From 3de8fa87096eb367ff2fb89400d7583a36b74f1e Mon Sep 17 00:00:00 2001
From: Matthijs Mekking <matthijs@isc.org>
Date: Tue, 4 Mar 2025 17:18:36 +0100
Subject: [PATCH] Fix keymgr bug wrt setting the next time

Only set the next time the keymgr should run if the value is non zero.
Otherwise we default back to one hour. This may happen if there is one
or more key with an unlimited lifetime.

(cherry picked from commit 6c6b8796d3a7577c5954378a8cbd7449703fb691)
---
 lib/dns/keymgr.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c
index ef02ef9aab..0da26f89ec 100644
--- a/lib/dns/keymgr.c
+++ b/lib/dns/keymgr.c
@@ -1778,7 +1778,9 @@ keymgr_key_rollover(dns_kasp_key_t *kaspkey, dns_dnsseckey_t *active_key,
 		if (prepub == 0 || prepub > now) {
 			/* No need to start rollover now. */
 			if (*nexttime == 0 || prepub < *nexttime) {
-				*nexttime = prepub;
+				if (prepub > 0) {
+					*nexttime = prepub;
+				}
 			}
 			return ISC_R_SUCCESS;
 		}