Unbound 1.9.3 released

Wouter Wijngaards wouter at nlnetlabs.nl
Tue Aug 27 15:24:34 UTC 2019 

Hi Yuri,

Another option, if your system has a specific version of libtool for it,
is to specify the libtool version specificaly on the configure line,
like this ./configure libtool=/usr/bin/libtool  (or point to another
location or version of libtool).  Then it uses that libtool for dynamic
library linking, and if that passes the right options, things could
start to work.

Best regards, Wouter

On 8/27/19 5:17 PM, Wouter Wijngaards via Unbound-users wrote:
> Hi Yuri,
> 
> If that is any similar to yours, the ./configure --disable-shared flag
> could fix it.
> 
> That stops unbound from building the libunbound.so dynamic library.  The
> static lib is still built, and could be used if you wanted to.  The
> unbound server binary and commandline tools are then built when it
> continues the build process.  It also links like normal with dynamic
> libraries, so I think it should be (relatively) harmless to add to the
> configure options.
> 
> Or, from the link you cite, switch to either gcc (with its ld), or to
> solaris 11.  The commandline switches that it complains about, are
> created by libtool, so, instead, upgradeing to a different version of
> libtool, installing that, autoreconf, and then configure may result in a
> different build process (if that libtool supports the build system).
> 
> Best regards, Wouter
> 
> On 8/27/19 4:59 PM, Yuri via Unbound-users wrote:
>> 1.9.3 failed to link on Solaris with Oracle Developer Studio with this
>> output:
>>
>> ld: fatal: soname option (-h, --soname) is incompatible with building a
>> dynamic executable
>> ld: fatal: flags processing errors
>>
>> It seems like this issue: https://gitlab.haskell.org/ghc/ghc/issues/4973
>>
>> Is is possible to fix?
>>
>> 27.08.2019 14:22, Wouter Wijngaards via Unbound-users пишет:
>>> Hi,
>>>
>>> Unbound 1.9.3 is available:
>>> https://nlnetlabs.nl/downloads/unbound/unbound-1.9.3.tar.gz
>>> sha256 1b55dd9170e4bfb327fb644de7bbf7f0541701149dff3adf1b63ffa785f16dfa
>>> pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.9.3.tar.gz.asc
>>>
>>>
>>> This release has a number of bug fixes.  Added is the ipset module, that
>>> helps add ip-addresses that are looked up in a domain to a firewall
>>> ip-address filter.  Also, the python module has restart next, per-query
>>> data and multiple instance support.  The unbound -V option has been
>>> added and it prints the build config.
>>>
>>>
>>> Features:
>>> - PR #28: IPSet module, by Kevin Chou.  Created a module to support
>>>   the ipset that could add the domain's ip to a list easily.
>>>   Needs libmnl, and --enable-ipset and config it, doc/README.ipset.md.
>>> - Merge PR #6: Python module: support multiple instances
>>> - Merge PR #5: Python module: define constant MODULE_RESTART_NEXT
>>> - Merge PR #4: Python module: assign something useful to the
>>>   per-query data store 'qdata'
>>> - Introduce `-V` option to print the version number and build options.
>>>   Previously reported build options like linked libs and linked modules
>>>   are now moved from `-h` to `-V` as well for consistency.
>>> - PACKAGE_BUGREPORT now also includes link to GitHub issues.
>>>
>>> Bug Fixes:
>>> - Fix #39: In libunbound, leftover logfile is close()d unpredictably.
>>> - Fix for #24: Fix abort due to scan of auth zone masters using old
>>>   address from previous scan.
>>> - Fix to omit RRSIGs from addition to the ipset.
>>> - Fix to make unbound-control with ipset, remove unused variable,
>>>   use unsigned type because of comparison, and assign null instead
>>>   of compare with it.  Remade lex and yacc output.
>>> - make depend
>>> - Added documentation to the ipset files (for doxygen output).
>>> - Fix python dict reference and double free in config.
>>> - Fix memleak in unit test, reported from the clang 8.0 static analyzer.
>>> - For #45, check that 127.0.0.1 and ::1 are not used in unbound.conf
>>>   when do-not-query-localhost is turned on, or at default on,
>>>   unbound-checkconf prints a warning if it is found in forward-addr or
>>>   stub-addr statements.
>>> - Fix for possible assertion failure when answering respip CNAME from
>>>   cache.
>>> - Fix in respip addrtree selection. Absence of addr_tree_init_parents()
>>>   call made it impossible to go up the tree when the matching netmask is
>>>   too specific.
>>> - Fix #48: Unbound returns additional records on NODATA response,
>>>   if minimal-responses is enabled, also the additional for negative
>>>   responses is removed.
>>> - Fix #49: Set no renegotiation on the SSL context to stop client
>>>   session renegotiation.
>>> - Fix question section mismatch in local zone redirect.
>>> - Add verbose log message when auth zone file is written, at level 4.
>>> - Add hex print of trust anchor pointer to trust anchor file temp
>>>   name to make it unique, for libunbound created multiple contexts.
>>> - For #52 #53, second context does not close logfile override.
>>> - Fix #52 #53, fix for example fail program.
>>> - Fix to return after failed auth zone http chunk write.
>>> - Fix to remove unused test for task_probe existance.
>>> - Fix to timeval_add for remaining second in microseconds.
>>> - Check repinfo in worker_handle_request, if null, drop it.
>>> - Generate configlexer with newer flex.
>>> - Fix warning for unused variable for compilation without systemd.
>>> - Fix #59, when compiled with systemd support check that we can properly
>>>   communicate with systemd through the `NOTIFY_SOCKET`.
>>> - iana portlist updated.
>>> - Fix autotrust temp file uniqueness windows compile.
>>> - avoid warning about upcast on 32bit systems for autotrust.
>>> - escape commandline contents for -V.
>>> - Fix character buffer size in ub_ctx_hosts.
>>> - Option -V prints if TCP fastopen is available.
>>> - Fix unittest valgrind false positive uninitialised value report,
>>>   where if gcc 9.1.1 uses -O2 (but not -O1) then valgrind 3.15.0
>>>   issues an uninitialised value for the token buffer at the str2wire.c
>>>   rrinternal_get_owner() strcmp with the '@' value.  Rewritten to use
>>>   straight character comparisons removes the false positive.  Also
>>>   valgrinds --expensive-definedness-checks=yes can stop this false
>>>   positive.
>>> - Please doxygen's parser for "@" occurrence in doxygen comment.
>>> - Fixup contrib/fastrpz.patch
>>> - Remove warning about unknown cast-function-type warning pragma.
>>> - Document limitation of pidfile removal outside of chroot directory.
>>> - Fix log_dns_msg to log irrespective of minimal responses config.
>>> - Fix that pkg-config is setup before --enable-systemd needs it.
>>>
>>> Best regards, Wouter
>>>
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190827/8e2a5fbe/attachment.bin>

More information about the Unbound-users mailing list