Only set Authentic Data bit if client requested DNSSEC, per RFC 3655 [RT #17175]

author Evan Hunt <each@isc.org>

Wed, 26 Sep 2007 03:08:14 +0000 (03:08 +0000)

committer Evan Hunt <each@isc.org>

Wed, 26 Sep 2007 03:08:14 +0000 (03:08 +0000)
author Evan Hunt <each@isc.org>
Wed, 26 Sep 2007 03:08:14 +0000 (03:08 +0000)
committer Evan Hunt <each@isc.org>
Wed, 26 Sep 2007 03:08:14 +0000 (03:08 +0000)
diff --git a/CHANGES b/CHANGES

index c119dd1d4a897d033ad99423e74f9c8c59c96811..62626fb917748f00f873a6a566b195d27f2043a3 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,8 @@
         --- 9.4.2rc1 released ---
  
+2249.   [bug]           Only set Authentic Data bit if client requested
+                        DNSSEC, per RFC 3655 [RT #17175]
+
  2238.  [bug]           It was possible to trigger a REQUIRE when a
                         validation was cancelled. [RT #17106]
  
diff --git a/bin/named/query.c b/bin/named/query.c

index 1cf6451d35b0b7bd1f12c63ab92bdcb78ab498fc..38eb9a13c15bac70d771fb8a8780d9c7f53f273b 100644 (file)
--- a/bin/named/query.c
+++ b/bin/named/query.c
@@ -15,7 +15,7 @@
   * PERFORMANCE OF THIS SOFTWARE.
   */
  
-/* $Id: query.c,v 1.257.18.39 2007/08/28 07:20:01 tbox Exp $ */
+/* $Id: query.c,v 1.257.18.40 2007/09/26 03:08:14 each Exp $ */
  
  /*! \file */
  
@@ -4594,7 +4594,7 @@ ns_query_start(ns_client_t *client) {
          * Set AD.  We must clear it if we add non-validated data to a
          * response.
          */
-       if (client->view->enablednssec)
+       if (WANTDNSSEC(client))
                 message->flags |= DNS_MESSAGEFLAG_AD;
  
         qclient = NULL;
author	Evan Hunt <each@isc.org>
	Wed, 26 Sep 2007 03:08:14 +0000 (03:08 +0000)
committer	Evan Hunt <each@isc.org>
	Wed, 26 Sep 2007 03:08:14 +0000 (03:08 +0000)
CHANGES		patch \| blob \| blame \| history
bin/named/query.c		patch \| blob \| blame \| history