Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import bind 9.10.1-P1

Browse Source
This commit is contained in:
christos 2014-12-10 02:25:10 +00:00
parent d1456ccc1f
commit 37a454e05c
351 changed files with 56446 additions and 3307 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
external/bsd/bind/dist/README vendored
View File

@ -51,16 +51,13 @@ BIND 9
For up-to-date release notes and errata, see
http://www.isc.org/software/bind9/releasenotes
BIND 9.10.0-P2
BIND 9.10.1
This release addresses the security flaw described in
CVE-2014-3859. This release should also be used if you
compile with GCC 4.9.0 or later.
BIND 9.10.1 is a maintenance release and addresses bugs
found in BIND 9.10.0 and earlier.
BIND 9.10.0-P1
This release addresses the security flaw described in
CVE-2014-3214.
This release addresses the security flaws described in
CVE-2014-3214 and CVE-2014-3859.
BIND 9.10.0
@ -125,7 +122,7 @@ BIND 9.10.0
browsers.
- The statistics channel can now provide data in JSON
format as well as XML.
- New stats counters track TCP and UDP queries recieved
- New stats counters track TCP and UDP queries received
per zone, and EDNS options received in total.
- The internal and export versions of the BIND libraries
(libisc, libdns, etc) have been unified so that external
@ -508,23 +505,29 @@ Change Log
Bug Reports and Mailing Lists
Bugs reports should be sent to
Bug reports should be sent to:
bind9-bugs@isc.org
To join the BIND Users mailing list, send mail to
Feature requests can be sent to:
bind-users-request@isc.org
bind-suggest@isc.org
archives of which can be found via
To join or view the archives of the BIND Users mailing list,
visit:
http://www.isc.org/ops/lists/
https://lists.isc.org/mailman/listinfo/bind-users
If you're planning on making changes to the BIND 9 source
code, you might want to join the BIND Workers mailing list.
Send mail to
code, you may also want to join the BIND Workers mailing
list:
bind-workers-request@isc.org
https://lists.isc.org/mailman/listinfo/bind-workers
Information on read-only Git access, coding style and developer
guidelines can be found at:
http://www.isc.org/git/
Acknowledgments

10
external/bsd/bind/dist/aclocal.m4 vendored
View File

@ -9,7 +9,9 @@ m4_divert_text(HELP_CANON, [[
and --localstatedir are /etc and /var, respectively.]])
m4_divert_text(HELP_END, [[
Professional support for BIND is provided by Internet Systems Consortium,
Inc., doing business as DNSco. Information about paid support options is
available at http://www.dns-co.com/solutions/. Free support is provided by
our user community via a mailing list. Information on public email lists
is available at https://www.isc.org/community/mailing-list/.]])
Inc. Information about paid support and training options is available at
https://www.isc.org/support.
Help can also often be found on the BIND Users mailing list
(https://lists.isc.org/mailman/listinfo/bind-users) or in the #bind
channel of the Freenode IRC service.]])

2
external/bsd/bind/dist/bin/check/Makefile.in vendored
View File

@ -70,7 +70,7 @@ named-checkzone.@O@: named-checkzone.c
-c ${srcdir}/named-checkzone.c
named-checkconf@EXEEXT@: named-checkconf.@O@ check-tool.@O@ ${ISCDEPLIBS} \
${ISCCFGDEPLIBS} ${BIND9DEPLIBS}
${DNSDEPLIBS} ${ISCCFGDEPLIBS} ${BIND9DEPLIBS}
export BASEOBJS="named-checkconf.@O@ check-tool.@O@"; \
export LIBS0="${BIND9LIBS} ${ISCCFGLIBS} ${DNSLIBS}"; \
${FINALBUILDCMD}

10
external/bsd/bind/dist/bin/check/named-checkconf.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">named-checkconf</code> [<code class="option">-h</code>] [<code class="option">-v</code>] [<code class="option">-j</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] {filename} [<code class="option">-p</code>] [<code class="option">-x</code>] [<code class="option">-z</code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543402"></a><h2>DESCRIPTION</h2>
<a name="id2543411"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">named-checkconf</strong></span>
checks the syntax, but not the semantics, of a
<span><strong class="command">named</strong></span> configuration file. The file is parsed
@ -52,7 +52,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543451"></a><h2>OPTIONS</h2>
<a name="id2543460"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-h</span></dt>
<dd><p>
@ -101,21 +101,21 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543595"></a><h2>RETURN VALUES</h2>
<a name="id2543604"></a><h2>RETURN VALUES</h2>
<p><span><strong class="command">named-checkconf</strong></span>
returns an exit status of 1 if
errors were detected and 0 otherwise.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543607"></a><h2>SEE ALSO</h2>
<a name="id2543616"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543637"></a><h2>AUTHOR</h2>
<a name="id2543645"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

8
external/bsd/bind/dist/bin/check/named-checkzone.docbook vendored
View File

@ -440,10 +440,10 @@
<term>-T <replaceable class="parameter">mode</replaceable></term>
<listitem>
<para>
Check if Sender Policy Framework records (TXT and SPF)
both exist or both don't exist. A warning is issued
if they don't match. Possible modes are
<command>"warn"</command> (default), <command>"ignore"</command>.
Check if Sender Policy Framework (SPF) records exist
and issues a warning if an SPF-formatted TXT record is
not also present. Possible modes are <command>"warn"</command>
(default), <command>"ignore"</command>.
</para>
</listitem>
</varlistentry>

18
external/bsd/bind/dist/bin/check/named-checkzone.html vendored
View File

@ -33,7 +33,7 @@
<div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-J <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-l <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-T <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {<code class="option">-o <em class="replaceable"><code>filename</code></em></code>} {zonename} {filename}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543776"></a><h2>DESCRIPTION</h2>
<a name="id2543784"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">named-checkzone</strong></span>
checks the syntax and integrity of a zone file. It performs the
same checks as <span><strong class="command">named</strong></span> does when loading a
@ -53,7 +53,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543811"></a><h2>OPTIONS</h2>
<a name="id2543819"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-d</span></dt>
<dd><p>
@ -249,10 +249,10 @@
</p></dd>
<dt><span class="term">-T <em class="replaceable"><code>mode</code></em></span></dt>
<dd><p>
Check if Sender Policy Framework records (TXT and SPF)
both exist or both don't exist. A warning is issued
if they don't match. Possible modes are
<span><strong class="command">"warn"</strong></span> (default), <span><strong class="command">"ignore"</strong></span>.
Check if Sender Policy Framework (SPF) records exist
and issues a warning if an SPF-formatted TXT record is
not also present. Possible modes are <span><strong class="command">"warn"</strong></span>
(default), <span><strong class="command">"ignore"</strong></span>.
</p></dd>
<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt>
<dd><p>
@ -287,14 +287,14 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544633"></a><h2>RETURN VALUES</h2>
<a name="id2544710"></a><h2>RETURN VALUES</h2>
<p><span><strong class="command">named-checkzone</strong></span>
returns an exit status of 1 if
errors were detected and 0 otherwise.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544713"></a><h2>SEE ALSO</h2>
<a name="id2544722"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
<em class="citetitle">RFC 1035</em>,
@ -302,7 +302,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544746"></a><h2>AUTHOR</h2>
<a name="id2544755"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
external/bsd/bind/dist/bin/confgen/ddns-confgen.docbook vendored
View File

@ -67,7 +67,7 @@
<title>DESCRIPTION</title>
<para>
<command>tsig-keygen</command> and <command>ddns-confgen</command>
are invokation methods for a utility that generates keys for use
are invocation methods for a utility that generates keys for use
in TSIG signing. The resulting keys can be used, for example,
to secure dynamic DNS updates to a zone or for the
<command>rndc</command> command channel.

10
external/bsd/bind/dist/bin/confgen/ddns-confgen.html vendored
View File

@ -32,10 +32,10 @@
<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543426"></a><h2>DESCRIPTION</h2>
<a name="id2543434"></a><h2>DESCRIPTION</h2>
<p>
<span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
are invokation methods for a utility that generates keys for use
are invocation methods for a utility that generates keys for use
in TSIG signing. The resulting keys can be used, for example,
to secure dynamic DNS updates to a zone or for the
<span><strong class="command">rndc</strong></span> command channel.
@ -68,7 +68,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543499"></a><h2>OPTIONS</h2>
<a name="id2543508"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd><p>
@ -140,7 +140,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543697"></a><h2>SEE ALSO</h2>
<a name="id2543705"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@ -148,7 +148,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543735"></a><h2>AUTHOR</h2>
<a name="id2543744"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

10
external/bsd/bind/dist/bin/confgen/rndc-confgen.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">rndc-confgen</code> [<code class="option">-a</code>] [<code class="option">-A <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543447"></a><h2>DESCRIPTION</h2>
<a name="id2543456"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">rndc-confgen</strong></span>
generates configuration files
for <span><strong class="command">rndc</strong></span>. It can be used as a
@ -48,7 +48,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543492"></a><h2>OPTIONS</h2>
<a name="id2543500"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a</span></dt>
<dd>
@ -162,7 +162,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543822"></a><h2>EXAMPLES</h2>
<a name="id2543831"></a><h2>EXAMPLES</h2>
<p>
To allow <span><strong class="command">rndc</strong></span> to be used with
no manual configuration, run
@ -179,7 +179,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543864"></a><h2>SEE ALSO</h2>
<a name="id2543873"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@ -187,7 +187,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543902"></a><h2>AUTHOR</h2>
<a name="id2543911"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

12
external/bsd/bind/dist/bin/delv/delv.html vendored
View File

@ -35,7 +35,7 @@
<div class="cmdsynopsis"><p><code class="command">delv</code> [queryopt...] [query...]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543489"></a><h2>DESCRIPTION</h2>
<a name="id2543497"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">delv</strong></span>
(Domain Entity Lookup &amp; Validation) is a tool for sending
DNS queries and validating the results, using the the same internal
@ -78,7 +78,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543542"></a><h2>SIMPLE USAGE</h2>
<a name="id2543550"></a><h2>SIMPLE USAGE</h2>
<p>
A typical invocation of <span><strong class="command">delv</strong></span> looks like:
</p>
@ -133,7 +133,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543651"></a><h2>OPTIONS</h2>
<a name="id2543659"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>anchor-file</code></em></span></dt>
<dd>
@ -267,7 +267,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544151"></a><h2>QUERY OPTIONS</h2>
<a name="id2544160"></a><h2>QUERY OPTIONS</h2>
<p><span><strong class="command">delv</strong></span>
provides a number of query options which affect the way results are
displayed, and in some cases the way lookups are performed.
@ -447,12 +447,12 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544637"></a><h2>FILES</h2>
<a name="id2544646"></a><h2>FILES</h2>
<p><code class="filename">/etc/bind.keys</code></p>
<p><code class="filename">/etc/resolv.conf</code></p>
</div>
<div class="refsect1" lang="en">
<a name="id2544652"></a><h2>SEE ALSO</h2>
<a name="id2544661"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<em class="citetitle">RFC4034</em>,

2
external/bsd/bind/dist/bin/dig/Makefile.in vendored
View File

@ -28,7 +28,7 @@ READLINE_LIB = @READLINE_LIB@
CINCLUDES = -I${srcdir}/include ${DNS_INCLUDES} ${BIND9_INCLUDES} \
${ISC_INCLUDES} ${LWRES_INCLUDES} ${ISCCFG_INCLUDES}
CDEFINES = -DVERSION=\"${VERSION}\"
CDEFINES = -DVERSION=\"${VERSION}\" @CRYPTO@
CWARNINGS =
ISCCFGLIBS = ../../lib/isccfg/libisccfg.@A@

