upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-26 00:30:05 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

regenerate doc

Browse source
This commit is contained in:
Tinderbox User 2018-05-21 19:59:10 +00:00
parent df4df8e0d5
commit 9536688b37
127 changed files with 904 additions and 820 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
HISTORY
View file

@ -522,4 +522,3 @@ BIND 9.2.0
DNSSEC implementation is still considered experimental. For detailed
information about the state of the DNSSEC implementation, see the file
doc/misc/dnssec.

1
OPTIONS
View file

@ -24,4 +24,3 @@ Setting Description
may be useful when debugging
-DISC_HEAP_CHECK Test heap consistency after every heap
operation; used when debugging

4
bin/check/named-checkconf.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2000-2002, 2004, 2005, 2007, 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002, 2004, 2005, 2007, 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -136,5 +136,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2000-2002, 2004, 2005, 2007, 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2000-2002, 2004, 2005, 2007, 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/check/named-checkconf.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2000-2002, 2004, 2005, 2007, 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002, 2004, 2005, 2007, 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/check/named-checkzone.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2000-2002, 2004-2007, 2009-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002, 2004-2007, 2009-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -325,5 +325,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2000-2002, 2004-2007, 2009-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2000-2002, 2004-2007, 2009-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/check/named-checkzone.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2000-2002, 2004-2007, 2009-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002, 2004-2007, 2009-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

17
bin/confgen/ddns-confgen.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -39,7 +39,7 @@
ddns-confgen \- ddns key generation tool
.SH "SYNOPSIS"
.HP \w'\fBtsig\-keygen\fR\ 'u
\fBtsig\-keygen\fR [\fB\-a\ \fR\fB\fIalgorithm\fR\fR] [\fB\-h\fR] [\fB\-r\ \fR\fB\fIrandomfile\fR\fR] [name]
\fBtsig\-keygen\fR [\fB\-a\ \fR\fB\fIalgorithm\fR\fR] [\fB\-h\fR] [name]
.HP \w'\fBddns\-confgen\fR\ 'u
\fBddns\-confgen\fR [\fB\-a\ \fR\fB\fIalgorithm\fR\fR] [\fB\-h\fR] [\fB\-k\ \fR\fB\fIkeyname\fR\fR] [\fB\-q\fR] [\fB\-r\ \fR\fB\fIrandomfile\fR\fR] [\-s\ \fIname\fR | \-z\ \fIzone\fR]
.SH "DESCRIPTION"
@ -109,17 +109,6 @@ only\&.) Quiet mode: Print only the key, with no explanatory text or usage examp
\fBtsig\-keygen\fR\&.
.RE
.PP
\-r \fIrandomfile\fR
.RS 4
Specifies a source of random data for generating the authorization\&. If the operating system does not provide a
/dev/random
or equivalent device, the default source of randomness is keyboard input\&.
randomdev
specifies the name of a character device or file containing random data to be used instead of the default\&. The special value
keyboard
indicates that keyboard input should be used\&.
.RE
.PP
\-s \fIname\fR
.RS 4
(\fBddns\-confgen\fR
@ -155,5 +144,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

17
bin/confgen/ddns-confgen.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
@ -35,7 +35,6 @@
<code class="command">tsig-keygen</code>
[<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>]
[<code class="option">-h</code>]
[<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>]
[name]
</p></div>
<div class="cmdsynopsis"><p>
@ -136,20 +135,6 @@
This is essentially identical to <span class="command"><strong>tsig-keygen</strong></span>.
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
<dd>
<p>
Specifies a source of random data for generating the
authorization. If the operating system does not provide a
<code class="filename">/dev/random</code> or equivalent device, the
default source of randomness is keyboard input.
<code class="filename">randomdev</code> specifies the name of a
character device or file containing random data to be used
instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard input
should be used.
</p>
</dd>
<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
<dd>
<p>

17
bin/confgen/rndc-confgen.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2001, 2003-2005, 2007, 2009, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2001, 2003-2005, 2007, 2009, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -39,7 +39,7 @@
rndc-confgen \- rndc key generation tool
.SH "SYNOPSIS"
.HP \w'\fBrndc\-confgen\fR\ 'u
\fBrndc\-confgen\fR [\fB\-a\fR] [\fB\-A\ \fR\fB\fIalgorithm\fR\fR] [\fB\-b\ \fR\fB\fIkeysize\fR\fR] [\fB\-c\ \fR\fB\fIkeyfile\fR\fR] [\fB\-h\fR] [\fB\-k\ \fR\fB\fIkeyname\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-r\ \fR\fB\fIrandomfile\fR\fR] [\fB\-s\ \fR\fB\fIaddress\fR\fR] [\fB\-t\ \fR\fB\fIchrootdir\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR]
\fBrndc\-confgen\fR [\fB\-a\fR] [\fB\-A\ \fR\fB\fIalgorithm\fR\fR] [\fB\-b\ \fR\fB\fIkeysize\fR\fR] [\fB\-c\ \fR\fB\fIkeyfile\fR\fR] [\fB\-h\fR] [\fB\-k\ \fR\fB\fIkeyname\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\ \fR\fB\fIaddress\fR\fR] [\fB\-t\ \fR\fB\fIchrootdir\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR]
.SH "DESCRIPTION"
.PP
\fBrndc\-confgen\fR
@ -147,17 +147,6 @@ listens for connections from
\fBrndc\fR\&. The default is 953\&.
.RE
.PP
\-r \fIrandomfile\fR
.RS 4
Specifies a source of random data for generating the authorization\&. If the operating system does not provide a
/dev/random
or equivalent device, the default source of randomness is keyboard input\&.
randomdev
specifies the name of a character device or file containing random data to be used instead of the default\&. The special value
keyboard
indicates that keyboard input should be used\&.
.RE
.PP
\-s \fIaddress\fR
.RS 4
Specifies the IP address where
@ -217,5 +206,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2001, 2003-2005, 2007, 2009, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2001, 2003-2005, 2007, 2009, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
.br

18
bin/confgen/rndc-confgen.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2001, 2003-2005, 2007, 2009, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2001, 2003-2005, 2007, 2009, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
@ -40,7 +40,6 @@
[<code class="option">-h</code>]
[<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>]
[<code class="option">-p <em class="replaceable"><code>port</code></em></code>]
[<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>]
[<code class="option">-s <em class="replaceable"><code>address</code></em></code>]
[<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>]
[<code class="option">-u <em class="replaceable"><code>user</code></em></code>]
@ -154,21 +153,6 @@
The default is 953.
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
<dd>
<p>
Specifies a source of random data for generating the
authorization. If the operating
system does not provide a <code class="filename">/dev/random</code>
or equivalent device, the default source of randomness
is keyboard input. <code class="filename">randomdev</code>
specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard
input should be used.
</p>
</dd>
<dt><span class="term">-s <em class="replaceable"><code>address</code></em></span></dt>
<dd>
<p>

4
bin/delv/delv.1
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2014-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -437,5 +437,5 @@ RFC5155\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2014-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/delv/delv.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2014-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

34
bin/dig/dig.1
View file

@ -176,7 +176,7 @@ using the command\-line interface\&.
.PP
\-i
.RS 4
Do reverse IPv6 lookups using the obsolete RFC1886 IP6\&.INT domain, which is no longer in use\&. Obsolete bit string label queries (RFC2874) are not attempted\&.
Do reverse IPv6 lookups using the obsolete RFC 1886 IP6\&.INT domain, which is no longer in use\&. Obsolete bit string label queries (RFC 2874) are not attempted\&.
.RE
.PP
\-k \fIkeyfile\fR
@ -210,13 +210,15 @@ from other arguments\&.
.PP
\-t \fItype\fR
.RS 4
The resource record type to query\&. It can be any valid query type which is supported in BIND 9\&. The default query type is "A", unless the
The resource record type to query\&. It can be any valid query type\&. If it is a resource record type supported in BIND 9, it can be given by the type mnemonic (such as "NS" or "AAAA")\&. The default query type is "A", unless the
\fB\-x\fR
option is supplied to indicate a reverse lookup\&. A zone transfer can be requested by specifying a type of AXFR\&. When an incremental zone transfer (IXFR) is required, set the
\fItype\fR
to
ixfr=N\&. The incremental zone transfer will contain the changes made to the zone since the serial number in the zone\*(Aqs SOA record was
\fIN\fR\&.
.sp
All resource record types can be expressed as "TYPEnn", where "nn" is the number of the type\&. If the resource record type is not supported in BIND 9, the result will be displayed as described in RFC 3597\&.
.RE
.PP
\-u
@ -464,6 +466,11 @@ Show [or do not show] the IP address and port number that supplied the answer wh
option is enabled\&. If short form answers are requested, the default is not to show the source address and port number of the server that provided the answer\&.
.RE
.PP
\fB+[no]idnin\fR
.RS 4
Process [do not process] IDN domain names on input\&. This requires IDN SUPPORT to have been enabled at compile time\&. The default is to process IDN input\&.
.RE
.PP
\fB+[no]idnout\fR
.RS 4
Convert [do not convert] puny code on output\&. This requires IDN SUPPORT to have been enabled at compile time\&. The default is to convert output\&.
@ -525,7 +532,7 @@ Include an EDNS name server ID request when sending a query\&.
.RS 4
When this option is set,
\fBdig\fR
attempts to find the authoritative name servers for the zone containing the name being looked up and display the SOA record that each name server has for the zone\&.
attempts to find the authoritative name servers for the zone containing the name being looked up and display the SOA record that each name server has for the zone\&. Addresses of servers that that did not respond are also printed\&.
.RE
.PP
\fB+[no]onesoa\fR
@ -557,6 +564,11 @@ Print [do not print] the query as it is sent\&. By default, the query is not pri
Print [do not print] the question section of a query when an answer is returned\&. The default is to print the question section as a comment\&.
.RE
.PP
\fB+[no]raflag\fR
.RS 4
Set [do not set] the RA (Recursion Available) bit in the query\&. The default is +noraflag\&. This bit should be ignored by the server for QUERY\&.
.RE
.PP
\fB+[no]rdflag\fR
.RS 4
A synonym for
@ -646,6 +658,11 @@ for short, sends an EDNS CLIENT\-SUBNET option with an empty address and a sourc
be used when resolving this query\&.
.RE
.PP
\fB+[no]tcflag\fR
.RS 4
Set [do not set] the TC (TrunCation) bit in the query\&. The default is +notcflag\&. This bit should be ignored by the server for QUERY\&.
.RE
.PP
\fB+[no]tcp\fR
.RS 4
Use [do not use] TCP when querying name servers\&. The default behavior is to use UDP unless a type
@ -775,11 +792,10 @@ If
\fBdig\fR
has been built with IDN (internationalized domain name) support, it can accept and display non\-ASCII domain names\&.
\fBdig\fR
appropriately converts character encoding of domain name before sending a request to DNS server or displaying a reply from the server\&. If you\*(Aqd like to turn off the IDN support for some reason, defines the
\fBIDN_DISABLE\fR
environment variable\&. The IDN support is disabled if the variable is set when
\fBdig\fR
runs\&.
appropriately converts character encoding of domain name before sending a request to DNS server or displaying a reply from the server\&. If you\*(Aqd like to turn off the IDN support for some reason, use parameters
\fI+noidnin\fR
and
\fI+noidnout\fR\&.
.SH "FILES"
.PP
/etc/resolv\&.conf
@ -791,7 +807,7 @@ ${HOME}/\&.digrc
\fBhost\fR(1),
\fBnamed\fR(8),
\fBdnssec-keygen\fR(8),
RFC1035\&.
RFC 1035\&.
.SH "BUGS"
.PP
There are probably too many query options\&.

