git.ipfire.org Git - thirdparty/systemd.git/commit - src/resolve/resolved-dns-transaction.c

]> git.ipfire.org Git - thirdparty/systemd.git/commit - src/resolve/resolved-dns-transaction.c

projects / thirdparty / systemd.git / commit

author	Lennart Poettering <lennart@poettering.net>
	Fri, 8 Jan 2016 16:10:49 +0000 (17:10 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Mon, 11 Jan 2016 18:40:00 +0000 (19:40 +0100)
commit	91adc4db33f69606aabd332813a5d7d5751c859f
tree	ba1435ba438cb3148c1729c3aa20241db70eb6d2	tree \| snapshot
parent	29ab055292924329ab0512ddb83846a53dd8e0ab	commit \| diff

resolved: don't attempt to send queries for DNSSEC RR types to servers not supporting them

If we already degraded the feature level below DO don't bother with sending requests for DS, DNSKEY, RRSIG, NSEC, NSEC3
or NSEC3PARAM RRs. After all, we cannot do DNSSEC validation then anyway, and we better not press a legacy server like
this with such modern concepts.

This also has the benefit that when we try to validate a response we received using DNSSEC, and we detect a limited
server support level while doing so, all further auxiliary DNSSEC queries will fail right-away.

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom

src/libsystemd/sd-bus/bus-common-errors.h		diff \| blob \| blame \| history
src/resolve/dns-type.c		diff \| blob \| blame \| history
src/resolve/dns-type.h		diff \| blob \| blame \| history
src/resolve/resolved-bus.c		diff \| blob \| blame \| history
src/resolve/resolved-dns-transaction.c		diff \| blob \| blame \| history
src/resolve/resolved-dns-transaction.h		diff \| blob \| blame \| history