From c19b6c97ce86596b2daa19561dba2addbf4e1f3d Mon Sep 17 00:00:00 2001
From: Dirk Wetter <dirk@testssl.sh>
Date: Wed, 18 Oct 2017 14:16:27 +0200
Subject: [PATCH] Revert "Make CAA record lookups resolve the entire DNS tree
 (Fixes #862)"

---
 testssl.sh | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index ecfb3b7..6078374 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -5984,7 +5984,6 @@ certificate_info() {
      local days2warn2=$DAYS2WARN2
      local days2warn1=$DAYS2WARN1
      local provides_stapling=false
-     local caa_node=""
 
      if [[ $number_of_certificates -gt 1 ]]; then
           [[ $certificate_number -eq 1 ]] && outln
@@ -6568,14 +6567,7 @@ certificate_info() {
      must_staple "$json_prefix" "$provides_stapling"
 
      out "$indent"; pr_bold " DNS CAA RR"; out " (experimental)    "
-
-     caa_node="$NODE"
-     caa=""
-     while ( [[ -z "$caa" ]] && [[ ! -z "$caa_node" ]] ); do
-          caa="$(get_caa_rr_record $caa_node)"
-          caa_node="$(echo "$caa_node."|cut -f 2- -d '.'|sed 's/\.$//')"
-     done
-
+     caa="$(get_caa_rr_record $NODE)"
      if [[ -n "$caa" ]]; then
           pr_done_good "OK"; out " (" ; pr_italic "$caa"; out ")"
           fileout "${json_prefix}CAA_record" "OK" "DNS Certification Authority Authorization (CAA) Resource Record / RFC6844 : \"$caa\" "