bug184 fixed.

git-svn-id: file:///svn/unbound/trunk@1104 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index cf67db986363bf1725f2c8b7645a49d360045eab..1b7f8021fb994e68215444822c9f4feed525f501 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -17,6 +17,9 @@
            manually with ./configure libtool=mylibtool or set $libtool in
            the environment.
        - update of the ldns tarball to current ldns svn version (fix 181).
+       - bug 184: -r option for unbound-host, read resolv.conf for 
+         forwarder. (Note that forwarder must support DNSSEC for validation
+         to succeed).
 
 23 May 2008: Wouter
        - mingw32 porting.

diff --git a/doc/unbound-host.1 b/doc/unbound-host.1
index b39f3e0770c5b878f361177ec47fb214eae47059..dccc0c156c402977381fa1b5354a91fd469d7d00 100644 (file)
--- a/doc/unbound-host.1
+++ b/doc/unbound-host.1
@@ -14,7 +14,7 @@
 .SH "SYNOPSIS"
 .LP
 .B unbound\-host
-.RB [ \-vdh ]
+.RB [ \-vdhr ]
 .RB [ \-c 
 .IR class ]
 .RB [ \-t
@@ -81,6 +81,12 @@ are read.
 .B \-C \fIconfigfile
 Uses the specified unbound.conf to prime
 .IR libunbound (3).
+.TP
+.B \-r
+Read /etc/resolv.conf, and use the forward DNS servers from there (those could
+have been set by DHCP).  More info in
+.IR resolv.conf (5).
+Breaks validation if those servers do not support DNSSEC.
 .SH "EXAMPLES"
 .LP
 Some examples of use. The keys shown below are fakes, thus a security failure

diff --git a/smallapp/unbound-host.c b/smallapp/unbound-host.c
index 480f7ab969ca0b3766a19f2ffeb783be52284f8c..f7949906ae4de627630801122d1f817c602c8837 100644 (file)
--- a/smallapp/unbound-host.c
+++ b/smallapp/unbound-host.c
@@ -51,7 +51,7 @@ static int verb = 0;
 static void
 usage()
 {
-       printf("Usage:  unbound-host [-vdh] [-c class] [-t type] hostname\n");
+       printf("Usage:  unbound-host [-vdhr] [-c class] [-t type] hostname\n");
        printf("                     [-y key] [-f keyfile] [-F namedkeyfile]\n");
        printf("                     [-C configfile]\n");
        printf("  Queries the DNS for information.\n");
@@ -65,6 +65,8 @@ usage()
        printf("    -f keyfile          read trust anchors from file, with lines as -y.\n");
        printf("    -F keyfile          read named.conf-style trust anchors.\n");
        printf("    -C config           use the specified unbound.conf\n");
+       printf("    -r                  read forwarder information from /etc/resolv.conf\n");
+       printf("                        breaks validation if the fwder does not do DNSSEC.\n");
        printf("    -v                  be more verbose, shows nodata and security.\n");
        printf("    -d                  debug, traces the action, -d -d shows more.\n");
        printf("    -h                  show this usage help.\n");
@@ -411,7 +413,7 @@ int main(int argc, char* argv[])
        }
 
        /* parse the options */
-       while( (c=getopt(argc, argv, "F:c:df:ht:vy:C:")) != -1) {
+       while( (c=getopt(argc, argv, "F:c:df:hrt:vy:C:")) != -1) {
                switch(c) {
                case 'c':
                        qclass = optarg;
@@ -425,6 +427,9 @@ int main(int argc, char* argv[])
                                debuglevel = 2; /* at least VERB_DETAIL */
                        check_ub_res(ub_ctx_debuglevel(ctx, debuglevel));
                        break;
+               case 'r':
+                       check_ub_res(ub_ctx_resolvconf(ctx, "/etc/resolv.conf"));
+                       break;
                case 't':
                        qtype = optarg;
                        break;