43 lines
2.3 KiB
Diff
43 lines
2.3 KiB
Diff
--- a/tlsa
|
|
+++ b/tlsa
|
|
@@ -37,7 +37,7 @@
|
|
from ipaddress import IPv4Address, IPv6Address
|
|
|
|
ROOTKEY="none"
|
|
-cauldron = ( "/var/lib/unbound/root.anchor", "/var/lib/unbound/root.key", "/etc/unbound/root.key" )
|
|
+cauldron = ( "@TERMUX_PREFIX@/var/lib/unbound/root.anchor", "@TERMUX_PREFIX@/var/lib/unbound/root.key", "@TERMUX_PREFIX@/etc/unbound/root.key" )
|
|
for root in cauldron:
|
|
if os.path.isfile(root):
|
|
ROOTKEY=root
|
|
@@ -188,7 +188,7 @@
|
|
except:
|
|
unbound.ub_ctx_trustedkeys(ctx,ROOTKEY)
|
|
# Use the local cache and emulate /etc/hosts
|
|
- ctx.hosts("/etc/hosts")
|
|
+ ctx.hosts("@TERMUX_PREFIX@/etc/hosts")
|
|
if resolvconf and not noresolver:
|
|
ctx.resolvconf(resolvconf)
|
|
|
|
@@ -627,7 +627,7 @@
|
|
parser.add_argument('-4', '--ipv4', dest='ipv4', action='store_true',help='use ipv4 networking only')
|
|
parser.add_argument('-6', '--ipv6', dest='ipv6', action='store_true',help='use ipv6 networking only')
|
|
parser.add_argument('--insecure', action='store_true', default=False, help='Allow use of non-dnssec secured answers')
|
|
- parser.add_argument('--resolvconf', metavar='/PATH/TO/RESOLV.CONF', action='store', default='/etc/resolv.conf', help='Use a recursive resolver listed in a resolv.conf file (default: /etc/resolv.conf)')
|
|
+ parser.add_argument('--resolvconf', metavar='/PATH/TO/RESOLV.CONF', action='store', default='@TERMUX_PREFIX@/etc/resolv.conf', help='Use a recursive resolver listed in a resolv.conf file (default: @TERMUX_PREFIX@/etc/resolv.conf)')
|
|
parser.add_argument('host', metavar="hostname")
|
|
|
|
parser.add_argument('--port', '-p', action='store', default='443', help='The port, or \'*\' where running TLS is located (default: %(default)s).')
|
|
@@ -636,10 +636,8 @@
|
|
parser.add_argument('--only-rr', action='store_true', help='Only verify that the TLSA resource record is correct (do not check certificate)')
|
|
parser.add_argument('--rootkey', metavar='/PATH/TO/ROOT.KEY', action='store', help='Specify file location containing the DNSSEC root key')
|
|
|
|
- if os.path.isdir("/etc/pki/tls/certs/"):
|
|
- cadir = "/etc/pki/tls/certs/"
|
|
- elif os.path.isdir("/etc/ssl/certs/"):
|
|
- cadir = "/etc/ssl/certs/"
|
|
+ if os.path.isdir("@TERMUX_PREFIX@/etc/tls/certs/"):
|
|
+ cadir = "@TERMUX_PREFIX@/etc/tls/certs/"
|
|
else:
|
|
cadir = "."
|
|
print ("warning: no system wide CAdir found, using current directory")
|