Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
a93a66f6
Commit
a93a66f6
authored
Sep 29, 2009
by
Evan Hunt
Browse files
2794. [bug] Reduce default NSEC3 iterations from 100 to 10.
[RT #19970]
parent
c300f45d
Changes
3
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
a93a66f6
2794. [bug] Reduce default NSEC3 iterations from 100 to 10.
[RT #19970]
2793. [port] Add some noreturn attributes. [RT #20257]
2792. [port] win32: 32/64 bit cleanups. [RT #20335]
...
...
bin/dnssec/dnssec-signzone.c
View file @
a93a66f6
...
...
@@ -29,7 +29,7 @@
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-signzone.c,v 1.23
8
2009/09/29
15:06:06 fdupont
Exp $ */
/* $Id: dnssec-signzone.c,v 1.23
9
2009/09/29
22:17:34 each
Exp $ */
/*! \file */
...
...
@@ -147,7 +147,7 @@ static dns_dbiterator_t *gdbiter; /* The database iterator */
static
dns_rdataclass_t
gclass
;
/* The class */
static
dns_name_t
*
gorigin
;
/* The database origin */
static
int
nsec3flags
=
0
;
static
dns_iterations_t
nsec3iter
=
10
0
U
;
static
dns_iterations_t
nsec3iter
=
10U
;
static
unsigned
char
saltbuf
[
255
];
static
unsigned
char
*
salt
=
saltbuf
;
static
size_t
salt_length
=
0
;
...
...
@@ -3337,9 +3337,9 @@ usage(void) {
fprintf
(
stderr
,
"
\t
-n ncpus (number of cpus present)
\n
"
);
fprintf
(
stderr
,
"
\t
-k key_signing_key
\n
"
);
fprintf
(
stderr
,
"
\t
-l lookasidezone
\n
"
);
fprintf
(
stderr
,
"
\t
-3
salt (
NSEC3 salt
)
\n
"
);
fprintf
(
stderr
,
"
\t
-H
iterations (
NSEC3 iterations)
\n
"
);
fprintf
(
stderr
,
"
\t
-A
(
NSEC3 optout
)
\n
"
);
fprintf
(
stderr
,
"
\t
-3 NSEC3 salt
\n
"
);
fprintf
(
stderr
,
"
\t
-H NSEC3 iterations
(10
)
\n
"
);
fprintf
(
stderr
,
"
\t
-A NSEC3 optout
\n
"
);
fprintf
(
stderr
,
"
\t
-z:
\t
"
);
fprintf
(
stderr
,
"ignore KSK flag in DNSKEYs"
);
...
...
bin/dnssec/dnssec-signzone.docbook
View file @
a93a66f6
...
...
@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-signzone.docbook,v 1.3
7
2009/09/2
5 06:47:50
each Exp $ -->
<!-- $Id: dnssec-signzone.docbook,v 1.3
8
2009/09/2
9 22:17:34
each Exp $ -->
<refentry
id=
"man.dnssec-signzone"
>
<refentryinfo>
<date>
June 05, 2009
</date>
...
...
@@ -552,7 +552,7 @@
<term>
-3
<replaceable
class=
"parameter"
>
salt
</replaceable></term>
<listitem>
<para>
Generate a NSEC3 chain with the given hex encoded salt.
Generate a
n
NSEC3 chain with the given hex encoded salt.
A dash (
<replaceable
class=
"parameter"
>
salt
</replaceable>
) can
be used to indicate that no salt is to be used when generating the NSEC3 chain.
</para>
...
...
@@ -563,8 +563,8 @@
<term>
-H
<replaceable
class=
"parameter"
>
iterations
</replaceable></term>
<listitem>
<para>
When generating a NSEC3 chain use this many interations. The
default is 10
0
.
When generating a
n
NSEC3 chain
,
use this many interations. The
default is 10.
</para>
</listitem>
</varlistentry>
...
...
@@ -573,7 +573,7 @@
<term>
-A
</term>
<listitem>
<para>
When generating a NSEC3 chain set the OPTOUT flag on all
When generating a
n
NSEC3 chain set the OPTOUT flag on all
NSEC3 records and do not generate NSEC3 records for insecure
delegations.
</para>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment