@ const char * -DESCRIPTION +DESCRIPTION lwres_net_ntop() converts an IP address of protocol family af — IPv4 or IPv6 — @@ -75,7 +75,7 @@ ASCII representation of the address. -RETURN VALUES +RETURN VALUES If successful, the function returns dst: a pointer to a string containing the presentation format of the @@ -87,7 +87,7 @@ supported. -SEE ALSO +SEE ALSO RFC1884, inet_ntop(3), diff --git a/lib/lwres/man/lwres_noop.3 b/lib/lwres/man/lwres_noop.3 index 3d02c577a9d..d4c9d9cccb1 100644 --- a/lib/lwres/man/lwres_noop.3 +++ b/lib/lwres/man/lwres_noop.3 @@ -13,57 +13,54 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_noop.3,v 1.14.2.5 2005/09/12 00:28:58 marka Exp $ +.\" $Id: lwres_noop.3,v 1.14.2.6 2005/10/13 02:23:34 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_NOOP" 3 "Jun 30, 2000" "" "" -.SH NAME -lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free \- lightweight resolver no-op message handling +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_NOOP" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free \- lightweight resolver no\-op message handling .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 41 -lwres_result_t\ \fBlwres_nooprequest_render\fR\ (lwres_context_t\ *ctx, lwres_nooprequest_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b); -.HP 42 -lwres_result_t\ \fBlwres_noopresponse_render\fR\ (lwres_context_t\ *ctx, lwres_noopresponse_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b); .HP 40 -lwres_result_t\ \fBlwres_nooprequest_parse\fR\ (lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_nooprequest_t\ **structp); +\fBlwres_result_t\ \fBlwres_nooprequest_render\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_nooprequest_t\ *req\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB);\fR .HP 41 -lwres_result_t\ \fBlwres_noopresponse_parse\fR\ (lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_noopresponse_t\ **structp); -.HP 30 -void\ \fBlwres_noopresponse_free\fR\ (lwres_context_t\ *ctx, lwres_noopresponse_t\ **structp); +\fBlwres_result_t\ \fBlwres_noopresponse_render\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_noopresponse_t\ *req\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB);\fR +.HP 39 +\fBlwres_result_t\ \fBlwres_nooprequest_parse\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_nooprequest_t\ **structp\fR\fB);\fR +.HP 40 +\fBlwres_result_t\ \fBlwres_noopresponse_parse\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB, \fR\fBlwres_noopresponse_t\ **structp\fR\fB);\fR .HP 29 -void\ \fBlwres_nooprequest_free\fR\ (lwres_context_t\ *ctx, lwres_nooprequest_t\ **structp); +\fBvoid\ \fBlwres_noopresponse_free\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_noopresponse_t\ **structp\fR\fB);\fR +.HP 28 +\fBvoid\ \fBlwres_nooprequest_free\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_nooprequest_t\ **structp\fR\fB);\fR .SH "DESCRIPTION" .PP -These are low\-level routines for creating and parsing lightweight resolver no\-op request and response messages\&. +These are low\-level routines for creating and parsing lightweight resolver no\-op request and response messages. .PP -The no\-op message is analogous to a \fBping\fR packet: a packet is sent to the resolver daemon and is simply echoed back\&. The opcode is intended to allow a client to determine if the server is operational or not\&. +The no\-op message is analogous to a +\fBping\fR +packet: a packet is sent to the resolver daemon and is simply echoed back. The opcode is intended to allow a client to determine if the server is operational or not. .PP -There are four main functions for the no\-op opcode\&. One render function converts a no\-op request structure -- \fBlwres_nooprequest_t\fR -- to the lighweight resolver's canonical format\&. It is complemented by a parse function that converts a packet in this canonical format to a no\-op request structure\&. Another render function converts the no\-op response structure -- \fBlwres_noopresponse_t\fR to the canonical