Supports DNSSEC field

internal/models/dns.go

@@ -12,10 +12,11 @@ import (
 
 // ProviderData contains information for a DNS provider.
 type ProviderData struct {
-	IPs          []net.IP
-	Host         Host
-	SupportsIPv6 bool
-	SupportsTLS  bool
+	IPs            []net.IP
+	Host           Host
+	SupportsIPv6   bool
+	SupportsTLS    bool
+	SupportsDNSSEC bool
 }
 
 type Settings struct { //nolint:maligned

pkg/unbound/conf.go

@@ -91,7 +91,8 @@ func generateUnboundConf(settings models.Settings,
 	}
 
 	for _, provider := range settings.Providers {
-		if provider == LibreDNS {
+		data, _ := GetProviderData(provider)
+		if !data.SupportsDNSSEC {
 			delete(serverSection, "trust-anchor-file")
 		}
 	}

pkg/unbound/constants.go

@@ -44,9 +44,10 @@ func GetProviderData(provider string) (data models.ProviderData, ok bool) {
 				{0x26, 0x6, 0x47, 0x0, 0x47, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x11},
 				{0x26, 0x6, 0x47, 0x0, 0x47, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x01},
 			},
-			SupportsTLS:  true,
-			SupportsIPv6: true,
-			Host:         models.Host("cloudflare-dns.com"),
+			SupportsTLS:    true,
+			SupportsDNSSEC: true,
+			SupportsIPv6:   true,
+			Host:           models.Host("cloudflare-dns.com"),
 		},
 		Google: {
 			IPs: []net.IP{
@@ -55,9 +56,10 @@ func GetProviderData(provider string) (data models.ProviderData, ok bool) {
 				{0x20, 0x1, 0x48, 0x60, 0x48, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x88},
 				{0x20, 0x1, 0x48, 0x60, 0x48, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x44},
 			},
-			SupportsTLS:  true,
-			SupportsIPv6: true,
-			Host:         models.Host("dns.google"),
+			SupportsTLS:    true,
+			SupportsDNSSEC: true,
+			SupportsIPv6:   true,
+			Host:           models.Host("dns.google"),
 		},
 		Quad9: {
 			IPs: []net.IP{
@@ -66,18 +68,20 @@ func GetProviderData(provider string) (data models.ProviderData, ok bool) {
 				{0x26, 0x20, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe},
 				{0x26, 0x20, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9},
 			},
-			SupportsTLS:  true,
-			SupportsIPv6: true,
-			Host:         models.Host("dns.quad9.net"),
+			SupportsTLS:    true,
+			SupportsDNSSEC: true,
+			SupportsIPv6:   true,
+			Host:           models.Host("dns.quad9.net"),
 		},
 		Quadrant: {
 			IPs: []net.IP{
 				{12, 159, 2, 159},
 				{0x20, 0x1, 0x18, 0x90, 0x14, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x59},
 			},
-			SupportsTLS:  true,
-			SupportsIPv6: true,
-			Host:         models.Host("dns-tls.qis.io"),
+			SupportsTLS:    true,
+			SupportsDNSSEC: true,
+			SupportsIPv6:   true,
+			Host:           models.Host("dns-tls.qis.io"),
 		},
 		CleanBrowsing: {
 			IPs: []net.IP{
@@ -86,9 +90,10 @@ func GetProviderData(provider string) (data models.ProviderData, ok bool) {
 				{0x2a, 0xd, 0x2a, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2},
 				{0x2a, 0xd, 0x2a, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2},
 			},
-			SupportsTLS:  true,
-			SupportsIPv6: true,
-			Host:         models.Host("security-filter-dns.cleanbrowsing.org"),
+			SupportsTLS:    true,
+			SupportsDNSSEC: true,
+			SupportsIPv6:   true,
+			Host:           models.Host("security-filter-dns.cleanbrowsing.org"),
 		},
 		LibreDNS: {
 			IPs:         []net.IP{{116, 202, 176, 26}},
@@ -102,8 +107,9 @@ func GetProviderData(provider string) (data models.ProviderData, ok bool) {
 				{0x26, 0x20, 0x1, 0xa, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20},
 				{0x26, 0x20, 0x1, 0xa, 0x80, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20},
 			},
-			SupportsTLS: true,
-			Host:        models.Host("protected.canadianshield.cira.ca"),
+			SupportsTLS:    true,
+			SupportsDNSSEC: true,
+			Host:           models.Host("protected.canadianshield.cira.ca"),
 		},
 	}
 	data, ok = mapping[provider]