Hi RayG, Fixed this in the commit https://github.com/NLnetLabs/unbound/commit/46939294710d24a37f9f838141f26e6b063b01f3
Thanks for the report! I updated the link with the installer to a new installer with a root.key file that has the right contents. www.nlnetlabs.nl/~wouter/unbound_setup_1.13.1_20210202.exe www.nlnetlabs.nl/~wouter/unbound-1.13.1_20210202.zip Best regards, Wouter On 02/02/2021 16:38, RayG wrote: > Hi Wouter, > > A bit further forward but it still will not run. > > The reason being that the root.key file has a zero length. It has the correct > info when 1.13.0 is running. > > unbound_setup_1.13.1_20210202 corrupts the file. > > C:\Program Files\Unbound>unbound-checkconf.exe > [1612280164] unbound-checkconf[9652:0] error: failed to read C:\Program > Files\Unbound\root.key > [1612280164] unbound-checkconf[9652:0] error: error reading > auto-trust-anchor-file: C:\Program Files\Unbound\root.key > [1612280164] unbound-checkconf[9652:0] error: validator: error in > trustanchors config > [1612280164] unbound-checkconf[9652:0] error: validator: could not apply > configuration settings. > [1612280164] unbound-checkconf[9652:0] fatal error: bad config for validator > module > > 02/02/2021 15:33:52 C:\Program Files\Unbound\unbound.exe[4548:0] notice: init > module 0: respip > 02/02/2021 15:33:52 C:\Program Files\Unbound\unbound.exe[4548:0] notice: init > module 1: validator > 02/02/2021 15:33:52 C:\Program Files\Unbound\unbound.exe[4548:0] error: > failed to read C:\Program Files\Unbound\root.key > 02/02/2021 15:33:52 C:\Program Files\Unbound\unbound.exe[4548:0] error: error > reading auto-trust-anchor-file: C:\Program Files\Unbound\root.key > 02/02/2021 15:33:52 C:\Program Files\Unbound\unbound.exe[4548:0] error: > validator: error in trustanchors config > 02/02/2021 15:33:52 C:\Program Files\Unbound\unbound.exe[4548:0] error: > validator: could not apply configuration settings. > 02/02/2021 15:33:52 C:\Program Files\Unbound\unbound.exe[4548:0] error: > module init for module validator failed > 02/02/2021 15:33:52 C:\Program Files\Unbound\unbound.exe[4548:0] fatal error: > failed to setup modules > > RayG > -----Original Message----- > From: Wouter Wijngaards <wou...@nlnetlabs.nl> > Sent: 02 February 2021 15:17 > To: RayG <rgs...@btinternet.com>; unbound-us...@nlnetlabs.nl > Subject: Re: Unbound 1.13.1rc1 pre-release > > Hi RayG, > > Here is a build for today's fix > www.nlnetlabs.nl/~wouter/unbound_setup_1.13.1_20210202.exe > www.nlnetlabs.nl/~wouter/unbound-1.13.1_20210202.zip > and .asc pgp signature and .sha256 sum files. > > Best regards, Wouter > > On 02/02/2021 15:44, RayG wrote: >> Hi Wouter, >> >> Thanks >> >> I'll have to wait until you next build the Windows installer. >> >> RayG >> >> -----Original Message----- >> From: Wouter Wijngaards <wou...@nlnetlabs.nl> >> Sent: 02 February 2021 14:09 >> To: RayG <rgs...@btinternet.com>; unbound-us...@nlnetlabs.nl; >> maintain...@nlnetlabs.nl >> Subject: Re: Unbound 1.13.1rc1 pre-release >> >> Hi RayG, >> >> This seems to be because of a default stack protector in mingw. Fix >> includes libssp in the libunbound/ directory of the zipfile, and >> attempts to statically link with it in the unbound executable. It is >> applied to the repository in commits >> https://github.com/NLnetLabs/unbound/commit/aa8dfe94d31e11c19897444b95 >> 5af6ac10aec1cd >> https://github.com/NLnetLabs/unbound/commit/f9a1ac3f0b1a415d8085e113d4 >> 4797e62c436a52 >> https://github.com/NLnetLabs/unbound/commit/18840665bcbb28c9de07bc3b20 >> 157a0dde13f8fd >> >> Best regards, Wouter >> >> On 02/02/2021 13:39, RayG wrote: >>> V1.13.1rc1 will not run on Windows X64 (20H2) >>> >>> The error is: >>> "the code execution cannot proceed because libssp-0.dll was not found" >>> >>> Reinstalling the application does not help, >>> >>> Reverting to v1.13.0 >>> >>> RayG >>> -----Original Message----- >>> From: Wouter Wijngaards <wou...@nlnetlabs.nl> >>> Sent: 02 February 2021 07:47 >>> To: unbound-us...@nlnetlabs.nl; maintain...