format\&. This is complemented by a parse function which converts a packet in canonical format to a no\-op response structure\&. +There are four main functions for the no\-op opcode. One render function converts a no\-op request structure \(em +\fBlwres_nooprequest_t\fR +\(em to the lighweight resolver's canonical format. It is complemented by a parse function that converts a packet in this canonical format to a no\-op request structure. Another render function converts the no\-op response structure \(em +\fBlwres_noopresponse_t\fR +to the canonical format. This is complemented by a parse function which converts a packet in canonical format to a no\-op response structure. .PP -These structures are defined in \fIlwres/lwres\&.h\fR\&. They are shown below\&. +These structures are defined in +\fIlwres/lwres.h\fR. They are shown below. +.sp .nf #define LWRES_OPCODE_NOOP 0x00000000U typedef struct { @@ -75,16 +72,88 @@ typedef struct { unsigned char *data; } lwres_noopresponse_t; .fi - Although the structures have different types, they are identical\&. This is because the no\-op opcode simply echos whatever data was sent: the response is therefore identical to the request\&. +.sp +Although the structures have different types, they are identical. This is because the no\-op opcode simply echos whatever data was sent: the response is therefore identical to the request. .PP - \fBlwres_nooprequest_render()\fR uses resolver context \fIctx\fR to convert no\-op request structure \fIreq\fR to canonical format\&. The packet header structure \fIpkt\fR is initialised and transferred to buffer \fIb\fR\&. The contents of \fI*req\fR are then appended to the buffer in canonical format\&. \fBlwres_noopresponse_render()\fR performs the same task, except it converts a no\-op response structure \fBlwres_noopresponse_t\fR to the lightweight resolver's canonical format\&. +\fBlwres_nooprequest_render()\fR +uses resolver context +\fIctx\fR +to convert no\-op request structure +\fIreq\fR +to canonical format. The packet header structure +\fIpkt\fR +is initialised and transferred to buffer +\fIb\fR. The contents of +\fI*req\fR +are then appended to the buffer in canonical format. +\fBlwres_noopresponse_render()\fR +performs the same task, except it converts a no\-op response structure +\fBlwres_noopresponse_t\fR +to the lightweight resolver's canonical format. .PP - \fBlwres_nooprequest_parse()\fR uses context \fIctx\fR to convert the contents of packet \fIpkt\fR to a \fBlwres_nooprequest_t\fR structure\&. Buffer \fIb\fR provides space to be used for storing this structure\&. When the function succeeds, the resulting \fBlwres_nooprequest_t\fR is made available through \fI*structp\fR\&. \fBlwres_noopresponse_parse()\fR offers the same semantics as \fBlwres_nooprequest_parse()\fR except it yields a \fBlwres_noopresponse_t\fR structure\&. +\fBlwres_nooprequest_parse()\fR +uses context +\fIctx\fR +to convert the contents of packet +\fIpkt\fR +to a +\fBlwres_nooprequest_t\fR +structure. Buffer +\fIb\fR +provides space to be used for storing this structure. When the function succeeds, the resulting +\fBlwres_nooprequest_t\fR +is made available through +\fI*structp\fR. +\fBlwres_noopresponse_parse()\fR +offers the same semantics as +\fBlwres_nooprequest_parse()\fR +except it yields a +\fBlwres_noopresponse_t\fR +structure. .PP - \fBlwres_noopresponse_free()\fR and \fBlwres_nooprequest_free()\fR release the memory in resolver context \fIctx\fR that was allocated to the \fBlwres_noopresponse_t\fR or \fBlwres_nooprequest_t\fR structures referenced via \fIstructp\fR\&. +\fBlwres_noopresponse_free()\fR +and +\fBlwres_nooprequest_free()\fR +release the memory in resolver context +\fIctx\fR +that was allocated to the +\fBlwres_noopresponse_t\fR +or +\fBlwres_nooprequest_t\fR +structures referenced via +\fIstructp\fR. .SH "RETURN VALUES" .PP -The no\-op opcode functions \fBlwres_nooprequest_render()\fR, \fBlwres_noopresponse_render()\fR \fBlwres_nooprequest_parse()\fR and \fBlwres_noopresponse_parse()\fR all return \fBLWRES_R_SUCCESS\fR on success\&. They return \fBLWRES_R_NOMEMORY\fR if memory allocation fails\&. \fBLWRES_R_UNEXPECTEDEND\fR is returned if the available space in the buffer \fIb\fR is too small to accommodate the packet header or the \fBlwres_nooprequest_t\fR and \fBlwres_noopresponse_t\fR structures\&. \fBlwres_nooprequest_parse()\fR and \fBlwres_noopresponse_parse()\fR will return \fBLWRES_R_UNEXPECTEDEND\fR if the buffer is not empty after decoding the received packet\&. These functions will return \fBLWRES_R_FAILURE\fR if \fBpktflags\fR in the packet header structure \fBlwres_lwpacket_t\fR indicate that the packet is not a response to an earlier query\&. +The no\-op opcode functions +\fBlwres_nooprequest_render()\fR, +\fBlwres_noopresponse_render()\fR\fBlwres_nooprequest_parse()\fR +and +\fBlwres_noopresponse_parse()\fR +all return +\fBLWRES_R_SUCCESS\fR +on success. They return +\fBLWRES_R_NOMEMORY\fR +if memory allocation fails. +\fBLWRES_R_UNEXPECTEDEND\fR +is returned if the available space in the buffer +\fIb\fR +is too small to accommodate the packet header or the +\fBlwres_nooprequest_t\fR +and +\fBlwres_noopresponse_t\fR +structures. +\fBlwres_nooprequest_parse()\fR +and +\fBlwres_noopresponse_parse()\fR +will return +\fBLWRES_R_UNEXPECTEDEND\fR +if the buffer is not empty after decoding the received packet. These functions will return +\fBLWRES_R_FAILURE\fR +if +\fBpktflags\fR +in the packet header structure +\fBlwres_lwpacket_t\fR +indicate that the packet is not a response to an earlier query. .SH "SEE ALSO" .PP - \fBlwres_packet\fR(3 ) +\fBlwres_packet\fR(3 ) diff --git a/lib/lwres/man/lwres_noop.html b/lib/lwres/man/lwres_noop.html index 42dfb37774b..36f2ca38820 100644 --- a/lib/lwres/man/lwres_noop.html +++ b/lib/lwres/man/lwres_noop.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_noop - + - + Name lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free — lightweight resolver no-op message handling @@ -165,7 +165,7 @@ void -DESCRIPTION +DESCRIPTION These are low-level routines for creating and parsing lightweight resolver no-op request and response messages. @@ -246,7 +246,7 @@ structures referenced via structp. -RETURN VALUES +RETURN VALUES The no-op opcode functions lwres_nooprequest_render(), @@ -285,7 +285,7 @@ indicate that the packet is not a response to an earlier query. -SEE ALSO +SEE ALSO lwres_packet(3 ) diff --git a/lib/lwres/man/lwres_packet.3 b/lib/lwres/man/lwres_packet.3 index beb90a1a45a..e307360198e 100644 --- a/lib/lwres/man/lwres_packet.3 +++ b/lib/lwres/man/lwres_packet.3 @@ -13,43 +13,36 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_packet.3,v 1.15.2.5 2005/09/12 00:28:59 marka Exp $ +.\" $Id: lwres_packet.3,v 1.15.2.6 2005/10/13 02:23:34 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_PACKET" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_PACKET" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_lwpacket_renderheader, lwres_lwpacket_parseheader \- lightweight resolver packet handling functions .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 44 -lwres_result_t\ \fBlwres_lwpacket_renderheader\fR\ (lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt); .HP 43 -lwres_result_t\ \fBlwres_lwpacket_parseheader\fR\ (lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt); +\fBlwres_result_t\ \fBlwres_lwpacket_renderheader\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB);\fR +.HP 42 +\fBlwres_result_t\ \fBlwres_lwpacket_parseheader\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_lwpacket_t\ *pkt\fR\fB);\fR .SH "DESCRIPTION" .PP -These functions rely on a \fBstruct lwres_lwpacket\fR which is defined in \fIlwres/lwpacket\&.h\fR\&. +These functions rely on a +\fBstruct lwres_lwpacket\fR +which is defined in +\fIlwres/lwpacket.h\fR. +.sp .nf typedef struct lwres_lwpacket lwres_lwpacket_t; struct lwres_lwpacket { @@ -64,50 +57,73 @@ struct lwres_lwpacket { lwres_uint16_t authlength; }; .fi +.sp .PP -The elements of this structure are: +The elements of this structure are: .TP \fBlength\fR -the overall packet length, including the entire packet header\&. