mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00
Code Issues Releases Wiki Activity

Fix a kasp lock issue

Browse Source 
The kasp lock would stay locked if 'dns_keymgr_run' failed.
This commit is contained in:
Matthijs Mekking
2021-04-06 11:31:35 +02:00
parent 2be319b759
commit cf17698f87
1 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
lib/dns/zone.c
View File

@@ -19971,22 +19971,20 @@ zone_rekey(dns_zone_t *zone) {
isc_result_totext(result));
}
if (kasp != NULL &&
(result == ISC_R_SUCCESS || result == ISC_R_NOTFOUND)) {
result = dns_keymgr_run(&zone->origin, zone->rdclass, dir, mctx,
&keys, kasp, now, &nexttime);
if (result != ISC_R_SUCCESS) {
if (kasp != NULL) {
UNLOCK(&kasp->lock);
}
dnssec_log(zone, ISC_LOG_ERROR,
"zone_rekey:dns_dnssec_keymgr failed: %s",
isc_result_totext(result));
goto failure;
}
}
if (kasp != NULL) {
if (result == ISC_R_SUCCESS || result == ISC_R_NOTFOUND) {
result = dns_keymgr_run(&zone->origin, zone->rdclass,
dir, mctx, &keys, kasp, now,
&nexttime);
if (result != ISC_R_SUCCESS) {
dnssec_log(zone, ISC_LOG_ERROR,
"zone_rekey:dns_dnssec_keymgr "
"failed: %s",
isc_result_totext(result));
UNLOCK(&kasp->lock);
goto failure;
}
}
UNLOCK(&kasp->lock);
}
@@ -20343,6 +20341,10 @@ failure:
* Something went wrong; try again in ten minutes or
* after a key refresh interval, whichever is shorter.
*/
dnssec_log(zone, ISC_LOG_DEBUG(3),
"zone_rekey failure: %s (retry in %u seconds)",
isc_result_totext(result),
ISC_MIN(zone->refreshkeyinterval, 600));
isc_interval_set(&ival, ISC_MIN(zone->refreshkeyinterval, 600),
0);
isc_time_nowplusinterval(&zone->refreshkeytime, &ival);