Fix dangling references to outdated views after reconfig

This commit fix a leak which was happening every time an inline-signed
zone was added to the configuration, followed by a rndc reconfig.

During the reconfig process, the secure version of every inline-signed
zone was "moved" to a new view upon a reconfig and it "took the raw
version along", but only once the secure version was freed (at shutdown)
was prev_view for the raw version detached from, causing the old view to
be released as well.

This caused dangling references to be kept for the previous view, thus
keeping all resources used by that view in memory.
This commit is contained in:
Diego Fronza 2021-02-11 11:32:20 -03:00
parent fe6bd687d7
commit 30729c7013
3 changed files with 14 additions and 13 deletions

View file

@ -7975,7 +7975,6 @@ configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
isc_result_t result2;
dns_view_t *pview = NULL;
dns_zone_t *zone = NULL;
dns_zone_t *raw = NULL;
zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
origin = dns_fixedname_initname(&fixorigin);
@ -7997,22 +7996,10 @@ configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
return;
}
dns_zone_getraw(zone, &raw);
if (result == ISC_R_SUCCESS) {
dns_zone_setviewcommit(zone);
if (raw != NULL) {
dns_zone_setviewcommit(raw);
}
} else {
dns_zone_setviewrevert(zone);
if (raw != NULL) {
dns_zone_setviewrevert(raw);
}
}
if (raw != NULL) {
dns_zone_detach(&raw);
}
dns_zone_detach(&zone);

View file

@ -41,3 +41,11 @@ zone "example" {
file "example.db";
allow-update { any; };
};
zone "inline" {
type primary;
file "external/inline.db";
key-directory "external";
auto-dnssec maintain;
inline-signing yes;
};

View file

@ -1616,6 +1616,9 @@ dns_zone_setviewcommit(dns_zone_t *zone) {
if (zone->prev_view != NULL) {
dns_view_weakdetach(&zone->prev_view);
}
if (inline_secure(zone)) {
dns_zone_setviewcommit(zone->raw);
}
UNLOCK_ZONE(zone);
}
@ -1628,6 +1631,9 @@ dns_zone_setviewrevert(dns_zone_t *zone) {
dns_zone_setview_helper(zone, zone->prev_view);
dns_view_weakdetach(&zone->prev_view);
}
if (inline_secure(zone)) {
dns_zone_setviewrevert(zone->raw);
}
UNLOCK_ZONE(zone);
}