1168
external/bsd/bind/dist/bin/dig/dig.docbook vendored
View File

File diff suppressed because it is too large Load Diff

675
external/bsd/bind/dist/bin/dig/dig.html vendored
View File

@ -34,7 +34,7 @@
<div class="cmdsynopsis"><p><code class="command">dig</code> [global-queryopt...] [query...]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543536"></a><h2>DESCRIPTION</h2>
<a name="id2543544"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dig</strong></span>
(domain information groper) is a flexible tool
for interrogating DNS name servers. It performs DNS lookups and
@ -81,7 +81,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543614"></a><h2>SIMPLE USAGE</h2>
<a name="id2543623"></a><h2>SIMPLE USAGE</h2>
<p>
A typical invocation of <span><strong class="command">dig</strong></span> looks like:
</p>
@ -94,47 +94,47 @@
<dt><span class="term"><code class="constant">server</code></span></dt>
<dd>
<p>
is the name or IP address of the name server to query. This
can be an IPv4 address in dotted-decimal notation or an IPv6
address in colon-delimited notation. When the supplied
<em class="parameter"><code>server</code></em> argument is a hostname,
<span><strong class="command">dig</strong></span> resolves that name before querying
that name server.
</p>
is the name or IP address of the name server to query. This
can be an IPv4 address in dotted-decimal notation or an IPv6
address in colon-delimited notation. When the supplied
<em class="parameter"><code>server</code></em> argument is a hostname,
<span><strong class="command">dig</strong></span> resolves that name before querying
that name server.
</p>
<p>
If no <em class="parameter"><code>server</code></em> argument is
provided, <span><strong class="command">dig</strong></span> consults
<code class="filename">/etc/resolv.conf</code>; if an
address is found there, it queries the name server at
that address. If either of the <code class="option">-4</code> or
<code class="option">-6</code> options are in use, then
only addresses for the corresponding transport
will be tried. If no usable addresses are found,
<span><strong class="command">dig</strong></span> will send the query to the
local host. The reply from the name server that
responds is displayed.
</p>
If no <em class="parameter"><code>server</code></em> argument is
provided, <span><strong class="command">dig</strong></span> consults
<code class="filename">/etc/resolv.conf</code>; if an
address is found there, it queries the name server at
that address. If either of the <code class="option">-4</code> or
<code class="option">-6</code> options are in use, then
only addresses for the corresponding transport
will be tried. If no usable addresses are found,
<span><strong class="command">dig</strong></span> will send the query to the
local host. The reply from the name server that
responds is displayed.
</p>
</dd>
<dt><span class="term"><code class="constant">name</code></span></dt>
<dd><p>
is the name of the resource record that is to be looked up.
</p></dd>
is the name of the resource record that is to be looked up.
</p></dd>
<dt><span class="term"><code class="constant">type</code></span></dt>
<dd><p>
indicates what type of query is required &#8212;
ANY, A, MX, SIG, etc.
<em class="parameter"><code>type</code></em> can be any valid query
type. If no
<em class="parameter"><code>type</code></em> argument is supplied,
<span><strong class="command">dig</strong></span> will perform a lookup for an
A record.
</p></dd>
indicates what type of query is required &#8212;
ANY, A, MX, SIG, etc.
<em class="parameter"><code>type</code></em> can be any valid query
type. If no
<em class="parameter"><code>type</code></em> argument is supplied,
<span><strong class="command">dig</strong></span> will perform a lookup for an
A record.
</p></dd>
</dl></div>
<p>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543718"></a><h2>OPTIONS</h2>
<a name="id2543726"></a><h2>OPTIONS</h2>
<p>
The <code class="option">-b</code> option sets the source IP address of the query
to <em class="parameter"><code>address</code></em>. This must be a valid
@ -242,7 +242,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544009"></a><h2>QUERY OPTIONS</h2>
<a name="id2544018"></a><h2>QUERY OPTIONS</h2>
<p><span><strong class="command">dig</strong></span>
provides a number of query options which affect
the way in which lookups are made and the results displayed. Some of
@ -262,62 +262,19 @@
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="option">+[no]tcp</code></span></dt>
<dd><p>
Use [do not use] TCP when querying name servers. The default
behavior is to use UDP unless an AXFR or IXFR query is
requested, in
which case a TCP connection is used.
</p></dd>
<dt><span class="term"><code class="option">+[no]vc</code></span></dt>
<dd><p>
Use [do not use] TCP when querying name servers. This alternate
syntax to <em class="parameter"><code>+[no]tcp</code></em> is
provided for backwards
compatibility. The "vc" stands for "virtual circuit".
</p></dd>
<dt><span class="term"><code class="option">+[no]ignore</code></span></dt>
<dd><p>
Ignore truncation in UDP responses instead of retrying with TCP.
By
default, TCP retries are performed.
</p></dd>
<dt><span class="term"><code class="option">+domain=somename</code></span></dt>
<dd><p>
Set the search list to contain the single domain
<em class="parameter"><code>somename</code></em>, as if specified in
a
<span><strong class="command">domain</strong></span> directive in
<code class="filename">/etc/resolv.conf</code>, and enable
search list
processing as if the <em class="parameter"><code>+search</code></em>
option were given.
</p></dd>
<dt><span class="term"><code class="option">+[no]search</code></span></dt>
<dd><p>
Use [do not use] the search list defined by the searchlist or
domain
directive in <code class="filename">resolv.conf</code> (if
any).
The search list is not used by default.
</p></dd>
<dt><span class="term"><code class="option">+[no]showsearch</code></span></dt>
<dd><p>
Perform [do not perform] a search showing intermediate
results.
</p></dd>
<dt><span class="term"><code class="option">+[no]defname</code></span></dt>
<dd><p>
Deprecated, treated as a synonym for <em class="parameter"><code>+[no]search</code></em>
</p></dd>
<dt><span class="term"><code class="option">+[no]aaonly</code></span></dt>
<dd><p>
Sets the "aa" flag in the query.
</p></dd>
<dt><span class="term"><code class="option">+[no]aaflag</code></span></dt>
<dd><p>
A synonym for <em class="parameter"><code>+[no]aaonly</code></em>.
</p></dd>
A synonym for <em class="parameter"><code>+[no]aaonly</code></em>.
</p></dd>
<dt><span class="term"><code class="option">+[no]aaonly</code></span></dt>
<dd><p>
Sets the "aa" flag in the query.
</p></dd>
<dt><span class="term"><code class="option">+[no]additional</code></span></dt>
<dd><p>
Display [do not display] the additional section of a
reply. The default is to display it.
</p></dd>
<dt><span class="term"><code class="option">+[no]adflag</code></span></dt>
<dd><p>
Set [do not set] the AD (authentic data) bit in the
@ -330,21 +287,178 @@
of the answer was insecure or not validated. This
bit is set by default.
</p></dd>
<dt><span class="term"><code class="option">+[no]all</code></span></dt>
<dd><p>
Set or clear all display flags.
</p></dd>
<dt><span class="term"><code class="option">+[no]answer</code></span></dt>
<dd><p>
Display [do not display] the answer section of a
reply. The default is to display it.
</p></dd>
<dt><span class="term"><code class="option">+[no]authority</code></span></dt>
<dd><p>
Display [do not display] the authority section of a
reply. The default is to display it.
</p></dd>
<dt><span class="term"><code class="option">+[no]besteffort</code></span></dt>
<dd><p>
Attempt to display the contents of messages which are
malformed. The default is to not display malformed
answers.
</p></dd>
<dt><span class="term"><code class="option">+bufsize=B</code></span></dt>
<dd><p>
Set the UDP message buffer size advertised using EDNS0
to <em class="parameter"><code>B</code></em> bytes. The maximum and
minimum sizes of this buffer are 65535 and 0 respectively.
Values outside this range are rounded up or down
appropriately. Values other than zero will cause a
EDNS query to be sent.
</p></dd>
<dt><span class="term"><code class="option">+[no]cdflag</code></span></dt>
<dd><p>
Set [do not set] the CD (checking disabled) bit in the query.
This
requests the server to not perform DNSSEC validation of
responses.
</p></dd>
Set [do not set] the CD (checking disabled) bit in
the query. This requests the server to not perform
DNSSEC validation of responses.
</p></dd>
<dt><span class="term"><code class="option">+[no]cl</code></span></dt>
<dd><p>
Display [do not display] the CLASS when printing the record.
</p></dd>
<dt><span class="term"><code class="option">+[no]ttlid</code></span></dt>
Display [do not display] the CLASS when printing the
record.
</p></dd>
<dt><span class="term"><code class="option">+[no]cmd</code></span></dt>
<dd><p>
Display [do not display] the TTL when printing the record.
</p></dd>
Toggles the printing of the initial comment in the
output identifying the version of <span><strong class="command">dig</strong></span>
and the query options that have been applied. This
comment is printed by default.
</p></dd>
<dt><span class="term"><code class="option">+[no]comments</code></span></dt>
<dd><p>
Toggle the display of comment lines in the output.
The default is to print comments.
</p></dd>
<dt><span class="term"><code class="option">+[no]crypto</code></span></dt>
<dd><p>
Toggle the display of cryptographic fields in DNSSEC
records. The contents of these field are unnecessary
to debug most DNSSEC validation failures and removing
them makes it easier to see the common failures. The
default is to display the fields. When omitted they
are replaced by the string "[omitted]" or in the
DNSKEY case the key id is displayed as the replacement,
e.g. "[ key id = value ]".
</p></dd>
<dt><span class="term"><code class="option">+[no]defname</code></span></dt>
<dd><p>
Deprecated, treated as a synonym for
<em class="parameter"><code>+[no]search</code></em>
</p></dd>
<dt><span class="term"><code class="option">+[no]dnssec</code></span></dt>
<dd><p>
Requests DNSSEC records be sent by setting the DNSSEC
OK bit (DO) in the OPT record in the additional section
of the query.
</p></dd>
<dt><span class="term"><code class="option">+domain=somename</code></span></dt>
<dd><p>
Set the search list to contain the single domain
<em class="parameter"><code>somename</code></em>, as if specified in
a <span><strong class="command">domain</strong></span> directive in
<code class="filename">/etc/resolv.conf</code>, and enable
search list processing as if the
<em class="parameter"><code>+search</code></em> option were given.
</p></dd>
<dt><span class="term"><code class="option">+[no]edns[=#]</code></span></dt>
<dd><p>
Specify the EDNS version to query with. Valid values
are 0 to 255. Setting the EDNS version will cause
a EDNS query to be sent. <code class="option">+noedns</code>
clears the remembered EDNS version. EDNS is set to
0 by default.
</p></dd>
<dt><span class="term"><code class="option">+[no]expire</code></span></dt>
<dd><p>
Send an EDNS Expire option.
</p></dd>
<dt><span class="term"><code class="option">+[no]fail</code></span></dt>
<dd><p>
Do not try the next server if you receive a SERVFAIL.
The default is to not try the next server which is
the reverse of normal stub resolver behavior.
</p></dd>
<dt><span class="term"><code class="option">+[no]identify</code></span></dt>
<dd><p>
Show [or do not show] the IP address and port number
that supplied the answer when the
<em class="parameter"><code>+short</code></em> option is enabled. If
short form answers are requested, the default is not
to show the source address and port number of the
server that provided the answer.
</p></dd>
<dt><span class="term"><code class="option">+[no]ignore</code></span></dt>
<dd><p>
Ignore truncation in UDP responses instead of retrying
with TCP. By default, TCP retries are performed.
</p></dd>
<dt><span class="term"><code class="option">+[no]keepopen</code></span></dt>
<dd><p>
Keep the TCP socket open between queries and reuse
it rather than creating a new TCP socket for each
lookup. The default is <code class="option">+nokeepopen</code>.
</p></dd>
<dt><span class="term"><code class="option">+[no]multiline</code></span></dt>
<dd><p>
Print records like the SOA records in a verbose
multi-line format with human-readable comments. The
default is to print each record on a single line, to
facilitate machine parsing of the <span><strong class="command">dig</strong></span>
output.
</p></dd>
<dt><span class="term"><code class="option">+ndots=D</code></span></dt>
<dd><p>
Set the number of dots that have to appear in
<em class="parameter"><code>name</code></em> to <em class="parameter"><code>D</code></em>
for it to be considered absolute. The default value
is that defined using the ndots statement in
<code class="filename">/etc/resolv.conf</code>, or 1 if no
ndots statement is present. Names with fewer dots
are interpreted as relative names and will be searched
for in the domains listed in the <code class="option">search</code>
or <code class="option">domain</code> directive in
<code class="filename">/etc/resolv.conf</code>.
</p></dd>
<dt><span class="term"><code class="option">+[no]nsid</code></span></dt>
<dd><p>
Include an EDNS name server ID request when sending
a query.
</p></dd>
<dt><span class="term"><code class="option">+[no]nssearch</code></span></dt>
<dd><p>
When this option is set, <span><strong class="command">dig</strong></span>
attempts to find the authoritative name servers for
the zone containing the name being looked up and
display the SOA record that each name server has for
the zone.
</p></dd>
<dt><span class="term"><code class="option">+[no]onesoa</code></span></dt>
<dd><p>
Print only one (starting) SOA record when performing
an AXFR. The default is to print both the starting
and ending SOA records.
</p></dd>
<dt><span class="term"><code class="option">+[no]qr</code></span></dt>
<dd><p>
Print [do not print] the query as it is sent. By
default, the query is not printed.
</p></dd>
<dt><span class="term"><code class="option">+[no]question</code></span></dt>
<dd><p>
Print [do not print] the question section of a query
when an answer is returned. The default is to print
the question section as a comment.
</p></dd>
<dt><span class="term"><code class="option">+[no]recurse</code></span></dt>
<dd><p>
Toggle the setting of the RD (recursion desired) bit
@ -354,16 +468,96 @@
the <em class="parameter"><code>+nssearch</code></em> or
<em class="parameter"><code>+trace</code></em> query options are used.
</p></dd>
<dt><span class="term"><code class="option">+[no]nssearch</code></span></dt>
<dt><span class="term"><code class="option">+retry=T</code></span></dt>
<dd><p>
When this option is set, <span><strong class="command">dig</strong></span>
attempts to find the
authoritative name servers for the zone containing the name
being
looked up and display the SOA record that each name server has
for the
zone.
</p></dd>
Sets the number of times to retry UDP queries to
server to <em class="parameter"><code>T</code></em> instead of the
default, 2. Unlike <em class="parameter"><code>+tries</code></em>,
this does not include the initial query.
</p></dd>
<dt><span class="term"><code class="option">+[no]rrcomments</code></span></dt>
<dd><p>
Toggle the display of per-record comments in the
output (for example, human-readable key information
about DNSKEY records). The default is not to print
record comments unless multiline mode is active.
</p></dd>
<dt><span class="term"><code class="option">+[no]search</code></span></dt>
<dd><p>
Use [do not use] the search list defined by the
searchlist or domain directive in
<code class="filename">resolv.conf</code> (if any). The search
list is not used by default.
</p></dd>
<dt><span class="term"><code class="option">+[no]short</code></span></dt>
<dd><p>
Provide a terse answer. The default is to print the
answer in a verbose form.
</p></dd>
<dt><span class="term"><code class="option">+[no]showsearch</code></span></dt>
<dd><p>
Perform [do not perform] a search showing intermediate
results.
</p></dd>
<dt><span class="term"><code class="option">+[no]sigchase</code></span></dt>
<dd><p>
Chase DNSSEC signature chains. Requires dig be
compiled with -DDIG_SIGCHASE.
</p></dd>
<dt><span class="term"><code class="option">+[no]sit[<span class="optional">=####</span>]</code></span></dt>
<dd><p>
Send a Source Identity Token EDNS option, with optional
value. Replaying a SIT from a previous response will
allow the server to identify a previous client. The
default is <code class="option">+nosit</code>. Currently using
experimental value 65001 for the option code.
</p></dd>
<dt><span class="term"><code class="option">+split=W</code></span></dt>
<dd><p>
Split long hex- or base64-formatted fields in resource
records into chunks of <em class="parameter"><code>W</code></em>
characters (where <em class="parameter"><code>W</code></em> is rounded
up to the nearest multiple of 4).
<em class="parameter"><code>+nosplit</code></em> or
<em class="parameter"><code>+split=0</code></em> causes fields not to
be split at all. The default is 56 characters, or
44 characters when multiline mode is active.
</p></dd>
<dt><span class="term"><code class="option">+[no]stats</code></span></dt>
<dd><p>
This query option toggles the printing of statistics:
when the query was made, the size of the reply and
so on. The default behavior is to print the query
statistics.
</p></dd>
<dt><span class="term"><code class="option">+[no]subnet=addr/prefix</code></span></dt>
<dd><p>
Send an EDNS Client Subnet option with the specified
IP address or network prefix.
</p></dd>
<dt><span class="term"><code class="option">+[no]tcp</code></span></dt>
<dd><p>
Use [do not use] TCP when querying name servers. The
default behavior is to use UDP unless an
<code class="literal">ixfr=N</code> query is requested, in which
case the default is TCP. AXFR queries always use
TCP.
</p></dd>
<dt><span class="term"><code class="option">+time=T</code></span></dt>
<dd><p>
Sets the timeout for a query to
<em class="parameter"><code>T</code></em> seconds. The default
timeout is 5 seconds.
An attempt to set <em class="parameter"><code>T</code></em> to less
than 1 will result
in a query timeout of 1 second being applied.
</p></dd>
<dt><span class="term"><code class="option">+[no]topdown</code></span></dt>
<dd><p>
When chasing DNSSEC signature chains perform a top-down
validation. Requires dig be compiled with -DDIG_SIGCHASE.
</p></dd>
<dt><span class="term"><code class="option">+[no]trace</code></span></dt>
<dd>
<p>
@ -376,258 +570,55 @@
from each server that was used to resolve the lookup.
</p>
<p>
<span><strong class="command">+dnssec</strong></span> is also set when +trace is
set to better emulate the default queries from a nameserver.
<span><strong class="command">+dnssec</strong></span> is also set when +trace
is set to better emulate the default queries from a
nameserver.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]cmd</code></span></dt>
<dd><p>
Toggles the printing of the initial comment in the output
identifying
the version of <span><strong class="command">dig</strong></span> and the query
options that have
been applied. This comment is printed by default.
</p></dd>
<dt><span class="term"><code class="option">+[no]short</code></span></dt>
<dd><p>
Provide a terse answer. The default is to print the answer in a
verbose form.
</p></dd>
<dt><span class="term"><code class="option">+[no]identify</code></span></dt>
<dd><p>
Show [or do not show] the IP address and port number that
supplied the
answer when the <em class="parameter"><code>+short</code></em> option
is enabled. If
short form answers are requested, the default is not to show the
source address and port number of the server that provided the
answer.
</p></dd>
<dt><span class="term"><code class="option">+[no]comments</code></span></dt>
<dd><p>
Toggle the display of comment lines in the output. The default
is to print comments.
</p></dd>
<dt><span class="term"><code class="option">+[no]rrcomments</code></span></dt>
<dd><p>
Toggle the display of per-record comments in the output (for
example, human-readable key information about DNSKEY records).
The default is not to print record comments unless multiline
mode is active.
</p></dd>
<dt><span class="term"><code class="option">+[no]crypto</code></span></dt>
<dd><p>
Toggle the display of cryptographic fields in DNSSEC records.
The contents of these field are unnecessary to debug most DNSSEC
validation failures and removing them makes it easier to see
the common failures. The default is to display the fields.
When omitted they are replaced by the string "[omitted]" or
in the DNSKEY case the key id is displayed as the replacement,
e.g. "[ key id = value ]".
</p></dd>
<dt><span class="term"><code class="option">+split=W</code></span></dt>
<dd><p>
Split long hex- or base64-formatted fields in resource
records into chunks of <em class="parameter"><code>W</code></em> characters
(where <em class="parameter"><code>W</code></em> is rounded up to the nearest
multiple of 4).
<em class="parameter"><code>+nosplit</code></em> or
<em class="parameter"><code>+split=0</code></em> causes fields not to be
split at all. The default is 56 characters, or 44 characters
when multiline mode is active.
</p></dd>
<dt><span class="term"><code class="option">+[no]stats</code></span></dt>
<dd><p>
This query option toggles the printing of statistics: when the
query
was made, the size of the reply and so on. The default
behavior is
to print the query statistics.
</p></dd>
<dt><span class="term"><code class="option">+[no]qr</code></span></dt>
<dd><p>
Print [do not print] the query as it is sent.
By default, the query is not printed.
</p></dd>
<dt><span class="term"><code class="option">+[no]question</code></span></dt>
<dd><p>
Print [do not print] the question section of a query when an
answer is
returned. The default is to print the question section as a
comment.
</p></dd>
<dt><span class="term"><code class="option">+[no]answer</code></span></dt>
<dd><p>
Display [do not display] the answer section of a reply. The
default
is to display it.
</p></dd>
<dt><span class="term"><code class="option">+[no]authority</code></span></dt>
<dd><p>
Display [do not display] the authority section of a reply. The
default is to display it.
</p></dd>
<dt><span class="term"><code class="option">+[no]additional</code></span></dt>
<dd><p>
Display [do not display] the additional section of a reply.
The default is to display it.
</p></dd>
<dt><span class="term"><code class="option">+[no]all</code></span></dt>
<dd><p>
Set or clear all display flags.
</p></dd>
<dt><span class="term"><code class="option">+time=T</code></span></dt>
<dd><p>
Sets the timeout for a query to
<em class="parameter"><code>T</code></em> seconds. The default
timeout is 5 seconds.
An attempt to set <em class="parameter"><code>T</code></em> to less
than 1 will result
in a query timeout of 1 second being applied.
</p></dd>
<dt><span class="term"><code class="option">+tries=T</code></span></dt>
<dd><p>
Sets the number of times to try UDP queries to server to
<em class="parameter"><code>T</code></em> instead of the default, 3.
If
<em class="parameter"><code>T</code></em> is less than or equal to
zero, the number of
tries is silently rounded up to 1.
</p></dd>
<dt><span class="term"><code class="option">+retry=T</code></span></dt>
<dd><p>
Sets the number of times to retry UDP queries to server to
<em class="parameter"><code>T</code></em> instead of the default, 2.
Unlike
<em class="parameter"><code>+tries</code></em>, this does not include
the initial
query.
</p></dd>
<dt><span class="term"><code class="option">+ndots=D</code></span></dt>
<dd><p>
Set the number of dots that have to appear in
<em class="parameter"><code>name</code></em> to <em class="parameter"><code>D</code></em> for it to be
considered absolute. The default value is that defined using
the
ndots statement in <code class="filename">/etc/resolv.conf</code>, or 1 if no
ndots statement is present. Names with fewer dots are
interpreted as
relative names and will be searched for in the domains listed in
the
<code class="option">search</code> or <code class="option">domain</code> directive in
<code class="filename">/etc/resolv.conf</code>.
</p></dd>
<dt><span class="term"><code class="option">+bufsize=B</code></span></dt>
<dd><p>
Set the UDP message buffer size advertised using EDNS0 to
<em class="parameter"><code>B</code></em> bytes. The maximum and minimum sizes
of this buffer are 65535 and 0 respectively. Values outside
this range are rounded up or down appropriately.
Values other than zero will cause a EDNS query to be sent.
</p></dd>
<dt><span class="term"><code class="option">+edns=#</code></span></dt>
<dd><p>
Specify the EDNS version to query with. Valid values
are 0 to 255. Setting the EDNS version will cause
a EDNS query to be sent. <code class="option">+noedns</code>
clears the remembered EDNS version. EDNS is set to
0 by default.
Sets the number of times to try UDP queries to server
to <em class="parameter"><code>T</code></em> instead of the default,
3. If <em class="parameter"><code>T</code></em> is less than or equal
to zero, the number of tries is silently rounded up
to 1.
</p></dd>
<dt><span class="term"><code class="option">+[no]multiline</code></span></dt>
<dd><p>
Print records like the SOA records in a verbose multi-line
format with human-readable comments. The default is to print
each record on a single line, to facilitate machine parsing
of the <span><strong class="command">dig</strong></span> output.
</p></dd>
<dt><span class="term"><code class="option">+[no]onesoa</code></span></dt>
<dd><p>
Print only one (starting) SOA record when performing
an AXFR. The default is to print both the starting and
ending SOA records.
</p></dd>
<dt><span class="term"><code class="option">+[no]fail</code></span></dt>
<dd><p>
Do not try the next server if you receive a SERVFAIL. The
default is
to not try the next server which is the reverse of normal stub
resolver
behavior.
</p></dd>
<dt><span class="term"><code class="option">+[no]besteffort</code></span></dt>
<dd><p>
Attempt to display the contents of messages which are malformed.
The default is to not display malformed answers.
</p></dd>
<dt><span class="term"><code class="option">+[no]dnssec</code></span></dt>
<dd><p>
Requests DNSSEC records be sent by setting the DNSSEC OK bit
(DO)
in the OPT record in the additional section of the query.
</p></dd>
<dt><span class="term"><code class="option">+[no]sigchase</code></span></dt>
<dd><p>
Chase DNSSEC signature chains. Requires dig be compiled with
-DDIG_SIGCHASE.
</p></dd>
<dt><span class="term"><code class="option">+trusted-key=####</code></span></dt>
<dd>
<p>
Specifies a file containing trusted keys to be used with
<code class="option">+sigchase</code>. Each DNSKEY record must be
on its own line.
</p>
<p>
If not specified, <span><strong class="command">dig</strong></span> will look for
<code class="filename">/etc/trusted-key.key</code> then
<code class="filename">trusted-key.key</code> in the current directory.
Specifies a file containing trusted keys to be used
with <code class="option">+sigchase</code>. Each DNSKEY record
must be on its own line.
</p>
<p>
Requires dig be compiled with -DDIG_SIGCHASE.
If not specified, <span><strong class="command">dig</strong></span> will look
for <code class="filename">/etc/trusted-key.key</code> then
<code class="filename">trusted-key.key</code> in the current
directory.
</p>
<p>
Requires dig be compiled with -DDIG_SIGCHASE.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]topdown</code></span></dt>
<dt><span class="term"><code class="option">+[no]ttlid</code></span></dt>
<dd><p>
When chasing DNSSEC signature chains perform a top-down
validation.
Requires dig be compiled with -DDIG_SIGCHASE.
</p></dd>
<dt><span class="term"><code class="option">+[no]nsid</code></span></dt>
Display [do not display] the TTL when printing the
record.
</p></dd>
<dt><span class="term"><code class="option">+[no]vc</code></span></dt>
<dd><p>
Include an EDNS name server ID request when sending a query.
</p></dd>
<dt><span class="term"><code class="option">+[no]keepopen</code></span></dt>
<dd><p>
Keep the TCP socket open between queries and reuse it rather
than creating a new TCP socket for each lookup. The default
is <code class="option">+nokeepopen</code>.
</p></dd>
<dt><span class="term"><code class="option">+[no]sit[<span class="optional">=####</span>]</code></span></dt>
<dd><p>
Send a Source Identity Token EDNS option, with optional value.
Replaying a SIT from a previous response will allow the
server to identify a previous client. The default is
<code class="option">+nosit</code>. Currently using experimental value
65001 for the option code.
</p></dd>
<dt><span class="term"><code class="option">+[no]subnet=addr/prefix</code></span></dt>
<dd><p>
Send an EDNS Client Subnet option with the speciifed
IP address or network prefix.
</p></dd>
<dt><span class="term"><code class="option">+[no]expire</code></span></dt>
<dd><p>
Send an EDNS Expire option. Currently using experimental
value 65002 for the option code.
</p></dd>
Use [do not use] TCP when querying name servers. This
alternate syntax to <em class="parameter"><code>+[no]tcp</code></em>
is provided for backwards compatibility. The "vc"
stands for "virtual circuit".
</p></dd>
</dl></div>
<p>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545418"></a><h2>MULTIPLE QUERIES</h2>
<a name="id2545229"></a><h2>MULTIPLE QUERIES</h2>
<p>
The BIND 9 implementation of <span><strong class="command">dig </strong></span>
supports
@ -673,7 +664,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545548"></a><h2>IDN SUPPORT</h2>
<a name="id2545291"></a><h2>IDN SUPPORT</h2>
<p>
If <span><strong class="command">dig</strong></span> has been built with IDN (internationalized
domain name) support, it can accept and display non-ASCII domain names.
@ -687,14 +678,14 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545571"></a><h2>FILES</h2>
<a name="id2545314"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
<p><code class="filename">${HOME}/.digrc</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545588"></a><h2>SEE ALSO</h2>
<a name="id2545331"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
@ -702,7 +693,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545625"></a><h2>BUGS</h2>
<a name="id2545368"></a><h2>BUGS</h2>
<p>
There are probably too many query options.
</p>

