diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-12-24 00:24:10 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-12-26 19:09:10 +0100 |
| commit | f61dfddbff4c826bfcbca7b413674770546fa527 (patch) | |
| tree | 5abac6bbd259b912f90ea697d5cd0af61f991d7b /src/resolve | |
| parent | a150ff5e4e2481eb28d6ed6e0d3e176623e25f5a (diff) | |
resolved: log each dnssec failure, in a recognizable way
Diffstat (limited to 'src/resolve')
| -rw-r--r-- | src/resolve/resolved-dns-transaction.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index af6f28ea0f..f138d55ad8 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -226,6 +226,14 @@ void dns_transaction_complete(DnsTransaction *t, DnsTransactionState state) { assert(t); assert(!DNS_TRANSACTION_IS_LIVE(state)); + if (state == DNS_TRANSACTION_DNSSEC_FAILED) + log_struct(LOG_NOTICE, + LOG_MESSAGE("DNSSEC validation failed for question %s: %s", dns_transaction_key_string(t), dnssec_result_to_string(t->answer_dnssec_result)), + "DNS_TRANSACTION=%" PRIu16, t->id, + "DNS_QUESTION=%s", dns_transaction_key_string(t), + "DNSSEC_RESULT=%s", dnssec_result_to_string(t->answer_dnssec_result), + NULL); + /* Note that this call might invalidate the query. Callers * should hence not attempt to access the query or transaction * after calling this function. */ |