Package: unbound Version: 1.17.1-2 Severity: important Hello, I upgraded from bullseye to bookworm and after the upgrade unbound in version 1.17.1-2 is flooding the journal with the error messages."error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading“. Unbound is configured with DNS over TLS forward addresses (forward-ssl-upstream: yes). journal entries: journalctl -b -u unbound.service Jun 15 22:39:13 klettur-01 systemd[1]: Starting unbound.service - Unbound DNS server... Jun 15 22:39:15 klettur-01 unbound[1501]: [1501:0] notice: init module 0: subnetcache Jun 15 22:39:15 klettur-01 unbound[1501]: [1501:0] warning: subnetcache: serve-expired is set but not working for data originating from the subnet module cache. Jun 15 22:39:15 klettur-01 unbound[1501]: [1501:0] warning: subnetcache: prefetch is set but not working for data originating from the subnet module cache. Jun 15 22:39:15 klettur-01 unbound[1501]: [1501:0] notice: init module 1: validator Jun 15 22:39:15 klettur-01 unbound[1501]: [1501:0] notice: init module 2: iterator Jun 15 22:39:15 klettur-01 unbound[1501]: [1501:0] info: start of service (unbound 1.17.1). Jun 15 22:39:15 klettur-01 systemd[1]: Started unbound.service - Unbound DNS server. Jun 15 22:39:26 klettur-01 unbound[1501]: [1501:0] info: generate keytag query _ta-4f66. NULL IN Jun 15 22:39:36 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:39:36 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:39:36 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:39:36 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:39:41 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:39:52 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:39:52 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:39:52 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:39:52 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:40:18 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:40:18 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:40:32 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:40:32 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:40:32 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:40:56 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:40:56 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:40:56 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:41:12 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:41:12 klettur-01 unbound[1501]: [1501:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading Jun 15 22:41:12 klettur-01 unbound[1501]: [1501:1] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading
The error log entries are related to OpenSSL 3. Related upstream Issue: https://github.com/NLnetLabs/unbound/issues/812 This bug is fixed in upstream commit: https://github.com/NLnetLabs/unbound/commit/d7e776114114c16816570e48ab3a27eedc401a0e Can you please backport the patch to the bookworm package. Regards, Wolfgang
