resolved: rework how and when we detect whether our chosen DNS server knows DNSSEC - ~lukeshu/systemd - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Lennart Poettering <lennart@poettering.net>	2016-01-10 22:58:58 +0100
committer	Lennart Poettering <lennart@poettering.net>	2016-01-11 19:40:00 +0100
commit	92ec902aad1ade7acbe50efd7b8ef87fbdc63af3 (patch)
tree	c961d4c9bc61528785e660cf613df080ca5a6ac2 /src/systemctl
parent	6cb08a8930bdaca950b152b1e8b82466ed59511c (diff)

resolved: rework how and when we detect whether our chosen DNS server knows DNSSEC

Move detection into a set of new functions, that check whether one specific server can do DNSSEC, whether a server and a specific transaction can do DNSSEC, or whether a transaction and all its auxiliary transactions could do so. Also, do these checks both before we acquire additional RRs for the validation (so that we can skip them if the server doesn't do DNSSEC anyway), and after we acquired them all (to see if any of the lookups changed our opinion about the servers). THis also tightens the checks a bit: a server that lacks TCP support is considered incompatible with DNSSEC too.

Diffstat (limited to 'src/systemctl')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: