Package: unbound
Version: 1.13.1-1
Severity: important
Hello,
I have noticed that having zone configs, be it auth-zone or rpz-zone, using a
HTTP/S-URL fails silently unless the log verbosity is increased.
Trying the same download via cURL works on my bullseye system.
Example config:
rpz:
name: abuse_ch_threatfox
zonefile: abuse_ch_threatfox.rpz
rpz-log: yes
rpz-log-name: abuse_ch_threatfox
url: "https://threatfox.abuse.ch/downloads/threatfox.rpz";
Log excerpt:
debug: auth host threatfox.abuse.ch lookup 151.101.114.49
debug: auth zone abuse_ch_threatfox. transfer next HTTP fetch from
151.101.114.49 started
debug: SSL connection to *.abuse.ch authenticated ip4 151.101.114.49 port 443
(len 16)
debug: auth zone abuse_ch_threatfox. transfer failed, wait
debug: auth zone abuse_ch_threatfox. timeout in 48 seconds
This bug is fixed in upstream and should be fairly easy to backport:
https://github.com/NLnetLabs/unbound/commit/ff0c5f863d02c29a0eb11f0130110b390656b558
Regards,
André
