opendnssec2 Tool suite for maintaining DNSSEC

2.1.6 dns =2 2.1.4Version of this port present on the latest quarterly branch.

Maintainer: jaap@NLnetLabs.nl

Port Added: 2016-07-13 13:29:25

Last Update: 2020-02-11 20:11:58

SVN Revision: 525890

License: BSD3CLAUSE

Description:

OpenDNSSEC was created as an open-source turn-key solution for DNSSEC. It secures zone data just before it is published in an authoritative name server. WWW: http://www.opendnssec.org

SVNWeb : Homepage

pkg-plist: as obtained via: make generate-plist

Expand this list (70 items)

1. /usr/local/share/licenses/opendnssec2-2.1.6/catalog.mk
2. /usr/local/share/licenses/opendnssec2-2.1.6/LICENSE
3. /usr/local/share/licenses/opendnssec2-2.1.6/BSD3CLAUSE
4. bin/ods-hsmspeed
5. bin/ods-hsmutil
6. bin/ods-kasp2html
7. bin/ods-kaspcheck
8. @sample etc/opendnssec/addns.xml.sample
9. @sample etc/opendnssec/conf.xml.sample
10. @sample etc/opendnssec/kasp.xml.sample
11. @sample etc/opendnssec/zonelist.xml.sample
12. man/man1/ods-hsmspeed.1.gz
13. man/man1/ods-hsmutil.1.gz
14. man/man1/ods-kaspcheck.1.gz
15. man/man5/ods-kasp.5.gz
16. man/man5/ods-timing.5.gz
17. man/man7/opendnssec.7.gz
18. man/man8/ods-control.8.gz
19. man/man8/ods-enforcer-db-setup.8.gz
20. man/man8/ods-enforcer.8.gz
21. man/man8/ods-enforcerd.8.gz
22. man/man8/ods-signer.8.gz
23. man/man8/ods-signerd.8.gz
24. sbin/ods-control
25. sbin/ods-enforcer
26. sbin/ods-enforcer-db-setup
27. sbin/ods-enforcerd
28. sbin/ods-migrate
29. sbin/ods-signer
30. sbin/ods-signerd
31. share/doc/opendnssec/1.4-2.0_db_convert/README.md
32. share/doc/opendnssec/1.4-2.0_db_convert/convert_mysql
33. share/doc/opendnssec/1.4-2.0_db_convert/convert_sqlite
34. share/doc/opendnssec/1.4-2.0_db_convert/find_problematic_zones.sql
35. share/doc/opendnssec/1.4-2.0_db_convert/mysql_convert.sql
36. share/doc/opendnssec/1.4-2.0_db_convert/sqlite_convert.sql
37. share/doc/opendnssec/convert_mysql_to_sqlite
38. share/doc/opendnssec/convert_sqlite_to_mysql
39. share/doc/opendnssec/schema.mysql
40. share/doc/opendnssec/schema.sqlite
41. share/opendnssec/addns.rnc
42. share/opendnssec/addns.rng
43. share/opendnssec/conf.rnc
44. share/opendnssec/conf.rng
45. share/opendnssec/enforcerstate.rnc
46. share/opendnssec/enforcerstate.rng
47. share/opendnssec/kasp.rnc
48. share/opendnssec/kasp.rng
49. share/opendnssec/kasp2html.xsl
50. @comment share/opendnssec/migrate_1_4_8.sqlite3
51. @comment share/opendnssec/migrate_adapters_1.sqlite3
52. @comment share/opendnssec/migrate_keyshare_sqlite3.pl
53. @comment share/opendnssec/migrate_to_ng_sqlite.pl
54. @comment @comment share/opendnssec/migrate_1_4_8.mysql
55. @comment @comment share/opendnssec/migrate_adapters_1.mysql
56. @comment @comment share/opendnssec/migrate_keyshare_mysql.pl
57. @comment @comment share/opendnssec/migrate_zone_delete.mysql
58. @comment @comment share/opendnssec/migrate_id_mysql.pl
59. @comment @comment share/opendnssec/migrate_to_ng_mysql.pl
60. share/opendnssec/signconf.rnc
61. share/opendnssec/signconf.rng
62. share/opendnssec/zonelist.rnc
63. share/opendnssec/zonelist.rng
64. @dir(opendnssec,opendnssec,) var/opendnssec
65. @dir(opendnssec,opendnssec,) var/opendnssec/enforcer
66. @dir(opendnssec,opendnssec,) var/opendnssec/signconf
67. @dir(opendnssec,opendnssec,) var/opendnssec/signed
68. @dir(opendnssec,opendnssec,) var/opendnssec/signer
69. @dir(opendnssec,opendnssec,) var/opendnssec/unsigned
70. @dir(opendnssec,opendnssec,) var/run/opendnssec

Collapse this list.

Dependency lines:

• opendnssec2>0:dns/opendnssec2

Conflicts:

CONFLICTS:

• opendnssec-1.[0-4]*

Conflicts Matches:

There are no Conflicts Matches for this port. This is usually an error.

To install the port: cd /usr/ports/dns/opendnssec2/ && make install clean

To add the package: pkg install opendnssec2

PKGNAME: opendnssec2

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1581416801 SHA256 (opendnssec-2.1.6.tar.gz) = b2c0caa673b8cfef73585dedf276997f5ca69bb3d523ce4e080f70dfcb23c56c SIZE (opendnssec-2.1.6.tar.gz) = 1122405

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

1. ldns>=1.6.16 : dns/ldns
2. sqlite3>=3.3.9 : databases/sqlite3

Library dependencies:

1. libldns.so : dns/ldns
2. libxml2.so : textproc/libxml2
3. libsqlite3.so : databases/sqlite3

There are no ports dependent upon this port

Configuration Options

===> The following configuration options are available for opendnssec2-2.1.6: DOCS=on: Build and/or install documentation SOFTHSM=off: SoftHSM cryptographic store for PKCS #11 interface ====> Options available for the single DB: you have to select exactly one of them SQLITE=on: Use SQLite backend MYSQL=off: Use MYSQL backend ===> Use 'make config' to modify these settings

USES:

ssl gnome sqlite

Master Sites:

1. http://dist.opendnssec.org/source/

dns/opendnssec2: upgrade 2.1.4 -> 2.1.6

This release of 2.1.6 fixes some issues regarding the key list
wrongfully displayed (a regression bug in 2.1.5) as well as a small
leak in the enforcer (which can add up when you bang the enforcer
with a lot of commands. And as well as a serious signing error when
using Combined Signing Keys (CSKs), this is only relevant if you
combine KSK and ZSK in one. Especially users of CSKs need this fix
now. Another nice fix is a reconnect to a MySQL/MariaDB database
you you don't have to tweak database parameters.

PR:		244047
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Relnotes:	https://www.opendnssec.org/2019/11/opendnssec-2-1-5/
		https://www.opendnssec.org/2020/02/opendnssec-2-1-6/

dns/opendnsssec*: switch to openhsm2 to the HSM option.

Bump PORTREVISION on ldns consumers

Shared lib version changed in update

Reported by:	sunpoet

Convert to UCL & cleanup pkg-message (categories d)

Update to 2.1.4

PR:		237988
Sponsored by:	Netzkommune GmbH

Update to 2.1.3:

As of today version 2.1.3 of OpenDNSSEC has been released. No special
migration steps are required when upgrading from a previous 2.x.x
release. It includes fixes to the build system, some regressions w.r.t.
OpenDNSSEC 1.4 and a signing bug. Please note that version 2.1.2 was
skipped for release.

Build fixes:

* OPENDNSSEC-904: autoconfigure fails to properly identify functions in
  ssl library on some distributions. This caused the "tsig unknown
  algorithm hmac-sha256" error.
* OPENDNSSEC-894: repair configuration script to allow excluding the
  build of the enforcer.

* Bump Revision
* Fix typo in the Port's Makefile, causes a failure in a conversion script
* Added license file
* Cleanup Makefile

PR:		221144
Submitted by:	<jaap@NLnetLabs.nl> (maintainer)
Reviewed by:	matthew (mentor)
Approved by:	matthew (mentor)
MFH:		2017Q3
Differential Revision:	https://reviews.freebsd.org/D11898

Fix OPTIONS_DEFAULT: remove DOCS which is added by framework

Approved by:	portmgr (blanket)

dns/opendnssec2: update 2.1.0 -> 2.1.1

- OPENDNSSEC-889: MySQL migration script didnt work for all database
  and MySQL versions.
- OPENDNSSEC-887: Segfault on extraneous tag.
- OPENDNSSEC-880: Command line parsing for import key command failed.
- OPENDNSSEC-890: Bogus signatures upon wrong zone input when TTLs
  for same rrset are mismatching.

PR:		218995
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

dns/opendnssec2: update 2.0.3 -> 2.1.0

- Fix DB scripts from docs

PR:		217563
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
MFH:		2017Q1

- Chase ldns shlip bump

PR:		217495

dns/opendnssec2: update 2.0.1 -> 2.0.3

PR:		213610
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
MFH:		2016Q4

dns/opendnssecs: Add SSL flags and honor them, configure SSL base too

Approved by:	SSL blanket

- Update to 2.0.1
- Switch to options helpers

This release is primarily focused on ironing out the issues on the migration
path from 1.4 to 2.0. Besides that there are no functional changes.


* Fixed crash and linking issue in ods-migrate.
* Fixed case where 2.0.0 could not read backup files from 1.4.10.
* Fixed bug in migration script where key state in the database wasn't
transformed properly.

PR:		211403
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by:	DK Hostmaster A/S

The current opendnssec porthas seen a massive rewrite by the upstream
so it was rechristened opendnssec Version 2.
To quote the announcement at <https://www.opendnssec.org>:

"OpenDNSSEC got a entire re-write of the enforcer. This part of
OpenDNSSEC controls changing signing keys in the right way to perform
a roll-over. Before, the enforcer would perform a roll-over according
to a strict paradigm. One scenario in which deviations would not be
possible.

The new enforcer is more aware of the zone changes being propagated in
the Internet. It can therefore decide when it is safe to make changes,
rather than to rely upon a given scenario.

PR:		211018
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl>
Sponsored by:	DK Hostmaster A/S

9 vulnerabilities affecting 74 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2020-03-29 21:30:17