From: Matthijs Mekking Date: Mon, 11 Feb 2019 16:25:34 +0000 (+0100) Subject: Unregister RPZ CATZ db cbs when zone load fails X-Git-Tag: v9.14.0rc1~2^2~1 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=05f156e8babb901174d0702a2c8c69122e250edb;p=thirdparty%2Fbind9.git Unregister RPZ CATZ db cbs when zone load fails In case when a zone fails to load because the file does not exist or is malformed, we should not run the callback that updates the zone database when the load is done. This is achieved by unregistering the callbacks if at zone load end if the result indicates something else than success. --- diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 28f353a2ea9..8eb4eb764ea 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -1792,6 +1792,18 @@ dns_zone_rpz_enable_db(dns_zone_t *zone, dns_db_t *db) { REQUIRE(result == ISC_R_SUCCESS); } +static void +dns_zone_rpz_disable_db(dns_zone_t *zone, dns_db_t *db) { + isc_result_t result; + if (zone->rpz_num == DNS_RPZ_INVALID_NUM) + return; + REQUIRE(zone->rpzs != NULL); + result = dns_db_updatenotify_unregister(db, + dns_rpz_dbupdate_callback, + zone->rpzs->zones[zone->rpz_num]); + REQUIRE(result == ISC_R_SUCCESS); +} + void dns_zone_catz_enable(dns_zone_t *zone, dns_catz_zones_t *catzs) { REQUIRE(DNS_ZONE_VALID(zone)); @@ -1819,6 +1831,17 @@ dns_zone_catz_enable_db(dns_zone_t *zone, dns_db_t *db) { } } +static void +dns_zone_catz_disable_db(dns_zone_t *zone, dns_db_t *db) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(db != NULL); + + if (zone->catzs != NULL) { + dns_db_updatenotify_unregister(db, dns_catz_dbupdate_callback, + zone->catzs); + } +} + /* * Set catalog zone ownership of the zone */ @@ -2486,11 +2509,14 @@ dns_zone_setrawdata(dns_zone_t *zone, dns_masterrawheader_t *header) { static isc_result_t zone_startload(dns_db_t *db, dns_zone_t *zone, isc_time_t loadtime) { + const char me[] = "zone_startload"; dns_load_t *load; isc_result_t result; isc_result_t tresult; unsigned int options; + ENTER; + dns_zone_rpz_enable_db(zone, db); dns_zone_catz_enable_db(zone, db); @@ -15805,6 +15831,15 @@ zone_loaddone(void *arg, isc_result_t result) { ENTER; + /* + * If zone loading failed, remove the update db callbacks prior + * to calling the list of callbacks in the zone load structure. + */ + if (result != ISC_R_SUCCESS) { + dns_zone_rpz_disable_db(zone, load->db); + dns_zone_catz_disable_db(zone, load->db); + } + tresult = dns_db_endload(load->db, &load->callbacks); if (tresult != ISC_R_SUCCESS && (result == ISC_R_SUCCESS || result == DNS_R_SEENINCLUDE))