[Opendnssec-announce] OpenDNSSEC 1.2.0rc1

Rickard Bellgrim rickard.bellgrim at iis.se
Wed Nov 17 13:15:23 UTC 2010


Version 1.2.0rc1 of OpenDNSSEC has now been released.

* New commandline option for the signer: ods-signer running.
* Allow connection to different MySQL ports in the Enforcer.
* Tone down and explain warning when converting M or Y to seconds
* ldns 1.6.7 is required for bugfixes
* dnsruby 1.51 is required for bugfixes

There is a kasp schema change from the 1.1 branch (or trunk if you built prior to r3823). To make this transition you have 2 options:
1. Run ods-ksmutil setup again. This will remove _all_ the current information from the kasp database and start you off again with a fresh environment. If that is not an option, or you want to try something else then:
2. Run one of the migration scripts:
depending on your database.
NOTE: Although these scripts have been tested it is recommended to make a backup of your database prior to running them.

* Bugreport #187: ods-control signer start will return non-zero if start up failed (uses ods-signer running).
* Narrow glue at the zone cut is allowed, do not consider it as occluded.
* Move zone fetcher output to correct input adapter file.
* Enforcer shared keys on zones with ShareKeys disabled.
* Make names of key states consistent.
* Signer Engine file descriptor leak fix on engine.sock.
* Set explicit “unlimited” repository capacity to prevent random integer being read. Requires “ods-ksmutil update conf” to be run if using an existing database.
* Fix issue with key generation creating too many keys Ticket #194.
* Bugreport #189: Auditor did not handle white-space-seperated substrings for base64 text
* Bugreport #190: Auditor (and signer) does not handle case correctly
* Signer now silence stdout-output from the notify command

Download the tarball from: http://www.opendnssec.org/files/source/opendnssec-1.2.0rc1.tar.gz

// OpenDNSSEC team

More information about the Opendnssec-announce mailing list