From: Matthijs Mekking <matthijs@isc.org>
Date: Tue, 4 Mar 2025 16:18:36 +0000 (+0100)
Subject: Fix keymgr bug wrt setting the next time
X-Git-Tag: v9.21.7~39^2~2
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=6c6b8796d3a7577c5954378a8cbd7449703fb691;p=thirdparty%2Fbind9.git

Fix keymgr bug wrt setting the next time

Only set the next time the keymgr should run if the value is non zero.
Otherwise we default back to one hour. This may happen if there is one
or more key with an unlimited lifetime.
---

diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c
index 6f7e568b439..50c56435b3e 100644
--- a/lib/dns/keymgr.c
+++ b/lib/dns/keymgr.c
@@ -1777,7 +1777,9 @@ keymgr_key_rollover(dns_kasp_key_t *kaspkey, dns_dnsseckey_t *active_key,
 		if (prepub == 0 || prepub > now) {
 			/* No need to start rollover now. */
 			if (*nexttime == 0 || prepub < *nexttime) {
-				*nexttime = prepub;
+				if (prepub > 0) {
+					*nexttime = prepub;
+				}
 			}
 			return ISC_R_SUCCESS;
 		}