From c69fa7e3c44240bedc0ee1bd89fecf954783ac85 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 19 Jan 2016 21:48:01 +0100 Subject: resolved: rework DNSSECSupported property Not only report whether the server actually supports DNSSEC, but also first check whether DNSSEC is actually enabled for it in our local configuration. Also, export a per-link DNSSECSupported property in addition to the existing manager-wide property. --- src/resolve/resolved-dns-scope.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'src/resolve/resolved-dns-scope.c') diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c index dd3609bd12..8a52d66fad 100644 --- a/src/resolve/resolved-dns-scope.c +++ b/src/resolve/resolved-dns-scope.c @@ -67,11 +67,9 @@ int dns_scope_new(Manager *m, DnsScope **ret, Link *l, DnsProtocol protocol, int * changes. */ if (l) - s->dnssec_mode = l->dnssec_mode; - if (s->dnssec_mode == _DNSSEC_MODE_INVALID) - s->dnssec_mode = m->dnssec_mode; - if (s->dnssec_mode == _DNSSEC_MODE_INVALID) - s->dnssec_mode = DNSSEC_NO; + s->dnssec_mode = link_get_dnssec_mode(l); + else + s->dnssec_mode = manager_get_dnssec_mode(m); } LIST_PREPEND(scopes, m->dns_scopes, s); -- cgit v1.2.3-54-g00ecf