mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-03 20:40:08 -05:00
2bf7921c7e
This commit converts the license handling to adhere to the REUSE
specification. It specifically:
1. Adds used licnses to LICENSES/ directory
2. Add "isc" template for adding the copyright boilerplate
3. Changes all source files to include copyright and SPDX license
header, this includes all the C sources, documentation, zone files,
configuration files. There are notes in the doc/dev/copyrights file
on how to add correct headers to the new files.
4. Handle the rest that can't be modified via .reuse/dep5 file. The
binary (or otherwise unmodifiable) files could have license places
next to them in <foo>.license file, but this would lead to cluttered
repository and most of the files handled in the .reuse/dep5 file are
system test files.
(cherry picked from commit 58bd26b6cf)
68 lines
1.9 KiB
ReStructuredText
68 lines
1.9 KiB
ReStructuredText
.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
..
|
|
.. SPDX-License-Identifier: MPL-2.0
|
|
..
|
|
.. This Source Code Form is subject to the terms of the Mozilla Public
|
|
.. License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
..
|
|
.. See the COPYRIGHT file distributed with this work for additional
|
|
.. information regarding copyright ownership.
|
|
|
|
.. highlight: console
|
|
|
|
.. _man_dnssec-checkds:
|
|
|
|
dnssec-checkds - DNSSEC delegation consistency checking tool
|
|
------------------------------------------------------------
|
|
|
|
Synopsis
|
|
~~~~~~~~
|
|
|
|
``dnssec-checkds`` [**-d**\ *dig path*] [**-D**\ *dsfromkey path*]
|
|
[**-f**\ *file*] [**-l**\ *domain*] [**-s**\ *file*] {zone}
|
|
|
|
Description
|
|
~~~~~~~~~~~
|
|
|
|
``dnssec-checkds`` verifies the correctness of Delegation Signer (DS)
|
|
resource records for keys in a specified zone.
|
|
|
|
Options
|
|
~~~~~~~
|
|
|
|
**-a** *algorithm*
|
|
|
|
Specify a digest algorithm to use when converting the zones DNSKEY
|
|
records to expected DS records. This option can be repeated, so that
|
|
multiple records are checked for each DNSKEY record.
|
|
|
|
The *algorithm* must be one of SHA-1, SHA-256, or SHA-384. These
|
|
values are case insensitive, and the hyphen may be omitted. If no
|
|
algorithm is specified, the default is SHA-256.
|
|
|
|
**-f** *file*
|
|
|
|
If a ``file`` is specified, then the zone is read from that file to
|
|
find the DNSKEY records. If not, then the DNSKEY records for the zone
|
|
are looked up in the DNS.
|
|
|
|
**-s** *file*
|
|
|
|
Specifies a prepared dsset file, such as would be generated by
|
|
``dnssec-signzone``, to use as a source for the DS RRset instead of
|
|
querying the parent.
|
|
|
|
**-d** *dig path*
|
|
|
|
Specifies a path to a ``dig`` binary. Used for testing.
|
|
|
|
**-D** *dsfromkey path*
|
|
|
|
Specifies a path to a ``dnssec-dsfromkey`` binary. Used for testing.
|
|
|
|
See Also
|
|
~~~~~~~~
|
|
|
|
``dnssec-dsfromkey``\ (8), ``dnssec-keygen``\ (8),
|
|
``dnssec-signzone``\ (8),
|