From 50a3eae6cf9a401ea70f5e81579f14f829f3e457 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Mon, 27 Jun 2016 13:07:45 +1000
Subject: [PATCH] 4400.   [bug]           ttl policy was not being inherited in
 policy.py.                         [RT #42718]

---
 CHANGES                     | 3 +++
 bin/python/isc/policy.py.in | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/CHANGES b/CHANGES
index f73ecbf4e6..de55fcf8a5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4400.	[bug]		ttl policy was not being inherited in policy.py.
+			[RT #42718]
+
 4399.	[bug] 		policy.py 'ECCGOST', 'ECDSAP256SHA256', and
 			'ECDSAP384SHA384' don't have settable keysize.
 			[RT #42718]
diff --git a/bin/python/isc/policy.py.in b/bin/python/isc/policy.py.in
index 99e820a75e..7cced86f7a 100644
--- a/bin/python/isc/policy.py.in
+++ b/bin/python/isc/policy.py.in
@@ -493,6 +493,12 @@ class dnssec_policy:
             p.zsk_postpublish = parent and \
                 parent.zsk_postpublish or ap.zsk_postpublish
 
+        if p.keyttl is None:
+            parent = p.parent or self.named_policy['default']
+            while parent is not None and not parent.keyttl:
+                parent = parent.parent
+            p.keyttl = parent and parent.keyttl
+
         if 'novalidate' not in kwargs or not kwargs['novalidate']:
             (valid, msg) = p.validate()
             if not valid: