aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSören Tempel <soeren+git@soeren-tempel.net>2015-11-16 14:45:40 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2015-11-18 08:04:07 +0000
commit4f5540c218aeeb5ffce5c2b2823823685cc8ae75 (patch)
treea9244dbd3862ddf1d64563dcdfdec50aa6a9a5a2
parentbb62500e13812d32a4483904486bc05f4fd612ef (diff)
downloadaports-4f5540c218aeeb5ffce5c2b2823823685cc8ae75.tar.bz2
aports-4f5540c218aeeb5ffce5c2b2823823685cc8ae75.tar.xz
main/unbound: use trust-anchor-file by default
-rw-r--r--main/unbound/APKBUILD8
-rw-r--r--main/unbound/conf.patch31
2 files changed, 33 insertions, 6 deletions
diff --git a/main/unbound/APKBUILD b/main/unbound/APKBUILD
index 2422dd4330..7a52cff32e 100644
--- a/main/unbound/APKBUILD
+++ b/main/unbound/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=unbound
pkgver=1.5.6
-pkgrel=3
+pkgrel=4
pkgdesc="Unbound is a validating, recursive, and caching DNS resolver"
pkgusers="unbound"
pkggroups="unbound"
@@ -96,21 +96,21 @@ migrate() {
}
md5sums="691a34abd8e9257dd65b70f28326c1f0 unbound-1.5.6.tar.gz
-d354705e7a468b7fad5e19ff5bd1bceb conf.patch
+ac71ed8daf79787a0689ae3971bf4350 conf.patch
deb0a18f2250caa53750ee2cecac71e9 swig.patch
c1c71cd0e7f9630536a2abf2513c675d update-unbound-root-hints
5340681e5ec1a1fd47a0de27f5c03c21 migrate-dnscache-to-unbound
b2afc34d106e104730b63876c9a07caf root.hints
b98eded68339fc605ec7e6cbb50e5aa3 unbound.initd"
sha256sums="ad3823f5895f59da9e408ea273fcf81d8a76914c18864fba256d7f140b83e404 unbound-1.5.6.tar.gz
-d95a6b37cce224ab37dadb6dae973992f718c229740bd72ab0edc72cc8e23d84 conf.patch
+127f4b97a4200d47265cad6970ba17784e57883c7cb0f7104cfbc7979bd9efc3 conf.patch
d131e19129744f7014167d8701cb39c8358269a89b317b8a74dacfd267e1f516 swig.patch
0db3ca197b62901fab984cb2559925adbf3307ccd1dca3e1dd69cd1642ff0a36 update-unbound-root-hints
582851b4017044d8642c42c5df09b27494c963e1eebb8be3373b2dbd168d0ac0 migrate-dnscache-to-unbound
9de827bda7ddb3b8d3fac2db56c0fe65a67772a12a874c75091ae8e3f2b31c73 root.hints
d9997000449179dc16f5084bf061453faf09094f843acb1d163757f8000c0cd7 unbound.initd"
sha512sums="2477e3f00b8f5a3a4661ff20b0bc0d1d56c8a65cc6ab9f1308ae86f41c67a998af68d3ac5ba6c9c22a25a251f0410eaf9fee82911bcb3a3e82ffb6383e28dcf7 unbound-1.5.6.tar.gz
-3c611842fa022f2d3c68293d14a683d92d81d124b78561a27818d761684496d9d97551aeca5582709f5ff2cd717b626d6bf4864d58de10e23ce3a07d4129af6c conf.patch
+a63b849b7bcd923e5ae648ea2a805beed2529afcb8363dd8ee968b964b8bf731f5d2579bc6126619cb1865a498c39e1e0dd7a0f93fecc27569aa5425d6af9ca9 conf.patch
7d2666363be7156b26fd857459492f6e78fbc24bd6923dd51477e09df938d8c617035e4aa8bf91ffcde384e2dff8225eced14d7aaa7690e3a95b34c5f21eaf7d swig.patch
0f80b507a8f71b0c00729501d861657ce91a57024cd1963c150d0630c71eccceba370d6e732ff39bb807713672550d87a8c8ecdb9fce6b8b4386c12689603700 update-unbound-root-hints
b26a13c1c88da9611a65705dc59f7233c5e0f6aced0d7d66c18536a969a2de627ca5d4bb55eedd81f2f040fa11bde48eaaeca2850f376e72e7a531678a259131 migrate-dnscache-to-unbound
diff --git a/main/unbound/conf.patch b/main/unbound/conf.patch
index 5224e05ade..dcac701f78 100644
--- a/main/unbound/conf.patch
+++ b/main/unbound/conf.patch
@@ -1,6 +1,15 @@
diff -upr unbound-1.5.6.orig/doc/example.conf.in unbound-1.5.6/doc/example.conf.in
---- unbound-1.5.6.orig/doc/example.conf.in 2015-11-16 12:39:39.031890692 +0100
-+++ unbound-1.5.6/doc/example.conf.in 2015-11-16 12:40:05.452566815 +0100
+--- unbound-1.5.6.orig/doc/example.conf.in 2015-11-16 14:42:32.068772139 +0100
++++ unbound-1.5.6/doc/example.conf.in 2015-11-16 14:42:55.639731588 +0100
+@@ -212,7 +212,7 @@ server:
+ # How to do this is specific to your OS.
+ #
+ # If you give "" no chroot is performed. The path must not end in a /.
+- # chroot: "@UNBOUND_CHROOT_DIR@"
++ chroot: ""
+
+ # if given, user privileges are dropped (after binding port),
+ # and the given username is assumed. Default is user "unbound".
@@ -243,7 +243,7 @@ server:
# file to read root hints from.
@@ -10,3 +19,21 @@ diff -upr unbound-1.5.6.orig/doc/example.conf.in unbound-1.5.6/doc/example.conf.
# enable to not answer id.server and hostname.bind queries.
# hide-identity: no
+@@ -361,7 +361,7 @@ server:
+ # you start unbound (i.e. in the system boot scripts). And enable:
+ # Please note usage of unbound-anchor root anchor is at your own risk
+ # and under the terms of our LICENSE (see that file in the source).
+- # auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@"
++ # auto-trust-anchor-file: ""
+
+ # File with DLV trusted keys. Same format as trust-anchor-file.
+ # There can be only one DLV configured, it is trusted from root down.
+@@ -372,7 +372,7 @@ server:
+ # with several entries, one file per entry.
+ # Zone file format, with DS and DNSKEY entries.
+ # Note this gets out of date, use auto-trust-anchor-file please.
+- # trust-anchor-file: ""
++ trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@"
+
+ # Trusted key for validation. DS or DNSKEY. specify the RR on a
+ # single line, surrounded by "". TTL is ignored. class is IN default.