From 47bb2a62b5d584ca4a2e7228aa72a58fe1919f15 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Fri, 2 Dec 2011 15:01:25 +0000 Subject: main/unbound: update root.hints by default ref #848 --- main/unbound/APKBUILD | 16 ++++-- main/unbound/conf.patch | 19 +++++++ main/unbound/root.hints | 88 ++++++++++++++++++++++++++++++++ main/unbound/unbound-1.4.12-gentoo.patch | 12 ----- main/unbound/update-unbound-root-hints | 30 +++++++++++ 5 files changed, 149 insertions(+), 16 deletions(-) create mode 100644 main/unbound/conf.patch create mode 100644 main/unbound/root.hints delete mode 100644 main/unbound/unbound-1.4.12-gentoo.patch create mode 100644 main/unbound/update-unbound-root-hints (limited to 'main') diff --git a/main/unbound/APKBUILD b/main/unbound/APKBUILD index a539f83a2..26af1d8c0 100644 --- a/main/unbound/APKBUILD +++ b/main/unbound/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa pkgname=unbound pkgver=1.4.13 -pkgrel=2 +pkgrel=3 pkgdesc="Unbound is a validating, recursive, and caching DNS resolver" pkgusers="unbound" pkggroups="unbound" @@ -15,7 +15,9 @@ makedepends="$depends_dev python-dev swig" install="$pkgname.pre-install" subpackages="$pkgname-dev $pkgname-doc $pkgname-libs py-unbound:py" source="http://unbound.net/downloads/unbound-$pkgver.tar.gz - unbound-1.4.12-gentoo.patch + conf.patch + update-unbound-root-hints + root.hints unbound.initd" _builddir="$srcdir"/unbound-$pkgver @@ -61,7 +63,11 @@ package() { || return 1 install -m755 -D "$srcdir"/unbound.initd \ "$pkgdir"/etc/init.d/unbound || return 1 - install -d -o unbound -g unbound "$pkgdir"/var/run/unbound + install -d -o unbound -g unbound "$pkgdir"/var/run/unbound || return 1 + install -m644 "$srcdir"/root.hints "$pkgdir"/etc/unbound/ || return 1 + install -Dm755 "$srcdir"/update-unbound-root-hints \ + "$pkgdir"/etc/periodic/monthly/update-unbound-root-hints \ + || return 1 } libs() { @@ -77,5 +83,7 @@ py() { } md5sums="7e3b27dee2b97640dd2e1783253317ab unbound-1.4.13.tar.gz -a6d84d596e40da79fcd52529b7fb5046 unbound-1.4.12-gentoo.patch +32fe2914a2723142d3eae9ea556872d3 conf.patch +c1c71cd0e7f9630536a2abf2513c675d update-unbound-root-hints +d7a1cb305b7b5b72df4e574777f76723 root.hints ebf2b5f8e1be2c4dbec9c5fad1e0e0de unbound.initd" diff --git a/main/unbound/conf.patch b/main/unbound/conf.patch new file mode 100644 index 000000000..69e5be7e0 --- /dev/null +++ b/main/unbound/conf.patch @@ -0,0 +1,19 @@ +--- ./doc/example.conf.in.orig ++++ ./doc/example.conf.in +@@ -226,6 +226,7 @@ + # file to read root hints from. + # get one from ftp://FTP.INTERNIC.NET/domain/named.cache + # root-hints: "" ++ root-hints: /etc/unbound/root.hints + + # enable to not answer id.server and hostname.bind queries. + # hide-identity: no +@@ -338,7 +339,7 @@ + # with several entries, one file per entry. + # Zone file format, with DS and DNSKEY entries. + # Note this gets out of date, use auto-trust-anchor-file please. +- # trust-anchor-file: "" ++ # trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@" + + # Trusted key for validation. DS or DNSKEY. specify the RR on a + # single line, surrounded by "". TTL is ignored. class is IN default. diff --git a/main/unbound/root.hints b/main/unbound/root.hints new file mode 100644 index 000000000..8fbbb656b --- /dev/null +++ b/main/unbound/root.hints @@ -0,0 +1,88 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . " +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: Jun 8, 2011 +; related version of root zone: 2011060800 +; +; formerly NS.INTERNIC.NET +; +. 3600000 IN NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35 +; End of File diff --git a/main/unbound/unbound-1.4.12-gentoo.patch b/main/unbound/unbound-1.4.12-gentoo.patch deleted file mode 100644 index 579206897..000000000 --- a/main/unbound/unbound-1.4.12-gentoo.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur unbound-1.4.12.orig/doc/example.conf.in unbound-1.4.12/doc/example.conf.in ---- unbound-1.4.12.orig/doc/example.conf.in 2011-07-14 17:33:37.000000000 +0900 -+++ unbound-1.4.12/doc/example.conf.in 2011-07-16 10:01:06.644402341 +0900 -@@ -334,7 +334,7 @@ - # with several entries, one file per entry. - # Zone file format, with DS and DNSKEY entries. - # Note this gets out of date, use auto-trust-anchor-file please. -- # trust-anchor-file: "" -+ # trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@" - - # Trusted key for validation. DS or DNSKEY. specify the RR on a - # single line, surrounded by "". TTL is ignored. class is IN default. diff --git a/main/unbound/update-unbound-root-hints b/main/unbound/update-unbound-root-hints new file mode 100644 index 000000000..ee127ded3 --- /dev/null +++ b/main/unbound/update-unbound-root-hints @@ -0,0 +1,30 @@ +#!/bin/sh + +check_format() { + # check that we have some ipv4 addresses and some '.' hints + egrep -q '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]' "$1" \ + && egrep -q '^\.[[:space:]]+' "$1" +} + +ftphosts="FTP.INTERNIC.NET RS.INTERNIC.NET" +roothints=domain/named.cache +unbound_dir=/etc/unbound +outfile=$unbound_dir/root.hints + +if [ "$1" = "--verify" ]; then + if check_format $outfile; then + echo "$outfile: ok" + exit 0 + else + echo "$outfile: failed" + exit 1 + fi +fi + +for host in $ftphosts; do + url=ftp://$host/$roothints + if wget -q -O ${outfile}.new $url && check_format ${outfile}.new; then + mv ${outfile}.new $outfile && exit 0 + fi +done +exit 1 -- cgit v1.2.3