upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix issue #676: Unencrypted query is sent when forward-tls-upstream: yes is

Browse source 
used without tls-cert-bundle

Model the behavior of unbound in unbound-host: always create a SSL context
This commit is contained in:
Philip Homburg 2023-03-24 14:51:37 +01:00
parent eb7eff4fc7
commit 7e6a7f310d
1 changed files with 6 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
libunbound/libworker.c
View file

@ -168,7 +168,6 @@ libworker_setup(struct ub_ctx* ctx, int is_bg, struct ub_event_base* eb)
hints_delete(w->env->hints);
w->env->hints = NULL;
}
if(cfg->ssl_upstream || (cfg->tls_cert_bundle && cfg->tls_cert_bundle[0]) || cfg->tls_win_cert) {
w->sslctx = connect_sslctx_create(NULL, NULL,
cfg->tls_cert_bundle, cfg->tls_win_cert);
if(!w->sslctx) {
@ -176,7 +175,6 @@ libworker_setup(struct ub_ctx* ctx, int is_bg, struct ub_event_base* eb)
hints_delete(w->env->hints);
w->env->hints = NULL;
}
}
if(!w->is_bg || w->is_bg_thread) {
lock_basic_unlock(&ctx->cfglock);
}