From: Wouter Wijngaards Date: Mon, 2 Jun 2008 13:14:12 +0000 (+0000) Subject: bug184 fixed. X-Git-Tag: release-1.0.1~48 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=725929734ebb475d68b82574b89901a27447b097;p=thirdparty%2Funbound.git bug184 fixed. git-svn-id: file:///svn/unbound/trunk@1104 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index cf67db986..1b7f8021f 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -17,6 +17,9 @@ manually with ./configure libtool=mylibtool or set $libtool in the environment. - update of the ldns tarball to current ldns svn version (fix 181). + - bug 184: -r option for unbound-host, read resolv.conf for + forwarder. (Note that forwarder must support DNSSEC for validation + to succeed). 23 May 2008: Wouter - mingw32 porting. diff --git a/doc/unbound-host.1 b/doc/unbound-host.1 index b39f3e077..dccc0c156 100644 --- a/doc/unbound-host.1 +++ b/doc/unbound-host.1 @@ -14,7 +14,7 @@ .SH "SYNOPSIS" .LP .B unbound\-host -.RB [ \-vdh ] +.RB [ \-vdhr ] .RB [ \-c .IR class ] .RB [ \-t @@ -81,6 +81,12 @@ are read. .B \-C \fIconfigfile Uses the specified unbound.conf to prime .IR libunbound (3). +.TP +.B \-r +Read /etc/resolv.conf, and use the forward DNS servers from there (those could +have been set by DHCP). More info in +.IR resolv.conf (5). +Breaks validation if those servers do not support DNSSEC. .SH "EXAMPLES" .LP Some examples of use. The keys shown below are fakes, thus a security failure diff --git a/smallapp/unbound-host.c b/smallapp/unbound-host.c index 480f7ab96..f7949906a 100644 --- a/smallapp/unbound-host.c +++ b/smallapp/unbound-host.c @@ -51,7 +51,7 @@ static int verb = 0; static void usage() { - printf("Usage: unbound-host [-vdh] [-c class] [-t type] hostname\n"); + printf("Usage: unbound-host [-vdhr] [-c class] [-t type] hostname\n"); printf(" [-y key] [-f keyfile] [-F namedkeyfile]\n"); printf(" [-C configfile]\n"); printf(" Queries the DNS for information.\n"); @@ -65,6 +65,8 @@ usage() printf(" -f keyfile read trust anchors from file, with lines as -y.\n"); printf(" -F keyfile read named.conf-style trust anchors.\n"); printf(" -C config use the specified unbound.conf\n"); + printf(" -r read forwarder information from /etc/resolv.conf\n"); + printf(" breaks validation if the fwder does not do DNSSEC.\n"); printf(" -v be more verbose, shows nodata and security.\n"); printf(" -d debug, traces the action, -d -d shows more.\n"); printf(" -h show this usage help.\n"); @@ -411,7 +413,7 @@ int main(int argc, char* argv[]) } /* parse the options */ - while( (c=getopt(argc, argv, "F:c:df:ht:vy:C:")) != -1) { + while( (c=getopt(argc, argv, "F:c:df:hrt:vy:C:")) != -1) { switch(c) { case 'c': qclass = optarg; @@ -425,6 +427,9 @@ int main(int argc, char* argv[]) debuglevel = 2; /* at least VERB_DETAIL */ check_ub_res(ub_ctx_debuglevel(ctx, debuglevel)); break; + case 'r': + check_ub_res(ub_ctx_resolvconf(ctx, "/etc/resolv.conf")); + break; case 't': qtype = optarg; break;