summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/network.c14
1 files changed, 5 insertions, 9 deletions
diff --git a/src/network.c b/src/network.c
index c87b879..622c787 100644
--- a/src/network.c
+++ b/src/network.c
@@ -1460,13 +1460,6 @@ void check_servers(void)
for (sfd = daemon->sfds; sfd; sfd = sfd->next)
sfd->used = 0;
-#ifdef HAVE_DNSSEC
- /* Disable DNSSEC validation when using server=/domain/.... servers
- unless there's a configured trust anchor. */
- for (serv = daemon->servers; serv; serv = serv->next)
- serv->flags |= SERV_DO_DNSSEC;
-#endif
-
for (count = 0, serv = daemon->servers; serv; serv = serv->next)
{
if (!(serv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR | SERV_USE_RESOLV | SERV_NO_REBIND)))
@@ -1478,6 +1471,11 @@ void check_servers(void)
#ifdef HAVE_DNSSEC
if (option_bool(OPT_DNSSEC_VALID))
{
+ if (!(serv->flags & SERV_FOR_NODOTS))
+ serv->flags |= SERV_DO_DNSSEC;
+
+ /* Disable DNSSEC validation when using server=/domain/.... servers
+ unless there's a configured trust anchor. */
if (serv->flags & SERV_HAS_DOMAIN)
{
struct ds_config *ds;
@@ -1494,8 +1492,6 @@ void check_servers(void)
if (!ds)
serv->flags &= ~SERV_DO_DNSSEC;
}
- else if (serv->flags & SERV_FOR_NODOTS)
- serv->flags &= ~SERV_DO_DNSSEC;
}
#endif
View Lorry Controller Status