[Opendnssec-announce] OpenDNSSEC 1.2.0rc1
Rickard Bellgrim
rickard.bellgrim at iis.se
Wed Nov 17 13:15:23 UTC 2010
Hi
Version 1.2.0rc1 of OpenDNSSEC has now been released.
* New commandline option for the signer: ods-signer running.
* Allow connection to different MySQL ports in the Enforcer.
* Tone down and explain warning when converting M or Y to seconds
* ldns 1.6.7 is required for bugfixes
* dnsruby 1.51 is required for bugfixes
Migration:
There is a kasp schema change from the 1.1 branch (or trunk if you built prior to r3823). To make this transition you have 2 options:
1. Run ods-ksmutil setup again. This will remove _all_ the current information from the kasp database and start you off again with a fresh environment. If that is not an option, or you want to try something else then:
2. Run one of the migration scripts:
enforcer/utils/migrate_keyshare_mysql.pl
or:
enforcer/utils/migrate_keyshare_sqlite3.pl
depending on your database.
NOTE: Although these scripts have been tested it is recommended to make a backup of your database prior to running them.
Bugfixes:
* Bugreport #187: ods-control signer start will return non-zero if start up failed (uses ods-signer running).
* Narrow glue at the zone cut is allowed, do not consider it as occluded.
* Move zone fetcher output to correct input adapter file.
* Enforcer shared keys on zones with ShareKeys disabled.
* Make names of key states consistent.
* Signer Engine file descriptor leak fix on engine.sock.
* Set explicit “unlimited” repository capacity to prevent random integer being read. Requires “ods-ksmutil update conf” to be run if using an existing database.
* Fix issue with key generation creating too many keys Ticket #194.
* Bugreport #189: Auditor did not handle white-space-seperated substrings for base64 text
* Bugreport #190: Auditor (and signer) does not handle case correctly
* Signer now silence stdout-output from the notify command
Download the tarball from: http://www.opendnssec.org/files/source/opendnssec-1.2.0rc1.tar.gz
// OpenDNSSEC team
More information about the Opendnssec-announce
mailing list