#
356345 |
|
04-Jan-2020 |
cy |
MFC r333552,333558-333568,333573,338568-338569,339275,339278,339294,340037, r349720,356228:
r333552 (des):
Upgrade Unbound to 1.6.0. More to follow.
r333558 (des):
Upgrade Unbound to 1.6.1. More to follow.
r333559 (des):
Upgrade Unbound to 1.6.2. More to follow.
r333560 (des):
Upgrade Unbound to 1.6.3. More to follow.
r333561 (des):
Upgrade Unbound to 1.6.4. More to follow.
r333562 (des):
Upgrade Unbound to 1.6.5. More to follow.
r333563 (des):
Upgrade Unbound to 1.6.6. More to follow.
r333564 (des):
Upgrade Unbound to 1.6.7. More to follow.
r333565 (des):
No reason to keep this around.
r333566 (des):
Upgrade Unbound to 1.6.8. More to follow.
r333567 (des):
Upgrade Unbound to 1.7.0. More to follow.
r333568 (des):
Upgrade Unbound to 1.7.1.
r333573 (des):
Rename all Unbound binaries and man pages from unbound* to local-unbound*.
PR: 222902
r338568 (des):
Upgrade Unbound to 1.7.2. More to follow.
r338569 (des):
Upgrade Unbound to 1.7.3. More to follow.
r339275 (des):
Upgrade Unbound to 1.8.0. More to follow.
r339278 (des):
Upgrade to 1.8.1.
r339294 (des):
Try harder to sanitize the environment before running configure. Remove a workaround for older Unbound versions that used sbrk.
r340037 (des):
Merge upstream r4932: turn so-reuseport option off by default.
r349720 (des):
Upgrade Unbound to 1.9.2.
MFC r356228 (cy): MFV r356143:
Update unbound 1.9.2 --> 1.9.6.
Security: CVE-2017-15105 (fixed by 1.6.7) CVE-2019-18934 (fixed by 1.9.5)
|
#
255809 |
|
23-Sep-2013 |
des |
Add a setup script for unbound(8) called local-unbound-setup. It generates a configuration suitable for running unbound as a caching forwarding resolver, and configures resolvconf(8) to update unbound's list of forwarders in addition to /etc/resolv.conf. The initial list is taken from the existing resolv.conf, which is rewritten to point to localhost. Alternatively, a list of forwarders can be provided on the command line.
To assist this script, add an rc.subr command called "enabled" which does nothing except return 0 if the service is enabled and 1 if it is not, without going through the usual checks. We should consider doing the same for "status", which is currently pointless.
Add an rc script for unbound, called local_unbound. If there is no configuration file, the rc script runs local-unbound-setup to generate one.
Note that these scripts place the unbound configuration files in /var/unbound rather than /etc/unbound. This is necessary so that unbound can reload its configuration while chrooted. We should probably provide symlinks in /etc.
Approved by: re (blanket)
|