Add DNS debug aid if we requested AD but got AA

If the resolver we ask is authoritive (AA) for some domain,
we never ever get the AD (authentic data) bit in the answer.

diff --git a/src/src/host.c b/src/src/host.c
index 19b5805b9a074b410f71ee72df6c9ec93628e93d..3c685b0e4686c26e18bdae3ec3ff3f9356cf07b4 100644 (file)
--- a/src/src/host.c
+++ b/src/src/host.c
@@ -2305,7 +2305,7 @@ for (; i >= 0; i--)
     if ((dnssec_request || dnssec_require)
        & !dns_is_secure(&dnsa)
        & dns_is_aa(&dnsa))
-      debug_printf("DNS lookup of %.256s (A/AAA/A6) asked for AD, but got AA\n", host->name);
+      debug_printf("DNS lookup of %.256s (A/AAA/A6) requested AD, but got AA\n", host->name);
 
   /* We want to return HOST_FIND_AGAIN if one of the A, A6, or AAAA lookups
   fails or times out, but not if another one succeeds. (In the early
@@ -2628,7 +2628,7 @@ if (rc != DNS_SUCCEED && (whichrrs & HOST_FIND_BY_MX) != 0)
     if ((dnssec_request || dnssec_require)
        & !dns_is_secure(&dnsa)
        & dns_is_aa(&dnsa))
-      debug_printf("DNS lookup of %.256s (MX) asked for AD, but got AA\n", host->name);
+      debug_printf("DNS lookup of %.256s (MX) requested AD, but got AA\n", host->name);
 
   if (dnssec_request)
     {