resolved: set the DNSSEC OK (DO) flag

This indicates that we can handle DNSSEC records (per RFC3225), even if all we do is silently drop them. This feature requires EDNS0 support. As we do not yet support larger UDP packets, this feature increases the risk of getting truncated packets. Similarly to how we fall back to plain UDP if EDNS0 fails, we will fall back to plain EDNS0 if EDNS0+DO fails (with the same logic of remembering success and retrying after a grace period after failure).
author: Tom Gundersen <teg@jklm.no> 2015-06-24 15:08:40 +0200
committer: Tom Gundersen <teg@jklm.no> 2015-11-27 01:35:34 +0100
commit: 7586f4d172dd9c3ccc3126fc47dca9e49adec132 (patch)
tree: 99bcd93e4a31491d1f146d1ae29197fab70ce3ed /src/resolve/resolved-dns-server.h
parent: 9c5e12a4314e7192e834e1b855e5e80111e636a6 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/resolve/resolved-dns-server.h b/src/resolve/resolved-dns-server.h
index e9b425430f..9dd4961d5f 100644
--- a/src/resolve/resolved-dns-server.h
+++ b/src/resolve/resolved-dns-server.h
@@ -35,6 +35,7 @@ typedef enum DnsServerFeatureLevel {
         DNS_SERVER_FEATURE_LEVEL_TCP,
         DNS_SERVER_FEATURE_LEVEL_UDP,
         DNS_SERVER_FEATURE_LEVEL_EDNS0,
+        DNS_SERVER_FEATURE_LEVEL_DO,
         _DNS_SERVER_FEATURE_LEVEL_MAX,
         _DNS_SERVER_FEATURE_LEVEL_INVALID = -1
 } DnsServerFeatureLevel;
author	Tom Gundersen <teg@jklm.no>	2015-06-24 15:08:40 +0200
committer	Tom Gundersen <teg@jklm.no>	2015-11-27 01:35:34 +0100
commit	7586f4d172dd9c3ccc3126fc47dca9e49adec132 (patch)
tree	99bcd93e4a31491d1f146d1ae29197fab70ce3ed /src/resolve/resolved-dns-server.h
parent	9c5e12a4314e7192e834e1b855e5e80111e636a6 (diff)