resolved: don't insist in RRSIG metadata for NSEC3 RRs that have not been authenticated - ~lukeshu/systemd - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Lennart Poettering <lennart@poettering.net>	2016-01-22 18:43:41 +0100
committer	Lennart Poettering <lennart@poettering.net>	2016-01-25 17:19:20 +0100
commit	cbd100ac7cb74d7d44c7e6dda09d26b2616776f7 (patch)
tree	884ee240b57ddaf537e394d4fa9bcf2ef6ed5bf2 /src/resolve/resolved-conf.c
parent	ab88b6d087c89fb052cedc6f145339fd24c1138e (diff)

resolved: don't insist in RRSIG metadata for NSEC3 RRs that have not been authenticated

In some cases we get NSEC3 RRs that have not been authenticated (because the chain of trust to the root is somewhere broken). We can use these for checking negative replies, as long as we don't claim they were ultimately authenticated. This means we need to be able to deal with NSEC3 RRs that lack RRSIG metadata.

Diffstat (limited to 'src/resolve/resolved-conf.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: