set ANSWERSIG flag when processing ANY responses

previously, rctx_answer_any() set the ANSWER flag for all
rdatasets in the answer section; it now sets ANSWERSIG for
RRSIG/SIG rdatasets and ANSWER for everything else.  this
error didn't cause any harm in the current code, but it
could have led to unexpected behavior in the future.

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index cd44a0dbdf9dc861edcf94c7559716be4acc3217..c5658007235754f66333e49399c881229ae1e143 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -8416,7 +8416,11 @@ rctx_answer_any(respctx_t *rctx) {
 
                rctx->aname->attributes.cache = true;
                rctx->aname->attributes.answer = true;
-               rdataset->attributes.answer = true;
+               if (dns_rdatatype_issig(rdataset->type)) {
+                       rdataset->attributes.answersig = true;
+               } else {
+                       rdataset->attributes.answer = true;
+               }
                rdataset->attributes.cache = true;
                rdataset->trust = rctx->trust;
        }