rpms/opendnssec
7
0
Fork 0
Code Issues Pull Requests Releases Activity
82 Commits 13 Branches 26 Tags 221 KiB
a7fe6a09ab
Commit Graph

82 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
François Cami
a7fe6a09ab Update to 2.1.9 
Issues solved:
- OPENDNSSEC-955: Prevent concurrency between certain valid
                  PKCS#11 HSM operations to avoid some keys
                  to be (transiently) unavailable.
- OPENDNSSEC-956: Harden signing procedure to still sign zones
                  for which there are unused keys specified in
                  the zone which are unavailable.

Known issue:
- OPENDNSSEC-957: Signer daemon stops with failure exit code
                  even when no error occured.
 2021-07-06 16:55:01 +02:00
Zbigniew Jędrzejewski-Szmek
85d740ed46 Rebuilt for updated systemd-rpm-macros 
See https://pagure.io/fesco/issue/2583.
 2021-03-02 16:13:10 +01:00
Fedora Release Monitoring
33b7514afc Update to 2.1.8 (#1931143) 2021-02-21 18:02:43 +02:00
Fedora Release Engineering
937d85e900 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-01-26 22:29:32 +00:00
Tom Stellard
0f5fe5758a Add BuildRequires: make 
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
 2021-01-07 06:30:35 +00:00
Adam Williamson
6898d0823a Rebuild for libldns soname bump 2020-12-19 10:14:09 -08:00
Paul Wouters
e2ef048d83 - Resolves rhbz#1826233 ods-enforcerd.service should wait until socket is ready 2020-12-08 21:10:34 -05:00
Alexander Bokovoy
753f88d235 Update to 2.1.7 
- OPENDNSSEC-949: Fix for migration bug not keeping proper parameters
   of NSEC3 signed zones. Amongst others the zone become NSEC. Loading
   the policies fixes the situation, migration scripts now corrected. Since
   1.4 does not require a salt, a resalt might be automatic after
   migrating, as this is a required parameter.

 - OPENDNSSEC-948: do not recreate signatures for keys that are moving
   out this fixes unexpected double signatures in the zone.

 - SUPPORT-253: Incorrect keytag used when using Combined Signing keys
   (CSK) (Thanks to Simon Arlott)

 - SUPPORT-257: Export keys by locator (Thansk to Simon Arlott)

 - SUPPORT-222: Support ED25519/ED448 keys. This requires library ldns
   1.7.0 or better, otherwise unavailable. (Thanks again to Simon
   Arlott)

 - Load libsqlite3.so.0 and fall back on libsqlite3.so.0 to allow to run
   migration tool on systems without libsqlite3.so.0 soft link. (Thanks
   to Paul Wouters)

 - Some compilation warnings, o.a. gcc10 related, code quality and
   initialization improvements. (Thanks to Jonas Berlin, and Mathieu
   MirMont, and Paul Wouters)
 2020-12-04 17:45:16 +02:00
Fedora Release Engineering
dfb31f8f57 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-28 12:41:47 +00:00
Tom Stellard
9a95494575 Use make macros 
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
 2020-07-14 02:20:56 +00:00
Paul Wouters
79b9c53dc1 - Resolves: rhbz#1833718 ods-signerd.service missing .service 2020-05-28 13:38:07 -04:00
Paul Wouters
07a7db0602 - Resolves: rhbz#1825812 AVC avc: denied { dac_override } for comm="ods-enforcerd 2020-04-20 09:49:21 -04:00
Paul Wouters
ee3dc63b53 - Fix migration check to not attempt to check on first install with no db 2020-03-10 22:43:23 -04:00
Alexander Bokovoy
ed1a3ea7ca Create and own /var/opendnssec/enforcer directory in the package 
Resolves: rhbz#1809492
 2020-03-03 11:15:50 +02:00
Paul Wouters
6c8038d198 new sources and patch 2020-02-24 13:36:14 -05:00
Paul Wouters
3b082a60ff * Wed Feb 19 2020 Paul Wouters <pwouters@redhat.com> - 2.1.6-2 
- Update to 2.1.6 (major upgrade, supports migration from 1.4.x)
- gcc10 compile fixups
- Fix trying to use unversioned libsqlite3.so file
 2020-02-24 13:30:42 -05:00
Paul Wouters
cbc7fca9d1 - Update to 2.1.5 (major upgrade, supports migration from 1.4.x) 2020-02-18 16:41:36 -05:00
Fedora Release Engineering
9fe5786c6c - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-01-29 20:16:09 +00:00
Fedora Release Engineering
08a2d6c5e8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-07-25 23:25:44 +00:00
Fedora Release Engineering
6f81c827c1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-02-01 17:22:20 +00:00
Igor Gnatenko
bce84c95f0 Remove obsolete Group tag 
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
 2019-01-28 20:24:23 +01:00
Fedora Release Engineering
64bb9a73c6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-13 15:05:06 +00:00
Igor Gnatenko
126b372f94 add BuildRequires: gcc 
Reference: https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot
 2018-07-09 19:06:49 +02:00
Fedora Release Engineering
ee848ab4d8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-08 09:27:04 +00:00
Paul Wouters
ffb901ceb2 * Tue Dec 12 2017 Paul Wouters <pwouters@redhat.com> - 1.4.14-1 
- Update to 1.4.14 as first steop to migrating to 2.x
- Resolves: rhbz#1413254 Move tmpfiles.d config to %%{_tmpfilesdir}, install LICENSE as %%license
 2017-12-12 13:20:29 -05:00
Fedora Release Engineering
c3e28a2a66 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-03 04:31:19 +00:00
Fedora Release Engineering
1f02006bf1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-27 01:46:26 +00:00
Petr Písař
e438c8654f perl dependency renamed to perl-interpreter <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules> 2017-07-12 14:25:37 +02:00
Tomas Hozza
6460f2ef4e Fix FTBFS (#1424019) in order to rebuild against new ldns 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2017-03-09 12:58:04 +01:00
Fedora Release Engineering
f710e5c910 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-11 00:50:45 +00:00
Richard W.M. Jones
0fcdc057f3 Add BR perl. 
See:
https://fedoraproject.org/wiki/Packaging:Perl#Build_Dependencies

