Fix dangling references to outdated views after reconfig

This commit fix a leak which was happening every time an inline-signed
zone was added to the configuration, followed by a rndc reconfig.

During the reconfig process, the secure version of every inline-signed
zone was "moved" to a new view upon a reconfig and it "took the raw
version along", but only once the secure version was freed (at shutdown)
was prev_view for the raw version detached from, causing the old view to
be released as well.

This caused dangling references to be kept for the previous view, thus
keeping all resources used by that view in memory.

diff --git a/bin/named/server.c b/bin/named/server.c
index e4e80f6f8109ef378348bf293ce95356795559e2..c2afd5523a0baeedff1fe71bacda0be586f84e00 100644 (file)
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -7975,7 +7975,6 @@ configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
        isc_result_t result2;
        dns_view_t *pview = NULL;
        dns_zone_t *zone = NULL;
-       dns_zone_t *raw = NULL;
 
        zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
        origin = dns_fixedname_initname(&fixorigin);
@@ -7997,22 +7996,10 @@ configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
                return;
        }
 
-       dns_zone_getraw(zone, &raw);
-
        if (result == ISC_R_SUCCESS) {
                dns_zone_setviewcommit(zone);
-               if (raw != NULL) {
-                       dns_zone_setviewcommit(raw);
-               }
        } else {
                dns_zone_setviewrevert(zone);
-               if (raw != NULL) {
-                       dns_zone_setviewrevert(raw);
-               }
-       }
-
-       if (raw != NULL) {
-               dns_zone_detach(&raw);
        }
 
        dns_zone_detach(&zone);

diff --git a/bin/tests/system/views/ns2/named1.conf.in b/bin/tests/system/views/ns2/named1.conf.in
index 4ad0e557e3f90d1c6b619150eee33aa4f303bbbc..64ac6fa8d9952d05765c034694b409c59387c29d 100644 (file)
--- a/bin/tests/system/views/ns2/named1.conf.in
+++ b/bin/tests/system/views/ns2/named1.conf.in
@@ -41,3 +41,11 @@ zone "example" {
        file "example.db";
        allow-update { any; };
 };
+
+zone "inline" {
+       type primary;
+       file "external/inline.db";
+       key-directory "external";
+       auto-dnssec maintain;
+       inline-signing yes;
+};

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index b0120ec4e3550fc53dd2900027a7334f84e5b323..0269a9b42d5e4c0dcca34f5000683d932e0a428d 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -1616,6 +1616,9 @@ dns_zone_setviewcommit(dns_zone_t *zone) {
        if (zone->prev_view != NULL) {
                dns_view_weakdetach(&zone->prev_view);
        }
+       if (inline_secure(zone)) {
+               dns_zone_setviewcommit(zone->raw);
+       }
        UNLOCK_ZONE(zone);
 }
 
@@ -1628,6 +1631,9 @@ dns_zone_setviewrevert(dns_zone_t *zone) {
                dns_zone_setview_helper(zone, zone->prev_view);
                dns_view_weakdetach(&zone->prev_view);
        }
+       if (inline_secure(zone)) {
+               dns_zone_setviewrevert(zone->raw);
+       }
        UNLOCK_ZONE(zone);
 }