resolved: log recognizably about DNSSEC downgrades

If we downgrade from DNSSEC to non-DNSSEC mode, let's log about this in a recognizable way (i.e. with a message ID), after all, this is of major importance.
author: Lennart Poettering <lennart@poettering.net> 2016-01-22 13:39:31 +0100
committer: Lennart Poettering <lennart@poettering.net> 2016-01-25 17:19:19 +0100
commit: 1e02e182f1e06fcbe389474175de228103be39cb (patch)
tree: 2bd48d564b63d60d75ea2343d8d618114f1fc692 /src/resolve/resolved-dns-server.h
parent: dd0bc0f1414cc1d0fa73a29470bd14944e4942d3 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/src/resolve/resolved-dns-server.h b/src/resolve/resolved-dns-server.h
index 02bd3463a7..2a3c921678 100644
--- a/src/resolve/resolved-dns-server.h
+++ b/src/resolve/resolved-dns-server.h
@@ -82,6 +82,9 @@ struct DnsServer {
         usec_t verified_usec;
         usec_t features_grace_period_usec;
 
+        /* Whether we already warned about downgrading to non-DNSSEC mode for this server */
+        bool warned_downgrade:1;
+
         /* Used when GC'ing old DNS servers when configuration changes. */
         bool marked:1;
 
@@ -119,6 +122,8 @@ const char *dns_server_string(DnsServer *server);
 
 bool dns_server_dnssec_supported(DnsServer *server);
 
+void dns_server_warn_downgrade(DnsServer *server);
+
 DnsServer *dns_server_find(DnsServer *first, int family, const union in_addr_union *in_addr);
 
 void dns_server_unlink_all(DnsServer *first);
author	Lennart Poettering <lennart@poettering.net>	2016-01-22 13:39:31 +0100
committer	Lennart Poettering <lennart@poettering.net>	2016-01-25 17:19:19 +0100
commit	1e02e182f1e06fcbe389474175de228103be39cb (patch)
tree	2bd48d564b63d60d75ea2343d8d618114f1fc692 /src/resolve/resolved-dns-server.h
parent	dd0bc0f1414cc1d0fa73a29470bd14944e4942d3 (diff)