resolved: count unsupported dnssec algorithm as indeterminate RRset

After all, when we don't support the algorithm we cannot determine validity.
2016-01-06 00:57:21 +01:00 · 2016-01-06 00:57:21 +01:00 · e497292aba
parent d33b6cf343
commit e497292aba
1 changed files with 2 additions and 3 deletions
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@ -2404,10 +2404,9 @@ int dns_transaction_validate_dnssec(DnsTransaction *t) {
                                if (IN_SET(result,
                                           DNSSEC_INVALID,
                                           DNSSEC_SIGNATURE_EXPIRED,
-                                           DNSSEC_NO_SIGNATURE,
-                                           DNSSEC_UNSUPPORTED_ALGORITHM))
+                                           DNSSEC_NO_SIGNATURE))
                                        t->scope->manager->n_dnssec_bogus++;
-                                else
+                                else /* DNSSEC_MISSING_KEY or DNSSEC_UNSUPPORTED_ALGORITHM */
                                        t->scope->manager->n_dnssec_indeterminate++;

                                r = dns_transaction_is_primary_response(t, rr);