a 1-second grace period. Reduces recursion when authoritative
servers return DNAME with TTL=0 (RFC 2308). Response
still returns TTL=0 to clients. Adds a test for it.
+ - For #1411: Fix that the lookup for DNAME uses flag. Fix assertion
+ in expired calc debug routine.
27 February 2026: Wouter
- Merge #1409: Documentation CNAME in redirect-type local-zone.
/* snip off front part of qname until the type is found */
while(qnamelen > 0) {
- if((rrset = rrset_cache_lookup(env->rrset_cache, qname,
- qnamelen, searchtype, qclass, 0, now, 0))) {
+ rrset = rrset_cache_lookup(env->rrset_cache, qname,
+ qnamelen, searchtype, qclass, 0, now, 0);
+ if(!rrset && searchtype == LDNS_RR_TYPE_DNAME)
+ /* If not found, for type DNAME, try 0TTL stored,
+ * for its grace period. */
+ rrset = rrset_cache_lookup(env->rrset_cache, qname,
+ qnamelen, searchtype, qclass,
+ PACKED_RRSET_UPSTREAM_0TTL, now, 0);
+ if(rrset) {
uint8_t* origqname = qname;
size_t origqnamelen = qnamelen;
if(!noexpiredabove)
time_t debug_expired_reply_ttl_calc(time_t ttl, time_t ttl_add) {
/* Check that we are serving expired when this is called */
/* ttl (absolute) should be later than ttl_add */
- log_assert(SERVE_EXPIRED && ttl_add <= ttl);
+ /* It is also called during the grace period for type DNAME,
+ * and then the 'SERVE_EXPIRED' boolean may not be on. */
+ log_assert(ttl_add <= ttl);
return (SERVE_EXPIRED_REPLY_TTL < (ttl) - (ttl_add) ?
SERVE_EXPIRED_REPLY_TTL : (ttl) - (ttl_add));
}
projects / thirdparty / unbound.git / commitdiff
