From c77f9d0d4d377b4a17a8510ea416f9d1e056f42d Mon Sep 17 00:00:00 2001
From: devStorm <59678453+developStorm@users.noreply.github.com>
Date: Sat, 14 Dec 2024 04:17:56 -0800
Subject: [PATCH] fix: always cache under lower-cased authname

---
 src/zdns/cache.go | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/zdns/cache.go b/src/zdns/cache.go
index 97f1f69f..ab8010de 100644
--- a/src/zdns/cache.go
+++ b/src/zdns/cache.go
@@ -14,6 +14,7 @@
 package zdns
 
 import (
+	"strings"
 	"time"
 
 	log "github.com/sirupsen/logrus"
@@ -251,7 +252,7 @@ func (s *Cache) SafeAddCachedAnswer(q Question, res *SingleQueryResult, ns *Name
 			continue
 		}
 		baseAns := castAns.BaseAns()
-		if ok, _ = nameIsBeneath(baseAns.Name, layer); !ok {
+		if ok, _ = nameIsBeneath(baseAns.Name, layer); !ok && baseAns.Type != dns.TypeToString[dns.TypeNSEC3] {
 			if len(nsString) > 0 {
 				s.VerboseLog(depth+1, "SafeAddCachedAnswer: detected poison: ", baseAns.Name, "(", baseAns.Type, "): @", nsString, ", ", layer, " , aborting")
 			} else {
@@ -296,11 +297,11 @@ func (s *Cache) SafeAddCachedAuthority(res *SingleQueryResult, ns *NameServer, d
 			// We'll log in buildCachedResult
 			continue
 		}
-		baseAns := castAuth.BaseAns()
+		currName := strings.ToLower(castAuth.BaseAns().Name)
 		if len(authName) == 0 {
-			authName = baseAns.Name
-		} else if authName != baseAns.Name {
-			s.VerboseLog(depth+1, "SafeAddCachedAuthority: multiple authority names: ", layer, ": ", authName, " ", baseAns.Name, " , aborting")
+			authName = currName
+		} else if authName != currName {
+			s.VerboseLog(depth+1, "SafeAddCachedAuthority: multiple authority names: ", layer, ": ", authName, " ", currName, " , aborting")
 			return
 		}
 	}