dnsmasq: add UCI DNSSEC runtime support

[openwrt/staging/chunkeey.git] / package / network / services / dnsmasq / files / dnsmasq.init

diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
index b5fb58c524687b1081b2e20c1c3efdd540cb185e..9f16d5f5d45f9543cf8dc8c08b11a15337376eff 100644 (file)
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -13,6 +13,8 @@ ADD_LOCAL_DOMAIN=1
 ADD_LOCAL_HOSTNAME=1
 
 CONFIGFILE="/var/etc/dnsmasq.conf"
+HOSTFILE="/tmp/hosts/dhcp"
+TRUSTANCHORSFILE="/usr/share/dnsmasq/trust-anchors.conf"
 
 xappend() {
        local value="$1"
@@ -185,6 +187,13 @@ dnsmasq() {
                config_list_foreach "$cfg" rebind_domain append_rebind_domain
        }
 
+       config_get dnssec "$cfg" dnssec
+       [ "$dnssec" -gt 0 ] && {
+               xappend "--conf-file=$TRUSTANCHORSFILE"
+               xappend "--dnssec"
+               append_bool "$cfg" dnsseccheckunsigned "--dnssec-check-unsigned"
+       }
+
        dhcp_option_add "$cfg" "" 0
 
        xappend "--dhcp-broadcast=tag:needs-broadcast"
@@ -300,6 +309,11 @@ dhcp_host_add() {
        [ "$broadcast" = "0" ] && broadcast=
 
        xappend "--dhcp-host=$macs${networkid:+,net:$networkid}${broadcast:+,set:needs-broadcast}${tag:+,set:$tag}${ip:+,$ip}${name:+,$name}"
+
+       config_get_bool dns "$cfg" dns 0
+       [ "$dns" = "1" ] && {
+               echo "$ip $name${DOMAIN:+.$DOMAIN}" >> $HOSTFILE
+       }
 }
 
 dhcp_tag_add() {
@@ -528,6 +542,7 @@ start_service() {
        mkdir -p $(dirname $CONFIGFILE)
 
        echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE
+       echo "# auto-generated config file from /etc/config/dhcp" > $HOSTFILE
 
        # if we did this last, we could override auto-generated config
        [ -f /etc/dnsmasq.conf ] && {