OpenDNSSEC 1.3.0 * Include simple-dnskey-mailer-plugin in dist. * Enforcer: Change message about KSK retirement to make it less confusing. Bugfixes: * ods-control: If the Enforcer did not close down, you entered an infinite loop. * Signer Engine: Fix log message typos. * Signer Engine: Fix crash where ods-signer update * Signer Engine: Also replace DNSKEYs if <DNSKEY><TTL> has changed in policy. * Zonefetcher: Sometimes invalid 'Address already in use' occurred. * Bugfix #247: Fixes bug introduced by bugfix #242. OpenDNSSEC 1.3.0rc3 * Do not distribute trang. Bugfixes: * Fix test for java executable and others. * Auditor: Fix delegation checks. * Bugfix #242: Race condition when receiving multiple NOTIFIES for a zone. * ods-kaspcheck: Do not expect resalt in NSEC policy. * Signer Engine: Ifdef a header file. * Signer Engine: The default working directory was not specified. * Signer Engine: Handle stdout console output throttling that would truncate daemon output intermittently. OpenDNSSEC 1.3.0.rc2 * Match the names of the signer pidfile and enforcer pidfile. * Include check for resign < resalt in ods-kaspcheck. Bugfixes: * Bugfix #231: Fix MySQL version check. * ods-ksmutil: Update now sends a HUP to the enforcerd. * Signer Engine: Fix assertion failure if zone was just added. * Signer Engine: Don't hsm_close() on setup error. * Signer Engine: Fix race condition bug when doing a single run. * Signer Engine: In case of failure, also mark zone processed (single run). * Signer Engine: Don't leak backup file descriptor. * signconf.rnc now allows NSEC3 Iterations of 0 OpenDNSSEC 1.3.0rc1 * <SkipPublicKey/> is enabled for SoftHSM in the default configuration. It improves the performance by only using the private key objects. * Document the <RolloverNotification> tag in conf.xml. Bugfixes: * Bugfix #221: Segmentation Fault on schedule.c:232 * Enforcer: 'make check' now works. * Enforcer: Fixed some memory leaks in the tests. * Signer Engine: Coverity report fixes some leaks and thread issues. * Signer Engine: Now logs to the correct facility again. OpenDNSSEC 1.3.0b1 * Support for signing the root. Use the zone name "." * Enforcer: Stop import of policy if it is not consistent. * ods-signer: The queue command will now also show what tasks the workers are working on. * Signer Engine: Just warn if occluded zone data was found, don't stop signing p rocess. * Signer Engine: Simpler serial maintenance, reduces the number of conflicts. Less chance to hit a 'cannot update: serial too small' error message. * Signer Engine: Simpler NSEC(3) maintenance. * Signer Engine: Temperate the number of backup files. * Signer Engine: Set number of <SignerThreads> in conf.xml to get peak performance from HSMs that can handle multiple threads. Bugfixes: * Bugreport #139: ods-auditor fails on root zone. * Bugreport #198: Zone updates ignored? * Replace tab with white-space when writing to syslog. * Signer Engine: Do not block update command while signing.diff -r1.3 -r1.4 pkgsrc/security/opendnssec/MESSAGE
(pettai)
@@ -1,10 +1,10 @@ | @@ -1,10 +1,10 @@ | |||
