[v9_10] prep 9.10.0rc2

3817.	[func]		The "delve" command is now spelled "delv" to avoid
			a namespace collision with the Xapian project.
			[RT #35801]

(cherry picked from commit 2ae159b376)

CHANGES

@@ -1,4 +1,10 @@
-	--- 9.10.0 released ---
+	--- 9.10.0rc2 released ---
+
+3817.	[func]		The "delve" command is now spelled "delv" to avoid
+			a namespace collision with the Xapian project.
+			[RT #35801]
+
+3815.	[doc]		Clarify "nsupdate -y" usage in man page. [RT #35808]
 
 3810.	[bug]		Work around broken nameservers that fail to ignore
 			unknown EDNS options. [RT #35766]

Makefile.in

@@ -21,7 +21,7 @@ top_srcdir =	@top_srcdir@
 
 @BIND9_VERSION@
 
-SUBDIRS =	make unit lib bin doc @LIBEXPORT@
+SUBDIRS =	make unit lib bin doc
 TARGETS =
 PREREQS =	bind.keys.h
 

README

@@ -74,12 +74,15 @@ BIND 9.10.0
 	 - A new zone file format, "map", stores zone data in a
 	   format that can be mapped directly into memory, allowing
 	   significantly faster zone loading.
-	 - "delve" (domain entity lookup and validation engine) is a
-	   new tool with dig-like semantics for looking up DNS data
-	   and performing internal DNSSEC validation.  This allows
-	   easy validation in environments where the resolver may
-	   not be trustworthy, and assists with troubleshooting of
-	   DNSSEC problems.
+	 - "delv" (domain entity lookup and validation) is a new tool
+	   with dig-like semantics for looking up DNS data and performing
+	   internal DNSSEC validation.  This allows easy validation in
+	   environments where the resolver may not be trustworthy, and
+	   assists with troubleshooting of DNSSEC problems. (NOTE:
+	   In previous development releases of BIND 9.10, this utility
+	   was called "delve". The spelling has been changed to avoid
+	   confusion with the "delve" utility that included with
+	   the Xapian search engine.)
 	 - Improved EDNS(0) processing for better resolver performance
 	   and reliability over slow or lossy connections.
 	 - A new "configure --with-tuning=large" option tunes certain

bin/Makefile.in

@@ -19,7 +19,7 @@ srcdir =	@srcdir@
 VPATH =		@srcdir@
 top_srcdir =	@top_srcdir@
 
-SUBDIRS =	named rndc dig delve dnssec tools tests nsupdate \
+SUBDIRS =	named rndc dig delv dnssec tools tests nsupdate \
 		check confgen @PYTHON_TOOLS@ @PKCS11_TOOLS@
 TARGETS =
 

bin/delv/Makefile.in

@@ -44,36 +44,33 @@ NOSYMLIBS =	${DNSLIBS} ${IRSLIBS} ${ISCCFGLIBS} ${ISCNOSYMLIBS} @LIBS@
 
 SUBDIRS =
 
-TARGETS =	delve@EXEEXT@
+TARGETS =	delv@EXEEXT@
 
-OBJS =		delve.@O@
+OBJS =		delv.@O@
 
-SRCS =		delve.c
+SRCS =		delv.c
 
-MANPAGES =	delve.1
+MANPAGES =	delv.1
 
-HTMLPAGES =	delve.html
+HTMLPAGES =	delv.html
 
 MANOBJS =	${MANPAGES} ${HTMLPAGES}
 
 @BIND9_MAKE_RULES@
 
-delve@EXEEXT@: delve.@O@ ${DEPLIBS}
-	export BASEOBJS="delve.@O@"; \
+delv@EXEEXT@: delv.@O@ ${DEPLIBS}
+	export BASEOBJS="delv.@O@"; \
 	export LIBS0="${DNSLIBS}"; \
 	${FINALBUILDCMD}
 
-#	${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
-#	delve.@O@ ${LIBS}
-
 installdirs:
 	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir}
 	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man1
 
-install:: delve@EXEEXT@ installdirs
+install:: delv@EXEEXT@ installdirs
 	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} \
-		delve@EXEEXT@ ${DESTDIR}${bindir}
-	${INSTALL_DATA} ${srcdir}/delve.1 ${DESTDIR}${mandir}/man1
+		delv@EXEEXT@ ${DESTDIR}${bindir}
+	${INSTALL_DATA} ${srcdir}/delv.1 ${DESTDIR}${mandir}/man1
 
 doc man:: ${MANOBJS}
 

bin/delv/delv.1

@@ -16,63 +16,63 @@
 .\"
 .hy 0
 .ad l
-.\"     Title: delve
+.\"     Title: delv
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
-.\"      Date: February 21, 2014
+.\"      Date: April 23, 2014
 .\"    Manual: BIND9
 .\"    Source: BIND9
 .\"
-.TH "DELVE" "1" "February 21, 2014" "BIND9" "BIND9"
+.TH "DELV" "1" "April 23, 2014" "BIND9" "BIND9"
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
 .ad l
 .SH "NAME"
-delve \- DNS lookup and validation utility
+delv \- DNS lookup and validation utility
 .SH "SYNOPSIS"
-.HP 6
-\fBdelve\fR [@server] [\fB\-4\fR] [\fB\-6\fR] [\fB\-a\ \fR\fB\fIanchor\-file\fR\fR] [\fB\-b\ \fR\fB\fIaddress\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-d\ \fR\fB\fIlevel\fR\fR] [\fB\-i\fR] [\fB\-m\fR] [\fB\-p\ \fR\fB\fIport#\fR\fR] [\fB\-q\ \fR\fB\fIname\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-x\ \fR\fB\fIaddr\fR\fR] [name] [type] [class] [queryopt...]
-.HP 6
-\fBdelve\fR [\fB\-h\fR]
-.HP 6
-\fBdelve\fR [\fB\-v\fR]
-.HP 6
-\fBdelve\fR [queryopt...] [query...]
+.HP 5
+\fBdelv\fR [@server] [\fB\-4\fR] [\fB\-6\fR] [\fB\-a\ \fR\fB\fIanchor\-file\fR\fR] [\fB\-b\ \fR\fB\fIaddress\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-d\ \fR\fB\fIlevel\fR\fR] [\fB\-i\fR] [\fB\-m\fR] [\fB\-p\ \fR\fB\fIport#\fR\fR] [\fB\-q\ \fR\fB\fIname\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-x\ \fR\fB\fIaddr\fR\fR] [name] [type] [class] [queryopt...]
+.HP 5
+\fBdelv\fR [\fB\-h\fR]
+.HP 5
+\fBdelv\fR [\fB\-v\fR]
+.HP 5
+\fBdelv\fR [queryopt...] [query...]
 .SH "DESCRIPTION"
 .PP
-\fBdelve\fR
-(Domain Entity Lookup & Validation Engine) is a tool for sending DNS queries and validating the results, using the the same internal resolver and validator logic as
+\fBdelv\fR
+(Domain Entity Lookup & Validation) is a tool for sending DNS queries and validating the results, using the the same internal resolver and validator logic as
 \fBnamed\fR.
 .PP
-\fBdelve\fR
+\fBdelv\fR
 will send to a specified name server all queries needed to fetch and validate the requested data; this includes the original requested query, subsequent queries to follow CNAME or DNAME chains, and queries for DNSKEY, DS and DLV records to establish a chain of trust for DNSSEC validation. It does not perform iterative resolution, but simulates the behavior of a name server configured for DNSSEC validating and forwarding.
 .PP
 By default, responses are validated using built\-in DNSSEC trust anchors for the root zone (".") and for the ISC DNSSEC lookaside validation zone ("dlv.isc.org"). Records returned by
-\fBdelve\fR
+\fBdelv\fR
 are either fully validated or were not signed. If validation fails, an explanation of the failure is included in the output; the validation process can be traced in detail. Because
-\fBdelve\fR
+\fBdelv\fR
 does not rely on an external server to carry out validation, it can be used to check the validity of DNS responses in environments where local name servers may not be trustworthy.
 .PP
 Unless it is told to query a specific name server,
-\fBdelve\fR
+\fBdelv\fR
 will try each of the servers listed in
 \fI/etc/resolv.conf\fR. If no usable server addresses are found,
-\fBdelve\fR
+\fBdelv\fR
 will send queries to the localhost addresses (127.0.0.1 for IPv4, ::1 for IPv6).
 .PP
 When no command line arguments or options are given,
-\fBdelve\fR
+\fBdelv\fR
 will perform an NS query for "." (the root zone).
 .SH "SIMPLE USAGE"
 .PP
 A typical invocation of
-\fBdelve\fR
+\fBdelv\fR
 looks like:
 .sp
 .RS 4
 .nf
- delve @server name type 
+ delv @server name type 
 .fi
 .RE
 .sp
@@ -83,7 +83,7 @@ where:
 is the name or IP address of the name server to query. This can be an IPv4 address in dotted\-decimal notation or an IPv6 address in colon\-delimited notation. When the supplied
 \fIserver\fR
 argument is a hostname,
-\fBdelve\fR
+\fBdelv\fR
 resolves that name before querying that name server (note, however, that this initial lookup is
 \fInot\fR
 validated by DNSSEC).
@@ -91,14 +91,14 @@ validated by DNSSEC).
 If no
 \fIserver\fR
 argument is provided,
-\fBdelve\fR
+\fBdelv\fR
 consults
 \fI/etc/resolv.conf\fR; if an address is found there, it queries the name server at that address. If either of the
 \fB\-4\fR
 or
 \fB\-6\fR
 options are in use, then only addresses for the corresponding transport will be tried. If no usable addresses are found,
-\fBdelve\fR
+\fBdelv\fR
 will send queries to the localhost addresses (127.0.0.1 for IPv4, ::1 for IPv6).
 .RE
 .PP
@@ -114,7 +114,7 @@ indicates what type of query is required \(em ANY, A, MX, etc.
 can be any valid query type. If no
 \fItype\fR
 argument is supplied,
-\fBdelve\fR
+\fBdelv\fR
 will perform a lookup for an A record.
 .RE
 .SH "OPTIONS"
@@ -133,7 +133,7 @@ or
 options.
 .sp
 Note: When reading the trust anchor file,
-\fBdelve\fR
+\fBdelv\fR
 treats
 \fBmanaged\-keys\fR
 statements and
@@ -141,14 +141,14 @@ statements and
 statements identically. That is, for a managed key, it is the
 \fIinitial\fR
 key that is trusted; RFC 5011 key management is not supported.
-\fBdelve\fR
+\fBdelv\fR
 will not consult the managed\-keys database maintained by
 \fBnamed\fR. This means that if either of the keys in
 \fI/etc/bind.keys\fR
 is revoked and rolled over, it will be necessary to update
 \fI/etc/bind.keys\fR
 to use DNSSEC validation in
-\fBdelve\fR.
+\fBdelv\fR.
 .RE
 .PP
 \-b \fIaddress\fR
@@ -160,7 +160,7 @@ Sets the source IP address of the query to
 \-c \fIclass\fR
 .RS 4
 Sets the query class for the requested data. Currently, only class "IN" is supported in
-\fBdelve\fR
+\fBdelv\fR
 and any other value is ignored.
 .RE
 .PP
@@ -168,7 +168,7 @@ and any other value is ignored.
 .RS 4
 Set the systemwide debug level to
 \fBlevel\fR. The allowed range is from 0 to 99. The default is 0 (no debugging). Debugging traces from
-\fBdelve\fR
+\fBdelv\fR
 become more verbose as the debug level increases. See the
 \fB+mtrace\fR,
 \fB+rtrace\fR, and
@@ -179,14 +179,14 @@ options below for additional debugging details.
 \-h
 .RS 4
 Display the
-\fBdelve\fR
+\fBdelv\fR
 help usage output and exit.
 .RE
 .PP
 \-i
 .RS 4
 Insecure mode. This disables internal DNSSEC validation. (Note, however, this does not set the CD bit on upstream queries. If the server being queried is performing DNSSEC validation, then it will not return invalid data; this can cause
-\fBdelve\fR
+\fBdelv\fR
 to time out. When it is necessary to examine invalid data to debug a DNSSEC problem, use
 \fBdig +cd\fR.)
 .RE
@@ -222,7 +222,7 @@ option is supplied to indicate a reverse lookup, in which case it is "PTR".
 \-v
 .RS 4
 Print the
-\fBdelve\fR
+\fBdelv\fR
 version and exit.
 .RE
 .PP
@@ -237,7 +237,7 @@ is used, there is no need to provide the
 or
 \fItype\fR
 arguments.
-\fBdelve\fR
+\fBdelv\fR
 automatically performs a lookup for a name like
 11.12.13.10.in\-addr.arpa
 and sets the query type to PTR. IPv6 addresses are looked up using nibble format under the IP6.ARPA domain.
@@ -246,19 +246,19 @@ and sets the query type to PTR. IPv6 addresses are looked up using nibble format
 \-4
 .RS 4
 Forces
-\fBdelve\fR
+\fBdelv\fR
 to only use IPv4.
 .RE
 .PP
 \-6
 .RS 4
 Forces
-\fBdelve\fR
+\fBdelv\fR
 to only use IPv6.
 .RE
 .SH "QUERY OPTIONS"
 .PP
-\fBdelve\fR
+\fBdelv\fR
 provides a number of query options which affect the way results are displayed, and in some cases the way lookups are performed.
 .PP
 Each query option is identified by a keyword preceded by a plus sign (+). Some keywords set or reset an option. These may be preceded by the string
@@ -269,8 +269,8 @@ to negate the meaning of that keyword. Other keywords assign values to options l
 \fB+[no]cdflag\fR
 .RS 4
 Controls whether to set the CD (checking disabled) bit in queries sent by
-\fBdelve\fR. This may be useful when troubleshooting DNSSEC problems from behind a validating resolver. A validating resolver will block invalid responses, making it difficult to retrieve them for analysis. Setting the CD flag on queries will cause the resolver to return invalid responses, which
-\fBdelve\fR
+\fBdelv\fR. This may be useful when troubleshooting DNSSEC problems from behind a validating resolver. A validating resolver will block invalid responses, making it difficult to retrieve them for analysis. Setting the CD flag on queries will cause the resolver to return invalid responses, which
+\fBdelv\fR
 can then validate internally and report the errors in detail.
 .RE
 .PP
@@ -287,7 +287,7 @@ Controls whether to display the TTL when printing a record. The default is to di
 \fB+[no]rtrace\fR
 .RS 4
 Toggle resolver fetch logging. This reports the name and type of each query sent by
-\fBdelve\fR
+\fBdelv\fR
 in the process of carrying out the resolution and validation process: this includes including the original query and all subsequent queries to follow CNAMEs and to establish a chain of trust for DNSSEC validation.
 .sp
 This is equivalent to setting the debug level to 1 in the "resolver" logging category. Setting the systemwide debug level to 1 using the
@@ -298,7 +298,7 @@ option will product the same output (but will affect other logging categories as
 \fB+[no]mtrace\fR
 .RS 4
 Toggle message logging. This produces a detailed dump of the responses received by
-\fBdelve\fR
+\fBdelv\fR
 in the process of carrying out the resolution and validation process.
 .sp
 This is equivalent to setting the debug level to 10 for the the "packets" module of the "resolver" logging category. Setting the systemwide debug level to 10 using the
@@ -365,14 +365,14 @@ as a group.
 \fB+[no]multiline\fR
 .RS 4
 Print long records (such as RRSIG, DNSKEY, and SOA records) in a verbose multi\-line format with human\-readable comments. The default is to print each record on a single line, to facilitate machine parsing of the
-\fBdelve\fR
+\fBdelv\fR
 output.
 .RE
 .PP
 \fB+[no]dnssec\fR
 .RS 4
 Indicates whether to display RRSIG records in the
-\fBdelve\fR
+\fBdelv\fR
 output. The default is to do so. Note that (unlike in
 \fBdig\fR) this does
 \fInot\fR

bin/delv/delv.c

@@ -88,7 +88,7 @@
 
 #define MAXNAME (DNS_NAME_MAXTEXT+1)
 
-/* Variables used internally by delve. */
+/* Variables used internally by delv. */
 char *progname;
 static isc_mem_t *mctx = NULL;
 static isc_log_t *lctx = NULL;
@@ -155,7 +155,7 @@ parse_uint(isc_uint32_t *uip, const char *value, isc_uint32_t max,
 static void
 usage(void) {
 	fputs(
-"Usage:  delve [@server] {q-opt} {d-opt} [domain] [q-type] [q-class]\n"
+"Usage:  delv [@server] {q-opt} {d-opt} [domain] [q-type] [q-class]\n"
 "Where:  domain	  is in the Domain Name System\n"
 "        q-class  is one of (in,hs,ch,...) [default: in]\n"
 "        q-type   is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]\n"
@@ -230,22 +230,22 @@ warn(const char *format, ...) {
 }
 
 static isc_logcategory_t categories[] = {
-	{ "delve",	     0 },
+	{ "delv",	     0 },
 	{ NULL,		     0 }
 };
 #define LOGCATEGORY_DEFAULT		(&categories[0])
 #define LOGMODULE_DEFAULT		(&modules[0])
 
 static isc_logmodule_t modules[] = {
-	{ "delve",	 		0 },
+	{ "delv",	 		0 },
 	{ NULL, 			0 }
 };
 
 static void
-delve_log(int level, const char *fmt, ...) ISC_FORMAT_PRINTF(2, 3);
+delv_log(int level, const char *fmt, ...) ISC_FORMAT_PRINTF(2, 3);
 
 static void
-delve_log(int level, const char *fmt, ...) {
+delv_log(int level, const char *fmt, ...) {
 	va_list ap;
 	char msgbuf[2048];
 
@@ -416,7 +416,7 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner,
 	if (!dns_rdataset_isassociated(rdataset)) {
 		char namebuf[DNS_NAME_FORMATSIZE];
 		dns_name_format(owner, namebuf, sizeof(namebuf));
-		delve_log(ISC_LOG_DEBUG(4),
+		delv_log(ISC_LOG_DEBUG(4),
 			  "WARN: empty rdataset %s", namebuf);
 		return (ISC_R_SUCCESS);
 	}
@@ -556,7 +556,7 @@ convert_name(dns_fixedname_t *fn, dns_name_t **name, const char *text) {
 
 	result = dns_name_fromtext(n, &b, dns_rootname, 0, NULL);
 	if (result != ISC_R_SUCCESS) {
-		delve_log(ISC_LOG_ERROR, "failed to convert QNAME %s: %s",
+		delv_log(ISC_LOG_ERROR, "failed to convert QNAME %s: %s",
 			  text, isc_result_totext(result));
 		return (result);
 	}
@@ -595,10 +595,10 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client) {
 		return (ISC_R_SUCCESS);
 
 	if (match_root)
-		delve_log(ISC_LOG_DEBUG(3), "adding trust anchor %s",
+		delv_log(ISC_LOG_DEBUG(3), "adding trust anchor %s",
 			  trust_anchor);
 	if (match_dlv)
-		delve_log(ISC_LOG_DEBUG(3), "adding DLV trust anchor %s",
+		delv_log(ISC_LOG_DEBUG(3), "adding DLV trust anchor %s",
 			  dlv_anchor);
 
 	flags = cfg_obj_asuint32(cfg_tuple_get(key, "flags"));
@@ -762,7 +762,7 @@ setup_dnsseckeys(dns_client_t *client) {
 
  cleanup:
 	if (result != ISC_R_SUCCESS)
-		delve_log(ISC_LOG_ERROR, "setup_dnsseckeys: %s",
+		delv_log(ISC_LOG_ERROR, "setup_dnsseckeys: %s",
 			  isc_result_totext(result));
 	return (result);
 }
@@ -811,7 +811,7 @@ addserver(dns_client_t *client) {
 		hints.ai_protocol = IPPROTO_UDP;
 		gai_error = getaddrinfo(server, port, &hints, &res);
 		if (gai_error != 0) {
-			delve_log(ISC_LOG_ERROR,
+			delv_log(ISC_LOG_ERROR,
 				  "getaddrinfo failed: %s",
 				  gai_strerror(gai_error));
 			return (ISC_R_FAILURE);
@@ -848,7 +848,7 @@ addserver(dns_client_t *client) {
 	}
 
 	if (result != ISC_R_SUCCESS)
-		delve_log(ISC_LOG_ERROR, "addserver: %s",
+		delv_log(ISC_LOG_ERROR, "addserver: %s",
 			  isc_result_totext(result));
 
 	return (result);
@@ -868,7 +868,7 @@ findserver(dns_client_t *client) {
 
 	result = irs_resconf_load(mctx, "/etc/resolv.conf", &resconf);
 	if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) {
-		delve_log(ISC_LOG_ERROR, "irs_resconf_load: %s",
+		delv_log(ISC_LOG_ERROR, "irs_resconf_load: %s",
 			  isc_result_totext(result));
 		goto cleanup;
 	}
@@ -925,7 +925,7 @@ findserver(dns_client_t *client) {
 	result = dns_client_setservers(client, dns_rdataclass_in, NULL,
 				       nameservers);
 	if (result != ISC_R_SUCCESS)
-		delve_log(ISC_LOG_ERROR, "dns_client_setservers: %s",
+		delv_log(ISC_LOG_ERROR, "dns_client_setservers: %s",
 			  isc_result_totext(result));
 
 cleanup:
@@ -1207,7 +1207,7 @@ dash_option(char *option, char *next, isc_boolean_t *open_type_class) {
 			/* handled in preparse_args() */
 			break;
 		case 'v':
-			fputs("delve " VERSION "\n", stderr);
+			fputs("delv " VERSION "\n", stderr);
 			exit(0);
 			/* NOTREACHED */
 		default:
@@ -1363,7 +1363,7 @@ preparse_args(int argc, char **argv) {
 /*
  * Argument parsing is based on dig, but simplified: only one
  * QNAME/QCLASS/QTYPE tuple can be specified, and options have
- * been removed that aren't applicable to delve. The interface
+ * been removed that aren't applicable to delv. The interface
  * should be familiar to dig users, however.
  */
 static void
@@ -1576,7 +1576,7 @@ main(int argc, char *argv[]) {
 	result = dns_client_createx2(mctx, actx, taskmgr, socketmgr, timermgr,
 				     clopt, &client, srcaddr4, srcaddr6);
 	if (result != ISC_R_SUCCESS) {
-		delve_log(ISC_LOG_ERROR, "dns_client_create: %s",
+		delv_log(ISC_LOG_ERROR, "dns_client_create: %s",
 			  isc_result_totext(result));
 		goto cleanup;
 	}
@@ -1606,7 +1606,7 @@ main(int argc, char *argv[]) {
 	result = dns_client_resolve(client, query_name, dns_rdataclass_in,
 				    qtype, resopt, &namelist);
 	if (result != ISC_R_SUCCESS)
-		delve_log(ISC_LOG_ERROR, "resolution failed: %s",
+		delv_log(ISC_LOG_ERROR, "resolution failed: %s",
 			  isc_result_totext(result));
 
 	for (response_name = ISC_LIST_HEAD(namelist);
@@ -1617,7 +1617,7 @@ main(int argc, char *argv[]) {
 		     rdataset = ISC_LIST_NEXT(rdataset, link)) {
 			result = printdata(rdataset, response_name, style);
 			if (result != ISC_R_SUCCESS)
-				delve_log(ISC_LOG_ERROR, "print data failed");
+				delv_log(ISC_LOG_ERROR, "print data failed");
 		}
 	}
 

bin/delv/delv.docbook

@@ -17,20 +17,20 @@
  - PERFORMANCE OF THIS SOFTWARE.
 -->
 
-<refentry id="man.delve">
+<refentry id="man.delv">
 
   <refentryinfo>
-    <date>February 21, 2014</date>
+    <date>April 23, 2014</date>
   </refentryinfo>
 
   <refmeta>
-    <refentrytitle>delve</refentrytitle>
+    <refentrytitle>delv</refentrytitle>
     <manvolnum>1</manvolnum>
     <refmiscinfo>BIND9</refmiscinfo>
   </refmeta>
 
   <refnamediv>
-    <refname>delve</refname>
+    <refname>delv</refname>
     <refpurpose>DNS lookup and validation utility</refpurpose>
   </refnamediv>
 
@@ -43,7 +43,7 @@
 
   <refsynopsisdiv>
     <cmdsynopsis>
-      <command>delve</command>
+      <command>delv</command>
       <arg choice="opt">@server</arg>
       <arg><option>-4</option></arg>
       <arg><option>-6</option></arg>
@@ -64,17 +64,17 @@
     </cmdsynopsis>
 
     <cmdsynopsis>
-      <command>delve</command>
+      <command>delv</command>
       <arg><option>-h</option></arg>
     </cmdsynopsis>
 
     <cmdsynopsis>
-      <command>delve</command>
+      <command>delv</command>
       <arg><option>-v</option></arg>
     </cmdsynopsis>
 
     <cmdsynopsis>
-      <command>delve</command>
+      <command>delv</command>
       <arg choice="opt" rep="repeat">queryopt</arg>
       <arg choice="opt" rep="repeat">query</arg>
     </cmdsynopsis>
@@ -82,13 +82,13 @@
 
   <refsect1>
     <title>DESCRIPTION</title>
-    <para><command>delve</command>
-      (Domain Entity Lookup &amp; Validation Engine) is a tool for sending
+    <para><command>delv</command>
+      (Domain Entity Lookup &amp; Validation) is a tool for sending
       DNS queries and validating the results, using the the same internal
       resolver and validator logic as <command>named</command>.
     </para>
     <para>
-      <command>delve</command> will send to a specified name server all
+      <command>delv</command> will send to a specified name server all
       queries needed to fetch and validate the requested data; this
       includes the original requested query, subsequent queries to follow
       CNAME or DNAME chains, and queries for DNSKEY, DS and DLV records
@@ -101,25 +101,25 @@
       By default, responses are validated using built-in DNSSEC trust
       anchors for the root zone (".") and for the ISC DNSSEC lookaside
       validation zone ("dlv.isc.org").  Records returned by
-      <command>delve</command> are either fully validated or
+      <command>delv</command> are either fully validated or
       were not signed.  If validation fails, an explanation of
       the failure is included in the output; the validation process
-      can be traced in detail.  Because <command>delve</command> does
+      can be traced in detail.  Because <command>delv</command> does
       not rely on an external server to carry out validation, it can
       be used to check the validity of DNS responses in environments
       where local name servers may not be trustworthy.
     </para>
     <para>
       Unless it is told to query a specific name server,
-      <command>delve</command> will try each of the servers listed in
+      <command>delv</command> will try each of the servers listed in
       <filename>/etc/resolv.conf</filename>. If no usable server
-      addresses are found, <command>delve</command> will send
+      addresses are found, <command>delv</command> will send
       queries to the localhost addresses (127.0.0.1 for IPv4, ::1
       for IPv6).
     </para>
     <para>
       When no command line arguments or options are given,
-      <command>delve</command> will perform an NS query for "."
+      <command>delv</command> will perform an NS query for "."
       (the root zone).
     </para>
   </refsect1>
@@ -128,8 +128,8 @@
     <title>SIMPLE USAGE</title>
 
     <para>
-      A typical invocation of <command>delve</command> looks like:
-      <programlisting> delve @server name type </programlisting>
+      A typical invocation of <command>delv</command> looks like:
+      <programlisting> delv @server name type </programlisting>
       where:
 
       <variablelist>
@@ -141,21 +141,21 @@
 	      can be an IPv4 address in dotted-decimal notation or an IPv6
 	      address in colon-delimited notation.  When the supplied
 	      <parameter>server</parameter> argument is a hostname,
-	      <command>delve</command> resolves that name before
+	      <command>delv</command> resolves that name before
 	      querying that name server (note, however, that this
 	      initial lookup is <emphasis>not</emphasis> validated
 	      by DNSSEC).
 	    </para>
 	    <para>
 	      If no <parameter>server</parameter> argument is
-	      provided, <command>delve</command> consults
+	      provided, <command>delv</command> consults
 	      <filename>/etc/resolv.conf</filename>; if an
 	      address is found there, it queries the name server at
 	      that address. If either of the <option>-4</option> or
 	      <option>-6</option> options are in use, then
 	      only addresses for the corresponding transport
 	      will be tried.  If no usable addresses are found,
-	      <command>delve</command> will send queries to
+	      <command>delv</command> will send queries to
 	      the localhost addresses (127.0.0.1 for IPv4,
 	      ::1 for IPv6).
 	    </para>
@@ -180,7 +180,7 @@
 	      <parameter>type</parameter> can be any valid query
 	      type.  If no
 	      <parameter>type</parameter> argument is supplied,
-	      <command>delve</command> will perform a lookup for an
+	      <command>delv</command> will perform a lookup for an
 	      A record.
 	    </para>
 	  </listitem>
@@ -213,17 +213,17 @@
 	  </para>
 	  <para>
 	    Note: When reading the trust anchor file,
-	    <command>delve</command> treats <option>managed-keys</option>
+	    <command>delv</command> treats <option>managed-keys</option>
 	    statements and <option>trusted-keys</option> statements
 	    identically.  That is, for a managed key, it is the
 	    <emphasis>initial</emphasis> key that is trusted; RFC 5011
-	    key management is not supported. <command>delve</command>
+	    key management is not supported. <command>delv</command>
 	    will not consult the managed-keys database maintained by
 	    <command>named</command>. This means that if either of the
 	    keys in <filename>/etc/bind.keys</filename> is revoked
 	    and rolled over, it will be necessary to update
 	    <filename>/etc/bind.keys</filename> to use DNSSEC
-	    validation in <command>delve</command>.
+	    validation in <command>delv</command>.
 	  </para>
 	</listitem>
       </varlistentry>
@@ -246,7 +246,7 @@
 	<listitem>
 	  <para>
 	    Sets the query class for the requested data. Currently,
-	    only class "IN" is supported in <command>delve</command>
+	    only class "IN" is supported in <command>delv</command>
 	    and any other value is ignored.
 	  </para>
 	</listitem>
@@ -259,7 +259,7 @@
 	    Set the systemwide debug level to <option>level</option>.
 	    The allowed range is from 0 to 99.
 	    The default is 0 (no debugging).
-	    Debugging traces from <command>delve</command> become
+	    Debugging traces from <command>delv</command> become
 	    more verbose as the debug level increases.
 	    See the <option>+mtrace</option>, <option>+rtrace</option>,
 	    and <option>+vtrace</option> options below for additional
@@ -272,7 +272,7 @@
 	<term>-h</term>
 	<listitem>
 	  <para>
-	    Display the <command>delve</command> help usage output and exit.
+	    Display the <command>delv</command> help usage output and exit.
 	  </para>
 	</listitem>
       </varlistentry>
@@ -285,7 +285,7 @@
 	    (Note, however, this does not set the CD bit on upstream
 	    queries. If the server being queried is performing DNSSEC
 	    validation, then it will not return invalid data; this
-	    can cause <command>delve</command> to time out. When it
+	    can cause <command>delv</command> to time out. When it
 	    is necessary to examine invalid data to debug a DNSSEC
 	    problem, use <command>dig +cd</command>.)
 	  </para>
@@ -350,7 +350,7 @@
 	<term>-v</term>
 	<listitem>
 	  <para>
-	    Print the <command>delve</command> version and exit.
+	    Print the <command>delv</command> version and exit.
 	  </para>
 	</listitem>
       </varlistentry>
@@ -364,7 +364,7 @@
 	    dotted-decimal notation, or a colon-delimited IPv6 address.
 	    When <option>-x</option> is used, there is no need to provide
 	    the <parameter>name</parameter> or <parameter>type</parameter>
-	    arguments.  <command>delve</command> automatically performs a
+	    arguments.  <command>delv</command> automatically performs a
 	    lookup for a name like <literal>11.12.13.10.in-addr.arpa</literal>
 	    and sets the query type to PTR.  IPv6 addresses are looked up
 	    using nibble format under the IP6.ARPA domain.
@@ -376,7 +376,7 @@
 	<term>-4</term>
 	<listitem>
 	  <para>
-	    Forces <command>delve</command> to only use IPv4.
+	    Forces <command>delv</command> to only use IPv4.
 	  </para>
 	</listitem>
       </varlistentry>
@@ -385,7 +385,7 @@
 	<term>-6</term>
 	<listitem>
 	  <para>
-	    Forces <command>delve</command> to only use IPv6.
+	    Forces <command>delv</command> to only use IPv6.
 	  </para>
 	</listitem>
       </varlistentry>
@@ -396,7 +396,7 @@
   <refsect1>
     <title>QUERY OPTIONS</title>
 
