From 6a1e86d74f052c8b811e01edbca01312696ca5f3 Mon Sep 17 00:00:00 2001
From: Pieter Lexis <pieter.lexis@powerdns.com>
Date: Fri, 9 Nov 2018 20:15:56 +0100
Subject: [PATCH] auth: use domainid in additional processing lookup

---
 pdns/packethandler.cc | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index 43193b2ab3..2ad9f567af 100644
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -458,16 +458,11 @@ int PacketHandler::doAdditionalProcessingAndDropAA(DNSPacket *p, DNSPacket *r, c
       else
         continue;
 
-      B.lookup(QType(d_doIPv6AdditionalProcessing ? QType::ANY : QType::A), lookup, p);
+      B.lookup(QType(d_doIPv6AdditionalProcessing ? QType::ANY : QType::A), lookup, p, sd.domain_id);
 
       while(B.get(rr)) {
         if(rr.dr.d_type != QType::A && rr.dr.d_type!=QType::AAAA)
           continue;
-        if(rr.domain_id!=i->domain_id || !rr.dr.d_name.isPartOf(soadata.qname)) {
-          // FIXME we might still pass on the record if it is occluded and the
-          // backend does not report a different ID
-          continue; // not adding out-of-zone additional data
-        }
         rr.dr.d_place=DNSResourceRecord::ADDITIONAL;
         toAdd.push_back(rr);
       }
-- 
2.47.2