From: Ondřej Surý <ondrej@isc.org>
Date: Sun, 2 Feb 2025 10:44:00 +0000 (+0100)
Subject: In cache, set rdataset TTL to 0 when the header is not active
X-Git-Tag: v9.21.5~9^2~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1bbb57f81b50bb594327428938a129a51d8ca493;p=thirdparty%2Fbind9.git

In cache, set rdataset TTL to 0 when the header is not active

When the header has been marked as ANCIENT, but the ttl hasn't been
reset (this happens in couple of places), the rdataset TTL would be
set to the header timestamp instead to a reasonable TTL value.

Since this header has been already expired (ANCIENT is set), set the
rdataset TTL to 0 and don't reuse this field to print the expiration
time when dumping the cache.  Instead of printing the time, we now
just print 'expired (awaiting cleanup'.
---

diff --git a/bin/tests/system/serve-stale/tests.sh b/bin/tests/system/serve-stale/tests.sh
index dc5e7d9d9f1..6dc3c20308a 100755
--- a/bin/tests/system/serve-stale/tests.sh
+++ b/bin/tests/system/serve-stale/tests.sh
@@ -1649,7 +1649,7 @@ if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 # Check that expired records are not dumped.
 ret=0
-grep "; expired since .* (awaiting cleanup)" ns5/named_dump.db.test$n && ret=1
+grep "; expired (awaiting cleanup)" ns5/named_dump.db.test$n && ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
@@ -1665,13 +1665,13 @@ status=$((status + ret))
 echo_i "check rndc dump expired data.example ($n)"
 ret=0
 awk '/; expired/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n \
-  | grep "; expired since .* (awaiting cleanup) data\.example\..*A text record with a 2 second ttl" >/dev/null 2>&1 || ret=1
+  | grep "; expired (awaiting cleanup) data\.example\..*A text record with a 2 second ttl" >/dev/null 2>&1 || ret=1
 awk '/; expired/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n \
-  | grep "; expired since .* (awaiting cleanup) nodata\.example\." >/dev/null 2>&1 || ret=1
+  | grep "; expired (awaiting cleanup) nodata\.example\." >/dev/null 2>&1 || ret=1
 awk '/; expired/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n \
-  | grep "; expired since .* (awaiting cleanup) nxdomain\.example\." >/dev/null 2>&1 || ret=1
+  | grep "; expired (awaiting cleanup) nxdomain\.example\." >/dev/null 2>&1 || ret=1
 awk '/; expired/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n \
-  | grep "; expired since .* (awaiting cleanup) othertype\.example\." >/dev/null 2>&1 || ret=1
+  | grep "; expired (awaiting cleanup) othertype\.example\." >/dev/null 2>&1 || ret=1
 # Also make sure the not expired data does not have an expired comment.
 awk '/; authanswer/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n \
   | grep "; authanswer longttl\.example.*A text record with a 600 second ttl" >/dev/null 2>&1 || ret=1
diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c
index fa892c148ab..89ae4154b1e 100644
--- a/lib/dns/masterdump.c
+++ b/lib/dns/masterdump.c
@@ -1162,15 +1162,7 @@ again:
 			if (STALE(rds)) {
 				fprintf(f, "; stale\n");
 			} else if (ANCIENT(rds)) {
-				isc_buffer_t b;
-				char buf[sizeof("YYYYMMDDHHMMSS")];
-				memset(buf, 0, sizeof(buf));
-				isc_buffer_init(&b, buf, sizeof(buf) - 1);
-				dns_time64_totext((uint64_t)rds->ttl, &b);
-				fprintf(f,
-					"; expired since %s "
-					"(awaiting cleanup)\n",
-					buf);
+				fprintf(f, "; expired (awaiting cleanup)\n");
 			}
 			result = dump_rdataset(mctx, name, rds, ctx, buffer, f);
 			if (result != ISC_R_SUCCESS) {
diff --git a/lib/dns/qpcache.c b/lib/dns/qpcache.c
index ab8f22add26..566490bc710 100644
--- a/lib/dns/qpcache.c
+++ b/lib/dns/qpcache.c
@@ -1102,7 +1102,7 @@ bindrdataset(qpcache_t *qpdb, qpcnode_t *node, dns_slabheader_t *header,
 		rdataset->attributes |= DNS_RDATASETATTR_STALE;
 	} else if (!ACTIVE(header, now)) {
 		rdataset->attributes |= DNS_RDATASETATTR_ANCIENT;
-		rdataset->ttl = header->ttl;
+		rdataset->ttl = 0;
 	}
 
 	rdataset->count = atomic_fetch_add_relaxed(&header->count, 1);