8
external/bsd/bind/dist/bin/dig/host.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">host</code> [<code class="option">-aCdlnrsTwv</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-N <em class="replaceable"><code>ndots</code></em></code>] [<code class="option">-R <em class="replaceable"><code>number</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-W <em class="replaceable"><code>wait</code></em></code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-v</code>] [<code class="option">-V</code>] {name} [server]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543446"></a><h2>DESCRIPTION</h2>
<a name="id2543454"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">host</strong></span>
is a simple utility for performing DNS lookups.
It is normally used to convert names to IP addresses and vice versa.
@ -188,7 +188,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543822"></a><h2>IDN SUPPORT</h2>
<a name="id2543831"></a><h2>IDN SUPPORT</h2>
<p>
If <span><strong class="command">host</strong></span> has been built with IDN (internationalized
domain name) support, it can accept and display non-ASCII domain names.
@ -202,12 +202,12 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543845"></a><h2>FILES</h2>
<a name="id2543853"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543857"></a><h2>SEE ALSO</h2>
<a name="id2543865"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>.
</p>

14
external/bsd/bind/dist/bin/dig/nslookup.html vendored
View File

@ -21,7 +21,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2476275"></a><div class="titlepage"></div>
<a name="id2476283"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>nslookup &#8212; query Internet name servers interactively</p>
@ -31,7 +31,7 @@
<div class="cmdsynopsis"><p><code class="command">nslookup</code> [<code class="option">-option</code>] [name | -] [server]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543433"></a><h2>DESCRIPTION</h2>
<a name="id2543442"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">Nslookup</strong></span>
is a program to query Internet domain name servers. <span><strong class="command">Nslookup</strong></span>
has two modes: interactive and non-interactive. Interactive mode allows
@ -43,7 +43,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543449"></a><h2>ARGUMENTS</h2>
<a name="id2543458"></a><h2>ARGUMENTS</h2>
<p>
Interactive mode is entered in the following cases:
</p>
@ -83,7 +83,7 @@ nslookup -query=hinfo -timeout=10
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543504"></a><h2>INTERACTIVE COMMANDS</h2>
<a name="id2543512"></a><h2>INTERACTIVE COMMANDS</h2>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">host</code> [<span class="optional">server</span>]</span></dt>
<dd>
@ -299,19 +299,19 @@ nslookup -query=hinfo -timeout=10
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2546317"></a><h2>FILES</h2>
<a name="id2546326"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2546329"></a><h2>SEE ALSO</h2>
<a name="id2546338"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2546363"></a><h2>Author</h2>
<a name="id2546372"></a><h2>Author</h2>
<p>
Andrew Cherenson
</p>

23
external/bsd/bind/dist/bin/dnssec/dnssec-dsfromkey.docbook vendored
View File

@ -72,6 +72,11 @@
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg choice="req">dnsname</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>dnssec-dsfromkey</command>
<arg><option>-h</option></arg>
<arg><option>-V</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
@ -210,6 +215,24 @@
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-h</term>
<listitem>
<para>
Prints usage information.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-V</term>
<listitem>
<para>
Prints version information.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>

23
external/bsd/bind/dist/bin/dnssec/dnssec-dsfromkey.html vendored
View File

@ -30,16 +30,17 @@
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code> [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-1</code>] [<code class="option">-2</code>] [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-T <em class="replaceable"><code>TTL</code></em></code>] {keyfile}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code> {-s} [<code class="option">-1</code>] [<code class="option">-2</code>] [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-s</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-T <em class="replaceable"><code>TTL</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-A</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {dnsname}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code> [<code class="option">-h</code>] [<code class="option">-V</code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543491"></a><h2>DESCRIPTION</h2>
<a name="id2543514"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-dsfromkey</strong></span>
outputs the Delegation Signer (DS) resource record (RR), as defined in
RFC 3658 and RFC 4509, for the given key(s).
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543502"></a><h2>OPTIONS</h2>
<a name="id2543526"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-1</span></dt>
<dd><p>
@ -113,10 +114,18 @@
<dd><p>
Sets the debugging level.
</p></dd>
<dt><span class="term">-h</span></dt>
<dd><p>
Prints usage information.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Prints version information.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543729"></a><h2>EXAMPLE</h2>
<a name="id2543780"></a><h2>EXAMPLE</h2>
<p>
To build the SHA-256 DS RR from the
<strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
@ -131,7 +140,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543758"></a><h2>FILES</h2>
<a name="id2543810"></a><h2>FILES</h2>
<p>
The keyfile can be designed by the key identification
<code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
@ -145,13 +154,13 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543794"></a><h2>CAVEAT</h2>
<a name="id2543845"></a><h2>CAVEAT</h2>
<p>
A keyfile error can give a "file not found" even if the file exists.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543803"></a><h2>SEE ALSO</h2>
<a name="id2543854"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -161,7 +170,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543843"></a><h2>AUTHOR</h2>
<a name="id2543894"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

