XoT: properly handle the case when checking for ALPN failed (!7360) · Merge requests · ISC Open Source Projects / BIND

Artem Boldariev requested to merge 3767-dot-no-alpn-transfer-shutdown-crash into main Jan 12, 2023

During XoT it is important to check for "dot" ALPN tag to be negotiated (according to the RFC 9103). We were doing that, however, the situation was not handled properly, leading to non-cancelled zone transfers that would crash (abort()) BIND on shutdown.

In this particular case 'result' might equal 'ISC_R_SUCCESS'. When this is the case, the part of the code supposed to handle failures will not cancel the zone transfer.

This situation cannot happen when BIND is a secondary of other BIND instance. Only primaries following the RFC not closely enough could trigger such a behaviour.

Closes #3767 (closed)

Edited Jan 31, 2023 by Michal Nowak

XoT: properly handle the case when checking for ALPN failed

Merge request reports