CVS commit: pkgsrc/security/opendnssec

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/opendnssec
From: "Fredrik Pettai" <pettai%netbsd.org@localhost>
Date: Wed, 27 Jul 2011 03:13:25 +0000

Module Name:    pkgsrc
Committed By:   pettai
Date:           Wed Jul 27 03:13:25 UTC 2011

Modified Files:
        pkgsrc/security/opendnssec: MESSAGE Makefile distinfo

Log Message:
OpenDNSSEC 1.3.0

* Include simple-dnskey-mailer-plugin in dist.
* Enforcer: Change message about KSK retirement to make it less confusing.

Bugfixes:
* ods-control: If the Enforcer did not close down, you entered an infinite loop.
* Signer Engine: Fix log message typos.
* Signer Engine: Fix crash where ods-signer update
* Signer Engine: Also replace DNSKEYs if <DNSKEY><TTL> has changed in policy.
* Zonefetcher: Sometimes invalid 'Address already in use' occurred.
* Bugfix #247: Fixes bug introduced by bugfix #242.

OpenDNSSEC 1.3.0rc3

* Do not distribute trang.

Bugfixes:
* Fix test for java executable and others.
* Auditor: Fix delegation checks.
* Bugfix #242: Race condition when receiving multiple NOTIFIES for a zone.
* ods-kaspcheck: Do not expect resalt in NSEC policy.
* Signer Engine: Ifdef a header file.
* Signer Engine: The default working directory was not specified.
* Signer Engine: Handle stdout console output throttling that would
  truncate daemon output intermittently.

OpenDNSSEC 1.3.0.rc2

* Match the names of the signer pidfile and enforcer pidfile.
* Include check for resign < resalt in ods-kaspcheck.

Bugfixes:
* Bugfix #231: Fix MySQL version check.
* ods-ksmutil: Update now sends a HUP to the enforcerd.
* Signer Engine: Fix assertion failure if zone was just added.
* Signer Engine: Don't hsm_close() on setup error.
* Signer Engine: Fix race condition bug when doing a single run.
* Signer Engine: In case of failure, also mark zone processed (single run).
* Signer Engine: Don't leak backup file descriptor.
* signconf.rnc now allows NSEC3 Iterations of 0

OpenDNSSEC 1.3.0rc1

* <SkipPublicKey/> is enabled for SoftHSM in the default configuration.
  It improves the performance by only using the private key objects.
* Document the <RolloverNotification> tag in conf.xml.

Bugfixes:
* Bugfix #221: Segmentation Fault on schedule.c:232
* Enforcer: 'make check' now works.
* Enforcer: Fixed some memory leaks in the tests.
* Signer Engine: Coverity report fixes some leaks and thread issues.
* Signer Engine: Now logs to the correct facility again.

OpenDNSSEC 1.3.0b1

* Support for signing the root. Use the zone name "."
* Enforcer: Stop import of policy if it is not consistent.
* ods-signer: The queue command will now also show what tasks the workers
  are working on.
* Signer Engine: Just warn if occluded zone data was found, don't stop signing p
rocess.
* Signer Engine: Simpler serial maintenance, reduces the number of conflicts.
  Less chance to hit a 'cannot update: serial too small' error message.
* Signer Engine: Simpler NSEC(3) maintenance.
* Signer Engine: Temperate the number of backup files.
* Signer Engine: Set number of <SignerThreads> in conf.xml to
  get peak performance from HSMs that can handle multiple threads.

Bugfixes:
* Bugreport #139: ods-auditor fails on root zone.
* Bugreport #198: Zone updates ignored?
* Replace tab with white-space when writing to syslog.
* Signer Engine: Do not block update command while signing.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/opendnssec/MESSAGE
cvs rdiff -u -r1.11 -r1.12 pkgsrc/security/opendnssec/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/security/opendnssec/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index