11
external/bsd/bind/dist/bin/dnssec/dnssec-importkey.docbook vendored
View File

@ -50,6 +50,7 @@
<arg><option>-D <replaceable class="parameter">date/offset</replaceable></option></arg>
<arg><option>-h</option></arg>
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg><option>-V</option></arg>
<arg choice="req"><option>keyfile</option></arg>
</cmdsynopsis>
<cmdsynopsis>
@ -61,6 +62,7 @@
<arg><option>-D <replaceable class="parameter">date/offset</replaceable></option></arg>
<arg><option>-h</option></arg>
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg><option>-V</option></arg>
<arg><option>dnsname</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
@ -147,6 +149,15 @@
</listitem>
</varlistentry>
<varlistentry>
<term>-V</term>
<listitem>
<para>
Prints version information.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>

20
external/bsd/bind/dist/bin/dnssec/dnssec-importkey.html vendored
View File

@ -29,11 +29,11 @@
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-importkey</code> [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {<code class="option">keyfile</code>}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-importkey</code> {<code class="option">-f <em class="replaceable"><code>filename</code></em></code>} [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">dnsname</code>]</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-importkey</code> [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] {<code class="option">keyfile</code>}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-importkey</code> {<code class="option">-f <em class="replaceable"><code>filename</code></em></code>} [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">dnsname</code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543458"></a><h2>DESCRIPTION</h2>
<a name="id2543475"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-importkey</strong></span>
reads a public DNSKEY record and generates a pair of
.key/.private files. The DNSKEY record may be read from an
@ -53,7 +53,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543483"></a><h2>OPTIONS</h2>
<a name="id2543500"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-f <em class="replaceable"><code>filename</code></em></span></dt>
<dd>
@ -89,10 +89,14 @@
<dd><p>
Sets the debugging level.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Prints version information.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543601"></a><h2>TIMING OPTIONS</h2>
<a name="id2543632"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@ -120,7 +124,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543648"></a><h2>FILES</h2>
<a name="id2543678"></a><h2>FILES</h2>
<p>
A keyfile can be designed by the key identification
<code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
@ -129,7 +133,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543669"></a><h2>SEE ALSO</h2>
<a name="id2543700"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -137,7 +141,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543702"></a><h2>AUTHOR</h2>
<a name="id2543733"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

10
external/bsd/bind/dist/bin/dnssec/dnssec-keyfromlabel.docbook vendored
View File

@ -69,6 +69,7 @@
<arg><option>-S <replaceable class="parameter">key</replaceable></option></arg>
<arg><option>-t <replaceable class="parameter">type</replaceable></option></arg>
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg><option>-V</option></arg>
<arg><option>-y</option></arg>
<arg choice="req">name</arg>
</cmdsynopsis>
@ -334,6 +335,15 @@
</listitem>
</varlistentry>
<varlistentry>
<term>-V</term>
<listitem>
<para>
Prints version information.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-y</term>
<listitem>

18
external/bsd/bind/dist/bin/dnssec/dnssec-keyfromlabel.html vendored
View File

@ -28,10 +28,10 @@
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-keyfromlabel</code> {-l <em class="replaceable"><code>label</code></em>} [<code class="option">-3</code>] [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-k</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-S <em class="replaceable"><code>key</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-y</code>] {name}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-keyfromlabel</code> {-l <em class="replaceable"><code>label</code></em>} [<code class="option">-3</code>] [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-k</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-S <em class="replaceable"><code>key</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y</code>] {name}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543526"></a><h2>DESCRIPTION</h2>
<a name="id2543539"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-keyfromlabel</strong></span>
generates a key pair of files that referencing a key object stored
in a cryptographic hardware service module (HSM). The private key
@ -47,7 +47,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543547"></a><h2>OPTIONS</h2>
<a name="id2543560"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
@ -209,6 +209,10 @@
<dd><p>
Sets the debugging level.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Prints version information.
</p></dd>
<dt><span class="term">-y</span></dt>
<dd><p>
Allows DNSSEC key files to be generated even if the key ID
@ -220,7 +224,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544061"></a><h2>TIMING OPTIONS</h2>
<a name="id2544020"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@ -292,7 +296,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544251"></a><h2>GENERATED KEY FILES</h2>
<a name="id2544278"></a><h2>GENERATED KEY FILES</h2>
<p>
When <span><strong class="command">dnssec-keyfromlabel</strong></span> completes
successfully,
@ -331,7 +335,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544324"></a><h2>SEE ALSO</h2>
<a name="id2544350"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -340,7 +344,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544361"></a><h2>AUTHOR</h2>
<a name="id2544388"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

10
external/bsd/bind/dist/bin/dnssec/dnssec-keygen.docbook vendored
View File

@ -86,6 +86,7 @@
<arg><option>-s <replaceable class="parameter">strength</replaceable></option></arg>
<arg><option>-t <replaceable class="parameter">type</replaceable></option></arg>
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg><option>-V</option></arg>
<arg><option>-z</option></arg>
<arg choice="req">name</arg>
</cmdsynopsis>
@ -422,6 +423,15 @@
</listitem>
</varlistentry>
<varlistentry>
<term>-V</term>
<listitem>
<para>
Prints version information.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>

20
external/bsd/bind/dist/bin/dnssec/dnssec-keygen.html vendored
View File

@ -29,10 +29,10 @@
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-3</code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-C</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-g <em class="replaceable"><code>generator</code></em></code>] [<code class="option">-h</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-k</code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-q</code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S <em class="replaceable"><code>key</code></em></code>] [<code class="option">-s <em class="replaceable"><code>strength</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-z</code>] {name}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-3</code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-C</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-g <em class="replaceable"><code>generator</code></em></code>] [<code class="option">-h</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-k</code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-q</code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S <em class="replaceable"><code>key</code></em></code>] [<code class="option">-s <em class="replaceable"><code>strength</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">-z</code>] {name}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543592"></a><h2>DESCRIPTION</h2>
<a name="id2543605"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-keygen</strong></span>
generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
and RFC 4034. It can also generate keys for use with
@ -46,7 +46,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543610"></a><h2>OPTIONS</h2>
<a name="id2543623"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
@ -260,10 +260,14 @@
<dd><p>
Sets the debugging level.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Prints version information.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544193"></a><h2>TIMING OPTIONS</h2>
<a name="id2544219"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@ -337,7 +341,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544382"></a><h2>GENERATED KEYS</h2>
<a name="id2544409"></a><h2>GENERATED KEYS</h2>
<p>
When <span><strong class="command">dnssec-keygen</strong></span> completes
successfully,
@ -383,7 +387,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544533"></a><h2>EXAMPLE</h2>
<a name="id2544560"></a><h2>EXAMPLE</h2>
<p>
To generate a 768-bit DSA key for the domain
<strong class="userinput"><code>example.com</code></strong>, the following command would be
@ -404,7 +408,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544645"></a><h2>SEE ALSO</h2>
<a name="id2544672"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 2539</em>,
@ -413,7 +417,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544676"></a><h2>AUTHOR</h2>
<a name="id2544702"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

10
external/bsd/bind/dist/bin/dnssec/dnssec-revoke.docbook vendored
View File

@ -47,6 +47,7 @@
<command>dnssec-revoke</command>
<arg><option>-hr</option></arg>
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg><option>-V</option></arg>
<arg><option>-K <replaceable class="parameter">directory</replaceable></option></arg>
<arg><option>-E <replaceable class="parameter">engine</replaceable></option></arg>
<arg><option>-f</option></arg>
@ -105,6 +106,15 @@
</listitem>
</varlistentry>
<varlistentry>
<term>-V</term>
<listitem>
<para>
Prints version information.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-E <replaceable class="parameter">engine</replaceable></term>
<listitem>

14
external/bsd/bind/dist/bin/dnssec/dnssec-revoke.html vendored
View File

@ -28,10 +28,10 @@
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code> [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] [<code class="option">-R</code>] {keyfile}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code> [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] [<code class="option">-R</code>] {keyfile}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543384"></a><h2>DESCRIPTION</h2>
<a name="id2543397"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-revoke</strong></span>
reads a DNSSEC key file, sets the REVOKED bit on the key as defined
in RFC 5011, and creates a new pair of key files containing the
@ -39,7 +39,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543396"></a><h2>OPTIONS</h2>
<a name="id2543409"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-h</span></dt>
<dd><p>
@ -58,6 +58,10 @@
<dd><p>
Sets the debugging level.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Prints version information.
</p></dd>
<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
<dd>
<p>
@ -86,14 +90,14 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543517"></a><h2>SEE ALSO</h2>
<a name="id2543544"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 5011</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543542"></a><h2>AUTHOR</h2>
<a name="id2543569"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

10
external/bsd/bind/dist/bin/dnssec/dnssec-settime.docbook vendored
View File

@ -55,6 +55,7 @@
<arg><option>-I <replaceable class="parameter">date/offset</replaceable></option></arg>
<arg><option>-D <replaceable class="parameter">date/offset</replaceable></option></arg>
<arg><option>-h</option></arg>
<arg><option>-V</option></arg>
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg><option>-E <replaceable class="parameter">engine</replaceable></option></arg>
<arg choice="req">keyfile</arg>
@ -140,6 +141,15 @@
</listitem>
</varlistentry>
<varlistentry>
<term>-V</term>
<listitem>
<para>
Prints version information.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-v <replaceable class="parameter">level</replaceable></term>
<listitem>

18
external/bsd/bind/dist/bin/dnssec/dnssec-settime.html vendored
View File

@ -28,10 +28,10 @@
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-settime</code> [<code class="option">-f</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] {keyfile}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-settime</code> [<code class="option">-f</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-V</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] {keyfile}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543434"></a><h2>DESCRIPTION</h2>
<a name="id2543447"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-settime</strong></span>
reads a DNSSEC private key file and sets the key timing metadata
as specified by the <code class="option">-P</code>, <code class="option">-A</code>,
@ -57,7 +57,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543482"></a><h2>OPTIONS</h2>
<a name="id2543495"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-f</span></dt>
<dd><p>
@ -87,6 +87,10 @@
<dd><p>
Emit usage message and exit.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Prints version information.
</p></dd>
<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
<dd><p>
Sets the debugging level.
@ -108,7 +112,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543669"></a><h2>TIMING OPTIONS</h2>
<a name="id2543696"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@ -187,7 +191,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543808"></a><h2>PRINTING OPTIONS</h2>
<a name="id2543834"></a><h2>PRINTING OPTIONS</h2>
<p>
<span><strong class="command">dnssec-settime</strong></span> can also be used to print the
timing metadata associated with a key.
@ -213,7 +217,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543885"></a><h2>SEE ALSO</h2>
<a name="id2543912"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -221,7 +225,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2542144"></a><h2>AUTHOR</h2>
<a name="id2543945"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

10
external/bsd/bind/dist/bin/dnssec/dnssec-signzone.docbook vendored
View File

@ -90,6 +90,7 @@
<arg><option>-t</option></arg>
<arg><option>-u</option></arg>
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg><option>-V</option></arg>
<arg><option>-X <replaceable class="parameter">extended end-time</replaceable></option></arg>
<arg><option>-x</option></arg>
<arg><option>-z</option></arg>
@ -337,6 +338,15 @@
</listitem>
</varlistentry>
<varlistentry>
<term>-V</term>
<listitem>
<para>
Prints version information.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-i <replaceable class="parameter">interval</replaceable></term>
<listitem>

16
external/bsd/bind/dist/bin/dnssec/dnssec-signzone.html vendored
View File

@ -29,10 +29,10 @@
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-signzone</code> [<code class="option">-a</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-e <em class="replaceable"><code>end-time</code></em></code>] [<code class="option">-f <em class="replaceable"><code>output-file</code></em></code>] [<code class="option">-g</code>] [<code class="option">-h</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-M <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-I <em class="replaceable"><code>input-format</code></em></code>] [<code class="option">-j <em class="replaceable"><code>jitter</code></em></code>] [<code class="option">-N <em class="replaceable"><code>soa-serial-format</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-O <em class="replaceable"><code>output-format</code></em></code>] [<code class="option">-P</code>] [<code class="option">-p</code>] [<code class="option">-R</code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S</code>] [<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>] [<code class="option">-T <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-t</code>] [<code class="option">-u</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-X <em class="replaceable"><code>extended end-time</code></em></code>] [<code class="option">-x</code>] [<code class="option">-z</code>] [<code class="option">-3 <em class="replaceable"><code>salt</code></em></code>] [<code class="option">-H <em class="replaceable"><code>iterations</code></em></code>] [<code class="option">-A</code>] {zonefile} [key...]</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-signzone</code> [<code class="option">-a</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-e <em class="replaceable"><code>end-time</code></em></code>] [<code class="option">-f <em class="replaceable"><code>output-file</code></em></code>] [<code class="option">-g</code>] [<code class="option">-h</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-M <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-I <em class="replaceable"><code>input-format</code></em></code>] [<code class="option">-j <em class="replaceable"><code>jitter</code></em></code>] [<code class="option">-N <em class="replaceable"><code>soa-serial-format</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-O <em class="replaceable"><code>output-format</code></em></code>] [<code class="option">-P</code>] [<code class="option">-p</code>] [<code class="option">-R</code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S</code>] [<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>] [<code class="option">-T <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-t</code>] [<code class="option">-u</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">-X <em class="replaceable"><code>extended end-time</code></em></code>] [<code class="option">-x</code>] [<code class="option">-z</code>] [<code class="option">-3 <em class="replaceable"><code>salt</code></em></code>] [<code class="option">-H <em class="replaceable"><code>iterations</code></em></code>] [<code class="option">-A</code>] {zonefile} [key...]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543643"></a><h2>DESCRIPTION</h2>
<a name="id2543656"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-signzone</strong></span>
signs a zone. It generates
NSEC and RRSIG records and produces a signed version of the
@ -43,7 +43,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543658"></a><h2>OPTIONS</h2>
<a name="id2543671"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a</span></dt>
<dd><p>
@ -189,6 +189,10 @@
Prints a short summary of the options and arguments to
<span><strong class="command">dnssec-signzone</strong></span>.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Prints version information.
</p></dd>
<dt><span class="term">-i <em class="replaceable"><code>interval</code></em></span></dt>
<dd>
<p>
@ -487,7 +491,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2545351"></a><h2>EXAMPLE</h2>
<a name="id2545241"></a><h2>EXAMPLE</h2>
<p>
The following command signs the <strong class="userinput"><code>example.com</code></strong>
zone with the DSA key generated by <span><strong class="command">dnssec-keygen</strong></span>
@ -517,14 +521,14 @@ db.example.com.signed
%</pre>
</div>
<div class="refsect1" lang="en">
<a name="id2545475"></a><h2>SEE ALSO</h2>
<a name="id2545365"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 4033</em>, <em class="citetitle">RFC 4641</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545502"></a><h2>AUTHOR</h2>
<a name="id2545393"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

10
external/bsd/bind/dist/bin/dnssec/dnssec-verify.docbook vendored
View File

@ -49,6 +49,7 @@
<arg><option>-I <replaceable class="parameter">input-format</replaceable></option></arg>
<arg><option>-o <replaceable class="parameter">origin</replaceable></option></arg>
<arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
<arg><option>-V</option></arg>
<arg><option>-x</option></arg>
<arg><option>-z</option></arg>
<arg choice="req">zonefile</arg>
@ -129,6 +130,15 @@
</listitem>
</varlistentry>
<varlistentry>
<term>-V</term>
<listitem>
<para>
Prints version information.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-x</term>
<listitem>

14
external/bsd/bind/dist/bin/dnssec/dnssec-verify.html vendored
View File

@ -28,10 +28,10 @@
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-verify</code> [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-I <em class="replaceable"><code>input-format</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-x</code>] [<code class="option">-z</code>] {zonefile}</p></div>
<div class="cmdsynopsis"><p><code class="command">dnssec-verify</code> [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-I <em class="replaceable"><code>input-format</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">-x</code>] [<code class="option">-z</code>] {zonefile}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543393"></a><h2>DESCRIPTION</h2>
<a name="id2543405"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-verify</strong></span>
verifies that a zone is fully signed for each algorithm found
in the DNSKEY RRset for the zone, and that the NSEC / NSEC3
@ -39,7 +39,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543404"></a><h2>OPTIONS</h2>
<a name="id2543417"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
<dd><p>
@ -79,6 +79,10 @@
<dd><p>
Sets the debugging level.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Prints version information.
</p></dd>
<dt><span class="term">-x</span></dt>
<dd><p>
Only verify that the DNSKEY RRset is signed with key-signing
@ -115,7 +119,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543634"></a><h2>SEE ALSO</h2>
<a name="id2543660"></a><h2>SEE ALSO</h2>
<p>
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -123,7 +127,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543659"></a><h2>AUTHOR</h2>
<a name="id2543686"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

239
external/bsd/bind/dist/bin/named/include/named/seccomp.h vendored Normal file
View File

@ -0,0 +1,239 @@
/* $NetBSD: seccomp.h,v 1.1.1.1 2014/12/10 02:25:13 christos Exp $ */
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef NAMED_SECCOMP_H
#define NAMED_SECCOMP_H 1
/*! \file */
#ifdef HAVE_LIBSECCOMP
#include <sys/types.h>
#include <sys/resource.h>
#include <unistd.h>
#include <seccomp.h>
#include <isc/platform.h>
/*%
* For each architecture, the scmp_syscalls and
* scmp_syscall_names arrays MUST be kept in sync.
*/
#ifdef __x86_64__
int scmp_syscalls[] = {
SCMP_SYS(access),
SCMP_SYS(open),
SCMP_SYS(clock_gettime),
SCMP_SYS(time),
SCMP_SYS(read),
SCMP_SYS(write),
SCMP_SYS(close),
SCMP_SYS(brk),
SCMP_SYS(poll),
SCMP_SYS(select),
SCMP_SYS(madvise),
SCMP_SYS(mmap),
SCMP_SYS(munmap),
SCMP_SYS(exit_group),
SCMP_SYS(rt_sigprocmask),
SCMP_SYS(rt_sigaction),
SCMP_SYS(fsync),
SCMP_SYS(rt_sigreturn),
SCMP_SYS(setsid),
SCMP_SYS(chdir),
SCMP_SYS(futex),
SCMP_SYS(stat),
SCMP_SYS(rt_sigsuspend),
SCMP_SYS(fstat),
SCMP_SYS(epoll_ctl),
SCMP_SYS(gettimeofday),
SCMP_SYS(unlink),
SCMP_SYS(socket),
SCMP_SYS(sendto),
#ifndef ISC_PLATFORM_USETHREADS
SCMP_SYS(bind),
SCMP_SYS(accept),
SCMP_SYS(connect),
SCMP_SYS(listen),
SCMP_SYS(fcntl),
SCMP_SYS(sendmsg),
SCMP_SYS(recvmsg),
SCMP_SYS(uname),
SCMP_SYS(setrlimit),
SCMP_SYS(getrlimit),
SCMP_SYS(setsockopt),
SCMP_SYS(getsockopt),
SCMP_SYS(getsockname),
SCMP_SYS(lstat),
SCMP_SYS(lseek),
SCMP_SYS(getgid),
SCMP_SYS(getegid),
SCMP_SYS(getuid),
SCMP_SYS(geteuid),
SCMP_SYS(setresgid),
SCMP_SYS(setresuid),
SCMP_SYS(setgid),
SCMP_SYS(setuid),
SCMP_SYS(prctl),
SCMP_SYS(epoll_wait),
SCMP_SYS(openat),
SCMP_SYS(getdents),
SCMP_SYS(rename),
SCMP_SYS(utimes),
SCMP_SYS(dup),
#endif
};
const char *scmp_syscall_names[] = {
"access",
"open",
"clock_gettime",
"time",
"read",
"write",
"close",
"brk",
"poll",
"select",
"madvise",
"mmap",
"munmap",
"exit_group",
"rt_sigprocmask",
"rt_sigaction",
"fsync",
"rt_sigreturn",
"setsid",
"chdir",
"futex",
"stat",
"rt_sigsuspend",
"fstat",
"epoll_ctl",
"gettimeofday",
"unlink",
"socket",
"sendto",
#ifndef ISC_PLATFORM_USETHREADS
"bind",
"accept",
"connect",
"listen",
"fcntl",
"sendmsg",
"recvmsg",
"uname",
"setrlimit",
"getrlimit",
"setsockopt",
"getsockopt",
"getsockname",
"lstat",
"lseek",
"getgid",
"getegid",
"getuid",
"geteuid",
"setresgid",
"setresuid",
"setgid",
"setuid",
"prctl",
"epoll_wait",
"openat",
"getdents",
"rename",
"utimes",
"dup",
#endif
};
#endif /* __x86_64__ */
#ifdef __i386__
int scmp_syscalls[] = {
SCMP_SYS(access),
SCMP_SYS(open),
SCMP_SYS(clock_gettime),
SCMP_SYS(time),
SCMP_SYS(read),
SCMP_SYS(write),
SCMP_SYS(close),
SCMP_SYS(brk),
SCMP_SYS(poll),
SCMP_SYS(_newselect),
SCMP_SYS(select),
SCMP_SYS(madvise),
SCMP_SYS(mmap2),
SCMP_SYS(mmap),
SCMP_SYS(munmap),
SCMP_SYS(exit_group),
SCMP_SYS(rt_sigprocmask),
SCMP_SYS(sigprocmask),
SCMP_SYS(rt_sigaction),
SCMP_SYS(socketcall),
SCMP_SYS(fsync),
SCMP_SYS(sigreturn),
SCMP_SYS(setsid),
SCMP_SYS(chdir),
SCMP_SYS(futex),
SCMP_SYS(stat64),
SCMP_SYS(rt_sigsuspend),
SCMP_SYS(fstat64),
SCMP_SYS(epoll_ctl),
SCMP_SYS(gettimeofday),
SCMP_SYS(unlink),
#ifndef ISC_PLATFORM_USETHREADS
SCMP_SYS(fcntl64),
#endif
};
const char *scmp_syscall_names[] = {
"access",
"open",
"clock_gettime",
"time",
"read",
"write",
"close",
"brk",
"poll",
"_newselect",
"select",
"madvise",
"mmap2",
"mmap",
"munmap",
"exit_group",
"rt_sigprocmask",
"sigprocmask",
"rt_sigaction",
"socketcall",
"fsync",
"sigreturn",
"setsid",
"chdir",
"futex",
"stat64",
"rt_sigsuspend",
"fstat64",
"epoll_ctl",
"gettimeofday",
"unlink",
#ifndef ISC_PLATFORM_USETHREADS
"fcntl64",
#endif
};
#endif /* __i386__ */
#endif /* HAVE_LIBSECCOMP */
#endif /* NAMED_SECCOMP_H */

12
external/bsd/bind/dist/bin/named/lwresd.html vendored
View File

@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2476274"></a><div class="titlepage"></div>
<a name="id2476282"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">lwresd</span> &#8212; lightweight resolver daemon</p>
@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">lwresd</code> [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-C <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-i <em class="replaceable"><code>pid-file</code></em></code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-P <em class="replaceable"><code>port</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-4</code>] [<code class="option">-6</code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543470"></a><h2>DESCRIPTION</h2>
<a name="id2543479"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">lwresd</strong></span>
is the daemon providing name lookup
services to clients that use the BIND 9 lightweight resolver
@ -67,7 +67,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543517"></a><h2>OPTIONS</h2>
<a name="id2543526"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-4</span></dt>
<dd><p>
@ -197,7 +197,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543934"></a><h2>FILES</h2>
<a name="id2543943"></a><h2>FILES</h2>
<div class="variablelist"><dl>
<dt><span class="term"><code class="filename">/etc/resolv.conf</code></span></dt>
<dd><p>
@ -210,14 +210,14 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543974"></a><h2>SEE ALSO</h2>
<a name="id2543982"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544008"></a><h2>AUTHOR</h2>
<a name="id2544017"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

14
external/bsd/bind/dist/bin/named/named.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">named</code> [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-D <em class="replaceable"><code>string</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine-name</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-S <em class="replaceable"><code>#max-socks</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-U <em class="replaceable"><code>#listeners</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-V</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543507"></a><h2>DESCRIPTION</h2>
<a name="id2543515"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">named</strong></span>
is a Domain Name System (DNS) server,
part of the BIND 9 distribution from ISC. For more
@ -47,7 +47,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543531"></a><h2>OPTIONS</h2>
<a name="id2543540"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-4</span></dt>
<dd><p>
@ -258,7 +258,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544183"></a><h2>SIGNALS</h2>
<a name="id2544123"></a><h2>SIGNALS</h2>
<p>
In routine operation, signals should not be used to control
the nameserver; <span><strong class="command">rndc</strong></span> should be used
@ -279,7 +279,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544299"></a><h2>CONFIGURATION</h2>
<a name="id2544240"></a><h2>CONFIGURATION</h2>
<p>
The <span><strong class="command">named</strong></span> configuration file is too complex
to describe in detail here. A complete description is provided
@ -296,7 +296,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544336"></a><h2>FILES</h2>
<a name="id2544276"></a><h2>FILES</h2>
<div class="variablelist"><dl>
<dt><span class="term"><code class="filename">/etc/named.conf</code></span></dt>
<dd><p>
@ -309,7 +309,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544375"></a><h2>SEE ALSO</h2>
<a name="id2544384"></a><h2>SEE ALSO</h2>
<p><em class="citetitle">RFC 1033</em>,
<em class="citetitle">RFC 1034</em>,
<em class="citetitle">RFC 1035</em>,
@ -322,7 +322,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544445"></a><h2>AUTHOR</h2>
<a name="id2544454"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

12
external/bsd/bind/dist/bin/nsupdate/nsupdate.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">nsupdate</code> [<code class="option">-d</code>] [<code class="option">-D</code>] [[<code class="option">-g</code>] | [<code class="option">-o</code>] | [<code class="option">-l</code>] | [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]keyname:secret</code></em></code>] | [<code class="option">-k <em class="replaceable"><code>keyfile</code></em></code>]] [<code class="option">-t <em class="replaceable"><code>timeout</code></em></code>] [<code class="option">-u <em class="replaceable"><code>udptimeout</code></em></code>] [<code class="option">-r <em class="replaceable"><code>udpretries</code></em></code>] [<code class="option">-R <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-v</code>] [<code class="option">-T</code>] [<code class="option">-P</code>] [<code class="option">-V</code>] [filename]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543479"></a><h2>DESCRIPTION</h2>
<a name="id2543488"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">nsupdate</strong></span>
is used to submit Dynamic DNS Update requests as defined in RFC 2136
to a name server.
@ -218,7 +218,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543879"></a><h2>INPUT FORMAT</h2>
<a name="id2543888"></a><h2>INPUT FORMAT</h2>
<p><span><strong class="command">nsupdate</strong></span>
reads input from
<em class="parameter"><code>filename</code></em>
@ -520,7 +520,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544853"></a><h2>EXAMPLES</h2>
<a name="id2544861"></a><h2>EXAMPLES</h2>
<p>
The examples below show how
<span><strong class="command">nsupdate</strong></span>
@ -574,7 +574,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544897"></a><h2>FILES</h2>
<a name="id2544905"></a><h2>FILES</h2>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>
<dd><p>
@ -597,7 +597,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544980"></a><h2>SEE ALSO</h2>
<a name="id2541985"></a><h2>SEE ALSO</h2>
<p>
<em class="citetitle">RFC 2136</em>,
<em class="citetitle">RFC 3007</em>,
@ -612,7 +612,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2542170"></a><h2>BUGS</h2>
<a name="id2542042"></a><h2>BUGS</h2>
<p>
The TSIG key is redundantly stored in two separate files.
This is a consequence of nsupdate using the DST library

15908
external/bsd/bind/dist/bin/pkcs11/openssl-0.9.8za-patch vendored Normal file
View File

File diff suppressed because it is too large Load Diff

15889
external/bsd/bind/dist/bin/pkcs11/openssl-1.0.0m-patch vendored Normal file
View File

File diff suppressed because it is too large Load Diff

15784
external/bsd/bind/dist/bin/pkcs11/openssl-1.0.1h-patch vendored Normal file
View File

File diff suppressed because it is too large Load Diff

7
external/bsd/bind/dist/bin/pkcs11/pkcs11-destroy.docbook vendored
View File

@ -138,10 +138,13 @@
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>pkcs11-list</refentrytitle><manvolnum>3</manvolnum>
<refentrytitle>pkcs11-keygen</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-keygen</refentrytitle><manvolnum>3</manvolnum>
<refentrytitle>pkcs11-list</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-tokens</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>

21
external/bsd/bind/dist/bin/pkcs11/pkcs11-keygen.docbook vendored
View File

@ -17,13 +17,13 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<refentry id="man.pkcs11-ecgen">
<refentry id="man.pkcs11-keygen">
<refentryinfo>
<date>January 15, 2014</date>
</refentryinfo>
<refmeta>
<refentrytitle><application>pkcs11-ecgen</application></refentrytitle>
<refentrytitle><application>pkcs11-keygen</application></refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo>BIND9</refmiscinfo>
</refmeta>
@ -142,14 +142,14 @@
<listitem>
<para>
Specify the PIN for the device. If no PIN is provided on
the command line, <command>pkcs11-ecgen</command> will
the command line, <command>pkcs11-keygen</command> will
prompt for it.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-e</term>
<term>-q</term>
<listitem>
<para>
Quiet mode: suppress unnecessary output.
@ -185,20 +185,17 @@
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>pkcs11-rsagen</refentrytitle><manvolnum>3</manvolnum>
<refentrytitle>pkcs11-destroy</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-dsagen</refentrytitle><manvolnum>3</manvolnum>
<refentrytitle>pkcs11-list</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-list</refentrytitle><manvolnum>3</manvolnum>
<refentrytitle>pkcs11-tokens</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-destroy</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>dnssec-keyfromlabel</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>,
<refentrytitle>dnssec-keyfromlabel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>

