diff options
| author | Eric Luehrsen <ericluehrsen@hotmail.com> | 2018-01-07 22:34:28 -0500 |
|---|---|---|
| committer | Eric Luehrsen <ericluehrsen@hotmail.com> | 2018-01-09 00:21:42 -0500 |
| commit | aa1a8358072a970ef2693b2e29de9858065d0d5b (patch) | |
| tree | 47d992bbb2318c078b093b612a7e77502009032c /net/unbound/files | |
| parent | 31f8c68e3e092c3c6f85d0422be709ac7e51c518 (diff) | |
unbound: fix uci for option domain-insecure:
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
Diffstat (limited to 'net/unbound/files')
| -rw-r--r-- | net/unbound/files/unbound.sh | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/net/unbound/files/unbound.sh b/net/unbound/files/unbound.sh index e0a1e5254..7e0043a2a 100644 --- a/net/unbound/files/unbound.sh +++ b/net/unbound/files/unbound.sh @@ -60,6 +60,8 @@ UNBOUND_TXT_DOMAIN=lan UNBOUND_TXT_FWD_ZONE="" UNBOUND_TXT_HOSTNAME=thisrouter +UNBOUND_LIST_INSECURE="" + ############################################################################## # keep track of local-domain: assignments during inserted resource records @@ -394,7 +396,7 @@ create_access_control() { ############################################################################## create_domain_insecure() { - echo " domain-insecure: \"$1\"" >> $UNBOUND_CONFFILE + UNBOUND_LIST_INSECURE="$UNBOUND_LIST_INSECURE $1" } ############################################################################## @@ -568,8 +570,7 @@ unbound_control() { ############################################################################## unbound_conf() { - local cfg="$1" - local rt_mem rt_conn modulestring + local rt_mem rt_conn modulestring domain # Make fresh conf file echo > $UNBOUND_CONFFILE @@ -862,9 +863,15 @@ unbound_conf() { fi - # Except and accept domains as insecure (DNSSEC); work around broken domains - config_list_foreach "$cfg" "domain_insecure" create_domain_insecure - echo >> $UNBOUND_CONFFILE + if [ -n "$UNBOUND_LIST_INSECURE" ] ; then + for domain in $UNBOUND_LIST_INSECURE ; do + # Except and accept domains without (DNSSEC); work around broken domains + echo " domain-insecure: \"$domain\"" >> $UNBOUND_CONFFILE + done + + + echo >> $UNBOUND_CONFFILE + fi } ############################################################################## @@ -1043,6 +1050,8 @@ unbound_uci() { config_get UNBOUND_TTL_MIN "$cfg" ttl_min 120 config_get UNBOUND_TXT_DOMAIN "$cfg" domain lan + config_list_foreach "$cfg" "domain_insecure" create_domain_insecure + UNBOUND_LIST_DOMAINS="nowhere $UNBOUND_TXT_DOMAIN" if [ "$UNBOUND_D_DHCP_LINK" = "none" ] ; then @@ -1163,6 +1172,7 @@ unbound_start() { unbound_access unbound_adblock + if [ "$UNBOUND_D_DHCP_LINK" = "dnsmasq" ] ; then dnsmasq_link else |