]> git.ipfire.org Git - thirdparty/systemd.git/commit - src/resolve/resolve-tool.c
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3ba27cd) | patch
resolved: add a concept of "authenticated" responses
authorLennart Poettering <lennart@poettering.net>
Thu, 3 Dec 2015 20:04:52 +0000 (21:04 +0100)
committerLennart Poettering <lennart@poettering.net>
Thu, 3 Dec 2015 20:17:49 +0000 (21:17 +0100)
commit931851e8e492a4d2715e22dcde50a5e7ccef4b49
tree01687919f0e6cc539baa17084c06c90326359040tree | snapshot
parent3ba27cd339d2de53fa34c1ec7242da50a1c047b7commit | diff
resolved: add a concept of "authenticated" responses

This adds a new SD_RESOLVED_AUTHENTICATED flag for responses we return
on the bus. When set, then the data has been authenticated. For now this
mostly reflects the DNSSEC AD bit, if DNSSEC=trust is set. As soon as
the client-side validation is complete it will be hooked up to this flag
too.

We also set this bit whenver we generated the data ourselves, for
example, because it originates in our local LLMNR zone, or from the
built-in trust anchor database.

The "systemd-resolve-host" tool has been updated to show the flag state
for the data it shows.
src/resolve-host/resolve-host.c diff | blob | blame | history
src/resolve/resolved-bus.c diff | blob | blame | history
src/resolve/resolved-def.h diff | blob | blame | history
src/resolve/resolved-dns-cache.c diff | blob | blame | history
src/resolve/resolved-dns-cache.h diff | blob | blame | history
src/resolve/resolved-dns-packet.h diff | blob | blame | history
src/resolve/resolved-dns-query.c diff | blob | blame | history
src/resolve/resolved-dns-query.h diff | blob | blame | history
src/resolve/resolved-dns-scope.c diff | blob | blame | history
src/resolve/resolved-dns-transaction.c diff | blob | blame | history
src/resolve/resolved-dns-transaction.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.