On Thu, Nov 03, 2016 at 09:54:57AM +0100, W.C.A. Wijngaards via Unbound-users
wrote:
> Hi Robin,
>
> Thank you for the patch, I have applied it to the source.
Great.
I was wondering, is it reasonable to expect users to run
autoconf/automake/lex/yacc themselves, rather than carry all the
generate
Hi Andreas,
Are you using OpenSSL 1.1? Apparently it introduced security levels and
by default doesn't allow aNULL ciphers. I just commited a version to our
repository that sets the security level to 0 for the remote control ssl
context when control-use-cert is no.
Regards,
-- Ralph
On 03-11-16
Hi Andreas,
Unbound sets SSL_CTX_set_cipher_list(rc->ctx, "aNULL") in
daemon/remote.c, you can get the list of aNULL ciphers(1) with
$ openssl ciphers aNULL
For me that is a long list of ciphers.
I do not really know what the correct list is to set here. It seems
reasonable that authentication h
Hello,
after update from 1.5.9 to 1.5.10 "unbound-control reload" no longer work:
the relevant unbound.conf section:
remote-control:
control-enable: yes
control-interface: /path/to/unbound-control.socket
control-use-cert: no
# ls -la /path/to/unbound-control.socket
srw-rw
Hi Robin,
Thank you for the patch, I have applied it to the source.
Best regards, Wouter
On 03/11/16 01:10, robbat2--- via Unbound-users wrote:
> From: "Robin H. Johnson"
>
> Add an option to control the log identity of unbound instances.
>
> This is primarily useful on systems that run more