Unbound 1.9.0rc1 pre-release

[A. Schulze]

Am 29.01.19 um 10:22 schrieb Wouter Wijngaards via Unbound-users:
> Hi,
> 
> Unbound 1.9.0rc1 pre-release is available

Hello,

some points I noticed while diffing against 1.8.3:
  * doc/example.conf.in
      tls-chiphers and tls-ciphersuites suggest ciphersuites in an uncommon order
      tls-chiphers prefer DHE over ECDHE while DHE is slower
      tls-ciphersuites prefer CCM over GCM and Chacha

      -> without deeper knowledge I feel, this list is not a good suggestion.

      tls-session-ticket-keys: "requires restart to take effect."
      2017 I had a conversation with Filippo Valsorda regarding session ticket keys
      (context: webservers)
      He suggested to rotate them in terms of hours. OK, that's supported but require unbound
      to restart? is not a value.

      I would love to see unbound (as well as any other TLS server)
      handle that job in a housekeeping thread without administrative interaction.

      https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/
      https://blog.filippo.io/we-need-to-talk-about-session-tickets/

many build time scripts use #!/usr/bin/sh instead of #!/bin/sh
/usr/bin/sh does not exist on any system I use.
Just wondering, it's not a problem for compilation...


finally: 2 compile time warnings:
./util/configparser.y:2736:3: warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result [-Wunused-result]
   (void)asprintf(&new_cstr, "%s\nzone %s", old_cstr?old_cstr:"", $2);
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~           
./util/configparser.y:2749:3: warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result [-Wunused-result]
   (void)asprintf(&new_cstr, "%s\n%s", old_cstr ? old_cstr : "", $2);
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~       

will install on some lab servers...

Andreas