7
external/bsd/bind/dist/bin/pkcs11/pkcs11-list.docbook vendored
View File

@ -130,10 +130,13 @@
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>pkcs11-keygen</refentrytitle><manvolnum>3</manvolnum>
<refentrytitle>pkcs11-destroy</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-destroy</refentrytitle><manvolnum>3</manvolnum>
<refentrytitle>pkcs11-keygen</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-tokens</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>

15
external/bsd/bind/dist/bin/pkcs11/pkcs11-tokens.docbook vendored
View File

@ -72,6 +72,21 @@
</variablelist>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>pkcs11-destroy</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-keygen</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pkcs11-list</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para><corpauthor>Internet Systems Consortium</corpauthor>

16
external/bsd/bind/dist/bin/python/Makefile.in vendored
View File

@ -1,4 +1,4 @@
# Copyright (C) 2012, 2013 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2012-2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -23,7 +23,7 @@ top_srcdir = @top_srcdir@
PYTHON = @PYTHON@
TARGETS = dnssec-checkds dnssec-coverage
SRCS = dnssec-checkds.py dnssec-coverage.py
PYSRCS = dnssec-checkds.py dnssec-coverage.py
MANPAGES = dnssec-checkds.8 dnssec-coverage.8
HTMLPAGES = dnssec-checkds.html dnssec-coverage.html
@ -31,6 +31,14 @@ MANOBJS = ${MANPAGES} ${HTMLPAGES}
@BIND9_MAKE_RULES@
dnssec-checkds: dnssec-checkds.py
cp -f dnssec-checkds.py dnssec-checkds
chmod +x dnssec-checkds
dnssec-coverage: dnssec-coverage.py
cp -f dnssec-coverage.py dnssec-coverage
chmod +x dnssec-coverage
doc man:: ${MANOBJS}
docclean manclean maintainer-clean::
@ -41,8 +49,8 @@ installdirs:
$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man8
install:: ${TARGETS} installdirs
${INSTALL_PROGRAM} dnssec-checkds@EXEEXT@ ${DESTDIR}${sbindir}
${INSTALL_PROGRAM} dnssec-coverage@EXEEXT@ ${DESTDIR}${sbindir}
${INSTALL_SCRIPT} dnssec-checkds@EXEEXT@ ${DESTDIR}${sbindir}
${INSTALL_SCRIPT} dnssec-coverage@EXEEXT@ ${DESTDIR}${sbindir}
${INSTALL_DATA} ${srcdir}/dnssec-checkds.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/dnssec-coverage.8 ${DESTDIR}${mandir}/man8

8
external/bsd/bind/dist/bin/python/dnssec-checkds.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code> [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>dig path</code></em></code>] [<code class="option">-D <em class="replaceable"><code>dsfromkey path</code></em></code>] {zone}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543426"></a><h2>DESCRIPTION</h2>
<a name="id2543434"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-checkds</strong></span>
verifies the correctness of Delegation Signer (DS) or DNSSEC
Lookaside Validation (DLV) resource records for keys in a specified
@ -40,7 +40,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543437"></a><h2>OPTIONS</h2>
<a name="id2543446"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-f <em class="replaceable"><code>file</code></em></span></dt>
<dd><p>
@ -69,14 +69,14 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543533"></a><h2>SEE ALSO</h2>
<a name="id2543542"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-dsfromkey</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543568"></a><h2>AUTHOR</h2>
<a name="id2543576"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

6
external/bsd/bind/dist/bin/python/dnssec-coverage.8 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: dnssec-coverage.8,v 1.1.1.3 2014/07/08 04:45:56 spz Exp $
.\" $NetBSD: dnssec-coverage.8,v 1.1.1.4 2014/12/10 02:25:15 christos Exp $
.\"
.\" Copyright (C) 2013, 2014 Internet Systems Consortium, Inc. ("ISC")
.\"
@ -86,7 +86,7 @@ This option is mandatory unless the
\fB\-f\fR
has been used to specify a zone file. (If
\fB\-f\fR
has been specified, this option may still be used; it will overrde the value found in the file.)
has been specified, this option may still be used; it will override the value found in the file.)
.RE
.PP
\-d \fIDNSKEY TTL\fR
@ -100,7 +100,7 @@ This option is mandatory unless the
has been used to specify a zone file, or a default key TTL was set with the
\fB\-L\fR
to
\fBdnssec\-keygen\fR. (If either of those is true, this option may still be used; it will overrde the value found in the zone or key file.)
\fBdnssec\-keygen\fR. (If either of those is true, this option may still be used; it will override the value found in the zone or key file.)
.RE
.PP
\-r \fIresign interval\fR

4
external/bsd/bind/dist/bin/python/dnssec-coverage.docbook vendored
View File

@ -150,7 +150,7 @@
<para>
This option is mandatory unless the <option>-f</option> has
been used to specify a zone file. (If <option>-f</option> has
been specified, this option may still be used; it will overrde
been specified, this option may still be used; it will override
the value found in the file.)
</para>
</listitem>
@ -179,7 +179,7 @@
been used to specify a zone file, or a default key TTL was
set with the <option>-L</option> to
<command>dnssec-keygen</command>. (If either of those is true,
this option may still be used; it will overrde the value found
this option may still be used; it will override the value found
in the zone or key file.)
</para>
</listitem>

12
external/bsd/bind/dist/bin/python/dnssec-coverage.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-coverage</code> [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-l <em class="replaceable"><code>length</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>DNSKEY TTL</code></em></code>] [<code class="option">-m <em class="replaceable"><code>max TTL</code></em></code>] [<code class="option">-r <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-c <em class="replaceable"><code>compilezone path</code></em></code>] [<code class="option">-k</code>] [<code class="option">-z</code>] [zone]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543411"></a><h2>DESCRIPTION</h2>
<a name="id2543419"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-coverage</strong></span>
verifies that the DNSSEC keys for a given zone or a set of zones
have timing metadata set properly to ensure no future lapses in DNSSEC
@ -60,7 +60,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543435"></a><h2>OPTIONS</h2>
<a name="id2543444"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
<dd><p>
@ -108,7 +108,7 @@
<p>
This option is mandatory unless the <code class="option">-f</code> has
been used to specify a zone file. (If <code class="option">-f</code> has
been specified, this option may still be used; it will overrde
been specified, this option may still be used; it will override
the value found in the file.)
</p>
</dd>
@ -134,7 +134,7 @@
been used to specify a zone file, or a default key TTL was
set with the <code class="option">-L</code> to
<span><strong class="command">dnssec-keygen</strong></span>. (If either of those is true,
this option may still be used; it will overrde the value found
this option may still be used; it will override the value found
in the zone or key file.)
</p>
</dd>
@ -174,7 +174,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543736"></a><h2>SEE ALSO</h2>
<a name="id2543745"></a><h2>SEE ALSO</h2>
<p>
<span class="citerefentry"><span class="refentrytitle">dnssec-checkds</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-dsfromkey</span>(8)</span>,
@ -183,7 +183,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543780"></a><h2>AUTHOR</h2>
<a name="id2543788"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

4
external/bsd/bind/dist/bin/python/dnssec-coverage.py.in vendored
View File

@ -104,7 +104,7 @@ class Key:
self.alg = int(alg)
self.keyid = int(keyid)
kfp = file(key_file, "r")
kfp = open(key_file, "r")
for line in kfp:
if line[0] == ';':
continue
@ -132,7 +132,7 @@ class Key:
self.sep = False
kfp.close()
pfp = file(private_file, "rU")
pfp = open(private_file, "rU")
propDict = dict()
for propLine in pfp:
propDef = propLine.strip()

10
external/bsd/bind/dist/bin/rndc/rndc.conf.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">rndc.conf</code> </p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543358"></a><h2>DESCRIPTION</h2>
<a name="id2543367"></a><h2>DESCRIPTION</h2>
<p><code class="filename">rndc.conf</code> is the configuration file
for <span><strong class="command">rndc</strong></span>, the BIND 9 name server control
utility. This file has a similar structure and syntax to
@ -118,7 +118,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543507"></a><h2>EXAMPLE</h2>
<a name="id2543515"></a><h2>EXAMPLE</h2>
<pre class="programlisting">
options {
default-server localhost;
@ -192,7 +192,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543598"></a><h2>NAME SERVER CONFIGURATION</h2>
<a name="id2543607"></a><h2>NAME SERVER CONFIGURATION</h2>
<p>
The name server must be configured to accept rndc connections and
to recognize the key specified in the <code class="filename">rndc.conf</code>
@ -202,7 +202,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543620"></a><h2>SEE ALSO</h2>
<a name="id2543628"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">mmencode</span>(1)</span>,
@ -210,7 +210,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543658"></a><h2>AUTHOR</h2>
<a name="id2543667"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

4
external/bsd/bind/dist/bin/rndc/rndc.docbook vendored
View File

@ -20,7 +20,7 @@
<refentry id="man.rndc">
<refentryinfo>
<date>February 07, 2014</date>
<date>August 15, 2014</date>
</refentryinfo>
<refmeta>
@ -549,7 +549,7 @@
</varlistentry>
<varlistentry>
<term><userinput>flushtree</userinput> <optional>-all</optional> <replaceable>name</replaceable> <optional><replaceable>view</replaceable></optional> </term>
<term><userinput>flushtree</userinput> <replaceable>name</replaceable> <optional><replaceable>view</replaceable></optional> </term>
<listitem>
<para>
Flushes the given name, and all of its subdomains,

14
external/bsd/bind/dist/bin/rndc/rndc.html vendored
View File

@ -32,7 +32,7 @@
<div class="cmdsynopsis"><p><code class="command">rndc</code> [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-q</code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543424"></a><h2>DESCRIPTION</h2>
<a name="id2543432"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">rndc</strong></span>
controls the operation of a name
server. It supersedes the <span><strong class="command">ndc</strong></span> utility
@ -63,7 +63,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543459"></a><h2>OPTIONS</h2>
<a name="id2543467"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
<dd><p>
@ -134,7 +134,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543668"></a><h2>COMMANDS</h2>
<a name="id2543676"></a><h2>COMMANDS</h2>
<p>
A list of commands supported by <span><strong class="command">rndc</strong></span> can
be seen by running <span><strong class="command">rndc</strong></span> without arguments.
@ -358,7 +358,7 @@
and, if applicable, from the server's nameserver address
database or bad-server cache.
</p></dd>
<dt><span class="term"><strong class="userinput"><code>flushtree</code></strong> [<span class="optional">-all</span>] <em class="replaceable"><code>name</code></em> [<span class="optional"><em class="replaceable"><code>view</code></em></span>] </span></dt>
<dt><span class="term"><strong class="userinput"><code>flushtree</code></strong> <em class="replaceable"><code>name</code></em> [<span class="optional"><em class="replaceable"><code>view</code></em></span>] </span></dt>
<dd><p>
Flushes the given name, and all of its subdomains,
from the server's DNS cache, the address database,
@ -519,7 +519,7 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2542133"></a><h2>LIMITATIONS</h2>
<a name="id2542002"></a><h2>LIMITATIONS</h2>
<p>
There is currently no way to provide the shared secret for a
<code class="option">key_id</code> without using the configuration file.
@ -529,7 +529,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2542151"></a><h2>SEE ALSO</h2>
<a name="id2542020"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@ -539,7 +539,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545415"></a><h2>AUTHOR</h2>
<a name="id2545420"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>

2
external/bsd/bind/dist/bin/tests/dst/Makefile.in vendored
View File

@ -49,7 +49,7 @@ dst_test@EXEEXT@: dst_test.@O@ ${DEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
dst_test.@O@ ${LIBS}
t_dst@EXEEXT@: t_dst.@O@ ${DEPLIBS} ${TLIB} randomfile
t_dst@EXEEXT@: t_dst.@O@ ${DEPLIBS} ${TLIB}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
t_dst.@O@ ${TLIB} ${LIBS}

2
external/bsd/bind/dist/bin/tests/system/Makefile.in vendored
View File

@ -21,7 +21,7 @@ top_srcdir = @top_srcdir@
@BIND9_MAKE_INCLUDES@
SUBDIRS = dlzexternal filter-aaaa geoip lwresd rpz rsabigexponent tkey tsiggss
SUBDIRS = builtin dlzexternal filter-aaaa geoip lwresd rpz rsabigexponent tkey tsiggss
TARGETS =
@BIND9_MAKE_RULES@

4
external/bsd/bind/dist/bin/tests/system/acl/clean.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2008, 2012 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2008, 2012, 2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -20,6 +20,6 @@
# Clean up after zone transfer tests.
#
rm -f dig.out
rm -f dig.out.*
rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl ns2/named.conf
rm -f */named.memstats

9
external/bsd/bind/dist/bin/tests/system/acl/setup.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2008, 2012 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2008, 2012, 2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -14,8 +14,9 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id: setup.sh,v 1.3 2008/01/10 23:47:01 tbox Exp
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
sh ../genzone.sh 2 3 >ns2/example.db
sh ../genzone.sh 2 3 >ns2/tsigzone.db
$SHELL ../genzone.sh 2 3 >ns2/example.db
$SHELL ../genzone.sh 2 3 >ns2/tsigzone.db
cp -f ns2/named1.conf ns2/named.conf

75
external/bsd/bind/dist/bin/tests/system/acl/tests.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2008, 2012, 2013 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2008, 2012-2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -28,14 +28,15 @@ echo "I:testing basic ACL processing"
# key "one" should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
# any other key should be fine
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
cp -f ns2/named2.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
@ -44,19 +45,19 @@ sleep 5
# prefix 10/8 should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
# any other address should work, as long as it sends key "one"
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 127.0.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 127.0.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
echo "I:testing nested ACL processing"
# all combinations of 10.53.0.{1|2} with key {one|two}, should succeed
@ -67,43 +68,43 @@ sleep 5
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
# but only one or the other should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $tt failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $tt failed" ; status=1; }
# and other values? right out
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 127.0.0.1 axfr -y three:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 127.0.0.1 axfr -y three:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
# now we only allow 10.53.0.1 *and* key one, or 10.53.0.2 *and* key two
cp -f ns2/named4.conf ns2/named.conf
@ -113,32 +114,32 @@ sleep 5
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
# should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
# should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
# should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.3 axfr -y one:1234abcd8765 -p 5300 > dig.out
grep "^;" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.3 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
echo "I:testing allow-query-on ACL processing"
cp -f ns2/named5.conf ns2/named.conf
@ -146,8 +147,8 @@ $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /
sleep 5
t=`expr $t + 1`
$DIG +tcp soa example. \
@10.53.0.2 -b 10.53.0.3 -p 5300 > dig.out
grep "status: NOERROR" dig.out > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.3 -p 5300 > dig.out.${t}
grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
echo "I:exit status: $status"
exit $status

