This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 2aa15dee660214bfe4f402ff7c34c28b9bb068bc (commit)
from cd812106b19a146d175fc2e13efcdc68ad04754e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2aa15dee660214bfe4f402ff7c34c28b9bb068bc
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Dec 1 17:13:07 2016 +0000
unbound: Fix DNS forwarder test
The previous version aborted when the validation test
suceeded, but this is not always sufficient in case a
provider filters any DNSKEY, DS or RRSIG records.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/core/108/filelists/files | 1 +
config/rootfiles/core/108/update.sh | 3 +++
src/initscripts/init.d/unbound | 12 +++++++-----
3 files changed, 11 insertions(+), 5 deletions(-)
Difference in files:
diff --git a/config/rootfiles/core/108/filelists/files b/config/rootfiles/core/108/filelists/files
index 7ef09c4..6cce4ea 100644
--- a/config/rootfiles/core/108/filelists/files
+++ b/config/rootfiles/core/108/filelists/files
@@ -1,5 +1,6 @@
etc/system-release
etc/issue
+etc/rc.d/init.d/unbound
etc/syslog.conf
etc/unbound/unbound.conf
srv/web/ipfire/cgi-bin/fwhosts.cgi
diff --git a/config/rootfiles/core/108/update.sh b/config/rootfiles/core/108/update.sh
index 3874a6e..ba4a669 100644
--- a/config/rootfiles/core/108/update.sh
+++ b/config/rootfiles/core/108/update.sh
@@ -43,6 +43,9 @@ ldconfig
# Update Language cache
#/usr/local/bin/update-lang-cache
+# Reload unbound upstream name servers
+/etc/init.d/unbound update-forwarders
+
# Start services
/etc/init.d/sysklogd restart
if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound
index 1ecbf22..6c7be6c 100644
--- a/src/initscripts/init.d/unbound
+++ b/src/initscripts/init.d/unbound
@@ -259,9 +259,6 @@ test_name_server() {
# Exit when the server is not reachable
ns_is_online ${ns} || return 1
- # Return 0 if validating
- ns_is_validating ${ns} && return 0
-
local errors
for rr in DNSKEY DS RRSIG; do
if ! ns_forwards_${rr} ${ns}; then
@@ -274,8 +271,13 @@ test_name_server() {
return 3
fi
- # Is DNSSEC-aware
- return 2
+ if ns_is_validating ${ns}; then
+ # Return 0 if validating
+ return 0
+ else
+ # Is DNSSEC-aware
+ return 2
+ fi
}
# Sends an A query to the nameserver w/o DNSSEC
hooks/post-receive
--
IPFire 2.x development tree