+5499. [func] Add '-P ds' and '-D ds' arguments to dnssec-settime.
+
5498. [test] The --with-gperftools-profiler configure option was
removed. [GL !4045]
fprintf(stderr, "Timing options:\n");
fprintf(stderr, " -P date/[+-]offset/none: set/unset key "
"publication date\n");
+ fprintf(stderr, " -P ds date/[+-]offset/none: set/unset "
+ "DS publication date\n");
fprintf(stderr, " -P sync date/[+-]offset/none: set/unset "
"CDS and CDNSKEY publication date\n");
fprintf(stderr, " -A date/[+-]offset/none: set/unset key "
"inactivation date\n");
fprintf(stderr, " -D date/[+-]offset/none: set/unset key "
"deletion date\n");
+ fprintf(stderr, " -D ds date/[+-]offset/none: set/unset "
+ "DS deletion date\n");
fprintf(stderr, " -D sync date/[+-]offset/none: set/unset "
"CDS and CDNSKEY deletion date\n");
fprintf(stderr, " -S <key>: generate a successor to an existing "
bool unsetsyncadd = false, setsyncadd = false;
bool unsetsyncdel = false, setsyncdel = false;
bool printsyncadd = false, printsyncdel = false;
+ isc_stdtime_t dsadd = 0, dsdel = 0;
+ bool unsetdsadd = false, setdsadd = false;
+ bool unsetdsdel = false, setdsdel = false;
+ bool printdsadd = false, printdsdel = false;
options = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_STATE;
unsetsyncdel = !setsyncdel;
break;
}
+ /* -Dds ? */
+ if (isoptarg("ds", argv, usage)) {
+ if (unsetdsdel || setdsdel) {
+ fatal("-D ds specified more than once");
+ }
+
+ changed = true;
+ dsdel = strtotime(isc_commandline_argument, now,
+ now, &setdsdel);
+ unsetdsdel = !setdsdel;
+ break;
+ }
/* -Ddnskey ? */
(void)isoptarg("dnskey", argv, usage);
if (setdel || unsetdel) {
unsetsyncadd = !setsyncadd;
break;
}
+ /* -Pds ? */
+ if (isoptarg("ds", argv, usage)) {
+ if (unsetdsadd || setdsadd) {
+ fatal("-P ds specified more than once");
+ }
+
+ changed = true;
+ dsadd = strtotime(isc_commandline_argument, now,
+ now, &setdsadd);
+ unsetdsadd = !setdsadd;
+ break;
+ }
+ /* -Pdnskey ? */
(void)isoptarg("dnskey", argv, usage);
if (setpub || unsetpub) {
fatal("-P specified more than once");
printdel = true;
printsyncadd = true;
printsyncdel = true;
+ printdsadd = true;
+ printdsdel = true;
break;
}
printsyncdel = true;
break;
}
+ if (!strncmp(p, "ds", 2)) {
+ p += 2;
+ printdsdel = true;
+ break;
+ }
printdel = true;
break;
case 'I':
printsyncadd = true;
break;
}
+ if (!strncmp(p, "ds", 2)) {
+ p += 2;
+ printdsadd = true;
+ break;
+ }
printpub = true;
break;
case 'R':
dst_key_unsettime(key, DST_TIME_SYNCDELETE);
}
+ if (setdsadd) {
+ dst_key_settime(key, DST_TIME_DSPUBLISH, dsadd);
+ } else if (unsetdsadd) {
+ dst_key_unsettime(key, DST_TIME_DSPUBLISH);
+ }
+
+ if (setdsdel) {
+ dst_key_settime(key, DST_TIME_DSDELETE, dsdel);
+ } else if (unsetdsdel) {
+ dst_key_unsettime(key, DST_TIME_DSDELETE);
+ }
+
if (setttl) {
dst_key_setttl(key, ttl);
}
stdout);
}
+ if (printdsadd) {
+ printtime(key, DST_TIME_DSPUBLISH, "DS Publish", epoch, stdout);
+ }
+
+ if (printdsdel) {
+ printtime(key, DST_TIME_DSDELETE, "DS Delete", epoch, stdout);
+ }
+
if (changed) {
writekey(key, directory, write_state);
if (predecessor != NULL && prevkey != NULL) {
Synopsis
~~~~~~~~
-:program:`dnssec-settime` [**-f**] [**-K** directory] [**-L** ttl] [**-P** date/offset] [**-P** sync date/offset] [**-A** date/offset] [**-R** date/offset] [**-I** date/offset] [**-D** date/offset] [**-D** sync date/offset] [**-S** key] [**-i** interval] [**-h**] [**-V**] [**-v** level] [**-E** engine] {keyfile} [**-s**] [**-g** state] [**-d** state date/offset] [**-k** state date/offset] [**-r** state date/offset] [**-z** state date/offset]
+:program:`dnssec-settime` [**-f**] [**-K** directory] [**-L** ttl] [**-P** date/offset] [**-P** ds date/offset] [**-P** sync date/offset] [**-A** date/offset] [**-R** date/offset] [**-I** date/offset] [**-D** date/offset] [**-D** ds date/offset] [**-D** sync date/offset] [**-S** key] [**-i** interval] [**-h**] [**-V**] [**-v** level] [**-E** engine] {keyfile} [**-s**] [**-g** state] [**-d** state date/offset] [**-k** state date/offset] [**-r** state date/offset] [**-z** state date/offset]
Description
~~~~~~~~~~~
that date, the key is included in the zone but is not used
to sign it.
+``-P ds date/offset``
+ This option sets the date on which DS records that match this key have been
+ seen in the parent zone.
+
``-P sync date/offset``
This option sets the date on which CDS and CDNSKEY records that match this key
are to be published to the zone.
key is no longer included in the zone. (However, it may remain in the key
repository.)
