Bug 250293 - dns/opendnssec2: update to 2.1.7
Summary: dns/opendnssec2: update to 2.1.7
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-ports-bugs (Nobody)
URL: https://www.opendnssec.org/2020/10/op...
Keywords: buildisok
Depends on:
Reported: 2020-10-12 09:53 UTC by Jaap Akkerhuis
Modified: 2020-10-12 11:59 UTC (History)
1 user (show)

See Also:

patch to update (37.96 KB, patch)
2020-10-12 09:53 UTC, Jaap Akkerhuis
jaap: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jaap Akkerhuis 2020-10-12 09:53:22 UTC
Created attachment 218688 [details]
patch to update


This release of 2.1.7 fixes a bug in the migration script to migrate
from 1.4 to 2.1. Additionally a bug in creating unnecessary signatures
during a ZSK roll was fixed. We also had some contributions regarding
edward curves and exporting keys by CKA identifier and other
corrections and improvements, see the full list below.


* OPENDNSSEC-949: Fix for migration bug not keeping proper parameters
  of NSEC3 signed zones. Amongst others the zone become NSEC. Loading
  the policies

* fixes the situation, migration scripts now corrected. Since 1.4
  does not require a salt, a resalt might be automatic after
  migrating, as this is a required parameter.

* OPENDNSSEC-948: do not recreate signatures for keys that are
  moving out this fixes unexpected double signatures in the zone.

* SUPPORT-253: Incorrect keytag used when using Combined Signing
  keys (CSK) (Thanks to Simon Arlott)

* SUPPORT-257: Export keys by locator (Thansk to Simon Arlott)

* SUPPORT-222: Support ED25519/ED448 keys. This requires library
  ldns 1.7.0 or better, otherwise unavailable. (Thanks again to
  Simon Arlott)

* Load libsqlite3.so.0 and fall back on libsqlite3.so.0 to allow
  to run migration tool on systems without libsqlite3.so.0 soft
  link.  (Thanks to Paul Wouters)

* Some compilation warnings, o.a. gcc10 related, code quality and
  initialization improvements. (Thanks to Jonas Berlin, and Mathieu
  MirMont, and Paul Wouters)
Comment 1 Automation User 2020-10-12 10:18:02 UTC
Build and package info is available at https://gitlab.com/swills/freebsd-ports/pipelines/201336228
Comment 2 Jaap Akkerhuis 2020-10-12 10:21:01 UTC
Note, this incorporate changes for bug #241270
Comment 3 Fernando Apesteguía freebsd_committer 2020-10-12 11:59:10 UTC
Q/A:  Makefile: [63]: whitespace before end of line.