summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-dns-query.h
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-01-22 18:43:41 +0100
committerLennart Poettering <lennart@poettering.net>2016-01-25 17:19:20 +0100
commitcbd100ac7cb74d7d44c7e6dda09d26b2616776f7 (patch)
tree884ee240b57ddaf537e394d4fa9bcf2ef6ed5bf2 /src/resolve/resolved-dns-query.h
parentab88b6d087c89fb052cedc6f145339fd24c1138e (diff)
resolved: don't insist in RRSIG metadata for NSEC3 RRs that have not been authenticated
In some cases we get NSEC3 RRs that have not been authenticated (because the chain of trust to the root is somewhere broken). We can use these for checking negative replies, as long as we don't claim they were ultimately authenticated. This means we need to be able to deal with NSEC3 RRs that lack RRSIG metadata.
Diffstat (limited to 'src/resolve/resolved-dns-query.h')
0 files changed, 0 insertions, 0 deletions