From cc1d4e1aa63fdc7e82a00fd7b06d50fb4dbc8e96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Thu, 30 Dec 2021 15:14:11 +0100 Subject: [PATCH 1/2] Ensure the correct ordering zone_shutdown() vs zone_gotwritehandle() When the signed version of an inline-signed zone is dumped to disk, the serial number of the unsigned version of the zone is written in the raw-format header so that the contents of the signed zone can be resynchronized after named restart if the unsigned zone file is modified while named is not running (see RT #26676). In order for the serial number of the unsigned zone to be determined during the dump, zone->raw must be set to a non-NULL value. This should always be the case as long as the signed version of the zone is used for anything by named. However, under certain circumstances the zone->raw could be set to NULL while the zone is being dumped. Defer detaching from zone->raw in zone_shutdown() if the zone is in the process of being dumped to disk. --- lib/dns/zone.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 2e54038b3c..2241f99089 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -11947,6 +11947,9 @@ dump_done(void *arg, isc_result_t result) { dns_dumpctx_detach(&zone->dctx); } zonemgr_putio(&zone->writeio); + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_SHUTDOWN) && zone->raw != NULL) { + dns_zone_detach(&zone->raw); + } UNLOCK_ZONE(zone); if (again) { (void)zone_dump(zone, false); @@ -15028,7 +15031,7 @@ zone_shutdown(isc_task_t *task, isc_event_t *event) { */ DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_SHUTDOWN); free_needed = exit_check(zone); - if (inline_secure(zone)) { + if (inline_secure(zone) && !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_DUMPING)) { raw = zone->raw; zone->raw = NULL; } From 4d71a3b3097383cc1dbc7a02f0a524cada0e36e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Mon, 3 Jan 2022 13:30:40 +0100 Subject: [PATCH 2/2] Add CHANGES and release note for [GL #3071] --- CHANGES | 6 ++++++ doc/notes/notes-current.rst | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/CHANGES b/CHANGES index a6da0b1315..3e59eb84b3 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,9 @@ +5786. [bug] Defer detaching from zone->raw in zone_shutdown() if + the zone is in the process of being dumped to disk to + ensure that the unsigned serial number information is + always written in the raw-format header of the signed + version on an inline-signed zone. [GL #3071] + 5785. [bug] named could leak memory when two dnssec-policy clauses had the same name. named failed to log this error. [GL #3085] diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index dbf3266abd..5241f5558f 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -43,3 +43,9 @@ Bug Fixes - On FreeBSD, a TCP connection would leak a small amount of heap memory leading to out-of-memory problem in a long run. This has been fixed. :gl:`#3051` + +- Under certain circumstances, the signed version of an inline-signed zone could + be dumped to disk without the serial number of the unsigned version of the + zone being saved. This could prevent resynchronization of zone contents after + ``named`` restarted, if the unsigned zone file had been modified while + ``named`` was not running. This has been fixed. :gl:`#3071`