Tree - rpms/dnssec-trigger - src.fedoraproject.org

rpms / dnssec-trigger

Overview Files Commits Branches Forks Releases

Monitoring status:

Bugzilla Assignee:

Fedora:: pwouters
EPEL:: pwouters

Files

Commit: 97da47c209516605f365b657f02f20b2b8f69268

Blob Blame History Raw

From 96b32c7a3494e214998f53fe69503667ada8ea46 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Mon, 12 Oct 2020 23:25:43 +0200
Subject: [PATCH 4/5] Add options edns0 and trust-ad

SSH uses AD flag only when edns0 is enabled in resolv.conf. Unbound of
course supports it, no need to keep it disabled.

Add also trust-ad for more recent libraries, which discard AD flag
without explicit trust.

Patch: dnssec-trigger-0.15-edns0.patch
---
 dnssec-trigger-script.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dnssec-trigger-script.in b/dnssec-trigger-script.in
index 14d9278..1c6f581 100644
--- a/dnssec-trigger-script.in
+++ b/dnssec-trigger-script.in
@@ -421,7 +421,7 @@ class Application:
     resolvconf_trigger_tmp = resolvconf_trigger + ".tmp"
     resolvconf_networkmanager = "/var/run/NetworkManager/resolv.conf"
 
-    resolvconf_localhost_contents = "# Generated by dnssec-trigger-script\nnameserver 127.0.0.1\n"
+    resolvconf_localhost_contents = "# Generated by dnssec-trigger-script\nnameserver 127.0.0.1\noptions edns0 trust-ad\n"
 
     rfc1918_reverse_zones = [
         "c.f.ip6.arpa",
-- 
2.26.2

rpms / dnssec-trigger

Source Code

Files