CVS commit: wip/opendnssec

To: pkgsrc-wip-cvs%lists.sourceforge.net@localhost
Subject: CVS commit: wip/opendnssec
From: "Fredrik Pettai" <pettai%users.sourceforge.net@localhost>
Date: Thu, 31 May 2012 05:38:31 +0000

Module name:    wip
Committed by:   pettai
Date:           Thu May 31 05:38:16 UTC 2012

Modified Files:
        wip/opendnssec: Makefile PLIST distinfo
        wip/opendnssec/patches: patch-aa

Log Message:
OpenDNSSEC 1.4.0a2

* OPENDNSSEC-226: Change in conf.xml: Configure the DNS listener IP address
  with /Listener/Interface/Address instead of /Listener/Interface/IPv{4,6}.
* OPENDNSSEC-249: ods-ksmutil: If key export finds nothing to do then say so
  rather than display nothing which might be misinterpreted.
* OPENDNSSEC-262: Signer Engine: Make DNS Adapter ACL optional.
* OPENDNSSEC-263: Signer Engine: Added EDNS0 support, so that zone transfers
  and SOA requests with OPT RRs are possible.
* Enforcer: Add indexes for foreign keys. (sqlite only, MySQL already has them.)

Bugfixes:
* OPENDNSSEC-259: Signer Engine: Fix assertion failure for outbound AXFR for
  large zones.
* OPENDNSSEC-264: Signer Engine: Fix assertion error on reading IXFR from
  backup.
* OPENDNSSEC-265: Signer Engine: Fix crash in corner cases when signing zone
  with NSEC3 and Opt-out.
* OPENDNSSEC-267: Signer Engine: Sign NOTIFY OK response with TSIG, if present
  in the query and ACL.


OpenDNSSEC 1.4.0a1

* Auditor: The Auditor has been removed.
* Enforcer: Key label logging upon deletion (#192 Sebastian Castro)
* Enforcer: Stop multiple instances of the Enforcer running by checking for
  the pidfile at startup. If you want to run multiple instances then a
  different pidfile will need to be specified with the -P flag.
* Enforcer/ods-ksmutil: Use TTLs from KASP when generating DNSKEY and DS
  records for output.
* Enforcer/ods-ksmutil: Give a more descriptive error message if the
  <Datastore> tag in conf.xml does not match the database-backend set at
  compile time.
* ods-ksmutil: Add warnings on "key export --ds" if no active or ready keys
  were seen, or if both were seen (so a key rollover is happening).
* ods-ksmutil: Prevent MySQL username or password being interpreted by the
  shell when running "ods-ksmutil setup"
* ods-ksmutil: "zone delete" renames the signconf file; so that if the zone is
  put back the signer will not pick up the old file.
* ods-ksmutil: "key delete" added. It allows keys that are not currently in
  use to be deleted from the database and HSM.
* OPENDNSSEC-1: Enforcer: Check DelegationSignerSubmitCommand exists and can
  be executed by ods-enforcerd.
* OPENDNSSEC-10: ods-ksmutil: Include key size and algorithm in "key list"
  with -v flag.
* OPENDNSSEC-28: ods-ksmutil: "key list" shows next state with -v flag.
* OPENDNSSEC-35: ods-ksmutil: "rollover list -v" now includes more information
  on the KSKs waiting for the ds-seen command.
* OPENDNSSEC-83: ods-ksmutil: "key generate" now displays how many keys will
  be generated and presents the user with the opportunity to stop the
  operation.
* OPENDNSSEC-124: ods-ksmutil: Suppress database connection information when
  no -v flag is given.
* Signer Engine: Input and Output DNS Adapters.
* Signer Engine: Zonefetcher has been removed.

Known issues:
* Signer Engine: The backup files do not work correctly in this alpha release.

Bugfixes:
* Bugfix #246: Less confusing text for XML validation in ods-kaspcheck.
* ods-ksmutil: "update kasp" now reflects changes in policy descriptions.
* ods-ksmutil: Policy descriptions now have special characters quoted.
* ods-ksmutil: Fix typo in policy export with NSEC3.


To generate a diff of this commit:
cvs -z3 rdiff -u -r1.13 -r1.14 wip/opendnssec/PLIST
cvs -z3 rdiff -u -r1.17 -r1.18 wip/opendnssec/distinfo
cvs -z3 rdiff -u -r1.32 -r1.33 wip/opendnssec/Makefile
cvs -z3 rdiff -u -r1.7 -r1.8 wip/opendnssec/patches/patch-aa

To view a diff of this commit:
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/opendnssec/PLIST?r1=1.13&r2=1.14
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/opendnssec/distinfo?r1=1.17&r2=1.18
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/opendnssec/Makefile?r1=1.32&r2=1.33
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/opendnssec/patches/patch-aa?r1=1.7&r2=1.8

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
pkgsrc-wip-cvs mailing list
pkgsrc-wip-cvs%lists.sourceforge.net@localhost
https://lists.sourceforge.net/lists/listinfo/pkgsrc-wip-cvs

Prev by Date: CVS commit: wip/openmpi
Next by Date: CVS commit: wip/libreoffice
Previous by Thread: CVS commit: wip/opendnssec
Next by Thread: CVS commit: wip/opendnssec
Indexes:

Home | Main Index | Thread Index | Old Index