From: Ubuntu Date: Wed, 29 Jul 2020 15:52:58 +0000 (+0000) Subject: Disable enforcing of min/max TTL when serving original TTL X-Git-Tag: release-1.13.1rc1~7^2~1^2~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=027884aad26796d810299c1d3c32ba3814f0ff65;p=thirdparty%2Funbound.git Disable enforcing of min/max TTL when serving original TTL --- diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 5e826bbf6..8c029411a 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -1126,14 +1126,15 @@ behavior. Default is 0. .TP .B serve\-original\-ttl: \fI If enabled, unbound will always return the original TTL as received from -the upstream authoritative name server rather than the decrementing TTL as +the upstream name server rather than the decrementing TTL as stored in the cache. This feature may be useful if unbound serves as a front-end to a hidden authoritative name server. Enabling this feature does not impact cache expiry, it only changes the TTL unbound embeds in responses to -queries. Note that the returned TTL is still subject to the -configured maximum TTL as set using \fBcache\-max\-ttl\fR (defaults to -86400 seconds). If you wish to return higher original TTL values, you may -need to explicitly adjust the setting for \fBcache\-max\-ttl\fR. +queries. Note that enabling this feature implicitly disables enforcement of +the configured minimum and maximum TTL, as it is assumed users who enable this +feature do not want unbound to change the TTL obtained from an upstream server. +Thus, the values set using \fBcache\-min\-ttl\fR and \fBcache\-max\-ttl\fR are +ignored. Default is "no". .TP .B val\-nsec3\-keysize\-iterations: \fI<"list of values"> diff --git a/util/data/msgreply.c b/util/data/msgreply.c index 6fce9a732..072a69b33 100644 --- a/util/data/msgreply.c +++ b/util/data/msgreply.c @@ -199,9 +199,9 @@ rdata_copy(sldns_buffer* pkt, struct packed_rrset_data* data, uint8_t* to, if(*rr_ttl > MAX_NEG_TTL) *rr_ttl = MAX_NEG_TTL; } - if(*rr_ttl < MIN_TTL) + if(!SERVE_ORIGINAL_TTL && (*rr_ttl < MIN_TTL)) *rr_ttl = MIN_TTL; - if(*rr_ttl > MAX_TTL) + if(!SERVE_ORIGINAL_TTL && (*rr_ttl > MAX_TTL)) *rr_ttl = MAX_TTL; if(*rr_ttl < data->ttl) data->ttl = *rr_ttl;