diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-12-03 19:51:04 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-12-03 21:17:49 +0100 |
| commit | 24710c48ed16be5fa461fbb303a744a907541daf (patch) | |
| tree | 3331d39fd5762c7d5fe9babf50dd463a0151b011 /src/resolve/resolved-dns-transaction.c | |
| parent | 896c567247371cc14e49774c3b844a7038c37a60 (diff) | |
resolved: introduce a dnssec_mode setting per scope
The setting controls which kind of DNSSEC validation is done: none at
all, trusting the AD bit, or client-side validation.
For now, no validation is implemented, hence the setting doesn't do much
yet, except of toggling the CD bit in the generated messages if full
client-side validation is requested.
Diffstat (limited to 'src/resolve/resolved-dns-transaction.c')
| -rw-r--r-- | src/resolve/resolved-dns-transaction.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index 7bef4be2ad..d22acf085b 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -598,7 +598,7 @@ static int dns_transaction_make_packet(DnsTransaction *t) { if (t->sent) return 0; - r = dns_packet_new_query(&p, t->scope->protocol, 0); + r = dns_packet_new_query(&p, t->scope->protocol, 0, t->scope->dnssec_mode == DNSSEC_YES); if (r < 0) return r; |