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls\&. +the overall packet length, including the entire packet header. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls. .TP \fBversion\fR -the header format\&. There is currently only one format, \fBLWRES_LWPACKETVERSION_0\fR\&. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls\&. +the header format. There is currently only one format, +\fBLWRES_LWPACKETVERSION_0\fR. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls. .TP \fBpktflags\fR -library\-defined flags for this packet: for instance whether the packet is a request or a reply\&. Flag values can be set, but not defined by the caller\&. This field is filled in by the application wit the exception of the LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in the lwres_gabn_*() and lwres_gnba_*() calls\&. +library\-defined flags for this packet: for instance whether the packet is a request or a reply. Flag values can be set, but not defined by the caller. This field is filled in by the application wit the exception of the LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in the lwres_gabn_*() and lwres_gnba_*() calls. .TP \fBserial\fR -is set by the requestor and is returned in all replies\&. If two or more packets from the same source have the same serial number and are from the same source, they are assumed to be duplicates and the latter ones may be dropped\&. This field must be set by the application\&. +is set by the requestor and is returned in all replies. If two or more packets from the same source have the same serial number and are from the same source, they are assumed to be duplicates and the latter ones may be dropped. This field must be set by the application. .TP \fBopcode\fR -indicates the operation\&. Opcodes between 0x00000000 and 0x03ffffff are reserved for use by the lightweight resolver library\&. Opcodes between 0x04000000 and 0xffffffff are application defined\&. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls\&. +indicates the operation. Opcodes between 0x00000000 and 0x03ffffff are reserved for use by the lightweight resolver library. Opcodes between 0x04000000 and 0xffffffff are application defined. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls. .TP \fBresult\fR -is only valid for replies\&. Results between 0x04000000 and 0xffffffff are application defined\&. Results between 0x00000000 and 0x03ffffff are reserved for library use\&. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls\&. +is only valid for replies. Results between 0x04000000 and 0xffffffff are application defined. Results between 0x00000000 and 0x03ffffff are reserved for library use. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls. .TP \fBrecvlength\fR -is the maximum buffer size that the receiver can handle on requests and the size of the buffer needed to satisfy a request when the buffer is too large for replies\&. This field is supplied by the application\&. +is the maximum buffer size that the receiver can handle on requests and the size of the buffer needed to satisfy a request when the buffer is too large for replies. This field is supplied by the application. .TP \fBauthtype\fR -defines the packet level authentication that is used\&. Authorisation types between 0x1000 and 0xffff are application defined and types between 0x0000 and 0x0fff are reserved for library use\&. Currently these are not used and must be zero\&. +defines the packet level authentication that is used. Authorisation types between 0x1000 and 0xffff are application defined and types between 0x0000 and 0x0fff are reserved for library use. Currently these are not used and must be zero. .TP \fBauthlen\fR -gives the length of the authentication data\&. Since packet authentication is currently not used, this must be zero\&. +gives the length of the authentication