refer to the DO bit of incoming query to decide whether to include DNSSEC RRs

now that we support EDNS.


git-svn-id: svn://bind10.isc.org/svn/bind10/trunk@1092 e5f2f494-b856-4b98-b285-d166d9295462

src/bin/auth/auth_srv.cc

@@ -116,7 +116,7 @@ AuthSrv::processMessage()
         msg.setUDPSize(sizeof(recvbuf));
 
         // do the DataSource call here
-        data_src.doQuery(Query(msg, false));
+        data_src.doQuery(Query(msg, dnssec_ok));
 
         OutputBuffer obuffer(remote_bufsize);
         MessageRenderer renderer(obuffer);

src/lib/auth/cpp/data_source.cc

@@ -332,10 +332,6 @@ DataSrc::doQuery(Query q) {
     Message& m = q.message();
     vector<RRsetPtr> additional;
 
-    // XXX: this is for testing purposes; it should be done when 
-    // parsing the message for EDNS0 options
-    q.setWantDnssec(true);
-
     m.clearHeaderFlag(MessageFlag::AA());
     while (!q.tasks().empty()) {
         RRsetList data;