aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/unbound/APKBUILD16
-rw-r--r--main/unbound/conf.patch (renamed from main/unbound/unbound-1.4.12-gentoo.patch)15
-rw-r--r--main/unbound/root.hints88
-rw-r--r--main/unbound/update-unbound-root-hints30
4 files changed, 141 insertions, 8 deletions
diff --git a/main/unbound/APKBUILD b/main/unbound/APKBUILD
index a539f83a26..26af1d8c0a 100644
--- a/main/unbound/APKBUILD
+++ b/main/unbound/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=unbound
pkgver=1.4.13
-pkgrel=2
+pkgrel=3
pkgdesc="Unbound is a validating, recursive, and caching DNS resolver"
pkgusers="unbound"
pkggroups="unbound"
@@ -15,7 +15,9 @@ makedepends="$depends_dev python-dev swig"
install="$pkgname.pre-install"
subpackages="$pkgname-dev $pkgname-doc $pkgname-libs py-unbound:py"
source="http://unbound.net/downloads/unbound-$pkgver.tar.gz
- unbound-1.4.12-gentoo.patch
+ conf.patch
+ update-unbound-root-hints
+ root.hints
unbound.initd"
_builddir="$srcdir"/unbound-$pkgver
@@ -61,7 +63,11 @@ package() {
|| return 1
install -m755 -D "$srcdir"/unbound.initd \
"$pkgdir"/etc/init.d/unbound || return 1
- install -d -o unbound -g unbound "$pkgdir"/var/run/unbound
+ install -d -o unbound -g unbound "$pkgdir"/var/run/unbound || return 1
+ install -m644 "$srcdir"/root.hints "$pkgdir"/etc/unbound/ || return 1
+ install -Dm755 "$srcdir"/update-unbound-root-hints \
+ "$pkgdir"/etc/periodic/monthly/update-unbound-root-hints \
+ || return 1
}
libs() {
@@ -77,5 +83,7 @@ py() {
}
md5sums="7e3b27dee2b97640dd2e1783253317ab unbound-1.4.13.tar.gz
-a6d84d596e40da79fcd52529b7fb5046 unbound-1.4.12-gentoo.patch
+32fe2914a2723142d3eae9ea556872d3 conf.patch
+c1c71cd0e7f9630536a2abf2513c675d update-unbound-root-hints
+d7a1cb305b7b5b72df4e574777f76723 root.hints
ebf2b5f8e1be2c4dbec9c5fad1e0e0de unbound.initd"
diff --git a/main/unbound/unbound-1.4.12-gentoo.patch b/main/unbound/conf.patch
index 5792068978..69e5be7e02 100644
--- a/main/unbound/unbound-1.4.12-gentoo.patch
+++ b/main/unbound/conf.patch
@@ -1,7 +1,14 @@
-diff -Naur unbound-1.4.12.orig/doc/example.conf.in unbound-1.4.12/doc/example.conf.in
---- unbound-1.4.12.orig/doc/example.conf.in 2011-07-14 17:33:37.000000000 +0900
-+++ unbound-1.4.12/doc/example.conf.in 2011-07-16 10:01:06.644402341 +0900
-@@ -334,7 +334,7 @@
+--- ./doc/example.conf.in.orig
++++ ./doc/example.conf.in
+@@ -226,6 +226,7 @@
+ # file to read root hints from.
+ # get one from ftp://FTP.INTERNIC.NET/domain/named.cache
+ # root-hints: ""
++ root-hints: /etc/unbound/root.hints
+
+ # enable to not answer id.server and hostname.bind queries.
+ # hide-identity: no
+@@ -338,7 +339,7 @@
# with several entries, one file per entry.
# Zone file format, with DS and DNSKEY entries.
# Note this gets out of date, use auto-trust-anchor-file please.
diff --git a/main/unbound/root.hints b/main/unbound/root.hints
new file mode 100644
index 0000000000..8fbbb656b2
--- /dev/null
+++ b/main/unbound/root.hints
@@ -0,0 +1,88 @@
+; This file holds the information on root name servers needed to
+; initialize cache of Internet domain name servers
+; (e.g. reference this file in the "cache . <file>"
+; configuration file of BIND domain name servers).
+;
+; This file is made available by InterNIC
+; under anonymous FTP as
+; file /domain/named.cache
+; on server FTP.INTERNIC.NET
+; -OR- RS.INTERNIC.NET
+;
+; last update: Jun 8, 2011
+; related version of root zone: 2011060800
+;
+; formerly NS.INTERNIC.NET
+;
+. 3600000 IN NS A.ROOT-SERVERS.NET.
+A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
+A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
+;
+; FORMERLY NS1.ISI.EDU
+;
+. 3600000 NS B.ROOT-SERVERS.NET.
+B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
+;
+; FORMERLY C.PSI.NET
+;
+. 3600000 NS C.ROOT-SERVERS.NET.
+C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
+;
+; FORMERLY TERP.UMD.EDU
+;
+. 3600000 NS D.ROOT-SERVERS.NET.
+D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
+D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D
+;
+; FORMERLY NS.NASA.GOV
+;
+. 3600000 NS E.ROOT-SERVERS.NET.
+E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
+;
+; FORMERLY NS.ISC.ORG
+;
+. 3600000 NS F.ROOT-SERVERS.NET.
+F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
+F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F
+;
+; FORMERLY NS.NIC.DDN.MIL
+;
+. 3600000 NS G.ROOT-SERVERS.NET.
+G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
+;
+; FORMERLY AOS.ARL.ARMY.MIL
+;
+. 3600000 NS H.ROOT-SERVERS.NET.
+H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
+H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235
+;
+; FORMERLY NIC.NORDU.NET
+;
+. 3600000 NS I.ROOT-SERVERS.NET.
+I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
+I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53
+;
+; OPERATED BY VERISIGN, INC.
+;
+. 3600000 NS J.ROOT-SERVERS.NET.
+J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
+J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
+;
+; OPERATED BY RIPE NCC
+;
+. 3600000 NS K.ROOT-SERVERS.NET.
+K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
+K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1
+;
+; OPERATED BY ICANN
+;
+. 3600000 NS L.ROOT-SERVERS.NET.
+L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
+L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
+;
+; OPERATED BY WIDE
+;
+. 3600000 NS M.ROOT-SERVERS.NET.
+M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
+M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35
+; End of File
diff --git a/main/unbound/update-unbound-root-hints b/main/unbound/update-unbound-root-hints
new file mode 100644
index 0000000000..ee127ded37
--- /dev/null
+++ b/main/unbound/update-unbound-root-hints
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+check_format() {
+ # check that we have some ipv4 addresses and some '.' hints
+ egrep -q '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]' "$1" \
+ && egrep -q '^\.[[:space:]]+' "$1"
+}
+
+ftphosts="FTP.INTERNIC.NET RS.INTERNIC.NET"
+roothints=domain/named.cache
+unbound_dir=/etc/unbound
+outfile=$unbound_dir/root.hints
+
+if [ "$1" = "--verify" ]; then
+ if check_format $outfile; then
+ echo "$outfile: ok"
+ exit 0
+ else
+ echo "$outfile: failed"
+ exit 1
+ fi
+fi
+
+for host in $ftphosts; do
+ url=ftp://$host/$roothints
+ if wget -q -O ${outfile}.new $url && check_format ${outfile}.new; then
+ mv ${outfile}.new $outfile && exit 0
+ fi
+done
+exit 1