+``-D ds date/offset``
+ This option sets the date on which the DS records that match this key have
+ been seen removed from the parent zone.
+
``-D sync date/offset``
This option sets the date on which the CDS and CDNSKEY records that match this
key are to be deleted.
``-u``
This option indicates that times should be printed in Unix epoch format.
-``-p C/P/Psync/A/R/I/D/Dsync/all``
- This option prints a specific metadata value or set of metadata values. The ``-p``
- option may be followed by one or more of the following letters or
+``-p C/P/Pds/Psync/A/R/I/D/Dds/Dsync/all``
+ This option prints a specific metadata value or set of metadata values.
+ The ``-p`` option may be followed by one or more of the following letters or
strings to indicate which value or values to print: ``C`` for the
- creation date, ``P`` for the publication date, ``Psync`` for the CDS
- and CDNSKEY publication date, ``A`` for the activation date, ``R``
- for the revocation date, ``I`` for the inactivation date, ``D`` for
- the deletion date, and ``Dsync`` for the CDS and CDNSKEY deletion
- date. To print all of the metadata, use ``all``.
+ creation date, ``P`` for the publication date, ``Pds` for the DS publication
+ date, ``Psync`` for the CDS and CDNSKEY publication date, ``A`` for the
+ activation date, ``R`` for the revocation date, ``I`` for the inactivation
+ date, ``D`` for the deletion date, ``Dds`` for the DS deletion date,
+ and ``Dsync`` for the CDS and CDNSKEY deletion date. To print all of the
+ metadata, use ``all``.
See Also
~~~~~~~~
..
.SH SYNOPSIS
.sp
-\fBdnssec\-settime\fP [\fB\-f\fP] [\fB\-K\fP directory] [\fB\-L\fP ttl] [\fB\-P\fP date/offset] [\fB\-P\fP sync date/offset] [\fB\-A\fP date/offset] [\fB\-R\fP date/offset] [\fB\-I\fP date/offset] [\fB\-D\fP date/offset] [\fB\-D\fP sync date/offset] [\fB\-S\fP key] [\fB\-i\fP interval] [\fB\-h\fP] [\fB\-V\fP] [\fB\-v\fP level] [\fB\-E\fP engine] {keyfile} [\fB\-s\fP] [\fB\-g\fP state] [\fB\-d\fP state date/offset] [\fB\-k\fP state date/offset] [\fB\-r\fP state date/offset] [\fB\-z\fP state date/offset]
+\fBdnssec\-settime\fP [\fB\-f\fP] [\fB\-K\fP directory] [\fB\-L\fP ttl] [\fB\-P\fP date/offset] [\fB\-P\fP ds date/offset] [\fB\-P\fP sync date/offset] [\fB\-A\fP date/offset] [\fB\-R\fP date/offset] [\fB\-I\fP date/offset] [\fB\-D\fP date/offset] [\fB\-D\fP ds date/offset] [\fB\-D\fP sync date/offset] [\fB\-S\fP key] [\fB\-i\fP interval] [\fB\-h\fP] [\fB\-V\fP] [\fB\-v\fP level] [\fB\-E\fP engine] {keyfile} [\fB\-s\fP] [\fB\-g\fP state] [\fB\-d\fP state date/offset] [\fB\-k\fP state date/offset] [\fB\-r\fP state date/offset] [\fB\-z\fP state date/offset]
.SH DESCRIPTION
.sp
\fBdnssec\-settime\fP reads a DNSSEC private key file and sets the key
that date, the key is included in the zone but is not used
to sign it.
.TP
+.B \fB\-P ds date/offset\fP
+This option sets the date on which DS records that match this key have been
+seen in the parent zone.
+.TP
.B \fB\-P sync date/offset\fP
This option sets the date on which CDS and CDNSKEY records that match this key
are to be published to the zone.
key is no longer included in the zone. (However, it may remain in the key
repository.)
.TP
+.B \fB\-D ds date/offset\fP
+This option sets the date on which the DS records that match this key have
+been seen removed from the parent zone.
+.TP
.B \fB\-D sync date/offset\fP
This option sets the date on which the CDS and CDNSKEY records that match this
key are to be deleted.
.B \fB\-u\fP
This option indicates that times should be printed in Unix epoch format.
.TP
-.B \fB\-p C/P/Psync/A/R/I/D/Dsync/all\fP
-This option prints a specific metadata value or set of metadata values. The \fB\-p\fP
-option may be followed by one or more of the following letters or
+.B \fB\-p C/P/Pds/Psync/A/R/I/D/Dds/Dsync/all\fP
+This option prints a specific metadata value or set of metadata values.
+The \fB\-p\fP option may be followed by one or more of the following letters or
strings to indicate which value or values to print: \fBC\fP for the
-creation date, \fBP\fP for the publication date, \fBPsync\fP for the CDS
-and CDNSKEY publication date, \fBA\fP for the activation date, \fBR\fP
-for the revocation date, \fBI\fP for the inactivation date, \fBD\fP for
-the deletion date, and \fBDsync\fP for the CDS and CDNSKEY deletion
-date. To print all of the metadata, use \fBall\fP\&.
+creation date, \fBP\fP for the publication date, \fBPds\(ga for the DS publication
+date, \(ga\(gaPsync\fP for the CDS and CDNSKEY publication date, \fBA\fP for the
+activation date, \fBR\fP for the revocation date, \fBI\fP for the inactivation
+date, \fBD\fP for the deletion date, \fBDds\fP for the DS deletion date,
+and \fBDsync\fP for the CDS and CDNSKEY deletion date. To print all of the
+metadata, use \fBall\fP\&.
.UNINDENT
.SH SEE ALSO
.sp
projects / thirdparty / bind9.git / commitdiff
