From: W.C.A. Wijngaards Date: Tue, 3 Mar 2026 16:44:31 +0000 (+0100) Subject: - For #1411: Fix that the lookup for DNAME uses flag. Fix assertion X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a296b248b0d5ab0c753a40d0595f4edb7140f2ea;p=thirdparty%2Funbound.git - For #1411: Fix that the lookup for DNAME uses flag. Fix assertion in expired calc debug routine. --- diff --git a/doc/Changelog b/doc/Changelog index 878bcab89..4d7ea4433 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -4,6 +4,8 @@ a 1-second grace period. Reduces recursion when authoritative servers return DNAME with TTL=0 (RFC 2308). Response still returns TTL=0 to clients. Adds a test for it. + - For #1411: Fix that the lookup for DNAME uses flag. Fix assertion + in expired calc debug routine. 27 February 2026: Wouter - Merge #1409: Documentation CNAME in redirect-type local-zone. diff --git a/services/cache/dns.c b/services/cache/dns.c index b2ceb012f..c593dcd72 100644 --- a/services/cache/dns.c +++ b/services/cache/dns.c @@ -232,8 +232,15 @@ find_closest_of_type(struct module_env* env, uint8_t* qname, size_t qnamelen, /* snip off front part of qname until the type is found */ while(qnamelen > 0) { - if((rrset = rrset_cache_lookup(env->rrset_cache, qname, - qnamelen, searchtype, qclass, 0, now, 0))) { + rrset = rrset_cache_lookup(env->rrset_cache, qname, + qnamelen, searchtype, qclass, 0, now, 0); + if(!rrset && searchtype == LDNS_RR_TYPE_DNAME) + /* If not found, for type DNAME, try 0TTL stored, + * for its grace period. */ + rrset = rrset_cache_lookup(env->rrset_cache, qname, + qnamelen, searchtype, qclass, + PACKED_RRSET_UPSTREAM_0TTL, now, 0); + if(rrset) { uint8_t* origqname = qname; size_t origqnamelen = qnamelen; if(!noexpiredabove) diff --git a/util/data/msgparse.c b/util/data/msgparse.c index fc7018def..afbcbca5b 100644 --- a/util/data/msgparse.c +++ b/util/data/msgparse.c @@ -1366,7 +1366,9 @@ msgparse_rrset_remove_rr(const char* str, sldns_buffer* pkt, struct rrset_parse* time_t debug_expired_reply_ttl_calc(time_t ttl, time_t ttl_add) { /* Check that we are serving expired when this is called */ /* ttl (absolute) should be later than ttl_add */ - log_assert(SERVE_EXPIRED && ttl_add <= ttl); + /* It is also called during the grace period for type DNAME, + * and then the 'SERVE_EXPIRED' boolean may not be on. */ + log_assert(ttl_add <= ttl); return (SERVE_EXPIRED_REPLY_TTL < (ttl) - (ttl_add) ? SERVE_EXPIRED_REPLY_TTL : (ttl) - (ttl_add)); }