From 84445dec2694aac5ecc20629d9c7a3738411ed0a Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 7 Jul 2025 17:16:32 +0100
Subject: [PATCH] Fix server selection for DS queries.

This was mainly done in 57e582492b90cdc4c03c6b98f6d71dec684847f5
This commit extends the new behaviour to cases where DNSSEC
validation is not compiled-in or not enabled.
---
 src/rfc1035.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/rfc1035.c b/src/rfc1035.c
index 7f175ab..7eb3b0d 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1245,12 +1245,10 @@ unsigned int extract_request(struct dns_header *header, size_t qlen, char *name,
 	return  F_IPV4 | F_IPV6;
     }
 
-#ifdef HAVE_DNSSEC
   /* Make the behaviour for DS and DNSKEY queries we forward the same
      as for DS and DNSKEY queries we originate. */
-  if (option_bool(OPT_DNSSEC_VALID) && (qtype == T_DS || qtype == T_DNSKEY))
+  if (qtype == T_DS || qtype == T_DNSKEY)
     return F_DNSSECOK | (qtype == T_DS ? F_DS : 0);
-#endif
   
   return F_QUERY;
 }