FS#42644 - [ldns] Uses wrong anchor file
Attached to Project:
Arch Linux
Opened by Mantas Mikulėnas (grawity) - Saturday, 01 November 2014, 10:57 GMT
Last edited by Gaetan Bisson (vesath) - Friday, 07 November 2014, 06:21 GMT
Opened by Mantas Mikulėnas (grawity) - Saturday, 01 November 2014, 10:57 GMT
Last edited by Gaetan Bisson (vesath) - Friday, 07 November 2014, 06:21 GMT
|
Details
ldns currently depends on dnssec-anchors, which installs
"/etc/trusted-key.key"; however, tools such as `drill` are
looking for "/etc/unbound/root.key". Since there's no such
file, they don't validate responses at all.
(That file would be created by `unbound-anchor` from community/unbound, but even that won't happen because unbound is compiled to use dnssec-anchors "--with-rootkey-file=/etc/trusted-key.key".) The package should be built using "--with-trust-anchor=/etc/trusted-key.key" to fix this. |
This task depends upon
Closed by Gaetan Bisson (vesath)
Friday, 07 November 2014, 06:21 GMT
Reason for closing: Fixed
Additional comments about closing: ldns-1.6.17-2 in [testing]
Friday, 07 November 2014, 06:21 GMT
Reason for closing: Fixed
Additional comments about closing: ldns-1.6.17-2 in [testing]
Comment by Gaetan Bisson (vesath) -
Friday, 07 November 2014, 06:12 GMT
Thanks for noticing!