-    <para><command>delve</command>
+    <para><command>delv</command>
       provides a number of query options which affect the way results are
       displayed, and in some cases the way lookups are performed.
     </para>
@@ -416,12 +416,12 @@
 	  <listitem>
 	    <para>
 	      Controls whether to set the CD (checking disabled) bit in
-	      queries sent by <command>delve</command>. This may be useful
+	      queries sent by <command>delv</command>. This may be useful
 	      when troubleshooting DNSSEC problems from behind a validating
 	      resolver. A validating resolver will block invalid responses,
 	      making it difficult to retrieve them for analysis. Setting
 	      the CD flag on queries will cause the resolver to return
-	      invalid responses, which <command>delve</command> can then
+	      invalid responses, which <command>delv</command> can then
 	      validate internally and report the errors in detail.
 	    </para>
 	  </listitem>
@@ -452,7 +452,7 @@
 	  <listitem>
 	    <para>
 	      Toggle resolver fetch logging. This reports the
-	      name and type of each query sent by <command>delve</command>
+	      name and type of each query sent by <command>delv</command>
 	      in the process of carrying out the resolution and validation
 	      process: this includes including the original query and
 	      all subsequent queries to follow CNAMEs and to establish a
@@ -473,7 +473,7 @@
 	  <listitem>
 	    <para>
 	      Toggle message logging. This produces a detailed dump of
-	      the responses received by <command>delve</command> in the
+	      the responses received by <command>delv</command> in the
 	      process of carrying out the resolution and validation process.
 	    </para>
 	    <para>
@@ -595,7 +595,7 @@
 	      Print long records (such as RRSIG, DNSKEY, and SOA records)
 	      in a verbose multi-line format with human-readable comments.
 	      The default is to print each record on a single line, to
-	      facilitate machine parsing of the <command>delve</command>
+	      facilitate machine parsing of the <command>delv</command>
 	      output.
 	    </para>
 	  </listitem>
@@ -606,7 +606,7 @@
 	  <listitem>
 	    <para>
 	      Indicates whether to display RRSIG records in the
-	      <command>delve</command> output.  The default is to
+	      <command>delv</command> output.  The default is to
 	      do so.  Note that (unlike in <command>dig</command>)
 	      this does <emphasis>not</emphasis> control whether to
 	      request DNSSEC records or whether to validate them.

bin/delv/delv.html

@@ -18,31 +18,31 @@
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
-<title>delve</title>
+<title>delv</title>
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="man.delve"></a><div class="titlepage"></div>
+<a name="man.delv"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p>delve &#8212; DNS lookup and validation utility</p>
+<p>delv &#8212; DNS lookup and validation utility</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
-<div class="cmdsynopsis"><p><code class="command">delve</code>  [@server] [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-a <em class="replaceable"><code>anchor-file</code></em></code>] [<code class="option">-b <em class="replaceable"><code>address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>level</code></em></code>] [<code class="option">-i</code>] [<code class="option">-m</code>] [<code class="option">-p <em class="replaceable"><code>port#</code></em></code>] [<code class="option">-q <em class="replaceable"><code>name</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-x <em class="replaceable"><code>addr</code></em></code>] [name] [type] [class] [queryopt...]</p></div>
-<div class="cmdsynopsis"><p><code class="command">delve</code>  [<code class="option">-h</code>]</p></div>
-<div class="cmdsynopsis"><p><code class="command">delve</code>  [<code class="option">-v</code>]</p></div>
-<div class="cmdsynopsis"><p><code class="command">delve</code>  [queryopt...] [query...]</p></div>
+<div class="cmdsynopsis"><p><code class="command">delv</code>  [@server] [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-a <em class="replaceable"><code>anchor-file</code></em></code>] [<code class="option">-b <em class="replaceable"><code>address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>level</code></em></code>] [<code class="option">-i</code>] [<code class="option">-m</code>] [<code class="option">-p <em class="replaceable"><code>port#</code></em></code>] [<code class="option">-q <em class="replaceable"><code>name</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-x <em class="replaceable"><code>addr</code></em></code>] [name] [type] [class] [queryopt...]</p></div>
+<div class="cmdsynopsis"><p><code class="command">delv</code>  [<code class="option">-h</code>]</p></div>
+<div class="cmdsynopsis"><p><code class="command">delv</code>  [<code class="option">-v</code>]</p></div>
+<div class="cmdsynopsis"><p><code class="command">delv</code>  [queryopt...] [query...]</p></div>
 </div>
 <div class="refsect1" lang="en">
 <a name="id2543489"></a><h2>DESCRIPTION</h2>
-<p><span><strong class="command">delve</strong></span>
-      (Domain Entity Lookup &amp; Validation Engine) is a tool for sending
+<p><span><strong class="command">delv</strong></span>
+      (Domain Entity Lookup &amp; Validation) is a tool for sending
       DNS queries and validating the results, using the the same internal
       resolver and validator logic as <span><strong class="command">named</strong></span>.
     </p>
 <p>
-      <span><strong class="command">delve</strong></span> will send to a specified name server all
+      <span><strong class="command">delv</strong></span> will send to a specified name server all
       queries needed to fetch and validate the requested data; this
       includes the original requested query, subsequent queries to follow
       CNAME or DNAME chains, and queries for DNSKEY, DS and DLV records
@@ -55,34 +55,34 @@
       By default, responses are validated using built-in DNSSEC trust
       anchors for the root zone (".") and for the ISC DNSSEC lookaside
       validation zone ("dlv.isc.org").  Records returned by
-      <span><strong class="command">delve</strong></span> are either fully validated or
+      <span><strong class="command">delv</strong></span> are either fully validated or
       were not signed.  If validation fails, an explanation of
       the failure is included in the output; the validation process
-      can be traced in detail.  Because <span><strong class="command">delve</strong></span> does
+      can be traced in detail.  Because <span><strong class="command">delv</strong></span> does
       not rely on an external server to carry out validation, it can
       be used to check the validity of DNS responses in environments
       where local name servers may not be trustworthy.
     </p>
 <p>
       Unless it is told to query a specific name server,
-      <span><strong class="command">delve</strong></span> will try each of the servers listed in
+      <span><strong class="command">delv</strong></span> will try each of the servers listed in
       <code class="filename">/etc/resolv.conf</code>. If no usable server
-      addresses are found, <span><strong class="command">delve</strong></span> will send
+      addresses are found, <span><strong class="command">delv</strong></span> will send
       queries to the localhost addresses (127.0.0.1 for IPv4, ::1
       for IPv6).
     </p>
 <p>
       When no command line arguments or options are given,
-      <span><strong class="command">delve</strong></span> will perform an NS query for "."
+      <span><strong class="command">delv</strong></span> will perform an NS query for "."
       (the root zone).
     </p>
 </div>
 <div class="refsect1" lang="en">
 <a name="id2543542"></a><h2>SIMPLE USAGE</h2>
 <p>
-      A typical invocation of <span><strong class="command">delve</strong></span> looks like:
+      A typical invocation of <span><strong class="command">delv</strong></span> looks like:
       </p>
-<pre class="programlisting"> delve @server name type </pre>
+<pre class="programlisting"> delv @server name type </pre>
 <p>
       where:
 
@@ -95,21 +95,21 @@
 	      can be an IPv4 address in dotted-decimal notation or an IPv6
 	      address in colon-delimited notation.  When the supplied
 	      <em class="parameter"><code>server</code></em> argument is a hostname,
-	      <span><strong class="command">delve</strong></span> resolves that name before
+	      <span><strong class="command">delv</strong></span> resolves that name before
 	      querying that name server (note, however, that this
 	      initial lookup is <span class="emphasis"><em>not</em></span> validated
 	      by DNSSEC).
 	    </p>
 <p>
 	      If no <em class="parameter"><code>server</code></em> argument is
-	      provided, <span><strong class="command">delve</strong></span> consults
+	      provided, <span><strong class="command">delv</strong></span> consults
 	      <code class="filename">/etc/resolv.conf</code>; if an
 	      address is found there, it queries the name server at
 	      that address. If either of the <code class="option">-4</code> or
 	      <code class="option">-6</code> options are in use, then
 	      only addresses for the corresponding transport
 	      will be tried.  If no usable addresses are found,
-	      <span><strong class="command">delve</strong></span> will send queries to
+	      <span><strong class="command">delv</strong></span> will send queries to
 	      the localhost addresses (127.0.0.1 for IPv4,
 	      ::1 for IPv6).
 	    </p>
@@ -125,7 +125,7 @@
 	      <em class="parameter"><code>type</code></em> can be any valid query
 	      type.  If no
 	      <em class="parameter"><code>type</code></em> argument is supplied,
-	      <span><strong class="command">delve</strong></span> will perform a lookup for an
+	      <span><strong class="command">delv</strong></span> will perform a lookup for an
 	      A record.
 	    </p></dd>
 </dl></div>
@@ -152,17 +152,17 @@
 	  </p>
 <p>
 	    Note: When reading the trust anchor file,
-	    <span><strong class="command">delve</strong></span> treats <code class="option">managed-keys</code>
+	    <span><strong class="command">delv</strong></span> treats <code class="option">managed-keys</code>
 	    statements and <code class="option">trusted-keys</code> statements
 	    identically.  That is, for a managed key, it is the
 	    <span class="emphasis"><em>initial</em></span> key that is trusted; RFC 5011
-	    key management is not supported. <span><strong class="command">delve</strong></span>
+	    key management is not supported. <span><strong class="command">delv</strong></span>
 	    will not consult the managed-keys database maintained by
 	    <span><strong class="command">named</strong></span>. This means that if either of the
 	    keys in <code class="filename">/etc/bind.keys</code> is revoked
 	    and rolled over, it will be necessary to update
 	    <code class="filename">/etc/bind.keys</code> to use DNSSEC
-	    validation in <span><strong class="command">delve</strong></span>.
+	    validation in <span><strong class="command">delv</strong></span>.
 	  </p>
 </dd>
 <dt><span class="term">-b  <em class="replaceable"><code>address</code></em></span></dt>
@@ -176,7 +176,7 @@
 <dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
 <dd><p>
 	    Sets the query class for the requested data. Currently,
-	    only class "IN" is supported in <span><strong class="command">delve</strong></span>
+	    only class "IN" is supported in <span><strong class="command">delv</strong></span>
 	    and any other value is ignored.
 	  </p></dd>
 <dt><span class="term">-d <em class="replaceable"><code>level</code></em></span></dt>
@@ -184,7 +184,7 @@
 	    Set the systemwide debug level to <code class="option">level</code>.
 	    The allowed range is from 0 to 99.
 	    The default is 0 (no debugging).
-	    Debugging traces from <span><strong class="command">delve</strong></span> become
+	    Debugging traces from <span><strong class="command">delv</strong></span> become
 	    more verbose as the debug level increases.
 	    See the <code class="option">+mtrace</code>, <code class="option">+rtrace</code>,
 	    and <code class="option">+vtrace</code> options below for additional
@@ -192,7 +192,7 @@
 	  </p></dd>
 <dt><span class="term">-h</span></dt>
 <dd><p>
-	    Display the <span><strong class="command">delve</strong></span> help usage output and exit.
+	    Display the <span><strong class="command">delv</strong></span> help usage output and exit.
 	  </p></dd>
 <dt><span class="term">-i</span></dt>
 <dd><p>
@@ -200,7 +200,7 @@
 	    (Note, however, this does not set the CD bit on upstream
 	    queries. If the server being queried is performing DNSSEC
 	    validation, then it will not return invalid data; this
-	    can cause <span><strong class="command">delve</strong></span> to time out. When it
+	    can cause <span><strong class="command">delv</strong></span> to time out. When it
 	    is necessary to examine invalid data to debug a DNSSEC
 	    problem, use <span><strong class="command">dig +cd</strong></span>.)
 	  </p></dd>
@@ -242,7 +242,7 @@
 </dd>
 <dt><span class="term">-v</span></dt>
 <dd><p>
-	    Print the <span><strong class="command">delve</strong></span> version and exit.
+	    Print the <span><strong class="command">delv</strong></span> version and exit.
 	  </p></dd>
 <dt><span class="term">-x <em class="replaceable"><code>addr</code></em></span></dt>
 <dd><p>
@@ -251,24 +251,24 @@
 	    dotted-decimal notation, or a colon-delimited IPv6 address.
 	    When <code class="option">-x</code> is used, there is no need to provide
 	    the <em class="parameter"><code>name</code></em> or <em class="parameter"><code>type</code></em>
-	    arguments.  <span><strong class="command">delve</strong></span> automatically performs a
+	    arguments.  <span><strong class="command">delv</strong></span> automatically performs a
 	    lookup for a name like <code class="literal">11.12.13.10.in-addr.arpa</code>
 	    and sets the query type to PTR.  IPv6 addresses are looked up
 	    using nibble format under the IP6.ARPA domain.
 	  </p></dd>
 <dt><span class="term">-4</span></dt>
 <dd><p>
-	    Forces <span><strong class="command">delve</strong></span> to only use IPv4.
+	    Forces <span><strong class="command">delv</strong></span> to only use IPv4.
 	  </p></dd>
 <dt><span class="term">-6</span></dt>
 <dd><p>
-	    Forces <span><strong class="command">delve</strong></span> to only use IPv6.
+	    Forces <span><strong class="command">delv</strong></span> to only use IPv6.
 	  </p></dd>
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
 <a name="id2544151"></a><h2>QUERY OPTIONS</h2>
-<p><span><strong class="command">delve</strong></span>
+<p><span><strong class="command">delv</strong></span>
       provides a number of query options which affect the way results are
       displayed, and in some cases the way lookups are performed.
     </p>
@@ -286,12 +286,12 @@
 <dt><span class="term"><code class="option">+[no]cdflag</code></span></dt>
 <dd><p>
 	      Controls whether to set the CD (checking disabled) bit in
-	      queries sent by <span><strong class="command">delve</strong></span>. This may be useful
+	      queries sent by <span><strong class="command">delv</strong></span>. This may be useful
 	      when troubleshooting DNSSEC problems from behind a validating
 	      resolver. A validating resolver will block invalid responses,
 	      making it difficult to retrieve them for analysis. Setting
 	      the CD flag on queries will cause the resolver to return
-	      invalid responses, which <span><strong class="command">delve</strong></span> can then
+	      invalid responses, which <span><strong class="command">delv</strong></span> can then
 	      validate internally and report the errors in detail.
 	    </p></dd>
 <dt><span class="term"><code class="option">+[no]class</code></span></dt>
@@ -308,7 +308,7 @@
 <dd>
 <p>
 	      Toggle resolver fetch logging. This reports the
-	      name and type of each query sent by <span><strong class="command">delve</strong></span>
+	      name and type of each query sent by <span><strong class="command">delv</strong></span>
 	      in the process of carrying out the resolution and validation
 	      process: this includes including the original query and
 	      all subsequent queries to follow CNAMEs and to establish a
@@ -326,7 +326,7 @@
 <dd>
 <p>
 	      Toggle message logging. This produces a detailed dump of
-	      the responses received by <span><strong class="command">delve</strong></span> in the
+	      the responses received by <span><strong class="command">delv</strong></span> in the
 	      process of carrying out the resolution and validation process.
 	    </p>
 <p>
@@ -406,13 +406,13 @@
 	      Print long records (such as RRSIG, DNSKEY, and SOA records)
 	      in a verbose multi-line format with human-readable comments.
 	      The default is to print each record on a single line, to
-	      facilitate machine parsing of the <span><strong class="command">delve</strong></span>
+	      facilitate machine parsing of the <span><strong class="command">delv</strong></span>
 	      output.
 	    </p></dd>
 <dt><span class="term"><code class="option">+[no]dnssec</code></span></dt>
 <dd><p>
 	      Indicates whether to display RRSIG records in the
-	      <span><strong class="command">delve</strong></span> output.  The default is to
+	      <span><strong class="command">delv</strong></span> output.  The default is to
 	      do so.  Note that (unlike in <span><strong class="command">dig</strong></span>)
 	      this does <span class="emphasis"><em>not</em></span> control whether to
 	      request DNSSEC records or whether to validate them.

bin/delv/win32/delv.dsp.in

@@ -1,24 +1,24 @@
-# Microsoft Developer Studio Project File - Name="delve" - Package Owner=<4>
+# Microsoft Developer Studio Project File - Name="delv" - Package Owner=<4>
 # Microsoft Developer Studio Generated Build File, Format Version 6.00
 # ** DO NOT EDIT **
 
