From c6c282b5deb3e6f11da8efda6ee68cbcb8397dd5 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 20 Dec 2023 16:44:14 +0100
Subject: [PATCH] resolved: actually check authenticated flag of SOA
 transaction

Fixes #25676

(cherry picked from commit 3b4cc1437b51fcc0b08da8cc3f5d1175eed25eb1)

Resolves: RHEL-6213
---
 src/resolve/resolved-dns-transaction.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
index c975215468..6f614d7493 100644
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -2520,7 +2520,7 @@ static int dns_transaction_requires_rrsig(DnsTransaction *t, DnsResourceRecord *
                         if (r == 0)
                                 continue;
 
-                        return t->answer_authenticated;
+                        return dt->answer_authenticated;
                 }
 
                 return true;
@@ -2550,7 +2550,7 @@ static int dns_transaction_requires_rrsig(DnsTransaction *t, DnsResourceRecord *
                          * RR for us. This means we are not at a zone cut. In
                          * this case, we require authentication if the SOA
                          * lookup was authenticated too. */
-                        return t->answer_authenticated;
+                        return dt->answer_authenticated;
                 }
 
                 return true;