From: Ondřej Surý <ondrej@isc.org>
Date: Sun, 2 Feb 2025 12:38:04 +0000 (+0100)
Subject: Add better ZEROTTL handling in bindrdataset()
X-Git-Tag: v9.21.5~9^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cfee6aa56557f9fde8bd47949c5165edaf350113;p=thirdparty%2Fbind9.git

Add better ZEROTTL handling in bindrdataset()

If we know that the header has ZEROTTL set, the server should never send
stale records for it and the TTL should never be anything else than 0.
The comment was already there, but the code was not matching the
comment.
---

diff --git a/lib/dns/qpcache.c b/lib/dns/qpcache.c
index 589ddd0aa11..64624453e03 100644
--- a/lib/dns/qpcache.c
+++ b/lib/dns/qpcache.c
@@ -1057,7 +1057,7 @@ bindrdataset(qpcache_t *qpdb, qpcnode_t *node, dns_slabheader_t *header,
 		 * (these records should not be cached anyway).
 		 */
 
-		if (KEEPSTALE(qpdb) && stale_ttl > now) {
+		if (!ZEROTTL(header) && KEEPSTALE(qpdb) && stale_ttl > now) {
 			stale = true;
 		} else {
 			/*
@@ -1072,7 +1072,7 @@ bindrdataset(qpcache_t *qpdb, qpcnode_t *node, dns_slabheader_t *header,
 	rdataset->rdclass = qpdb->common.rdclass;
 	rdataset->type = DNS_TYPEPAIR_TYPE(header->type);
 	rdataset->covers = DNS_TYPEPAIR_COVERS(header->type);
-	rdataset->ttl = header->expire - now;
+	rdataset->ttl = !ZEROTTL(header) ? header->expire - now : 0;
 	rdataset->trust = header->trust;
 	rdataset->resign = 0;