upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-27 20:25:55 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Fix a bug where tlsctx_cache could be destroyed while still in use

Browse source 
When named is being reconfigured, it detaches from the old
'isc_tlsctx_cache_t' TLS context cache object and creates a
new one. This can cause an assertion failure within the
resolver when the object is destroyed while still in use,
because the resolver is using the object without getting
attached to it.

Add an attach/detach so that the 'isc_tlsctx_cache_t' doesn't
get destroyed while still being in use.

(cherry picked from commit ed7b08c0c4)
This commit is contained in:
Aram Sargsyan 2025-11-27 15:00:26 +00:00 committed by Arаm Sаrgsyаn (GitLab job 6550802)
parent 2087804695
commit 7265e33520
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/dns/resolver.c
View file

@ -10083,6 +10083,8 @@ dns_resolver__destroy(dns_resolver_t *res) {
isc_hashmap_destroy(&res->counters);
isc_rwlock_destroy(&res->counters_lock);
isc_tlsctx_cache_detach(&res->tlsctx_cache);
if (res->dispatches4 != NULL) {
dns_dispatchset_destroy(&res->dispatches4);
}
@ -10160,7 +10162,6 @@ dns_resolver_create(dns_view_t *view, isc_loopmgr_t *loopmgr, isc_nm_t *nm,
.rdclass = view->rdclass,
.nm = nm,
.options = options,
.tlsctx_cache = tlsctx_cache,
.spillatmin = 10,
.spillat = 10,
.spillatmax = 100,
@ -10205,6 +10206,8 @@ dns_resolver_create(dns_view_t *view, isc_loopmgr_t *loopmgr, isc_nm_t *nm,
res->nloops);
}
isc_tlsctx_cache_attach(tlsctx_cache, &res->tlsctx_cache);
isc_mutex_init(&res->lock);
isc_mutex_init(&res->primelock);