@nlnetlabs.nl >>> Subject: Unbound 1.13.1rc1 pre-release >>> >>> Hi, >>> >>> Unbound 1.13.1rc1 pre-release is available >>> https://nlnetlabs.nl/downloads/unbound/unbound-1.13.1rc1.tar.gz >>> sha256 >>> c652c0a35165c97962f0cd503902b95096b3f3252d1bf9cefe5ab9e4910e4fec >>> pgp >>> https://nlnetlabs.nl/downloads/unbound/unbound-1.13.1rc1.tar.gz.asc >>> >>> >>> This release contains a number of bug fixes. There is added support for >>> the EDNS Padding option (RFC7830 and RFC8467), and the EDNS NSID option >>> (RFC 5001). Unbound control has added commands to enable and disable rpz >>> processing. Reply callbacks have a start time passed to them that can be >>> used to calculate time, these are callbacks for response processing. With >>> the option serve-original-ttl the TTL served in responses is the original, >>> not counted down, value, for when in front of authority service. >>> >>> Features >>> - Merge PR #375 by fhriley: Add rpz_enable and rpz_disable commands >>> to unbound-control. >>> - Merge PR #391 from fhriley: Add start_time to reply callbacks so >>> modules can compute the response time. >>> - Fix #397: [Feature request] add new type always_null to local-zone >>> similar to always_nxdomain. >>> - Support for RFC5001: DNS Name Server Identifier (NSID) Option >>> with the nsid: option in unbound.conf >>> - Padding of queries and responses with DNS over TLS as specified in >>> RFC7830 and RFC8467. >>> - Merge PR #275 from Roland van Rijswijk-Deij: Add feature to return the >>> original instead of a decrementing TTL ('serve-original-ttl') >>> >>> Bug Fixes >>> - Fix #358: Squelch udp connect 'no route to host' errors on low >>> verbosity. >>> - Fix #360: for the additionally reported TCP Fast Open makes TCP >>> connections fail, in that case we print a hint that this is >>> happening with the error in the logs. >>> - Fix #356: deadlock when listening tcp. >>> - Fix unbound-dnstap-socket to not use log routine from interrupt >>> handler and not print so frequently when invoked in sequence. >>> - Fix on windows to ignore connection failure on UDP, unless verbose. >>> - make depend. >>> - Fix #371: unbound-control timeout when Unbound is not running. >>> - Fix to squelch permission denied and other errors from remote host, >>> they are logged at higher verbosity but not on low verbosity. >>> - Merge PR #335 from fobser: Sprinkle in some static to prevent >>> missing prototype warnings. >>> - Merge PR #373 from fobser: Warning: arithmetic on a pointer to void >>> is a GNU extension. >>> - Fix missing prototypes in the code. >>> - Fix error cases when udp-connect is set and send() returns an error >>> (modified patch from Xin Li @delphij). >>> - For #376: Fix that comm point event is not double removed or double >>> added to event map. >>> - iana portlist updated. >>> - Fix #385: autoconf 2.70 impacts unbound build >>> - Fix #379: zone loading over HTTP appears to have buffer issues. >>> - Merge PR #395 from mptre: add missing null check. >>> - Fix #387: client-subnet-always-forward seems to effectively bypass >>> any caching? >>> - For #391: use struct timeval* start_time for callback information. >>> - For #391: fix indentation. >>> - For #391: more double casts in python start time calculation. >>> - Add comment documentation. >>> - Fix clang analysis warning. >>> - Fix so local zone types always_nodata and always_deny can be used >>> from the config file. >>> - Merge #399 from xiangbao227: The lock of lruhash table should >>> unlocked after markdel entry. >>> - Fix for #93: dynlibmodule link fix for Windows. >>> - Fix for #93: dynlibmodule import library is named libunbound.dll.a. >>> - Merge #402 from fobser: Implement IPv4-Embedded addresses according >>> to RFC6052. >>> - Fix #404: DNS query with small edns bufsize fail. >>> - Fix declaration before statement and signed comparison warning in >>> dns64. >>> - Fix TTL of SOA record for negative answers (localzone and >>> authzone data) to be the minimum of the SOA TTL and the SOA.MINIMUM. >>> - Fix compile of unbound-dnstap-socket without dnstap installed. >>> - Merge PR #355 from noloader: Make ICANN Update CA and DS Trust Anchor >>> static data. >>> - Ignore cache blacklisting when trying to reply with expired data from >>> cache (#394). >>> - Merge PR #408 from fobser: Prevent a few more yacc clashes. >>> - Annotate that we ignore the return value of if_indextoname. >>> - Fix to use correct type for label count in rpz routine. >>> - Fix empty clause warning in config_file nsid parse. >>> - Fix to use correct type for label count in ipdnametoaddr rpz routine. >>> - Fix empty clause warning in edns pass for padding. >>> - Fix for doxygen 1.8.20 compatibility. >>> - Attempt to fix NULL keys in the reuse_tcp tree; relates to #411. >>> >>> >>> Best regards, Wouter >>> >>> >> >