 # TARGTYPE "@PLATFORM@ (x86) Console Application" 0x0103
 
-CFG=delve - @PLATFORM@ Debug
+CFG=delv - @PLATFORM@ Debug
 !MESSAGE This is not a valid makefile. To build this project using NMAKE,
 !MESSAGE use the Export Makefile command and run
 !MESSAGE 
-!MESSAGE NMAKE /f "delve.mak".
+!MESSAGE NMAKE /f "delv.mak".
 !MESSAGE 
 !MESSAGE You can specify a configuration when running NMAKE
 !MESSAGE by defining the macro CFG on the command line. For example:
 !MESSAGE 
-!MESSAGE NMAKE /f "delve.mak" CFG="delve - @PLATFORM@ Debug"
+!MESSAGE NMAKE /f "delv.mak" CFG="delv - @PLATFORM@ Debug"
 !MESSAGE 
 !MESSAGE Possible choices for configuration are:
 !MESSAGE 
-!MESSAGE "delve - @PLATFORM@ Release" (based on "@PLATFORM@ (x86) Console Application")
-!MESSAGE "delve - @PLATFORM@ Debug" (based on "@PLATFORM@ (x86) Console Application")
+!MESSAGE "delv - @PLATFORM@ Release" (based on "@PLATFORM@ (x86) Console Application")
+!MESSAGE "delv - @PLATFORM@ Debug" (based on "@PLATFORM@ (x86) Console Application")
 !MESSAGE 
 
 # Begin Project
@@ -28,7 +28,7 @@ CFG=delve - @PLATFORM@ Debug
 CPP=cl.exe
 RSC=rc.exe
 
-!IF  "$(CFG)" == "delve - @PLATFORM@ Release"
+!IF  "$(CFG)" == "delv - @PLATFORM@ Release"
 
 # PROP BASE Use_MFC 0
 # PROP BASE Use_Debug_Libraries 0
@@ -50,9 +50,9 @@ BSC32=bscmake.exe
 # ADD BSC32 /nologo
 LINK32=link.exe
 # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console @MACHINE@
-# ADD LINK32 user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Release/libisc.lib ../../../lib/dns/win32/Release/libdns.lib ../../../lib/isccfg/win32/Release/libisccfg.lib ../../../lib/irs/win32/Release/libirs.lib /nologo /subsystem:console @MACHINE@ /out:"../../../Build/Release/delve.exe"
+# ADD LINK32 user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Release/libisc.lib ../../../lib/dns/win32/Release/libdns.lib ../../../lib/isccfg/win32/Release/libisccfg.lib ../../../lib/irs/win32/Release/libirs.lib /nologo /subsystem:console @MACHINE@ /out:"../../../Build/Release/delv.exe"
 
-!ELSEIF  "$(CFG)" == "delve - @PLATFORM@ Debug"
+!ELSEIF  "$(CFG)" == "delv - @PLATFORM@ Debug"
 
 # PROP BASE Use_MFC 0
 # PROP BASE Use_Debug_Libraries 1
@@ -75,20 +75,20 @@ BSC32=bscmake.exe
 # ADD BSC32 /nologo
 LINK32=link.exe
 # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug @MACHINE@ /pdbtype:sept
-# ADD LINK32 user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Debug/libisc.lib ../../../lib/dns/win32/Debug/libdns.lib ../../../lib/isccfg/win32/Debug/libisccfg.lib ../../../lib/irs/win32/Debug/libirs.lib /nologo /subsystem:console /debug @MACHINE@ /out:"../../../Build/Debug/delve.exe" /pdbtype:sept
+# ADD LINK32 user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Debug/libisc.lib ../../../lib/dns/win32/Debug/libdns.lib ../../../lib/isccfg/win32/Debug/libisccfg.lib ../../../lib/irs/win32/Debug/libirs.lib /nologo /subsystem:console /debug @MACHINE@ /out:"../../../Build/Debug/delv.exe" /pdbtype:sept
 
 !ENDIF 
 
 # Begin Target
 
-# Name "delve - @PLATFORM@ Release"
-# Name "delve - @PLATFORM@ Debug"
+# Name "delv - @PLATFORM@ Release"
+# Name "delv - @PLATFORM@ Debug"
 # Begin Group "Source Files"
 
 # PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
 # Begin Source File
 
-SOURCE="..\delve.c"
+SOURCE="..\delv.c"
 # End Source File
 # End Group
 # Begin Group "Header Files"

bin/delv/win32/delv.dsw

@@ -3,7 +3,7 @@ Microsoft Developer Studio Workspace File, Format Version 6.00
 
 ###############################################################################
 
-Project: "delve"=".\delve.dsp" - Package Owner=<4>
+Project: "delv"=".\delv.dsp" - Package Owner=<4>
 
 Package=<5>
 {{{

bin/delv/win32/delv.mak.in

@@ -1,20 +1,20 @@
-# Microsoft Developer Studio Generated NMAKE File, Based on delve.dsp
+# Microsoft Developer Studio Generated NMAKE File, Based on delv.dsp
 !IF "$(CFG)" == ""
-CFG=delve - @PLATFORM@ Debug
-!MESSAGE No configuration specified. Defaulting to delve - @PLATFORM@ Debug.
+CFG=delv - @PLATFORM@ Debug
+!MESSAGE No configuration specified. Defaulting to delv - @PLATFORM@ Debug.
 !ENDIF 
 
-!IF "$(CFG)" != "delve - @PLATFORM@ Release" && "$(CFG)" != "delve - @PLATFORM@ Debug"
+!IF "$(CFG)" != "delv - @PLATFORM@ Release" && "$(CFG)" != "delv - @PLATFORM@ Debug"
 !MESSAGE Invalid configuration "$(CFG)" specified.
 !MESSAGE You can specify a configuration when running NMAKE
 !MESSAGE by defining the macro CFG on the command line. For example:
 !MESSAGE 
-!MESSAGE NMAKE /f "delve.mak" CFG="delve - @PLATFORM@ Debug"
+!MESSAGE NMAKE /f "delv.mak" CFG="delv - @PLATFORM@ Debug"
 !MESSAGE 
 !MESSAGE Possible choices for configuration are:
 !MESSAGE 
-!MESSAGE "delve - @PLATFORM@ Release" (based on "@PLATFORM@ (x86) Console Application")
-!MESSAGE "delve - @PLATFORM@ Debug" (based on "@PLATFORM@ (x86) Console Application")
+!MESSAGE "delv - @PLATFORM@ Release" (based on "@PLATFORM@ (x86) Console Application")
+!MESSAGE "delv - @PLATFORM@ Debug" (based on "@PLATFORM@ (x86) Console Application")
 !MESSAGE 
 !ERROR An invalid configuration is specified.
 !ENDIF 
@@ -25,7 +25,7 @@ NULL=
 NULL=nul
 !ENDIF 
 
-!IF  "$(CFG)" == "delve - @PLATFORM@ Release"
+!IF  "$(CFG)" == "delv - @PLATFORM@ Release"
 _VC_MANIFEST_INC=0
 _VC_MANIFEST_BASENAME=__VC80
 !ELSE
@@ -100,25 +100,25 @@ _VC_MANIFEST_CLEAN=
 
 !endif
 
-!IF  "$(CFG)" == "delve - @PLATFORM@ Release"
+!IF  "$(CFG)" == "delv - @PLATFORM@ Release"
 
 OUTDIR=.\Release
 INTDIR=.\Release
 
-ALL : "..\..\..\Build\Release\delve.exe"
+ALL : "..\..\..\Build\Release\delv.exe"
 
 
 CLEAN :
-	-@erase "$(INTDIR)\delve.obj"
+	-@erase "$(INTDIR)\delv.obj"
 	-@erase "$(INTDIR)\vc60.idb"
-	-@erase "..\..\..\Build\Release\delve.exe"
+	-@erase "..\..\..\Build\Release\delv.exe"
 	-@$(_VC_MANIFEST_CLEAN)
 
 "$(OUTDIR)" :
     if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
 
 CPP=cl.exe
-CPP_PROJ=/nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "../../../" @LIBXML2_INC@ @OPENSSL_INC@ /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isccfg/include" /I "../../../lib/dns/win32/include" /I "../../../lib/dns/include" /I "../../../lib/irs/win32/include" /I "../../../lib/irs/include" /D "NDEBUG" /D "__STDC__" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /Fp"$(INTDIR)\delve.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c 
+CPP_PROJ=/nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "../../../" @LIBXML2_INC@ @OPENSSL_INC@ /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isccfg/include" /I "../../../lib/dns/win32/include" /I "../../../lib/dns/include" /I "../../../lib/irs/win32/include" /I "../../../lib/irs/include" /D "NDEBUG" /D "__STDC__" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /Fp"$(INTDIR)\delv.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c 
 
 .c{$(INTDIR)}.obj::
    $(CPP) @<<
@@ -152,21 +152,21 @@ CPP_PROJ=/nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "../../../" @LIBXML2_INC@ @OPENS
 
 RSC=rc.exe
 BSC32=bscmake.exe
-BSC32_FLAGS=/nologo /o"$(OUTDIR)\delve.bsc" 
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\delv.bsc" 
 BSC32_SBRS= \
 	
 LINK32=link.exe
-LINK32_FLAGS=user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Release/libisc.lib ../../../lib/dns/win32/Release/libdns.lib ../../../lib/isccfg/win32/Release/libisccfg.lib ../../../lib/irs/win32/Release/libirs.lib /nologo /subsystem:console /incremental:no /pdb:"$(OUTDIR)\delve.pdb" @MACHINE@ /out:"../../../Build/Release/delve.exe" 
+LINK32_FLAGS=user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Release/libisc.lib ../../../lib/dns/win32/Release/libdns.lib ../../../lib/isccfg/win32/Release/libisccfg.lib ../../../lib/irs/win32/Release/libirs.lib /nologo /subsystem:console /incremental:no /pdb:"$(OUTDIR)\delv.pdb" @MACHINE@ /out:"../../../Build/Release/delv.exe" 
 LINK32_OBJS= \
-	"$(INTDIR)\delve.obj"
+	"$(INTDIR)\delv.obj"
 
-"..\..\..\Build\Release\delve.exe" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+"..\..\..\Build\Release\delv.exe" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
     $(LINK32) @<<
   $(LINK32_FLAGS) $(LINK32_OBJS)
 <<
     $(_VC_MANIFEST_EMBED_EXE)
 
-!ELSEIF  "$(CFG)" == "delve - @PLATFORM@ Debug"
+!ELSEIF  "$(CFG)" == "delv - @PLATFORM@ Debug"
 
 OUTDIR=.\Debug
 INTDIR=.\Debug
@@ -174,18 +174,18 @@ INTDIR=.\Debug
 OutDir=.\Debug
 # End Custom Macros
 
-ALL : "..\..\..\Build\Debug\delve.exe" "$(OUTDIR)\delve.bsc"
+ALL : "..\..\..\Build\Debug\delv.exe" "$(OUTDIR)\delv.bsc"
 
 
 CLEAN :
-	-@erase "$(INTDIR)\delve.obj"
-	-@erase "$(INTDIR)\delve.sbr"
+	-@erase "$(INTDIR)\delv.obj"
+	-@erase "$(INTDIR)\delv.sbr"
 	-@erase "$(INTDIR)\vc60.idb"
 	-@erase "$(INTDIR)\vc60.pdb"
-	-@erase "$(OUTDIR)\delve.pdb"
-	-@erase "$(OUTDIR)\delve.bsc"
-	-@erase "..\..\..\Build\Debug\delve.exe"
-	-@erase "..\..\..\Build\Debug\delve.ilk"
+	-@erase "$(OUTDIR)\delv.pdb"
+	-@erase "$(OUTDIR)\delv.bsc"
+	-@erase "..\..\..\Build\Debug\delv.exe"
+	-@erase "..\..\..\Build\Debug\delv.ilk"
 	-@$(_VC_MANIFEST_CLEAN)
 
 "$(OUTDIR)" :
@@ -226,21 +226,21 @@ CPP_PROJ=/nologo /MDd /W3 /Gm @COPTX@ @COPTI@ /ZI /Od /I "../../../" @LIBXML2_IN
 
 RSC=rc.exe
 BSC32=bscmake.exe
-BSC32_FLAGS=/nologo /o"$(OUTDIR)\delve.bsc" 
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\delv.bsc" 
 BSC32_SBRS= \
-	"$(INTDIR)\delve.sbr"
+	"$(INTDIR)\delv.sbr"
 
-"$(OUTDIR)\delve.bsc" : "$(OUTDIR)" $(BSC32_SBRS)
+"$(OUTDIR)\delv.bsc" : "$(OUTDIR)" $(BSC32_SBRS)
     $(BSC32) @<<
   $(BSC32_FLAGS) $(BSC32_SBRS)
 <<
 
 LINK32=link.exe
-LINK32_FLAGS=user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Debug/libisc.lib ../../../lib/dns/win32/Debug/libdns.lib ../../../lib/isccfg/win32/Debug/libisccfg.lib ../../../lib/irs/win32/Debug/libirs.lib /nologo /subsystem:console /incremental:yes /pdb:"$(OUTDIR)\delve.pdb" /debug @MACHINE@ /out:"../../../Build/Debug/delve.exe" /pdbtype:sept 
+LINK32_FLAGS=user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Debug/libisc.lib ../../../lib/dns/win32/Debug/libdns.lib ../../../lib/isccfg/win32/Debug/libisccfg.lib ../../../lib/irs/win32/Debug/libirs.lib /nologo /subsystem:console /incremental:yes /pdb:"$(OUTDIR)\delv.pdb" /debug @MACHINE@ /out:"../../../Build/Debug/delv.exe" /pdbtype:sept 
 LINK32_OBJS= \
-	"$(INTDIR)\delve.obj"
+	"$(INTDIR)\delv.obj"
 
-"..\..\..\Build\Debug\delve.exe" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+"..\..\..\Build\Debug\delv.exe" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
     $(LINK32) @<<
   $(LINK32_FLAGS) $(LINK32_OBJS)
 <<
@@ -250,28 +250,28 @@ LINK32_OBJS= \
 
 
 !IF "$(NO_EXTERNAL_DEPS)" != "1"
-!IF EXISTS("delve.dep")
-!INCLUDE "delve.dep"
+!IF EXISTS("delv.dep")
+!INCLUDE "delv.dep"
 !ELSE 
-!MESSAGE Warning: cannot find "delve.dep"
+!MESSAGE Warning: cannot find "delv.dep"
 !ENDIF 
 !ENDIF 
 
 
-!IF "$(CFG)" == "delve - @PLATFORM@ Release" || "$(CFG)" == "delve - @PLATFORM@ Debug"
-SOURCE="..\delve.c"
+!IF "$(CFG)" == "delv - @PLATFORM@ Release" || "$(CFG)" == "delv - @PLATFORM@ Debug"
+SOURCE="..\delv.c"
 
-!IF  "$(CFG)" == "delve - @PLATFORM@ Release"
+!IF  "$(CFG)" == "delv - @PLATFORM@ Release"
 
 
-"$(INTDIR)\delve.obj" : $(SOURCE) "$(INTDIR)"
+"$(INTDIR)\delv.obj" : $(SOURCE) "$(INTDIR)"
 	$(CPP) $(CPP_PROJ) $(SOURCE)
 
 
-!ELSEIF  "$(CFG)" == "delve - @PLATFORM@ Debug"
+!ELSEIF  "$(CFG)" == "delv - @PLATFORM@ Debug"
 
 
-"$(INTDIR)\delve.obj"	"$(INTDIR)\delve.sbr" : $(SOURCE) "$(INTDIR)"
+"$(INTDIR)\delv.obj"	"$(INTDIR)\delv.sbr" : $(SOURCE) "$(INTDIR)"
 	$(CPP) $(CPP_PROJ) $(SOURCE)
 
