Fix to 57f0489f38

When choosing a server to send a DS query to take account of the need for DS records for a domain to come from the parent of that domain.
2025-12-19 10:18:25 +00:00 · 2025-06-24 22:29:58 +01:00
parent ec8f3e65c1
commit 57e582492b
4 changed files with 23 additions and 11 deletions
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1248,7 +1248,7 @@ unsigned int extract_request(struct dns_header *header, size_t qlen, char *name,
  /* Make the behaviour for DS and DNSKEY queries we forward the same
     as for DS and DNSKEY queries we originate. */
  if (option_bool(OPT_DNSSEC_VALID) && (qtype == T_DS || qtype == T_DNSKEY))
-    return F_DNSSECOK;
+    return F_DNSSECOK | (qtype == T_DS ? F_DS : 0);
 #endif
  
  return F_QUERY;