diff options
| author | Sören Tempel <soeren+git@soeren-tempel.net> | 2015-11-16 14:45:40 +0100 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-11-18 08:04:07 +0000 |
| commit | 4f5540c218aeeb5ffce5c2b2823823685cc8ae75 (patch) | |
| tree | a9244dbd3862ddf1d64563dcdfdec50aa6a9a5a2 /main/unbound/conf.patch | |
| parent | bb62500e13812d32a4483904486bc05f4fd612ef (diff) | |
| download | aports-4f5540c218aeeb5ffce5c2b2823823685cc8ae75.tar.bz2 aports-4f5540c218aeeb5ffce5c2b2823823685cc8ae75.tar.xz | |
main/unbound: use trust-anchor-file by default
Diffstat (limited to 'main/unbound/conf.patch')
| -rw-r--r-- | main/unbound/conf.patch | 31 |
1 files changed, 29 insertions, 2 deletions
diff --git a/main/unbound/conf.patch b/main/unbound/conf.patch index 5224e05ade..dcac701f78 100644 --- a/main/unbound/conf.patch +++ b/main/unbound/conf.patch @@ -1,6 +1,15 @@ diff -upr unbound-1.5.6.orig/doc/example.conf.in unbound-1.5.6/doc/example.conf.in ---- unbound-1.5.6.orig/doc/example.conf.in 2015-11-16 12:39:39.031890692 +0100 -+++ unbound-1.5.6/doc/example.conf.in 2015-11-16 12:40:05.452566815 +0100 +--- unbound-1.5.6.orig/doc/example.conf.in 2015-11-16 14:42:32.068772139 +0100 ++++ unbound-1.5.6/doc/example.conf.in 2015-11-16 14:42:55.639731588 +0100 +@@ -212,7 +212,7 @@ server: + # How to do this is specific to your OS. + # + # If you give "" no chroot is performed. The path must not end in a /. +- # chroot: "@UNBOUND_CHROOT_DIR@" ++ chroot: "" + + # if given, user privileges are dropped (after binding port), + # and the given username is assumed. Default is user "unbound". @@ -243,7 +243,7 @@ server: # file to read root hints from. @@ -10,3 +19,21 @@ diff -upr unbound-1.5.6.orig/doc/example.conf.in unbound-1.5.6/doc/example.conf. # enable to not answer id.server and hostname.bind queries. # hide-identity: no +@@ -361,7 +361,7 @@ server: + # you start unbound (i.e. in the system boot scripts). And enable: + # Please note usage of unbound-anchor root anchor is at your own risk + # and under the terms of our LICENSE (see that file in the source). +- # auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@" ++ # auto-trust-anchor-file: "" + + # File with DLV trusted keys. Same format as trust-anchor-file. + # There can be only one DLV configured, it is trusted from root down. +@@ -372,7 +372,7 @@ server: + # with several entries, one file per entry. + # Zone file format, with DS and DNSKEY entries. + # Note this gets out of date, use auto-trust-anchor-file please. +- # trust-anchor-file: "" ++ trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@" + + # Trusted key for validation. DS or DNSKEY. specify the RR on a + # single line, surrounded by "". TTL is ignored. class is IN default. |