diff options
| author | Chris Buechler <cmb@pfsense.org> | 2015-03-05 19:35:12 -0600 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2015-03-05 19:35:59 -0600 |
| commit | 73cdd9f0caa9fb3caad6f4d83f4fb31dfc209d62 (patch) | |
| tree | 64a3c5ba7b15f1859ec20bca476e7fbc59ef8698 | |
| parent | 5ec3f37fcfeb08b6c69ce1c37937de7be9260b25 (diff) | |
| download | pfsense-73cdd9f0caa9fb3caad6f4d83f4fb31dfc209d62.zip pfsense-73cdd9f0caa9fb3caad6f4d83f4fb31dfc209d62.tar.gz | |
Remove the harden-glue option entirely and hard code it to yes. Ticket #4402
| -rw-r--r-- | conf.default/config.xml | 1 | ||||
| -rw-r--r-- | etc/inc/unbound.inc | 3 | ||||
| -rw-r--r-- | usr/local/www/services_unbound_advanced.php | 15 |
3 files changed, 1 insertions, 18 deletions
diff --git a/conf.default/config.xml b/conf.default/config.xml index 1a6b2e2..d79c3f6 100644 --- a/conf.default/config.xml +++ b/conf.default/config.xml @@ -274,7 +274,6 @@ <custom_options/> <hideidentity/> <hideversion/> - <hardenglue/> <dnssecstripped/> </unbound> </pfsense> diff --git a/etc/inc/unbound.inc b/etc/inc/unbound.inc index bbe8027..61e5a9a 100644 --- a/etc/inc/unbound.inc +++ b/etc/inc/unbound.inc @@ -205,7 +205,6 @@ EOF; $port = (is_port($config['unbound']['port'])) ? $config['unbound']['port'] : "53"; $hide_identity = isset($config['unbound']['hideidentity']) ? "yes" : "no"; $hide_version = isset($config['unbound']['hideversion']) ? "yes" : "no"; - $harden_glue = isset($config['unbound']['hardenglue']) ? "yes" : "no"; $harden_dnssec_stripped = isset($config['unbound']['dnssecstripped']) ? "yes" : "no"; $prefetch = isset($config['unbound']['prefetch']) ? "yes" : "no"; $prefetch_key = isset($config['unbound']['prefetchkey']) ? "yes" : "no"; @@ -277,7 +276,7 @@ port: {$port} verbosity: {$verbosity} hide-identity: {$hide_identity} hide-version: {$hide_version} -harden-glue: {$harden_glue} +harden-glue: yes do-ip4: yes do-ip6: yes do-udp: yes diff --git a/usr/local/www/services_unbound_advanced.php b/usr/local/www/services_unbound_advanced.php index 0bd7bfc..56c52b6 100644 --- a/usr/local/www/services_unbound_advanced.php +++ b/usr/local/www/services_unbound_advanced.php @@ -58,9 +58,6 @@ if (isset($config['unbound']['prefetch'])) { if (isset($config['unbound']['prefetchkey'])) { $pconfig['prefetchkey'] = true; } -if (isset($config['unbound']['hardenglue'])) { - $pconfig['hardenglue'] = true; -} if (isset($config['unbound']['dnssecstripped'])) { $pconfig['dnssecstripped'] = true; } @@ -153,11 +150,6 @@ if ($_POST) { } else { unset($config['unbound']['prefetchkey']); } - if (isset($_POST['hardenglue'])) { - $config['unbound']['hardenglue'] = true; - } else { - unset($config['unbound']['hardenglue']); - } if (isset($_POST['dnssecstripped'])) { $config['unbound']['dnssecstripped'] = true; } else { @@ -258,13 +250,6 @@ include_once("head.inc"); </td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Harden Glue");?></td> - <td width="78%" class="vtable"> - <input name="hardenglue" type="checkbox" id="hardenglue" value="yes" <?php if (isset($pconfig['hardenglue'])) echo "checked=\"checked\"";?> /><br /> - <?=gettext("Only trust glue if it is within the server's authority.");?> - </td> - </tr> - <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Harden DNSSEC data");?></td> <td width="78%" class="vtable"> <input name="dnssecstripped" type="checkbox" id="dnssecstripped" value="yes" <?php if (isset($pconfig['dnssecstripped'])) echo "checked=\"checked\"";?> /><br /> |
