[ldns-users] ldns 1.3.0

Jelte Jansen jelte at NLnetLabs.nl
Mon Jun 2 13:53:11 UTC 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,

ldns 1.3.0 is here!

Full changelog below this message.

Project page:
http://www.nlnetlabs.nl/ldns

Direct download:
http://www.nlnetlabs.nl/downloads/ldns-1.3.0.tar.gz

Sha1sum:
9b05ea3ae23f973345de89936c59ad79f77aeccf


Thanks to everyone involved for sending in bugs and patches.

Jelte Jansen
NLnet Labs



- ---------------------------------
ldns 1.3.0 Changelog:


Base library:

* Added a new family of functions based around ldns_dnssec_zone,
which is a new structure that keeps a zone sorted through an
rbtree and links signatures and NSEC(3) records directly to their
RRset. These functions all start with ldns_dnssec_
* ldns_zone_sign and ldns_zone_sign_nsec3 are now deprecated, but
have been changed to internally use the new
ldns_dnssec_zone_sign(_nsec3)
* Moved some ldns_buffer functions inline, so a clean rebuild of
applications relying on those is needed (otherwise you'll get
linker errors)
* ldns_dname_label now returns one extra (zero)
byte, so it can be seen as an fqdn.
* NSEC3 type code update for signing algorithms.
* DSA key generation of DNSKEY RRs fixed (one byte too small).
* Added support for RSA/SHA256 and RSA/SHA512, as specified in
draft-ietf-dnsext-dnssec-rsasha256-04. The typecodes are not
final, and this feature is not enabled by default. It can be
enabled at compilation time with the flag --with-sha2
* Added 2wire_canonical family of functions that lowercase dnames
in rdata fields in resource records of the types in the list in
rfc3597
* Added base32 conversion functions.
* Fixed DSA RRSIG conversion when calling OpenSSL

Drill:

* Chase output is completely different, it shows, in ascii, the
relations in the trust hierarchy.

Examples:
* Added ldns-verify-zone, that can verify the internal DNSSEC records
of a signed BIND-style zone file
* ldns-keygen now takes an -a argument specifying the algorithm,
instead of -R or -D. -a list show a list of supported algorithms
* ldns-keygen now defaults to the exponent RSA_F4 instead of RSA_3
for RSA key generation
* ldns-signzone now has support for HSMs
* ldns-signzone uses the new ldns_dnssec_ structures and functions
which improves its speed, and output; RRSIGS are now placed
directly after their RRset, NSEC(3) records directly after the
name they handle
Contrib:
* new contrib/ dir with user contributions
* added compilation script for solaris (thanks to Jakob Schlyter)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhD+0cACgkQ4nZCKsdOncUG3wCgo/y7Zr/Z3Jn2l2w6pNfD0Of+
XvsAoN4Cl84Vcn0FBWQ3+ama5IuOYZ2J
=6udZ
-----END PGP SIGNATURE-----

More information about the ldns-users mailing list