rec: a single NSEC3 record covering everything is a special case

author Otto Moerbeek <otto.moerbeek@open-xchange.com>

Wed, 29 Nov 2023 15:47:01 +0000 (16:47 +0100)

committer Otto Moerbeek <otto.moerbeek@open-xchange.com>

Fri, 1 Dec 2023 09:05:09 +0000 (10:05 +0100)
author Otto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 29 Nov 2023 15:47:01 +0000 (16:47 +0100)
committer Otto Moerbeek <otto.moerbeek@open-xchange.com>
Fri, 1 Dec 2023 09:05:09 +0000 (10:05 +0100)
diff --git a/pdns/recursordist/aggressive_nsec.cc b/pdns/recursordist/aggressive_nsec.cc

index b419f5ef2548810c54f22800341cfc83196ab490..08dea324a1eee6a3a60aad4216abe75060d03a01 100644 (file)
--- a/pdns/recursordist/aggressive_nsec.cc
+++ b/pdns/recursordist/aggressive_nsec.cc
@@ -261,6 +261,10 @@ static bool commonPrefixIsLong(const string& one, const string& two, size_t boun
  bool AggressiveNSECCache::isSmallCoveringNSEC3(const DNSName& owner, const std::string& nextHash)
  {
    std::string ownerHash(fromBase32Hex(owner.getRawLabel(0)));
+  // Special case: empty zone, so the single NSEC3 covers everything. Prefix is long but we still want it cached.
+  if (ownerHash == nextHash) {
+    return false;
+  }
    return commonPrefixIsLong(ownerHash, nextHash, AggressiveNSECCache::s_maxNSEC3CommonPrefix);
  }
author	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Wed, 29 Nov 2023 15:47:01 +0000 (16:47 +0100)
committer	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Fri, 1 Dec 2023 09:05:09 +0000 (10:05 +0100)