Skip to content

secondary server crashes on shutdown after attempting to download a zone via TLS from a server which does not negotiate "dot" ALPN tag

Summary

Timed out XoT transfer causes BIND to crash on shutdown.

BIND version used

Steps to reproduce

  1. Setup a dead TLS listener:
socat openssl-listen:5353,cert=ed25519_cert.pem,key=ed25519_key.pem,verify=0 -

ed25519_cert.pem

ed25519_key.pem

  1. Configure BIND as secondary over TLS:
zone net {
	type secondary;
	primaries { 127.0.0.1 port 5353 tls ephemeral; };
};

What is the current bug behavior?

04-Jan-2023 18:09:10.687 zone net/IN: Transfer started.
04-Jan-2023 18:09:10.687 zone net/IN: got TLS configuration for zone transfer: success
04-Jan-2023 18:09:10.687 all zones loaded
04-Jan-2023 18:09:10.687 running
04-Jan-2023 18:09:10.727 managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete)
04-Jan-2023 18:09:10.737 resolver priming query complete: success
^C04-Jan-2023 18:09:15.344 no longer listening on 127.0.0.1#53
04-Jan-2023 18:09:15.344 no longer listening on ::1#53
04-Jan-2023 18:09:15.347 stopping command channel on 127.0.0.1#953
04-Jan-2023 18:09:15.347 stopping command channel on ::1#953
04-Jan-2023 18:09:15.347 stopping statistics channel on ::1#8080
04-Jan-2023 18:09:15.347 shutting down
04-Jan-2023 18:09:15.347 transfer of 'net/IN' from 127.0.0.1#5353: shut down: operation canceled
04-Jan-2023 18:09:15.347 xfrin.c:1540: INSIST(xfr->shutdown_result != ISC_R_UNSET) failed, back trace
04-Jan-2023 18:09:15.347 /tmp/main/sbin/named(+0x24414) [0x55a3a7fea414]
04-Jan-2023 18:09:15.347 /tmp/main/lib/libisc-9.19.9-dev.so(isc_assertion_failed+0xa) [0x7fa2a951111a]
04-Jan-2023 18:09:15.347 /tmp/main/lib/libdns-9.19.9-dev.so(dns_xfrin_detach+0x3da) [0x7fa2a9427caa]
04-Jan-2023 18:09:15.347 /tmp/main/lib/libdns-9.19.9-dev.so(+0x169396) [0x7fa2a9441396]
04-Jan-2023 18:09:15.347 /tmp/main/lib/libdns-9.19.9-dev.so(+0x14ef40) [0x7fa2a9426f40]
04-Jan-2023 18:09:15.347 /tmp/main/lib/libdns-9.19.9-dev.so(+0x172a44) [0x7fa2a944aa44]
04-Jan-2023 18:09:15.347 /tmp/main/lib/libisc-9.19.9-dev.so(+0x3ba86) [0x7fa2a951ca86]
04-Jan-2023 18:09:15.347 /usr/lib/libuv.so.1(+0x141f9) [0x7fa2a8fac1f9]
04-Jan-2023 18:09:15.347 /usr/lib/libuv.so.1(uv_run+0xee) [0x7fa2a8fa5d16]
04-Jan-2023 18:09:15.347 /tmp/main/lib/libisc-9.19.9-dev.so(+0x41dc8) [0x7fa2a9522dc8]
04-Jan-2023 18:09:15.347 /tmp/main/sbin/named(main+0xdc2) [0x55a3a7fdf862]

What is the expected correct behavior?

You know the answer in your heart :trollface:

Edited by Petr Špaček
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information