From 2ed162ac204f3609fe4d9f9a0430baeaa352d88f Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 28 Apr 2015 21:26:35 +0100
Subject: [PATCH] Don't remove RRSIG RR from answers to ANY queries when the do
 bit is not set.

---
 src/rfc1035.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/rfc1035.c b/src/rfc1035.c
index 32df31a..5828055 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1608,6 +1608,11 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
       GETSHORT(qtype, p); 
       GETSHORT(qclass, p);
 
+      /* Don't filter RRSIGS from answers to ANY queries, even if do-bit
+	 not set. */
+      if (qtype == T_ANY)
+	*do_bit = 1;
+
       ans = 0; /* have we answered this question */
       
       if (qtype == T_TXT || qtype == T_ANY)
-- 
2.47.3