diff options
author | Chris Buechler <cmb@pfsense.org> | 2015-03-05 19:35:12 -0600 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2015-03-05 19:35:12 -0600 |
commit | 5c7c369f5f2c9584ad53a5657965deb2d6661da2 (patch) | |
tree | def6934f7c49d0f09ffb5a8b53655dc6cf122c2c | |
parent | 6d1db7eca805d632c12e794a52715e3d703fefc6 (diff) | |
download | pfsense-5c7c369f5f2c9584ad53a5657965deb2d6661da2.zip pfsense-5c7c369f5f2c9584ad53a5657965deb2d6661da2.tar.gz |
Remove the harden-glue option entirely and hard code it to yes. Ticket #4402
-rw-r--r-- | conf.default/config.xml | 1 | ||||
-rw-r--r-- | etc/inc/unbound.inc | 3 | ||||
-rw-r--r-- | usr/local/www/services_unbound_advanced.php | 15 |
3 files changed, 1 insertions, 18 deletions
diff --git a/conf.default/config.xml b/conf.default/config.xml index a728142..46afa50 100644 --- a/conf.default/config.xml +++ b/conf.default/config.xml @@ -274,7 +274,6 @@ <custom_options/> <hideidentity/> <hideversion/> - <hardenglue/> <dnssecstripped/> </unbound> </pfsense> diff --git a/etc/inc/unbound.inc b/etc/inc/unbound.inc index bef0f4a..22abb5d 100644 --- a/etc/inc/unbound.inc +++ b/etc/inc/unbound.inc @@ -213,7 +213,6 @@ EOF; $port = (is_port($config['unbound']['port'])) ? $config['unbound']['port'] : "53"; $hide_identity = isset($config['unbound']['hideidentity']) ? "yes" : "no"; $hide_version = isset($config['unbound']['hideversion']) ? "yes" : "no"; - $harden_glue = isset($config['unbound']['hardenglue']) ? "yes" : "no"; $harden_dnssec_stripped = isset($config['unbound']['dnssecstripped']) ? "yes" : "no"; $prefetch = isset($config['unbound']['prefetch']) ? "yes" : "no"; $prefetch_key = isset($config['unbound']['prefetchkey']) ? "yes" : "no"; @@ -290,7 +289,7 @@ port: {$port} verbosity: {$verbosity} hide-identity: {$hide_identity} hide-version: {$hide_version} -harden-glue: {$harden_glue} +harden-glue: yes do-ip4: yes do-ip6: yes do-udp: yes diff --git a/usr/local/www/services_unbound_advanced.php b/usr/local/www/services_unbound_advanced.php index 0bd7bfc..56c52b6 100644 --- a/usr/local/www/services_unbound_advanced.php +++ b/usr/local/www/services_unbound_advanced.php @@ -58,9 +58,6 @@ if (isset($config['unbound']['prefetch'])) { if (isset($config['unbound']['prefetchkey'])) { $pconfig['prefetchkey'] = true; } -if (isset($config['unbound']['hardenglue'])) { - $pconfig['hardenglue'] = true; -} if (isset($config['unbound']['dnssecstripped'])) { $pconfig['dnssecstripped'] = true; } @@ -153,11 +150,6 @@ if ($_POST) { } else { unset($config['unbound']['prefetchkey']); } - if (isset($_POST['hardenglue'])) { - $config['unbound']['hardenglue'] = true; - } else { - unset($config['unbound']['hardenglue']); - } if (isset($_POST['dnssecstripped'])) { $config['unbound']['dnssecstripped'] = true; } else { @@ -258,13 +250,6 @@ include_once("head.inc"); </td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Harden Glue");?></td> - <td width="78%" class="vtable"> - <input name="hardenglue" type="checkbox" id="hardenglue" value="yes" <?php if (isset($pconfig['hardenglue'])) echo "checked=\"checked\"";?> /><br /> - <?=gettext("Only trust glue if it is within the server's authority.");?> - </td> - </tr> - <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Harden DNSSEC data");?></td> <td width="78%" class="vtable"> <input name="dnssecstripped" type="checkbox" id="dnssecstripped" value="yes" <?php if (isset($pconfig['dnssecstripped'])) echo "checked=\"checked\"";?> /><br /> |