From 254044b2db78656ee38cde4aca4dd10aa205e05a Mon Sep 17 00:00:00 2001
From: =?utf8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <vladimir.cunat@nic.cz>
Date: Thu, 9 Feb 2017 14:22:58 +0100
Subject: [PATCH] trust anchors: remove key missing for too long

It was strange to keep it indefinitely, and the code was already
half-prepared for this change.  Theoretically, if a resolver has been
stopped for too long to miss a key's period of Revoked status, it would
continue to trust the key forever.
---
 daemon/lua/trust_anchors.lua.in | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/daemon/lua/trust_anchors.lua.in b/daemon/lua/trust_anchors.lua.in
index 0619d9761..3eb6da5c2 100644
--- a/daemon/lua/trust_anchors.lua.in
+++ b/daemon/lua/trust_anchors.lua.in
@@ -148,6 +148,13 @@ local function ta_missing(ta, hold_down_time)
 	if ta.state == key_state.Valid then
 		ta.state = key_state.Missing
 		ta.timer = os.time() + hold_down_time
+
+	-- Remove key that is missing for too long
+	elseif ta.state == key_state.Missing and os.difftime(ta.timer, os.time()) <= 0 then
+		ta.state = key_state.Removed
+		print('[ ta ] key: '..key_tag..' removed because missing for too long')
+		keep_ta = false
+
 	-- Purge pending key
 	elseif ta.state == key_state.AddPend then
 		print('[ ta ] key: '..key_tag..' purging')
-- 
2.47.2