From: Yorgos Thessalonikefs <yorgos@nlnetlabs.nl>
Date: Tue, 14 Jan 2025 16:18:32 +0000 (+0100)
Subject: - Add resolver.arpa and service.arpa to the default locally served
X-Git-Tag: release-1.23.0rc1~70
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=f52b2a6ea251749bb7c85e2074a6c17e28d2ae81;p=thirdparty%2Funbound.git

- Add resolver.arpa and service.arpa to the default locally served
  zones.
---

diff --git a/doc/Changelog b/doc/Changelog
index f55fb05ed..7ffc59e0c 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,7 @@
+14 January 2025: Yorgos
+	- Add resolver.arpa and service.arpa to the default locally served
+	  zones.
+
 13 January 2025: Yorgos
 	- Fix #1213: Misleading error message on default access control causing
 	  refuse.
diff --git a/doc/example.conf.in b/doc/example.conf.in
index 33e12f180..de73d0044 100644
--- a/doc/example.conf.in
+++ b/doc/example.conf.in
@@ -811,6 +811,8 @@ server:
 	# local-zone: "127.in-addr.arpa." nodefault
 	# local-zone: "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa." nodefault
 	# local-zone: "home.arpa." nodefault
+	# local-zone: "resolver.arpa." nodefault
+	# local-zone: "service.arpa." nodefault
 	# local-zone: "onion." nodefault
 	# local-zone: "test." nodefault
 	# local-zone: "invalid." nodefault
diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in
index 4d1fb13f8..b6eb4493c 100644
--- a/doc/unbound.conf.5.in
+++ b/doc/unbound.conf.5.in
@@ -1638,6 +1638,7 @@ given zone.  Use \fInodefault\fR if you use exactly that zone, if you want to
 use a subzone, use \fItransparent\fR.
 .P
 The default zones are localhost, reverse 127.0.0.1 and ::1, the home.arpa,
+the resolver.arpa, the service.arpa,
 the onion, test, invalid and the AS112 zones. The AS112 zones are reverse
 DNS zones for private use and reserved IP addresses for which the servers
 on the internet cannot provide correct answers. They are configured by
@@ -1693,6 +1694,24 @@ local\-data: "home.arpa. 10800 IN
     SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
 .fi
 .TP 10
+\h'5'\fIresolver.arpa (RFC 8375)\fR
+Default content:
+.nf
+local\-zone: "resolver.arpa." static
+local\-data: "resolver.arpa. 10800 IN NS localhost."
+local\-data: "resolver.arpa. 10800 IN
+    SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
+.fi
+.TP 10
+\h'5'\fIservice.arpa (draft-ietf-dnssd-srp-25)\fR
+Default content:
+.nf
+local\-zone: "service.arpa." static
+local\-data: "service.arpa. 10800 IN NS localhost."
+local\-data: "service.arpa. 10800 IN
+    SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
+.fi
+.TP 10
 \h'5'\fIonion (RFC 7686)\fR
 Default content:
 .nf
diff --git a/services/localzone.c b/services/localzone.c
index aa7138d6a..4ff30fd26 100644
--- a/services/localzone.c
+++ b/services/localzone.c
@@ -943,6 +943,16 @@ int local_zone_enter_defaults(struct local_zones* zones, struct config_file* cfg
 		log_err("out of memory adding default zone");
 		return 0;
 	}
+	/* resolver.arpa. zone (RFC 9462) */
+	if(!add_empty_default(zones, cfg, "resolver.arpa.")) {
+		log_err("out of memory adding default zone");
+		return 0;
+	}
+	/* service.arpa. zone (draft-ietf-dnssd-srp-25) */
+	if(!add_empty_default(zones, cfg, "service.arpa.")) {
+		log_err("out of memory adding default zone");
+		return 0;
+	}
 	/* onion. zone (RFC 7686) */
 	if(!add_empty_default(zones, cfg, "onion.")) {
 		log_err("out of memory adding default zone");