69
bin/dig/dig.html
View file

@ -230,9 +230,9 @@
<dt><span class="term">-i</span></dt>
<dd>
<p>
Do reverse IPv6 lookups using the obsolete RFC1886 IP6.INT
Do reverse IPv6 lookups using the obsolete RFC 1886 IP6.INT
domain, which is no longer in use. Obsolete bit string
label queries (RFC2874) are not attempted.
label queries (RFC 2874) are not attempted.
</p>
</dd>
<dt><span class="term">-k <em class="replaceable"><code>keyfile</code></em></span></dt>
@ -277,11 +277,12 @@
<dt><span class="term">-t <em class="replaceable"><code>type</code></em></span></dt>
<dd>
<p>
The resource record type to query. It can be any valid query type
which is
supported in BIND 9. The default query type is "A", unless the
<code class="option">-x</code> option is supplied to indicate a reverse lookup.
A zone transfer can be requested by specifying a type of AXFR. When
The resource record type to query. It can be any valid query
type. If it is a resource record type supported in BIND 9, it
can be given by the type mnemonic (such as "NS" or "AAAA").
The default query type is "A", unless the <code class="option">-x</code>
option is supplied to indicate a reverse lookup. A zone
transfer can be requested by specifying a type of AXFR. When
an incremental zone transfer (IXFR) is required, set the
<em class="parameter"><code>type</code></em> to <code class="literal">ixfr=N</code>.
The incremental zone transfer will contain the changes
@ -289,6 +290,12 @@
record was
<em class="parameter"><code>N</code></em>.
</p>
<p>
All resource record types can be expressed as "TYPEnn", where
"nn" is the number of the type. If the resource record type is
not supported in BIND 9, the result will be displayed as
described in RFC 3597.
</p>
</dd>
<dt><span class="term">-u</span></dt>
<dd>
@ -619,6 +626,14 @@
server that provided the answer.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]idnin</code></span></dt>
<dd>
<p>
Process [do not process] IDN domain names on input.
This requires IDN SUPPORT to have been enabled at
compile time. The default is to process IDN input.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]idnout</code></span></dt>
<dd>
<p>
@ -695,7 +710,8 @@
attempts to find the authoritative name servers for
the zone containing the name being looked up and
display the SOA record that each name server has for
the zone.
the zone. Addresses of servers that that did not
respond are also printed.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]onesoa</code></span></dt>
@ -742,6 +758,14 @@
the question section as a comment.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]raflag</code></span></dt>
<dd>
<p>
Set [do not set] the RA (Recursion Available) bit in
the query. The default is +noraflag. This bit should
be ignored by the server for QUERY.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]rdflag</code></span></dt>
<dd>
<p>
@ -811,7 +835,7 @@
<dd>
<p>
This feature is now obsolete and has been removed;
use <span class="command"><strong>delv</strong></span> instead.
use <span class="command"><strong>delv</strong></span> instead.
</p>
</dd>
<dt><span class="term"><code class="option">+split=W</code></span></dt>
@ -852,6 +876,14 @@
this query.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]tcflag</code></span></dt>
<dd>
<p>
Set [do not set] the TC (TrunCation) bit in the query.
The default is +notcflag. This bit should be ignored
by the server for QUERY.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]tcp</code></span></dt>
<dd>
<p>
@ -878,8 +910,8 @@
<dd>
<p>
This feature is related to <span class="command"><strong>dig +sigchase</strong></span>,
which is obsolete and has been removed. Use
<span class="command"><strong>delv</strong></span> instead.
which is obsolete and has been removed. Use
<span class="command"><strong>delv</strong></span> instead.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]trace</code></span></dt>
@ -915,9 +947,9 @@
<dd>
<p>
Formerly specified trusted keys for use with
<span class="command"><strong>dig +sigchase</strong></span>. This feature is now
obsolete and has been removed; use
<span class="command"><strong>delv</strong></span> instead.
<span class="command"><strong>dig +sigchase</strong></span>. This feature is now
obsolete and has been removed; use
<span class="command"><strong>delv</strong></span> instead.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]ttlid</code></span></dt>
@ -1027,10 +1059,9 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
<span class="command"><strong>dig</strong></span> appropriately converts character encoding of
domain name before sending a request to DNS server or displaying a
reply from the server.
If you'd like to turn off the IDN support for some reason, defines
the <code class="envar">IDN_DISABLE</code> environment variable.
The IDN support is disabled if the variable is set when
<span class="command"><strong>dig</strong></span> runs.
If you'd like to turn off the IDN support for some reason, use
parameters <em class="parameter"><code>+noidnin</code></em> and
<em class="parameter"><code>+noidnout</code></em>.
</p>
</div>
@ -1058,7 +1089,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
<span class="citerefentry">
<span class="refentrytitle">dnssec-keygen</span>(8)
</span>,
<em class="citetitle">RFC1035</em>.
<em class="citetitle">RFC 1035</em>.
</p>
</div>

4
bin/dig/host.1
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2000-2002, 2004, 2005, 2007-2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002, 2004, 2005, 2007-2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -274,5 +274,5 @@ runs\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2000-2002, 2004, 2005, 2007-2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2000-2002, 2004, 2005, 2007-2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/dig/host.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2000-2002, 2004, 2005, 2007-2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002, 2004, 2005, 2007-2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/dig/nslookup.1
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2004-2007, 2010, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2004-2007, 2010, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -290,5 +290,5 @@ returns with an exit status of 1 if any query failed, and 0 otherwise\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2004-2007, 2010, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2004-2007, 2010, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/dig/nslookup.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2004-2007, 2010, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2004-2007, 2010, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/dnssec/dnssec-dsfromkey.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2008-2012, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2008-2012, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -178,5 +178,5 @@ RFC 4509\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2008-2012, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2008-2012, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/dnssec/dnssec-dsfromkey.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2008-2012, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2008-2012, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/dnssec/dnssec-importkey.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2013-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -134,5 +134,5 @@ RFC 5011\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2013-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/dnssec/dnssec-importkey.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2013-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/dnssec/dnssec-keyfromlabel.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2008-2012, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2008-2012, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -307,5 +307,5 @@ The PKCS#11 URI Scheme (draft\-pechanec\-pkcs11uri\-13)\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2008-2012, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2008-2012, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/dnssec/dnssec-keyfromlabel.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2008-2012, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2008-2012, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

