1CONVERTAR(1)          User Contributed Perl Documentation         CONVERTAR(1)
2
3
4

NAME

6       convertar - Converts trust anchor repositories from one format to
7       another
8

DESCRIPTION

10       convertar operates on input and output files of different Trust Anchor
11       Repository (TAR) formats.  convertar decides what type of file format
12       is being referred to by a "type:filename" specification.  Options can
13       be passed to the convertar module by using a '/' delimited specifier in
14       the type identifier.  Such as
15       "type/option=value/other=othervalue:filename".  See below for a list of
16       different input and output formats that convertar understands by
17       default and what options they take.
18
19       See the Net::DNS::SEC::Tools::TrustAnchor module and its documentation
20       for writing new plugins to allow convertar to understand other TAR
21       formats.
22

EXAMPLES

24       This command will read in an itar.xml file (available from
25       https://itar.iana.org/) and convert it to a file that can be read in by
26       BIND's named application:
27
28         # convertar -i itar:itar.xml -o bind:bind.conf
29
30       Read in multiple files, merge them together and write them out to two
31       different output file formats (the libval format is printed to stdout):
32
33         # convertar -i itar:itar.xml,csv:local.csv -o bind:bind.conf,libval:-
34

FILE SPECIFICATION CONVENTIONS

36       Types and files (e.g. for the -i and -o switches) are specificied using
37       the following format:
38
39         type:/path/to/file
40
41       The type portion of the specification dictates what internal module
42       will attempt to read in the file.  The file portion of the
43       specification may or may not be required (but the ':' always is) and
44       may or may not point to a real file, depending on the module in charge
45       of the content.  Some modules may, for exmaple, load content from the
46       network.  For types that can read and write to a file, a '-' may be
47       specified as a file to print to or read from standard output.
48
49       File formats MAY be infered from a trailing suffix, if the trailing
50       suffix.  EG, if a referenced file is foo.csv then internally convertar
51       will translate this to "csv:foo.csv".
52

FILE FORMATS

54       The following file formats are known by default to convertar:
55
56       bind
57           A BIND name server (named) compatible trust anchor configuration
58           file.  This can be included within a master named.conf file using
59           the "include" directive.
60
61           The bind option can also take a /write_expectations=1 flag when
62           writing to write an options {} section that will turn on dnssec and
63           require validation for zones from all the imported data.
64
65           E.G. bind/write_expectations=1:named.conf
66
67       secspider
68           This is merely an alias that fetches the specspider
69           (http://secspider.cs.ucla.edu/) bind configuration file and then
70           parse it using the bind file format.
71
72           WARNING: The PGP signature on the downloaded file is NOT checked.
73
74       csv A comma-separated list format.
75
76       dump
77           A Perl hash dump format.  This should be used mostly for debugging
78           of newly developed modules as it shows the internal hash structure
79           that is passed between modules.
80
81       itar
82           IANA's itar format, which is an XML-based format of trust anchor
83           keys.  IANA's file is available from https://itar.iana.org/.
84
85           Specifying only 'itar:' line only (or itar:URL), convertar will
86           attempt to retrieve the current remote ITAR respository file
87           directly.
88
89           WARNING: The PGP signature on the downloaded file is NOT checked.
90
91           NOTE: support for downloading the ITAR repository over the network
92           requires the LWP::UserAgent module to be installed.
93
94       libval
95           The libval format is the configuration file format that DNSSEC-
96           Tool's libval library uses.
97
98           The libval option can also take a /write_expectations=1 flag when
99           writing to specify that the default (:) zone-security-expectation's
100           should be populated to require validation of all the zones with
101           imported data.  All other zones will have a policy set to 'ignore.
102
103           E.G. libval/write_expectations=1:dnsval.conf
104
105       mf  The master file (mf) format is also available from the itar web
106           site.
107
108       dns The dns format performs live queries of records attached to a
109           domain name to request either DS or DNSKEY records.  By default,
110           DNSKEY records will be queried.  The specific type to be queried
111           can be specified by preceeding the zone name with a "ds/" or
112           "dnskey/" prefix.  Example valid 'dns:' type specifications:
113
114             dns:dnssec-tools.org
115             dns:ds/dnssec-tools.org
116             dns:dnskey/dnssec-tools.org
117
118           Also, if you want to read dnskeys from the network but convert them
119           to ds records, you can use the /tods flag:
120
121             dns/tods=1:dnssec-tools.org
122
123           The DNS type can not output records and is only useful for reading
124           in information.
125
126           WARNING: The keys and data being retrieved are not internally
127           validated and thus should not be trusted unless a secured resolver
128           is being used.
129

OPTIONS

131       -i STRING
132       --input-file=STRING
133           Input file(s) to process.
134
135           convertar will read in the specified file(s).  Multiple files can
136           be separated by commas.
137
138       -o STRING
139       --output-file=STRING
140           Output file(s) to write.
141
142           convertar will write out these specified file(s) in the requested
143           output formats.  Multiple files can be separated by commas.
144
145       -h
146       --help
147       --help-full
148           Displays command line help information.
149
150       --gui
151       --no-gui
152           Controls the use of the optional GUI.
153
155       Copyright 2009-2013 SPARTA, Inc.  All rights reserved.  See the COPYING
156       file included with the DNSSEC-Tools package for details.
157

AUTHOR

159       Wes Hardaker < hardaker AT users DOT sourceforge DOT net >
160

SEE ALSO

162       Net::DNS::SEC::Tools::TrustAnchor(3)
163
164
165
166perl v5.32.0                      2020-07-27                      CONVERTAR(1)
Impressum