./security/opendnssec, OSS for a fast and easy DNSSEC deployment

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.4.8.2, Package name: opendnssec-1.4.8.2, Maintainer: pettai

The OpenDNSSEC project announces the development of Open Source software
that manages the security of domain names on the Internet.
The project intends to drive adoption of Domain Name System Security Extensions
(DNSSEC) to further enhance Internet security.


Required to run:
[textproc/libxml2] [net/ldns] [security/softhsm]

Required to build:
[devel/cunit]

Package options: softhsm

Master sites:

SHA1: fd971ac015513206495b1f8531ebadabd010ca98
RMD160: 73e015bc45c03ed7cf0ed84bb4c2a64a8bf9a567
Filesize: 1018.722 KB

Version history: (Expand)


CVS history: (Expand)


   2015-11-16 11:09:08 by Havard Eidnes | Files touched by this commit (5) | Package updated
Log message:
Update OpenDNSSEC to version 1.4.8.2.

Pkgsrc changes:
 * Adapt patches to match new files.
 * Add new migration scripts to PLIST

Upstream changes:

News
 * Support for RFC5011 style KSK rollovers. KSK section in the KASP
   now accepts element.
 * Enforcer: New repository option allows to generate keys with
   CKA_EXTRACTABLE attribute set to TRUE so keys can be wrapped and
   extracted from HSM.

Bugfixes
 * SUPPORT-145: EOF handling an ARM architecture caused signer to hang.
 * Fixed signer hitting assertion on short reply XFR handler.
 * Include revoke bit in keytag calculation.
 * Increased stacksize on some systems (thanks Patrik Lundin!).
 * Stop ods-signerd on SIGINT.

Note:
 * Updating from earlier versions of OpenDNSSEC requires use of the
   database migration script(s) included in ${PKG}/share/opendnssec/
   as the migrate_1_4_8* scripts.
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-10-10 03:58:23 by Ryo ONODERA | Files touched by this commit (399)
Log message:
Recursive revbump from textproc/icu
   2015-04-06 10:17:41 by Adam Ciarcinski | Files touched by this commit (470)
Log message:
Revbump after updating textproc/icu
   2014-12-04 16:58:21 by Havard Eidnes | Files touched by this commit (4) | Package updated
Log message:
Update to version 1.4.7.

Changes:
 * The patch for SUPPORT-147 got integrated upstream.
 * Regenerate enforcer/utils/Makefile.in diff

Upstream changes:
 * SUPPORT-147: Zone updating via zone transfer can get stuck
 * Crash on 'retransfer command when not using DNS adapters.
   2014-11-04 10:41:02 by Havard Eidnes | Files touched by this commit (3) | Package updated
Log message:
There's one more useless ntohl(), get rid of that as well.

Bump PKGREVISION.
   2014-10-31 17:32:39 by Havard Eidnes | Files touched by this commit (4) | Package updated
Log message:
Fix a bug related to restoring various data from .xfrd-state files:
there's no need to byte-swap values read from a local file.
This would cause some IXFRs to mysteriously and consistently fail
until manual intervention is done, because the wrong (byte-swapped)
SOA serial# was being stuffed into the IXFR requests.

Ref. https://issues.opendnssec.org/browse/SUPPORT-147.

Also fix the rc.d script to not insist that the components must be
running to allow "stop" to proceed, so that "restart" or \ 
"stop" can
be done if one or both of the processes have exited or crashed.

Bump PKGREVISION.
   2014-10-28 14:26:37 by Havard Eidnes | Files touched by this commit (2)
Log message:
Add an rc.d script for NetBSD.