send_ok(ssl);
}
+static void
+do_insecure_list(SSL* ssl, struct worker* worker)
+{
+ char buf[257];
+ struct trust_anchor* a;
+ if(worker->env.anchors) {
+ RBTREE_FOR(a, struct trust_anchor*, worker->env.anchors->tree) {
+ if(a->numDS == 0 && a->numDNSKEY == 0) {
+ dname_str(a->name, buf);
+ ssl_printf(ssl, "%s\n", buf);
+ }
+ }
+ }
+}
+
/** do the status command */
static void
do_status(SSL* ssl, struct worker* worker)
} else if(cmdcmp(p, "list_stubs", 10)) {
do_list_stubs(ssl, worker);
return;
+ } else if(cmdcmp(p, "list_insecure", 13)) {
+ do_insecure_list(ssl, worker);
+ return;
} else if(cmdcmp(p, "list_local_zones", 16)) {
do_list_local_zones(ssl, worker);
return;
The file has to be writable to notice the trust anchor change,
without it, a trust anchor change will be unnoticed and the system
will then become inoperable.
+ - unbound-control list_insecure command shows the negative trust
+ anchors currently configured, patch from Jelte Jansen.
2 April 2015: Wouter
- Fix #660: Fix interface-automatic broken in the presence of
.B list_forwards
List the forward zones in use. These are printed zone by zone to the output.
.TP
+.B list_insecure
+List the zones with domain\-insecure.
+.TP
.B list_local_zones
List the local zones in use. These are printed one per line with zone type.
.TP
printf(" get_option opt get option value\n");
printf(" list_stubs list stub-zones and root hints in use\n");
printf(" list_forwards list forward-zones in use\n");
+ printf(" list_insecure list domain-insecure zones\n");
printf(" list_local_zones list local-zones in use\n");
printf(" list_local_data list local-data RRs in use\n");
printf(" insecure_add zone add domain-insecure zone\n");
projects / thirdparty / unbound.git / commitdiff
