Unload a zone if a transfer breaks its SOA record

If a zone transfer results in a zone not having any NS records, named
stops serving it because such a zone is broken.  Do the same if an
incoming zone transfer results in a zone lacking an SOA record at the
apex or containing more than one SOA record.

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 5f042f4f63f3bc4704fc98f49b9170db0fa70598..17a17f300cf5d6d20b7676f5e13896be75e57de5 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -17219,9 +17219,16 @@ again:
                        if (soacount != 1) {
                                dns_zone_log(zone, ISC_LOG_ERROR,
                                             "transferred zone "
-                                            "has %d SOA record%s",
-                                            soacount,
-                                            (soacount != 0) ? "s" : "");
+                                            "has %d SOA records",
+                                            soacount);
+                               if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_HAVETIMERS))
+                               {
+                                       zone->refresh = DNS_ZONE_DEFAULTREFRESH;
+                                       zone->retry = DNS_ZONE_DEFAULTRETRY;
+                               }
+                               DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_HAVETIMERS);
+                               zone_unload(zone);
+                               goto next_master;
                        }
                        if (nscount == 0) {
                                dns_zone_log(zone, ISC_LOG_ERROR,