 

bin/delv/win32/delv.vcsproj.filters.in

@@ -15,8 +15,8 @@
     </Filter>
   </ItemGroup>
   <ItemGroup>
-    <ClCompile Include="..\delve.c">
+    <ClCompile Include="..\delv.c">
       <Filter>Source Files</Filter>
     </ClCompile>
   </ItemGroup>
-</Project>
+</Project>

bin/delv/win32/delv.vcxproj.in

@@ -13,7 +13,7 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{BE172EFE-C1DC-4812-BFB9-8C5F8ADB7E9F}</ProjectGuid>
     <Keyword>Win32Proj</Keyword>
-    <RootNamespace>delve</RootNamespace>
+    <RootNamespace>delv</RootNamespace>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
@@ -100,9 +100,9 @@
     </Link>
   </ItemDefinitionGroup>
   <ItemGroup>
-    <ClCompile Include="..\delve.c" />
+    <ClCompile Include="..\delv.c" />
   </ItemGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
   </ImportGroup>
-</Project>
+</Project>

bin/nsupdate/nsupdate.1

@@ -20,11 +20,11 @@
 .\"     Title: nsupdate
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
-.\"      Date: March 10, 2012
+.\"      Date: April 18, 2014
 .\"    Manual: BIND9
 .\"    Source: BIND9
 .\"
-.TH "NSUPDATE" "1" "March 10, 2012" "BIND9" "BIND9"
+.TH "NSUPDATE" "1" "April 18, 2014" "BIND9" "BIND9"
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
@@ -97,7 +97,18 @@ option is used, a signature is generated from
 \fIkeyname\fR
 is the name of the key, and
 \fIsecret\fR
-is the base64 encoded shared secret. Use of the
+is the base64 encoded shared secret.
+\fIhmac\fR
+is the name of the key algorithm; valid choices are
+hmac\-md5,
+hmac\-sha1,
+hmac\-sha224,
+hmac\-sha256,
+hmac\-sha384, or
+hmac\-sha512. If
+\fIhmac\fR
+is not specified, the default is
+hmac\-md5. NOTE: Use of the
 \fB\-y\fR
 option is discouraged because the shared secret is supplied as a command line argument in clear text. This may be visible in the output from
 \fBps\fR(1)
@@ -247,12 +258,15 @@ Specify the default time to live for records to be added. The value
 will clear the default ttl.
 .RE
 .PP
-\fBkey\fR {name} {secret}
+\fBkey\fR [hmac:] {keyname} {secret}
 .RS 4
 Specifies that all updates are to be TSIG\-signed using the
 \fIkeyname\fR
-\fIkeysecret\fR
-pair. The
+\fIsecret\fR
+pair. If
+\fIhmac\fR
+is specified, then it sets the signing algorithm in use; the default is
+hmac\-md5. The
 \fBkey\fR
 command overrides any key specified on the command line via
 \fB\-y\fR

bin/nsupdate/nsupdate.docbook

@@ -20,7 +20,7 @@
 
 <refentry id="man.nsupdate">
   <refentryinfo>
-    <date>March 10, 2012</date>
+    <date>April 18, 2014</date>
   </refentryinfo>
   <refmeta>
     <refentrytitle><application>nsupdate</application></refentrytitle>
@@ -161,7 +161,13 @@
       <optional><parameter>hmac:</parameter></optional><parameter>keyname:secret.</parameter>
       <parameter>keyname</parameter> is the name of the key, and
       <parameter>secret</parameter> is the base64 encoded shared secret.
-      Use of the <option>-y</option> option is discouraged because the
+      <parameter>hmac</parameter> is the name of the key algorithm;
+      valid choices are <literal>hmac-md5</literal>,
+      <literal>hmac-sha1</literal>, <literal>hmac-sha224</literal>,
+      <literal>hmac-sha256</literal>, <literal>hmac-sha384</literal>, or
+      <literal>hmac-sha512</literal>.  If <parameter>hmac</parameter>
+      is not specified, the default is <literal>hmac-md5</literal>.
+      NOTE: Use of the <option>-y</option> option is discouraged because the
       shared secret is supplied as a command line argument in clear text.
       This may be visible in the output from
       <citerefentry>
@@ -394,15 +400,17 @@
         <varlistentry>
           <term>
               <command>key</command>
-              <arg choice="req">name</arg>
+              <arg choice="opt">hmac:</arg><arg choice="req">keyname</arg>
               <arg choice="req">secret</arg>
             </term>
           <listitem>
             <para>
               Specifies that all updates are to be TSIG-signed using the
-              <parameter>keyname</parameter> <parameter>keysecret</parameter> pair.
-              The <command>key</command> command
-              overrides any key specified on the command line via
+              <parameter>keyname</parameter> <parameter>secret</parameter> pair.
+              If <parameter>hmac</parameter> is specified, then it sets the
+              signing algorithm in use; the default is
+              <literal>hmac-md5</literal>.  The <command>key</command>
+              command overrides any key specified on the command line via
               <option>-y</option> or <option>-k</option>.
             </para>
           </listitem>

bin/nsupdate/nsupdate.html

@@ -113,7 +113,13 @@
       [<span class="optional"><em class="parameter"><code>hmac:</code></em></span>]<em class="parameter"><code>keyname:secret.</code></em>
       <em class="parameter"><code>keyname</code></em> is the name of the key, and
       <em class="parameter"><code>secret</code></em> is the base64 encoded shared secret.
-      Use of the <code class="option">-y</code> option is discouraged because the
+      <em class="parameter"><code>hmac</code></em> is the name of the key algorithm;
+      valid choices are <code class="literal">hmac-md5</code>,
+      <code class="literal">hmac-sha1</code>, <code class="literal">hmac-sha224</code>,
+      <code class="literal">hmac-sha256</code>, <code class="literal">hmac-sha384</code>, or
+      <code class="literal">hmac-sha512</code>.  If <em class="parameter"><code>hmac</code></em>
+      is not specified, the default is <code class="literal">hmac-md5</code>.
+      NOTE: Use of the <code class="option">-y</code> option is discouraged because the
       shared secret is supplied as a command line argument in clear text.
       This may be visible in the output from
       <span class="citerefentry"><span class="refentrytitle">ps</span>(1)</span>
@@ -212,7 +218,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543916"></a><h2>INPUT FORMAT</h2>
+<a name="id2543879"></a><h2>INPUT FORMAT</h2>
 <p><span><strong class="command">nsupdate</strong></span>
       reads input from
       <em class="parameter"><code>filename</code></em>
@@ -316,14 +322,16 @@
             </p></dd>
 <dt><span class="term">
               <span><strong class="command">key</strong></span>
-               {name}
+               [hmac:] {keyname}
                {secret}
             </span></dt>
 <dd><p>
               Specifies that all updates are to be TSIG-signed using the
-              <em class="parameter"><code>keyname</code></em> <em class="parameter"><code>keysecret</code></em> pair.
-              The <span><strong class="command">key</strong></span> command
-              overrides any key specified on the command line via
+              <em class="parameter"><code>keyname</code></em> <em class="parameter"><code>secret</code></em> pair.
+              If <em class="parameter"><code>hmac</code></em> is specified, then it sets the
+              signing algorithm in use; the default is
+              <code class="literal">hmac-md5</code>.  The <span><strong class="command">key</strong></span>
+              command overrides any key specified on the command line via
               <code class="option">-y</code> or <code class="option">-k</code>.
             </p></dd>
 <dt><span class="term">
@@ -512,7 +520,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2544811"></a><h2>EXAMPLES</h2>
+<a name="id2544853"></a><h2>EXAMPLES</h2>
 <p>
       The examples below show how
       <span><strong class="command">nsupdate</strong></span>
@@ -566,7 +574,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2544855"></a><h2>FILES</h2>
+<a name="id2544897"></a><h2>FILES</h2>
 <div class="variablelist"><dl>
 <dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>
 <dd><p>
@@ -589,7 +597,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2545211"></a><h2>SEE ALSO</h2>
+<a name="id2544980"></a><h2>SEE ALSO</h2>
 <p>
       <em class="citetitle">RFC 2136</em>,
       <em class="citetitle">RFC 3007</em>,
@@ -604,7 +612,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2545269"></a><h2>BUGS</h2>
+<a name="id2542170"></a><h2>BUGS</h2>
 <p>
       The TSIG key is redundantly stored in two separate files.
       This is a consequence of nsupdate using the DST library

bin/tests/system/conf.sh.in

@@ -15,8 +15,6 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 
-# $Id: conf.sh.in,v 1.71 2011/12/05 17:10:50 each Exp $
-
 #
 # Common configuration data for system tests, to be sourced into
 # other shell scripts.
@@ -33,7 +31,7 @@ NAMED=$TOP/bin/named/named
 # if the program is libtoolized.
 LWRESD="$TOP/bin/named/named -l"
 DIG=$TOP/bin/dig/dig
-DELVE=$TOP/bin/delve/delve
+DELV=$TOP/bin/delv/delv
 RNDC=$TOP/bin/rndc/rndc
 NSUPDATE=$TOP/bin/nsupdate/nsupdate
 DDNSCONFGEN=$TOP/bin/confgen/ddns-confgen

bin/tests/system/dnssec/clean.sh

@@ -30,7 +30,7 @@ rm -f ns2/nsec3chain-test.db
 rm -f */example.bk
 rm -f dig.out.*
 rm -f rndc.out.*
-rm -f delve.out*
+rm -f delv.out*
 rm -f ns2/dlv.db
 rm -f ns3/multiple.example.db ns3/nsec3-unknown.example.db ns3/nsec3.example.db
 rm -f ns3/optout-unknown.example.db ns3/optout.example.db

bin/tests/system/dnssec/tests.sh

@@ -26,7 +26,7 @@ n=1
 rm -f dig.out.*
 
 DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300"
-DELVEOPTS="-a ns1/trusted.conf -p 5300"
+DELVOPTS="-a ns1/trusted.conf -p 5300"
 
 # convert private-type records to readable form
 showprivate () {
@@ -137,12 +137,12 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking postive validation NSEC using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.example > delve.out$n || ret=1
-   grep "a.example..*10.0.0.1" delve.out$n > /dev/null || ret=1
-   grep "a.example..*.RRSIG.A 3 2 300 .*" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.example > delv.out$n || ret=1
+   grep "a.example..*10.0.0.1" delv.out$n > /dev/null || ret=1
+   grep "a.example..*.RRSIG.A 3 2 300 .*" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -160,12 +160,12 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking positive validation NSEC3 using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.nsec3.example > delve.out$n || ret=1
-   grep "a.nsec3.example..*10.0.0.1" delve.out$n > /dev/null || ret=1
-   grep "a.nsec3.example..*RRSIG.A 7 3 300.*" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.nsec3.example > delv.out$n || ret=1
+   grep "a.nsec3.example..*10.0.0.1" delv.out$n > /dev/null || ret=1
+   grep "a.nsec3.example..*RRSIG.A 7 3 300.*" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -183,12 +183,12 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking positive validation OPTOUT using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.optout.example > delve.out$n || ret=1
-   grep "a.optout.example..*10.0.0.1" delve.out$n > /dev/null || ret=1
-   grep "a.optout.example..*RRSIG.A 7 3 300.*" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.optout.example > delv.out$n || ret=1
+   grep "a.optout.example..*10.0.0.1" delv.out$n > /dev/null || ret=1
+   grep "a.optout.example..*RRSIG.A 7 3 300.*" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -209,12 +209,12 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking positive wildcard validation NSEC using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.wild.example > delve.out$n || ret=1
-   grep "a.wild.example..*10.0.0.27" delve.out$n > /dev/null || ret=1
-   grep "a.wild.example..*RRSIG.A 3 2 300.*" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.wild.example > delv.out$n || ret=1
+   grep "a.wild.example..*10.0.0.27" delv.out$n > /dev/null || ret=1
+   grep "a.wild.example..*RRSIG.A 3 2 300.*" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -251,12 +251,12 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking positive wildcard validation NSEC3 using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.wild.nsec3.example > delve.out$n || ret=1
-   grep "a.wild.nsec3.example..*10.0.0.6" delve.out$n > /dev/null || ret=1
-   grep "a.wild.nsec3.example..*RRSIG.A 7 3 300.*" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.wild.nsec3.example > delv.out$n || ret=1
+   grep "a.wild.nsec3.example..*10.0.0.6" delv.out$n > /dev/null || ret=1
+   grep "a.wild.nsec3.example..*RRSIG.A 7 3 300.*" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -277,12 +277,12 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking positive wildcard validation OPTOUT using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.wild.optout.example > delve.out$n || ret=1
-   grep "a.wild.optout.example..*10.0.0.6" delve.out$n > /dev/null || ret=1
-   grep "a.wild.optout.example..*RRSIG.A 7 3 300.*" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.wild.optout.example > delv.out$n || ret=1
+   grep "a.wild.optout.example..*10.0.0.6" delv.out$n > /dev/null || ret=1
+   grep "a.wild.optout.example..*RRSIG.A 7 3 300.*" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -299,11 +299,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative validation NXDOMAIN NSEC using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a q.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxdomain" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a q.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -322,11 +322,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative validation NXDOMAIN NSEC3 using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a q.nsec3.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxdomain" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a q.nsec3.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -346,11 +346,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative validation NXDOMAIN OPTOUT using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a q.optout.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxdomain" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a q.optout.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -368,11 +368,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative validation NODATA OPTOUT using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 txt a.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxrrset" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 txt a.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -392,11 +392,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative validation NODATA NSEC3 using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 txt a.nsec3.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxrrset" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 txt a.nsec3.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -416,11 +416,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative validation NODATA OPTOUT using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 txt a.optout.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxrrset" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 txt a.optout.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -437,11 +437,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative wildcard validation NSEC using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 txt b.wild.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxrrset" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 txt b.wild.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -457,11 +457,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative wildcard validation NSEC3 using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 txt b.wild.nsec3.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxrrset" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 txt b.wild.nsec3.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -481,11 +481,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking negative wildcard validation OPTOUT using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 txt b.optout.nsec3.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxrrset" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 txt b.optout.nsec3.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -505,11 +505,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking 1-server insecurity proof NSEC using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.insecure.example > delve.out$n || ret=1
-   grep "a.insecure.example..*10.0.0.1" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.insecure.example > delv.out$n || ret=1
+   grep "a.insecure.example..*10.0.0.1" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -527,11 +527,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking 1-server insecurity proof NSEC3 using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.insecure.nsec3.example > delve.out$n || ret=1
-   grep "a.insecure.nsec3.example..*10.0.0.1" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.insecure.nsec3.example > delv.out$n || ret=1
+   grep "a.insecure.nsec3.example..*10.0.0.1" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -549,11 +549,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking 1-server insecurity proof OPTOUT using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a a.insecure.optout.example > delve.out$n || ret=1
-   grep "a.insecure.optout.example..*10.0.0.1" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a a.insecure.optout.example > delv.out$n || ret=1
+   grep "a.insecure.optout.example..*10.0.0.1" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -573,11 +573,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking 1-server negative insecurity proof NSEC using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a q.insecure.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxdomain" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a q.insecure.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -597,11 +597,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking 1-server negative insecurity proof NSEC3 using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a q.insecure.nsec3.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxdomain" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a q.insecure.nsec3.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -621,11 +621,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking 1-server negative insecurity proof OPTOUT using dns_client ($n)"
-   $DELVE $DELVEOPTS @10.53.0.4 a q.insecure.optout.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: ncache nxdomain" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS @10.53.0.4 a q.insecure.optout.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -818,11 +818,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking failed validation using dns_client ($n)"
-   $DELVE $DELVEOPTS +cd @10.53.0.4 a a.bogus.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: RRSIG failed to verify" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS +cd @10.53.0.4 a a.bogus.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: RRSIG failed to verify" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`
@@ -863,11 +863,11 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-if [ -x ${DELVE} ] ; then
+if [ -x ${DELV} ] ; then
    ret=0
    echo "I:checking that validation fails when key record is missing using dns_client ($n)"
-   $DELVE $DELVEOPTS +cd @10.53.0.4 a a.b.keyless.example > delve.out$n 2>&1 || ret=1
-   grep "resolution failed: broken trust chain" delve.out$n > /dev/null || ret=1
+   $DELV $DELVOPTS +cd @10.53.0.4 a a.b.keyless.example > delv.out$n 2>&1 || ret=1
+   grep "resolution failed: broken trust chain" delv.out$n > /dev/null || ret=1
    n=`expr $n + 1`
    if [ $ret != 0 ]; then echo "I:failed"; fi
    status=`expr $status + $ret`

bin/win32/BINDInstall/BINDInstallDlg.cpp

@@ -165,7 +165,7 @@ const FileData installFiles[] =
 	{"dig.exe", FileData::BinDir, FileData::Normal, FALSE, TRUE},
 	{"host.exe", FileData::BinDir, FileData::Normal, FALSE, TRUE},
 	{"nslookup.exe", FileData::BinDir, FileData::Normal, FALSE, TRUE},
-	{"delve.exe", FileData::BinDir, FileData::Normal, FALSE, TRUE},
+	{"delv.exe", FileData::BinDir, FileData::Normal, FALSE, TRUE},
 	{"arpaname.exe", FileData::BinDir, FileData::Normal, FALSE, TRUE},
 	{"nsec3hash.exe", FileData::BinDir, FileData::Normal, FALSE, FALSE},
 	{"genrandom.exe", FileData::BinDir, FileData::Normal, FALSE, FALSE},

configure

@@ -21391,7 +21391,7 @@ ac_config_commands="$ac_config_commands chmod"
 # elsewhere if there's a good reason for doing so.
 #
 
