summaryrefslogtreecommitdiffstats
path: root/src/resolve/resolved-conf.h
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-12-03 19:51:04 +0100
committerLennart Poettering <lennart@poettering.net>2015-12-03 21:17:49 +0100
commit24710c48ed16be5fa461fbb303a744a907541daf (patch)
tree3331d39fd5762c7d5fe9babf50dd463a0151b011 /src/resolve/resolved-conf.h
parentresolved: add a limit on the max DNSSEC RRSIG expiry skew we allow (diff)
downloadsystemd-24710c48ed16be5fa461fbb303a744a907541daf.tar.xz
systemd-24710c48ed16be5fa461fbb303a744a907541daf.zip
resolved: introduce a dnssec_mode setting per scope
The setting controls which kind of DNSSEC validation is done: none at all, trusting the AD bit, or client-side validation. For now, no validation is implemented, hence the setting doesn't do much yet, except of toggling the CD bit in the generated messages if full client-side validation is requested.
Diffstat (limited to 'src/resolve/resolved-conf.h')
-rw-r--r--src/resolve/resolved-conf.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/resolve/resolved-conf.h b/src/resolve/resolved-conf.h
index 28d2549d35..668ea02bba 100644
--- a/src/resolve/resolved-conf.h
+++ b/src/resolve/resolved-conf.h
@@ -36,3 +36,4 @@ const struct ConfigPerfItem* resolved_gperf_lookup(const char *key, unsigned len
int config_parse_dns_servers(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_search_domains(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_support(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+int config_parse_dnssec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);