Changelog:
"21 Aug 2017: Wouter
- Fix install of trust anchor when two anchors are present, makes both
valid. Checks hash of DS but not signature of new key. This fixes installs between
sep11 and oct11 2017."
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Hi,
this was triggered by unbound-users@unbound.net - it seems that the
'configure'-option '--with-libevent-support' is not enough:
***SNIP***
...
When building unbound with --with-libevent support, the make
install phase should also call make unbound-event-install or else
unbound-event.h does not get installed and the header file for
using the unbound event functionality is not available.
...
This install is triggered by the option --enable-event-api. Just
enabling --with-libevent does not trigger the install by itself.
Best regards,
Wouter
...
***SNAP***
I built 'unbound' this way - its running without any problems so far.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The tests when assigning DNS name servers has been extended so that
if no working forwarder can be found, we will test if the local recursor
mode is an option.
If not, we will configure unbound's validator module into permissive
mode so that at least some DNS functionality is available.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
http://www.unbound.net/download.html
"Features
configure --enable-systemd and lets unbound use systemd sockets if you enable use-systemd:
yes in unbound.conf. Also there are contrib/unbound.socket and contrib/unbound.service:
systemd files for unbound, install them in /usr/lib/systemd/system. Contributed by Sami Kerola
and Pavel Odintsov.
[bugzilla: 1185 ]
Source IP rate limiting, patch from Larissa Feng.
[bugzilla: 1184 ]
Log DNS replies. This includes the same logging information that DNS queries and response
code and response size, patch from Larissa Feng.
Include root trust anchor id 20326 in unbound-anchor.
64bit is default for windows builds.
Bug Fixes
[bugzilla: 1176 ] Fix stack size too small for Alpine Linux.
Fix unbound-control and ipv6 only.
[bugzilla: 1182 ] Fix Resource leak (socket), at startup.
[bugzilla: 1178 ] Fix attempt to fix setup error at end, pop result values at end of install.
iana portlist update
Fix inet_ntop and inet_pton warnings in windows compile.
[bugzilla: 1191 ] Fix remove comment about view deletion.
[bugzilla: 1188 ] Fix unresolved symbol 'fake_dsa' in libunbound.so when built with Nettle
[bugzilla: 1190 ] Fix to not echo back EDNS options in local-zone error response.
[bugzilla: 1194 ] Fix if cross build fails when $host isn't `uname` for getentropy.
Fix reload chdir failure when also chrooted to that directory.
Fix to return formerr for queries for meta-types, to avoid packet amplification if this meta-type
is sent on to upstream.
[bugzilla: 1201 ] Fix missing unlock in answer_from_cache error condition.
[bugzilla: 1202 ] Fix code comment that packed_rrset_data is not always 'packed'.
Fix to also block meta types 128 through to 248 with formerr.
[bugzilla: 1206 ] Fix that some view-related commands are missing from 'unbound-control -h'
Fix to rename ub_callback_t to ub_callback_type, because POSIX reserves _t typedefs.
Fix to rename internally used types from _t to _type, because _t type names are reserved by
POSIX.
Increase MAX_MODULE to 16.
[bugzilla: 1211 ] Fix can't enable interface-automatic if no IPv6 with more helpful error message.
fix root_anchor test for updated icannbundle.pem lower certificates.
Fix compile on solaris of the fix to use $host detect.
Fix for type name change and fix warning on windows compile.
Fix pythonmod for typedef changes.
Fix dnstap for warning of set but not used.
Fix autoconf of systemd check for lack of pkg-config."
Best, Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
