Index: nselib/dns.lua
===================================================================
--- nselib/dns.lua	(revision 22590)
+++ nselib/dns.lua	(working copy)
@@ -239,114 +239,6 @@
 -- * <code>dtype</code>: Desired DNS record type (default: <code>"A"</code>).
 -- * <code>host</code>: DNS server to be queried (default: DNS servers known to Nmap).
 -- * <code>port</code>: Port of DNS server to connect to (default: <code>53</code>).
--- * <code>tries</code>: How often should <code>dnssec_query</code> try to contact another server (for non-recursive queries).
--- * <code>retAll</code>: Return all answers, not just the first.
--- * <code>retPkt</code>: Return the packet instead of using the answer-fetching mechanism.
--- * <code>norecurse</code> If true, do not set the recursion (RD) flag.
--- * <code>retDnssec</code> if true then the value of pkt.DNSSEC is returned as a third return value
--- @return True if a dns response was received and contained an answer of the requested type,
---  or the decoded dns response was requested (retPkt) and is being returned - or False otherwise.
--- @return String answer of the requested type, Table of answers or a String error message of one of the following:
---  "No Such Name", "No Servers", "No Answers", "Unable to handle response"
-function dnssec_query(dname, options)
---This should reall either be joined with or utilise the function below
-
-   if not options then options = {} end
-
-   local dtype, host, port, tries = options.dtype, options.host, options.port, options.tries
-
-   if not tries then tries = 10 end -- don't get into an infinite loop
-
-   if not options.sendCount then options.sendCount = 2 end
-
-   if type( options.timeout ) ~= "number" then options.timeout = get_default_timeout() end
-
-   if type(dtype) == "string" then
-      dtype = types[dtype]
-   end
-   if not dtype then dtype = types.A end
-
-   local srv
-   local srvI = 1
-   if not port then port = 53 end
-   if not host then
-      srv = get_servers()
-      if srv and srv[1] then
-         host = srv[1]
-      else
-         return false, "No Servers"
-      end
-   elseif type(host) == "table" then
-      srv = host
-      host = srv[1]
-   end
-   local pkt = newPacket()
-   addQuestion(pkt, dname, dtype)
-   if options.norecurse then pkt.flags.RD = false end
-
-   addEdns(pkt, true)
-
-   local data = encode(pkt)
-
-   local status, response = sendPackets(data, host, port, options.timeout, options.sendCount)
-
-   -- if working with know nameservers, try the others
-   while((not status) and srv and srvI < #srv) do
-      srvI = srvI + 1
-      host = srv[srvI]
-      status, response = sendPackets(data, host, port, options.timeout, options.sendCount)
-   end
-
-
-   -- if we got any response:
-   if status then
-      response = response[1].data
-      local rPkt = decode(response)
-      -- is it a real answer?
-      if gotAnswer(rPkt)  then
-         if (options.retPkt) then
-            return rPkt.dnssec,true, rPkt
-         else
-            return rPkt.dnssec,findNiceAnswer(dtype, rPkt, options.retAll)
-         end
-      else -- if not, ask the next server in authority
-
-         local next_server = getAuthDns(rPkt)
-
-         -- if we got a CNAME, ask for the CNAME
-         if type(next_server) == 'table' and next_server.cname then
-            options.tries = tries - 1
-            return rPkt.dnssec,dnssec_query(next_server.cname, options)
-         end
-
-         -- only ask next server in authority, if 
-         -- we got an auth dns and
-         -- it isn't the one we just asked
-         if next_server and next_server ~= host and tries > 1 then
-            options.host = next_server
-            options.tries = tries - 1
-            -- return rPkt.dnssec,dnssec_query(dname, options)
-            return rPkt.dnssec, false, "No Answers"
-         end
-      end
-
-      -- nothing worked
-      stdnse.print_debug(1, "dns.dnssec_query() failed to resolve the requested dnssec_query%s%s", dname and ": " or ".", dname or "")
-      return rPkt.dnssec,false, "No Answers"
-   else
-      stdnse.print_debug(1, "dns.dnssec_query() got zero responses attempting to resolve dnssec_query%s%s", dname and ": " or ".", dname or "")
-      return false, false, "No Answers"
-   end
-end
-
-
----
--- Query DNS servers for a DNS record.
--- @param dname Desired domain name entry.
--- @param options A table containing any of the following fields:
--- * <code>dtype</code>: Desired DNS record type (default: <code>"A"</code>).
--- * <code>host</code>: DNS server to be queried (default: DNS servers known to Nmap).
--- * <code>port</code>: Port of DNS server to connect to (default: <code>53</code>).
 -- * <code>tries</code>: How often should <code>query</code> try to contact another server (for non-recursive queries).
 -- * <code>retAll</code>: Return all answers, not just the first.
 -- * <code>retPkt</code>: Return the packet instead of using the answer-fetching mechanism.
@@ -364,6 +256,8 @@
    if not options.tries then options.tries = 10 end -- don't get into an infinite loop
 
    if not options.sendCount then options.sendCount = 2 end
+
+   if not options.dnssec then options.dnssec = false end
    
    if type( options.timeout ) ~= "number" then options.timeout = get_default_timeout() end
 
@@ -391,8 +285,9 @@
    addQuestion(pkt, dname, dtype)
    if options.norecurse then pkt.flags.RD = false end
 
+   if options.dnssec then addEdns(pkt,true) end
    local data = encode(pkt)
-
+   
    local status, response = sendPackets(data, host, port, options.timeout, options.sendCount, options.multiple)