From: bert hubert <bert.hubert@powerdns.com>
Date: Fri, 12 May 2017 10:34:44 +0000 (+0200)
Subject: when (re)priming the root, we do so with auth=0. We'll only set auth=1 after we have... 
X-Git-Tag: rec-4.1.0-alpha1~128^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0d032a66afe508cc86a25eef26fc9be0867a117e;p=thirdparty%2Fpdns.git

when (re)priming the root, we do so with auth=0. We'll only set auth=1 after we have an answer from the roots. This however opens up a small race condition in which the root is expired (ttl=0), but still auth=1 in the cache. Our attempt to replace it with auth=0 dta fails at that point. This is probably due to some fencepost error somewhere. To not be subtle about this, explicitly nuke the root when we reprime.
---

diff --git a/pdns/reczones.cc b/pdns/reczones.cc
index 5a97903bea..845155b775 100644
--- a/pdns/reczones.cc
+++ b/pdns/reczones.cc
@@ -93,6 +93,7 @@ void primeHints(void)
       }
     }
   }
+  t_RC->doWipeCache(g_rootdnsname, false, QType::NS);
   t_RC->replace(time(0), g_rootdnsname, QType(QType::NS), nsset, vector<std::shared_ptr<RRSIGRecordContent>>(), false); // and stuff in the cache
 }