This commit fixes a peculiar corner case in the client-side DoT code
because of which a crash could occur during a zone transfer. A junk
DNS message should be sent at the end of a zone transfer via TLS to
trigger the crash (abort).
This commit, hopefully, fixes that.
Also, this commit adds similar changes to the TCP DNS code, as it
shares the same origin and most of the logic.
return (ISC_R_NOMORE);
}
+ if (sock->recv_cb == NULL) {
+ /*
+ * recv_cb has been cleared - there is
+ * nothing to do
+ */
+ return (ISC_R_CANCELED);
+ } else if (sock->statichandle == NULL &&
+ atomic_load(&sock->connected) &&
+ !atomic_load(&sock->connecting))
+ {
+ /*
+ * It seems that some unexpected data (a DNS message) has
+ * arrived while we are wrapping up.
+ */
+ return (ISC_R_CANCELED);
+ }
+
req = isc__nm_get_read_req(sock, NULL);
REQUIRE(VALID_UVREQ(req));
}
if (sock->recv_cb == NULL) {
- /* recv_cb has been cleared - there is
- * nothing to do */
+ /*
+ * recv_cb has been cleared - there is
+ * nothing to do
+ */
+ return (ISC_R_CANCELED);
+ } else if (sock->statichandle == NULL &&
+ sock->tls.state == TLS_STATE_IO &&
+ atomic_load(&sock->connected) &&
+ !atomic_load(&sock->connecting))
+ {
+ /*
+ * It seems that some unexpected data (a DNS message) has
+ * arrived while we are wrapping up.
+ */
return (ISC_R_CANCELED);
}
projects / thirdparty / bind9.git / commitdiff
