- Change aggressive-nsec default to yes.
- Merge PR #617: Update stub/forward-host notation to accept port and
tls-auth-name.
+ - Update stream_ssl test to also use the new forward-host notation.
1 February 2022: George
- Merge PR #603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA
forward-zone:
name: "."
forward-addr: "127.0.0.1@@SERVPORT@#unbound"
+
+forward-zone:
+ name: "test.host."
+ forward-host: "unbound.server@@SERVPORT@#unbound"
username: ""
do-not-query-localhost: yes
local-data: "www.example.com. IN A 10.20.30.40"
+ local-data: "unbound.server. IN A 127.0.0.1"
+ local-data: "test.host. IN A 1.2.3.4"
ssl-port: @SERVPORT@
ssl-service-key: "unbound_server.key"
ssl-service-pem: "unbound_server.pem"
exit 1
fi
+rm -f outfile
+
+# test client unbound (no SSL towards it, but it does SSL to the SSL service)
+# test that forward-host notation also works.
+echo "> dig test.host. A IN"
+dig @127.0.0.1 -p $CLIE_PORT test.host. >outfile 2>&1
+if test "$?" -ne 0; then
+ echo "exit status not OK"
+ echo "> cat logfiles"
+ cat outfile
+ echo "SSLSERVICE"
+ cat unboundserv.log
+ echo "SSLCLIENT"
+ cat unboundclie.log
+ echo "Not OK"
+ exit 1
+else
+ echo "exit status OK"
+fi
+echo "> cat logfiles"
+cat outfile
+echo "SSLSERVICE"
+cat unboundserv.log
+echo "SSLCLIENT"
+cat unboundclie.log
+echo "> check answer"
+if grep "1.2.3.4" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+rm -f outfile
exit 0
projects / thirdparty / unbound.git / commitdiff