data. Since packet authentication is currently not used, this must be zero. .PP -The following opcodes are currently defined: +The following opcodes are currently defined: .TP \fBNOOP\fR -Success is always returned and the packet contents are echoed\&. The lwres_noop_*() functions should be used for this type\&. +Success is always returned and the packet contents are echoed. The lwres_noop_*() functions should be used for this type. .TP \fBGETADDRSBYNAME\fR -returns all known addresses for a given name\&. The lwres_gabn_*() functions should be used for this type\&. +returns all known addresses for a given name. The lwres_gabn_*() functions should be used for this type. .TP \fBGETNAMEBYADDR\fR -return the hostname for the given address\&. The lwres_gnba_*() functions should be used for this type\&. +return the hostname for the given address. The lwres_gnba_*() functions should be used for this type. .PP - \fBlwres_lwpacket_renderheader()\fR transfers the contents of lightweight resolver packet structure \fBlwres_lwpacket_t\fR \fI*pkt\fR in network byte order to the lightweight resolver buffer, \fI*b\fR\&. +\fBlwres_lwpacket_renderheader()\fR +transfers the contents of lightweight resolver packet structure +\fBlwres_lwpacket_t\fR\fI*pkt\fR +in network byte order to the lightweight resolver buffer, +\fI*b\fR. .PP - \fBlwres_lwpacket_parseheader()\fR performs the converse operation\&. It transfers data in network byte order from buffer \fI*b\fR to resolver packet \fI*pkt\fR\&. The contents of the buffer \fIb\fR should correspond to a \fBlwres_lwpacket_t\fR\&. +\fBlwres_lwpacket_parseheader()\fR +performs the converse operation. It transfers data in network byte order from buffer +\fI*b\fR +to resolver packet +\fI*pkt\fR. The contents of the buffer +\fIb\fR +should correspond to a +\fBlwres_lwpacket_t\fR. .SH "RETURN VALUES" .PP -Successful calls to \fBlwres_lwpacket_renderheader()\fR and \fBlwres_lwpacket_parseheader()\fR return \fBLWRES_R_SUCCESS\fR\&. If there is insufficient space to copy data between the buffer \fI*b\fR and lightweight resolver packet \fI*pkt\fR both functions return \fBLWRES_R_UNEXPECTEDEND\fR\&. +Successful calls to +\fBlwres_lwpacket_renderheader()\fR +and +\fBlwres_lwpacket_parseheader()\fR +return +\fBLWRES_R_SUCCESS\fR. If there is insufficient space to copy data between the buffer +\fI*b\fR +and lightweight resolver packet +\fI*pkt\fR +both functions return +\fBLWRES_R_UNEXPECTEDEND\fR. diff --git a/lib/lwres/man/lwres_packet.html b/lib/lwres/man/lwres_packet.html index a3e4253e766..a1f49efb0de 100644 --- a/lib/lwres/man/lwres_packet.html +++ b/lib/lwres/man/lwres_packet.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_packet - + - + Name lwres_lwpacket_renderheader, lwres_lwpacket_parseheader — lightweight resolver packet handling functions @@ -64,7 +64,7 @@ lwres_result_t -DESCRIPTION +DESCRIPTION These functions rely on a struct lwres_lwpacket @@ -202,7 +202,7 @@ buffer *b to resolver packet -RETURN VALUES +RETURN VALUES Successful calls to lwres_lwpacket_renderheader() and lwres_lwpacket_parseheader() return diff --git a/lib/lwres/man/lwres_resutil.3 b/lib/lwres/man/lwres_resutil.3 index 2e3bf3cc9ca..bdd2f4eefb5 100644 --- a/lib/lwres/man/lwres_resutil.3 +++ b/lib/lwres/man/lwres_resutil.3 @@ -13,51 +13,64 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_resutil.3,v 1.14.2.5 2005/09/12 00:29:00 marka Exp $ +.\" $Id: lwres_resutil.3,v 1.14.2.6 2005/10/13 02:23:34 marka Exp $ .