Welcome to OpenDNSSEC

The OpenDNSSEC project announces the development of Open Source software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

The latest news about OpenDNSSEC can be found below!

OpenDNSSEC 1.4.6

Version 1.4.6 of OpenDNSSEC has now been released:

Updates:

  • Signer Engine: Print secondary server address when logging notify reply errors.
  • Build: Fixed various OpenBSD compatibility issues found by Patrik Lundin <patrik.lundin.swe@gmail.com>.
  • OPENDNSSEC-621: conf.xml: New options: <PidFile> for both enforcer and signer, and <SocketFile> for the signer.
  • New tool: ods-getconf: to retrieve a configuration value from conf.xml given an expression.

Bugfixes:

  • OPENDNSSEC-469: ods-ksmutil: ‘zone add’ command when zonelist.xml.backup can’t be written zone is still added to database, solved it by checking the zonelist.xml.backup is writable before adding zones, and add error message when add zone failed.
  • OPENDNSSEC-617: Signer Engine: Fix DNS Input Adapter to not reject zone the first time due to RFC 1982 serial arethmetic.
  • OPENDNSSEC-619: memory leak when signer failed, solved it by add ldns_rr_free(signature) in libhsm.c
  • OPENDNSSEC-627: Signer Engine: Unable to update serial after restart when the backup files has been removed.
  • OPENDNSSEC-628: Signer Engine: Ingored notifies log level is changed from debug to info.
  • OPENDNSSEC-630: Signer Engine: Fix inbound zone transfer for root zone.
  • libhsm: Fixed a few other memory leaks.
  • simple-dnskey-mailer.sh: Fix syntax error. (by Patrik Lundin https://github.com/eest)

Documentation:

Download:

 

OpenDNSSEC 1.3.18

Version 1.3.18 of OpenDNSSEC has now been released:

Updates:

  • OPENDNSSEC-620: conf.xml: New options: <PidFile> for both enforcer and signer, and <SocketFile> for the signer.
  • Build: Fixed various OpenBSD compatibility issues found by Patrik Lundin <patrik.lundin.swe@gmail.com>.
  • New tool: ods-getconf: to retrieve a configuration value from conf.xml given an expression.

Bugfixes:

  • OPENDNSSEC-632: ods-ksmutil: ‘zone add’ command when zonelist.xml.backup can’t be written zone is still added to database, solved it by checking the zonelist.xml.backup is writable before adding zones, and add error message when add zone failed.
  • OPENDNSSEC-624: memory leak when signer failed, solved it by add ldns_rr_free(signature) in libhsm.c
  • simple-dnskey-mailer.sh: Fix syntax error. (by Patrik Lundin https://github.com/eest)
  • libhsm: Fixed a few other memory leaks.

Documentation:

Download:

 

SoftHSM 1.3.7

Version 1.3.7 of SoftHSM has been released.

Bugfixes:

  • SOFTHSM-94: umask affecting the calling application.
  • SOFTHSM-96: Check if Botan has already been initialised.

Documentation:

Download: