From 2e812c1dad147d90ebc60604c76d323e0301a15b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org>
Date: Wed, 17 Feb 2016 19:34:33 +0100
Subject: [PATCH] Fix 'bogus proof of DS non-existence' for non-existant DS
 records in the cache

---
 lib/layer/rrcache.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/layer/rrcache.c b/lib/layer/rrcache.c
index d254d9afc..8c33b4f84 100644
--- a/lib/layer/rrcache.c
+++ b/lib/layer/rrcache.c
@@ -183,8 +183,9 @@ static int commit_rr(const char *key, void *val, void *data)
 	if (rr->type != KNOT_RRTYPE_NS || (rank & KR_RANK_AUTH)) {
 	 	if (baton->qry->flags & QUERY_DNSSEC_WANT)
 			rank |= KR_RANK_SECURE;
-		if (baton->qry->flags & QUERY_DNSSEC_INSECURE)
-			rank |= KR_RANK_INSECURE;
+	}
+	if (baton->qry->flags & QUERY_DNSSEC_INSECURE) {
+		rank |= KR_RANK_INSECURE;
 	}
 	if (KEY_COVERING_RRSIG(key)) {
 		return commit_rrsig(baton, rank, rr);
-- 
GitLab