with process-no-validate. This can be caused by us receiving queries for
special names ('localhost', 'version.bind') which we explicitly mark as
Insecure. This led our statistics to conclude a validation attempt had taken place.
This commit puts the update check behind 'shouldValidate()'.
int res=doResolve(qname, qtype, ret, 0, beenthere, state);
d_queryValidationState = state;
- if (d_queryValidationState != Indeterminate) {
- g_stats.dnssecValidations++;
- }
if (shouldValidate()) {
+ if (d_queryValidationState != Indeterminate) {
+ g_stats.dnssecValidations++;
+ }
increaseDNSSECStateCounter(d_queryValidationState);
}