From: Matthijs Mekking <matthijs@isc.org>
Date: Mon, 15 Mar 2021 14:08:04 +0000 (+0100)
Subject: Fix a XoT crash
X-Git-Tag: v9.17.12~43^2
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=ee0835d9775f01feb5d2ace5db1d6a97bdb1d99b;p=thirdparty%2Fbind9.git

Fix a XoT crash

The transport should also be detached when we skip a master, otherwise
named will crash when sending a SOA query to the next master over TLS,
because the transport must be NULL when we enter
'dns_view_gettransport'.
---

diff --git a/CHANGES b/CHANGES
index c8ae14b0ab1..4e7f398cb8f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+5599.	[bug]		Fix a crash when transferring a zone over TLS,
+			after "named" previously skipped a master. [GL #2562]
+
 5598.	[port]		Cast (char) to (unsigned char) when calling ctype
 			tests. [GL #2567]
 
diff --git a/bin/tests/system/doth/dig1.good b/bin/tests/system/doth/example.axfr.good
similarity index 100%
rename from bin/tests/system/doth/dig1.good
rename to bin/tests/system/doth/example.axfr.good
diff --git a/bin/tests/system/doth/tests.sh b/bin/tests/system/doth/tests.sh
index 0ca31d0d472..2bed4e555d3 100644
--- a/bin/tests/system/doth/tests.sh
+++ b/bin/tests/system/doth/tests.sh
@@ -37,7 +37,7 @@ echo_i "testing XoT server functionality (using dig) ($n)"
 ret=0
 dig_with_tls_opts example. -b 10.53.0.3 @10.53.0.1 axfr > dig.out.ns1.test$n || ret=1
 grep "^;" dig.out.ns1.test$n | cat_i
-digcomp dig1.good dig.out.ns1.test$n || ret=1
+digcomp example.axfr.good dig.out.ns1.test$n || ret=1
 if test $ret != 0 ; then echo_i "failed"; fi
 status=$((status+ret))
 
@@ -46,7 +46,7 @@ echo_i "testing incoming XoT functionality (from secondary) ($n)"
 ret=0
 if retry_quiet 10 wait_for_tls_xfer; then
 	grep "^;" "dig.out.ns2.test$n" | cat_i
-	digcomp dig1.good "dig.out.ns2.test$n" || ret=1
+	digcomp example.axfr.good "dig.out.ns2.test$n" || ret=1
 else
 	echo_i "timed out waiting for zone transfer"
 	ret=1
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 0d291caa642..8c388ae75d4 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -82,3 +82,6 @@ Bug Fixes
   ``named-journalprint -d`` (downgrade) or ``named-journalprint -u``
   (upgrade). Note that this *must not* be done while ``named`` is
   running.  [GL #2505]
+
+- Fix a crash when transferring a zone over TLS, after "named" previously
+  skipped a master. [GL #2562]
diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index e172f064b9a..baa3271c25b 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -14308,6 +14308,9 @@ cleanup:
 	return;
 
 skip_master:
+	if (transport != NULL) {
+		dns_transport_detach(&transport);
+	}
 	if (key != NULL) {
 		dns_tsigkey_detach(&key);
 	}
diff --git a/util/copyrights b/util/copyrights
index 0282f9bc6b5..06feaf151ba 100644
--- a/util/copyrights
+++ b/util/copyrights
@@ -369,7 +369,7 @@
 ./bin/tests/system/dnstap/tests.sh		SH	2015,2016,2017,2018,2019,2020,2021
 ./bin/tests/system/dnstap/ydump.py		PYTHON	2016,2017,2018,2019,2020,2021
 ./bin/tests/system/doth/clean.sh		SH	2020,2021
-./bin/tests/system/doth/dig1.good		X	2021
+./bin/tests/system/doth/example.axfr.good	X	2021
 ./bin/tests/system/doth/ns2/cert.pem		X	2021
 ./bin/tests/system/doth/ns2/key.pem		X	2021
 ./bin/tests/system/doth/setup.sh		SH	2021