Ignore DNSSECQuery OMs with unexpected context

Prior to this commit we would allow DNSSEDQuery onion messages that were sent
over blinded paths that were created for other purposes. This could be used to
correlate identities and unblind a path, so disallow this.

Author: valentinewallace

lightning/src/onion_message/messenger.rs

@@ -1956,6 +1956,10 @@ where
 				let responder = reply_path.map(Responder::new);
 				match message {
 					DNSResolverMessage::DNSSECQuery(msg) => {
+						if context.is_some() {
+							// Ignore OMs sent over unexpected contexts
+							return;
+						}
 						let response_instructions =
 							self.dns_resolver_handler.handle_dnssec_query(msg, responder);
 						if let Some((msg, instructions)) = response_instructions {