Do not follow CNAMEs when hunting for DS records

This fixes the CNAME at apex bogus

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index 8c44f8102454e5ce7212b7b2b7a1e09192ef43b1..aa6e64c8ab965d7ab1bd51962a3fe6be33c124c1 100644 (file)
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -443,7 +443,7 @@ int SyncRes::doResolve(const DNSName &qname, const QType &qtype, vector<DNSRecor
       }
     }
 
-    if(doCNAMECacheCheck(qname,qtype,ret,depth,res)) // will reroute us if needed
+    if(qtype != QType::DS && doCNAMECacheCheck(qname,qtype,ret,depth,res)) // will reroute us if needed
       return res;
 
     if(doCacheCheck(qname,qtype,ret,depth,res)) // we done