mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-04 00:25:29 +00:00
Code Issues Releases Wiki Activity

Fix TTL issue with ANY queries processed through RPZ "passthru"

Browse Source 
Answers to an "ANY" query which are processed by the RPZ "passthru"
policy have the response-policy's 'max-policy-ttl' value unexpectedly
applied. Do not change the records' TTL when RPZ uses a policy which
does not alter the answer.

(cherry picked from commit 5633dc90d3)
This commit is contained in:
Aram Sargsyan
2025-02-26 13:32:20 +00:00
committed by Arаm Sаrgsyаn
parent ea9f0f4315
commit 2d48cb33e3
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/ns/query.c
View File

@@ -8005,7 +8005,10 @@ query_respond_any(query_ctx_t *qctx) {
} }
qctx->rpz_st = qctx->client->query.rpz_st; qctx->rpz_st = qctx->client->query.rpz_st;
if (qctx->rpz_st != NULL) { if (qctx->rpz_st != NULL &&
qctx->rpz_st->m.policy != DNS_RPZ_POLICY_MISS &&
qctx->rpz_st->m.policy != DNS_RPZ_POLICY_PASSTHRU)
{
qctx->rdataset->ttl = qctx->rdataset->ttl =
ISC_MIN(qctx->rdataset->ttl, ISC_MIN(qctx->rdataset->ttl,
qctx->rpz_st->m.ttl); qctx->rpz_st->m.ttl);