MFV (r277045): merge upstream version of the local socket patch.

3 files changed, 7 insertions, 2 deletions

diff --git a/contrib/unbound/doc/Changelog b/contrib/unbound/doc/Changelog
index 192b87c84129..1bd19f19c436 100644
--- a/contrib/unbound/doc/Changelog
+++ b/contrib/unbound/doc/Changelog
@@ -1,6 +1,11 @@
 8 December 2014: Wouter
 	- Fix CVE-2014-8602: denial of service by making resolver chase
 	  endless series of delegations.
+	- patch for remote control over local sockets, from Dag-Erling
+	  Smorgrav, Ilya Bakulin.  Use control-interface: /path/sock and
+	  control-use-cert: no.
+	- Fixup that patch and uid lookup (only for daemon).
+	- coded the default of control-use-cert, to yes.
 
 1 December 2014: Wouter
 	- Fix bug#632: unbound fails to build on AArch64, protects
diff --git a/contrib/unbound/doc/unbound.conf.5 b/contrib/unbound/doc/unbound.conf.5
index c9541da7fea1..f5a4471f99b1 100644
--- a/contrib/unbound/doc/unbound.conf.5
+++ b/contrib/unbound/doc/unbound.conf.5
@@ -976,7 +976,7 @@ default is 8953.
 If you change this and permissions have been dropped, you must restart
 the server for the change to take effect.
 .TP 5
-.B control-use-cert: \fI<yes or no>
+.B control\-use\-cert: \fI<yes or no>
 Whether to require certificate authentication of control connections.
 The default is "yes".
 This should not be changed unless there are other mechanisms in place
diff --git a/contrib/unbound/doc/unbound.conf.5.in b/contrib/unbound/doc/unbound.conf.5.in
index 9b23fd64da1b..d4420e26a0a4 100644
--- a/contrib/unbound/doc/unbound.conf.5.in
+++ b/contrib/unbound/doc/unbound.conf.5.in
@@ -976,7 +976,7 @@ default is 8953.
 If you change this and permissions have been dropped, you must restart
 the server for the change to take effect.
 .TP 5
-.B control-use-cert: \fI<yes or no>
+.B control\-use\-cert: \fI<yes or no>
 Whether to require certificate authentication of control connections.
 The default is "yes".
 This should not be changed unless there are other mechanisms in place