«
»

OpenDNSSEC 1.4.0b2

Version 1.4.0b2 of OpenDNSSEC has now been released. This version is recommended for testing only, not for use in production environments.

Updates:

  • ods-ksmutil: Deprecate the one-step ‘key backup’ command
  • OPENDNSSEC-292: Provide scripts to convert database between different supported formats
  • OPENDNSSEC-299: ods-ksmutil: ods-ksmutil <enter> now includes policy import
  • OPENDNSSEC-300: ods-ksmutil: policy purge documented with a warning
  • OPENDNSSEC-315: “ods-hsmutil logout” will delete any credentials in the  shared memory.
  • OPENDNSSEC-330: Signer Engine: NSEC3PARAM TTL should be set to zero.
  • OPENDNSSEC-338: ods-ksmutil: fix zone delete on MySQL (broken by SUPPORT-27)
  • OPENDNSSEC-345: ods-ksmutil: use ods-control to HUP the enforcerd process

Bugfixes:

  • SUPPORT-40: Signer Engine: Keep occluded data in signed zone files/transfers.
  • OPENDNSSEC-349: Enforcer: Fix some memory leaks in the enforcer found by valgrind.
  • OPENDNSSEC-353: Signer Engine: Add/remove NSEC3s for empty non-terminals between apex and  delegation when DS is added/removed.
  • Signer Engine: Fixed locking and notification on the drudge work queue, signals could be missed  so that drudgers would stall when there was work to be done.
  • libhsm: Fixed PIN handling on OpenBSD.
  • Enforcer: If enabled enforcer workers and configured number of workers is 1,  make sure that enforcer runs the signer update command after signer  configuration change.
  • Signer Engine: Don’t add double RRSIGs generated by the same key for the  DNSKEY RRset.
  • Signer Engine: Rollback incompleted zone transfers on disk (could happen  if a connection was reset during transfer).
  • Multi-threaded enforcer: various minor fixes including deadlock problems.

Documentation:

Download the tarball from: opendnssec-1.4.0b2.tar.gz

 

This entry was posted on Tuesday, December 18th, 2012 at 12:03 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

Comments are closed.