[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 274549] local-unbound not resolving unless security/ca_root_nss installed"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 17 Oct 2023 23:33:47 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274549
Bug ID: 274549
Summary: local-unbound not resolving unless
security/ca_root_nss installed
Product: Base System
Version: 15.0-CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: bugs@FreeBSD.org
Reporter: jrm@freebsd.org
More detail:
% grep unbound /etc/rc.conf
local_unbound_enable="YES"
local_unbound_forwarders="1.1.1.1@853#cloudflare-dns.com
1.0.0.1@853#cloudflare-dns.com"
local_unbound_tls="YES"
% sudo service local_unbound setup
Performing initial setup.
destination:
/var/unbound/forward.conf not modified
/var/unbound/lan-zones.conf not modified
/var/unbound/control.conf not modified
/var/unbound/unbound.conf not modified
/etc/resolvconf.conf not modified
/etc/resolv.conf not modified
% cat /etc/unbound/unbound.conf
% sudo service local_unbound start
Starting local_unbound.
Waiting for nameserver to start... good
% drill @ns0.freebsd.org freebsd.org
Error: could not find any address for the name: `ns0.freebsd.org'
Using truss on the local_unbound process shows
fstatat(AT_FDCWD,"/etc/ssl/certs/ebc232bc.0",0x3a536aae2dc0,0x0) ERR#2 'No such
file or directory'
fstatat(AT_FDCWD,"/etc/ssl/certs",0x3a536aae2c20,0x0) ERR#2 'No such file or
directory'
fstatat(AT_FDCWD,"/etc/ssl/certs/3513523f.0",0x3a536aae2dc0,0x0) ERR#2 'No such
file or directory'
fstatat(AT_FDCWD,"/etc/ssl/certs",0x3a536aae2c20,0x0) ERR#2 'No such file or
directory'
fstatat(AT_FDCWD,"/etc/ssl/certs/3513523f.0",0x3a536aae2dc0,0x0) ERR#2 'No such
file or directory'
fstatat(AT_FDCWD,"/etc/ssl/certs",0x3a536aae2c20,0x0) ERR#2 'No such file or
directory'
Starting local_unbound with -vvv says
Oct 17 20:09:39 ala local-unbound[78347]: [78347:0] error: ssl handshake failed
crypto error:16000069:STORE routines::unregistered scheme
Oct 17 20:09:39 ala local-unbound[78347]: [78347:0] error: and additionally
crypto error:80000002:system library::No such file or directory
Oct 17 20:09:39 ala local-unbound[78347]: [78347:0] error: and additionally
crypto error:16000069:STORE routines::unregistered scheme
Oct 17 20:09:39 ala local-unbound[78347]: [78347:0] error: and additionally
crypto error:0A000086:SSL routines::certificate verify failed
Oct 17 20:09:39 ala local-unbound[78347]: [78347:0] notice: ssl handshake
failed ip4 1.0.0.1 port 853 (len 16)
After re-installing security/ca_root_nss, local_unbound resolves fine again.
--
You are receiving this mail because:
You are the assignee for the bug.