summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-dns-dnssec.h
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-01-21 01:24:30 +0100
committerLennart Poettering <lennart@poettering.net>2016-01-25 17:19:19 +0100
commitf6618dcd96d437f2b8abeefd32a6a6790c04d026 (patch)
treeb8253c404641fc21278a69a410a8825f5e8f4274 /src/resolve/resolved-dns-dnssec.h
parentfcfaff123506b8c2300038934eef46892576d2d2 (diff)
resolved: never store NSEC/NSEC3 RRs from the upper zone of a zone cut in cache
When using NSEC/NSEC3 RRs from the cache to derive existance of arbitrary RRs, we should not get confused by the fact that NSEC/NSEC3 RRs exist twice at zone cuts: once in the parent zone, and once in the child zone. For most RR types we should only consult the latter since that's where the beef is. However, for DS lookups we have to check the former. This change makes sure we never cache NSEC/NSEC3 RRs from any parent zone of a zone-cut. It also makes sure that when we look for a DS RR in the cache we never consider any cached NSEC RR, as those are now always from the child zone.
Diffstat (limited to 'src/resolve/resolved-dns-dnssec.h')
0 files changed, 0 insertions, 0 deletions