\" .hy 0 .ad l -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "LWRES_RESUTIL" 3 "Jun 30, 2000" "" "" -.SH NAME +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "LWRES_RESUTIL" "3" "Jun 30, 2000" "BIND9" "BIND9" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr \- lightweight resolver utility functions .SH "SYNOPSIS" .nf -#include +#include .fi -.HP 35 -lwres_result_t\ \fBlwres_string_parse\fR\ (lwres_buffer_t\ *b, char\ **c, lwres_uint16_t\ *len); -.HP 33 -lwres_result_t\ \fBlwres_addr_parse\fR\ (lwres_buffer_t\ *b, lwres_addr_t\ *addr); -.HP 37 -lwres_result_t\ \fBlwres_getaddrsbyname\fR\ (lwres_context_t\ *ctx, const\ char\ *name, lwres_uint32_t\ addrtypes, lwres_gabnresponse_t\ **structp); +.HP 34 +\fBlwres_result_t\ \fBlwres_string_parse\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBchar\ **c\fR\fB, \fR\fBlwres_uint16_t\ *len\fR\fB);\fR +.HP 32 +\fBlwres_result_t\ \fBlwres_addr_parse\fR\fR\fB(\fR\fBlwres_buffer_t\ *b\fR\fB, \fR\fBlwres_addr_t\ *addr\fR\fB);\fR .HP 36 -lwres_result_t\ \fBlwres_getnamebyaddr\fR\ (lwres_context_t\ *ctx, lwres_uint32_t\ addrtype, lwres_uint16_t\ addrlen, const\ unsigned\ char\ *addr, lwres_gnbaresponse_t\ **structp); +\fBlwres_result_t\ \fBlwres_getaddrsbyname\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBconst\ char\ *name\fR\fB, \fR\fBlwres_uint32_t\ addrtypes\fR\fB, \fR\fBlwres_gabnresponse_t\ **structp\fR\fB);\fR +.HP 35 +\fBlwres_result_t\ \fBlwres_getnamebyaddr\fR\fR\fB(\fR\fBlwres_context_t\ *ctx\fR\fB, \fR\fBlwres_uint32_t\ addrtype\fR\fB, \fR\fBlwres_uint16_t\ addrlen\fR\fB, \fR\fBconst\ unsigned\ char\ *addr\fR\fB, \fR\fBlwres_gnbaresponse_t\ **structp\fR\fB);\fR .SH "DESCRIPTION" .PP - \fBlwres_string_parse()\fR retrieves a DNS\-encoded string starting the current pointer of lightweight resolver buffer \fIb\fR: i\&.e\&. \fBb\->current\fR\&. When the function returns, the address of the first byte of the encoded string is returned via \fI*c\fR and the length of that string is given by \fI*len\fR\&. The buffer's current pointer is advanced to point at the character following the string length, the encoded string, and the trailing \fBNULL\fR character\&. +\fBlwres_string_parse()\fR +retrieves a DNS\-encoded string starting the current pointer of lightweight resolver buffer +\fIb\fR: i.e. +\fBb\->current\fR. When the function returns, the address of the first byte of the encoded string is returned via +\fI*c\fR +and the length of that string is given by +\fI*len\fR. The buffer's current pointer is advanced to point at the character following the string length, the encoded string, and the trailing +\fBNULL\fR +character. .PP - \fBlwres_addr_parse()\fR extracts an address from the buffer \fIb\fR\&. The buffer's current pointer \fBb\->current\fR is presumed to point at an encoded address: the address preceded by a 32\-bit protocol family identifier and a 16\-bit length field\&. The encoded address is copied to \fBaddr\->address\fR and \fBaddr\->length\fR indicates the size in bytes of the address that was copied\&. \fBb\->current\fR is advanced to point at the next byte of available data in the buffer following the encoded address\&. +\fBlwres_addr_parse()\fR +extracts an address from the buffer +\fIb\fR. The buffer's current pointer +\fBb\->current\fR +is presumed to point at an encoded address: the address preceded by a 32\-bit protocol family identifier and a 16\-bit length field. The encoded address is copied to +\fBaddr\->address\fR +and +\fBaddr\->length\fR +indicates the size in bytes of the address that was copied. +\fBb\->current\fR +is advanced to point at the next byte of available data in the buffer following the encoded address. .PP - \fBlwres_getaddrsbyname()\fR and \fBlwres_getnamebyaddr()\fR use the \fBlwres_gnbaresponse_t\fR structure defined below: +\fBlwres_getaddrsbyname()\fR +and +\fBlwres_getnamebyaddr()\fR +use the +\fBlwres_gnbaresponse_t\fR +structure defined below: +.sp .nf typedef struct { lwres_uint32_t flags; @@ -72,20 +85,76 @@ typedef struct { size_t baselen; } lwres_gabnresponse_t; .fi - The contents of this structure are not manipulated directly but they are controlled through the \fBlwres_gabn\fR(3 ) functions\&. +.sp +The contents of this structure are not manipulated directly but they are controlled through the +\fBlwres_gabn\fR(3 ) +functions. .PP -The lightweight resolver uses \fBlwres_getaddrsbyname()\fR to perform foward lookups\&. Hostname \fIname\fR is looked up using the resolver context \fIctx\fR for memory allocation\&. \fIaddrtypes\fR