1 | =========================================================================== | 1 | =========================================================================== | |
2 | $NetBSD: MESSAGE,v 1.3 2011/03/21 15:52:25 pettai Exp $ | 2 | $NetBSD: MESSAGE,v 1.4 2011/07/27 03:13:25 pettai Exp $ | |
3 | 3 | |||
4 | For latest information about configuring OpenDNSSEC, see: | 4 | For latest information about configuring OpenDNSSEC, see: | |
5 | http://www.opendnssec.org/documentation/using-opendnssec/ | 5 | http://www.opendnssec.org/documentation/using-opendnssec/ | |
6 | 6 | |||
7 | (If you are upgrading from OpenDNSSEC v1.1.x -> 1.2.x, | 7 | (If you are upgrading from OpenDNSSEC v1.1.x -> 1.2.x/1.3.x | |
8 | have a look at the included share/doc/opendnssec/MIGRATION file) | 8 | have a look at the included share/doc/opendnssec/MIGRATION file) | |
9 | 9 | |||
10 | =========================================================================== | 10 | =========================================================================== |
@@ -1,18 +1,17 @@ | @@ -1,18 +1,17 @@ | |||
1 | # $NetBSD: Makefile,v 1.11 2011/06/10 09:40:00 obache Exp $ | 1 | # $NetBSD: Makefile,v 1.12 2011/07/27 03:13:25 pettai Exp $ | |
2 | # | 2 | # | |
3 | 3 | |||
4 | DISTNAME= opendnssec-1.2.1 | 4 | DISTNAME= opendnssec-1.3.0 | |
5 | PKGREVISION= 1 | |||
6 | CATEGORIES= security net | 5 | CATEGORIES= security net | |
7 | MASTER_SITES= http://www.opendnssec.org/files/source/ | 6 | MASTER_SITES= http://www.opendnssec.org/files/source/ | |
8 | 7 | |||
9 | MAINTAINER= pettai@NetBSD.org | 8 | MAINTAINER= pettai@NetBSD.org | |
10 | HOMEPAGE= http://www.opendnssec.org/ | 9 | HOMEPAGE= http://www.opendnssec.org/ | |
11 | COMMENT= OSS for a fast and easy DNSSEC deployment | 10 | COMMENT= OSS for a fast and easy DNSSEC deployment | |
12 | LICENSE= 2-clause-bsd | 11 | LICENSE= 2-clause-bsd | |
13 | 12 | |||
14 | DEPENDS+= ldns>=1.6.9:../../net/ldns | 13 | DEPENDS+= ldns>=1.6.9:../../net/ldns | |
15 | DEPENDS+= ${RUBY_PKGPREFIX}-rubygems-[0-9]*:../../misc/rubygems | 14 | DEPENDS+= ${RUBY_PKGPREFIX}-rubygems-[0-9]*:../../misc/rubygems | |
16 | DEPENDS+= ${RUBY_PKGPREFIX}-dnsruby>=1.52:../../net/ruby-dnsruby | 15 | DEPENDS+= ${RUBY_PKGPREFIX}-dnsruby>=1.52:../../net/ruby-dnsruby | |
17 | BUILD_DEPENDS+= CUnit-[0-9]*:../../devel/cunit | 16 | BUILD_DEPENDS+= CUnit-[0-9]*:../../devel/cunit | |
18 | 17 |
@@ -1,6 +1,6 @@ | @@ -1,6 +1,6 @@ | |||
1 | $NetBSD: distinfo,v 1.7 2011/03/21 15:52:25 pettai Exp $ | 1 | $NetBSD: distinfo,v 1.8 2011/07/27 03:13:25 pettai Exp $ | |
2 | 2 | |||
3 | SHA1 (opendnssec-1.2.1.tar.gz) = e9fd9a4e33dc6d02f08ebf7454183fb53b4818a2 | 3 | SHA1 (opendnssec-1.3.0.tar.gz) = 6dc934106fb0b7b12c55b694ca244077eda37936 | |
4 | RMD160 (opendnssec-1.2.1.tar.gz) = 5cc50ee68bf4e531b400f70a0a07cbe6d2047b43 | 4 | RMD160 (opendnssec-1.3.0.tar.gz) = eb6925f5c2f2b60fe573f38d043a1b8f5c8d260f | |
5 | Size (opendnssec-1.2.1.tar.gz) = 1649465 bytes | 5 | Size (opendnssec-1.3.0.tar.gz) = 1072194 bytes | |
6 | SHA1 (patch-aa) = ec0db5d0fe2cb5f0808e5113006b1243040b547d | 6 | SHA1 (patch-aa) = ec0db5d0fe2cb5f0808e5113006b1243040b547d |