-ac_config_files="$ac_config_files make/Makefile make/mkdep Makefile bin/Makefile bin/check/Makefile bin/confgen/Makefile bin/confgen/unix/Makefile bin/delve/Makefile bin/dig/Makefile bin/dnssec/Makefile bin/named/Makefile bin/named/unix/Makefile bin/nsupdate/Makefile bin/pkcs11/Makefile bin/python/Makefile bin/python/dnssec-checkds.py bin/python/dnssec-coverage.py bin/rndc/Makefile bin/tests/Makefile bin/tests/atomic/Makefile bin/tests/db/Makefile bin/tests/dst/Makefile bin/tests/dst/Kdh.+002+18602.key bin/tests/dst/Kdh.+002+18602.private bin/tests/dst/Kdh.+002+48957.key bin/tests/dst/Kdh.+002+48957.private bin/tests/dst/Ktest.+001+00002.key bin/tests/dst/Ktest.+001+54622.key bin/tests/dst/Ktest.+001+54622.private bin/tests/dst/Ktest.+003+23616.key bin/tests/dst/Ktest.+003+23616.private bin/tests/dst/Ktest.+003+49667.key bin/tests/dst/dst_2_data bin/tests/dst/t2_data_1 bin/tests/dst/t2_data_2 bin/tests/dst/t2_dsasig bin/tests/dst/t2_rsasig bin/tests/hashes/Makefile bin/tests/headerdep_test.sh bin/tests/master/Makefile bin/tests/mem/Makefile bin/tests/names/Makefile bin/tests/net/Makefile bin/tests/pkcs11/Makefile bin/tests/pkcs11/benchmarks/Makefile bin/tests/rbt/Makefile bin/tests/resolver/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/dlz/prereq.sh bin/tests/system/dlzexternal/Makefile bin/tests/system/dlzexternal/ns1/named.conf bin/tests/system/dlzredir/prereq.sh bin/tests/system/filter-aaaa/Makefile bin/tests/system/geoip/Makefile bin/tests/system/inline/checkdsa.sh bin/tests/system/lwresd/Makefile bin/tests/system/sit/prereq.sh bin/tests/system/rpz/Makefile bin/tests/system/rsabigexponent/Makefile bin/tests/system/tkey/Makefile bin/tests/system/tsiggss/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/virtual-time/Makefile bin/tests/virtual-time/conf.sh bin/tools/Makefile contrib/scripts/check-secure-delegation.pl contrib/scripts/zone-edit.sh doc/Makefile doc/arm/Makefile doc/doxygen/Doxyfile doc/doxygen/Makefile doc/doxygen/doxygen-input-filter doc/misc/Makefile doc/xsl/Makefile doc/xsl/isc-docbook-chunk.xsl doc/xsl/isc-docbook-html.xsl doc/xsl/isc-docbook-latex.xsl doc/xsl/isc-manpage.xsl isc-config.sh lib/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/dns/tests/Makefile lib/irs/Makefile lib/irs/include/Makefile lib/irs/include/irs/Makefile lib/irs/include/irs/netdb.h lib/irs/include/irs/platform.h lib/isc/$arch/Makefile lib/isc/$arch/include/Makefile lib/isc/$arch/include/isc/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/include/pk11/Makefile lib/isc/include/pkcs11/Makefile lib/isc/tests/Makefile lib/isc/nls/Makefile lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/unix/include/pkcs11/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/lwres/Makefile lib/lwres/include/Makefile lib/lwres/include/lwres/Makefile lib/lwres/include/lwres/netdb.h lib/lwres/include/lwres/platform.h lib/lwres/man/Makefile lib/lwres/unix/Makefile lib/lwres/unix/include/Makefile lib/lwres/unix/include/lwres/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile lib/samples/Makefile lib/samples/Makefile-postinstall unit/Makefile unit/unittest.sh"
+ac_config_files="$ac_config_files make/Makefile make/mkdep Makefile bin/Makefile bin/check/Makefile bin/confgen/Makefile bin/confgen/unix/Makefile bin/delv/Makefile bin/dig/Makefile bin/dnssec/Makefile bin/named/Makefile bin/named/unix/Makefile bin/nsupdate/Makefile bin/pkcs11/Makefile bin/python/Makefile bin/python/dnssec-checkds.py bin/python/dnssec-coverage.py bin/rndc/Makefile bin/tests/Makefile bin/tests/atomic/Makefile bin/tests/db/Makefile bin/tests/dst/Makefile bin/tests/dst/Kdh.+002+18602.key bin/tests/dst/Kdh.+002+18602.private bin/tests/dst/Kdh.+002+48957.key bin/tests/dst/Kdh.+002+48957.private bin/tests/dst/Ktest.+001+00002.key bin/tests/dst/Ktest.+001+54622.key bin/tests/dst/Ktest.+001+54622.private bin/tests/dst/Ktest.+003+23616.key bin/tests/dst/Ktest.+003+23616.private bin/tests/dst/Ktest.+003+49667.key bin/tests/dst/dst_2_data bin/tests/dst/t2_data_1 bin/tests/dst/t2_data_2 bin/tests/dst/t2_dsasig bin/tests/dst/t2_rsasig bin/tests/hashes/Makefile bin/tests/headerdep_test.sh bin/tests/master/Makefile bin/tests/mem/Makefile bin/tests/names/Makefile bin/tests/net/Makefile bin/tests/pkcs11/Makefile bin/tests/pkcs11/benchmarks/Makefile bin/tests/rbt/Makefile bin/tests/resolver/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/dlz/prereq.sh bin/tests/system/dlzexternal/Makefile bin/tests/system/dlzexternal/ns1/named.conf bin/tests/system/dlzredir/prereq.sh bin/tests/system/filter-aaaa/Makefile bin/tests/system/geoip/Makefile bin/tests/system/inline/checkdsa.sh bin/tests/system/lwresd/Makefile bin/tests/system/sit/prereq.sh bin/tests/system/rpz/Makefile bin/tests/system/rsabigexponent/Makefile bin/tests/system/tkey/Makefile bin/tests/system/tsiggss/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/virtual-time/Makefile bin/tests/virtual-time/conf.sh bin/tools/Makefile contrib/scripts/check-secure-delegation.pl contrib/scripts/zone-edit.sh doc/Makefile doc/arm/Makefile doc/doxygen/Doxyfile doc/doxygen/Makefile doc/doxygen/doxygen-input-filter doc/misc/Makefile doc/xsl/Makefile doc/xsl/isc-docbook-chunk.xsl doc/xsl/isc-docbook-html.xsl doc/xsl/isc-docbook-latex.xsl doc/xsl/isc-manpage.xsl isc-config.sh lib/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/dns/tests/Makefile lib/irs/Makefile lib/irs/include/Makefile lib/irs/include/irs/Makefile lib/irs/include/irs/netdb.h lib/irs/include/irs/platform.h lib/isc/$arch/Makefile lib/isc/$arch/include/Makefile lib/isc/$arch/include/isc/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/include/pk11/Makefile lib/isc/include/pkcs11/Makefile lib/isc/tests/Makefile lib/isc/nls/Makefile lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/unix/include/pkcs11/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/lwres/Makefile lib/lwres/include/Makefile lib/lwres/include/lwres/Makefile lib/lwres/include/lwres/netdb.h lib/lwres/include/lwres/platform.h lib/lwres/man/Makefile lib/lwres/unix/Makefile lib/lwres/unix/include/Makefile lib/lwres/unix/include/lwres/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile lib/samples/Makefile lib/samples/Makefile-postinstall unit/Makefile unit/unittest.sh"
 
 
 #
@@ -22392,7 +22392,7 @@ do
     "bin/check/Makefile") CONFIG_FILES="$CONFIG_FILES bin/check/Makefile" ;;
     "bin/confgen/Makefile") CONFIG_FILES="$CONFIG_FILES bin/confgen/Makefile" ;;
     "bin/confgen/unix/Makefile") CONFIG_FILES="$CONFIG_FILES bin/confgen/unix/Makefile" ;;
-    "bin/delve/Makefile") CONFIG_FILES="$CONFIG_FILES bin/delve/Makefile" ;;
+    "bin/delv/Makefile") CONFIG_FILES="$CONFIG_FILES bin/delv/Makefile" ;;
     "bin/dig/Makefile") CONFIG_FILES="$CONFIG_FILES bin/dig/Makefile" ;;
     "bin/dnssec/Makefile") CONFIG_FILES="$CONFIG_FILES bin/dnssec/Makefile" ;;
     "bin/named/Makefile") CONFIG_FILES="$CONFIG_FILES bin/named/Makefile" ;;

configure.in

@@ -4331,7 +4331,7 @@ AC_CONFIG_FILES([
 	bin/check/Makefile
 	bin/confgen/Makefile
 	bin/confgen/unix/Makefile
-	bin/delve/Makefile
+	bin/delv/Makefile
 	bin/dig/Makefile
 	bin/dnssec/Makefile
 	bin/named/Makefile

doc/arm/Bv9ARM-book.xml

@@ -17667,7 +17667,7 @@ zone "example.com" {
       <title>Manual pages</title>
       <xi:include href="../../bin/dig/dig.docbook"/>
       <xi:include href="../../bin/dig/host.docbook"/>
-      <xi:include href="../../bin/delve/delve.docbook"/>
+      <xi:include href="../../bin/delv/delv.docbook"/>
       <xi:include href="../../bin/python/dnssec-checkds.docbook"/>
       <xi:include href="../../bin/python/dnssec-coverage.docbook"/>
       <xi:include href="../../bin/dnssec/dnssec-dsfromkey.docbook"/>

doc/arm/Bv9ARM.ch10.html

@@ -55,7 +55,7 @@
 <span class="refentrytitle"><a href="man.host.html">host</a></span><span class="refpurpose"> &#8212; DNS lookup utility</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.delve.html">delve</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
+<span class="refentrytitle"><a href="man.delv.html">delv</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; A DNSSEC delegation consistency checking tool.</span>

doc/arm/Bv9ARM.html

@@ -269,7 +269,7 @@
 <span class="refentrytitle"><a href="man.host.html">host</a></span><span class="refpurpose"> &#8212; DNS lookup utility</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.delve.html">delve</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
+<span class="refentrytitle"><a href="man.delv.html">delv</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; A DNSSEC delegation consistency checking tool.</span>

doc/arm/man.arpaname.html

@@ -50,20 +50,20 @@
 <div class="cmdsynopsis"><p><code class="command">arpaname</code>  {<em class="replaceable"><code>ipaddress </code></em>...}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664384"></a><h2>DESCRIPTION</h2>
+<a name="id2664109"></a><h2>DESCRIPTION</h2>
 <p>
       <span><strong class="command">arpaname</strong></span> translates IP addresses (IPv4 and
       IPv6) to the corresponding IN-ADDR.ARPA or IP6.ARPA names.
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664398"></a><h2>SEE ALSO</h2>
+<a name="id2664124"></a><h2>SEE ALSO</h2>
 <p>
       <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664412"></a><h2>AUTHOR</h2>
+<a name="id2664138"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

doc/arm/man.ddns-confgen.html

@@ -51,7 +51,7 @@
 <div class="cmdsynopsis"><p><code class="command">ddns-confgen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em>  |   -z <em class="replaceable"><code>zone</code></em> ]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2663835"></a><h2>DESCRIPTION</h2>
+<a name="id2663220"></a><h2>DESCRIPTION</h2>
 <p>
       <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
       are invokation methods for a utility that generates keys for use
@@ -87,7 +87,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2663939"></a><h2>OPTIONS</h2>
+<a name="id2663323"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
 <dd><p>
@@ -159,7 +159,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664155"></a><h2>SEE ALSO</h2>
+<a name="id2663949"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
       <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
       <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@@ -167,7 +167,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664194"></a><h2>AUTHOR</h2>
+<a name="id2664056"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

doc/arm/man.delv.html

@@ -18,7 +18,7 @@
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
-<title>delve</title>
+<title>delv</title>
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 <link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
 <link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
@@ -28,7 +28,7 @@
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
 <div class="navheader">
 <table width="100%" summary="Navigation header">
-<tr><th colspan="3" align="center">delve</th></tr>
+<tr><th colspan="3" align="center">delv</th></tr>
 <tr>
 <td width="20%" align="left">
 <a accesskey="p" href="man.host.html">Prev</a> </td>
@@ -40,27 +40,27 @@
 <hr>
 </div>
 <div class="refentry" lang="en">
-<a name="man.delve"></a><div class="titlepage"></div>
+<a name="man.delv"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p>delve &#8212; DNS lookup and validation utility</p>
+<p>delv &#8212; DNS lookup and validation utility</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
-<div class="cmdsynopsis"><p><code class="command">delve</code>  [@server] [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-a <em class="replaceable"><code>anchor-file</code></em></code>] [<code class="option">-b <em class="replaceable"><code>address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>level</code></em></code>] [<code class="option">-i</code>] [<code class="option">-m</code>] [<code class="option">-p <em class="replaceable"><code>port#</code></em></code>] [<code class="option">-q <em class="replaceable"><code>name</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-x <em class="replaceable"><code>addr</code></em></code>] [name] [type] [class] [queryopt...]</p></div>
-<div class="cmdsynopsis"><p><code class="command">delve</code>  [<code class="option">-h</code>]</p></div>
-<div class="cmdsynopsis"><p><code class="command">delve</code>  [<code class="option">-v</code>]</p></div>
-<div class="cmdsynopsis"><p><code class="command">delve</code>  [queryopt...] [query...]</p></div>
+<div class="cmdsynopsis"><p><code class="command">delv</code>  [@server] [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-a <em class="replaceable"><code>anchor-file</code></em></code>] [<code class="option">-b <em class="replaceable"><code>address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>level</code></em></code>] [<code class="option">-i</code>] [<code class="option">-m</code>] [<code class="option">-p <em class="replaceable"><code>port#</code></em></code>] [<code class="option">-q <em class="replaceable"><code>name</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-x <em class="replaceable"><code>addr</code></em></code>] [name] [type] [class] [queryopt...]</p></div>
+<div class="cmdsynopsis"><p><code class="command">delv</code>  [<code class="option">-h</code>]</p></div>
+<div class="cmdsynopsis"><p><code class="command">delv</code>  [<code class="option">-v</code>]</p></div>
+<div class="cmdsynopsis"><p><code class="command">delv</code>  [queryopt...] [query...]</p></div>
 </div>
 <div class="refsect1" lang="en">
 <a name="id2615073"></a><h2>DESCRIPTION</h2>
-<p><span><strong class="command">delve</strong></span>
-      (Domain Entity Lookup &amp; Validation Engine) is a tool for sending
+<p><span><strong class="command">delv</strong></span>
+      (Domain Entity Lookup &amp; Validation) is a tool for sending
       DNS queries and validating the results, using the the same internal
       resolver and validator logic as <span><strong class="command">named</strong></span>.
     </p>
 <p>
-      <span><strong class="command">delve</strong></span> will send to a specified name server all
+      <span><strong class="command">delv</strong></span> will send to a specified name server all
       queries needed to fetch and validate the requested data; this
       includes the original requested query, subsequent queries to follow
       CNAME or DNAME chains, and queries for DNSKEY, DS and DLV records
@@ -73,34 +73,34 @@
       By default, responses are validated using built-in DNSSEC trust
       anchors for the root zone (".") and for the ISC DNSSEC lookaside
       validation zone ("dlv.isc.org").  Records returned by
-      <span><strong class="command">delve</strong></span> are either fully validated or
+      <span><strong class="command">delv</strong></span> are either fully validated or
       were not signed.  If validation fails, an explanation of
       the failure is included in the output; the validation process
-      can be traced in detail.  Because <span><strong class="command">delve</strong></span> does
+      can be traced in detail.  Because <span><strong class="command">delv</strong></span> does
       not rely on an external server to carry out validation, it can
       be used to check the validity of DNS responses in environments
       where local name servers may not be trustworthy.
     </p>
 <p>
       Unless it is told to query a specific name server,
-      <span><strong class="command">delve</strong></span> will try each of the servers listed in
+      <span><strong class="command">delv</strong></span> will try each of the servers listed in
       <code class="filename">/etc/resolv.conf</code>. If no usable server
-      addresses are found, <span><strong class="command">delve</strong></span> will send
+      addresses are found, <span><strong class="command">delv</strong></span> will send
       queries to the localhost addresses (127.0.0.1 for IPv4, ::1
       for IPv6).
     </p>
 <p>
       When no command line arguments or options are given,
-      <span><strong class="command">delve</strong></span> will perform an NS query for "."
+      <span><strong class="command">delv</strong></span> will perform an NS query for "."
       (the root zone).
     </p>
 </div>
 <div class="refsect1" lang="en">
 <a name="id2615145"></a><h2>SIMPLE USAGE</h2>
 <p>
-      A typical invocation of <span><strong class="command">delve</strong></span> looks like:
+      A typical invocation of <span><strong class="command">delv</strong></span> looks like:
       </p>
-<pre class="programlisting"> delve @server name type </pre>
+<pre class="programlisting"> delv @server name type </pre>
 <p>
       where:
 