17
bin/dnssec/dnssec-keygen.8
View file

@ -39,7 +39,7 @@
dnssec-keygen \- DNSSEC key generation tool
.SH "SYNOPSIS"
.HP \w'\fBdnssec\-keygen\fR\ 'u
\fBdnssec\-keygen\fR [\fB\-a\ \fR\fB\fIalgorithm\fR\fR] [\fB\-b\ \fR\fB\fIkeysize\fR\fR] [\fB\-n\ \fR\fB\fInametype\fR\fR] [\fB\-3\fR] [\fB\-A\ \fR\fB\fIdate/offset\fR\fR] [\fB\-C\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-D\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-f\ \fR\fB\fIflag\fR\fR] [\fB\-G\fR] [\fB\-g\ \fR\fB\fIgenerator\fR\fR] [\fB\-h\fR] [\fB\-I\ \fR\fB\fIdate/offset\fR\fR] [\fB\-i\ \fR\fB\fIinterval\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-k\fR] [\fB\-L\ \fR\fB\fIttl\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-P\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-p\ \fR\fB\fIprotocol\fR\fR] [\fB\-q\fR] [\fB\-R\ \fR\fB\fIdate/offset\fR\fR] [\fB\-r\ \fR\fB\fIrandomdev\fR\fR] [\fB\-S\ \fR\fB\fIkey\fR\fR] [\fB\-s\ \fR\fB\fIstrength\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-V\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-z\fR] {name}
\fBdnssec\-keygen\fR [\fB\-a\ \fR\fB\fIalgorithm\fR\fR] [\fB\-b\ \fR\fB\fIkeysize\fR\fR] [\fB\-n\ \fR\fB\fInametype\fR\fR] [\fB\-3\fR] [\fB\-A\ \fR\fB\fIdate/offset\fR\fR] [\fB\-C\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-D\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-f\ \fR\fB\fIflag\fR\fR] [\fB\-G\fR] [\fB\-g\ \fR\fB\fIgenerator\fR\fR] [\fB\-h\fR] [\fB\-I\ \fR\fB\fIdate/offset\fR\fR] [\fB\-i\ \fR\fB\fIinterval\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-k\fR] [\fB\-L\ \fR\fB\fIttl\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-P\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-p\ \fR\fB\fIprotocol\fR\fR] [\fB\-q\fR] [\fB\-R\ \fR\fB\fIdate/offset\fR\fR] [\fB\-S\ \fR\fB\fIkey\fR\fR] [\fB\-s\ \fR\fB\fIstrength\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-V\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-z\fR] {name}
.SH "DESCRIPTION"
.PP
\fBdnssec\-keygen\fR
@ -178,21 +178,6 @@ stderr
indicating the progress of the key generation\&. A \*(Aq\&.\*(Aq indicates that a random number has been found which passed an initial sieve test; \*(Aq+\*(Aq means a number has passed a single round of the Miller\-Rabin primality test; a space means that the number has passed all the tests and is a satisfactory key\&.
.RE
.PP
\-r \fIrandomdev\fR
.RS 4
Specifies a source of randomness\&. Normally, when generating DNSSEC keys, this option has no effect; the random number generation function provided by the cryptographic library will be used\&.
.sp
If that behavior is disabled at compile time, however, the specified file will be used as entropy source for key generation\&.
randomdev
is the name of a character device or file containing random data to be used\&. The special value
keyboard
indicates that keyboard input should be used\&.
.sp
The default is
/dev/random
if the operating system provides it or an equivalent device; if not, the default source of randomness is keyboard input\&.
.RE
.PP
\-S \fIkey\fR
.RS 4
Create a new key which is an explicit successor to an existing key\&. The name, algorithm, size, and type of the key will be set to match the existing key\&. The activation date of the new key will be set to the inactivation date of the existing one\&. The publication date will be set to the activation date minus the prepublication interval, which defaults to 30 days\&.

23
bin/dnssec/dnssec-keygen.html
View file

@ -57,7 +57,6 @@
[<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>]
[<code class="option">-q</code>]
[<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>]
[<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>]
[<code class="option">-S <em class="replaceable"><code>key</code></em></code>]
[<code class="option">-s <em class="replaceable"><code>strength</code></em></code>]
[<code class="option">-t <em class="replaceable"><code>type</code></em></code>]
@ -279,28 +278,6 @@
a satisfactory key.
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd>
<p>
Specifies a source of randomness. Normally, when generating
DNSSEC keys, this option has no effect; the random number
generation function provided by the cryptographic library will
be used.
</p>
<p>
If that behavior is disabled at compile time, however,
the specified file will be used as entropy source
for key generation. <code class="filename">randomdev</code> is
the name of a character device or file containing random
data to be used. The special value <code class="filename">keyboard</code>
indicates that keyboard input should be used.
</p>
<p>
The default is <code class="filename">/dev/random</code> if the
operating system provides it or an equivalent device;
if not, the default source of randomness is keyboard input.
</p>
</dd>
<dt><span class="term">-S <em class="replaceable"><code>key</code></em></span></dt>
<dd>
<p>

4
bin/dnssec/dnssec-revoke.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009, 2011, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2011, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -99,5 +99,5 @@ RFC 5011\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009, 2011, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2011, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/dnssec/dnssec-revoke.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009, 2011, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2011, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/dnssec/dnssec-settime.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009-2011, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009-2011, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -200,5 +200,5 @@ RFC 5011\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009-2011, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009-2011, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/dnssec/dnssec-settime.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009-2011, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009-2011, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

22
bin/dnssec/dnssec-signzone.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2000-2009, 2011-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2009, 2011-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -39,7 +39,7 @@
dnssec-signzone \- DNSSEC zone signing tool
.SH "SYNOPSIS"
.HP \w'\fBdnssec\-signzone\fR\ 'u
\fBdnssec\-signzone\fR [\fB\-a\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-d\ \fR\fB\fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-e\ \fR\fB\fIend\-time\fR\fR] [\fB\-f\ \fR\fB\fIoutput\-file\fR\fR] [\fB\-g\fR] [\fB\-h\fR] [\fB\-i\ \fR\fB\fIinterval\fR\fR] [\fB\-I\ \fR\fB\fIinput\-format\fR\fR] [\fB\-j\ \fR\fB\fIjitter\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-k\ \fR\fB\fIkey\fR\fR] [\fB\-L\ \fR\fB\fIserial\fR\fR] [\fB\-l\ \fR\fB\fIdomain\fR\fR] [\fB\-M\ \fR\fB\fImaxttl\fR\fR] [\fB\-N\ \fR\fB\fIsoa\-serial\-format\fR\fR] [\fB\-o\ \fR\fB\fIorigin\fR\fR] [\fB\-O\ \fR\fB\fIoutput\-format\fR\fR] [\fB\-P\fR] [\fB\-p\fR] [\fB\-Q\fR] [\fB\-R\fR] [\fB\-r\ \fR\fB\fIrandomdev\fR\fR] [\fB\-S\fR] [\fB\-s\ \fR\fB\fIstart\-time\fR\fR] [\fB\-T\ \fR\fB\fIttl\fR\fR] [\fB\-t\fR] [\fB\-u\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-V\fR] [\fB\-X\ \fR\fB\fIextended\ end\-time\fR\fR] [\fB\-x\fR] [\fB\-z\fR] [\fB\-3\ \fR\fB\fIsalt\fR\fR] [\fB\-H\ \fR\fB\fIiterations\fR\fR] [\fB\-A\fR] {zonefile} [key...]
\fBdnssec\-signzone\fR [\fB\-a\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-d\ \fR\fB\fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-e\ \fR\fB\fIend\-time\fR\fR] [\fB\-f\ \fR\fB\fIoutput\-file\fR\fR] [\fB\-g\fR] [\fB\-h\fR] [\fB\-i\ \fR\fB\fIinterval\fR\fR] [\fB\-I\ \fR\fB\fIinput\-format\fR\fR] [\fB\-j\ \fR\fB\fIjitter\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-k\ \fR\fB\fIkey\fR\fR] [\fB\-L\ \fR\fB\fIserial\fR\fR] [\fB\-l\ \fR\fB\fIdomain\fR\fR] [\fB\-M\ \fR\fB\fImaxttl\fR\fR] [\fB\-N\ \fR\fB\fIsoa\-serial\-format\fR\fR] [\fB\-o\ \fR\fB\fIorigin\fR\fR] [\fB\-O\ \fR\fB\fIoutput\-format\fR\fR] [\fB\-P\fR] [\fB\-Q\fR] [\fB\-R\fR] [\fB\-S\fR] [\fB\-s\ \fR\fB\fIstart\-time\fR\fR] [\fB\-T\ \fR\fB\fIttl\fR\fR] [\fB\-t\fR] [\fB\-u\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-V\fR] [\fB\-X\ \fR\fB\fIextended\ end\-time\fR\fR] [\fB\-x\fR] [\fB\-z\fR] [\fB\-3\ \fR\fB\fIsalt\fR\fR] [\fB\-H\ \fR\fB\fIiterations\fR\fR] [\fB\-A\fR] {zonefile} [key...]
.SH "DESCRIPTION"
.PP
\fBdnssec\-signzone\fR
@ -278,11 +278,6 @@ specifies the format version of the raw zone file: if N is 0, the raw file can b
\fBnamed\fR; if N is 1, the file can be read by release 9\&.9\&.0 or higher; the default is 1\&.
.RE
.PP
\-p
.RS 4
Use pseudo\-random data when signing the zone\&. This is faster, but less secure, than using real random data\&. This option may be useful when signing large zones or when the entropy source is limited\&.
.RE
.PP
\-P
.RS 4
Disable post sign verification tests\&.
@ -311,17 +306,6 @@ This option is similar to
to signatures from keys that are no longer published\&. This enables ZSK rollover using the procedure described in RFC 4641, section 4\&.2\&.1\&.2 ("Double Signature Zone Signing Key Rollover")\&.
.RE
.PP
\-r \fIrandomdev\fR
.RS 4
Specifies the source of randomness\&. If the operating system does not provide a
/dev/random
or equivalent device, the default source of randomness is keyboard input\&.
randomdev
specifies the name of a character device or file containing random data to be used instead of the default\&. The special value
keyboard
indicates that keyboard input should be used\&.
.RE
.PP
\-S
.RS 4
Smart signing: Instructs
@ -484,5 +468,5 @@ RFC 4641\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2000-2009, 2011-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2000-2009, 2011-2018 Internet Systems Consortium, Inc. ("ISC")
.br

18
bin/dnssec/dnssec-signzone.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2000-2009, 2011-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2009, 2011-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
@ -54,10 +54,8 @@
[<code class="option">-o <em class="replaceable"><code>origin</code></em></code>]
[<code class="option">-O <em class="replaceable"><code>output-format</code></em></code>]
[<code class="option">-P</code>]
[<code class="option">-p</code>]
[<code class="option">-Q</code>]
[<code class="option">-R</code>]
[<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>]
[<code class="option">-S</code>]
[<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>]
[<code class="option">-T <em class="replaceable"><code>ttl</code></em></code>]
@ -444,20 +442,6 @@
("Double Signature Zone Signing Key Rollover").
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd>
<p>
Specifies the source of randomness. If the operating
system does not provide a <code class="filename">/dev/random</code>
or equivalent device, the default source of randomness
is keyboard input. <code class="filename">randomdev</code>
specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard
input should be used.
</p>
</dd>
<dt><span class="term">-S</span></dt>
<dd>
<p>

