resolved,networkd: add a per-interface DNSSEC setting

This adds a DNSSEC= setting to .network files, and makes resolved honour them.
author: Lennart Poettering <lennart@poettering.net> 2016-01-05 19:57:33 +0100
committer: Lennart Poettering <lennart@poettering.net> 2016-01-05 20:10:31 +0100
commit: ad6c04756115809d615dede330213d73edf732a8 (patch)
tree: 832a20d697321d22b62cabc5b9695b231a6f04f1 /src/network
parent: 125ae29d1bc3a6362c9bb1acddbe09fe1b274cfc (diff)
4 files changed, 7 insertions, 0 deletions
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index 2013a8eae7..18a82fdeb9 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -2871,6 +2871,10 @@ int link_save(Link *link) {
                 fprintf(f, "MDNS=%s\n",
                         resolve_support_to_string(link->network->mdns));
 
+                if (link->network->dnssec_mode != _DNSSEC_MODE_INVALID)
+                        fprintf(f, "DNSSEC=%s\n",
+                                dnssec_mode_to_string(link->network->dnssec_mode));
+
                 fputs("ADDRESSES=", f);
                 space = false;
                 SET_FOREACH(a, link->addresses, i) {
diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf
index c66ca3c1cc..75a2620804 100644
--- a/src/network/networkd-network-gperf.gperf
+++ b/src/network/networkd-network-gperf.gperf
@@ -47,6 +47,7 @@ Network.Domains,                        config_parse_domains,
 Network.DNS,                            config_parse_strv,                              0,                             offsetof(Network, dns)
 Network.LLMNR,                          config_parse_resolve_support,                   0,                             offsetof(Network, llmnr)
 Network.MulticastDNS,                   config_parse_resolve_support,                   0,                             offsetof(Network, mdns)
+Network.DNSSEC,                         config_parse_dnssec_mode,                       0,                             offsetof(Network, dnssec_mode)
 Network.NTP,                            config_parse_strv,                              0,                             offsetof(Network, ntp)
 Network.IPForward,                      config_parse_address_family_boolean_with_kernel,0,                             offsetof(Network, ip_forward)
 Network.IPMasquerade,                   config_parse_bool,                              0,                             offsetof(Network, ip_masquerade)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 7544280a7a..c91531ca69 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -122,6 +122,7 @@ static int network_load_one(Manager *manager, const char *filename) {
 
         network->llmnr = RESOLVE_SUPPORT_YES;
         network->mdns = RESOLVE_SUPPORT_NO;
+        network->dnssec_mode = _DNSSEC_MODE_INVALID;
 
         network->link_local = ADDRESS_FAMILY_IPV6;
 
diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h
index 91e90e6d74..7817b13cc4 100644
--- a/src/network/networkd-network.h
+++ b/src/network/networkd-network.h
@@ -146,6 +146,7 @@ struct Network {
 
         ResolveSupport llmnr;
         ResolveSupport mdns;
+        DnssecMode dnssec_mode;
 
         LIST_FIELDS(Network, networks);
 };
author	Lennart Poettering <lennart@poettering.net>	2016-01-05 19:57:33 +0100
committer	Lennart Poettering <lennart@poettering.net>	2016-01-05 20:10:31 +0100
commit	ad6c04756115809d615dede330213d73edf732a8 (patch)
tree	832a20d697321d22b62cabc5b9695b231a6f04f1 /src/network
parent	125ae29d1bc3a6362c9bb1acddbe09fe1b274cfc (diff)