* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: ddns-confgen.c,v 1.4 2009/06/11 23:47:55 tbox Exp $ */
+/* $Id: ddns-confgen.c,v 1.5 2009/06/16 22:36:53 jinmei Exp $ */
/*! \file */
fprintf(stderr, "\
Usage:\n\
- %s [-a alg] [-k keyname] [-r randomfile] [-q] [-z zone]\n\
+ %s [-a alg] [-k keyname] [-r randomfile] [-q] [-s name | -z zone]\n\
-a alg: algorithm (default hmac-sha256)\n\
- -k keyname: name of the key as it will be used in named.conf\n\
+ -k keyname: name of the key as it will be used in named.conf\n\
-r randomfile: source of random data (use \"keyboard\" for key timing)\n\
- -z zone: name of the zone as it will be used named.conf\n\
- -q: quiet mode: print the key, with no explanatory text\n",
+ -s name: domain name to be updated the created key\n\
+ -z zone: name of the zone as it will be used in named.conf\n\
+ -q: quiet mode: print the key, with no explanatory text\n",
progname);
exit (status);
main(int argc, char **argv) {
isc_boolean_t show_final_mem = ISC_FALSE;
isc_boolean_t quiet = ISC_FALSE;
- isc_boolean_t self = ISC_FALSE;
isc_buffer_t key_txtbuffer;
char key_txtsecret[256];
isc_mem_t *mctx = NULL;
const char *randomfile = NULL;
const char *keyname = NULL;
const char *zone = NULL;
+ const char *self_domain = NULL;
char *keybuf = NULL;
dns_secalg_t alg = DST_ALG_HMACSHA256;
const char *algname = alg_totext(alg);
isc_commandline_errprint = ISC_FALSE;
while ((ch = isc_commandline_parse(argc, argv,
- "a:hk:Mmr:qsVy:")) != -1) {
+ "a:hk:Mmr:qs:Vy:z:")) != -1) {
switch (ch) {
case 'a':
algname = isc_commandline_argument;
randomfile = isc_commandline_argument;
break;
case 's':
- self = ISC_TRUE;
+ self_domain = isc_commandline_argument;
break;
case 'V':
verbose = ISC_TRUE;
break;
+ case 'z':
+ zone = isc_commandline_argument;
+ break;
case '?':
if (isc_commandline_option != '?') {
fprintf(stderr, "%s: invalid argument -%c\n",
argc -= isc_commandline_index;
argv += isc_commandline_index;
- if (argc == 1)
- zone = argv[0];
+ if (self_domain != NULL && zone != NULL)
+ usage(1); /* -s and -z cannot coexist */
- if (argc > 1)
+ if (argc > 0)
usage(1);
DO("create memory context", isc_mem_create(0, 0, &mctx));
- if (self) {
- if (zone == NULL)
- usage(1);
- keyname = zone;
- } else {
- if (keyname == NULL)
- keyname = DEFAULT_KEYNAME;
+ if (keyname == NULL) {
+ const char *suffix = NULL;
- if (zone != NULL) {
- len = strlen(keyname) + strlen(zone) + 2;
+ keyname = DEFAULT_KEYNAME;
+ if (self_domain != NULL)
+ suffix = self_domain;
+ else if (zone != NULL)
+ suffix = zone;
+ if (suffix != NULL) {
+ len = strlen(keyname) + strlen(suffix) + 2;
keybuf = isc_mem_get(mctx, len);
- snprintf(keybuf, len, "%s.%s", keyname, zone);
+ if (keybuf == NULL)
+ fatal("failed to allocate memory for keyname");
+ snprintf(keybuf, len, "%s.%s", keyname, suffix);
keyname = (const char *) keybuf;
}
}
(char *)isc_buffer_base(&key_txtbuffer));
if (!quiet) {
- if (zone == NULL) {
+ if (self_domain != NULL) {
printf("\n\
-# Then, in the \"zone\" statement for each zone you wish to dynamically\n\
-# update, place an \"update-policy\" statement granting update permission\n\
-# to this key. For example, the following statement grants this key\n\
-# permission to update any name within the zone:\n\
-update-policy {\n\
- grant %s zonesub ANY;\n\
-};\n",
- keyname);
- } else if (self) {
- printf("\n\
-# Finally, in the \"zone\" statement for the zone containing the\n\
+# Then, in the \"zone\" statement for the zone containing the\n\
# name \"%s\", place an \"update-policy\" statement\n\
# like this one, adjusted as needed for your preferred permissions:\n\
update-policy {\n\
grant %s self . ANY;\n\
};\n",
- zone, keyname);
