pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/dnssec-tools
Module Name: pkgsrc
Committed By: pettai
Date: Sat Sep 21 22:25:07 UTC 2013
Modified Files:
pkgsrc/security/dnssec-tools: Makefile distinfo
Log Message:
2.0
- New Features
- OWL - The Owl Monitoring System uses timed DNS queries
to monitor basic network functionality. The system
consists of a manager host and a set of sensor hosts.
The Owl sensors perform periodic DNS queries and
report to the Owl manager the time taken for each
query. Over time, this shows the responsiveness of
the DNS infrastructure.
- dnssec-nodes - Many new features have been added:
- The validation tree now supports clicking on
boxes to highlight it and the arrows that derive
from it. Great for use when teaching about
DNSSEC.
- An extensive filter/effect editor now lets you
tailor the look of a graph to color-code, set
the alpha levels, etc of nodes based on their
names, status, data types, etc.
- Right clicking on a node lets you center the
graph on that node.
- More data types are collected and shown in the
data view.
- Support for arguments on the command line for
parsing log files, pcap files and domain names.
- The validation view has received a visual clean-up
- Many other bug fixes
- Bloodhound: - A mozilla-based DNSSEC-enabled browser with DANE support
- Added support for validation of SSL certificates
using the DANE protocol.
- curl - Added support for validation of SSL certificates
using the DANE protocol.
- libval - Added support for local DANE validation
- Extended the dt-danechk commandline tool to check
the X509 cert provided over the SSL connection
against the TLSA record.
- Optimized glue record lookup when the only ip
addresses configured for the host are for a single
address family (ipv4 or ipv6)
- fine tune res_io source management
- dnssec-check - dnssec-check now checks DNAME support
- rollerd - A new set of steps for KSK rollover has been
implemented. A cache-expiration wait phase has
been moved after the publication of DS records in
order to allow name caches to reflect the changes.
In addition to rollerd, supporting program have
been modified to recognize this change.
- rollrec files - A new "information rollrec" has been added to the
rollrec files. This will allow infomration to be
specified for the collection of rollrecs. At this
time, the only information stored in this rollrec
is the version number of the rollrec file.
In addition to the rollrec.pm Perl module, programs
which use this module have been modified to recognize
this change.
If you use the rollrec.pm module, you should test
to see if your code is affected. The modifications
for the info rollrec have been made to minimize
affected programs. If you parse the rollrec files
yourself, you will have to account for this change.
- multiple - The perl-based tools can now use either the
ZoneFile::Fast or the Net::DNS zone file parser,
thanks to a patch from Sebastian Schmidt
(yath%yath.de@localhost).
- ZoneFile:Fast - Support for TLSA
- Made it compatible with newer Net::DNS releases
- Qt5 - A patch to support DNSSEC checks in Qt5 DNS lookups
- Bug Fixes
- zonesigner - Fixed SOA parsing and serial number update issues
- libval - Properly initialize memory in sockaddr structures
before use.
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/security/dnssec-tools/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/security/dnssec-tools/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index