From 5df876e96879d49a7dfa19fdca05c22aae767ff5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
Date: Tue, 6 May 2025 09:14:18 +0200
Subject: [PATCH] Revert "Use a binary search to find the NSEC3 closest
 encloser"

This reverts commit ae718fab5366465a4c928e4d8d89717431f78547.
---
 lib/ns/query.c | 27 +++++++++------------------
 1 file changed, 9 insertions(+), 18 deletions(-)

diff --git a/lib/ns/query.c b/lib/ns/query.c
index 746d3b6268..662ae1df32 100644
--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@@ -11367,33 +11367,24 @@ again:
 		 * No NSEC proof available, return NSEC3 proofs instead.
 		 */
 		cname = dns_fixedname_initname(&cfixed);
-
 		/*
-		 * Find the closest encloser using a binary search.
-		 * maxlabels: suffix length of NXDOMAIN result
-		 * minlabels: suffix length of non NXDOMAIN result
+		 * Find the closest encloser.
 		 */
-		unsigned int maxlabels = dns_name_countlabels(name);
-		unsigned int minlabels = dns_name_countlabels(fname);
-		bool search = result == DNS_R_NXDOMAIN;
 		dns_name_copy(name, cname);
-		while (search) {
-			labels = (maxlabels + minlabels) / 2;
-			dns_name_split(name, labels, NULL, cname);
-			if (labels == minlabels) {
-				break;
+		while (result == DNS_R_NXDOMAIN) {
+			labels = dns_name_countlabels(cname) - 1;
+			/*
+			 * Sanity check.
+			 */
+			if (labels == 0U) {
+				goto cleanup;
 			}
+			dns_name_split(cname, labels, NULL, cname);
 			result = dns_db_findext(qctx->db, cname, qctx->version,
 						dns_rdatatype_nsec, options, 0,
 						NULL, fname, &cm, &ci, NULL,
 						NULL);
-			if (result == DNS_R_NXDOMAIN) {
-				maxlabels = labels;
-			} else {
-				minlabels = labels;
-			}
 		}
-
 		/*
 		 * Add closest (provable) encloser NSEC3.
 		 */