FS-3110 --comment-only phase 1 to replace udns with ldns in mod_enum may need to rerun bootstrap

2025-08-13 17:38:59 +00:00 · 2011-03-24 16:26:37 -05:00
parent 047110cd56
commit 1773b890eb
275 changed files with 115723 additions and 8338 deletions
--- a/libs/ldns/contrib/python/docs/source/examples/example8.rst
+++ b/libs/ldns/contrib/python/docs/source/examples/example8.rst
@@ -0,0 +1,17 @@
+Signing of a zone file
+===============================
+
+This example shows how to sign the content of the given zone file
+
+.. literalinclude:: ../../../examples/ldns-signzone.py
+   :language: python
+
+In order to be able sign a zone file, you have to generate a key-pair using ``ldns-keygen.py``. Don't forget to modify tag number.
+
+Signing consists of three steps
+
+1. In the first step, the content of a zone file is readed and parsed. This can be done using :class:`ldns.ldns_zone` class.
+
+2. In the second step, the private and public key is readed and public key is inserted into zone (as DNSKEY). 
+
+3. In the last step, the DNSSEC zone instace is created and all the RRs from zone file are copied here. Then, all the records are signed using :meth:`ldns.ldns_zone.sign` method. If the signing was successfull, the content of DNSSEC zone is written to a file.