summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-01-06 00:57:21 +0100
committerLennart Poettering <lennart@poettering.net>2016-01-06 00:57:24 +0100
commite497292abac908cae4f814bcdda2654ffb4bef0b (patch)
tree0f54d7bc463cc498942901cad837b76ec68b274c
parentd33b6cf343f5a1e073c3060878d2cc5fed54d150 (diff)
resolved: count unsupported dnssec algorithm as indeterminate RRset
After all, when we don't support the algorithm we cannot determine validity.
-rw-r--r--src/resolve/resolved-dns-transaction.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
index 7212fb9c4d..8631afadb2 100644
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -2404,10 +2404,9 @@ int dns_transaction_validate_dnssec(DnsTransaction *t) {
if (IN_SET(result,
DNSSEC_INVALID,
DNSSEC_SIGNATURE_EXPIRED,
- DNSSEC_NO_SIGNATURE,
- DNSSEC_UNSUPPORTED_ALGORITHM))
+ DNSSEC_NO_SIGNATURE))
t->scope->manager->n_dnssec_bogus++;
- else
+ else /* DNSSEC_MISSING_KEY or DNSSEC_UNSUPPORTED_ALGORITHM */
t->scope->manager->n_dnssec_indeterminate++;
r = dns_transaction_is_primary_response(t, rr);