Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove left-over requirements on OpenSSL >= 1.1.0 for cert name matching #13

Closed
wants to merge 2 commits into from

Conversation

dne
Copy link

@dne dne commented Feb 6, 2019

When bug #4206 was resolved, some bits remained that still indicate that OpenSSL 1.1.0 or later is required:

  • Invalid error logging when name verification is enabled with older OpenSSL (or LibreSSL).
  • Outdated note in the unbound.conf(5) man page.

@wcawijngaards
Copy link
Member

Thanks, doc updated.

jedisct1 added a commit to jedisct1/unbound that referenced this pull request Feb 15, 2019
* nlnet/master:
  - Fix capsforid canonical sort qsort callback.
  - make depend, with newer gcc, nicer layout.
  - Fix NLnetLabs#13: Remove left-over requirements on OpenSSL >= 1.1.0 for   cert name matching, from man page.
  Also fix this unit test for qname minimisation asked queries that have to be added to the provided answer list.
  - Fix recursion lame test for qname minimisation asked queries,   that were not present in the set of prepared answers.
  - Note default for module-config in man page.
  - Fix #4225: clients seem to erroneously receive no answer with   DNS-over-TLS and qname-minimisation.
  - Fix that qname minimisation does not skip a label when missing   nameserver targets need to be fetched.
  - Fix #4206: OpenSSL 1.0.2 hostname verification for FreeBSD 11.2.
@rma-shuyu rma-shuyu mentioned this pull request Jan 12, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants