fprintf(stderr, "Timing options:\n");
fprintf(stderr, " -P date/[+-]offset/none: set/unset key "
"publication date\n");
+ fprintf(stderr, " -P ds date/[+-]offset/none: set/unset "
+ "DS publication date\n");
fprintf(stderr, " -P sync date/[+-]offset/none: set/unset "
"CDS and CDNSKEY publication date\n");
fprintf(stderr, " -A date/[+-]offset/none: set/unset key "
"inactivation date\n");
fprintf(stderr, " -D date/[+-]offset/none: set/unset key "
"deletion date\n");
+ fprintf(stderr, " -D ds date/[+-]offset/none: set/unset "
+ "DS deletion date\n");
fprintf(stderr, " -D sync date/[+-]offset/none: set/unset "
"CDS and CDNSKEY deletion date\n");
fprintf(stderr, " -S <key>: generate a successor to an existing "
bool unsetsyncadd = false, setsyncadd = false;
bool unsetsyncdel = false, setsyncdel = false;
bool printsyncadd = false, printsyncdel = false;
+ isc_stdtime_t dsadd = 0, dsdel = 0;
+ bool unsetdsadd = false, setdsadd = false;
+ bool unsetdsdel = false, setdsdel = false;
+ bool printdsadd = false, printdsdel = false;
options = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_STATE;
unsetsyncdel = !setsyncdel;
break;
}
+ /* -Dds ? */
+ if (isoptarg("ds", argv, usage)) {
+ if (unsetdsdel || setdsdel) {
+ fatal("-D ds specified more than once");
+ }
+
+ changed = true;
+ dsdel = strtotime(isc_commandline_argument, now,
+ now, &setdsdel);
+ unsetdsdel = !setdsdel;
+ break;
+ }
/* -Ddnskey ? */
(void)isoptarg("dnskey", argv, usage);
if (setdel || unsetdel) {
unsetsyncadd = !setsyncadd;
break;
}
+ /* -Pds ? */
+ if (isoptarg("ds", argv, usage)) {
+ if (unsetdsadd || setdsadd) {
+ fatal("-P ds specified more than once");
+ }
+
+ changed = true;
+ dsadd = strtotime(isc_commandline_argument, now,
+ now, &setdsadd);
+ unsetdsadd = !setdsadd;
+ break;
+ }
+ /* -Pdnskey ? */
(void)isoptarg("dnskey", argv, usage);
if (setpub || unsetpub) {
fatal("-P specified more than once");
printdel = true;
printsyncadd = true;
printsyncdel = true;
+ printdsadd = true;
+ printdsdel = true;
break;
}
printsyncdel = true;
break;
}
+ if (!strncmp(p, "ds", 2)) {
+ p += 2;
+ printdsdel = true;
+ break;
+ }
printdel = true;
break;
case 'I':
printsyncadd = true;
break;
}
+ if (!strncmp(p, "ds", 2)) {
+ p += 2;
+ printdsadd = true;
+ break;
+ }
printpub = true;
break;
case 'R':
dst_key_unsettime(key, DST_TIME_SYNCDELETE);
}
+ if (setdsadd) {
+ dst_key_settime(key, DST_TIME_DSPUBLISH, dsadd);
+ } else if (unsetdsadd) {
+ dst_key_unsettime(key, DST_TIME_DSPUBLISH);
+ }
+
+ if (setdsdel) {
+ dst_key_settime(key, DST_TIME_DSDELETE, dsdel);
+ } else if (unsetdsdel) {
+ dst_key_unsettime(key, DST_TIME_DSDELETE);
+ }
+
if (setttl) {
dst_key_setttl(key, ttl);
}
stdout);
}
+ if (printdsadd) {
+ printtime(key, DST_TIME_DSPUBLISH, "DS Publish", epoch, stdout);
+ }
+
+ if (printdsdel) {
+ printtime(key, DST_TIME_DSDELETE, "DS Delete", epoch, stdout);
+ }
+
if (changed) {
writekey(key, directory, write_state);
if (predecessor != NULL && prevkey != NULL) {
Synopsis
~~~~~~~~
-:program:`dnssec-settime` [**-f**] [**-K** directory] [**-L** ttl] [**-P** date/offset] [**-P** sync date/offset] [**-A** date/offset] [**-R** date/offset] [**-I** date/offset] [**-D** date/offset] [**-D** sync date/offset] [**-S** key] [**-i** interval] [**-h**] [**-V**] [**-v** level] [**-E** engine] {keyfile} [**-s**] [**-g** state] [**-d** state date/offset] [**-k** state date/offset] [**-r** state date/offset] [**-z** state date/offset]
+:program:`dnssec-settime` [**-f**] [**-K** directory] [**-L** ttl] [**-P** date/offset] [**-P** ds date/offset] [**-P** sync date/offset] [**-A** date/offset] [**-R** date/offset] [**-I** date/offset] [**-D** date/offset] [**-D** ds date/offset] [**-D** sync date/offset] [**-S** key] [**-i** interval] [**-h**] [**-V**] [**-v** level] [**-E** engine] {keyfile} [**-s**] [**-g** state] [**-d** state date/offset] [**-k** state date/offset] [**-r** state date/offset] [**-z** state date/offset]
Description
~~~~~~~~~~~
that date, the key will be included in the zone but will not be used
to sign it.
+**-P** ds date/offset
+ Sets the date on which DS records that match this key have been
+ seen in the parent zone.
+
**-P** sync date/offset
Sets the date on which CDS and CDNSKEY records that match this key
are to be published to the zone.
key will no longer be included in the zone. (It may remain in the key
repository, however.)
+**-D** ds date/offset
+ Sets the date on which the DS records that match this key have
+ been seen removed from the parent zone.
+
**-D** sync date/offset
Sets the date on which the CDS and CDNSKEY records that match this
key are to be deleted.
**-u**
Print times in UNIX epoch format.
-**-p** C/P/Psync/A/R/I/D/Dsync/all
- Print a specific metadata value or set of metadata values. The ``-p``
- option may be followed by one or more of the following letters or
- strings to indicate which value or values to print: ``C`` for the
- creation date, ``P`` for the publication date, ``Psync`` for the CDS
- and CDNSKEY publication date, ``A`` for the activation date, ``R``
- for the revocation date, ``I`` for the inactivation date, ``D`` for
- the deletion date, and ``Dsync`` for the CDS and CDNSKEY deletion
- date To print all of the metadata, use ``-p all``.
+**-p** C/P/Pds/Psync/A/R/I/D/Dds/Dsync/all
+ Prints a specific metadata value or set of metadata values. The ``-p``
+ option may be followed by one or more of the following letters or strings
+ to indicate which value or values to print: ``C`` for the creation date,
+ ``P`` for the publication date, ``Pds` for the DS publication date,
+ ``Psync`` for the CDS and CDNSKEY publication date, ``A`` for the
+ activation date, ``R`` for the revocation date, ``I`` for the inactivation
+ date, ``D`` for the deletion date, ``Dds`` for the DS deletion date,
+ and ``Dsync`` for the CDS and CDNSKEY deletion date. To print all of the
+ metadata, use ``all``.
See Also
~~~~~~~~
projects / thirdparty / bind9.git / commitdiff