is a bitmask indicating which type of addresses are to be looked up\&. Current values for this bitmask are \fBLWRES_ADDRTYPE_V4\fR for IPv4 addresses and \fBLWRES_ADDRTYPE_V6\fR for IPv6 addresses\&. Results of the lookup are returned in \fI*structp\fR\&. +The lightweight resolver uses +\fBlwres_getaddrsbyname()\fR +to perform foward lookups. Hostname +\fIname\fR +is looked up using the resolver context +\fIctx\fR +for memory allocation. +\fIaddrtypes\fR +is a bitmask indicating which type of addresses are to be looked up. Current values for this bitmask are +\fBLWRES_ADDRTYPE_V4\fR +for IPv4 addresses and +\fBLWRES_ADDRTYPE_V6\fR +for IPv6 addresses. Results of the lookup are returned in +\fI*structp\fR. .PP - \fBlwres_getnamebyaddr()\fR performs reverse lookups\&. Resolver context \fIctx\fR is used for memory allocation\&. The address type is indicated by \fIaddrtype\fR: \fBLWRES_ADDRTYPE_V4\fR or \fBLWRES_ADDRTYPE_V6\fR\&. The address to be looked up is given by \fIaddr\fR and its length is \fIaddrlen\fR bytes\&. The result of the function call is made available through \fI*structp\fR\&. +\fBlwres_getnamebyaddr()\fR +performs reverse lookups. Resolver context +\fIctx\fR +is used for memory allocation. The address type is indicated by +\fIaddrtype\fR: +\fBLWRES_ADDRTYPE_V4\fR +or +\fBLWRES_ADDRTYPE_V6\fR. The address to be looked up is given by +\fIaddr\fR +and its length is +\fIaddrlen\fR +bytes. The result of the function call is made available through +\fI*structp\fR. .SH "RETURN VALUES" .PP -Successful calls to \fBlwres_string_parse()\fR and \fBlwres_addr_parse()\fR return \fBLWRES_R_SUCCESS\&.\fR Both functions return \fBLWRES_R_FAILURE\fR if the buffer is corrupt or \fBLWRES_R_UNEXPECTEDEND\fR if the buffer has less space than expected for the components of the encoded string or address\&. +Successful calls to +\fBlwres_string_parse()\fR +and +\fBlwres_addr_parse()\fR +return +\fBLWRES_R_SUCCESS.\fR +Both functions return +\fBLWRES_R_FAILURE\fR +if the buffer is corrupt or +\fBLWRES_R_UNEXPECTEDEND\fR +if the buffer has less space than expected for the components of the encoded string or address. .PP - \fBlwres_getaddrsbyname()\fR returns \fBLWRES_R_SUCCESS\fR on success and it returns \fBLWRES_R_NOTFOUND\fR if the hostname \fIname\fR could not be found\&. +\fBlwres_getaddrsbyname()\fR +returns +\fBLWRES_R_SUCCESS\fR +on success and it returns +\fBLWRES_R_NOTFOUND\fR +if the hostname +\fIname\fR +could not be found. .PP - \fBLWRES_R_SUCCESS\fR is returned by a successful call to \fBlwres_getnamebyaddr()\fR\&. +\fBLWRES_R_SUCCESS\fR +is returned by a successful call to +\fBlwres_getnamebyaddr()\fR. .PP -Both \fBlwres_getaddrsbyname()\fR and \fBlwres_getnamebyaddr()\fR return \fBLWRES_R_NOMEMORY\fR when memory allocation requests fail and \fBLWRES_R_UNEXPECTEDEND\fR if the buffers used for sending queries and receiving replies are too small\&. +Both +\fBlwres_getaddrsbyname()\fR +and +\fBlwres_getnamebyaddr()\fR +return +\fBLWRES_R_NOMEMORY\fR +when memory allocation requests fail and +\fBLWRES_R_UNEXPECTEDEND\fR +if the buffers used for sending queries and receiving replies are too small. .SH "SEE ALSO" .PP - \fBlwres_buffer\fR(3), \fBlwres_gabn\fR(3)\&. +\fBlwres_buffer\fR(3), +\fBlwres_gabn\fR(3). diff --git a/lib/lwres/man/lwres_resutil.html b/lib/lwres/man/lwres_resutil.html index ddb91f588cd..62d181c85f3 100644 --- a/lib/lwres/man/lwres_resutil.html +++ b/lib/lwres/man/lwres_resutil.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + lwres_resutil - + - + Name lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr — lightweight resolver utility functions @@ -124,7 +124,7 @@ lwres_result_t -DESCRIPTION +DESCRIPTION lwres_string_parse() retrieves a DNS-encoded string starting the current pointer of lightweight resolver buffer @@ -200,7 +200,7 @@ is made available through *structp. -RETURN VALUES +RETURN VALUES Successful calls to lwres_string_parse() @@ -244,7 +244,7 @@ small. -SEE ALSO +SEE ALSO lwres_buffer(3),