summaryrefslogtreecommitdiffstats
path: root/src/resolve/resolved-dns-cache.h
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-12-03 21:04:52 +0100
committerLennart Poettering <lennart@poettering.net>2015-12-03 21:17:49 +0100
commit931851e8e492a4d2715e22dcde50a5e7ccef4b49 (patch)
tree01687919f0e6cc539baa17084c06c90326359040 /src/resolve/resolved-dns-cache.h
parentresolved: when synthesizing NODATA from cached NSEC bitmaps, honour CNAME/DNAME (diff)
downloadsystemd-931851e8e492a4d2715e22dcde50a5e7ccef4b49.tar.xz
systemd-931851e8e492a4d2715e22dcde50a5e7ccef4b49.zip
resolved: add a concept of "authenticated" responses
This adds a new SD_RESOLVED_AUTHENTICATED flag for responses we return on the bus. When set, then the data has been authenticated. For now this mostly reflects the DNSSEC AD bit, if DNSSEC=trust is set. As soon as the client-side validation is complete it will be hooked up to this flag too. We also set this bit whenver we generated the data ourselves, for example, because it originates in our local LLMNR zone, or from the built-in trust anchor database. The "systemd-resolve-host" tool has been updated to show the flag state for the data it shows.
Diffstat (limited to 'src/resolve/resolved-dns-cache.h')
-rw-r--r--src/resolve/resolved-dns-cache.h4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/resolve/resolved-dns-cache.h b/src/resolve/resolved-dns-cache.h
index 561d31ad99..5f91164785 100644
--- a/src/resolve/resolved-dns-cache.h
+++ b/src/resolve/resolved-dns-cache.h
@@ -38,8 +38,8 @@ typedef struct DnsCache {
void dns_cache_flush(DnsCache *c);
void dns_cache_prune(DnsCache *c);
-int dns_cache_put(DnsCache *c, DnsResourceKey *key, int rcode, DnsAnswer *answer, unsigned max_rrs, usec_t timestamp, int owner_family, const union in_addr_union *owner_address);
-int dns_cache_lookup(DnsCache *c, DnsResourceKey *key, int *rcode, DnsAnswer **answer);
+int dns_cache_put(DnsCache *c, DnsResourceKey *key, int rcode, DnsAnswer *answer, unsigned max_rrs, bool authenticated, usec_t timestamp, int owner_family, const union in_addr_union *owner_address);
+int dns_cache_lookup(DnsCache *c, DnsResourceKey *key, int *rcode, DnsAnswer **answer, bool *authenticated);
int dns_cache_check_conflicts(DnsCache *cache, DnsResourceRecord *rr, int owner_family, const union in_addr_union *owner_address);