diff --git a/bin/named/sortlist.c b/bin/named/sortlist.c
index d82f01c1a4..1edc86ec92 100644
--- a/bin/named/sortlist.c
+++ b/bin/named/sortlist.c
@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: sortlist.c,v 1.6 2001/10/30 06:41:58 marka Exp $ */
+/* $Id: sortlist.c,v 1.7 2001/10/30 19:45:33 gson Exp $ */
 
 #include <config.h>
 
@@ -42,51 +42,49 @@ ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, void **argp) {
 		 * in the sortlist (see ARM).
 		 */
 		dns_aclelement_t *e = &acl->elements[i];
-		dns_aclelement_t *matchelt = NULL;
-		dns_acl_t *inner;
+		dns_aclelement_t *try_elt;
+		dns_aclelement_t *order_elt = NULL;
+		dns_aclelement_t *matched_elt = NULL;
 
-		if (e->type == dns_aclelementtype_ipprefix) {
-			if (dns_aclelement_match(clientaddr, NULL, e,
-						 &ns_g_server->aclenv,
-						 &matchelt)) {
-				INSIST(matchelt != NULL);
-				*argp = matchelt;
-				return (NS_SORTLISTTYPE_1ELEMENT);
-			}
-			continue;
+		if (e->type == dns_aclelementtype_nestedacl) {
+			dns_acl_t *inner = e->u.nestedacl;
+
+			if (inner->length < 1 || inner->length > 2)
+				goto dont_sort;
+			if (inner->elements[0].negative)
+				goto dont_sort;
+			try_elt = &inner->elements[0];
+			if (inner->length == 2)
+				order_elt = &inner->elements[1];
+		} else {
+			/*
+			 * BIND 8 allows bare elements at the top level
+			 * as an undocumented feature.
+			 */
+			try_elt = e;
 		}
 
-		if (e->type != dns_aclelementtype_nestedacl)
-			goto dont_sort;
-
-		inner = e->u.nestedacl;
-
-		if (inner->length < 1 || inner->length > 2)
-			goto dont_sort;
-
-		if (inner->elements[0].negative)
-			goto dont_sort;
-
-		if (dns_aclelement_match(clientaddr, NULL,
-					 &inner->elements[0],
+		if (dns_aclelement_match(clientaddr, NULL, try_elt,
 					 &ns_g_server->aclenv,
-					 &matchelt)) {
-			if (inner->length == 2) {
-				dns_aclelement_t *elt1 = &inner->elements[1];
-				if (elt1->type == dns_aclelementtype_nestedacl)
-					*argp = elt1->u.nestedacl;
-				else if (elt1->type == dns_aclelementtype_localhost &&
+					 &matched_elt)) {
+			if (order_elt != NULL) {
+				if (order_elt->type ==
+				    dns_aclelementtype_nestedacl)
+					*argp = order_elt->u.nestedacl;
+				else if (order_elt->type ==
+					 dns_aclelementtype_localhost &&
 					 ns_g_server->aclenv.localhost != NULL)
 					*argp = ns_g_server->aclenv.localhost;
-				else if (elt1->type == dns_aclelementtype_localnets &&
+				else if (order_elt->type ==
+					 dns_aclelementtype_localnets &&
 					 ns_g_server->aclenv.localnets != NULL)
 					*argp = ns_g_server->aclenv.localnets;
 				else
 					goto dont_sort;
 				return (NS_SORTLISTTYPE_2ELEMENT);
 			} else {
-				INSIST(matchelt != NULL);
-				*argp = matchelt;
+				INSIST(matched_elt != NULL);
+				*argp = matched_elt;
 				return (NS_SORTLISTTYPE_1ELEMENT);
 			}
 		}