rec: a single NSEC3 record covering everything is a special case

author Otto Moerbeek <otto.moerbeek@open-xchange.com>

Wed, 29 Nov 2023 15:47:01 +0000 (16:47 +0100)

committer Otto Moerbeek <otto.moerbeek@open-xchange.com>

Mon, 26 Feb 2024 14:49:40 +0000 (15:49 +0100)
author Otto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 29 Nov 2023 15:47:01 +0000 (16:47 +0100)
committer Otto Moerbeek <otto.moerbeek@open-xchange.com>
Mon, 26 Feb 2024 14:49:40 +0000 (15:49 +0100)
diff --git a/pdns/recursordist/aggressive_nsec.cc b/pdns/recursordist/aggressive_nsec.cc

index 16ea10e0112d293fe0c2fba23ce19253a60459cb..ce2336219889ce5bff171cf3f34308f8231a461b 100644 (file)
--- a/pdns/recursordist/aggressive_nsec.cc
+++ b/pdns/recursordist/aggressive_nsec.cc
@@ -262,6 +262,10 @@ static bool commonPrefixIsLong(const string& one, const string& two, size_t boun
  bool AggressiveNSECCache::isSmallCoveringNSEC3(const DNSName& owner, const std::string& nextHash)
  {
    std::string ownerHash(fromBase32Hex(owner.getRawLabel(0)));
+  // Special case: empty zone, so the single NSEC3 covers everything. Prefix is long but we still want it cached.
+  if (ownerHash == nextHash) {
+    return false;
+  }
    return commonPrefixIsLong(ownerHash, nextHash, AggressiveNSECCache::s_maxNSEC3CommonPrefix);
  }
author	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Wed, 29 Nov 2023 15:47:01 +0000 (16:47 +0100)
committer	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Mon, 26 Feb 2024 14:49:40 +0000 (15:49 +0100)