From 391a3a2f202a374e20f394b92116f129dcbb99a1 Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Fri, 25 Aug 2017 13:31:53 -0700
Subject: [PATCH] [master] turn on minimal responses for CDS/CDNSKEY

4678.	[cleanup]	Turn on minimal responses for CDNSKEY and CDS in
			addition to DNSKEY and DS. Thanks to Tony Finch.
			[RT #45690]
---
 CHANGES           | 4 ++++
 bin/named/query.c | 7 +++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index d927bb1b6d..7f201416d8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+4678.	[cleanup]	Turn on minimal responses for CDNSKEY and CDS in
+			addition to DNSKEY and DS. Thanks to Tony Finch.
+			[RT #45690]
+
 4688.	[protocol]	Check and display EDNS KEY TAG options (RFC 8145) in
 			messages. [RT #44804]
 
diff --git a/bin/named/query.c b/bin/named/query.c
index b55b21b13a..5b2b7a8f09 100644
--- a/bin/named/query.c
+++ b/bin/named/query.c
@@ -9513,11 +9513,14 @@ ns_query_start(ns_client_t *client) {
 	}
 
 	/*
-	 * Turn on minimal response for DNSKEY and DS queries.
+	 * Turn on minimal response for (C)DNSKEY and (C)DS queries.
 	 */
-	if (qtype == dns_rdatatype_dnskey || qtype == dns_rdatatype_ds)
+	if (qtype == dns_rdatatype_dnskey || qtype == dns_rdatatype_ds ||
+	    qtype == dns_rdatatype_cdnskey || qtype == dns_rdatatype_cds)
+	{
 		client->query.attributes |= (NS_QUERYATTR_NOAUTHORITY |
 					     NS_QUERYATTR_NOADDITIONAL);
+	}
 
 	/*
 	 * Maybe turn on minimal responses for ANY queries.