Unbound 1.9.3 released
yvoinov at gmail.com
Tue Aug 27 15:24:59 UTC 2019
Also, one old known issue. Solaris stops supporting static linking
approx. starting from 2008. They just simple remove all *.a libraries
from system. Completely. So, static libs is meaningless on Solaris. Only
shared, only hardcore. (Solaris 11 too)
27.08.2019 21:17, Wouter Wijngaards via Unbound-users пишет:
> Hi Yuri,
> If that is any similar to yours, the ./configure --disable-shared flag
> could fix it.
> That stops unbound from building the libunbound.so dynamic library. The
> static lib is still built, and could be used if you wanted to. The
> unbound server binary and commandline tools are then built when it
> continues the build process. It also links like normal with dynamic
> libraries, so I think it should be (relatively) harmless to add to the
> configure options.
> Or, from the link you cite, switch to either gcc (with its ld), or to
> solaris 11. The commandline switches that it complains about, are
> created by libtool, so, instead, upgradeing to a different version of
> libtool, installing that, autoreconf, and then configure may result in a
> different build process (if that libtool supports the build system).
> Best regards, Wouter
> On 8/27/19 4:59 PM, Yuri via Unbound-users wrote:
>> 1.9.3 failed to link on Solaris with Oracle Developer Studio with this
>> ld: fatal: soname option (-h, --soname) is incompatible with building a
>> dynamic executable
>> ld: fatal: flags processing errors
>> It seems like this issue: https://gitlab.haskell.org/ghc/ghc/issues/4973
>> Is is possible to fix?
>> 27.08.2019 14:22, Wouter Wijngaards via Unbound-users пишет:
>>> Unbound 1.9.3 is available:
>>> sha256 1b55dd9170e4bfb327fb644de7bbf7f0541701149dff3adf1b63ffa785f16dfa
>>> pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.9.3.tar.gz.asc
>>> This release has a number of bug fixes. Added is the ipset module, that
>>> helps add ip-addresses that are looked up in a domain to a firewall
>>> ip-address filter. Also, the python module has restart next, per-query
>>> data and multiple instance support. The unbound -V option has been
>>> added and it prints the build config.
>>> - PR #28: IPSet module, by Kevin Chou. Created a module to support
>>> the ipset that could add the domain's ip to a list easily.
>>> Needs libmnl, and --enable-ipset and config it, doc/README.ipset.md.
>>> - Merge PR #6: Python module: support multiple instances
>>> - Merge PR #5: Python module: define constant MODULE_RESTART_NEXT
>>> - Merge PR #4: Python module: assign something useful to the
>>> per-query data store 'qdata'
>>> - Introduce `-V` option to print the version number and build options.
>>> Previously reported build options like linked libs and linked modules
>>> are now moved from `-h` to `-V` as well for consistency.
>>> - PACKAGE_BUGREPORT now also includes link to GitHub issues.
>>> Bug Fixes:
>>> - Fix #39: In libunbound, leftover logfile is close()d unpredictably.
>>> - Fix for #24: Fix abort due to scan of auth zone masters using old
>>> address from previous scan.
>>> - Fix to omit RRSIGs from addition to the ipset.
>>> - Fix to make unbound-control with ipset, remove unused variable,
>>> use unsigned type because of comparison, and assign null instead
>>> of compare with it. Remade lex and yacc output.
>>> - make depend
>>> - Added documentation to the ipset files (for doxygen output).
>>> - Fix python dict reference and double free in config.
>>> - Fix memleak in unit test, reported from the clang 8.0 static analyzer.
>>> - For #45, check that 127.0.0.1 and ::1 are not used in unbound.conf
>>> when do-not-query-localhost is turned on, or at default on,
>>> unbound-checkconf prints a warning if it is found in forward-addr or
>>> stub-addr statements.
>>> - Fix for possible assertion failure when answering respip CNAME from
>>> - Fix in respip addrtree selection. Absence of addr_tree_init_parents()
>>> call made it impossible to go up the tree when the matching netmask is
>>> too specific.
>>> - Fix #48: Unbound returns additional records on NODATA response,
>>> if minimal-responses is enabled, also the additional for negative
>>> responses is removed.
>>> - Fix #49: Set no renegotiation on the SSL context to stop client
>>> session renegotiation.
>>> - Fix question section mismatch in local zone redirect.
>>> - Add verbose log message when auth zone file is written, at level 4.
>>> - Add hex print of trust anchor pointer to trust anchor file temp
>>> name to make it unique, for libunbound created multiple contexts.
>>> - For #52 #53, second context does not close logfile override.
>>> - Fix #52 #53, fix for example fail program.
>>> - Fix to return after failed auth zone http chunk write.
>>> - Fix to remove unused test for task_probe existance.
>>> - Fix to timeval_add for remaining second in microseconds.
>>> - Check repinfo in worker_handle_request, if null, drop it.
>>> - Generate configlexer with newer flex.
>>> - Fix warning for unused variable for compilation without systemd.
>>> - Fix #59, when compiled with systemd support check that we can properly
>>> communicate with systemd through the `NOTIFY_SOCKET`.
>>> - iana portlist updated.
>>> - Fix autotrust temp file uniqueness windows compile.
>>> - avoid warning about upcast on 32bit systems for autotrust.
>>> - escape commandline contents for -V.
>>> - Fix character buffer size in ub_ctx_hosts.
>>> - Option -V prints if TCP fastopen is available.
>>> - Fix unittest valgrind false positive uninitialised value report,
>>> where if gcc 9.1.1 uses -O2 (but not -O1) then valgrind 3.15.0
>>> issues an uninitialised value for the token buffer at the str2wire.c
>>> rrinternal_get_owner() strcmp with the '@' value. Rewritten to use
>>> straight character comparisons removes the false positive. Also
>>> valgrinds --expensive-definedness-checks=yes can stop this false
>>> - Please doxygen's parser for "@" occurrence in doxygen comment.
>>> - Fixup contrib/fastrpz.patch
>>> - Remove warning about unknown cast-function-type warning pragma.
>>> - Document limitation of pidfile removal outside of chroot directory.
>>> - Fix log_dns_msg to log irrespective of minimal responses config.
>>> - Fix that pkg-config is setup before --enable-systemd needs it.
>>> Best regards, Wouter
"C++ seems like a language suitable for firing other people's legs."
* C++20 : Bug to the future *
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 659 bytes
Desc: OpenPGP digital signature
More information about the Unbound-users