Your message dated Mon, 18 Apr 2022 02:08:49 +0300
with message-id <[email protected]>
and subject line Re: Bug#1000201 unbound: Fails to download zones via HTTPS
has caused the Debian Bug report #1000201,
regarding unbound: Fails to download zones via HTTPS
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1000201: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000201
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: unbound
Version: 1.13.1-1
Severity: important

Hello,

I have noticed that having zone configs, be it auth-zone or rpz-zone, using a 
HTTP/S-URL fails silently unless the log verbosity is increased.
Trying the same download via cURL works on my bullseye system.

Example config:

rpz:
    name: abuse_ch_threatfox
    zonefile: abuse_ch_threatfox.rpz
    rpz-log: yes
    rpz-log-name: abuse_ch_threatfox
    url: "https://threatfox.abuse.ch/downloads/threatfox.rpz";

Log excerpt:
debug: auth host threatfox.abuse.ch lookup 151.101.114.49
debug: auth zone abuse_ch_threatfox. transfer next HTTP fetch from 
151.101.114.49 started
debug: SSL connection to *.abuse.ch authenticated ip4 151.101.114.49 port 443 
(len 16)
debug: auth zone abuse_ch_threatfox. transfer failed, wait
debug: auth zone abuse_ch_threatfox. timeout in 48 seconds


This bug is fixed in upstream and should be fairly easy to backport:
https://github.com/NLnetLabs/unbound/commit/ff0c5f863d02c29a0eb11f0130110b390656b558


Regards,

André

--- End Message ---
--- Begin Message ---
Version: 1.15.0-1

On Fri, 19 Nov 2021 14:13:06 +0000 =?iso-8859-1?Q?Martinez_Wagner=2C_Andr=E9?=
        <[email protected]> wrote:
..
This bug is fixed in upstream and should be fairly easy to backport:
https://github.com/NLnetLabs/unbound/commit/ff0c5f863d02c29a0eb11f0130110b390656b558

Apparently it is fixed by 1.15.0-1 upload of unbound to experimental.

Thanks,

/mjt

--- End Message ---

Reply via email to