Unbound 1.13.1rc1 pre-release

Wouter Wijngaards wouter at nlnetlabs.nl
Tue Feb 2 15:16:43 UTC 2021 

Hi RayG,

Here is a build for today's fix
www.nlnetlabs.nl/~wouter/unbound_setup_1.13.1_20210202.exe
www.nlnetlabs.nl/~wouter/unbound-1.13.1_20210202.zip
and .asc pgp signature and .sha256 sum files.

Best regards, Wouter

On 02/02/2021 15:44, RayG wrote:
> Hi Wouter,
> 
> Thanks
> 
> I'll have to wait until you next build the Windows installer.
> 
> RayG
> 
> -----Original Message-----
> From: Wouter Wijngaards <wouter at nlnetlabs.nl> 
> Sent: 02 February 2021 14:09
> To: RayG <rgsub1 at btinternet.com>; unbound-users at nlnetlabs.nl; maintainers at nlnetlabs.nl
> Subject: Re: Unbound 1.13.1rc1 pre-release
> 
> Hi RayG,
> 
> This seems to be because of a default stack protector in mingw.  Fix includes libssp in the libunbound/ directory of the zipfile, and attempts to statically link with it in the unbound executable.  It is applied to the repository in commits https://github.com/NLnetLabs/unbound/commit/aa8dfe94d31e11c19897444b955af6ac10aec1cd
> https://github.com/NLnetLabs/unbound/commit/f9a1ac3f0b1a415d8085e113d44797e62c436a52
> https://github.com/NLnetLabs/unbound/commit/18840665bcbb28c9de07bc3b20157a0dde13f8fd
> 
> Best regards, Wouter
> 
> On 02/02/2021 13:39, RayG wrote:
>> V1.13.1rc1 will not run on Windows X64 (20H2)
>>
>> The error is:
>> "the code execution cannot proceed because libssp-0.dll was not found"
>>
>> Reinstalling the application does not help,
>>
>> Reverting to v1.13.0
>>
>> RayG
>> -----Original Message-----
>> From: Wouter Wijngaards <wouter at nlnetlabs.nl>
>> Sent: 02 February 2021 07:47
>> To: unbound-users at nlnetlabs.nl; maintainers at nlnetlabs.nl
>> Subject: Unbound 1.13.1rc1 pre-release
>>
>> Hi,
>>
>> Unbound 1.13.1rc1 pre-release is available 
>> https://nlnetlabs.nl/downloads/unbound/unbound-1.13.1rc1.tar.gz
>> sha256 
>> c652c0a35165c97962f0cd503902b95096b3f3252d1bf9cefe5ab9e4910e4fec
>> pgp 
>> https://nlnetlabs.nl/downloads/unbound/unbound-1.13.1rc1.tar.gz.asc
>>
>>
>> This release contains a number of bug fixes.  There is added support for the EDNS Padding option (RFC7830 and RFC8467), and the EDNS NSID option (RFC 5001).  Unbound control has added commands to enable and disable rpz processing.  Reply callbacks have a start time passed to them that can be used to calculate time, these are callbacks for response processing.  With the option serve-original-ttl the TTL served in responses is the original, not counted down, value, for when in front of authority service.
>>
>> Features
>> - Merge PR #375 by fhriley: Add rpz_enable and rpz_disable commands
>>   to unbound-control.
>> - Merge PR #391 from fhriley: Add start_time to reply callbacks so
>>   modules can compute the response time.
>> - Fix #397: [Feature request] add new type always_null to local-zone
>>   similar to always_nxdomain.
>> - Support for RFC5001: DNS Name Server Identifier (NSID) Option
>>   with the nsid: option in unbound.conf
>> - Padding of queries and responses with DNS over TLS as specified in
>>   RFC7830 and RFC8467.
>> - Merge PR #275 from Roland van Rijswijk-Deij: Add feature to return the
>>   original instead of a decrementing TTL ('serve-original-ttl')
>>
>> Bug Fixes
>> - Fix #358: Squelch udp connect 'no route to host' errors on low
>>   verbosity.
>> - Fix #360: for the additionally reported TCP Fast Open makes TCP
>>   connections fail, in that case we print a hint that this is
>>   happening with the error in the logs.
>> - Fix #356: deadlock when listening tcp.
>> - Fix unbound-dnstap-socket to not use log routine from interrupt
>>   handler and not print so frequently when invoked in sequence.
>> - Fix on windows to ignore connection failure on UDP, unless verbose.
>> - make depend.
>> - Fix #371: unbound-control timeout when Unbound is not running.
>> - Fix to squelch permission denied and other errors from remote host,
>>   they are logged at higher verbosity but not on low verbosity.
>> - Merge PR #335 from fobser: Sprinkle in some static to prevent
>>   missing prototype warnings.
>> - Merge PR #373 from fobser: Warning: arithmetic on a pointer to void
>>   is a GNU extension.
>> - Fix missing prototypes in the code.
>> - Fix error cases when udp-connect is set and send() returns an error
>>   (modified patch from Xin Li @delphij).
>> - For #376: Fix that comm point event is not double removed or double
>>   added to event map.
>> - iana portlist updated.
>> - Fix #385: autoconf 2.70 impacts unbound build
>> - Fix #379: zone loading over HTTP appears to have buffer issues.
>> - Merge PR #395 from mptre: add missing null check.
>> - Fix #387: client-subnet-always-forward seems to effectively bypass
>>   any caching?
>> - For #391: use struct timeval* start_time for callback information.
>> - For #391: fix indentation.
>> - For #391: more double casts in python start time calculation.
>> - Add comment documentation.
>> - Fix clang analysis warning.
>> - Fix so local zone types always_nodata and always_deny can be used
>>   from the config file.
>> - Merge #399 from xiangbao227: The lock of lruhash table should
>>   unlocked after markdel entry.
>> - Fix for #93: dynlibmodule link fix for Windows.
>> - Fix for #93: dynlibmodule import library is named libunbound.dll.a.
>> - Merge #402 from fobser: Implement IPv4-Embedded addresses according
>>   to RFC6052.
>> - Fix #404: DNS query with small edns bufsize fail.
>> - Fix declaration before statement and signed comparison warning in
>>   dns64.
>> - Fix TTL of SOA record for negative answers (localzone and
>>   authzone data) to be the minimum of the SOA TTL and the SOA.MINIMUM.
>> - Fix compile of unbound-dnstap-socket without dnstap installed.
>> - Merge PR #355 from noloader: Make ICANN Update CA and DS Trust Anchor
>>   static data.
>> - Ignore cache blacklisting when trying to reply with expired data from
>>   cache (#394).
>> - Merge PR #408 from fobser: Prevent a few more yacc clashes.
>> - Annotate that we ignore the return value of if_indextoname.
>> - Fix to use correct type for label count in rpz routine.
>> - Fix empty clause warning in config_file nsid parse.
>> - Fix to use correct type for label count in ipdnametoaddr rpz routine.
>> - Fix empty clause warning in edns pass for padding.
>> - Fix for doxygen 1.8.20 compatibility.
>> - Attempt to fix NULL keys in the reuse_tcp tree; relates to #411.
>>
>>
>> Best regards, Wouter
>>
>>
>

More information about the Unbound-users mailing list