4
bin/dnssec/dnssec-verify.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2012, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2012, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -113,5 +113,5 @@ RFC 4033\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2012, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2012, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/dnssec/dnssec-verify.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2012, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2012, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/named/named.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2000, 2001, 2003-2009, 2011, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003-2009, 2011, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -378,5 +378,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2000, 2001, 2003-2009, 2011, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2000, 2001, 2003-2009, 2011, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/named/named.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2000, 2001, 2003-2009, 2011, 2013-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003-2009, 2011, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

17
bin/nsupdate/nsupdate.1
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2000-2012, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2012, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -39,7 +39,7 @@
nsupdate \- Dynamic DNS update utility
.SH "SYNOPSIS"
.HP \w'\fBnsupdate\fR\ 'u
\fBnsupdate\fR [\fB\-d\fR] [\fB\-D\fR] [\fB\-i\fR] [\fB\-L\ \fR\fB\fIlevel\fR\fR] [[\fB\-g\fR] | [\fB\-o\fR] | [\fB\-l\fR] | [\fB\-y\ \fR\fB\fI[hmac:]\fR\fIkeyname:secret\fR\fR] | [\fB\-k\ \fR\fB\fIkeyfile\fR\fR]] [\fB\-t\ \fR\fB\fItimeout\fR\fR] [\fB\-u\ \fR\fB\fIudptimeout\fR\fR] [\fB\-r\ \fR\fB\fIudpretries\fR\fR] [\fB\-R\ \fR\fB\fIrandomdev\fR\fR] [\fB\-v\fR] [\fB\-T\fR] [\fB\-P\fR] [\fB\-V\fR] [[\fB\-4\fR] | [\fB\-6\fR]] [filename]
\fBnsupdate\fR [\fB\-d\fR] [\fB\-D\fR] [\fB\-i\fR] [\fB\-L\ \fR\fB\fIlevel\fR\fR] [[\fB\-g\fR] | [\fB\-o\fR] | [\fB\-l\fR] | [\fB\-y\ \fR\fB\fI[hmac:]\fR\fIkeyname:secret\fR\fR] | [\fB\-k\ \fR\fB\fIkeyfile\fR\fR]] [\fB\-t\ \fR\fB\fItimeout\fR\fR] [\fB\-u\ \fR\fB\fIudptimeout\fR\fR] [\fB\-r\ \fR\fB\fIudpretries\fR\fR] [\fB\-v\fR] [\fB\-T\fR] [\fB\-P\fR] [\fB\-V\fR] [[\fB\-4\fR] | [\fB\-6\fR]] [filename]
.SH "DESCRIPTION"
.PP
\fBnsupdate\fR
@ -160,17 +160,6 @@ option\&.
The number of UDP retries\&. The default is 3\&. If zero, only one update request will be made\&.
.RE
.PP
\-R \fIrandomdev\fR
.RS 4
Where to obtain randomness\&. If the operating system does not provide a
/dev/random
or equivalent device, the default source of randomness is keyboard input\&.
randomdev
specifies the name of a character device or file containing random data to be used instead of the default\&. The special value
keyboard
indicates that keyboard input should be used\&. This option may be specified multiple times\&.
.RE
.PP
\-t \fItimeout\fR
.RS 4
The maximum time an update request can take before it is aborted\&. The default is 300 seconds\&. Zero can be used to disable the timeout\&.
@ -530,5 +519,5 @@ The TSIG key is redundantly stored in two separate files\&. This is a consequenc
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2000-2012, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2000-2012, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.br

16
bin/nsupdate/nsupdate.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2000-2012, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2012, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
@ -46,7 +46,6 @@
[<code class="option">-t <em class="replaceable"><code>timeout</code></em></code>]
[<code class="option">-u <em class="replaceable"><code>udptimeout</code></em></code>]
[<code class="option">-r <em class="replaceable"><code>udpretries</code></em></code>]
[<code class="option">-R <em class="replaceable"><code>randomdev</code></em></code>]
[<code class="option">-v</code>]
[<code class="option">-T</code>]
[<code class="option">-P</code>]
@ -214,19 +213,6 @@
one update request will be made.
</p>
</dd>
<dt><span class="term">-R <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd>
<p>
Where to obtain randomness. If the operating system
does not provide a <code class="filename">/dev/random</code> or
equivalent device, the default source of randomness is keyboard
input. <code class="filename">randomdev</code> specifies the name of
a character device or file containing random data to be used
instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard input
should be used. This option may be specified multiple times.
</p>
</dd>
<dt><span class="term">-t <em class="replaceable"><code>timeout</code></em></span></dt>
<dd>
<p>

4
bin/pkcs11/pkcs11-destroy.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -93,5 +93,5 @@ Specify how long to pause before carrying out key destruction\&. The default is
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/pkcs11/pkcs11-destroy.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/pkcs11/pkcs11-keygen.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -116,5 +116,5 @@ Open the session with the given PKCS#11 slot\&. The default is slot 0\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/pkcs11/pkcs11-keygen.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/pkcs11/pkcs11-list.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -94,5 +94,5 @@ will prompt for it\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/pkcs11/pkcs11-list.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/pkcs11/pkcs11-tokens.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -65,5 +65,5 @@ Make the PKCS#11 libisc initialization verbose\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/pkcs11/pkcs11-tokens.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/python/dnssec-checkds.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2012-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2012-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -87,5 +87,5 @@ binary\&. Used for testing\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2012-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2012-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/python/dnssec-checkds.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2012-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2012-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/python/dnssec-coverage.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2013-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -152,5 +152,5 @@ binary\&. Used for testing\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2013-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/python/dnssec-coverage.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2013-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

15
bin/python/dnssec-keymgr.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2016, 2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2016-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -39,7 +39,7 @@
dnssec-keymgr \- Ensures correct DNSKEY coverage for a zone based on a defined policy
.SH "SYNOPSIS"
.HP \w'\fBdnssec\-keymgr\fR\ 'u
\fBdnssec\-keymgr\fR [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-c\ \fR\fB\fIfile\fR\fR] [\fB\-f\fR] [\fB\-k\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-z\fR] [\fB\-g\ \fR\fB\fIpath\fR\fR] [\fB\-r\ \fR\fB\fIpath\fR\fR] [\fB\-s\ \fR\fB\fIpath\fR\fR] [zone...]
\fBdnssec\-keymgr\fR [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-c\ \fR\fB\fIfile\fR\fR] [\fB\-f\fR] [\fB\-k\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-z\fR] [\fB\-g\ \fR\fB\fIpath\fR\fR] [\fB\-s\ \fR\fB\fIpath\fR\fR] [zone...]
.SH "DESCRIPTION"
.PP
\fBdnssec\-keymgr\fR
@ -123,15 +123,6 @@ and
\fBdnssec\-settime\fR\&.
.RE
.PP
\-r \fIrandomdev\fR
.RS 4
Specifies a path to a file containing random data\&. This is passed to the
\fBdnssec\-keygen\fR
binary using its
\fB\-r\fR
option\&.
.RE
.PP
\-s \fIsettime\-path\fR
.RS 4
Specifies a path to a
@ -297,5 +288,5 @@ Allow configuration of standby keys and use of the REVOKE bit, for keys that use
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2016, 2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2016-2018 Internet Systems Consortium, Inc. ("ISC")
.br

12
bin/python/dnssec-keymgr.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2016, 2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2016-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
@ -41,7 +41,6 @@
[<code class="option">-v</code>]
[<code class="option">-z</code>]
[<code class="option">-g <em class="replaceable"><code>path</code></em></code>]
[<code class="option">-r <em class="replaceable"><code>path</code></em></code>]
[<code class="option">-s <em class="replaceable"><code>path</code></em></code>]
[zone...]
</p></div>
@ -160,15 +159,6 @@
and <span class="command"><strong>dnssec-settime</strong></span>.
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd>
<p>
Specifies a path to a file containing random data.
This is passed to the <span class="command"><strong>dnssec-keygen</strong></span> binary
using its <code class="option">-r</code> option.
</p>
</dd>
<dt><span class="term">-s <em class="replaceable"><code>settime-path</code></em></span></dt>
<dd>
<p>

4
bin/rndc/rndc.conf.5
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2000, 2001, 2004, 2005, 2007, 2013-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2004, 2005, 2007, 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -230,5 +230,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2000, 2001, 2004, 2005, 2007, 2013-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2000, 2001, 2004, 2005, 2007, 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/rndc/rndc.conf.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2000, 2001, 2004, 2005, 2007, 2013-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2004, 2005, 2007, 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/tools/arpaname.1
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -52,5 +52,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/tools/arpaname.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2014-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/tools/dnstap-read.1
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2015-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2015-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -91,5 +91,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2015-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2015-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/tools/dnstap-read.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2015-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2015-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/tools/mdig.1
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2015-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2015-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -404,5 +404,5 @@ RFC1035\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2015-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2015-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/tools/mdig.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2015-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2015-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/tools/named-journalprint.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -64,5 +64,5 @@ BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/tools/named-journalprint.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/tools/named-nzd2nzf.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -63,5 +63,5 @@ BIND 9 Administrator Reference Manual
Internet Systems Consortium
.SH "COPYRIGHT"
.br
Copyright \(co 2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/tools/named-nzd2nzf.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/tools/named-rrchecker.1
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2013-2016 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -77,5 +77,5 @@ RFC 1035,
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2013-2016 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/tools/named-rrchecker.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2013-2016 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2013-2016, 2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

