[master] auto-generate salt

3781. [func] Specifying "auto" as the salt when using "rndc signing -nsec3param" causes named to generate a 64-bit salt at random. [RT #35322]
2014-03-11 08:46:58 -07:00
parent ffbd79e978
commit 62258ada48
4 changed files with 87 additions and 5 deletions
--- a/bin/rndc/rndc.docbook
+++ b/bin/rndc/rndc.docbook
@@ -723,8 +723,10 @@
            defines the number of additional times to apply
            the algorithm when generating an NSEC3 hash.  The
            <option>salt</option> is a string of data expressed
-            in hexadecimal, or a hyphen (`-') if no salt is
-            to be used.
+            in hexadecimal, a hyphen (`-') if no salt is
+            to be used, or the keyword <literal>auto</literal>,
+            which causes <command>named</command> to generate a
+            random 64-bit salt.
          </para>
          <para>
            So, for example, to create an NSEC3 chain using