7
external/bsd/bind/dist/bin/tests/system/addzone/setup.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2010, 2012, 2013 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2010, 2012-2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -14,9 +14,10 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id: setup.sh,v 1.3 2010/08/12 01:31:36 marka Exp
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
sh clean.sh
$SHELL clean.sh
cp -f ns2/named1.conf ns2/named.conf
cp -f ns2/default.nzf.in ns2/3bf305731dd26307.nzf

70
external/bsd/bind/dist/bin/tests/system/ans.pl vendored
View File

@ -1,6 +1,6 @@
#!/usr/bin/perl
#
# Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -94,6 +94,7 @@ my $tcpsock = IO::Socket::INET->new(LocalAddr => "$server_addr",
LocalPort => 5300, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
print "listening on $server_addr:5300,5301.\n";
print "Using Net::DNS $Net::DNS::VERSION\n";
my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";
print $pidf "$$\n" or die "cannot write pid file: $!";
@ -132,9 +133,7 @@ sub handleUDP {
# get the existing signature if any, and clear the additional section
my $prev_tsig;
while (my $rr = $request->pop("additional")) {
if ($rr->type eq "TSIG") {
$prev_tsig = $rr;
}
$prev_tsig = $rr if ($rr->type eq "TSIG");
}
my $r;
@ -148,11 +147,20 @@ sub handleUDP {
$packet->push("answer", $a);
}
if(defined($key_name) && defined($key_data)) {
my $tsig;
# Sign the packet
print " Signing the response with " .
"$key_name/$key_data\n";
my $tsig = Net::DNS::RR->
new("$key_name TSIG $key_data");
if ($Net::DNS::VERSION < 0.69) {
$tsig = Net::DNS::RR->new(
"$key_name TSIG $key_data");
} else {
$tsig = Net::DNS::RR->new(
name => $key_name,
type => 'TSIG',
key => $key_data);
}
# These kluges are necessary because Net::DNS
# doesn't know how to sign responses. We
@ -167,11 +175,16 @@ sub handleUDP {
$packet->{"header"}{"arcount"} += 1
if ($Net::DNS::VERSION < 0.70);
if (defined($prev_tsig)) {
my $rmac = pack('n H*',
length($prev_tsig->mac)/2,
$prev_tsig->mac);
$tsig->{"request_mac"} =
unpack("H*", $rmac);
if ($Net::DNS::VERSION < 0.73) {
my $rmac = pack('n H*',
length($prev_tsig->mac)/2,
$prev_tsig->mac);
$tsig->{"request_mac"} =
unpack("H*", $rmac);
} else {
$tsig->request_mac(
$prev_tsig->mac);
}
}
$packet->sign_tsig($tsig);
@ -344,12 +357,23 @@ sub handleTCP {
$packet->push("answer", $a);
}
if(defined($key_name) && defined($key_data)) {
my $tsig;
# sign the packet
print " Signing the data with " .
"$key_name/$key_data\n";
my $tsig = Net::DNS::RR->
new("$key_name TSIG $key_data");
if ($Net::DNS::VERSION < 0.69) {
$tsig = Net::DNS::RR->new(
"$key_name TSIG $key_data");
} elsif ($Net::DNS::VERSION >= 0.75 &&
$continuation) {
$tsig = $prev_tsig;
} else {
$tsig = Net::DNS::RR->new(
name => $key_name,
type => 'TSIG',
key => $key_data);
}
# These kluges are necessary because Net::DNS
# doesn't know how to sign responses. We
@ -364,16 +388,22 @@ sub handleTCP {
$packet->{"header"}{"arcount"} += 1
if ($Net::DNS::VERSION < 0.70);
if (defined($prev_tsig)) {
my $rmac = pack('n H*',
length($prev_tsig->mac)/2,
$prev_tsig->mac);
$tsig->{"request_mac"} =
unpack("H*", $rmac);
if ($Net::DNS::VERSION < 0.73) {
my $rmac = pack('n H*',
length($prev_tsig->mac)/2,
$prev_tsig->mac);
$tsig->{"request_mac"} =
unpack("H*", $rmac);
} else {
$tsig->request_mac(
$prev_tsig->mac);
}
}
$tsig->sign_func($signer) if defined($signer);
$tsig->continuation($continuation)
if ($Net::DNS::VERSION >= 0.71);
$tsig->continuation($continuation) if
($Net::DNS::VERSION >= 0.71 &&
$Net::DNS::VERSION <= 0.74 );
$packet->sign_tsig($tsig);
$signer = \&sign_tcp_continuation
if ($Net::DNS::VERSION < 0.70);

1
external/bsd/bind/dist/bin/tests/system/autosign/clean.sh vendored
View File

@ -16,6 +16,7 @@
rm -f */K* */dsset-* */*.signed */trusted.conf */tmp* */*.jnl */*.bk
rm -f active.key inact.key del.key unpub.key standby.key rev.key
rm -f activate-now-publish-1day.key
rm -f nopriv.key vanishing.key del1.key del2.key
rm -f delayksk.key delayzsk.key autoksk.key autozsk.key
rm -f missingzsk.key inactivezsk.key

6
external/bsd/bind/dist/bin/tests/system/autosign/ns1/keygen.sh vendored
View File

@ -14,8 +14,6 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id: keygen.sh,v 1.8 2011/10/20 23:46:51 tbox Exp
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
@ -23,7 +21,7 @@ zone=.
zonefile=root.db
infile=root.db.in
(cd ../ns2 && sh keygen.sh )
(cd ../ns2 && $SHELL keygen.sh )
cat $infile ../ns2/dsset-example. > $zonefile
@ -33,6 +31,7 @@ zskdel=`$KEYGEN -3 -q -r $RANDFILE -D now $zone`
zskinact=`$KEYGEN -3 -q -r $RANDFILE -I now $zone`
zskunpub=`$KEYGEN -3 -q -r $RANDFILE -G $zone`
zsksby=`$KEYGEN -3 -q -r $RANDFILE -A none $zone`
zskactnowpub1d=`$KEYGEN -3 -q -r $RANDFILE -A now -P +1d $zone`
zsknopriv=`$KEYGEN -3 -q -r $RANDFILE $zone`
rm $zsknopriv.private
@ -70,4 +69,5 @@ echo $zskinact > ../inact.key
echo $zskunpub > ../unpub.key
echo $zsknopriv > ../nopriv.key
echo $zsksby > ../standby.key
echo $zskactnowpub1d > ../activate-now-publish-1day.key
$REVOKE -R $kskrev > ../rev.key

4
external/bsd/bind/dist/bin/tests/system/autosign/ns2/keygen.sh vendored
View File

@ -14,13 +14,11 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id: keygen.sh,v 1.10 2011/06/10 01:51:09 each Exp
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
# Have the child generate subdomain keys and pass DS sets to us.
( cd ../ns3 && sh keygen.sh )
( cd ../ns3 && $SHELL keygen.sh )
for subdomain in secure nsec3 autonsec3 optout rsasha256 rsasha512 nsec3-to-nsec oldsigs
do

5
external/bsd/bind/dist/bin/tests/system/autosign/prereq.sh vendored
View File

@ -14,4 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
exec sh ../testcrypto.sh
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
exec $SHELL ../testcrypto.sh

2
external/bsd/bind/dist/bin/tests/system/autosign/setup.sh vendored
View File

@ -22,4 +22,4 @@ SYSTEMTESTTOP=..
test -r $RANDFILE || $GENRANDOM 400 $RANDFILE
echo "I:generating keys and preparing zones"
cd ns1 && sh keygen.sh
cd ns1 && $SHELL keygen.sh

11
external/bsd/bind/dist/bin/tests/system/autosign/tests.sh vendored
View File

@ -27,7 +27,7 @@ showprivate () {
echo "-- $@ --"
$DIG $DIGOPTS +nodnssec +short @$2 -t type65534 $1 | cut -f3 -d' ' |
while read record; do
perl -e 'my $rdata = pack("H*", @ARGV[0]);
$PERL -e 'my $rdata = pack("H*", @ARGV[0]);
die "invalid record" unless length($rdata) == 5;
my ($alg, $key, $remove, $complete) = unpack("CnCC", $rdata);
my $action = "signing";
@ -772,6 +772,15 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:checking for activated but unpublished key ($n)"
ret=0
id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < activate-now-publish-1day.key`
$DIG $DIGOPTS +multi dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1
grep '; key id = '"$id"'$' dig.out.ns1.test$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:checking that standby key does not sign records ($n)"
ret=0
id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < standby.key`

56
external/bsd/bind/dist/bin/tests/system/builtin/Makefile.in vendored Normal file
View File

@ -0,0 +1,56 @@
# Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id
srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
@BIND9_VERSION@
@BIND9_MAKE_INCLUDES@
CINCLUDES = ${ISC_INCLUDES}
CDEFINES =
CWARNINGS =
DNSLIBS =
ISCLIBS =
DNSDEPLIBS =
ISCDEPLIBS =
DEPLIBS =
LIBS = @LIBS@
TARGETS = gethostname@EXEEXT@
SRCS = gethostname.c
OBJS = gethostname.@O@
@BIND9_MAKE_RULES@
all: gethostname@EXEEXT@
gethostname@EXEEXT@: ${OBJS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ ${OBJS} ${LIBS}
clean distclean::
rm -f ${TARGETS}

20
external/bsd/bind/dist/bin/tests/system/builtin/clean.sh vendored Normal file
View File

@ -0,0 +1,20 @@
#!/bin/sh
#
# Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
rm -f ns?/named.run
rm -f ns?/named.memstats
rm -f rndc.status.ns*
rm -f dig.out.ns*

50
external/bsd/bind/dist/bin/tests/system/builtin/gethostname.c vendored Normal file
View File

@ -0,0 +1,50 @@
/* $NetBSD: gethostname.c,v 1.1.1.1 2014/12/10 02:25:16 christos Exp $ */
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
#include <config.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <isc/util.h>
#ifndef MAXHOSTNAMELEN
#ifdef HOST_NAME_MAX
#define MAXHOSTNAMELEN HOST_NAME_MAX
#else
#define MAXHOSTNAMELEN 256
#endif
#endif
int
main(int argc, char **argv) {
char hostname[MAXHOSTNAMELEN];
int n;
UNUSED(argc);
UNUSED(argv);
n = gethostname(hostname, sizeof(hostname));
if (n == -1) {
perror("gethostname");
exit(1);
}
fprintf(stdout, "%s\n", hostname);
return (0);
}

34
external/bsd/bind/dist/bin/tests/system/builtin/ns2/named.conf vendored Normal file
View File

@ -0,0 +1,34 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* Id: named.conf,v 1.3 2011/08/09 04:12:25 tbox Exp */
include "../../common/rndc.key";
controls { inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; };
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
recursion yes;
notify no;
server-id hostname;
};

36
external/bsd/bind/dist/bin/tests/system/builtin/ns3/named.conf vendored Normal file
View File

@ -0,0 +1,36 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* Id: named.conf,v 1.3 2011/08/09 04:12:25 tbox Exp */
include "../../common/rndc.key";
controls { inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; };
options {
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };
recursion yes;
notify no;
hostname "this.is.a.test.of.hostname";
server-id "this.is.a.test.of.server-id";
version "this is a test of version";
};

83
external/bsd/bind/dist/bin/tests/system/builtin/tests.sh vendored
View File

@ -1,4 +1,4 @@
# Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -39,4 +39,85 @@ sleep 1
grep "zone serial (0) unchanged." ns1/named.run > /dev/null && ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
VERSION=`../../../../isc-config.sh --version | cut -d = -f 2`
HOSTNAME=`./gethostname`
n=`expr $n + 1`
ret=0
echo "I:Checking that default version works for rndc ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 status > rndc.status.ns1.$n 2>&1
grep "^version: $VERSION " rndc.status.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom version works for rndc ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > rndc.status.ns3.$n 2>&1
grep "^version: $VERSION (this is a test of version) " rndc.status.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that default version works for query ($n)"
$DIG +short version.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n
grep "^\"$VERSION\"$" dig.out.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom version works for query ($n)"
$DIG +short version.bind txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n
grep "^\"this is a test of version\"$" dig.out.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that default hostname works for query ($n)"
$DIG +short hostname.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n
grep "^\"$HOSTNAME\"$" dig.out.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom hostname works for query ($n)"
$DIG +short hostname.bind txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n
grep "^\"this.is.a.test.of.hostname\"$" dig.out.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that default server-id is none for query ($n)"
$DIG id.server txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n
grep "status: NOERROR" dig.out.ns1.$n > /dev/null || ret=1
grep "ANSWER: 0" dig.out.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that server-id hostname works for query ($n)"
$DIG +short id.server txt ch @10.53.0.2 -p 5300 > dig.out.ns2.$n
grep "^\"$HOSTNAME\"$" dig.out.ns2.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that server-id hostname works for EDNS name server ID request ($n)"
$DIG +norec +nsid foo @10.53.0.2 -p 5300 > dig.out.ns2.$n
grep "^; NSID: .* (\"$HOSTNAME\")$" dig.out.ns2.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom server-id works for query ($n)"
$DIG +short id.server txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n
grep "^\"this.is.a.test.of.server-id\"$" dig.out.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom server-id works for EDNS name server ID request ($n)"
$DIG +norec +nsid foo @10.53.0.3 -p 5300 > dig.out.ns3.$n
grep "^; NSID: .* (\"this.is.a.test.of.server-id\")$" dig.out.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
exit $status

25
external/bsd/bind/dist/bin/tests/system/checkconf/bad-master-request-ixfr.conf vendored Normal file
View File

@ -0,0 +1,25 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/*
* request-ixfr clause is not allowed in zone of type master.
*/
zone dummy {
type master;
request-ixfr no;
file "xxxx";
};

26
external/bsd/bind/dist/bin/tests/system/checkconf/check-dup-records-fail.conf vendored Normal file
View File

@ -0,0 +1,26 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
options {
check-integrity yes; // default is yes
};
zone "check-dup-records" {
type master;
file "check-dup-records.db";
check-dup-records fail;
};

36
external/bsd/bind/dist/bin/tests/system/checkconf/check-dup-records.db vendored Normal file
View File

@ -0,0 +1,36 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$TTL 600 ; 10 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
MX 10 mail
mail A 10.0.0.1
ns2 A 10.53.0.2
; following records are not de-duplicated
; and will be matched by check-dup-records
duplicate HIP ( 2 200100107B1A74DF365639CC39F1D578
AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D
rvs.example.com. )
duplicate HIP ( 2 200100107B1A74DF365639CC39F1D578
AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D
RVS.example.com. )

25
external/bsd/bind/dist/bin/tests/system/checkconf/check-mx-cname-fail.conf vendored Normal file
View File

@ -0,0 +1,25 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
options {
check-integrity yes; // default is yes
};
zone "check-mx-cname" {
type master;
file "check-mx-cname.db";
check-mx-cname fail;
};

29
external/bsd/bind/dist/bin/tests/system/checkconf/check-mx-cname.db vendored Normal file
View File

@ -0,0 +1,29 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$TTL 600 ; 10 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
MX 10 mail
; MX points to a CNAME which is detected by check-mx-cname
mail CNAME ns2
ns2 A 10.53.0.2