4
bin/tools/nsec3hash.8
View file

@ -1,4 +1,4 @@
.\" Copyright (C) 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
@ -84,5 +84,5 @@ RFC 5155\&.
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
Copyright \(co 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
.br

2
bin/tools/nsec3hash.html
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
- Copyright (C) 2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2009, 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this

14
configure vendored
View file

@ -941,7 +941,6 @@ infodir
docdir
oldincludedir
includedir
runstatedir
localstatedir
sharedstatedir
sysconfdir
@ -1100,7 +1099,6 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@ -1353,15 +1351,6 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
-runstatedir | --runstatedir | --runstatedi | --runstated \
| --runstate | --runstat | --runsta | --runst | --runs \
| --run | --ru | --r)
ac_prev=runstatedir ;;
-runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
| --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
| --run=* | --ru=* | --r=*)
runstatedir=$ac_optarg ;;
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@ -1499,7 +1488,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
libdir localedir mandir runstatedir
libdir localedir mandir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@ -1652,7 +1641,6 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]

2
doc/arm/Bv9ARM.ch01.html
View file

@ -614,6 +614,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch02.html
View file

@ -146,6 +146,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch03.html
View file

@ -759,6 +759,6 @@ controls {
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch04.html
View file

@ -2867,6 +2867,6 @@ $ORIGIN 0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

