It eats significantly less RAM (comparing with 1.8.0) and runs smoothly.
01.10.2018 18:30, Wouter Wijngaards via Unbound-users пишет: > Hi, > > Unbound 1.8.1rc1 pre-release is available: > https://nlnetlabs.nl/downloads/unbound/unbound-1.8.1rc1.tar.gz > sha256 e1f285320f6f826ffe50dea8ad405bebaa84d13bdfefc91add1676c272029a46 > pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.8.1rc1.tar.gz.asc > > This release of Unbound contains a number of bug fixes. A memory leak > in the TLS lookup code is fixed. Leaked requests in the requestlist are > fixed. Lookup failure due to qname minimisation and a lack of IPv6 with > connectivity issues is fixed. > > TLS upstream servers are signalled with SNI with the name that is > configured. This allows hosting servers by name on the destination. > > Also Unbound is fixed from calling disallowed routines, by using EVP > code, for FIPS OpenSSL. > > > Features: > - Perform TLS SNI indication of the host that is being contacted > for DNS over TLS service. It sets the configured tls auth name. > This is useful for hosts that apart from the DNS over TLS services > also provide other (web) services. > > Bug Fixes: > - More explicitly mention the type of ratelimit when applying > ip-ratelimit. > - Fix spelling error in header, from getdns commit by Andreas Gelmini. > - iana port update. > - Fixed unused return value warnings in contrib/fastrpz.patch for > asprintf. > - Fix to squelch respip warning in unit test, it is printed at > higher verbosity settings. > - Fix spelling errors. > - Fix initialisation in remote.c > - Fix seed for random backup code to use explicit zero when wiped. > - exit log routine is annotated as noreturn function. > - free memory leaks in config strlist and str2list insert functions. > - do not move unused argv variable after getopt. > - Remove unused if clause in testcode. > - in testcode, free async ids, initialise array, and check for null > pointer during test of the test. And use exit for return to note > irregular program stop. > - Free memory leak in config strlist append. > - make sure nsec3 comparison salt is initialized. > - unit test has clang analysis. > - remove unused variable assignment from iterator scrub routine. > - check for null in delegation point during iterator refetch > in forward zone. > - neater pointer cast in libunbound context quit routine. > - initialize statistics totals for printout. > - in authzone check that node exists before adding rrset. > - in unbound-anchor, use readwrite memory BIO. > - assertion in autotrust that packed rrset is formed correctly. > - Fix memory leak when message parse fails partway through copy. > - remove unused udpsize assignment in message encode. > - nicer bio free code in unbound-anchor. > - annotate exit functions with noreturn in unbound-control. > - Fix compile on Mac for unbound, provide explicit_bzero when libc > does not have it. > - Fix unbound for openssl in FIPS mode, it uses the digests with > the EVP call contexts. > - Fix that with harden-below-nxdomain and qname minisation enabled > some iterator states for nonresponsive domains can get into a > state where they waited for an empty list. > - Stop UDP to TCP failover after timeouts that causes the ping count > to be reset by the TCP time measurement (that exists for TLS), > because that causes the UDP part to not be measured as timeout. > - Fix #4156: Fix systemd service manager state change notification. > - Fix #4149: Add SSL cleanup for tcp timeout. > - Fix #4188: IPv6 forwarders without ipv6 result in SERVFAIL, fixes > qname minimisation with a forwarder when connectivity has issues > from rejecting responses. > > Best regards, Wouter > > > -- "C++ seems like a language suitable for firing other people's legs." ***************************** * C++20 : Bug to the future * *****************************
signature.asc
Description: OpenPGP digital signature
