OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
|Tags||DNS Internet Security Registry dnssec infrastructure tld registrar|
|Operating Systems||Unix RHEL Linux OpenBSD FreeBSD NetBSD Fedora Debian Ubuntu Mac OS X|
|Implementation||C C++ Python Ruby ldns|
Release Notes: This release optimized storage in HSM, logs the serial of signed zones in the STATS line, provides NSEC3 records on empty non-terminals, checks for the existence of SOA RRset, and extended the 'key list' command. It fixed ods-ksmutil key import, date validation errors, and an off-by-one length check error in libhsm. In libhsm, cleanup was improved for C_FindObjects. The Signer Engine no longer replaces tabs in RRs with whitespace. Possible memory corruption in hsm_get_slot_id was fixed. A race condition when stopping the Signer Engine daemon was fixed. enforcer and ods-ksmutil now have improved logging on key creation and allocation.
Release Notes: This release fixes libhsm not using all mandatory attributes for GOST key generation and the "key list" command failing with an error in 1.4.4 on MySQL.
Release Notes: This release adds an option for 'ods-ksmutil key generate' to take the number of zones as a parameter. Several important bugfixes have been made.
Release Notes: SUPPORT-42: ./configure fails on FreeBSD (or if ldns is not installed in a directory in the default search path of the complier). OpenDNSSEC does not compile against ldns 1.6.16 on platforms that rely on the OpenDNSSEC implementation of strlcpy/cat.
Release Notes: NSEC3PARAM TTL should be set to zero. Bugfixes:
OPENDNSSEC-306 (can't delete zone until Enforcer made signerconf); OPENDNSSEC-281 (Commandhandler was sometimes unresponsive); OPENDNSSEC-299 (ods-ksmutil