dnssec: enable NSEC3 resalt event with Single-Type Signing Scheme

src/dnssec/lib/event/action/nsec3_resalt.c

@@ -38,12 +38,6 @@ static int plan(dnssec_event_ctx_t *ctx, dnssec_event_t *event)
 	assert(ctx);
 	assert(event);
 
-	// Not supported with Single-Type signing.
-	if (ctx->policy->singe_type_signing) {
-		event->type = DNSSEC_EVENT_NONE;
-		return DNSSEC_EOK;
-	}
-
 	if (!ctx->policy->nsec3_enabled || ctx->policy->nsec3_salt_length == 0) {
 		return DNSSEC_EOK;
 	}

tests-extra/tests/dnssec/single_type_signing/test.py

@@ -31,8 +31,9 @@ for zone in zones[:-1]:
     knot.dnssec(zone).enable = True
     knot.dnssec(zone).manual = True
 
-# enable automatic Single-Type signing scheme on the last zone
+# enable automatic Single-Type signing scheme with NSEC3 on the last zone
 knot.dnssec(zones[-1]).enable = True
+knot.dnssec(zones[-1]).nsec3 = True
 knot.dnssec(zones[-1]).single_type_signing = True
 
 knot.gen_confile()