Unbound 1.17.1rc1 pre-release

RayG rgsub1 at btinternet.com
Thu Jan 5 17:19:24 UTC 2023 

Hi Wouter,

Downloaded 1.17.1rc1 for Windows but it does not want to run.

On double clicking the exe I get the UAC prompt either as admin or non
admin user but following that it just "disappears" There are no entries in
the event log that I can see/find.

Some time back I turned on "Mandatory ASLR"  in the Exploit Protection
section of Windows security/App and browser control.

I have had no issues with my system save for one "Portable app" which
cannot handle this setting this was easily resolved another way.

Turning this on was the reason for the above issue with the Unbound
installer.

The description in the Windows Security section suggest that the installer
is not compiled with the /DYNAMICBASE option.

Is this something that can be remedied? (assuming I have the correct reason
here)

Edition	Windows 10 Pro
Version	22H2
Installed on	‎04/‎04/‎2022
OS build	19045.2364
Experience	Windows Feature Experience Pack 120.2212.4190.0

Turning the option off, rebooting and the installation runs OK and all
appears to be running as it should:

05/01/2023 16:57:43 C:\Program Files\Unbound\unbound.exe[11416:0] notice:
init module 0: respip
05/01/2023 16:57:43 C:\Program Files\Unbound\unbound.exe[11416:0] notice:
init module 1: validator
05/01/2023 16:57:43 C:\Program Files\Unbound\unbound.exe[11416:0] notice:
init module 2: iterator
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
start of service (unbound 1.17.1).
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
resolving . DNSKEY IN
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
response for . DNSKEY IN
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
reply from <.> 2620:fe::fe#853
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
query response was ANSWER
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
prime trust anchor
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
generate keytag query _ta-4f66. NULL IN
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
resolving . DNSKEY IN
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
validate keys with anchor(DS): sec_status_secure
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
Successfully primed trust anchor . DNSKEY IN
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
resolving _ta-4f66. NULL IN
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
validate(positive): sec_status_secure
05/01/2023 16:57:44 C:\Program Files\Unbound\unbound.exe[11416:0] info:
validation success . DNSKEY IN

After turning the option back on and rebooting, Unbound runs OK.

05/01/2023 17:12:11 C:\Program Files\Unbound\unbound.exe[11416:0] notice:
init module 0: respip
05/01/2023 17:12:11 C:\Program Files\Unbound\unbound.exe[11416:0] notice:
init module 1: validator
05/01/2023 17:12:11 C:\Program Files\Unbound\unbound.exe[11416:0] notice:
init module 2: iterator
05/01/2023 17:12:11 C:\Program Files\Unbound\unbound.exe[11416:0] info:
start of service (unbound 1.17.1).
05/01/2023 17:13:32 C:\Program Files\Unbound\unbound.exe[3968:0] notice:
init module 0: respip
05/01/2023 17:13:32 C:\Program Files\Unbound\unbound.exe[3968:0] notice:
init module 1: validator
05/01/2023 17:13:32 C:\Program Files\Unbound\unbound.exe[3968:0] notice:
init module 2: iterator

I notice that "start of service (unbound 1.17.1)" does not say its RC1 😊

Thanks

RayG


-----Original Message-----
From: Wouter Wijngaards <wouter at nlnetlabs.nl> 
Sent: 05 January 2023 10:41
To: maintainers at nlnetlabs.nl; unbound-users at nlnetlabs.nl
Subject: Unbound 1.17.1rc1 pre-release

Hi,

Unbound 1.17.1rc1 pre-release is available:
https://nlnetlabs.nl/downloads/unbound/unbound-1.17.1rc1.tar.gz
sha256 4686cd98222cd7580606a07f4f20c15d531634e1ae34e9dad767e4e12609b61f
pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.17.1rc1.tar.gz.asc

This release fixes a number of bugs. There are also new configuration
options that by default do not change the existing behaviour of Unbound.

With `statistics-inhibit-zero` the printout of zero values by stats can
be controlled. Similarly with `max-sent-count` and `max-query-restarts`
the iterator behaviour can be controlled. The maximum CNAME chain length
that is accepted can be changed by increasing the `max-query-restarts`
number. This takes more time to follow those elements.

The keep-cache option allows reloads to change configuration whilst
keeping the cache memory intact, making the cache hot for good response
times after the change has completed.

Features
- Expose 'statistics-inhibit-zero' as a configuration option; the
   default value retains Unbound's behavior.
- Expose 'max-sent-count' as a configuration option; the
   default value retains Unbound's behavior.
- Merge #461 from Christian Allred: Add max-query-restarts option.
   Exposes an internal configuration but the default value retains
   Unbound's behavior.
- Merge #569 from JINMEI Tatuya: add keep-cache option to
   'unbound-control reload' to keep caches.

Bug Fixes
- Merge #768 from fobser: Arithmetic on a pointer to void is a GNU
   extension.
- In unit test, print python script name list correctly.
- testcode/dohclient sets log identity to its name.
- Clarify the use of MAX_SENT_COUNT in the iterator code.
- Fix that cachedb does not store failures in the external cache.
- Merge #767 from jonathangray: consistently use IPv4/IPv6 in
   unbound.conf.5.
- Fix to ignore tcp events for closed comm points.
- Fix to make sure to not read again after a tcp comm point is closed.
- Fix #775: libunbound: subprocess reap causes parent process reap
   to hang.
- iana portlist update.
- Complementary fix for distutils.sysconfig deprecation in Python 3.10
   to commit 62c5039ab9da42713e006e840b7578e01d66e7f2.
- Fix #779: [doc] Missing documention in ub_resolve_event() for
   callback parameter was_ratelimited.
- Ignore expired error responses.
- Merge #720 from jonathangray: fix use after free when
   WSACreateEvent() fails.
- Fix for the ignore of tcp events for closed comm points, preserve
   the use after free protection features.
- Fix #782: Segmentation fault in stats.c:404.
- Add SVCB and HTTPS to the types removed by 'unbound-control flush'.
- Clear documentation for interactivity between the subnet module and
   the serve-expired and prefetch configuration options.
- Fix #773: When used with systemd-networkd, unbound does not start
   until systemd-networkd-wait-online.service times out.
- Merge #808: Wrap Makefile script's directory variables in quotes.
- Fix to wrap Makefile scripts directory in quotes for uninstall.
- Fix windows compile for libunbound subprocess reap comm point closes.
- Update github workflows to use checkout v3.

Best regards, Wouter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 5654 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20230105/2619b25e/attachment-0001.bin>

More information about the Unbound-users mailing list