295
doc/arm/Bv9ARM.ch05.html
View file

@ -2889,6 +2889,8 @@ badresp:1,adberr:0,findfail:0,valfail:0]
reopen a closed output stream. The minimum is 1 second,
the maximum is 600 seconds (10 minutes), and the default
is 5 seconds.
For convenience, TTL-style time unit suffixes may be
used to specify the value.
</li>
</ul></div>
@ -3300,20 +3302,6 @@ badresp:1,adberr:0,findfail:0,valfail:0]
effect during the initial configuration load at server
startup time and is ignored on subsequent reloads.
</p>
<p>
If BIND is built with
<span class="command"><strong>configure --disable-crypto-rand</strong></span>, then
entropy is <span class="emphasis"><em>not</em></span> sourced from the
cryptographic library. In this case, if
<span class="command"><strong>random-device</strong></span> is not specified, the
default value is the system random device,
<code class="filename">/dev/random</code> or the equivalent.
This default can be overridden with
<span class="command"><strong>configure --with-randomdev</strong></span>.
If no system random device exists, then no entropy source
will be configured, and <span class="command"><strong>named</strong></span> will only
be able to use pseudo-random numbers.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>preferred-glue</strong></span></span></dt>
<dd>
@ -4118,6 +4106,14 @@ options {
Not implemented in BIND 9.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>root-key-sentinel</strong></span></span></dt>
<dd>
<p>
Respond to root key sentinel probes as described in
draft-ietf-dnsop-kskroll-sentinel-08. The default is
<strong class="userinput"><code>yes</code></strong>.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>maintain-ixfr-base</strong></span></span></dt>
<dd>
<p>
@ -6522,8 +6518,9 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
begin listening for queries on any newly discovered
interfaces (provided they are allowed by the
<span class="command"><strong>listen-on</strong></span> configuration), and
will
stop listening on interfaces that have gone away.
will stop listening on interfaces that have gone away.
For convenience, TTL-style time unit suffixes may be
used to specify the value.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>statistics-interval</strong></span></span></dt>
@ -6828,8 +6825,9 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
To reduce network traffic and increase performance,
the server stores negative answers. <span class="command"><strong>max-ncache-ttl</strong></span> is
used to set a maximum retention time for these answers in
the server
in seconds. The default
the server in seconds.
For convenience, TTL-style time unit suffixes may be
used to specify the value. The default
<span class="command"><strong>max-ncache-ttl</strong></span> is <code class="literal">10800</code> seconds (3 hours).
<span class="command"><strong>max-ncache-ttl</strong></span> cannot exceed
7 days and will
@ -6841,6 +6839,8 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
<p>
Sets the maximum time for which the server will
cache ordinary (positive) answers in seconds.
For convenience, TTL-style time unit suffixes may be
used to specify the value.
The default is 604800 (one week).
A value of zero may cause all queries to return
SERVFAIL, because of lost caches of intermediate
@ -6902,6 +6902,11 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
set to one hour before the current time to allow
for a limited amount of clock skew.
</p>
<p>
The <span class="command"><strong>sig-validity-interval</strong></span> can be
overridden for DNSKEY records by setting
<span class="command"><strong>dnskey-sig-validity</strong></span>.
</p>
<p>
The <span class="command"><strong>sig-validity-interval</strong></span>
should be, at least, several multiples of the SOA
@ -6909,6 +6914,21 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
between the various timer and expiry dates.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>dnskey-sig-validity</strong></span></span></dt>
<dd>
<p>
Specifies the number of days into the future when
DNSSEC signatures that are automatically generated
for DNSKEY RRsets as a result of dynamic updates
(<a class="xref" href="Bv9ARM.ch04.html#dynamic_update" title="Dynamic Update">the section called &#8220;Dynamic Update&#8221;</a>) will expire.
If set to a non-zero value, this overrides the
value set by <span class="command"><strong>sig-validity-interval</strong></span>.
The default is zero, meaning
<span class="command"><strong>sig-validity-interval</strong></span> is used.
The maximum value is 3660 days (10 years), and
higher values will be rejected.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>sig-signing-nodes</strong></span></span></dt>
<dd>
<p>
@ -7651,7 +7671,7 @@ deny-answer-aliases { "example.net"; };
multiple policy zones. To maximize performance, a radix
tree is used to quickly identify response policy zones
containing triggers that match the current query. This
imposes an upper limit of 32 on the number of policy zones
imposes an upper limit of 64 on the number of policy zones
in a single <span class="command"><strong>response-policy</strong></span> option; more
than that is a configuration error.
</p>
@ -8027,6 +8047,8 @@ deny-answer-aliases { "example.net"; };
to a maximum value.
The <span class="command"><strong>max-policy-ttl</strong></span> clause changes the
maximum seconds from its default of 5.
For convenience, TTL-style time unit suffixes may be
used to specify the value.
</p>
<p>
@ -8112,7 +8134,9 @@ example.com CNAME rpz-tcp-only.
If an update to a RPZ zone (for example, via IXFR) happens less
than <code class="option">min-update-interval</code> seconds after the most
recent update, then the changes will not be carried out until this
interval has elapsed. The default is <code class="literal">5</code> seconds.
interval has elapsed. The default is <code class="literal">60</code> seconds.
For convenience, TTL-style time unit suffixes may be
used to specify the value.
</p>
</div>
@ -10365,69 +10389,68 @@ example.com. NS ns2.example.net.
<span class="command"><strong>update-policy</strong></span> option, respectively.
</p>
<p>
The <span class="command"><strong>allow-update</strong></span> clause works the
same way as in previous versions of <acronym class="acronym">BIND</acronym>.
It grants given clients the permission to update any
record of any name in the zone.
The <span class="command"><strong>allow-update</strong></span> clause is a simple
access control list. Any client that matches
the ACL is granted permission to update any record
in the zone.
</p>
<p>
The <span class="command"><strong>update-policy</strong></span> clause
allows more fine-grained control over what updates are
allowed. A set of rules is specified, where each rule
either grants or denies permissions for one or more
names to be updated by one or more identities. If
the dynamic update request message is signed (that is,
it includes either a TSIG or SIG(0) record), the
identity of the signer can be determined.
allowed. It specifies a set of rules, in which each rule
either grants or denies permission for one or more
names in the zone to be updated by one or more
identities. Identity is determined by the key that
signed the update request using either TSIG or SIG(0).
In most cases, <span class="command"><strong>update-policy</strong></span> rules
only apply to key-based identities. There is no way
to specify update permissions based on client source
address.
</p>
<p>
Rules are specified in the <span class="command"><strong>update-policy</strong></span>
zone option, and are only meaningful for master zones.
When the <span class="command"><strong>update-policy</strong></span> statement
is present, it is a configuration error for the
<span class="command"><strong>allow-update</strong></span> statement to be
present. The <span class="command"><strong>update-policy</strong></span> statement
(except when set to <code class="literal">local</code>) only
examines the signer of a message; the source
address is not relevant.
<span class="command"><strong>update-policy</strong></span> rules are only meaningful
for zones of type <span class="command"><strong>master</strong></span>, and are
not allowed in any other zone type.
It is a configuration error to specify both
<span class="command"><strong>allow-update</strong></span> and
<span class="command"><strong>update-policy</strong></span> at the same time.
</p>
<p>
A pre-defined <span class="command"><strong>update-policy</strong></span> rule can be
switched on with the command
<span class="command"><strong>update-policy local;</strong></span>.
Switching on this rule in a zone causes
<span class="command"><strong>named</strong></span> to generate a TSIG session key and
place it in a file. That key will then be allowed to update
the zone, if the update request is sent from localhost.
Using this in a zone causes
<span class="command"><strong>named</strong></span> to generate a TSIG session key
when starting up and store it in a file; this key can then
be used by local clients to update the zone while
<span class="command"><strong>named</strong></span> is running.
By default, the session key is stored in the file
<code class="filename">/var/run/named/session.key</code>; the key name
is "local-ddns" and the key algorithm is HMAC-SHA256.
<code class="filename">/var/run/named/session.key</code>, the key name
is "local-ddns", and the key algorithm is HMAC-SHA256.
These values are configurable with the
<span class="command"><strong>session-keyfile</strong></span>,
<span class="command"><strong>session-keyname</strong></span> and
<span class="command"><strong>session-keyalg</strong></span> options, respectively).
</p>
<p>
A client on the local system, if it is run with appropriate
<span class="command"><strong>session-keyalg</strong></span> options, respectively.
A client running on the local system, if run with appropriate
permissions, may read the session key from the key file and
use the key to sign update requests. The zone's update
use it to sign update requests. The zone's update
policy will be set to allow that key to change any record
within the zone. Assuming the key name is "local-ddns",
this policy is:
this policy is equivalent to:
</p>
<pre class="programlisting">update-policy { grant local-ddns zonesub any; };
</pre>
<p>
...with an additional restriction that only clients
...with the additional restriction that only clients
connecting from the local system will be permitted to send
updates.
</p>
<p>
Note that only one session key is generated; all zones
configured to use <span class="command"><strong>update-policy local</strong></span>
will accept the same key.
Note that only one session key is generated by
<span class="command"><strong>named</strong></span>; all zones configured to use
<span class="command"><strong>update-policy local</strong></span> will accept the same key.
</p>
<p>
The command <span class="command"><strong>nsupdate -l</strong></span> implements this
@ -10440,50 +10463,60 @@ example.com. NS ns2.example.net.
</p>
<pre class="programlisting">
( <span class="command"><strong>grant</strong></span> | <span class="command"><strong>deny</strong></span> ) <em class="replaceable"><code>identity</code></em> <em class="replaceable"><code>nametype</code></em> [<span class="optional"> <em class="replaceable"><code>name</code></em> </span>] [<span class="optional"> <em class="replaceable"><code>types</code></em> </span>]
( <span class="command"><strong>grant</strong></span> | <span class="command"><strong>deny</strong></span> ) <em class="replaceable"><code>identity</code></em> <em class="replaceable"><code>ruletype</code></em> [<span class="optional"> <em class="replaceable"><code>name</code></em> </span>] [<span class="optional"> <em class="replaceable"><code>types</code></em> </span>]
</pre>
<p>
Each rule grants or denies privileges. Once a message has
successfully matched a rule, the operation is immediately
granted or denied and no further rules are examined. A rule
is matched when the signer matches the identity field, the
name matches the name field in accordance with the nametype
field, and the type matches the types specified in the type
field.
Each rule grants or denies privileges. Rules are checked
in the order in which they are specified in the
<span class="command"><strong>update-policy</strong></span> statement. Once a message
has successfully matched a rule, the operation is immediately
granted or denied, and no further rules are examined. There
are 13 types of rules; the rule type is specified by the
<span class="command"><strong>ruletype</strong></span> field, and the interpretation
of other fields varies depending on the rule type.
</p>
<p>
No signer is required for <em class="replaceable"><code>tcp-self</code></em>
or <em class="replaceable"><code>6to4-self</code></em> however the standard
reverse mapping / prefix conversion must match the identity
field.
In general, a rule is matched when the
key that signed an update request matches the
<span class="command"><strong>identity</strong></span> field, the name of the record
to be updated matches the <span class="command"><strong>name</strong></span> field
(in the manner specified by the <span class="command"><strong>ruletype</strong></span>
field), and the type of the record to be updated matches the
<span class="command"><strong>types</strong></span> field. Details for each rule type
are described below.
</p>
<p>
The identity field specifies a name or a wildcard
name. Normally, this is the name of the TSIG or
SIG(0) key used to sign the update request. When a
TKEY exchange has been used to create a shared secret,
the identity of the shared secret is the same as the
identity of the key used to authenticate the TKEY
exchange. TKEY is also the negotiation method used
by GSS-TSIG, which establishes an identity that is
the Kerberos principal of the client, such as
<strong class="userinput"><code>"user@host.domain"</code></strong>. When the
<em class="replaceable"><code>identity</code></em> field specifies
a wildcard name, it is subject to DNS wildcard
expansion, so the rule will apply to multiple identities.
The <em class="replaceable"><code>identity</code></em> field must
contain a fully-qualified domain name.
The <span class="command"><strong>identity</strong></span> field must be set to
a fully-qualified domain name. In most cases, this
represensts the name of the TSIG or SIG(0) key that must be
used to sign the update request. If the specified name is a
wildcard, it is subject to DNS wildcard expansion, and the
rule may apply to multiple identities. When a TKEY exchange
has been used to create a shared secret, the identity of
the key used to authenticate the TKEY exchange will be
used as the identity of the shared secret. Some rule types
use indentities matching the client's Kerberos principal
(e.g, <strong class="userinput"><code>"host/machine@REALM"</code></strong>) or
Windows realm (<strong class="userinput"><code>machine$@REALM</code></strong>).
</p>
<p>
For nametypes <code class="varname">krb5-self</code>,
<code class="varname">ms-self</code>, <code class="varname">krb5-subdomain</code>,
and <code class="varname">ms-subdomain</code> the
<em class="replaceable"><code>identity</code></em> field specifies
the Windows or Kerberos realm of the machine belongs to.
The <em class="replaceable"><code>name</code></em> field also specifies
a fully-qualified domain name. This often
represents the name of the record to be updated.
Interpretation of this field is dependent on rule type.
</p>
<p>
The <em class="replaceable"><code>nametype</code></em> field has 13
If no <span class="command"><strong>types</strong></span> are explicitly specified,
then a rule matches all types except RRSIG, NS, SOA, NSEC
and NSEC3. Types may be specified by name, including
"ANY" (ANY matches all types except NSEC and NSEC3,
which can never be updated). Note that when an attempt
is made to delete all records associated with a name,
the rules are checked for each existing record type.
</p>
<p>
The <em class="replaceable"><code>ruletype</code></em> field has 13
values:
<code class="varname">name</code>, <code class="varname">subdomain</code>,
<code class="varname">wildcard</code>, <code class="varname">self</code>,
@ -10577,20 +10610,23 @@ example.com. NS ns2.example.net.
</td>
<td>
<p>
This rule matches when the name being updated
matches the contents of the
This rule matches when the name of the record
being updated matches the contents of the
<em class="replaceable"><code>identity</code></em> field.
The <em class="replaceable"><code>name</code></em> field
is ignored, but should be the same as the
<em class="replaceable"><code>identity</code></em> field or
is ignored. To avoid confusion, it is recommended
that this field be set to the same value as the
<em class="replaceable"><code>identity</code></em> field or to
"."
The <code class="varname">self</code> nametype is
most useful when allowing using one key per
</p>
<p>
The <code class="varname">self</code> rule type is
most useful when allowing one key per
name to update, where the key has the same
name as the name to be updated. The
<em class="replaceable"><code>identity</code></em> would
be specified as <code class="constant">*</code> (an asterisk) in
this case.
name as the record to be updated. In this case,
the <em class="replaceable"><code>identity</code></em> field
can be specified as <code class="constant">*</code>
(an asterisk).
</p>
</td>
</tr>
@ -10699,11 +10735,18 @@ example.com. NS ns2.example.net.
</td>
<td>
<p>
Allow updates that have been sent via TCP and
for which the standard mapping from the initiating
IP address into the IN-ADDR.ARPA and IP6.ARPA
namespaces match the name to be updated. The
name field should be set to "."
This rule allows updates that have been sent via
TCP and for which the standard mapping from the
client's IP address into the
<code class="literal">in-addr.arpa</code> and
<code class="literal">ip6.arpa</code>
namespaces match the name to be updated.
The <span class="command"><strong>identity</strong></span> field must match
that name. The <span class="command"><strong>name</strong></span> field
should be set to ".".
Note that, since identity is based on the client's
IP address, it is not necessary for update request
messages to be signed.
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
@ -10720,11 +10763,30 @@ example.com. NS ns2.example.net.
</td>
<td>
<p>
Allow the 6to4 prefix to be update by any TCP
connection from the 6to4 network or from the
corresponding IPv4 address. This is intended
to allow NS or DNAME RRsets to be added to the
reverse tree.
This allows the name matching a 6to4 IPv6 prefix,
as specified in RFC 3056, to be updated by any
TCP connection from either the 6to4 network or
from the corresponding IPv4 address. This is
intended to allow NS or DNAME RRsets to be added
to the <code class="literal">ip6.arpa</code> reverse tree.
</p>
<p>
The <span class="command"><strong>identity</strong></span> field must match
the 6to4 prefix in <code class="literal">ip6.arpa</code>.
The <span class="command"><strong>name</strong></span> field should
be set to ".".
Note that, since identity is based on the client's
IP address, it is not necessary for update request
messages to be signed.
</p>
<p>
In addition, if specified for an
<code class="literal">ip6.arpa</code> name outside of the
<code class="literal">2.0.0.2.ip6.arpa</code> namespace,
the corresponding /48 reverse name can be updated.
For example, TCP/IPv6 connections
from 2001:DB8:ED0C::/48 can update records at
<code class="literal">C.0.D.E.8.B.D.0.1.0.0.2.ip6.arpa</code>.
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
@ -10780,21 +10842,6 @@ example.com. NS ns2.example.net.
</tbody>
</table>
</div>
<p>
In all cases, the <em class="replaceable"><code>name</code></em>
field must specify a fully-qualified domain name.
</p>
<p>
If no types are explicitly specified, this rule matches
all types except RRSIG, NS, SOA, NSEC and NSEC3. Types
may be specified by name, including "ANY" (ANY matches
all types except NSEC and NSEC3, which can never be
updated). Note that when an attempt is made to delete
all records associated with a name, the rules are
checked for each existing record type.
</p>
</div>
<div class="section">
@ -14625,6 +14672,6 @@ HOST-127.EXAMPLE. MX 0 .
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch06.html
View file

@ -399,6 +399,6 @@ allow-query { !{ !10/8; any; }; key example; };
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch07.html
View file

