Sources available on github
2020-10-14: Version 1.8 released
This version contains these changes:
- Avoid adding duplicate NSEC3 RRs to a response - while this is IMO not a bug, a user has reported that it leads to failures on Google's resolver.
- Fixed some compiler warnings
2020-06-09: Version 1.7 released
This version contains two fixes:
- the database entries containing hashed domain names would shadow a top-level wildcard, e. g. "1.example.com" would shadow "*.example.com"
- in some cases, the code would select the wrong set of NSEC3 RRs when trying to prove a negative response
Note: the data file created by this version of
tinydns-sign is not
compatible with older versions of
axfrdns, and vice
versa. This means you must re-sign your data files (and re-run
after up- or downgrading.
2020-05-18: Version 1.6 released
This version contains a fix for a rare situation where tinydns-sign would run into an endless loop.
2019-07-22: Version 1.5 released
This version contains an important a bugfix regarding the handling of wildcard records.
2015-05-13: Version 1.4 released
This version contains an important bugfix regarding invalid signatures on generic records or TXT records with octal escapes of less than 3 digits.
2012-12-09: Version 1.3 released
This version contains an important bugfix regarding failures on DNSSEC-enabled queries on unsigned domains where the response should have been NXDOMAIN, NODATA or a wildcard response.
Version 1.2 (unreleased)
- Minor makefile fix
- Added sanity check on algorithm parameter in key generation
- License clarification
2012-09-20: IPO - Version 1.1 released