Add NSEC for opt-out names

When switching from NSEC3 opt-out to NSEC, add NSEC records if we saw an
RR. This corrects a mistake in style cleanups done in commit
308ab1b4a5c5239860ca06c64b0def9b98ae4b17.

(cherry picked from commit 6f285bff6a5f79574529848082c2e7acc08ba1f0)

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 605dfbd21db75c9ad8b293f07df2ce8f17d25b5a..e9c630862f659fca8c65f1196989efaa592801c8 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -8893,7 +8893,8 @@ zone_nsec3chain(dns_zone_t *zone) {
                                seen_nsec = true;
                        } else if (rdataset.type == dns_rdatatype_nsec3) {
                                seen_nsec3 = true;
-                       } else if (rdataset.type != dns_rdatatype_rrsig) {
+                       }
+                       if (rdataset.type != dns_rdatatype_rrsig) {
                                seen_rr = true;
                        }
                        dns_rdataset_disassociate(&rdataset);