diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2017-02-03 13:01:00 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2017-02-03 13:01:00 +0000 |
| commit | c6342fe2e90510d8d2296423f2ca92818a7b3d18 (patch) | |
| tree | 0cc9064980c804a7bf5cc6d96c9249950c7e56a9 /examples/ldns-signzone.c | |
| parent | 65be028f32ed37dce84f6328d4a7172132c8c224 (diff) | |
| download | src-c6342fe2e90510d8d2296423f2ca92818a7b3d18.tar.gz src-c6342fe2e90510d8d2296423f2ca92818a7b3d18.zip | |
import ldns 1.7.0vendor/ldns/1.7.0vendor/ldns
Notes
Notes:
svn path=/vendor/ldns/dist/; revision=313156
svn path=/vendor/ldns/1.7.0/; revision=313157; tag=vendor/ldns/1.7.0
Diffstat (limited to 'examples/ldns-signzone.c')
| -rw-r--r-- | examples/ldns-signzone.c | 33 |
1 files changed, 7 insertions, 26 deletions
diff --git a/examples/ldns-signzone.c b/examples/ldns-signzone.c index ffdd3c03cd24..2adc94317966 100644 --- a/examples/ldns-signzone.c +++ b/examples/ldns-signzone.c @@ -39,6 +39,7 @@ usage(FILE *fp, const char *prog) { fprintf(fp, " -o <domain>\torigin for the zone\n"); fprintf(fp, " -v\t\tprint version and exit\n"); fprintf(fp, " -A\t\tsign DNSKEY with all keys instead of minimal\n"); + fprintf(fp, " -U\t\tSign with every unique algorithm in the provided keys\n"); fprintf(fp, " -E <name>\tuse <name> as the crypto engine for signing\n"); fprintf(fp, " \tThis can have a lot of extra options, see the manual page for more info\n"); fprintf(fp, " -k <id>,<int>\tuse key id with algorithm int from engine\n"); @@ -287,29 +288,6 @@ find_or_create_pubkey(const char *keyfile_name_base, ldns_key *key, ldns_zone *o } } -void -strip_dnssec_records(ldns_zone *zone) -{ - ldns_rr_list *new_list; - ldns_rr *cur_rr; - - new_list = ldns_rr_list_new(); - - while ((cur_rr = ldns_rr_list_pop_rr(ldns_zone_rrs(zone)))) { - if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_RRSIG || - ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_NSEC || - ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_NSEC3 - ) { - - ldns_rr_free(cur_rr); - } else { - ldns_rr_list_push_rr(new_list, cur_rr); - } - } - ldns_rr_list_free(ldns_zone_rrs(zone)); - ldns_zone_set_rrs(zone, new_list); -} - int main(int argc, char *argv[]) { @@ -376,9 +354,7 @@ main(int argc, char *argv[]) keys = ldns_key_list_new(); - OPENSSL_config(NULL); - - while ((c = getopt(argc, argv, "a:bde:f:i:k:no:ps:t:vAE:K:")) != -1) { + while ((c = getopt(argc, argv, "a:bde:f:i:k:no:ps:t:vAUE:K:")) != -1) { switch (c) { case 'a': nsec3_algorithm = (uint8_t) atoi(optarg); @@ -473,7 +449,9 @@ main(int argc, char *argv[]) case 'E': ENGINE_load_builtin_engines(); ENGINE_load_dynamic(); +#ifdef HAVE_ENGINE_LOAD_CRYPTODEV ENGINE_load_cryptodev(); +#endif engine = ENGINE_by_id(optarg); if (!engine) { printf("No such engine: %s\n", optarg); @@ -567,6 +545,9 @@ main(int argc, char *argv[]) printf("Not implemented yet\n"); exit(EXIT_FAILURE); break; + case 'U': + signflags |= LDNS_SIGN_WITH_ALL_ALGORITHMS; + break; case 's': if (strlen(optarg) % 2 != 0) { fprintf(stderr, "Salt value is not valid hex data, not a multiple of 2 characters\n"); |