resolved: introduce a dnssec_mode setting per scope

The setting controls which kind of DNSSEC validation is done: none at all, trusting the AD bit, or client-side validation. For now, no validation is implemented, hence the setting doesn't do much yet, except of toggling the CD bit in the generated messages if full client-side validation is requested.
author: Lennart Poettering <lennart@poettering.net> 2015-12-03 19:51:04 +0100
committer: Lennart Poettering <lennart@poettering.net> 2015-12-03 21:17:49 +0100
commit: 24710c48ed16be5fa461fbb303a744a907541daf (patch)
tree: 3331d39fd5762c7d5fe9babf50dd463a0151b011 /src/resolve/resolved-dns-packet.h
parent: 896c567247371cc14e49774c3b844a7038c37a60 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h
index a6b88e6c79..ffa6c44213 100644
--- a/src/resolve/resolved-dns-packet.h
+++ b/src/resolve/resolved-dns-packet.h
@@ -144,7 +144,7 @@ static inline unsigned DNS_PACKET_RRCOUNT(DnsPacket *p) {
 }
 
 int dns_packet_new(DnsPacket **p, DnsProtocol protocol, size_t mtu);
-int dns_packet_new_query(DnsPacket **p, DnsProtocol protocol, size_t mtu);
+int dns_packet_new_query(DnsPacket **p, DnsProtocol protocol, size_t mtu, bool dnssec_checking_disabled);
 
 DnsPacket *dns_packet_ref(DnsPacket *p);
 DnsPacket *dns_packet_unref(DnsPacket *p);
author	Lennart Poettering <lennart@poettering.net>	2015-12-03 19:51:04 +0100
committer	Lennart Poettering <lennart@poettering.net>	2015-12-03 21:17:49 +0100
commit	24710c48ed16be5fa461fbb303a744a907541daf (patch)
tree	3331d39fd5762c7d5fe9babf50dd463a0151b011 /src/resolve/resolved-dns-packet.h
parent	896c567247371cc14e49774c3b844a7038c37a60 (diff)