272461 |
03-Oct-2014 |
gjb |
Copy stable/10@r272459 to releng/10.1 as part of the 10.1-RELEASE process.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
271760 |
18-Sep-2014 |
des |
MFH (r271255): fix parsing of ipv6 nameserver lines
Approved by: re (kib)
|
269257 |
29-Jul-2014 |
des |
MFH (r266114, r266138): upgrade to latest ldns and unbound MFH (r266139-r266143, r266145, r266149, r266150): fix props MFH (r266179, r266180, r266193, r266238, r266777): misc cleanup MFH (r266863): create and use /var/unbound/conf.d MFH (r268839): import unblock-lan-zones patch from upstream MFH (r268840): fix reverse lookups on private networks MFH (r268883): avoid spamming source tree during build
PR: 190739 (for r268883)
|
256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
255826 |
23-Sep-2013 |
des |
Prevent resolvconf from updating /etc/resolv.conf. As Jakob Schlyter pointed out, having additional nameservers listed in /etc/resolv.conf can break DNSSEC verification by providing a false positive if unbound returns SERVFAIL due to an invalid signature. The downside is that the domain / search path won't get updated either, but we can live with that.
Approved by: re (blanket)
|
255819 |
23-Sep-2013 |
des |
Ensure that resolvconf(8) preserves the edns0 setting.
Approved by: re (blanket)
|
255809 |
23-Sep-2013 |
des |
Add a setup script for unbound(8) called local-unbound-setup. It generates a configuration suitable for running unbound as a caching forwarding resolver, and configures resolvconf(8) to update unbound's list of forwarders in addition to /etc/resolv.conf. The initial list is taken from the existing resolv.conf, which is rewritten to point to localhost. Alternatively, a list of forwarders can be provided on the command line.
To assist this script, add an rc.subr command called "enabled" which does nothing except return 0 if the service is enabled and 1 if it is not, without going through the usual checks. We should consider doing the same for "status", which is currently pointless.
Add an rc script for unbound, called local_unbound. If there is no configuration file, the rc script runs local-unbound-setup to generate one.
Note that these scripts place the unbound configuration files in /var/unbound rather than /etc/unbound. This is necessary so that unbound can reload its configuration while chrooted. We should probably provide symlinks in /etc.
Approved by: re (blanket)
|
255602 |
15-Sep-2013 |
des |
Set NO_WERROR for unbound until I can figure out how to unbreak the non-clang build.
Approved by: re (blanket)
|
255597 |
15-Sep-2013 |
des |
Build and install the Unbound caching DNS resolver daemon.
Approved by: re (blanket)
|