RPZ: is this config correct?
A. Schulze
sca at andreasschulze.de
Fri May 21 22:13:21 UTC 2021
Hello George,
Am 21.05.21 um 18:05 schrieb George Thessalonikefs via Unbound-users:
> I could reproduce it easily with 1.13.1 and it seems you hit this (https://github.com/NLnetLabs/unbound/issues/429) bug which is already fixed on the master branch.
>
> With the latest code from master I cannot reproduce it anymore.
>
> Could you verify?
yes, I confirm fetching an auth-zone from https://urlhaus.abuse.ch/downloads/rpz/ as well as from my own https server works well.
One side note on disclosing unbound version:
My own webserver's log
> 2001:db8::53 - - [22/May/2021:00:00:21 +0200] "GET /downloads/rpz HTTP/1.1" 200 210627 "-" "unbound/1.13.2"
The real unbound version is used as http user agent header. This version is disclosed even if
I set 'hide-version: yes' or obfuscate 'version: "foobar/42"'
Maybe the user-agent header could be somehow synchronized with the mentioned settings.
Andreas
More information about the Unbound-users
mailing list