diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-01-06 00:57:21 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-01-06 00:57:24 +0100 |
commit | e497292abac908cae4f814bcdda2654ffb4bef0b (patch) | |
tree | 0f54d7bc463cc498942901cad837b76ec68b274c | |
parent | d33b6cf343f5a1e073c3060878d2cc5fed54d150 (diff) |
resolved: count unsupported dnssec algorithm as indeterminate RRset
After all, when we don't support the algorithm we cannot determine
validity.
-rw-r--r-- | src/resolve/resolved-dns-transaction.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index 7212fb9c4d..8631afadb2 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -2404,10 +2404,9 @@ int dns_transaction_validate_dnssec(DnsTransaction *t) { if (IN_SET(result, DNSSEC_INVALID, DNSSEC_SIGNATURE_EXPIRED, - DNSSEC_NO_SIGNATURE, - DNSSEC_UNSUPPORTED_ALGORITHM)) + DNSSEC_NO_SIGNATURE)) t->scope->manager->n_dnssec_bogus++; - else + else /* DNSSEC_MISSING_KEY or DNSSEC_UNSUPPORTED_ALGORITHM */ t->scope->manager->n_dnssec_indeterminate++; r = dns_transaction_is_primary_response(t, rr); |