From dbd15f962e1228b0f2913b473f95c7680a92b502 Mon Sep 17 00:00:00 2001 From: Artem Boldariev Date: Thu, 12 Jan 2023 20:09:51 +0200 Subject: [PATCH 1/2] XoT: properly handle the case when checking for ALPN failed During XoT it is important to check for "dot" ALPN tag to be negotiated (according to the RFC 9103). We were doing that, however, the situation was not handled properly, leading to non-cancelled zone transfers that would crash (abort()) BIND on shutdown. In this particular case 'result' might equal 'ISC_R_SUCCESS'. When this is the case, the part of the code supposed to handle failures will not cancel the zone transfer. This situation cannot happen when BIND is a secondary of other BIND instance. Only primaries following the RFC not closely enough could trigger such a behaviour. (cherry picked from commit 34a1aab1cb1231ff0348b0501b1277bddd804700) --- lib/dns/xfrin.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index b35a3f53d3..a8d6833236 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -1234,6 +1234,8 @@ xfrin_connect_done(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { CHECK(result); if (!isc_nm_xfr_allowed(handle)) { + /* set the error code so that XFER will fail */ + result = ISC_R_NOPERM; goto failure; } From 26c0dd96eb940e6f4e8ffe5e7e7f7cf407560f79 Mon Sep 17 00:00:00 2001 From: Artem Boldariev Date: Thu, 12 Jan 2023 20:51:08 +0200 Subject: [PATCH 2/2] Modify CHANGES [GL #3767] Mention that downloading a zone via TLS- from a server which does not negotiate "dot" ALPN tag could have crashed BIND on shutdown. (cherry picked from commit 16fa692b5641ba1a0cfb4164e404fe54d53a94ec) --- CHANGES | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES b/CHANGES index c6227baf10..5a404712cb 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +6068. [bug] Downloading a zone via TLS from a server which does + not negotiate "dot" ALPN token could crash BIND + on shutdown. That has been fixed. [GL #3767] + 6063. [bug] Revert a change that limited to honour single read for TLSDNS as it broke XoT. [GL #3772]