mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 22:57:08 +00:00
validate by default.
git-svn-id: file:///svn/unbound/trunk@563 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
parent
e8a709a315
commit
134db23ea8
@ -1,6 +1,8 @@
|
||||
29 August 2007: Wouter
|
||||
- test tool to sign rrsets for testing validator with.
|
||||
- added RSA and DSA test keys, public and private pairs, 512 bits.
|
||||
- default configuration is with validation enabled.
|
||||
Only a trust-anchor needs to be configured for DNSSEC to work.
|
||||
|
||||
28 August 2007: Wouter
|
||||
- removed double use for udp buffers, that could fail,
|
||||
|
@ -187,7 +187,8 @@ the portnumber will block other port numbers.
|
||||
Module configuration, a list of module names separated by spaces, surround
|
||||
the string with quotes (""). The modules can be validator, iterator.
|
||||
Setting this to "iterator" will result in a non-validating server.
|
||||
Setting this to "validator iterator" will turn on validation.
|
||||
Setting this to "validator iterator" will turn on DNSSEC validation.
|
||||
You must also set trust-anchors for validation to be useful.
|
||||
.It \fBtrust-anchor-file:\fR <filename>
|
||||
File with trusted keys for validation. Both DS and DNSKEY entries can appear
|
||||
in the file. The format of the file is the standard DNS Zone file format.
|
||||
|
@ -117,7 +117,7 @@ config_create()
|
||||
cfg->val_date_override = 0;
|
||||
cfg->val_clean_additional = 1;
|
||||
cfg->val_permissive_mode = 0;
|
||||
if(!(cfg->module_conf = strdup("iterator"))) goto error_exit;
|
||||
if(!(cfg->module_conf = strdup("validator iterator"))) goto error_exit;
|
||||
return cfg;
|
||||
error_exit:
|
||||
config_delete(cfg);
|
||||
|
Loading…
Reference in New Issue
Block a user