isc_sockaddr_t src;
unsigned int options, timeout, udptimeout;
bool have_notifysource = false;
+ isc_tlsctx_cache_t *zmgr_tlsctx_cache = NULL;
REQUIRE(DNS_NOTIFY_VALID(notify));
udptimeout = 0;
timeout = 15;
}
- result = dns_request_create(
- notify->zone->view->requestmgr, message, &src, ¬ify->dst,
- NULL, NULL, options, key, timeout, udptimeout, 2,
- notify->zone->loop, notify_done, notify, ¬ify->request);
+
+ zmgr_tlsctx_attach(notify->zone->zmgr, &zmgr_tlsctx_cache);
+
+ result = dns_request_create(notify->zone->view->requestmgr, message,
+ &src, ¬ify->dst, notify->transport,
+ zmgr_tlsctx_cache, options, key, timeout,
+ udptimeout, 2, notify->zone->loop,
+ notify_done, notify, ¬ify->request);
+
+ isc_tlsctx_cache_detach(&zmgr_tlsctx_cache);
+
if (result == ISC_R_SUCCESS) {
if (isc_sockaddr_pf(¬ify->dst) == AF_INET) {
inc_stats(notify->zone,
if (dns_remote_tlsname(&zone->notify) != NULL) {
dns_name_t *tlsname = dns_remote_tlsname(&zone->notify);
- (void)dns_view_gettransport(view, DNS_TRANSPORT_TLS,
- tlsname, &transport);
+ result = dns_view_gettransport(view, DNS_TRANSPORT_TLS,
+ tlsname, &transport);
- notify_log(zone, ISC_LOG_INFO,
- "got TLS configuration for a notify");
+ if (result == ISC_R_SUCCESS) {
+ notify_log(
+ zone, ISC_LOG_INFO,
+ "got TLS configuration for a notify");
+ } else {
+ dns_zone_logc(zone, DNS_LOGCATEGORY_XFER_IN,
+ ISC_LOG_ERROR,
+ "could not get TLS configuration "
+ "for zone transfer: %s",
+ isc_result_totext(result));
+ goto next;
+ }
+
+ flags |= DNS_NOTIFY_TCP;
}
/* TODO: glue the transport to the notify */
loggednotify = true;
}
next:
+ flags &= ~DNS_NOTIFY_TCP;
dns_remote_next(&zone->notify, false);
}
UNLOCK_ZONE(zone);
projects / thirdparty / bind9.git / commitdiff
