[Dnssec-trigger] [NLnet Labs Maintainers] dnssec-trigger 0.13

W.C.A. Wijngaards wouter at nlnetlabs.nl
Mon Jan 2 09:16:52 UTC 2017


Hi Ondřej,

SSLv2 removal is fine, and does not seem to give issues, so I'm not
removing that (that code looks the same as unbound, which does not have
that issue).  It is a no-op to remove it under openssl 1.1.0, but that
is fine too.  So that does not require a patch, because the code
carefully tries to exclude SSLv2, not include it.

I have git update scripts for NSD and Unbound, but not for
dnssec-trigger, because I didn't put it there.  And I think if I try
it'll break, because of different export settings.

Best regards, Wouter

On 22/12/16 11:56, Ondřej Surý wrote:
> Wouter,
> 
> dnssec-trigger 0.13 still tries to use SSL_OP_NO_SSLv2, so I made a PR
> on github dnssec-trigger toghether with other patches that I have in
> Debian (reworking those to be universally useful).
> 
> And I have just noticed that dnssec-trigger github copy is out of date.
> So please:
> 
> 1) update it to latest svn copy
> 2) setup a trigger to push the svn automatically (or for the love of all
> pagan gods, just switch to git already :)
> 3) ping me, and I'll update the PR to latest master
> 
> Or you can cherry-pick individual patches (apart from the HMAC_CTX_*
> stuff I guess they all should apply) and then push the up-to-date git
> copy.
> 
> Thanks,
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/dnssec-trigger/attachments/20170102/58d5770e/attachment.bin>


More information about the dnssec-trigger mailing list