@ -136,6 +136,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

227
doc/arm/Bv9ARM.ch08.html
View file

@ -36,9 +36,10 @@
<div class="toc">
<p><b>Table of Contents</b></p>
<dl class="toc">
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.13.0-dev</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.13.0</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_intro">Introduction</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_versions">Note on Version Numbering</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_download">Download</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_security">Security Fixes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_features">New Features</a></span></dt>
@ -53,17 +54,41 @@
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id-1.9.2"></a>Release Notes for BIND Version 9.13.0-dev</h2></div></div></div>
<a name="id-1.9.2"></a>Release Notes for BIND Version 9.13.0</h2></div></div></div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_intro"></a>Introduction</h3></div></div></div>
<p>
BIND 9.13 is unstable development release of BIND.
BIND 9.13 is an unstable development release of BIND.
This document summarizes new features and functional changes that
have been introduced on this branch. With each development
release leading up to the stable BIND 9.14 release, this document
will be updated with additional features added and bugs fixed.
have been introduced on this branch. With each development release
leading up to the stable BIND 9.14 release, this document will be
updated with additional features added and bugs fixed.
</p>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_versions"></a>Note on Version Numbering</h3></div></div></div>
<p>
Prior to BIND 9.13, new feature development releases were tagged
as "alpha" and "beta", leading up to the first stable release
for a given development branch, which always ended in ".0".
</p>
<p>
Now, however, BIND has adopted the "odd-unstable/even-stable"
release numbering convention. There will be no "alpha" or "beta"
releases in the 9.13 branch, only increasing version numbers.
So, for example, what would previously have been called 9.13.0a1,
9.13.0a2, 9.13.0b1, and so on, will instead be called 9.13.0,
9.13.1, 9.13.2, etc.
</p>
<p>
The first stable release from this development branch will be
renamed as 9.14.0. Thereafter, maintenance releases will continue
on the 9.14 branch, while unstable feature development proceeds in
9.15.
</p>
</div>
@ -82,31 +107,6 @@
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<p>
Addresses could be referenced after being freed during resolver
processing, causing an assertion failure. The chances of this
happening were remote, but the introduction of a delay in
resolution increased them. This bug is disclosed in
CVE-2017-3145. [RT #46839]
</p>
</li>
<li class="listitem">
<p>
update-policy rules that otherwise ignore the name field now
require that it be set to "." to ensure that any type list
present is properly interpreted. If the name field was omitted
from the rule declaration and a type list was present it wouldn't
be interpreted as expected.
</p>
</li>
</ul></div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_features"></a>New Features</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
<p>
None.
@ -116,20 +116,120 @@
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_features"></a>New Features</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<p>
BIND now can be compiled against the <span class="command"><strong>libidn2</strong></span>
library to add IDNA2008 support. Previously, BIND supported
IDNA2003 using the (now obsolete and unsupported)
<span class="command"><strong>idnkit-1</strong></span> library.
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>named</strong></span> now supports the "root key sentinel"
mechanism. This enables validating resolvers to indicate to
which trust anchors are configured for the root, so that
information about root key rollover status can be gathered.
To disable this feature, add
<span class="command"><strong>root-key-sentinel no;</strong></span> to
<code class="filename">named.conf</code>.
</p>
</li>
<li class="listitem">
<p>
The <span class="command"><strong>dnskey-sig-validity</strong></span> option allows the
<span class="command"><strong>sig-validity-interval</strong></span> to be overriden for
signatures covering DNSKEY RRsets. [GL #145]
</p>
</li>
</ul></div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_removed"></a>Removed Features</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<p>
<span class="command"><strong>dnssec-keygen</strong></span> can no longer generate HMAC
keys for TSIG authentication. Use <span class="command"><strong>tsig-keygen</strong></span>
to generate these keys. [RT #46404]
</p>
</li></ul></div>
</li>
<li class="listitem">
<p>
Support for OpenSSL 0.9.x has been removed. OpenSSL version
1.0.0 or greater, or LibreSSL is now required.
</p>
</li>
<li class="listitem">
<p>
The <span class="command"><strong>configure --enable-seccomp</strong></span> option,
which formerly turned on system-call filtering on Linux, has
been removed. [GL #93]
</p>
</li>
<li class="listitem">
<p>
IPv4 addresses in forms other than dotted-quad are no longer
accepted in master files. [GL #13] [GL #56]
</p>
</li>
<li class="listitem">
<p>
IDNA2003 support via (bundled) idnkit-1.0 has been removed.
</p>
</li>
<li class="listitem">
<p>
The "rbtdb64" database implementation (a parallel
implementation of "rbt") has been removed. [GL #217]
</p>
</li>
<li class="listitem">
<p>
The <span class="command"><strong>-r randomdev</strong></span> option to explicitly select
random device has been removed from the
<span class="command"><strong>ddns-confgen</strong></span>,
<span class="command"><strong>rndc-confgen</strong></span>,
<span class="command"><strong>nsupdate</strong></span>,
<span class="command"><strong>dnssec-confgen</strong></span>, and
<span class="command"><strong>dnssec-signzone</strong></span> commands.
</p>
<p>
The <span class="command"><strong>-p</strong></span> option to use pseudo-random data
has been removed from the <span class="command"><strong>dnssec-signzone</strong></span>
command.
</p>
</li>
</ul></div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<p>
BIND will now always use the best CSPRNG (cryptographically-secure
pseudo-random number generator) available on the platform where
it is compiled. It will use <span class="command"><strong>arc4random()</strong></span>
family of functions on BSD operating systems,
<span class="command"><strong>getrandom()</strong></span> on Linux and Solaris,
<span class="command"><strong>CryptGenRandom</strong></span> on Windows, and the selected
cryptography provider library (OpenSSL or PKCS#11) as the last
resort. [GL #221]
</p>
</li>
<li class="listitem">
<p>
BIND can no longer be built without DNSSEC support. A cryptography
provder (i.e., OpenSSL or a hardware service module with
PKCS#11 support) must be available. [GL #244]
</p>
</li>
<li class="listitem">
<p>
Zone types <span class="command"><strong>primary</strong></span> and
@ -145,32 +245,51 @@
[RT #43670]
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>dig +nssearch</strong></span> will now list name servers
that have timed out, in addition to those that respond. [GL #64]
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>dig +noidnin</strong></span> can be used to disable IDN
processing on the input domain name, when BIND is compiled
with IDN support.
</p>
</li>
<li class="listitem">
<p>
Up to 64 <span class="command"><strong>response-policy</strong></span> zones are now
supported by default; previously the limit was 32. [GL #123]
</p>
</li>
<li class="listitem">
<p>
Several configuration options for time periods can now use
TTL value suffixes (for example, <code class="literal">2h</code> or
<code class="literal">1d</code>) in addition to an integer number of
seconds. These include
<span class="command"><strong>fstrm-set-reopen-interval</strong></span>,
<span class="command"><strong>interface-interval</strong></span>,
<span class="command"><strong>max-cache-ttl</strong></span>,
<span class="command"><strong>max-ncache-ttl</strong></span>,
<span class="command"><strong>max-policy-ttl</strong></span>, and
<span class="command"><strong>min-update-interval</strong></span>.
[GL #203]
</p>
</li>
</ul></div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
<p>
When answering authoritative queries, <span class="command"><strong>named</strong></span>
does not return the target of a cross-zone CNAME between two
locally served zones; this prevents accidental cache poisoning.
This same restriction was incorrectly applied to recursive
queries as well; this has been fixed. [RT #47078]
None.
</p>
</li>
<li class="listitem">
<p>
Attempting to validate improperly unsigned CNAME responses
from secure zones could cause a validator loop. This caused
a delay in returning SERVFAIL and also increased the chances
of encountering the crash bug described in CVE-2017-3145.
[RT #46839]
</p>
</li>
</ul></div>
</li></ul></div>
</div>
<div class="section">
@ -208,8 +327,8 @@
<p>
The end of life date for BIND 9.14 has not yet been determined.
For those needing long term support, the current Extended Support
Version (ESV) is BIND 9.11, which will be supported until December
2021. See
Version (ESV) is BIND 9.11, which will be supported until at
least December 2021. See
<a class="link" href="https://www.isc.org/downloads/software-support-policy/" target="_top">https://www.isc.org/downloads/software-support-policy/</a>
for details of ISC's software support policy.
</p>
@ -245,6 +364,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch09.html
View file

@ -148,6 +148,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch10.html
View file

@ -914,6 +914,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch11.html
View file

@ -533,6 +533,6 @@ $ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mm
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

3
doc/arm/Bv9ARM.ch12.html
View file

@ -185,7 +185,6 @@
</div>
@ -207,6 +206,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

7
doc/arm/Bv9ARM.html
View file

@ -32,7 +32,7 @@
<div>
<div><h1 class="title">
<a name="id-1"></a>BIND 9 Administrator Reference Manual</h1></div>
<div><p class="releaseinfo">BIND Version 9.13.0-dev</p></div>
<div><p class="releaseinfo">BIND Version 9.13.0</p></div>
<div><p class="copyright">Copyright © 2000-2018 Internet Systems Consortium, Inc. ("ISC")</p></div>
</div>
<hr>
@ -234,9 +234,10 @@
</dl></dd>
<dt><span class="appendix"><a href="Bv9ARM.ch08.html">A. Release Notes</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.13.0-dev</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.13.0</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_intro">Introduction</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_versions">Note on Version Numbering</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_download">Download</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_security">Security Fixes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_features">New Features</a></span></dt>
@ -427,6 +428,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

BIN
doc/arm/Bv9ARM.pdf
View file

Binary file not shown.

