RFC 6762 section 7.1: a Multicast DNS querier SHOULD NOT include records in the

Known-Answer list whose remaining TTL is less than half of their original TTL

1 files changed, 8 insertions, 0 deletions

diff --git a/src/resolve/resolved-dns-cache.c b/src/resolve/resolved-dns-cache.c
index 395109dcb2..0856976d3e 100644
--- a/src/resolve/resolved-dns-cache.c
+++ b/src/resolve/resolved-dns-cache.c
@@ -1245,11 +1245,14 @@ int dns_cache_check_conflicts(DnsCache *cache, DnsResourceRecord *rr, int owner_
 int dns_cache_export_shared_to_packet(DnsCache *cache, DnsPacket *p) {
         unsigned ancount = 0;
         DnsCacheItem *i;
+        usec_t t;
         int r;
 
         assert(cache);
         assert(p);
 
+        t = now(CLOCK_BOOTTIME);
+
         HASHMAP_FOREACH(i, cache->by_key)
                 LIST_FOREACH(by_key, j, i) {
                         if (!j->rr)
@@ -1258,6 +1261,11 @@ int dns_cache_export_shared_to_packet(DnsCache *cache, DnsPacket *p) {
                         if (!j->shared_owner)
                                 continue;
 
+                        /* RFC6762 7.1: Don't append records with less than half the TTL remaining
+                         * as known answers. */
+                        if (usec_sub_unsigned(j->until, t) < j->rr->ttl * USEC_PER_SEC / 2)
+                                continue;
+
                         r = dns_packet_append_rr(p, j->rr, 0, NULL, NULL);
                         if (r == -EMSGSIZE && p->protocol == DNS_PROTOCOL_MDNS) {
                                 /* For mDNS, if we're unable to stuff all known answers into the given packet,