/usr/sbin/unbound-control-setup changed a
cat << EOF > request.cfg
.. things ...
echo "thing1\n" > request.cfg
echo "thing2\n" >> request.cfg
The problem is, this is echo, not printf. This causes openssl to reject the request.cfg file.
Observe with "/usr/sbin/unbound-control-setup -d /tmp" You will be rewarded with an openssl syntax error. Remove the "\n" from both blocks of echo and it'll work.
This breaks the freebsd cluster node bootstrap process.
I note that the error appears to have been MFC'ed into 10-stable as well.
Created attachment 166508 [details]
The problem has been spotted by the upstream as well and will be fixed in the next release
The script has been removed from head and stable/10. It is not needed since local-unbound-setup configures a local control socket, which does not require keys, instead of a TCP socket, which does.
Note that the purpose of having Unbound in base is solely to provide a local validating resolver; if you need to control Unbound on one machine from another, I assume that you are using it as more than just a local resolver, and you should install the port instead.