don't overwrite the dns_master_loadfile() result before calling zone_postload()

if "rndc reload" fails, the result code is supposed to be passed to
zone_postload, but for inline-signing zones, the result can be
overwritten first by a call to the ZONE_TRYLOCK macro. this can lead
to the partially-loaded unsigned zone being synced over to the signed
zone instead of being rejected.

(cherry picked from commit 0b792bd37b9b6a1cc5914ab95987359fda972ff2)

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 2131daa14c585d16642422e161da1772e4073500..6b691a850492b83403f3a69debd0750dd171b25e 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -15871,8 +15871,8 @@ zone_loaddone(void *arg, isc_result_t result) {
                LOCK_ZONE(zone->raw);
        else if (inline_raw(zone)) {
                secure = zone->secure;
-               TRYLOCK_ZONE(result, secure);
-               if (result != ISC_R_SUCCESS) {
+               TRYLOCK_ZONE(tresult, secure);
+               if (tresult != ISC_R_SUCCESS) {
                        UNLOCK_ZONE(zone);
                        secure = NULL;
                        isc_thread_yield();