|
Lines 1-39
Link Here
|
| 1 |
--- contrib/aaaa-filter-iterator.patch.orig 2015-08-19 18:27:55.176868361 +0300 |
1 |
--- contrib/aaaa-filter-iterator.patch.orig 2016-01-04 12:57:42 UTC |
| 2 |
+++ contrib/aaaa-filter-iterator.patch 2015-08-19 18:28:04.744973136 +0300 |
2 |
+++ contrib/aaaa-filter-iterator.patch |
| 3 |
@@ -16,14 +16,14 @@ |
3 |
@@ -1,8 +1,10 @@ |
| 4 |
on your private network, and are not allowed to be returned for public |
4 |
---- unbound-1.4.17.orig/doc/unbound.conf.5.in |
| 5 |
--- unbound-1.4.17.orig/util/config_file.c |
5 |
-+++ unbound-1.4.17/doc/unbound.conf.5.in |
| 6 |
+++ unbound-1.4.17/util/config_file.c |
6 |
-@@ -519,6 +519,13 @@ authority servers and checks if the repl |
|
|
7 |
- Disabled by default. |
| 8 |
- This feature is an experimental implementation of draft dns\-0x20. |
| 9 |
+Index: trunk/doc/unbound.conf.5.in |
| 10 |
+=================================================================== |
| 11 |
+--- trunk/doc/unbound.conf.5.in (revision 3587) |
| 12 |
++++ trunk/doc/unbound.conf.5.in (working copy) |
| 13 |
+@@ -593,6 +593,13 @@ |
| 14 |
+ possible. Best effort approach, full QNAME and original QTYPE will be sent when |
| 15 |
+ upstream replies with a RCODE other than NOERROR. Default is off. |
| 16 |
.TP |
| 17 |
+.B aaaa\-filter: \fI<yes or no> |
| 18 |
+Activate behavior similar to BIND's AAAA-filter. |
| 19 |
@@ -13,20 +15,12 @@ |
| 20 |
+.TP |
| 21 |
.B private\-address: \fI<IP address or subnet> |
| 22 |
Give IPv4 of IPv6 addresses or classless subnets. These are addresses |
| 23 |
- on your private network, and are not allowed to be returned for public |
| 24 |
---- unbound-1.4.17.orig/util/config_file.c |
| 25 |
-+++ unbound-1.4.17/util/config_file.c |
| 7 |
-@@ -160,6 +160,7 @@ config_create(void) |
26 |
-@@ -160,6 +160,7 @@ config_create(void) |
| 8 |
- cfg->harden_below_nxdomain = 0; |
27 |
- cfg->harden_below_nxdomain = 0; |
| 9 |
+@@ -174,6 +174,7 @@ |
28 |
- cfg->harden_referral_path = 0; |
| 10 |
cfg->harden_referral_path = 0; |
29 |
- cfg->use_caps_bits_for_id = 0; |
| 11 |
+ cfg->harden_algo_downgrade = 1; |
30 |
-+ cfg->aaaa_filter = 0; /* ASN: default is disabled */ |
| 12 |
cfg->use_caps_bits_for_id = 0; |
31 |
- cfg->private_address = NULL; |
| 13 |
+ cfg->aaaa_filter = 0; /* ASN: default is disabled */ |
32 |
- cfg->private_domain = NULL; |
| 14 |
+ cfg->caps_whitelist = NULL; |
|
|
| 15 |
cfg->private_address = NULL; |
| 16 |
cfg->private_domain = NULL; |
| 17 |
- cfg->unwanted_threshold = 0; |
33 |
- cfg->unwanted_threshold = 0; |
| 18 |
--- unbound-1.4.17.orig/iterator/iter_scrub.c |
34 |
---- unbound-1.4.17.orig/iterator/iter_scrub.c |
| 19 |
+++ unbound-1.4.17/iterator/iter_scrub.c |
35 |
-+++ unbound-1.4.17/iterator/iter_scrub.c |
| 20 |
@@ -580,6 +580,32 @@ static int sanitize_nsec_is_overreach(st |
36 |
-@@ -580,6 +580,32 @@ static int sanitize_nsec_is_overreach(st |
| 21 |
@@ -329,15 +329,15 @@ |
37 |
+ on your private network, and are not allowed to be returned for |
|
|
38 |
+Index: trunk/iterator/iter_scrub.c |
| 39 |
+=================================================================== |
| 40 |
+--- trunk/iterator/iter_scrub.c (revision 3587) |
| 41 |
++++ trunk/iterator/iter_scrub.c (working copy) |
| 42 |
+@@ -617,6 +617,32 @@ |
| 43 |
} |
| 44 |
|
| 45 |
/** |
| 46 |
@@ -38,7 +32,7 @@ |
| 47 |
+ */ |
| 48 |
+static int |
| 49 |
+asn_lookup_a_record_from_cache(struct query_info* qinfo, |
| 50 |
-+ struct module_env* env, struct iter_env* ie) |
|
Lines 1-6
Link Here
|
| 1 |
etc/unbound/unbound.conf.sample |
1 |
etc/unbound/unbound.conf.sample |
| 2 |
include/unbound.h |
2 |
include/unbound.h |
| 3 |
lib/libunbound.so.2.3.8 |
3 |
lib/libunbound.so.2.3.10 |
| 4 |
lib/libunbound.so.2 |
4 |
lib/libunbound.so.2 |
| 5 |
lib/libunbound.so |
5 |
lib/libunbound.so |
| 6 |
lib/libunbound.a |
6 |
lib/libunbound.a |