From c62d400fe4e47193d2b650dc4ce7bf78951c4b97 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Thu, 22 Sep 2011 14:07:50 +0000 Subject: [PATCH] Updated the Changelog and some minor code review issues. --- Changelog | 40 ++++++++++++++++++++++++++++++++++--- ax_python_devel.m4 | 2 +- examples/ldns-verify-zone.1 | 7 +++++++ examples/ldns-verify-zone.c | 4 ++-- 4 files changed, 47 insertions(+), 6 deletions(-) diff --git a/Changelog b/Changelog index 1b687fa5..3747e8c9 100644 --- a/Changelog +++ b/Changelog @@ -1,11 +1,45 @@ 1.6.11 - * bugfix #407: Canonicalize TSIG dnames * bugfix #394: Fix socket leak on errors - * bugfix #392: Apex only and percentage checks for ldns-verify-zone + * bugfix #392: Apex only and percentage checks for ldns-verify-zone + (thanks Miek Gieben) * bugfix #398: Allow NSEC RRSIGs before the NSEC3 in ldns-verify-zone * Fix python site package path to /usr/lib64. * Fix python api to support python2 and python3 (thanks Karel Slany). - * bugfix #391: Prevent assertion error in ldns_rdf_size + * bugfix #401: Correction of date/time functions algorithm and + prevention of an infinite loop therein + * bugfix #402: Correct the minimum and maximum number of rdata fields + in TSIG. (thanks David Keeler) + * bugfix #403: Fix heap overflow (thanks David Keeler) + * bugfix #404: Make parsing APL strings more robust + (thanks David Keeler) + * bugfix #391: Complete library assessment to prevent assertion errors + through ldns_rdf_size usage. + * Slightly more specific error messaging on wrong number of rdata + fields with the LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG and + LDNS_STATUS_MISSING_RDATA_FIELDS_KEY result codes. + * bugfix #406: More rigorous openssl result code handling to prevent + future crashes within openssl. + * Fix ldns_fetch_valid_domain_keys to search deeper than just one level + for a DNSKEY that signed a DS RR. (this function was used in the + check_dnssec_trace nagios module) + * bugfix #407: Canonicalize TSIG dnames and algorithm fields + * A new output specifier to accommodate configuration of what to show + in comment texts when converting host and/or wire-format data to + string. All conversion to string and printing functions have a new + version that have such a format specifier as an extra argument. + The default is changed so that only DNSKEY RR's are annotated with + an comment show the Key Tag of the DNSKEY. + * Fixed the ldns resolver to not mark a nameserver unreachable when + edns0 is tried unsuccessfully with size 4096 (no return packet came), + but to still try TCP. A big UDP packet might have been corrupted by + fragments dropping firewalls. + * Update of libdns.vim (thanks Miek Gieben) + * Added the ldnsx Python module to our contrib section, which adds even + more pythonisticism to the usage of ldns with Python. (Many thanks + to Christpher Olah and Paul Wouters) + The ldnsx module is automatically installed when --with-pyldns is + used with configuring, but may explicitly be excluded with the + --without-pyldnsx option to configure. 1.6.10 2011-05-31 * New example tool added: ldns-gen-zone. diff --git a/ax_python_devel.m4 b/ax_python_devel.m4 index a62b860d..c71735e6 100644 --- a/ax_python_devel.m4 +++ b/ax_python_devel.m4 @@ -254,7 +254,7 @@ EOD` AC_MSG_CHECKING([for Python site-packages path]) if test -z "$PYTHON_SITE_PKG"; then PYTHON_SITE_PKG=`$PYTHON -c "import distutils.sysconfig; \ - print (distutils.sysconfig.get_python_lib(0,0));"` + print (distutils.sysconfig.get_python_lib(1,0));"` fi AC_MSG_RESULT([$PYTHON_SITE_PKG]) AC_SUBST([PYTHON_SITE_PKG]) diff --git a/examples/ldns-verify-zone.1 b/examples/ldns-verify-zone.1 index 98d53008..175ee2dd 100644 --- a/examples/ldns-verify-zone.1 +++ b/examples/ldns-verify-zone.1 @@ -15,6 +15,13 @@ Each name is checked for an NSEC(3), if appropriate. .SH OPTIONS .TP +\fB-a\fR +Apex only, check only the zone apex + +.TP +\fB-p\fR \fI[0-100]\fR +Only check this percentage of the zone. Defaults to 100. + .TP \fB-h\fR Show usage and exit diff --git a/examples/ldns-verify-zone.c b/examples/ldns-verify-zone.c index 50973e63..eb19ea18 100644 --- a/examples/ldns-verify-zone.c +++ b/examples/ldns-verify-zone.c @@ -662,8 +662,8 @@ main(int argc, char **argv) "error on opted-out delegations\n"); printf("\nOPTIONS:\n"); printf("\t-a apex only, check only the zone apex\n"); - printf("\t-p [0-100] only perform this many checks, " - "defaults to 100\n"); + printf("\t-p [0-100] only checks this percentage of " + "the zone. Defaults to 100\n"); printf("\t-h show this text\n"); printf("\t-v shows the version and exits\n"); printf("\t-V [0-5]\tset verbosity level (default 3)\n"); -- 2.47.3