During XoT it is important to check for "dot" ALPN tag to be negotiated (according to the RFC 9103). We were doing that, however, the situation was not handled properly, leading to non-cancelled zone transfers that would crash (abort()) BIND on shutdown.
In this particular case 'result' might equal 'ISC_R_SUCCESS'. When this is the case, the part of the code supposed to handle failures will not cancel the zone transfer.
This situation cannot happen when BIND is a secondary of other BIND instance. Only primaries following the RFC not closely enough could trigger such a behaviour.
Closes #3767 (closed)