No rebuild is required.

The original error was:

...
checking time.h presence... yes
checking for time.h... yes
checking for SSL... found in /usr
checking for HMAC_CTX_init in -lcrypto... yes
checking for EVP_sha1... yes
checking for EVP_sha256... yes
checking for dlopen... no
checking for dlopen in -ldl... yes
checking for perl... no
configure: error: perl not found
 2016-10-07 18:33:46 +01:00
Paul Wouters
68bd9bdffa * Thu Feb 18 2016 Paul Wouters <pwouters@redhat.com> - 1.4.9-3 
- Resolves: rbz#1303965 upgrade to opendnssec-1.4.9-1.fc23 breaks old installations
- On initial install, after token init, also run ods-ksmutil setup
 2016-02-17 22:05:21 -05:00
Fedora Release Engineering
bef3d068cd - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 11:26:34 +00:00
Paul Wouters
c62752cf36 * Mon Feb 01 2016 Paul Wouters <pwouters@redhat.com> - 1.4.9-1 
- Updated to 1.4.9
- Removed merged in patch
 2016-02-01 13:03:53 +01:00
Dennis Gilmore
e280d2f94b - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 23:56:39 +00:00
Paul Wouters
71adc33075 * Tue Jun 09 2015 Paul Wouters <pwouters@redhat.com> - 1.4.7-2 
- Resolves rhbz#1219746 ods-signerd.service misplaced After= in section Service
- Resolves rhbz#1220443 OpenDNSSEC fails to initialise a slot in softhsm on first install
 2015-06-09 11:23:22 -04:00
Paul Wouters
af2cb8cc70 - Updated to 1.4.7 (fix zone update can get stuck, crash on retransfer cmd) 2014-12-08 22:53:46 -05:00
Paul Wouters
3d8b92bdbd - Change /etc/opendnssec to be ods group writable 2014-10-15 15:13:50 -04:00
Paul Wouters
d8e79f3abd - Added Petr Spacek's patch that adds the config option <AllowExtraction/> (rhbz#1123354) 2014-10-08 13:08:44 -04:00
Peter Robinson
6b89209c3d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-17 13:51:11 +00:00
Paul Wouters
83314e9e6a * Mon Jul 28 2014 Paul Wouters <pwouters@redhat.com> - 1.4.6-1 
- Updated to 1.4.6
- Removed incorporated patch upstream
- Remove Wants= from ods-signerd.service (rhbz#1098205)
 2014-07-28 11:04:29 -04:00
Dennis Gilmore
6f11c1acc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 11:35:27 -05:00
Paul Wouters
c4c31c2c27 keep EVR with el6 2014-04-18 17:07:03 -04:00
Paul Wouters
53c15c3520 fix patch number 2014-04-18 15:49:23 -04:00
Paul Wouters
7a79b22433 add changelog entry 2014-04-18 15:47:08 -04:00
Paul Wouters
70b73e51ed * Fri Apr 18 2014 Paul Wouters <pwouters@redhat.com> - 1.4.5-2 
- Updated to 1.4.5
- Added patch for serial 0 bug in XFR adapter
 2014-04-18 15:45:50 -04:00
Paul Wouters
4156deefcd * Tue Apr 01 2014 Paul Wouters <pwouters@redhat.com> - 1.4.4-3 
- Add buildrequires for ods-kasp2html (rhbz#1073313)
 2014-04-01 11:33:53 -04:00
Paul Wouters
389a5f515a * Fri Mar 28 2014 Paul Wouters <pwouters@redhat.com> - 1.4.4-2 
- Add requires for ods-kasp2html (rhbz#1073313)
 2014-03-29 17:33:30 -04:00
Paul Wouters
0cbe4c95b6 * Thu Mar 27 2014 Paul Wouters <pwouters@redhat.com> - 1.4.4-1 
- Updated to 1.4.4 (compatibility with non RFC 5155 errata 3441)
- Change the default ZSK policy from 1024 to 2048 bit RSA keys
- Fix post to be quiet when upgrading opendnssec
 2014-03-27 22:37:46 -04:00
Paul Wouters
e0c8af861d * Thu Jan 09 2014 Paul Wouters <pwouters@redhat.com> - 1.4.3-1 
- Updated to 1.4.3i (rhel#1048449) - minor bugfixes, minor feature enhancements
- rhel#1025985 OpenDNSSEC signer cannot be started due to a typo in service file
 2014-01-09 11:58:22 -05:00