From 64415c2fc68dcfa24744fcf69d03ca790cb7f738 Mon Sep 17 00:00:00 2001
From: Shreyas Zare <shreyas@technitium.com>
Date: Sun, 3 Apr 2022 16:02:14 +0530
Subject: [PATCH] AuthZone: Updated GetUpdatedNSecRRSet() and
 GetUpdatedNSec3RRSet() to compare TTL values too for deciding if new records
 should be used.

---
 DnsServerCore/Dns/Zones/AuthZone.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/DnsServerCore/Dns/Zones/AuthZone.cs b/DnsServerCore/Dns/Zones/AuthZone.cs
index 34a709a7..60f7fc1f 100644
--- a/DnsServerCore/Dns/Zones/AuthZone.cs
+++ b/DnsServerCore/Dns/Zones/AuthZone.cs
@@ -475,7 +475,7 @@ namespace DnsServerCore.Dns.Zones
 
             DnsNSECRecordData newNSecRecord = new DnsNSECRecordData(nextDomainName, types);
 
-            if (!_entries.TryGetValue(DnsResourceRecordType.NSEC, out IReadOnlyList<DnsResourceRecord> existingRecords) || !existingRecords[0].RDATA.Equals(newNSecRecord))
+            if (!_entries.TryGetValue(DnsResourceRecordType.NSEC, out IReadOnlyList<DnsResourceRecord> existingRecords) || (existingRecords[0].TtlValue != ttl) || !existingRecords[0].RDATA.Equals(newNSecRecord))
                 return new DnsResourceRecord[] { new DnsResourceRecord(_name, DnsResourceRecordType.NSEC, DnsClass.IN, ttl, newNSecRecord) };
 
             return Array.Empty<DnsResourceRecord>();
@@ -483,7 +483,7 @@ namespace DnsServerCore.Dns.Zones
 
         internal IReadOnlyList<DnsResourceRecord> GetUpdatedNSec3RRSet(IReadOnlyList<DnsResourceRecord> newNSec3Records)
         {
-            if (!_entries.TryGetValue(DnsResourceRecordType.NSEC3, out IReadOnlyList<DnsResourceRecord> existingRecords) || !existingRecords[0].RDATA.Equals(newNSec3Records[0].RDATA))
+            if (!_entries.TryGetValue(DnsResourceRecordType.NSEC3, out IReadOnlyList<DnsResourceRecord> existingRecords) || (existingRecords[0].TtlValue != newNSec3Records[0].TtlValue) || !existingRecords[0].RDATA.Equals(newNSec3Records[0].RDATA))
                 return newNSec3Records;
 
             return Array.Empty<DnsResourceRecord>();