refer to the DO bit of incoming query to decide whether to include DNSSEC RRs

now that we support EDNS. git-svn-id: svn://bind10.isc.org/svn/bind10/trunk@1092 e5f2f494-b856-4b98-b285-d166d9295462
2025-09-03 23:45:27 +00:00 · 2010-03-03 20:09:21 +00:00
parent e325992688
commit 723715b99b
2 changed files with 1 additions and 5 deletions
--- a/src/bin/auth/auth_srv.cc
+++ b/src/bin/auth/auth_srv.cc
@@ -116,7 +116,7 @@ AuthSrv::processMessage()
        msg.setUDPSize(sizeof(recvbuf));

        // do the DataSource call here
-        data_src.doQuery(Query(msg, false));
+        data_src.doQuery(Query(msg, dnssec_ok));

        OutputBuffer obuffer(remote_bufsize);
        MessageRenderer renderer(obuffer);
--- a/src/lib/auth/cpp/data_source.cc
+++ b/src/lib/auth/cpp/data_source.cc
@@ -332,10 +332,6 @@ DataSrc::doQuery(Query q) {
    Message& m = q.message();
    vector<RRsetPtr> additional;

-    // XXX: this is for testing purposes; it should be done when 
-    // parsing the message for EDNS0 options
-    q.setWantDnssec(true);
-
    m.clearHeaderFlag(MessageFlag::AA());
    while (!q.tasks().empty()) {
        RRsetList data;