Version 1.3.5 of OpenDNSSEC has now been released.
- Auditor: Include the zone name in the log messages.
- ldns 1.6.12 is required for bugfixes.
- ods-ksmutil: Suppress database connection information when no -v flag is given.
- ods-enforcerd: Stop multiple instances of the enforcer running by checking for the pidfile at startup. If you want to run multiple instances then a different pidfile will need to be specified with the -P flag.
- ods-ksmutil: “zone delete” renames the signconf file; so that if the zone is put back the signer will not pick up the old file.
- Signer Engine: Verbosity can now be set via conf.xml, default is 3.
- Bugfix OPENDNSSEC-174: Configure the location for conf.xml with –config or -c when starting the signer.
- Bugfix OPENDNSSEC-192: Signer crashed on deleting NSEC3 for a domain that becomes opt-out.
- Bugfix OPENDNSSEC-193: Auditor crashed with certain empty non-terminals.
- Signer Engine: A file descriptor for sockets with value zero is allowed.
- Signer Engine: Only log messages about a full signing queue in debug mode.
- Signer Engine: Fix time issues, make sure that the internal serial does not wander off after a failed audit.
- Signer Engine: Upgrade ldns to avoid future problems on 32-bit platforms with extra long signature expiration dates. More information in separate announcement.
Download the tarball from: opendnssec-1.3.5.tar.gz