Archive for the ‘Releases’ Category
SoftHSM 2.0.0b1
Version 2.0.0b1 of SoftHSM has been released.
Updates:
- SOFTHSM-84: Check that all mandatory attributes are given during the creation process.
- SOFTHSM-92: Enable -fvisibility=hidden on per default
- SUPPORT-137: Implement C_EncryptUpdate and C_EncryptFinal (Patch from Martin Paljak)
- Add support for CKM_RSA_PKCS key un/wrapping (Patch from Petr Spacek)
Bugfixes:
- SOFTHSM-66: Attribute handling when using multiple threads
- SOFTHSM-93: Invalid C++ object recycling.
- SOFTHSM-95: umask affecting the calling application.
- SOFTHSM-97: Check if Botan has already been initialized.
- SOFTHSM-98: Handle mandatory attributes for DSA, DH, and ECDSA correctly.
- SOFTHSM-99: Binary encoding of GOST values.
- SUPPORT-136: softhsm2-keyconv creates files with sensitive material in insecure way.
Download:
- softhsm-2.0.0b1.tar.gz
- softhsm-2.0.0b1.tar.gz.sig
- Checksum sha1: 73b1e2e84f8fa27db53cfd1efc9892078605b069
- Checksum sha256: b72ffae3feadbc669eecb58f4da5dce7e5124e666173e816ae58f98824515ae6
- GitHub tag: 2.0.0b1
OpenDNSSEC 1.4.6
Version 1.4.6 of OpenDNSSEC has now been released:
Updates:
- Signer Engine: Print secondary server address when logging notify reply errors.
- Build: Fixed various OpenBSD compatibility issues found by Patrik Lundin <patrik.lundin.swe@gmail.com>.
- OPENDNSSEC-621: conf.xml: New options: <PidFile> for both enforcer and signer, and <SocketFile> for the signer.
- New tool: ods-getconf: to retrieve a configuration value from conf.xml given an expression.
Bugfixes:
- OPENDNSSEC-469: ods-ksmutil: ‘zone add’ command when zonelist.xml.backup can’t be written zone is still added to database, solved it by checking the zonelist.xml.backup is writable before adding zones, and add error message when add zone failed.
- OPENDNSSEC-617: Signer Engine: Fix DNS Input Adapter to not reject zone the first time due to RFC 1982 serial arethmetic.
- OPENDNSSEC-619: memory leak when signer failed, solved it by add ldns_rr_free(signature) in libhsm.c
- OPENDNSSEC-627: Signer Engine: Unable to update serial after restart when the backup files has been removed.
- OPENDNSSEC-628: Signer Engine: Ingored notifies log level is changed from debug to info.
- OPENDNSSEC-630: Signer Engine: Fix inbound zone transfer for root zone.
- libhsm: Fixed a few other memory leaks.
- simple-dnskey-mailer.sh: Fix syntax error. (by Patrik Lundin https://github.com/eest)
Documentation:
Download:
- https://dist.opendnssec.org/source/opendnssec-1.4.6.tar.gz
- https://dist.opendnssec.org/source/opendnssec-1.4.6.tar.gz.sig
- Checksum SHA1: 2318b31546d0d4118cd03b9591ba76d259e1b0b0
- Checksum SHA256: 53f9c454f331822925d76c9d9e5e7cb3fe2dfb03e3c467f67f9412f10d0fd5ec
OpenDNSSEC 1.3.18
Version 1.3.18 of OpenDNSSEC has now been released:
Updates:
- OPENDNSSEC-620: conf.xml: New options: <PidFile> for both enforcer and signer, and <SocketFile> for the signer.
- Build: Fixed various OpenBSD compatibility issues found by Patrik Lundin <patrik.lundin.swe@gmail.com>.
- New tool: ods-getconf: to retrieve a configuration value from conf.xml given an expression.
Bugfixes:
- OPENDNSSEC-632: ods-ksmutil: ‘zone add’ command when zonelist.xml.backup can’t be written zone is still added to database, solved it by checking the zonelist.xml.backup is writable before adding zones, and add error message when add zone failed.
- OPENDNSSEC-624: memory leak when signer failed, solved it by add ldns_rr_free(signature) in libhsm.c
- simple-dnskey-mailer.sh: Fix syntax error. (by Patrik Lundin https://github.com/eest)
- libhsm: Fixed a few other memory leaks.
Documentation:
Download:
- https://dist.opendnssec.org/source/opendnssec-1.3.18.tar.gz
- https://dist.opendnssec.org/source/opendnssec-1.3.18.tar.gz.sig
- Checksum SHA1: 6c860096257955b3559c1d42cf59047332f3d1ee
- Checksum SHA256: e61d23ae0cc57b6e09d408bade6872fe5241896c61a03e8bc5ceeb65df13a676
SoftHSM 1.3.7
Version 1.3.7 of SoftHSM has been released.