@@ -113,21 +113,21 @@
 	      can be an IPv4 address in dotted-decimal notation or an IPv6
 	      address in colon-delimited notation.  When the supplied
 	      <em class="parameter"><code>server</code></em> argument is a hostname,
-	      <span><strong class="command">delve</strong></span> resolves that name before
+	      <span><strong class="command">delv</strong></span> resolves that name before
 	      querying that name server (note, however, that this
 	      initial lookup is <span class="emphasis"><em>not</em></span> validated
 	      by DNSSEC).
 	    </p>
 <p>
 	      If no <em class="parameter"><code>server</code></em> argument is
-	      provided, <span><strong class="command">delve</strong></span> consults
+	      provided, <span><strong class="command">delv</strong></span> consults
 	      <code class="filename">/etc/resolv.conf</code>; if an
 	      address is found there, it queries the name server at
 	      that address. If either of the <code class="option">-4</code> or
 	      <code class="option">-6</code> options are in use, then
 	      only addresses for the corresponding transport
 	      will be tried.  If no usable addresses are found,
-	      <span><strong class="command">delve</strong></span> will send queries to
+	      <span><strong class="command">delv</strong></span> will send queries to
 	      the localhost addresses (127.0.0.1 for IPv4,
 	      ::1 for IPv6).
 	    </p>
@@ -143,7 +143,7 @@
 	      <em class="parameter"><code>type</code></em> can be any valid query
 	      type.  If no
 	      <em class="parameter"><code>type</code></em> argument is supplied,
-	      <span><strong class="command">delve</strong></span> will perform a lookup for an
+	      <span><strong class="command">delv</strong></span> will perform a lookup for an
 	      A record.
 	    </p></dd>
 </dl></div>
@@ -170,17 +170,17 @@
 	  </p>
 <p>
 	    Note: When reading the trust anchor file,
-	    <span><strong class="command">delve</strong></span> treats <code class="option">managed-keys</code>
+	    <span><strong class="command">delv</strong></span> treats <code class="option">managed-keys</code>
 	    statements and <code class="option">trusted-keys</code> statements
 	    identically.  That is, for a managed key, it is the
 	    <span class="emphasis"><em>initial</em></span> key that is trusted; RFC 5011
-	    key management is not supported. <span><strong class="command">delve</strong></span>
+	    key management is not supported. <span><strong class="command">delv</strong></span>
 	    will not consult the managed-keys database maintained by
 	    <span><strong class="command">named</strong></span>. This means that if either of the
 	    keys in <code class="filename">/etc/bind.keys</code> is revoked
 	    and rolled over, it will be necessary to update
 	    <code class="filename">/etc/bind.keys</code> to use DNSSEC
-	    validation in <span><strong class="command">delve</strong></span>.
+	    validation in <span><strong class="command">delv</strong></span>.
 	  </p>
 </dd>
 <dt><span class="term">-b  <em class="replaceable"><code>address</code></em></span></dt>
@@ -194,7 +194,7 @@
 <dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
 <dd><p>
 	    Sets the query class for the requested data. Currently,
-	    only class "IN" is supported in <span><strong class="command">delve</strong></span>
+	    only class "IN" is supported in <span><strong class="command">delv</strong></span>
 	    and any other value is ignored.
 	  </p></dd>
 <dt><span class="term">-d <em class="replaceable"><code>level</code></em></span></dt>
@@ -202,7 +202,7 @@
 	    Set the systemwide debug level to <code class="option">level</code>.
 	    The allowed range is from 0 to 99.
 	    The default is 0 (no debugging).
-	    Debugging traces from <span><strong class="command">delve</strong></span> become
+	    Debugging traces from <span><strong class="command">delv</strong></span> become
 	    more verbose as the debug level increases.
 	    See the <code class="option">+mtrace</code>, <code class="option">+rtrace</code>,
 	    and <code class="option">+vtrace</code> options below for additional
@@ -210,7 +210,7 @@
 	  </p></dd>
 <dt><span class="term">-h</span></dt>
 <dd><p>
-	    Display the <span><strong class="command">delve</strong></span> help usage output and exit.
+	    Display the <span><strong class="command">delv</strong></span> help usage output and exit.
 	  </p></dd>
 <dt><span class="term">-i</span></dt>
 <dd><p>
@@ -218,7 +218,7 @@
 	    (Note, however, this does not set the CD bit on upstream
 	    queries. If the server being queried is performing DNSSEC
 	    validation, then it will not return invalid data; this
-	    can cause <span><strong class="command">delve</strong></span> to time out. When it
+	    can cause <span><strong class="command">delv</strong></span> to time out. When it
 	    is necessary to examine invalid data to debug a DNSSEC
 	    problem, use <span><strong class="command">dig +cd</strong></span>.)
 	  </p></dd>
@@ -260,7 +260,7 @@
 </dd>
 <dt><span class="term">-v</span></dt>
 <dd><p>
-	    Print the <span><strong class="command">delve</strong></span> version and exit.
+	    Print the <span><strong class="command">delv</strong></span> version and exit.
 	  </p></dd>
 <dt><span class="term">-x <em class="replaceable"><code>addr</code></em></span></dt>
 <dd><p>
@@ -269,24 +269,24 @@
 	    dotted-decimal notation, or a colon-delimited IPv6 address.
 	    When <code class="option">-x</code> is used, there is no need to provide
 	    the <em class="parameter"><code>name</code></em> or <em class="parameter"><code>type</code></em>
-	    arguments.  <span><strong class="command">delve</strong></span> automatically performs a
+	    arguments.  <span><strong class="command">delv</strong></span> automatically performs a
 	    lookup for a name like <code class="literal">11.12.13.10.in-addr.arpa</code>
 	    and sets the query type to PTR.  IPv6 addresses are looked up
 	    using nibble format under the IP6.ARPA domain.
 	  </p></dd>
 <dt><span class="term">-4</span></dt>
 <dd><p>
-	    Forces <span><strong class="command">delve</strong></span> to only use IPv4.
+	    Forces <span><strong class="command">delv</strong></span> to only use IPv4.
 	  </p></dd>
 <dt><span class="term">-6</span></dt>
 <dd><p>
-	    Forces <span><strong class="command">delve</strong></span> to only use IPv6.
+	    Forces <span><strong class="command">delv</strong></span> to only use IPv6.
 	  </p></dd>
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
 <a name="id2671053"></a><h2>QUERY OPTIONS</h2>
-<p><span><strong class="command">delve</strong></span>
+<p><span><strong class="command">delv</strong></span>
       provides a number of query options which affect the way results are
       displayed, and in some cases the way lookups are performed.
     </p>
@@ -304,12 +304,12 @@
 <dt><span class="term"><code class="option">+[no]cdflag</code></span></dt>
 <dd><p>
 	      Controls whether to set the CD (checking disabled) bit in
-	      queries sent by <span><strong class="command">delve</strong></span>. This may be useful
+	      queries sent by <span><strong class="command">delv</strong></span>. This may be useful
 	      when troubleshooting DNSSEC problems from behind a validating
 	      resolver. A validating resolver will block invalid responses,
 	      making it difficult to retrieve them for analysis. Setting
 	      the CD flag on queries will cause the resolver to return
-	      invalid responses, which <span><strong class="command">delve</strong></span> can then
+	      invalid responses, which <span><strong class="command">delv</strong></span> can then
 	      validate internally and report the errors in detail.
 	    </p></dd>
 <dt><span class="term"><code class="option">+[no]class</code></span></dt>
@@ -326,7 +326,7 @@
 <dd>
 <p>
 	      Toggle resolver fetch logging. This reports the
-	      name and type of each query sent by <span><strong class="command">delve</strong></span>
+	      name and type of each query sent by <span><strong class="command">delv</strong></span>
 	      in the process of carrying out the resolution and validation
 	      process: this includes including the original query and
 	      all subsequent queries to follow CNAMEs and to establish a
@@ -344,7 +344,7 @@
 <dd>
 <p>
 	      Toggle message logging. This produces a detailed dump of
-	      the responses received by <span><strong class="command">delve</strong></span> in the
+	      the responses received by <span><strong class="command">delv</strong></span> in the
 	      process of carrying out the resolution and validation process.
 	    </p>
 <p>
@@ -424,13 +424,13 @@
 	      Print long records (such as RRSIG, DNSKEY, and SOA records)
 	      in a verbose multi-line format with human-readable comments.
 	      The default is to print each record on a single line, to
-	      facilitate machine parsing of the <span><strong class="command">delve</strong></span>
+	      facilitate machine parsing of the <span><strong class="command">delv</strong></span>
 	      output.
 	    </p></dd>
 <dt><span class="term"><code class="option">+[no]dnssec</code></span></dt>
 <dd><p>
 	      Indicates whether to display RRSIG records in the
-	      <span><strong class="command">delve</strong></span> output.  The default is to
+	      <span><strong class="command">delv</strong></span> output.  The default is to
 	      do so.  Note that (unlike in <span><strong class="command">dig</strong></span>)
 	      this does <span class="emphasis"><em>not</em></span> control whether to
 	      request DNSSEC records or whether to validate them.

doc/arm/man.dnssec-checkds.html

@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 <link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
 <link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
-<link rel="prev" href="man.delve.html" title="delve">
+<link rel="prev" href="man.delv.html" title="delv">
 <link rel="next" href="man.dnssec-coverage.html" title="dnssec-coverage">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
@@ -31,7 +31,7 @@
 <tr><th colspan="3" align="center"><span class="application">dnssec-checkds</span></th></tr>
 <tr>
 <td width="20%" align="left">
-<a accesskey="p" href="man.delve.html">Prev</a> </td>
+<a accesskey="p" href="man.delv.html">Prev</a> </td>
 <th width="60%" align="center">Manual pages</th>
 <td width="20%" align="right"> <a accesskey="n" href="man.dnssec-coverage.html">Next</a>
 </td>
@@ -105,13 +105,13 @@
 <table width="100%" summary="Navigation footer">
 <tr>
 <td width="40%" align="left">
-<a accesskey="p" href="man.delve.html">Prev</a> </td>
+<a accesskey="p" href="man.delv.html">Prev</a> </td>
 <td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
 <td width="40%" align="right"> <a accesskey="n" href="man.dnssec-coverage.html">Next</a>
 </td>
 </tr>
 <tr>
-<td width="40%" align="left" valign="top">delve </td>
+<td width="40%" align="left" valign="top">delv </td>
 <td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
 <td width="40%" align="right" valign="top"> <span class="application">dnssec-coverage</span>
 </td>

doc/arm/man.genrandom.html

@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">genrandom</code>  [<code class="option">-n <em class="replaceable"><code>number</code></em></code>] {<em class="replaceable"><code>size</code></em>} {<em class="replaceable"><code>filename</code></em>}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2622867"></a><h2>DESCRIPTION</h2>
+<a name="id2622866"></a><h2>DESCRIPTION</h2>
 <p>
       <span><strong class="command">genrandom</strong></span>
       generates a file or a set of files containing a specified quantity
@@ -59,7 +59,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664524"></a><h2>ARGUMENTS</h2>
+<a name="id2664796"></a><h2>ARGUMENTS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-n <em class="replaceable"><code>number</code></em></span></dt>
 <dd><p>
@@ -77,14 +77,14 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664585"></a><h2>SEE ALSO</h2>
+<a name="id2664857"></a><h2>SEE ALSO</h2>
 <p>
       <span class="citerefentry"><span class="refentrytitle">rand</span>(3)</span>,
       <span class="citerefentry"><span class="refentrytitle">arc4random</span>(3)</span>
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664612"></a><h2>AUTHOR</h2>
+<a name="id2664884"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

doc/arm/man.host.html

@@ -23,7 +23,7 @@
 <link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
 <link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
 <link rel="prev" href="man.dig.html" title="dig">
-<link rel="next" href="man.delve.html" title="delve">
+<link rel="next" href="man.delv.html" title="delv">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
 <div class="navheader">
@@ -33,7 +33,7 @@
 <td width="20%" align="left">
 <a accesskey="p" href="man.dig.html">Prev</a> </td>
 <th width="60%" align="center">Manual pages</th>
-<td width="20%" align="right"> <a accesskey="n" href="man.delve.html">Next</a>
+<td width="20%" align="right"> <a accesskey="n" href="man.delv.html">Next</a>
 </td>
 </tr>
 </table>
@@ -238,13 +238,13 @@
 <td width="40%" align="left">
 <a accesskey="p" href="man.dig.html">Prev</a> </td>
 <td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
-<td width="40%" align="right"> <a accesskey="n" href="man.delve.html">Next</a>
+<td width="40%" align="right"> <a accesskey="n" href="man.delv.html">Next</a>
 </td>
 </tr>
 <tr>
 <td width="40%" align="left" valign="top">dig </td>
 <td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
-<td width="40%" align="right" valign="top"> delve</td>
+<td width="40%" align="right" valign="top"> delv</td>
 </tr>
 </table>
 </div>

doc/arm/man.isc-hmac-fixup.html

@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">isc-hmac-fixup</code>  {<em class="replaceable"><code>algorithm</code></em>} {<em class="replaceable"><code>secret</code></em>}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2665010"></a><h2>DESCRIPTION</h2>
+<a name="id2664940"></a><h2>DESCRIPTION</h2>
 <p>
       Versions of BIND 9 up to and including BIND 9.6 had a bug causing
       HMAC-SHA* TSIG keys which were longer than the digest length of the
@@ -76,7 +76,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2665037"></a><h2>SECURITY CONSIDERATIONS</h2>
+<a name="id2664968"></a><h2>SECURITY CONSIDERATIONS</h2>
 <p>
       Secrets that have been converted by <span><strong class="command">isc-hmac-fixup</strong></span>
       are shortened, but as this is how the HMAC protocol works in
@@ -87,14 +87,14 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2665053"></a><h2>SEE ALSO</h2>
+<a name="id2664984"></a><h2>SEE ALSO</h2>
 <p>
       <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
       <em class="citetitle">RFC 2104</em>.
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2665139"></a><h2>AUTHOR</h2>
+<a name="id2665069"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

doc/arm/man.named-checkconf.html

@@ -119,21 +119,21 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2643010"></a><h2>RETURN VALUES</h2>
+<a name="id2643214"></a><h2>RETURN VALUES</h2>
 <p><span><strong class="command">named-checkconf</strong></span>
       returns an exit status of 1 if
       errors were detected and 0 otherwise.
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2643024"></a><h2>SEE ALSO</h2>
+<a name="id2643228"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
       <span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>,
       <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2643053"></a><h2>AUTHOR</h2>
+<a name="id2643258"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

doc/arm/man.nsec3hash.html

@@ -48,7 +48,7 @@
 <div class="cmdsynopsis"><p><code class="command">nsec3hash</code>  {<em class="replaceable"><code>salt</code></em>} {<em class="replaceable"><code>algorithm</code></em>} {<em class="replaceable"><code>iterations</code></em>} {<em class="replaceable"><code>domain</code></em>}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2623131"></a><h2>DESCRIPTION</h2>
+<a name="id2623130"></a><h2>DESCRIPTION</h2>
 <p>
       <span><strong class="command">nsec3hash</strong></span> generates an NSEC3 hash based on
       a set of NSEC3 parameters.  This can be used to check the validity
@@ -56,7 +56,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2665198"></a><h2>ARGUMENTS</h2>
+<a name="id2623145"></a><h2>ARGUMENTS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">salt</span></dt>
 <dd><p>
@@ -80,14 +80,14 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2665260"></a><h2>SEE ALSO</h2>
+<a name="id2665259"></a><h2>SEE ALSO</h2>
 <p>
       <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
       <em class="citetitle">RFC 5155</em>.
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2665346"></a><h2>AUTHOR</h2>
+<a name="id2665276"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

