From: Vladimír Čunát <vladimir.cunat@nic.cz>
Date: Wed, 14 Feb 2018 14:24:03 +0000 (+0100)
Subject: cache: fix broken refresh of insecure records
X-Git-Tag: v2.1.0~3^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eeb6c24fa1734f108a5b27f6aa3e50ec0e2a0277;p=thirdparty%2Fknot-resolver.git

cache: fix broken refresh of insecure records

... that were about to expire.  The effect was that predict module
started the request, but cache still didn't overwrite the record if it
wasn't secure.
---

diff --git a/NEWS b/NEWS
index 8b144b4c6..894de6781 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,7 @@ Bugfixes
 - detect_time_jump module: don't clear cache on suspend-resume (#284)
 - stats module: fix stats.list() returning nothing, regressed in 2.0.0
 - policy.TLS_FORWARD: refusal when configuring with multiple IPs (#306)
+- cache: fix broken refresh of insecure records that were about to expire
 - fix the hints module on some systems, e.g. Fedora (came back on 2.0.0)
 - build with older gnutls (conditionally disable features)
 
diff --git a/lib/cache/entry_list.c b/lib/cache/entry_list.c
index 4536a921b..9afdafee7 100644
--- a/lib/cache/entry_list.c
+++ b/lib/cache/entry_list.c
@@ -164,7 +164,7 @@ int entry_h_splice(
 		 * Stale-serving is NOT considered, but TTL 1 would be considered
 		 * as expiring anyway, ... */
 		int32_t old_ttl = get_new_ttl(eh_orig, qry, NULL, 0);
-		if (old_ttl > 0 && !is_expiring(old_ttl, eh_orig->ttl)
+		if (old_ttl > 0 && !is_expiring(eh_orig->ttl, old_ttl)
 		    && rank <= eh_orig->rank) {
 			WITH_VERBOSE(qry) {
 				auto_free char *type_str = kr_rrtype_text(type),