Bugfixes:
- SOFTHSM-94: umask affecting the calling application.
- SOFTHSM-96: Check if Botan has already been initialised.
Documentation:
Download:
- softhsm-1.3.7.tar.gz
- softhsm-1.3.7.tar.gz.sig
- Checksum SHA1: e8bf4269472f9e63d1dfeda238b1d542d6c036f2
- Checksum SHA256: d12d6456a85561266d9da427565f3ee3746a35df6670d5e6be75de253c2810a4
OpenDNSSEC 1.3.17
Version 1.3.17 of OpenDNSSEC has now been released:
Updates:
- SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly if SkipPublicKey is used [OPENDNSSEC-575].
- Signer Engine: log serial of signed zone in STATS line.
- OPENDNSSEC-550: Signer Engine: Put NSEC3 records on empty non-terminals derived from unsigned delegations (be compatible with servers that are incompatible with RFC 5155 errata 3441).
- OPENDNSSEC-569: Build compatibility with SoftHSMv2.
- Signer Engine: Examine unsigned zone checks for SOA RRset existence.
- OPENDNSSEC-591: ods-ksmutil: Extend ‘key list’ command with options to filter on key type and state. This allows keys in the GENERATE and DEAD state to be output.
Bugfixes:
- SUPPORT-116: ods-ksmutil key import. Date validation fails on certain dates [OPENDNSSEC-589].
- OPENDNSSEC-481: libhsm: Fix an off-by-one length check error.
- OPENDNSSEC-482: libhsm: Improved cleanup for C_FindObjects.
- OPENDNSSEC-515: Signer Engine: Don’t replace tabs in RRs with whitespace.
- OPENDNSSEC-538: libhsm: Possible memory corruption in hsm_get_slot_id.
- Signer Engine: Fix a race condition when stopping daemon.
- OPENDNSSEC-586: enforcer & ods-ksmutil: Improve logging on key creation and alloctaion.
- OPENDNSSEC-588: ods-ksmutil: Exported value of <Parent><SOA><TTL> in ‘policy export’ output could be wrong on MySQL.
Documentation:
Download:
- opendnssec-1.3.17.tar.gz
- opendnssec-1.3.17.tar.gz.sig
- Checksum SHA1: 732ffcbb3b7ca39e35b053dc1d4e516a9b9bbaa2
- Checksum SHA256: 9f0dcfb53a3e10255b2d85e6a30663548eca1ec2e900b7cd5db9329f1710e323
OpenDNSSEC 1.4.5
Version 1.4.5 of OpenDNSSEC has now been released:
Bugfixes:
- OPENDNSSEC-607: libhsm not using all mandatory attributes for GOST key generation.
- OPENDNSSEC-609: ods-ksmutil: ‘key list’ command fails with error in 1.4.4 on MySQL. Reported by Mark Elkins <mje@posix.co.za>
Documentation:
Download:
- opendnssec-1.4.5.tar.gz
- opendnssec-1.4.5.tar.gz.sig
- Checksum sha1: da2d97669a7688321ea563e0a512531d932f19d6
- Checksum sha256: c4d4366497ab096c6887c51f7518d546a0419a44dfad1f57d4ec9e67bb95019b
SoftHSM 2.0.0a2
Version 2.0.0a2 of SoftHSM has been released.
Updates:
- SOFTHSM-68: Display a better configure message when there is a version of Botan with a broken ECC/GOST/OID implementation.
- SOFTHSM-70: Improved handling of the database backend.
- SOFTHSM-71: Supporting Botan 1.11.
- SOFTHSM-76: Do not generate RSA keys smaller than 1024 bit when using the Botan crypto backend.
- SOFTHSM-83: Support CKA_VALUE_BITS for CKK_DH private key object.
- SOFTHSM-85: Rename libsofthsm.so to libsofthsm2.so and prefix the command line utilties with softhsm2-.
- SOFTHSM-89: Use constants and not strings for signaling algorithms.
- SUPPORT-129: Possible to use an empty template in C_GenerateKey. The class and key type are inherited from the generation mechanism. Some mechanisms do however require a length attribute. [SOFTHSM-88]
- SUPPORT-131: Support RSA-PSS using SHA1, SHA224, SHA256, SHA384, or SHA512. [SOFTHSM-87]
Bugfixes:
- SOFTHSM-39: Fix 64 bit build on sparc sun4v.
- SOFTHSM-69: GOST did not work when you disabled ECC.
- SOFTHSM-78: Correct the attribute checks for a number of objects.
- SOFTHSM-80: Prevent segfault in OpenSSL GOST HMAC code.
