The previous version aborted when the validation test
suceeded, but this is not always sufficient in case a
provider filters any DNSKEY, DS or RRSIG records.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
etc/system-release
etc/issue
+etc/rc.d/init.d/unbound
etc/syslog.conf
etc/unbound/unbound.conf
srv/web/ipfire/cgi-bin/fwhosts.cgi
# Update Language cache
#/usr/local/bin/update-lang-cache
+# Reload unbound upstream name servers
+/etc/init.d/unbound update-forwarders
+
# Start services
/etc/init.d/sysklogd restart
if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
# Exit when the server is not reachable
ns_is_online ${ns} || return 1
- # Return 0 if validating
- ns_is_validating ${ns} && return 0
-
local errors
for rr in DNSKEY DS RRSIG; do
if ! ns_forwards_${rr} ${ns}; then
return 3
fi
- # Is DNSSEC-aware
- return 2
+ if ns_is_validating ${ns}; then
+ # Return 0 if validating
+ return 0
+ else
+ # Is DNSSEC-aware
+ return 2
+ fi
}
# Sends an A query to the nameserver w/o DNSSEC