Inherit dnssec-policy in check for inline-signing

When dnssec-policy is used, and the zone is not dynamic, BIND will
assume that the zone is inline-signed. But the function responsible
for this did not inherit the dnssec-policy option from the view or
options level, and thus never enabled inline-signing, while the zone
should have been.

This is fixed by this commit.

bin/named/zoneconf.c

@@ -2132,6 +2132,7 @@ named_zone_inlinesigning(dns_zone_t *zone, const cfg_obj_t *zconfig,
 	const cfg_obj_t *updatepolicy = NULL;
 	bool zone_is_dynamic = false;
 	bool inline_signing = false;
+	bool dnssec_policy = false;
 
 	(void)cfg_map_get(config, "options", &options);
 
@@ -2183,16 +2184,23 @@ named_zone_inlinesigning(dns_zone_t *zone, const cfg_obj_t *zconfig,
 	 * inline-signing.
 	 */
 	signing = NULL;
-	if (!inline_signing && !zone_is_dynamic &&
-	    cfg_map_get(zoptions, "dnssec-policy", &signing) == ISC_R_SUCCESS &&
-	    signing != NULL)
-	{
-		if (strcmp(cfg_obj_asstring(signing), "none") != 0) {
-			inline_signing = true;
-			dns_zone_log(zone, ISC_LOG_DEBUG(1),
-				     "inline-signing: "
-				     "implicitly through dnssec-policy");
-		}
+	res = cfg_map_get(zoptions, "dnssec-policy", &signing);
+	if (res != ISC_R_SUCCESS && voptions != NULL) {
+		res = cfg_map_get(voptions, "dnssec-policy", &signing);
+	}
+	if (res != ISC_R_SUCCESS && options != NULL) {
+		res = cfg_map_get(options, "dnssec-policy", &signing);
+	}
+	if (res == ISC_R_SUCCESS) {
+		dnssec_policy = (strcmp(cfg_obj_asstring(signing), "none") !=
+				 0);
+	}
+
+	if (!inline_signing && !zone_is_dynamic && dnssec_policy) {
+		inline_signing = true;
+		dns_zone_log(zone, ISC_LOG_DEBUG(1),
+			     "inline-signing: "
+			     "implicitly through dnssec-policy");
 	}
 
 	return (inline_signing);