From: Matthijs Mekking <matthijs@isc.org>
Date: Wed, 26 Oct 2022 08:02:36 +0000 (+0200)
Subject: Fix update forwarding bug
X-Git-Tag: v9.19.7~27^2
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=218c661b41dc7d5d052b0158641a60cb6b4d03a1;p=thirdparty%2Fbind9.git

Fix update forwarding bug

The wrong tls configuration was picked here. It should be of the
primary that is selected by forward->which, not zone->curprimary.

This bug may cause BIND to select the wrong primary when retrieving
the TLS settings, or cause a crash in case the wrongly selected primary
has no TLS settings.
---

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 2b5f8607132..83f5aac850f 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -18354,7 +18354,7 @@ sendtoprimary(dns_forward_t *forward) {
 	    zone->primarytlsnames[forward->which] != NULL)
 	{
 		dns_view_t *view = dns_zone_getview(zone);
-		dns_name_t *tlsname = zone->primarytlsnames[zone->curprimary];
+		dns_name_t *tlsname = zone->primarytlsnames[forward->which];
 
 		result = dns_view_gettransport(view, DNS_TRANSPORT_TLS, tlsname,
 					       &forward->transport);