OpenDNSSEC 1.0.0b1

The first beta-version of OpenDNSSEC has been released.

The following things are new for this release:

  • <Purge> tag added to automatically delete keys that have been dead for some interval.
  • Rename all OpenDNSSEC command line tools and daemons to ods-XXX (e.g. ksmutil becomes ods-ksmutil).
  • kasp_check command added to check the conf.xml and kasp.xml configuration files for sanity and consistency.
  • communicated and keygend combined to form “ods-enforcerd”.
  • ksmutil command line changes. Most commands have changed slightly, but there are some significant changes (see command-tools-syntax.txt for details.)
  • Enforcer database now has a version number. If it differs from the version number in the code (specified via a #define statement), the software will issue an error message and not connect to the database.
  • “ksmutil list keys” now displays the keytag if the -l flag is passed to it.
  • “Emergency Keys” renamed to “Standby Keys” as this better reflects their role in OpenDNSSEC.
  • The behaviour of SOA Serial value ‘counter’ has changed according to Ticket #31.
  • The directory “xml” and been renamed to “conf”. (This is part of repository clean.)
  • Zone fetcher added, that will do AXFR from the master.
  • There has been several changes to the KASP DB.

Known issue:
TCP-support for LDNS on Solaris is currently broken due to an issue with SO_RCVTIMEO. The result is that the zonefetcher doesn’t work. No other parts of OpenDNSSEC is affected by this bug. There is currently no workaround.

There are also a tar ball for this beta-release: opendnssec-1.0.0b1.tar.gz

You can also get it with subversion:

svn co OpenDNSSEC

Comments are closed.