[Dnssec-trigger] dnssec-trigger 0.16 released

Martin Sehnoutka msehnout at redhat.com
Fri Jun 22 09:28:40 UTC 2018


be careful, there is an unfortunate bug in this loop:
Since it was changed from the iterator macro, it needs to do the step
iter=iter->next regardless of the branch it takes. Right now it will
most likely end up in an infinite loop. I'm working on a patch:
I wanted to release this patch together with another one, which would
also fix a problem with installation of a forward zone with the same
name, but different name servers (this currently does not work), but I
haven't managed to finish it yet.

Best regards,

On 06/21/2018 02:25 PM, W.C.A. Wijngaards wrote:
> Hi,
> dnssec-trigger 0.16 is available:
> https://nlnetlabs.nl/downloads/dnssec-trigger/dnssec-trigger-0.16.tar.gz
> sha256 e80aab8fd52074638f782a608bf433cbaa507cad087bcc5fb433353db9d057cb
> pgp
> https://nlnetlabs.nl/downloads/dnssec-trigger/dnssec-trigger-0.16.tar.gz.asc
> windows
> https://nlnetlabs.nl/downloads/dnssec-trigger/dnssec_trigger_setup_0.16.exe
> osx
> https://nlnetlabs.nl/downloads/dnssec-trigger/dnssectrigger-0.16.dmg
> This release has a fix for the reports about .uk.uk.  The patchset from
> Martin Sehnoutka is integrated, it moves functionality from the linux
> network change script into the dnssec-trigger process.
> Features
> - Patch set from Martin Sehnoutka,
>   It migrates the functionality currently provided by the script
>   into the daemon. the "update" command from the script is available
>   in the daemon as "update_all", so that they can live side by side.
> Bug Fixes
> - Fix example.conf default printout text replacement.
> - port of dnssec-trigger-script to libnm.
> - Fix that NXDOMAIN for _probe.uk.uk is deemed allright.
> - Modify the build system:
> A new configure option 'with-forward-zones-support' was introduced, that
> enables configuration of forward and local zones directly from the
> daemon as opposed to the script. Without this option, there is almost no
> change.
> The new functionality of the daemon can be triggered by the "update_all"
> command, which is now used in NM dispatcher script and systemd service
> file. Some configuration options were migrated from the script to the
> daemon as well.
> Finally a testing suite was introduced using the cmocka library.
> - Introduce string_buffer and string_list types:
>   String buffer is a fat pointer and list is a single linked list of fat
> char pointers.
> - Import JSON parsing library (BSD-MIT license).
> - Connection list module:
> A connection is a struct encapsulating the concept of "connection" as
> known from NetworkManager. It is used to extract information about
> global resolvers, DNS search zones and in the future about reverse zones
> corresponding to the network address.
> - Function to parse JSON into connection list
> - Lock module, used to serialize execution in the script
> This was introduced as a compatibility feature with the script, but once
> the script is gone, this can be safely removed.
> - Store module - persistent storage used by the script
> The script uses few files stored on disk in order to create a persistent
> cache of configured global forwarders and forward zones. This was
> introduced as a compatibility module with the script. Again it can be
> removed once the compatibility is not needed any more.
> - Testing suite for previously introduced modules
> It can be executed using 'make test' and it can be also used in CI.
> - New configuration options, that were in the script
> - Hook unbound control
> It uses 'unbound-control' binary instead of the socket, so this should
> probably be rewritten if possible.
> - Reimplement update command from script in riggerd
> - add testing file for global forwarders cache
> - Fixes and modifications to the patch set.
> - removed -vvv option from dnssec-triggerd daemon start script.
> - removed unaligned memcpy
> - More review fixes, store.c, error log and fixup of getline return,
>   and not variable use before declaration.  Spelling, strdup,
>   bool removal for portability.  Removed unsigned comparison warning.
> - string_list, sprint with null termination and correct buffer check.
> - Fix that update_connection_zones does not use item after free.
> - Fix declare before code warnings.
> - Use pclose for popen fds.
> - Use snprintf instead of sprintf to fixed buffer.
> - Fix gcc buffer size for snprintf warning (in dnssec-trigger update
>   code, not the patch set from 14may).
> - Add check on shell commandline arguments, to make sure domain names
>   and IP addresses passed to it do not contain escape characters.
> Best regards, Wouter
> _______________________________________________
> dnssec-trigger mailing list
> dnssec-trigger at NLnetLabs.nl
> https://open.nlnetlabs.nl/mailman/listinfo/dnssec-trigger

Martin Sehnoutka | Associate Software Engineer

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/dnssec-trigger/attachments/20180622/1c1da5a5/attachment.bin>

More information about the dnssec-trigger mailing list