don't overwrite the dns_master_loadfile() result before calling zone_postload()

if "rndc reload" fails, the result code is supposed to be passed to
zone_postload, but for inline-signing zones, the result can be
overwritten first by a call to the ZONE_TRYLOCK macro. this can lead
to the partially-loaded unsigned zone being synced over to the signed
zone instead of being rejected.

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index d97491c61fcda59dce72eb91ab5565da5fa88f33..9706d9e2b28310c2796804a93211c590ba2ac92e 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -15943,8 +15943,8 @@ zone_loaddone(void *arg, isc_result_t result) {
                LOCK_ZONE(zone->raw);
        else if (inline_raw(zone)) {
                secure = zone->secure;
-               TRYLOCK_ZONE(result, secure);
-               if (result != ISC_R_SUCCESS) {
+               TRYLOCK_ZONE(tresult, secure);
+               if (tresult != ISC_R_SUCCESS) {
                        UNLOCK_ZONE(zone);
                        secure = NULL;
                        isc_thread_yield();