- } else {
+ self_domain, keyname);
+ } else if (zone != NULL) {
printf("\n\
-# Finally, in the \"zone\" definition statement for \"%s\",\n\
+# Then, in the \"zone\" definition statement for \"%s\",\n\
# place an \"update-policy\" statement like this one, adjusted as \n\
# needed for your preferred permissions:\n\
update-policy {\n\
- grant %s subdomain %s%s ANY;\n\
+ grant %s zonesub ANY;\n\
};\n",
- zone, keyname, zone,
- zone[strlen(zone) - 1] == '.' ? "" : ".");
+ zone, keyname);
+ } else {
+ printf("\n\
+# Then, in the \"zone\" statement for each zone you wish to dynamically\n\
+# update, place an \"update-policy\" statement granting update permission\n\
+# to this key. For example, the following statement grants this key\n\
+# permission to update any name within the zone:\n\
+update-policy {\n\
+ grant %s zonesub ANY;\n\
+};\n",
+ keyname);
}
+ }
printf("\n\
-# After the keyfile has been created, the following command will\n\
+# After the keyfile has been placed, the following command will\n\
# execute nsupdate using this key:\n\
nsupdate -k <keyfile>\n");
- }
- if (zone != NULL && keybuf != NULL)
+ if (keybuf != NULL)
isc_mem_put(mctx, keybuf, len);
if (show_final_mem)
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: ddns-confgen.docbook,v 1.3 2009/06/11 23:47:55 tbox Exp $ -->
+<!-- $Id: ddns-confgen.docbook,v 1.4 2009/06/16 22:36:53 jinmei Exp $ -->
<refentry id="man.ddns-confgen">
<refentryinfo>
<date>Jan 29, 2009</date>
<arg><option>-h</option></arg>
<arg><option>-k <replaceable class="parameter">keyname</replaceable></option></arg>
<arg><option>-r <replaceable class="parameter">randomfile</replaceable></option></arg>
- <arg><option>-s</option></arg>
+ <arg><option>-s name | -z zone</option></arg>
<arg><option>-q</option></arg>
<arg choice="opt">name</arg>
</cmdsynopsis>
<listitem>
<para>
Specifies the key name of the DDNS authentication key.
- The default is <constant>ddns-key</constant>.
+ The default is <constant>ddns-key</constant> when neither
+ the <command>-s</command> nor <command>-z</command> option is
+ specified; otherwise, the default
+ is <constant>ddns-key</constant> as a separate label
+ followed by the argument of the option, e.g.,
+ <constant>ddns-key.example.com.</constant>
The key name must have the format of a valid domain name,
consisting of letters, digits, hyphens and periods.
</para>
</varlistentry>
<varlistentry>
- <term>-s</term>
+ <term>-s <replaceable class="parameter">name</replaceable></term>
<listitem>
<para>
Self mode: The example <command>named.conf</command> text
- shows how to set an update policy using the "self" nametype,
- using a single key per each domain name for updates, instead of
- the "subdomain" nametype which allows matching on any name
- within a specified domain.
+ shows how to set an update policy for the specified
+ <replaceable class="parameter">name</replaceable>
+ using the "self" nametype, instead of the "subdomain"
+ nametype which allows matching on any name within a
+ specified domain.
+ This option cannot be used with the <command>-z</command> option.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-z <replaceable class="parameter">zone</replaceable></term>
+ <listitem>
+ <para>
+ zone mode: The example <command>named.conf</command> text
+ shows how to set an update policy for the specified
+ <replaceable class="parameter">zone</replaceable>
+ using the "zonesub" nametype, allowing updates to all subdomain
+ names within
+ that <replaceable class="parameter">zone</replaceable>.
+ This option cannot be used with the <command>-s</command> option.
</para>
</listitem>
</varlistentry>
projects / thirdparty / bind9.git / commitdiff
