Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove left-over requirements on OpenSSL >= 1.1.0 for cert name matching #13

Closed
wants to merge 2 commits into from

Conversation

Projects
None yet
2 participants
@dne
Copy link

commented Feb 6, 2019

When bug #4206 was resolved, some bits remained that still indicate that OpenSSL 1.1.0 or later is required:

  • Invalid error logging when name verification is enabled with older OpenSSL (or LibreSSL).
  • Outdated note in the unbound.conf(5) man page.
@wcawijngaards

This comment has been minimized.

Copy link
Member

commented Feb 11, 2019

Thanks, doc updated.

jedisct1 added a commit to jedisct1/unbound that referenced this pull request Feb 15, 2019

Merge remote-tracking branch 'nlnet/master'
* nlnet/master:
  - Fix capsforid canonical sort qsort callback.
  - make depend, with newer gcc, nicer layout.
  - Fix NLnetLabs#13: Remove left-over requirements on OpenSSL >= 1.1.0 for   cert name matching, from man page.
  Also fix this unit test for qname minimisation asked queries that have to be added to the provided answer list.
  - Fix recursion lame test for qname minimisation asked queries,   that were not present in the set of prepared answers.
  - Note default for module-config in man page.
  - Fix #4225: clients seem to erroneously receive no answer with   DNS-over-TLS and qname-minimisation.
  - Fix that qname minimisation does not skip a label when missing   nameserver targets need to be fetched.
  - Fix #4206: OpenSSL 1.0.2 hostname verification for FreeBSD 11.2.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.