From: Lennart Poettering Date: Fri, 8 Jan 2016 16:10:49 +0000 (+0100) Subject: resolved: don't attempt to send queries for DNSSEC RR types to servers not supporting... X-Git-Tag: v229.1~1^2~67 X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=0800dbe33c6e875b9c11a9baa7c296ecd8640415;p=elogind.git resolved: don't attempt to send queries for DNSSEC RR types to servers not supporting them If we already degraded the feature level below DO don't bother with sending requests for DS, DNSKEY, RRSIG, NSEC, NSEC3 or NSEC3PARAM RRs. After all, we cannot do DNSSEC validation then anyway, and we better not press a legacy server like this with such modern concepts. This also has the benefit that when we try to validate a response we received using DNSSEC, and we detect a limited server support level while doing so, all further auxiliary DNSSEC queries will fail right-away. --- diff --git a/src/libelogind/sd-bus/bus-common-errors.h b/src/libelogind/sd-bus/bus-common-errors.h index 9e4972584..7a5f6cda8 100644 --- a/src/libelogind/sd-bus/bus-common-errors.h +++ b/src/libelogind/sd-bus/bus-common-errors.h @@ -76,6 +76,7 @@ #define BUS_ERROR_NO_SUCH_SERVICE "org.freedesktop.resolve1.NoSuchService" #define BUS_ERROR_DNSSEC_FAILED "org.freedesktop.resolve1.DnssecFailed" #define BUS_ERROR_NO_TRUST_ANCHOR "org.freedesktop.resolve1.NoTrustAnchor" +#define BUS_ERROR_RR_TYPE_UNSUPPORTED "org.freedesktop.resolve1.ResourceRecordTypeUnsupported" #define _BUS_ERROR_DNS "org.freedesktop.resolve1.DnsError." #define BUS_ERROR_NO_SUCH_TRANSFER "org.freedesktop.import1.NoSuchTransfer"