doc/arm/man.nsupdate.html

@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">nsupdate</code>  [<code class="option">-d</code>] [<code class="option">-D</code>] [[<code class="option">-g</code>] |  [<code class="option">-o</code>] |  [<code class="option">-l</code>] |  [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]keyname:secret</code></em></code>] |  [<code class="option">-k <em class="replaceable"><code>keyfile</code></em></code>]] [<code class="option">-t <em class="replaceable"><code>timeout</code></em></code>] [<code class="option">-u <em class="replaceable"><code>udptimeout</code></em></code>] [<code class="option">-r <em class="replaceable"><code>udpretries</code></em></code>] [<code class="option">-R <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-v</code>] [<code class="option">-T</code>] [<code class="option">-P</code>] [<code class="option">-V</code>] [filename]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2653064"></a><h2>DESCRIPTION</h2>
+<a name="id2653063"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">nsupdate</strong></span>
       is used to submit Dynamic DNS Update requests as defined in RFC 2136
       to a name server.
@@ -131,7 +131,13 @@
       [<span class="optional"><em class="parameter"><code>hmac:</code></em></span>]<em class="parameter"><code>keyname:secret.</code></em>
       <em class="parameter"><code>keyname</code></em> is the name of the key, and
       <em class="parameter"><code>secret</code></em> is the base64 encoded shared secret.
-      Use of the <code class="option">-y</code> option is discouraged because the
+      <em class="parameter"><code>hmac</code></em> is the name of the key algorithm;
+      valid choices are <code class="literal">hmac-md5</code>,
+      <code class="literal">hmac-sha1</code>, <code class="literal">hmac-sha224</code>,
+      <code class="literal">hmac-sha256</code>, <code class="literal">hmac-sha384</code>, or
+      <code class="literal">hmac-sha512</code>.  If <em class="parameter"><code>hmac</code></em>
+      is not specified, the default is <code class="literal">hmac-md5</code>.
+      NOTE: Use of the <code class="option">-y</code> option is discouraged because the
       shared secret is supplied as a command line argument in clear text.
       This may be visible in the output from
       <span class="citerefentry"><span class="refentrytitle">ps</span>(1)</span>
@@ -230,7 +236,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2654397"></a><h2>INPUT FORMAT</h2>
+<a name="id2654446"></a><h2>INPUT FORMAT</h2>
 <p><span><strong class="command">nsupdate</strong></span>
       reads input from
       <em class="parameter"><code>filename</code></em>
@@ -334,14 +340,16 @@
             </p></dd>
 <dt><span class="term">
               <span><strong class="command">key</strong></span>
-               {name}
+               [hmac:] {keyname}
                {secret}
             </span></dt>
 <dd><p>
               Specifies that all updates are to be TSIG-signed using the
-              <em class="parameter"><code>keyname</code></em> <em class="parameter"><code>keysecret</code></em> pair.
-              The <span><strong class="command">key</strong></span> command
-              overrides any key specified on the command line via
+              <em class="parameter"><code>keyname</code></em> <em class="parameter"><code>secret</code></em> pair.
+              If <em class="parameter"><code>hmac</code></em> is specified, then it sets the
+              signing algorithm in use; the default is
+              <code class="literal">hmac-md5</code>.  The <span><strong class="command">key</strong></span>
+              command overrides any key specified on the command line via
               <code class="option">-y</code> or <code class="option">-k</code>.
             </p></dd>
 <dt><span class="term">
@@ -530,7 +538,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2680146"></a><h2>EXAMPLES</h2>
+<a name="id2680280"></a><h2>EXAMPLES</h2>
 <p>
       The examples below show how
       <span><strong class="command">nsupdate</strong></span>
@@ -584,7 +592,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2680264"></a><h2>FILES</h2>
+<a name="id2680330"></a><h2>FILES</h2>
 <div class="variablelist"><dl>
 <dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>
 <dd><p>
@@ -607,7 +615,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2680347"></a><h2>SEE ALSO</h2>
+<a name="id2680413"></a><h2>SEE ALSO</h2>
 <p>
       <em class="citetitle">RFC 2136</em>,
       <em class="citetitle">RFC 3007</em>,
@@ -622,7 +630,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2680405"></a><h2>BUGS</h2>
+<a name="id2680471"></a><h2>BUGS</h2>
 <p>
       The TSIG key is redundantly stored in two separate files.
       This is a consequence of nsupdate using the DST library

doc/arm/man.rndc-confgen.html

@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">rndc-confgen</code>  [<code class="option">-a</code>] [<code class="option">-A <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2659719"></a><h2>DESCRIPTION</h2>
+<a name="id2659786"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">rndc-confgen</strong></span>
       generates configuration files
       for <span><strong class="command">rndc</strong></span>.  It can be used as a
@@ -66,7 +66,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2659853"></a><h2>OPTIONS</h2>
+<a name="id2659852"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-a</span></dt>
 <dd>
@@ -180,7 +180,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2663056"></a><h2>EXAMPLES</h2>
+<a name="id2663054"></a><h2>EXAMPLES</h2>
 <p>
       To allow <span><strong class="command">rndc</strong></span> to be used with
       no manual configuration, run
@@ -197,7 +197,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664819"></a><h2>SEE ALSO</h2>
+<a name="id2664681"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
       <span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
       <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@@ -205,7 +205,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664925"></a><h2>AUTHOR</h2>
+<a name="id2664720"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

doc/arm/man.rndc.conf.html

@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">rndc.conf</code> </p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2622250"></a><h2>DESCRIPTION</h2>
+<a name="id2622249"></a><h2>DESCRIPTION</h2>
 <p><code class="filename">rndc.conf</code> is the configuration file
       for <span><strong class="command">rndc</strong></span>, the BIND 9 name server control
       utility.  This file has a similar structure and syntax to
@@ -136,7 +136,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655122"></a><h2>EXAMPLE</h2>
+<a name="id2655121"></a><h2>EXAMPLE</h2>
 <pre class="programlisting">
       options {
         default-server  localhost;
@@ -210,7 +210,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2656677"></a><h2>NAME SERVER CONFIGURATION</h2>
+<a name="id2656676"></a><h2>NAME SERVER CONFIGURATION</h2>
 <p>
       The name server must be configured to accept rndc connections and
       to recognize the key specified in the <code class="filename">rndc.conf</code>
@@ -220,7 +220,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2656702"></a><h2>SEE ALSO</h2>
+<a name="id2656701"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
       <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
       <span class="citerefentry"><span class="refentrytitle">mmencode</span>(1)</span>,
@@ -228,7 +228,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2656741"></a><h2>AUTHOR</h2>
+<a name="id2656740"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

doc/arm/man.rndc.html

@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">rndc</code>  [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-q</code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2654650"></a><h2>DESCRIPTION</h2>
+<a name="id2654649"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">rndc</strong></span>
       controls the operation of a name
       server.  It supersedes the <span><strong class="command">ndc</strong></span> utility
@@ -81,7 +81,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2658387"></a><h2>OPTIONS</h2>
+<a name="id2658386"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
 <dd><p>
@@ -152,7 +152,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2662636"></a><h2>COMMANDS</h2>
+<a name="id2662635"></a><h2>COMMANDS</h2>
 <p>
       A list of commands supported by <span><strong class="command">rndc</strong></span> can
       be seen by running <span><strong class="command">rndc</strong></span> without arguments.
@@ -537,7 +537,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2683692"></a><h2>LIMITATIONS</h2>
+<a name="id2683691"></a><h2>LIMITATIONS</h2>
 <p>
       There is currently no way to provide the shared secret for a
       <code class="option">key_id</code> without using the configuration file.
@@ -547,7 +547,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2683710"></a><h2>SEE ALSO</h2>
+<a name="id2683709"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
       <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
       <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@@ -557,7 +557,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2683766"></a><h2>AUTHOR</h2>
+<a name="id2683765"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
     </p>
 </div>

lib/isc/win32/libisc.vcxproj.in

@@ -182,7 +182,7 @@ copy ..\bin\named\named.html ..\Build\Release
 copy ..\bin\rndc\*.html ..\Build\Release
 copy ..\bin\confgen\*.html ..\Build\Release
 copy ..\bin\dig\*.html ..\Build\Release
-copy ..\bin\delve\*.html ..\Build\Release
+copy ..\bin\delv\*.html ..\Build\Release
 copy ..\bin\nsupdate\*.html ..\Build\Release
 copy ..\bin\check\*.html ..\Build\Release
 copy ..\bin\dnssec\dnssec-keygen.html ..\Build\Release

lib/samples/.gitignore

@@ -1,5 +1,4 @@
 Makefile-postinstall
-delve
 nsprobe
 process
 resolve

util/copyrights

@@ -74,17 +74,17 @@
 ./bin/confgen/win32/rndcconfgen.vcxproj.filters.in	X	2013
 ./bin/confgen/win32/rndcconfgen.vcxproj.in	X	2013
 ./bin/confgen/win32/rndcconfgen.vcxproj.user	X	2013
-./bin/delve/Makefile.in				MAKE	2014
-./bin/delve/delve.1				MAN	2014
-./bin/delve/delve.c				C	2014
-./bin/delve/delve.docbook			SGML	2014
-./bin/delve/delve.html				HTML	2014
-./bin/delve/win32/delve.dsp.in			X	2014
-./bin/delve/win32/delve.dsw			X	2014
-./bin/delve/win32/delve.mak.in			X	2014
-./bin/delve/win32/delve.vcxproj.filters.in	X	2014
-./bin/delve/win32/delve.vcxproj.in		X	2014
-./bin/delve/win32/delve.vcxproj.user		X	2014
+./bin/delv/Makefile.in				MAKE	2014
+./bin/delv/delv.1				MAN	2014
+./bin/delv/delv.c				C	2014
+./bin/delv/delv.docbook			SGML	2014
+./bin/delv/delv.html				HTML	2014
+./bin/delv/win32/delv.dsp.in			X	2014
+./bin/delv/win32/delv.dsw			X	2014
+./bin/delv/win32/delv.mak.in			X	2014
+./bin/delv/win32/delv.vcxproj.filters.in	X	2014
+./bin/delv/win32/delv.vcxproj.in		X	2014
+./bin/delv/win32/delv.vcxproj.user		X	2014
 ./bin/dig/.gitignore				X	2012
 ./bin/dig/Makefile.in				MAKE	2000,2001,2002,2004,2005,2007,2009,2012,2013,2014
 ./bin/dig/dig.1					MAN	DOCBOOK
@@ -2745,7 +2745,7 @@
 ./doc/arm/libdns.xml				SGML	2010
 ./doc/arm/man.arpaname.html			X	2009,2010,2011,2012,2013,2014
 ./doc/arm/man.ddns-confgen.html			X	2009,2010,2011,2012,2013,2014
-./doc/arm/man.delve.html			X	2014
+./doc/arm/man.delv.html			X	2014
 ./doc/arm/man.dig.html				X	2005,2006,2007,2008,2009,2010,2011,2012,2013,2014
 ./doc/arm/man.dnssec-checkds.html		X	2013,2014
 ./doc/arm/man.dnssec-coverage.html		X	2013,2014
@@ -2821,21 +2821,6 @@
 ./doc/misc/roadmap				TXT.BRIEF	2000,2001,2004
 ./doc/misc/sdb					TXT.BRIEF	2000,2001,2004
 ./doc/misc/sort-options.pl			PERL	2007,2012
-./doc/private/CHANGES				X	2000,2001
-./doc/private/SRCID				X	2009,2010,2011,2012
-./doc/private/branches				X	2002,2003,2004,2005,2006,2007,2008,2009,2010,2011,2012
-./doc/private/bugfix-by-assertion		X	2001
-./doc/private/delete-list			X	2005,2006,2007,2008,2009,2010,2011
-./doc/private/options				TXT.BRIEF	2000,2001,2004
-./doc/todo/brister/todo				X	2000,2001
-./doc/todo/bwelling/todo			X	2000,2001
-./doc/todo/drc/todo				X	2000,2001
-./doc/todo/gson/todo				X	2000,2001
-./doc/todo/jim/todo				X	2000,2001
-./doc/todo/marka/todo				X	2000,2001
-./doc/todo/mws/todo				X	2000,2001
-./doc/todo/tale/todo				X	2000,2001
-./doc/todo/unassigned				X	2000,2001
 ./doc/xsl/.gitignore				X	2012
 ./doc/xsl/Makefile.in				MAKE	2005,2007,2012
 ./doc/xsl/copyright.xsl				SGML	2005,2007,2009

version

@@ -6,6 +6,6 @@ DESCRIPTION=
 MAJORVER=9
 MINORVER=10
 PATCHVER=0
-RELEASETYPE=
-RELEASEVER=
+RELEASETYPE=rc
+RELEASEVER=2
 EXTENSIONS=

win32utils/Configure

@@ -40,8 +40,8 @@ my @filelist = ("..\\bin\\check\\win32\\checktool.dsp",
                 "..\\bin\\confgen\\win32\\ddnsconfgen.mak",
                 "..\\bin\\confgen\\win32\\rndcconfgen.dsp",
                 "..\\bin\\confgen\\win32\\rndcconfgen.mak",
-                "..\\bin\\delve\\win32\\delve.dsp",
-                "..\\bin\\delve\\win32\\delve.mak",
+                "..\\bin\\delv\\win32\\delv.dsp",
+                "..\\bin\\delv\\win32\\delv.mak",
                 "..\\bin\\dig\\win32\\dig.dsp",
                 "..\\bin\\dig\\win32\\dig.mak",
                 "..\\bin\\dig\\win32\\dighost.dsp",
@@ -198,8 +198,8 @@ my @projectlist = ("..\\bin\\check\\win32\\checkconf.vcxproj",
                    "..\\bin\\confgen\\win32\\ddnsconfgen.vcxproj.filters",
                    "..\\bin\\confgen\\win32\\rndcconfgen.vcxproj",
                    "..\\bin\\confgen\\win32\\rndcconfgen.vcxproj.filters",
-                   "..\\bin\\delve\\win32\\delve.vcxproj",
-                   "..\\bin\\delve\\win32\\delve.vcxproj.filters",
+                   "..\\bin\\delv\\win32\\delv.vcxproj",
+                   "..\\bin\\delv\\win32\\delv.vcxproj.filters",
                    "..\\bin\\dig\\win32\\dig.vcxproj",
                    "..\\bin\\dig\\win32\\dig.vcxproj.filters",
                    "..\\bin\\dig\\win32\\dighost.vcxproj",

win32utils/bind9.sln.in

@@ -276,7 +276,7 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "nslookup", "..\bin\dig\win3
 		{140DE800-E552-43CC-B0C7-A33A92E368CA} = {140DE800-E552-43CC-B0C7-A33A92E368CA}
 	EndProjectSection
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "delve", "..\bin\delve\win32\delve.vcxproj", "{BE172EFE-C1DC-4812-BFB9-8C5F8ADB7E9F}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "delv", "..\bin\delv\win32\delv.vcxproj", "{BE172EFE-C1DC-4812-BFB9-8C5F8ADB7E9F}"
 	ProjectSection(ProjectDependencies) = postProject
 		{A3F71D12-F38A-4C77-8D87-8E8854CA74A1} = {A3F71D12-F38A-4C77-8D87-8E8854CA74A1}
 		{3840E563-D180-4761-AA9C-E6155F02EAFF} = {3840E563-D180-4761-AA9C-E6155F02EAFF}

win32utils/legacy/BINDBuild.dsw.in

@@ -373,7 +373,7 @@ Package=<4>
 
 ###############################################################################
 
-Project: "delve"="..\..\bin\delve\win32\delve.dsp" - Package Owner=<4>
+Project: "delv"="..\..\bin\delv\win32\delv.dsp" - Package Owner=<4>
 
 Package=<5>
 {{{

win32utils/legacy/BuildAll.bat.in

@@ -116,8 +116,8 @@ nmake /nologo /nologo -f host.mak CFG="host - @PLATFORM@ Release"  NO_EXTERNAL_D
 nmake /nologo -f nslookup.mak CFG="nslookup - @PLATFORM@ Release"  NO_EXTERNAL_DEPS="1"
 cd ..\..
 
-cd delve\win32
-nmake /nologo -f delve.mak CFG="delve - @PLATFORM@ Release"  NO_EXTERNAL_DEPS="1"
+cd delv\win32
+nmake /nologo -f delv.mak CFG="delv - @PLATFORM@ Release"  NO_EXTERNAL_DEPS="1"
 cd ..\..
 
 cd nsupdate\win32

win32utils/legacy/BuildSetup.bat.in

@@ -56,7 +56,7 @@ copy ..\..\bin\named\named.html ..\..\Build\Release
 copy ..\..\bin\rndc\*.html ..\..\Build\Release
 copy ..\..\bin\confgen\*.html ..\..\Build\Release
 copy ..\..\bin\dig\*.html ..\..\Build\Release
-copy ..\..\bin\delve\*.html ..\..\Build\Release
+copy ..\..\bin\delv\*.html ..\..\Build\Release
 copy ..\..\bin\nsupdate\*.html ..\..\Build\Release
 copy ..\..\bin\check\*.html ..\..\Build\Release
 copy ..\..\bin\dnssec\dnssec-keygen.html ..\..\Build\Release