From ad6c04756115809d615dede330213d73edf732a8 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 5 Jan 2016 19:57:33 +0100
Subject: resolved,networkd: add a per-interface DNSSEC setting

This adds a DNSSEC= setting to .network files, and makes resolved honour
them.
---
 src/shared/resolve-util.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'src/shared/resolve-util.c')

diff --git a/src/shared/resolve-util.c b/src/shared/resolve-util.c
index 487de3e077..bf6fc26841 100644
--- a/src/shared/resolve-util.c
+++ b/src/shared/resolve-util.c
@@ -24,6 +24,7 @@
 #include "string-table.h"
 
 DEFINE_CONFIG_PARSE_ENUM(config_parse_resolve_support, resolve_support, ResolveSupport, "Failed to parse resolve support setting");
+DEFINE_CONFIG_PARSE_ENUM(config_parse_dnssec_mode, dnssec_mode, DnssecMode, "Failed to parse DNSSEC mode setting");
 
 static const char* const resolve_support_table[_RESOLVE_SUPPORT_MAX] = {
         [RESOLVE_SUPPORT_NO] = "no",
@@ -31,3 +32,10 @@ static const char* const resolve_support_table[_RESOLVE_SUPPORT_MAX] = {
         [RESOLVE_SUPPORT_RESOLVE] = "resolve",
 };
 DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(resolve_support, ResolveSupport, RESOLVE_SUPPORT_YES);
+
+static const char* const dnssec_mode_table[_DNSSEC_MODE_MAX] = {
+        [DNSSEC_NO] = "no",
+        [DNSSEC_ALLOW_DOWNGRADE] = "allow-downgrade",
+        [DNSSEC_YES] = "yes",
+};
+DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dnssec_mode, DnssecMode, DNSSEC_YES);
-- 
cgit v1.2.3-54-g00ecf