From maradns at gmail.com Sat Sep 22 13:16:55 2012 From: maradns at gmail.com (Sam Trenholme) Date: Sat, 22 Sep 2012 12:16:55 -0500 Subject: [MaraDNS list] September 2012 MaraDNS update Message-ID: This information is also available here: http://samiam.org/blog/20120922.html ==Deadwood update== I have gotten an unconfirmed report of Deadwood no longer running after a couple of days from a friend. While I am unable to recreate this bug, I take reports like this very seriously. That in mind, I have created a special debug version of Deadwood which logs all packets Deadwood receives. To use this debug version of Deadwood, enable the "SHOWPACKET" compile-time tag (such as with export FLAGS='-Os -DSHOWPACKET' before compiling Deadwood). For Windows users, I have made a debug build of Deadwood with this flag set. It has the name "Deadwood-showpacket-20120922.exe"; use this binary to replace "Deadwood.exe" in Deadwood-3-2-02-win32.zip. If this bug does not pop up again, I plan on releasing Deadwood 3.2.03 next month. In addition, I have updated the documentation to reflect the fact that Windows 7 and any RHEL6 clone are now the supported OSes for Deadwood, added a note on Deadwood's use of malloc() (may not work with some embedded systems), as well as having Deadwood give out a more useful error message if chdir() fails (it now lets the user know which directory it tried to go to). Downloads are here: http://www.maradns.org/deadwood/snap/ ==MaraDNS update== In today's MaraDNS update, I have updated MaraDNS to use a new GPG key (see below), use xz instead of bz2 compression for the snapshots, and have changed the ej2txt tool to use lynx instead of links (since CentOS 6 does not have a package for elinks). Note that Deadwood still uses bzip2 compression because the old version of msys I recommend people use doesn't have an xz binary, and won't compile xz. It can be downloaded here: http://www.maradns.org/download/2.0/snap/ ==MaraDNS GPG sig update== I have created a new MaraDNS signing key which is signed with the old MaraDNS signing key. Barring a compromise of MaraDNS' private key, this will be the last MaraDNS GPG key I will generate until 2017, around the same time I update the OS MaraDNS is supported on. It can be downloaded here: http://www.samiam.org/pgp.key.txt ==Knot DNS== I just found out about a nice authoritative-only server called "Knot DNS". Unlike MaraDNS, it has DNSSEC and full zone transfer support. More information: http://www.knot-dns.cz/ ==See you next month== I plan to work on MaraDNS/Deadwood again one day next month, after the 20th, unless a critical security bug with a CVE number is found. This will be my last email sent to the mailing list until then (Again, barring a new CVE report for MaraDNS). - Sam