285830 |
23-Jul-2015 |
gjb |
- Copy stable/10@285827 to releng/10.2 in preparation for 10.2-RC1 builds. - Update newvers.sh to reflect RC1. - Update __FreeBSD_version to reflect 10.2. - Update default pkg(8) configuration to use the quarterly branch.[1]
Discussed with: re, portmgr [1] Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
285206 |
06-Jul-2015 |
des |
MFH (r276605, r282089): upgrade to latest Unbound MFH (r276699, r276702, r277057): local control socket MFH (r276599, r276612, r282087, r282088): build fixes
This brings in Unbound 1.5.3 from head. Local control sockets are now supported and will be used by default for new installations. Existing systems will continue to use TCP control sockets until the automated setup script is re-run ("service local_unbound setup") and the service restarted ("service local_unbound restart").
Approved by: re (kib) Relnotes: yes
|
271760 |
18-Sep-2014 |
des |
MFH (r271255): fix parsing of ipv6 nameserver lines
Approved by: re (kib)
|
269257 |
29-Jul-2014 |
des |
MFH (r266114, r266138): upgrade to latest ldns and unbound MFH (r266139-r266143, r266145, r266149, r266150): fix props MFH (r266179, r266180, r266193, r266238, r266777): misc cleanup MFH (r266863): create and use /var/unbound/conf.d MFH (r268839): import unblock-lan-zones patch from upstream MFH (r268840): fix reverse lookups on private networks MFH (r268883): avoid spamming source tree during build
PR: 190739 (for r268883)
|
256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
255826 |
23-Sep-2013 |
des |
Prevent resolvconf from updating /etc/resolv.conf. As Jakob Schlyter pointed out, having additional nameservers listed in /etc/resolv.conf can break DNSSEC verification by providing a false positive if unbound returns SERVFAIL due to an invalid signature. The downside is that the domain / search path won't get updated either, but we can live with that.
Approved by: re (blanket)
|
255819 |
23-Sep-2013 |
des |
Ensure that resolvconf(8) preserves the edns0 setting.
Approved by: re (blanket)
|
255809 |
23-Sep-2013 |
des |
Add a setup script for unbound(8) called local-unbound-setup. It generates a configuration suitable for running unbound as a caching forwarding resolver, and configures resolvconf(8) to update unbound's list of forwarders in addition to /etc/resolv.conf. The initial list is taken from the existing resolv.conf, which is rewritten to point to localhost. Alternatively, a list of forwarders can be provided on the command line.
To assist this script, add an rc.subr command called "enabled" which does nothing except return 0 if the service is enabled and 1 if it is not, without going through the usual checks. We should consider doing the same for "status", which is currently pointless.
Add an rc script for unbound, called local_unbound. If there is no configuration file, the rc script runs local-unbound-setup to generate one.
Note that these scripts place the unbound configuration files in /var/unbound rather than /etc/unbound. This is necessary so that unbound can reload its configuration while chrooted. We should probably provide symlinks in /etc.
Approved by: re (blanket)
|