Commit Diff
Diff:
2e6231e3bcf01c52139a2ee43e794c8b4a3466bc
96ccbbb75032b33f0c49666f7f9cc8dc8faf0303
Commit:
96ccbbb75032b33f0c49666f7f9cc8dc8faf0303
Tree:
4c4d05b1bd057fd2de41fd89339bf1c6c1ce76b3
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Fri Mar 6 14:12:33 2020 UTC
Message:
add a usage help and manpage for -R keyword in dddctl sign. Mention that the default method is 'prep'.
blob - f08c066b766e956f114979c9ea12b585e86d74e9
blob + 932b222ff35e0178868804b99814064679319e26
--- dddctl.8
+++ dddctl.8
@@ -1,9 +1,9 @@
-.\" $Id: dddctl.8,v 1.11 2019/12/27 16:16:49 pjp Exp $
+.\" $Id: dddctl.8,v 1.12 2020/03/06 14:12:33 pjp Exp $
.\" In parts copyright (template) by:
.\"
.\" $OpenBSD: vmctl.8,v 1.39 2018/02/24 13:14:09 jmc Exp $
.\"
-.\" Copyright (c) 2018-2019 Peter J. Philipp
+.\" Copyright (c) 2018-2020 Peter J. Philipp
.\" Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
@@ -18,7 +18,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: December 27 2019 $
+.Dd $Mdocdate: March 6 2020 $
.Dt DDDCTL 8
.Os
.Sh NAME
@@ -97,6 +97,7 @@ type is omitted because it's always type 'hmac-sha256'
.Op Fl m Ar mask
.Op Fl n Ar zonename
.Op Fl o Ar output
+.Op Fl R Ar keyword
.Op Fl S Ar pid
.Op Fl s Ar salt
.Op Fl t Ar ttl
@@ -129,6 +130,10 @@ run the following masked functions (used for debug).
run for zonename zone.
.It Fl o Ar output
output to file, may be '-' for stdout.
+.It Fl R Ar keyword
+chooses a roll-over method. Current keywords are 'prep' and 'double' for
+Pre Publication Rollover Method or Double-Signature Rollover method
+respectively. Default is 'prep'.
.It Fl S Ar pid
sign with this pid ('KSK' or 'ZSK' if used in conjunction with [-ZK]).
.It Fl s Ar salt
blob - b87a1bc3699e3838e4b3e88c57c381672d45afe5
blob + 64a357b079400f97b30446b7c702d5db71c34f27
--- dddctl.c
+++ dddctl.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: dddctl.c,v 1.102 2020/03/04 17:39:18 pjp Exp $
+ * $Id: dddctl.c,v 1.103 2020/03/06 14:12:34 pjp Exp $
*/
#include <sys/param.h>
@@ -6661,7 +6661,7 @@ usage(int argc, char *argv[])
int retval = 0;
if (argc == 2 && strcmp(argv[1], "sign") == 0) {
- fprintf(stderr, "usage: dddctl sign [-KXZ] [-a algorithm] [-B bits] [-e seconds] [-I iterations] [-i inputfile] [-k KSK] [-m mask] [-n zonename] [-o output] [-S pid] [-s salt] [-t ttl] [-x serial] [-z ZSK]\n");
+ fprintf(stderr, "usage: dddctl sign [-KXZ] [-a algorithm] [-B bits] [-e seconds] [-I iterations] [-i inputfile] [-k KSK] [-m mask] [-n zonename] [-o output] [-R keyword] [-S pid] [-s salt] [-t ttl] [-x serial] [-z ZSK]\n");
fprintf(stderr, "\t-K\t\tcreate a new KSK key.\n");
fprintf(stderr, "\t-X\t\tupdate the serial to YYYYMMDD01.\n");
fprintf(stderr, "\t-Z\t\tcreate a new ZSK key.\n");
@@ -6674,6 +6674,7 @@ usage(int argc, char *argv[])
fprintf(stderr, "\t-m mask\t\trun the following masked functions\n");
fprintf(stderr, "\t-n zonename\trun for zonename zone\n");
fprintf(stderr, "\t-o output\toutput to file, may be '-' for stdout\n");
+ fprintf(stderr, "\t-R keyword\tSpecify key roll-over method (prep or double)\n");
fprintf(stderr, "\t-S pid\t\tsign with this pid ('KSK' or 'ZSK' if used in\n\t\t\tconjunction with [-ZK])\n");
fprintf(stderr, "\t-s salt\t\tsalt for NSEC3 (in hexadecimal)\n");
fprintf(stderr, "\t-t ttl\t\ttime-to-live for dnskey's\n");
@@ -6701,7 +6702,7 @@ usage(int argc, char *argv[])
fprintf(stderr, "\tconfigtest [-cn] [configfile]\n");
fprintf(stderr, "\tquery [-DITZ] [-@ server] [-P port] [-p file] [-Q server]\n\t\t[-y keyname:password] name command\n");
fprintf(stderr, "\thelp [command]\n");
- fprintf(stderr, "\tsign [-KXZ] [-a algorithm] [-B bits] [-e seconds]\n\t\t[-I iterations] [-i inputfile] [-k KSK] [-m mask] [-n zonename]\n\t\t[-o output] [-S pid] [-s salt] [-t ttl] [-x serial] [-z ZSK]\n");
+ fprintf(stderr, "\tsign [-KXZ] [-a algorithm] [-B bits] [-e seconds]\n\t\t[-I iterations] [-i inputfile] [-k KSK] [-m mask]\n\t\t[-n zonename] [-o output] [-R keyword] [-S pid] [-s salt]\n\t\t[-t ttl] [-x serial] [-z ZSK]\n");
fprintf(stderr, "\tsshfp hostname [-k keyfile] [-t ttl]\n");
fprintf(stderr, "\tstart [-f configfile] [-s socket]\n");
fprintf(stderr, "\tstop [-s socket]\n");
repomaster@centroid.eu