4d7e026284
* Include simple-dnskey-mailer-plugin in dist. * Enforcer: Change message about KSK retirement to make it less confusing. Bugfixes: * ods-control: If the Enforcer did not close down, you entered an infinite loop. * Signer Engine: Fix log message typos. * Signer Engine: Fix crash where ods-signer update * Signer Engine: Also replace DNSKEYs if <DNSKEY><TTL> has changed in policy. * Zonefetcher: Sometimes invalid 'Address already in use' occurred. * Bugfix #247: Fixes bug introduced by bugfix #242. OpenDNSSEC 1.3.0rc3 * Do not distribute trang. Bugfixes: * Fix test for java executable and others. * Auditor: Fix delegation checks. * Bugfix #242: Race condition when receiving multiple NOTIFIES for a zone. * ods-kaspcheck: Do not expect resalt in NSEC policy. * Signer Engine: Ifdef a header file. * Signer Engine: The default working directory was not specified. * Signer Engine: Handle stdout console output throttling that would truncate daemon output intermittently. OpenDNSSEC 1.3.0.rc2 * Match the names of the signer pidfile and enforcer pidfile. * Include check for resign < resalt in ods-kaspcheck. Bugfixes: * Bugfix #231: Fix MySQL version check. * ods-ksmutil: Update now sends a HUP to the enforcerd. * Signer Engine: Fix assertion failure if zone was just added. * Signer Engine: Don't hsm_close() on setup error. * Signer Engine: Fix race condition bug when doing a single run. * Signer Engine: In case of failure, also mark zone processed (single run). * Signer Engine: Don't leak backup file descriptor. * signconf.rnc now allows NSEC3 Iterations of 0 OpenDNSSEC 1.3.0rc1 * <SkipPublicKey/> is enabled for SoftHSM in the default configuration. It improves the performance by only using the private key objects. * Document the <RolloverNotification> tag in conf.xml. Bugfixes: * Bugfix #221: Segmentation Fault on schedule.c:232 * Enforcer: 'make check' now works. * Enforcer: Fixed some memory leaks in the tests. * Signer Engine: Coverity report fixes some leaks and thread issues. * Signer Engine: Now logs to the correct facility again. OpenDNSSEC 1.3.0b1 * Support for signing the root. Use the zone name "." * Enforcer: Stop import of policy if it is not consistent. * ods-signer: The queue command will now also show what tasks the workers are working on. * Signer Engine: Just warn if occluded zone data was found, don't stop signing p rocess. * Signer Engine: Simpler serial maintenance, reduces the number of conflicts. Less chance to hit a 'cannot update: serial too small' error message. * Signer Engine: Simpler NSEC(3) maintenance. * Signer Engine: Temperate the number of backup files. * Signer Engine: Set number of <SignerThreads> in conf.xml to get peak performance from HSMs that can handle multiple threads. Bugfixes: * Bugreport #139: ods-auditor fails on root zone. * Bugreport #198: Zone updates ignored? * Replace tab with white-space when writing to syslog. * Signer Engine: Do not block update command while signing. |
||
|---|---|---|
| .. | ||
| patches | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| MESSAGE | ||
| options.mk | ||
| PLIST | ||