From willem at nlnetlabs.nl Fri Dec 3 08:10:11 2021 From: willem at nlnetlabs.nl (Willem Toorop) Date: Fri, 3 Dec 2021 09:10:11 +0100 Subject: [ldns-users] ldns 1.8.1 quickfix release Message-ID: <69485cb3-391f-6646-b796-0a9f956a9a82@nlnetlabs.nl> Dear all, Version 1.8.0 of ldns had two bugs preventing it to install correctly: * The soname went down compared to ldns-1.7.1 * ldns.pc was installed from a wrong location, preventing installation were the build directory is different from the source directory. This quick fix release has these resolved. Compared to the 1.7.1 release of ldns, this release has many bugfixes and a few new features, most notably: * ZONEMD support in ldns-signzone and ldns-verify-zone * Draft implementation of the SVCB and HTTPS RR types. Use --enable-rrtype-svcb-https with configure to compile with these supported. link : https://nlnetlabs.nl/downloads/ldns/ldns-1.8.1.tar.gz sha256: 958229abce4d3aaa19a75c0d127666564b17216902186e952ca4aef47c6d7fa3 asc : https://nlnetlabs.nl/downloads/ldns/ldns-1.8.1.tar.gz.asc Changelog ========= 1.8.1 2021-12-03 * bugfix #146: ldns-1.7.1 had soname 3.0, so ldns-1.8.x soname needs to larger. Thanks Leah Neukirchen & Felipe Gasper * Undo PR#123 fix ldns.pc installation when building out-of-source Thanks Alex Xu 1.8.0 2021-11-26 * bugfix #38: Print "line" before line number when printing zone parse errors. Thanks Petr ?pa?ek. * bugfix: Revert unused variables in ldns-config removal patch. * bugfix #50: heap Out-of-bound Read vulnerability in rr_frm_str_internal reported by pokerfacett. * bugfix #51: Heap Out-of-bound Read vulnerability in ldns_nsec3_salt_data reported by pokerfacett. * Fix memory leak in examples/ldns-testns handle_tcp routine. * Detect fixed time memory compare for openssl 0.9.8. * Fix compile warning by variable initialisation for older gcc. * Fix #92: ldns-testns.c:429:15: error: 'fork' is unavailable: not available on tvOS. * Fix for #93: fix packaging/libldns.pc Makefile rule. * ZONEMD support in ldns-signzone and ldns-verify-zone * ldns-testns can answer several queries over one tcp connection, if they arrive within 100msec of each other. * Fix so that ldns-testns does not leak sockets if the read fails. * SVCB and HTTPS draft rrtypes. Enable with --enable-rrtype-svcb-https. * bugfix #117: Assertion failure with DNSSEC validating of non existence of RR types at the root. Thanks ZjYwMj * Set NSEC(3) ttls to the minimum of the MINIMUM field of the SOA record and the TTL of the SOA itself. draft-ietf-dnsop-nsec-ttl * bugfix #119: Let example tools read longer RR's than LDNS_MAX_LINELEN * Add SVCPARAMS to python ldns_rdf_type2str function. * PR #134 Miscellaneous spelling fixes. Thanks jsoref! * Fix that ldns-read-zone and ldns_zone_new_frm_fp_l properly return the $INCLUDE not implemented error. * Fix that ldns-read-zone and ldns_zone_new_frm_fp_l count the line number for an empty line after a comment. * Fix #135: Fix compile with OpenSSL-3.0.0-beta2. * PR #107: Added ldns_pkt2buffer_wire_compress() to make dname compression optional when converting packets to wire format. Thanks Eli Lindsey * Option to ldns-keygen to create symlinks with known names (i.e. without the key id) to the created files. Thanks Andreas Schulze * Fix #121: Correct handling of centimetres by LOC parser. Thanks Felipe Gasper * PR #126: Link with libldns.la in Makefile.in. Thanks orbea * PR #127: Addes option -Q to drill to give short answer. Thanks niknah * PR #133: Update m4 files for python modules. Thanks Petr Men??k * Bufix CAA value fields may be empty: Thanks Robert Mortimer * PR #108: Fix for ldns-compare-zones net detecting when first zone has a RRset that shrinks from two to one RRs, or grows from one to two RRs. Thanks Emilio Caballero * Fix #131: Drill sig chasing breaks with gcc-11 and strict-aliasing. Thanks Stanislav Levin * Fix #130: Unless $TLL is defined, ttl defaults to the last explicitly stated value. Thanks Benno * Fix #48: Missing UNSIGNED legend with drill. Thanks reedjc * Fix #143: EVP_PKEY_base_id became a macro with OpenSSL > 3.0 Thanks Daniel J. Luke * Let ldns-signzone warn for high NSEC3 iteration counts. Thanks Andreas Schulze -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature Type: application/pgp-signature Size: 840 bytes Desc: OpenPGP digital signature URL: From ihsan at dogan.ch Fri Dec 31 13:13:20 2021 From: ihsan at dogan.ch (=?utf-8?B?xLBoc2FuIERvxJ9hbg==?=) Date: Fri, 31 Dec 2021 14:13:20 +0100 Subject: [ldns-users] Build error on Solaris 10 Message-ID: <85FCC149-8836-49D9-B8FF-5B63119B510C@dogan.ch> Hello, While trying to build ldns on Solaris 10 spark 64-Bit, I?m running into this issue: gmake: Entering directory '/home/ihsan/opencsw/libldns/trunk/work/solaris10-sparc/build-isa-sparcv9/ldns-1.8.1' ./libtool --tag=CC --quiet --mode=compile /opt/developerstudio12.6/bin/cc -I. -I. -I/opt/csw/include -DHAVE_CONFIG_H -DLDNS_TRUST_ANCHOR_FILE="\"/etc/opt/csw/unbound/root.key\"" -fno-strict-aliasing -Wmissing-prototypes -Wunused-function -Wstrict-prototypes -Wwrite-strings -W -Wall -xO3 -m64 -xarch=sparc -xc99 -D__EXTENSIONS__ -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_ALL_SOURCE -I/opt/csw/include -c ./buffer.c -o buffer.lo "./ldns/config.h", line 675: identifier redeclared: inet_ntop current : function(int, pointer to const void, pointer to char, unsigned long) returning pointer to const char previous: function(int, restrict pointer to const void, restrict pointer to char, unsigned int) returning pointer to const char : "/usr/include/arpa/inet.h", line 68 cc: acomp failed for ./buffer.c gmake: *** [Makefile:140: buffer.lo] Error 1 gmake: Leaving directory '/home/ihsan/opencsw/libldns/trunk/work/solaris10-sparc/build-isa-sparcv9/ldns-1.8.1' gmake[1]: *** [/home/ihsan/opencsw/.buildsys/v2/gar//gar.lib.mk:908: build-work/solaris10-sparc/build-isa-sparcv9/ldns-1.8.1/Makefile] Error 2 I have to say that building the 32-Bit version of the library worked without any problem. Regards Ihsan -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4031 bytes Desc: not available URL: