resolved: count unsupported dnssec algorithm as indeterminate RRset

author Lennart Poettering <lennart@poettering.net>

Tue, 5 Jan 2016 23:57:21 +0000 (00:57 +0100)

committer Lennart Poettering <lennart@poettering.net>

Tue, 5 Jan 2016 23:57:24 +0000 (00:57 +0100)
author Lennart Poettering <lennart@poettering.net>
Tue, 5 Jan 2016 23:57:21 +0000 (00:57 +0100)
committer Lennart Poettering <lennart@poettering.net>
Tue, 5 Jan 2016 23:57:24 +0000 (00:57 +0100)
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c

index 7212fb9..8631afa 100644 (file)
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -2404,10 +2404,9 @@ int dns_transaction_validate_dnssec(DnsTransaction *t) {
                                  if (IN_SET(result,
                                             DNSSEC_INVALID,
                                             DNSSEC_SIGNATURE_EXPIRED,
-                                           DNSSEC_NO_SIGNATURE,
-                                           DNSSEC_UNSUPPORTED_ALGORITHM))
+                                           DNSSEC_NO_SIGNATURE))
                                          t->scope->manager->n_dnssec_bogus++;
-                                else
+                                else /* DNSSEC_MISSING_KEY or DNSSEC_UNSUPPORTED_ALGORITHM */
                                          t->scope->manager->n_dnssec_indeterminate++;
  
                                  r = dns_transaction_is_primary_response(t, rr);
author	Lennart Poettering <lennart@poettering.net>
	Tue, 5 Jan 2016 23:57:21 +0000 (00:57 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 5 Jan 2016 23:57:24 +0000 (00:57 +0100)