Hi,
Attached is the patch for unbound 1.4.15 that fixes a bugfix in 1.4.15
that misbehaves. It can be seen by validation failures (example below)
after hours or days. The bug is present in 1.4.15 and 1.4.15rc1 (the
TTL fix in it). It only happens if you have trust anchors configured
(you do DNSSEC).
validation failure xx: no NSEC3 closest encloser from yy for DS zz while
building chain of trust.
We intend to release unbound 1.4.16 with this fix soon.
You can apply this to the 1.4.15 source with patch -p0 < file. And then
build and install it.
Best regards,
Wouter
(attachments)
patch_nsec3_1415.diff (449 Bytes)