25
external/bsd/bind/dist/bin/tests/system/checkconf/check-mx-fail.conf vendored Normal file
View File

@ -0,0 +1,25 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
options {
check-integrity yes; // default is yes
};
zone "check-mx" {
type master;
file "check-mx.db";
check-mx fail;
};

27
external/bsd/bind/dist/bin/tests/system/checkconf/check-mx.db vendored Normal file
View File

@ -0,0 +1,27 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$TTL 600 ; 10 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
; MX appears to be an address and will be detected by check-mx
MX 10 10.0.0.1
ns2 A 10.53.0.2

25
external/bsd/bind/dist/bin/tests/system/checkconf/check-names-fail.conf vendored Normal file
View File

@ -0,0 +1,25 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
options {
check-integrity yes; // default is yes
};
zone "check-names" {
type master;
file "check-names.db";
check-names fail;
};

31
external/bsd/bind/dist/bin/tests/system/checkconf/check-names.db vendored Normal file
View File

@ -0,0 +1,31 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$TTL 600 ; 10 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
MX 10 mail
mail A 10.0.0.1
ns2 A 10.53.0.2
; the RDATA of this record contains a name that may be considered
; invalid and will be detected by check-names configuration.
check-names SRV 1 2 3 _underscore

25
external/bsd/bind/dist/bin/tests/system/checkconf/check-srv-cname-fail.conf vendored Normal file
View File

@ -0,0 +1,25 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
options {
check-integrity yes; // default is yes
};
zone "check-srv-cname" {
type master;
file "check-srv-cname.db";
check-srv-cname fail;
};

31
external/bsd/bind/dist/bin/tests/system/checkconf/check-srv-cname.db vendored Normal file
View File

@ -0,0 +1,31 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$TTL 600 ; 10 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
MX 10 mail
mail A 10.0.0.1
ns2 A 10.53.0.2
check-srv-cname SRV 1 2 3 target
; SRV points to a CNAME which is detected by check-srv-cname configuration
target CNAME mail

1
external/bsd/bind/dist/bin/tests/system/checkconf/clean.sh vendored
View File

@ -16,3 +16,4 @@
rm -f good.conf.in good.conf.out badzero.conf *.out
rm -rf test.keydir
rm -f checkconf.out*

48
external/bsd/bind/dist/bin/tests/system/checkconf/tests.sh vendored
View File

@ -191,5 +191,53 @@ $CHECKCONF -z altdlz.conf > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that check-names fails as configured"
ret=0
$CHECKCONF -z check-names-fail.conf > checkconf.out1 2>&1 && ret=1
grep "near '_underscore': bad name (check-names)" checkconf.out1 > /dev/null || ret=1
grep "zone check-names/IN: loaded serial" < checkconf.out1 > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that check-mx fails as configured"
ret=0
$CHECKCONF -z check-mx-fail.conf > checkconf.out2 2>&1 && ret=1
grep "near '10.0.0.1': MX is an address" checkconf.out2 > /dev/null || ret=1
grep "zone check-mx/IN: loaded serial" < checkconf.out2 > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that check-dup-records fails as configured"
ret=0
$CHECKCONF -z check-dup-records-fail.conf > checkconf.out3 2>&1 && ret=1
grep "has semantically identical records" checkconf.out3 > /dev/null || ret=1
grep "zone check-dup-records/IN: loaded serial" < checkconf.out3 > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that check-mx fails as configured"
ret=0
$CHECKCONF -z check-mx-fail.conf > checkconf.out4 2>&1 && ret=1
grep "failed: MX is an address" checkconf.out4 > /dev/null || ret=1
grep "zone check-mx/IN: loaded serial" < checkconf.out4 > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that check-mx-cname fails as configured"
ret=0
$CHECKCONF -z check-mx-cname-fail.conf > checkconf.out5 2>&1 && ret=1
grep "MX.* is a CNAME (illegal)" checkconf.out5 > /dev/null || ret=1
grep "zone check-mx-cname/IN: loaded serial" < checkconf.out5 > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that check-srv-cname fails as configured"
ret=0
$CHECKCONF -z check-srv-cname-fail.conf > checkconf.out6 2>&1 && ret=1
grep "SRV.* is a CNAME (illegal)" checkconf.out6 > /dev/null || ret=1
grep "zone check-mx-cname/IN: loaded serial" < checkconf.out6 > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
exit $status

7
external/bsd/bind/dist/bin/tests/system/checkds/setup.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2012, 2013 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2012-2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -14,6 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
sh clean.sh
$SHELL clean.sh

6
external/bsd/bind/dist/bin/tests/system/checkds/tests.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2012, 2013 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2012-2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -14,8 +14,6 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
@ -176,6 +174,6 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
if [ $status = 0 ]; then sh clean.sh; fi
if [ $status = 0 ]; then $SHELL clean.sh; fi
echo "I:exit status: $status"
exit $status

4
external/bsd/bind/dist/bin/tests/system/checknames/clean.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2004, 2007, 2012 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2004, 2007, 2012, 2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -21,4 +21,6 @@ rm -f nsupdate.out.test*
rm -f ns1/*.example.db
rm -f ns1/*.update.db
rm -f ns1/*.update.db.jnl
rm -f ns4/*.update.db
rm -f ns4/*.update.db.jnl
rm -f */named.memstats

21
external/bsd/bind/dist/bin/tests/system/checknames/ns4/master-ignore.update.db.in vendored Normal file
View File

@ -0,0 +1,21 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; Id: ignore.update.db.in,v 1.5 2007/06/19 23:47:01 tbox Exp
$TTL 300
@ SOA ns1.ignore.update. hostmaster.ignore.update. (
1 3600 1200 604800 3600 )
NS ns1.ignore.update.
ns1.ignore.update. A 10.53.0.1

44
external/bsd/bind/dist/bin/tests/system/checknames/ns4/named.conf vendored Normal file
View File

@ -0,0 +1,44 @@
/*
* Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* Id: named.conf,v 1.7 2007/06/18 23:47:27 tbox Exp */
controls { /* empty */ };
options {
query-source address 10.53.0.4;
notify-source 10.53.0.4;
transfer-source 10.53.0.4;
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.4; };
listen-on-v6 { none; };
recursion yes;
acache-enable yes;
check-names master ignore;
notify yes;
};
zone "." {
type hint;
file "root.hints";
};
zone "master-ignore.update" {
type master;
file "master-ignore.update.db";
allow-update { any; };
};

19
external/bsd/bind/dist/bin/tests/system/checknames/ns4/root.hints vendored Normal file
View File

@ -0,0 +1,19 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; Id: root.hints,v 1.5 2007/06/19 23:47:01 tbox Exp
$TTL 300
. NS ns1.
ns1. A 10.53.0.1

4
external/bsd/bind/dist/bin/tests/system/checknames/setup.sh vendored
View File

@ -1,4 +1,4 @@
# Copyright (C) 2004, 2007, 2012 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2004, 2007, 2012, 2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -21,3 +21,5 @@ cp ns1/fail.example.db.in ns1/fail.example.db
cp ns1/ignore.update.db.in ns1/ignore.update.db
cp ns1/warn.update.db.in ns1/warn.update.db
cp ns1/fail.update.db.in ns1/fail.update.db
cp ns4/master-ignore.update.db.in ns4/master-ignore.update.db

18
external/bsd/bind/dist/bin/tests/system/checknames/tests.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2004, 2007, 2012, 2013 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2004, 2007, 2012-2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@ -131,4 +131,20 @@ if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that updates to 'check-names master ignore;' succeed and are not logged ($n)"
ret=0
not=1
$NSUPDATE -d <<END> nsupdate.out.test$n 2>&1 || ret=1
server 10.53.0.4 5300
update add xxx_xxx.master-ignore.update. 600 A 10.10.10.1
send
END
grep "xxx_xxx.master-ignore.update/A.*(check-names)" ns1/named.run > /dev/null || not=0
if [ $not != 0 ]; then ret=1; fi
$DIG $DIGOPTS xxx_xxx.master-ignore.update @10.53.0.4 A > dig.out.ns4.test$n || ret=1
grep NOERROR dig.out.ns4.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
exit $status

12
external/bsd/bind/dist/bin/tests/system/checkzone/tests.sh vendored
View File

@ -58,12 +58,12 @@ echo "I:checking with spf warnings ($n)"
ret=0
$CHECKZONE example zones/spf.db > test.out1.$n 2>&1 || ret=1
$CHECKZONE -T ignore example zones/spf.db > test.out2.$n 2>&1 || ret=1
grep "'x.example' found SPF/TXT" test.out1.$n > /dev/null || ret=1
grep "'y.example' found SPF/SPF" test.out1.$n > /dev/null || ret=1
grep "'example' found SPF/" test.out1.$n > /dev/null && ret=1
grep "'x.example' found SPF/" test.out2.$n > /dev/null && ret=1
grep "'y.example' found SPF/" test.out2.$n > /dev/null && ret=1
grep "'example' found SPF/" test.out2.$n > /dev/null && ret=1
grep "'x.example' found type SPF" test.out1.$n > /dev/null && ret=1
grep "'y.example' found type SPF" test.out1.$n > /dev/null || ret=1
grep "'example' found type SPF" test.out1.$n > /dev/null && ret=1
grep "'x.example' found type SPF" test.out2.$n > /dev/null && ret=1
grep "'y.example' found type SPF" test.out2.$n > /dev/null && ret=1
grep "'example' found type SPF" test.out2.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

24
external/bsd/bind/dist/bin/tests/system/checkzone/zones/bad-nsec3-padded.db vendored Normal file
View File

@ -0,0 +1,24 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$TTL 600
@ SOA ns hostmaster 2011012708 3600 1200 604800 1200
NS ns
ns A 192.0.2.1
; The following NSEC3 RR is invalid as the Next Hashed Owner Name field
; is padded. See RFC 5155.
0p9mhaveqvm6t7vbl5lop2u3t2rp3tom NSEC3 1 1 12 aabbccdd (
CPNMU=== MX DNSKEY NS
SOA NSEC3PARAM RRSIG )

22
external/bsd/bind/dist/bin/tests/system/checkzone/zones/bad-nsec3owner-padded.db vendored Normal file
View File

@ -0,0 +1,22 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$TTL 600
@ SOA ns hostmaster 2011012708 3600 1200 604800 1200
NS ns
ns A 192.0.2.1
; The following NSEC3 RR owner is invalid as the owner name is padded.
CPNMU=== NSEC3 2 1 12 aabbccdd ( CPNMU MX DNSKEY NS
SOA NSEC3PARAM RRSIG )

22
external/bsd/bind/dist/bin/tests/system/checkzone/zones/good-nsec3-nopadhash.db vendored Normal file
View File

@ -0,0 +1,22 @@
; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$TTL 600
@ SOA ns hostmaster 2011012708 3600 1200 604800 1200
NS ns
ns A 192.0.2.1
; a hash that isn't a multiple of 8 characters
CPNMU NSEC3 2 1 12 aabbccdd ( CPNMU MX DNSKEY NS
SOA NSEC3PARAM RRSIG )

6
external/bsd/bind/dist/bin/tests/system/cleanall.sh vendored
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2004, 2007, 2012 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2004, 2007, 2012, 2014 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2000, 2001 Internet Software Consortium.
#
# Permission to use, copy, modify, and/or distribute this software for any
@ -15,8 +15,6 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id: cleanall.sh,v 1.11 2007/06/19 23:47:00 tbox Exp
#
# Clean up after system tests.
#
@ -34,6 +32,6 @@ status=0
for d in $SUBDIRS
do
test ! -f $d/clean.sh || ( cd $d && sh clean.sh )
test ! -f $d/clean.sh || ( cd $d && $SHELL clean.sh )
test -d $d && find $d -type d -exec rmdir '{}' \; 2> /dev/null
done

14
external/bsd/bind/dist/bin/tests/system/conf.sh.in vendored
View File

@ -57,6 +57,7 @@ ARPANAME=$TOP/bin/tools/arpaname
RESOLVE=$TOP/lib/samples/resolve
RRCHECKER=$TOP/bin/tools/named-rrchecker
GENRANDOM=$TOP/bin/tools/genrandom
NSLOOKUP=$TOP/bin/dig/nslookup
RANDFILE=$TOP/bin/tests/system/random.data
@ -66,14 +67,17 @@ RANDFILE=$TOP/bin/tests/system/random.data
SUBDIRS="acl additional allow_query addzone autosign builtin
cacheclean case checkconf @CHECKDS@ checknames checkzone
@COVERAGE@ database dlv dlvauto dlz dlzexternal dlzredir
dname dns64 dnssec dsdigest dscp ecdsa emptyzones formerr
forward glue gost ixfr inline limits logfileconfig lwresd
masterfile masterformat metadata notify nsupdate pending
@PKCS11_TEST@ redirect resolver rndc rpz rrl rrchecker
dname dns64 dnssec dsdigest dscp ecdsa emptyzones filter-aaaa
formerr forward geoip glue gost ixfr inline limits logfileconfig
lwresd masterfile masterformat metadata notify nslookup nsupdate
pending @PKCS11_TEST@ redirect resolver rndc rpz rrl rrchecker
rrsetorder rsabigexponent sit smartsign sortlist spf staticstub
statistics stub tkey tsig tsiggss unknown upforwd verify
views wildcard xfer xferquota zero zonechecks"
# Use the CONFIG_SHELL detected by configure for tests
SHELL=@SHELL@
# PERL will be an empty string if no perl interpreter was found.
PERL=@PERL@
if test -n "$PERL"
@ -90,4 +94,4 @@ fi
export NAMED LWRESD DIG NSUPDATE KEYGEN KEYFRLAB SIGNER KEYSIGNER KEYSETTOOL \
PERL SUBDIRS RNDC CHECKZONE PK11GEN PK11LIST PK11DEL TESTSOCK6 \
JOURNALPRINT ARPANAME RESOLVE RRCHECKER
JOURNALPRINT ARPANAME RESOLVE RRCHECKER NSLOOKUP

5
external/bsd/bind/dist/bin/tests/system/coverage/prereq.sh vendored
View File

@ -14,4 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
exec sh ../testcrypto.sh
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
exec $SHELL ../testcrypto.sh

2
external/bsd/bind/dist/bin/tests/system/coverage/setup.sh vendored
View File

@ -19,7 +19,7 @@ SYSTEMTESTTOP=..
KEYGEN="$KEYGEN -qr $RANDFILE"
sh clean.sh
$SHELL clean.sh
ln -s $CHECKZONE named-compilezone

10
external/bsd/bind/dist/bin/tests/system/dlv/ns1/sign.sh vendored
View File

@ -14,15 +14,13 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# Id: sign.sh,v 1.3 2011/05/26 23:47:28 tbox Exp
(cd ../ns2 && sh -e ./sign.sh || exit 1)
echo "I:dlv/ns1/sign.sh"
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
(cd ../ns2 && $SHELL -e ./sign.sh || exit 1)
echo "I:dlv/ns1/sign.sh"
zone=.
infile=root.db.in
zonefile=root.db

Some files were not shown because too many files have changed in this diff Show More