upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-24 00:29:58 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Unbound exits with a fatal error when the auto-trust-anchor-file

Browse source 
fails to be writable.  This is seconds after startup.  You can
  load a readonly auto-trust-anchor-file with trust-anchor-file.
  The file has to be writable to notice the trust anchor change,
  without it, a trust anchor change will be unnoticed and the system
  will then become unoperable.


git-svn-id: file:///svn/unbound/trunk@3387 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2015-04-07 12:03:05 +00:00
parent d95b378fad
commit 32f808fcfa
2 changed files with 10 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
doc/Changelog
View file

@ -1,5 +1,11 @@
7 April 2015: Wouter 7 April 2015: Wouter
- Libunbound skips dos-line-endings from etc/hosts. - Libunbound skips dos-line-endings from etc/hosts.
- Unbound exits with a fatal error when the auto-trust-anchor-file
fails to be writable. This is seconds after startup. You can
load a readonly auto-trust-anchor-file with trust-anchor-file.
The file has to be writable to notice the trust anchor change,
without it, a trust anchor change will be unnoticed and the system
will then become unoperable.
2 April 2015: Wouter 2 April 2015: Wouter
- Fix #660: Fix interface-automatic broken in the presence of - Fix #660: Fix interface-automatic broken in the presence of

8
validator/autotrust.c
View file

@ -1184,7 +1184,7 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp)
verbose(VERB_ALGO, "autotrust: write to disk: %s", tempf); verbose(VERB_ALGO, "autotrust: write to disk: %s", tempf);
out = fopen(tempf, "w"); out = fopen(tempf, "w");
if(!out) { if(!out) {
log_err("could not open autotrust file for writing, %s: %s", fatal_exit("could not open autotrust file for writing, %s: %s",
tempf, strerror(errno)); tempf, strerror(errno));
return; return;
} }
@ -1192,11 +1192,11 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp)
/* failed to write contents (completely) */ /* failed to write contents (completely) */
fclose(out); fclose(out);
unlink(tempf); unlink(tempf);
log_err("could not completely write: %s", fname); fatal_exit("could not completely write: %s", fname);
return; return;
} }
if(fclose(out) != 0) { if(fclose(out) != 0) {
log_err("could not complete write: %s: %s", fatal_exit("could not complete write: %s: %s",
fname, strerror(errno)); fname, strerror(errno));
unlink(tempf); unlink(tempf);
return; return;
@ -1207,7 +1207,7 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp)
(void)unlink(fname); /* windows does not replace file with rename() */ (void)unlink(fname); /* windows does not replace file with rename() */
#endif #endif
if(rename(tempf, fname) < 0) { if(rename(tempf, fname) < 0) {
log_err("rename(%s to %s): %s", tempf, fname, strerror(errno)); fatal_exit("rename(%s to %s): %s", tempf, fname, strerror(errno));
} }
} }