From a2a0864414ad8bc061ac9f7030245382aee1cbea Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Fri, 25 Aug 2017 13:32:32 -0700
Subject: [PATCH] [v9_10] turn on minimal responses for CDS/CDNSKEY

4678.	[cleanup]	Turn on minimal responses for CDNSKEY and CDS in
			addition to DNSKEY and DS. Thanks to Tony Finch.
			[RT #45690]

(cherry picked from commit 391a3a2f202a374e20f394b92116f129dcbb99a1)
---
 CHANGES           | 4 ++++
 bin/named/query.c | 7 +++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 870884704d..40dc3a5233 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+4678.	[cleanup]	Turn on minimal responses for CDNSKEY and CDS in
+			addition to DNSKEY and DS. Thanks to Tony Finch.
+			[RT #45690]
+
 4688.	[protocol]	Check and display EDNS KEY TAG options (RFC 8145) in
 			messages. [RT #44804]
 
diff --git a/bin/named/query.c b/bin/named/query.c
index 85918bab44..7c82046328 100644
--- a/bin/named/query.c
+++ b/bin/named/query.c
@@ -8706,11 +8706,14 @@ ns_query_start(ns_client_t *client) {
 	}
 
 	/*
-	 * Turn on minimal response for DNSKEY and DS queries.
+	 * Turn on minimal response for (C)DNSKEY and (C)DS queries.
 	 */
-	if (qtype == dns_rdatatype_dnskey || qtype == dns_rdatatype_ds)
+	if (qtype == dns_rdatatype_dnskey || qtype == dns_rdatatype_ds ||
+	    qtype == dns_rdatatype_cdnskey || qtype == dns_rdatatype_cds)
+	{
 		client->query.attributes |= (NS_QUERYATTR_NOAUTHORITY |
 					     NS_QUERYATTR_NOADDITIONAL);
+	}
 
 	/*
 	 * Turn on minimal responses for EDNS/UDP bufsize 512 queries.