Unbound 1.17.0rc1 pre-release
Yuri
yvoinov at gmail.com
Mon Oct 10 08:37:19 UTC 2022
Compiled and works like a charm.
Also windows version works perfectly.
07.10.2022 16:36, Wouter Wijngaards via Unbound-users пишет:
> Hi,
>
> Unbound 1.17.0rc1 pre-release is available:
> https://nlnetlabs.nl/downloads/unbound/unbound-1.17.0rc1.tar.gz
> sha256 bf48501cf799134a5c481e7d469e18a1e9195d5936ad841e0dbc15b40428d226
> pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.17.0rc1.tar.gz.asc
>
> This release has new interface acl configuration options. These
> allow access-control actions, per interface. Also tags, and views
> can be configured per interface, queries over the interface are
> answered with these tags and views. It is configured with the
> options `interface-action`, `interface-tag`, `interface-tag-action`,
> `interface-tag-data` and `interface-view`. If there is also an
> access-control setting for the query, this overrides the interface
> settings for that query.
>
> The PROXYv2 protocol is supported. It can be configured with the
> `proxy-protocol-port: portno` option. It is used to convey the
> IP addresses of clients that connect via a proxy to Unbound.
>
> There are also fixes for a number of bugs. In some cases a
> blocking wait on a socket could happen, and this has been
> fixed. If the upstream sends a TC flag, erroneously, the reply
> is ignored and retried. When under load, with the new
> NRDelegation fixes from the previous release, there are
> mitigations to continue target discovery. There is also a fix
> for possible loops in the tcp reuse code.
>
> Features
> - Merge #753: ACL per interface. (New interface-* configuration
> options).
> - Merge #760: PROXYv2 downstream support. (New proxy-protocol-port
> configuration option).
>
> Bug Fixes
> - Fix #728: alloc_reg_obtain() core dump. Stop double
> alloc_reg_release when serviced_create fails.
> - Fix edns subnet so that scope 0 answers only match sourcemask 0
> queries for answers from cache if from a query with sourcemask 0.
> - Fix unittest for edns subnet change.
> - Merge #730 from luisdallos: Fix startup failure on Windows 8.1 due
> to unsupported IPV6_USER_MTU socket option being set.
> - Fix ratelimit inconsistency, for ip-ratelimits the value is the
> amount allowed, like for ratelimits.
> - Fix #734 [FR] enable unbound-checkconf to detect more (basic)
> errors.
> - Fix to log accept error ENFILE and EMFILE errno, but slowly, once
> per 10 seconds. Also log accept failures when no slow down is used.
> - Fix to avoid process wide fcntl calls mixed with nonblocking
> operations after a blocked write.
> - Patch from Vadim Fedorenko that adds MSG_DONTWAIT to receive
> operations, so that instruction reordering does not cause mistakenly
> blocking socket operations.
> - Fix to wait for blocked write on UDP sockets, with a timeout if it
> takes too long the packet is dropped.
> - Fix for wait for udp send to stop when packet is successfully sent.
> - Fix #741: systemd socket activation fails on IPv6.
> - Fix to update config tests to fix checking if nonblocking sockets
> work on OpenBSD.
> - Slow down log frequency of write wait failures.
> - Fix to set out of file descriptor warning to operational verbosity.
> - Fix to log a verbose message at operational notice level if a
> thread is not responding, to stats requests. It is logged with
> thread identifiers.
> - Remove include that was there for debug purposes.
> - Fix to check pthread_t size after pthread has been detected.
> - Convert tdir tests to use the new skip_test functionality.
> - Remove unused testcode/mini_tpkg.sh file.
> - Better output for skipped tdir tests.
> - Fix doxygen warning in respip.h.
> - Fix to remove erroneous TC flag from TCP upstream.
> - Fix test tdir skip report printout.
> - Fix windows compile, the identifier interface is defined in headers.
> - Fix to close errno block in comm_point_tcp_handle_read outside of
> ifdef.
> - Fix static analysis report to remove dead code from the
> rpz_callback_from_iterator_module function.
> - Fix to clean up after the acl_interface unit test.
> - Merge #764: Leniency for target discovery when under load (for
> NRDelegation changes).
> - Use DEBUG_TDIR from environment in mini_tdir.sh for debugging.
> - Fix string comparison in mini_tdir.sh.
> - Make ede.tdir test more predictable by using static data.
> - Fix checkconf test for dnscrypt and proxy port.
> - Fix dnscrypt compile for proxy protocol code changes.
> - Fix to stop responses with TC flag from resulting in partial
> responses. It retries to fetch the data elsewhere, or fails the
> query and in depth fix removes the TC flag from the cached item.
> - Fix proxy length debug output printout typecasts.
> - Fix to stop possible loops in the tcp reuse code (write_wait list
> and tcp_wait list). Based on analysis and patch from Prad Seniappan
> and Karthik Umashankar.
>
> Best regards, Wouter
More information about the Unbound-users
mailing list