From fb48f600cf37548edf33f6acccfac0fb9ba6b7a1 Mon Sep 17 00:00:00 2001
From: Vishal Chillara Srinivas <vishal.chillarasrinivas@philips.com>
Date: Wed, 15 Jun 2022 18:16:06 +0530
Subject: [PATCH] RFC 6762 section 7.1: a Multicast DNS querier SHOULD NOT
 include records in the Known-Answer list whose remaining TTL is less than
 half of their original TTL

(cherry picked from commit f941c124273ac1b3bce0029f69f9664ba6f01f7f)
(cherry picked from commit ef6c37908904f27e1322a03b1859c66ead4b629d)
---
 src/resolve/resolved-dns-cache.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/resolve/resolved-dns-cache.c b/src/resolve/resolved-dns-cache.c
index aeff9f8be6..13dcddf38b 100644
--- a/src/resolve/resolved-dns-cache.c
+++ b/src/resolve/resolved-dns-cache.c
@@ -1261,11 +1261,14 @@ int dns_cache_check_conflicts(DnsCache *cache, DnsResourceRecord *rr, int owner_
 int dns_cache_export_shared_to_packet(DnsCache *cache, DnsPacket *p) {
         unsigned ancount = 0;
         DnsCacheItem *i;
+        usec_t t;
         int r;
 
         assert(cache);
         assert(p);
 
+        t = now(CLOCK_BOOTTIME);
+
         HASHMAP_FOREACH(i, cache->by_key) {
                 DnsCacheItem *j;
 
@@ -1276,6 +1279,11 @@ int dns_cache_export_shared_to_packet(DnsCache *cache, DnsPacket *p) {
                         if (!j->shared_owner)
                                 continue;
 
+                        /* RFC6762 7.1: Don't append records with less than half the TTL remaining
+                         * as known answers. */
+                        if (usec_sub_unsigned(j->until, t) < j->rr->ttl * USEC_PER_SEC / 2)
+                                continue;
+
                         r = dns_packet_append_rr(p, j->rr, 0, NULL, NULL);
                         if (r == -EMSGSIZE && p->protocol == DNS_PROTOCOL_MDNS) {
                                 /* For mDNS, if we're unable to stuff all known answers into the given packet,