- SOFTHSM-91: Fix a warning from static code analysis.
- Fixed a number of memory leaks.
Documentation:
Download:
- softhsm-2.0.0a2.tar.gz
- softhsm-2.0.0a2.tar.gz.sig
- Checksum sha1: 5197835de70eedbf4e33ca3a9b3da8e112e4c85c
- Checksum sha256: 325187ae0823c22c4d3794914edcefef891b1b8021c3d363404d77508f86b9ca
- GitHub tag: 2.0.0a2
OpenDNSSEC 1.4.4
Version 1.4.4 of OpenDNSSEC has now been released:
Updates:
- SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly if SkipPublicKey is used [OPENDNSSEC-574].
- OPENDNSSEC-358: ods-ksmutil: Extend ‘key list’ command with options to filter on key type and state. This allows keys in the GENERATE and DEAD state to be output.
- OPENDNSSEC-549: Signer Engine: Put NSEC3 records on empty non-terminals derived from unsigned delegations (be compatible with servers that are incompatible with RFC 5155 errata 3441).
Bugfixes:
- SUPPORT-86: Fixed build on OS X [OPENDNSSEC-512].
- SUPPORT-97: Signer Engine: Fix after restart signer thinks zone has expired [OPENDNSSEC-526].
- SUPPORT-101: Signer Engine: Fix multiple zone transfer to single file bug [OPENDNSSEC-529].
- SUPPORT-102: Signer Engine: Fix statistics (count can be negative)/
- SUPPORT-108: Signer Engine: Don’t replace tabs in RRs with whitespace [OPENDNSSEC-520].
- SUPPORT-116: ods-ksmutil: ‘key import’ date validation fails on certain dates [OPENDNSSEC-553].
- SUPPORT-128: ods-ksmutil. Man page had incorrect formatting [OPENDNSSEC-576].
- SUPPORT-127: ods-signer: Fix manpage sections.
- OPENDNSSEC-457: ods-ksmutil: Add a check on the ‘zone add’ input/output type parameter to allow only File or DNS.
- OPENDNSSEC-481: libhsm: Fix an off-by-one length check error.
- OPENDNSSEC-482: libhsm: Improved cleanup for C_FindObjects.
- OPENDNSSEC-531: ods-ksmutil: Exported value of <Parent><SOA><TTL> in ‘policy export’ output could be wrong on MySQL.
- OPENDNSSEC-537: libhsm: Possible memory corruption in hsm_get_slot_id.
- OPENDNSSEC-544: Signer Engine: Fix assertion error that happens on an IXFR request with EDNS.
- OPENDNSSEC-546: enforcer & ods-ksmutil: Improve logging on key creation and alloctaion.
- OPENDNSSEC-560: Signer Engine: Don’t crash when unsigned zone has no SOA.
- Signer Engine: Fix a race condition when stopping daemon.
Documentation:
Download:
- opendnssec-1.4.4.tar.gz
- opendnssec-1.4.4.tar.gz.sig
- Checksum sha1: c204659dc53d47a16481f19fbc709b292c445c7d
- Checksum sha256: 71f930d871e3526f930ac57925f5d5b934988e0b2e9e858926bfc73d9ba9d00e
SoftHSM 1.3.6
Version 1.3.6 of SoftHSM has been released.
Updates:
- SOFTHSM-51: Call umask to restrict created files.
Bugfixes:
- Fix malloc(0) warning in clang.
Documentation:
Download:
- softhsm-1.3.6.tar.gz
- softhsm-1.3.6.tar.gz.sig
- Checksum sha1: 442f94d681006b16b8d2630d2e58849cb804463d
- Checksum sha256: e39ac8e851220edd2b2afbe4d9e06d956bccc20bc72752740eabf95692359486
SoftHSM 2.0.0a1
Version 2.0.0a1 of SoftHSM has been released. This is the first alpha version for SoftHSM v2. All required features for this version have been implemented and we would like to get feedback from community.
SoftHSM v2 Key Features:
- Encrypting sensitive information on disc
- Generalized crypto backend: OpenSSL or Botan
- Supporting more mechanisms: ECDSA, GOST, DSA, DH, AES, DES
- Supporting more PKCS#11 functions: Encryption/Decryption, Wrapping/Unwrapping
Documentation:
Download:
- softhsm-2.0.0a1.tar.gz
- softhsm-2.0.0a1.tar.gz.sig
- Checksum sha1: b2ac8b5ccd7b38081f9f4900e4ef0a4fe6d8c54b
- Checksum sha256: 98410683133b2fcfe09fbf8a5661e392cbc6e7cebc6d983a2abf08da095895b6
- GitHub tag: 2.0.0a1a
You are currently browsing the archives for the Releases category.