2
doc/arm/man.arpaname.html
View file

@ -90,6 +90,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

17
doc/arm/man.ddns-confgen.html
View file

@ -53,7 +53,6 @@
<code class="command">tsig-keygen</code>
[<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>]
[<code class="option">-h</code>]
[<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>]
[name]
</p></div>
<div class="cmdsynopsis"><p>
@ -154,20 +153,6 @@
This is essentially identical to <span class="command"><strong>tsig-keygen</strong></span>.
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
<dd>
<p>
Specifies a source of random data for generating the
authorization. If the operating system does not provide a
<code class="filename">/dev/random</code> or equivalent device, the
default source of randomness is keyboard input.
<code class="filename">randomdev</code> specifies the name of a
character device or file containing random data to be used
instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard input
should be used.
</p>
</dd>
<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
<dd>
<p>
@ -235,6 +220,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.delv.html
View file

@ -625,6 +625,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

71
doc/arm/man.dig.html
View file

@ -248,9 +248,9 @@
<dt><span class="term">-i</span></dt>
<dd>
<p>
Do reverse IPv6 lookups using the obsolete RFC1886 IP6.INT
Do reverse IPv6 lookups using the obsolete RFC 1886 IP6.INT
domain, which is no longer in use. Obsolete bit string
label queries (RFC2874) are not attempted.
label queries (RFC 2874) are not attempted.
</p>
</dd>
<dt><span class="term">-k <em class="replaceable"><code>keyfile</code></em></span></dt>
@ -295,11 +295,12 @@
<dt><span class="term">-t <em class="replaceable"><code>type</code></em></span></dt>
<dd>
<p>
The resource record type to query. It can be any valid query type
which is
supported in BIND 9. The default query type is "A", unless the
<code class="option">-x</code> option is supplied to indicate a reverse lookup.
A zone transfer can be requested by specifying a type of AXFR. When
The resource record type to query. It can be any valid query
type. If it is a resource record type supported in BIND 9, it
can be given by the type mnemonic (such as "NS" or "AAAA").
The default query type is "A", unless the <code class="option">-x</code>
option is supplied to indicate a reverse lookup. A zone
transfer can be requested by specifying a type of AXFR. When
an incremental zone transfer (IXFR) is required, set the
<em class="parameter"><code>type</code></em> to <code class="literal">ixfr=N</code>.
The incremental zone transfer will contain the changes
@ -307,6 +308,12 @@
record was
<em class="parameter"><code>N</code></em>.
</p>
<p>
All resource record types can be expressed as "TYPEnn", where
"nn" is the number of the type. If the resource record type is
not supported in BIND 9, the result will be displayed as
described in RFC 3597.
</p>
</dd>
<dt><span class="term">-u</span></dt>
<dd>
@ -637,6 +644,14 @@
server that provided the answer.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]idnin</code></span></dt>
<dd>
<p>
Process [do not process] IDN domain names on input.
This requires IDN SUPPORT to have been enabled at
compile time. The default is to process IDN input.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]idnout</code></span></dt>
<dd>
<p>
@ -713,7 +728,8 @@
attempts to find the authoritative name servers for
the zone containing the name being looked up and
display the SOA record that each name server has for
the zone.
the zone. Addresses of servers that that did not
respond are also printed.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]onesoa</code></span></dt>
@ -760,6 +776,14 @@
the question section as a comment.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]raflag</code></span></dt>
<dd>
<p>
Set [do not set] the RA (Recursion Available) bit in
the query. The default is +noraflag. This bit should
be ignored by the server for QUERY.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]rdflag</code></span></dt>
<dd>
<p>
@ -829,7 +853,7 @@
<dd>
<p>
This feature is now obsolete and has been removed;
use <span class="command"><strong>delv</strong></span> instead.
use <span class="command"><strong>delv</strong></span> instead.
</p>
</dd>
<dt><span class="term"><code class="option">+split=W</code></span></dt>
@ -870,6 +894,14 @@
this query.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]tcflag</code></span></dt>
<dd>
<p>
Set [do not set] the TC (TrunCation) bit in the query.
The default is +notcflag. This bit should be ignored
by the server for QUERY.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]tcp</code></span></dt>
<dd>
<p>
@ -896,8 +928,8 @@
<dd>
<p>
This feature is related to <span class="command"><strong>dig +sigchase</strong></span>,
which is obsolete and has been removed. Use
<span class="command"><strong>delv</strong></span> instead.
which is obsolete and has been removed. Use
<span class="command"><strong>delv</strong></span> instead.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]trace</code></span></dt>
@ -933,9 +965,9 @@
<dd>
<p>
Formerly specified trusted keys for use with
<span class="command"><strong>dig +sigchase</strong></span>. This feature is now
obsolete and has been removed; use
<span class="command"><strong>delv</strong></span> instead.
<span class="command"><strong>dig +sigchase</strong></span>. This feature is now
obsolete and has been removed; use
<span class="command"><strong>delv</strong></span> instead.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]ttlid</code></span></dt>
@ -1045,10 +1077,9 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
<span class="command"><strong>dig</strong></span> appropriately converts character encoding of
domain name before sending a request to DNS server or displaying a
reply from the server.
If you'd like to turn off the IDN support for some reason, defines
the <code class="envar">IDN_DISABLE</code> environment variable.
The IDN support is disabled if the variable is set when
<span class="command"><strong>dig</strong></span> runs.
If you'd like to turn off the IDN support for some reason, use
parameters <em class="parameter"><code>+noidnin</code></em> and
<em class="parameter"><code>+noidnout</code></em>.
</p>
</div>
@ -1076,7 +1107,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
<span class="citerefentry">
<span class="refentrytitle">dnssec-keygen</span>(8)
</span>,
<em class="citetitle">RFC1035</em>.
<em class="citetitle">RFC 1035</em>.
</p>
</div>
@ -1107,6 +1138,6 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-cds.html
View file

@ -376,6 +376,6 @@ nsupdate -l
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-checkds.html
View file

@ -150,6 +150,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-coverage.html
View file

@ -270,6 +270,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-dsfromkey.html
View file

@ -289,6 +289,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-importkey.html
View file

@ -250,6 +250,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-keyfromlabel.html
View file

@ -498,6 +498,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

25
doc/arm/man.dnssec-keygen.html
View file

@ -75,7 +75,6 @@
[<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>]
[<code class="option">-q</code>]
[<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>]
[<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>]
[<code class="option">-S <em class="replaceable"><code>key</code></em></code>]
[<code class="option">-s <em class="replaceable"><code>strength</code></em></code>]
[<code class="option">-t <em class="replaceable"><code>type</code></em></code>]
@ -297,28 +296,6 @@
a satisfactory key.
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd>
<p>
Specifies a source of randomness. Normally, when generating
DNSSEC keys, this option has no effect; the random number
generation function provided by the cryptographic library will
be used.
</p>
<p>
If that behavior is disabled at compile time, however,
the specified file will be used as entropy source
for key generation. <code class="filename">randomdev</code> is
the name of a character device or file containing random
data to be used. The special value <code class="filename">keyboard</code>
indicates that keyboard input should be used.
</p>
<p>
The default is <code class="filename">/dev/random</code> if the
operating system provides it or an equivalent device;
if not, the default source of randomness is keyboard input.
</p>
</dd>
<dt><span class="term">-S <em class="replaceable"><code>key</code></em></span></dt>
<dd>
<p>
@ -591,6 +568,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

12
doc/arm/man.dnssec-keymgr.html
View file

@ -59,7 +59,6 @@
[<code class="option">-v</code>]
[<code class="option">-z</code>]
[<code class="option">-g <em class="replaceable"><code>path</code></em></code>]
[<code class="option">-r <em class="replaceable"><code>path</code></em></code>]
[<code class="option">-s <em class="replaceable"><code>path</code></em></code>]
[zone...]
</p></div>
@ -178,15 +177,6 @@
and <span class="command"><strong>dnssec-settime</strong></span>.
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd>
<p>
Specifies a path to a file containing random data.
This is passed to the <span class="command"><strong>dnssec-keygen</strong></span> binary
using its <code class="option">-r</code> option.
</p>
</dd>
<dt><span class="term">-s <em class="replaceable"><code>settime-path</code></em></span></dt>
<dd>
<p>
@ -398,6 +388,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-revoke.html
View file

@ -171,6 +171,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-settime.html
View file

@ -349,6 +349,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

27
doc/arm/man.dnssec-signzone.html
View file

@ -72,10 +72,8 @@
[<code class="option">-o <em class="replaceable"><code>origin</code></em></code>]
[<code class="option">-O <em class="replaceable"><code>output-format</code></em></code>]
[<code class="option">-P</code>]
[<code class="option">-p</code>]
[<code class="option">-Q</code>]
[<code class="option">-R</code>]
[<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>]
[<code class="option">-S</code>]
[<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>]
[<code class="option">-T <em class="replaceable"><code>ttl</code></em></code>]
@ -418,15 +416,6 @@
can be read by release 9.9.0 or higher; the default is 1.
</p>
</dd>
<dt><span class="term">-p</span></dt>
<dd>
<p>
Use pseudo-random data when signing the zone. This is faster,
but less secure, than using real random data. This option
may be useful when signing large zones or when the entropy
source is limited.
</p>
</dd>
<dt><span class="term">-P</span></dt>
<dd>
<p>
@ -471,20 +460,6 @@
("Double Signature Zone Signing Key Rollover").
</p>
</dd>
<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd>
<p>
Specifies the source of randomness. If the operating
system does not provide a <code class="filename">/dev/random</code>
or equivalent device, the default source of randomness
is keyboard input. <code class="filename">randomdev</code>
specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard
input should be used.
</p>
</dd>
<dt><span class="term">-S</span></dt>
<dd>
<p>
@ -725,6 +700,6 @@ db.example.com.signed
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-verify.html
View file

@ -202,6 +202,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

5
doc/arm/man.dnstap-read.html
View file

@ -138,11 +138,10 @@
<td width="40%" align="left" valign="top">
<span class="application">dnssec-verify</span> </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> <span class="application">host</span>
</td>
<td width="40%" align="right" valign="top"> host</td>
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0-dev</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.0 (Development Release)</p>
</body>
</html>

Some files were not shown because too many files have changed in this diff Show more