all: upd chlog

CHANGELOG.md

@@ -33,12 +33,15 @@ NOTE: Add new changes BELOW THIS COMMENT.
 
 ### Fixed
 
+- Maximum TTL cache size requirement when editing minimum TTL cache size in the
+  Web UI ([#6409]).
 - Names defined in the `/etc/hosts` for a single address family wrongly
   considered undefined for another family ([#6541]).
 - Omitted CNAME records in safe search results, which can cause YouTube to not
   work on iOS ([#6352]).
 
 [#6352]: https://github.com/AdguardTeam/AdGuardHome/issues/6352
+[#6409]: https://github.com/AdguardTeam/AdGuardHome/issues/6409
 [#6541]: https://github.com/AdguardTeam/AdGuardHome/issues/6541
 [#6545]: https://github.com/AdguardTeam/AdGuardHome/issues/6545
 

internal/dnsforward/config.go

@@ -361,6 +361,11 @@ func (s *Server) newProxyConfig() (conf *proxy.Config, err error) {
 		return nil, errors.Error("no default upstream servers configured")
 	}
 
+	err = validateCacheTTL(srvConf.CacheMinTTL, srvConf.CacheMaxTTL)
+	if err != nil {
+		return nil, fmt.Errorf("validating cache ttl: %w", err)
+	}
+
 	return conf, nil
 }
 
@@ -739,3 +744,19 @@ func (s *Server) enableProtectionAfterPause() {
 
 	log.Info("dns: protection is restarted after pause")
 }
+
+// validateCacheTTL returns an error if the configuration of the cache TTL
+// invalid.
+//
+// TODO(s.chzhen):  Move to dnsproxy.
+func validateCacheTTL(minTTL, maxTTL uint32) (err error) {
+	if minTTL == 0 && maxTTL == 0 {
+		return nil
+	}
+
+	if maxTTL > 0 && minTTL > maxTTL {
+		return errors.Error("cache_ttl_min must be less than or equal to cache_ttl_max")
+	}
+
+	return nil
+}

internal/dnsforward/http.go

@@ -346,24 +346,20 @@ func (req *jsonDNSConfig) validateUpstreamDNSServers(privateNets netutil.SubnetS
 // checkCacheTTL returns an error if the configuration of the cache TTL is
 // invalid.
 func (req *jsonDNSConfig) checkCacheTTL() (err error) {
-	if req.CacheMinTTL == nil || req.CacheMaxTTL == nil {
+	if req.CacheMinTTL == nil && req.CacheMaxTTL == nil {
 		return nil
 	}
 
-	var (
+	var minTTL, maxTTL uint32
+	if req.CacheMinTTL != nil {
 		minTTL = *req.CacheMinTTL
-		maxTTL = *req.CacheMaxTTL
-	)
-
-	if minTTL == 0 || maxTTL == 0 {
-		return nil
 	}
 
-	if minTTL > maxTTL {
-		return errors.Error("cache_ttl_min must be less or equal than cache_ttl_max")
+	if req.CacheMaxTTL != nil {
+		maxTTL = *req.CacheMaxTTL
 	}
 
-	return nil
+	return validateCacheTTL(minTTL, maxTTL)
 }
 
 // checkRatelimitSubnetMaskLen returns an error if the length of the subnet mask

internal/dnsforward/http_test.go

@@ -229,7 +229,7 @@ func TestDNSForwardHTTP_handleSetConfig(t *testing.T) {
 			`ParseAddr("a"): unable to parse IP`,
 	}, {
 		name:    "cache_bad_ttl",
-		wantSet: `validating dns config: cache_ttl_min must be less or equal than cache_ttl_max`,
+		wantSet: `validating dns config: cache_ttl_min must be less than or equal to cache_ttl_max`,
 	}, {
 		name:    "upstream_mode_bad",
 		wantSet: `validating dns config: upstream_mode: incorrect value "somethingelse"`,