pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/security/dnssec-tools

Module Name:    pkgsrc
Committed By:   pettai
Date:           Sat Sep 21 22:25:07 UTC 2013

Modified Files:
        pkgsrc/security/dnssec-tools: Makefile distinfo

Log Message:
 - New Features
    - OWL           - The Owl Monitoring System uses timed DNS queries
                      to monitor basic network functionality.  The system
                      consists of a manager host and a set of sensor hosts.
                      The Owl sensors perform periodic DNS queries and
                      report to the Owl manager the time taken for each
                      query.  Over time, this shows the responsiveness of
                      the DNS infrastructure.
    - dnssec-nodes  - Many new features have been added:
                    - The validation tree now supports clicking on
                      boxes to highlight it and the arrows that derive
                      from it.  Great for use when teaching about
                    - An extensive filter/effect editor now lets you
                      tailor the look of a graph to color-code, set
                      the alpha levels, etc of nodes based on their
                      names, status, data types, etc.
                    - Right clicking on a node lets you center the
                      graph on that node.
                    - More data types are collected and shown in the
                      data view.
                    - Support for arguments on the command line for
                      parsing log files, pcap files and domain names.
                    - The validation view has received a visual clean-up
                    - Many other bug fixes
    - Bloodhound:   - A mozilla-based DNSSEC-enabled browser with DANE support
                    - Added support for validation of SSL certificates
                      using the DANE protocol.
    - curl          - Added support for validation of SSL certificates
                      using the DANE protocol.
    - libval        - Added support for local DANE validation
                    - Extended the dt-danechk commandline tool to check
                      the X509 cert provided over the SSL connection
                      against the TLSA record.
                    - Optimized glue record lookup when the only ip
                      addresses configured for the host are for a single
                      address family (ipv4 or ipv6)
                    - fine tune res_io source management
    - dnssec-check  - dnssec-check now checks DNAME support
    - rollerd       - A new set of steps for KSK rollover has been
                      implemented.  A cache-expiration wait phase has
                      been moved after the publication of DS records in
                      order to allow name caches to reflect the changes.
                      In addition to rollerd, supporting program have
                      been modified to recognize this change.
    - rollrec files - A new "information rollrec" has been added to the
                      rollrec files.  This will allow infomration to be
                      specified for the collection of rollrecs.  At this
                      time, the only information stored in this rollrec
                      is the version number of the rollrec file.
                      In addition to the Perl module, programs
                      which use this module have been modified to recognize
                      this change.
                      If you use the module, you should test
                      to see if your code is affected.  The modifications
                      for the info rollrec have been made to minimize
                      affected programs.  If you parse the rollrec files
                      yourself, you will have to account for this change.
    - multiple      - The perl-based tools can now use either the
                      ZoneFile::Fast or the Net::DNS zone file parser,
                      thanks to a patch from Sebastian Schmidt 
    - ZoneFile:Fast - Support for TLSA
                    - Made it compatible with newer Net::DNS releases
    - Qt5           - A patch to support DNSSEC checks in Qt5 DNS lookups

 - Bug Fixes
    - zonesigner    - Fixed SOA parsing and serial number update issues
    - libval        - Properly initialize memory in sockaddr structures
                      before use.

To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/security/dnssec-tools/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/security/dnssec-tools/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index