Fix non-recoverable name resolution failures due to negative cache

entries never expiring. This patch honours the negative cache timeout.

To test/experience the failure do the following:

1. Edit /etc/ncd.conf to adjust the cache timeouts as follows:

	positive-time-to-live hosts 30
	negative-time-to-live hosts 1

2. Ensure that nsswitch.conf hosts line contains something like:

	hosts: files cache dns

	Note that cache must be specified before dns.

3. Start nscd.

4. Run the following command:

	while true; do nc -z -w 3 www.google.com 80; sleep 5; done

5. While running the command, remove or comment out all nameserver
   statements in /etc/resolv.conf. After a short while you will notice
   non-recoverable name rsolution failures.

6. Uncomment or replace all nameserver statements back into
   /etc/resolv.conf. Take note that name resolution never recovers.
   To recover nscd must be restarted. This patch fixes this.

PR:		207804
Submitted by:	Jov <amutu@amutu.com>
MFC after:	1 week

usr.sbin/nscd/query.c

@@ -743,9 +743,14 @@ on_read_request_process(struct query_state *qstate)
 				&read_response->data_size);
 
 			if (read_response->error_code == -2) {
-				read_response->error_code = 0;
-				read_response->data = NULL;
-				read_response->data_size = 0;
+				read_response->data = malloc(
+					read_response->data_size);
+				assert(read_response != NULL);
+				read_response->error_code = cache_read(neg_c_entry,
+					read_request->cache_key,
+		    			read_request->cache_key_size,
+		    			read_response->data,
+		    			&read_response->data_size);
 			}
 		}
 		configuration_unlock_entry(qstate->config_entry, CELT_NEGATIVE);