picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

resolved: do not keep dns_server to dns_stream ref if tls connection failed (#9855) 

The references to the dns_server are now setup after the tls connection is setup.
This ensures that the stream got fully stopped when the initial tls setup failed
instead of having the unref being blocked by the reference to the stream by the server.
Therefore on_stream_io would no longer be called with a half setup encrypted connection.

Fixes the issue reported in #9838.
This commit is contained in:
Iwan Timmer 2018-08-13 08:20:25 +02:00 committed by Yu Watanabe
parent 3740146a4c
commit 19feb28fa1
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/resolve/resolved-dns-transaction.c
View File

@ -628,12 +628,6 @@ static int dns_transaction_emit_tcp(DnsTransaction *t) {
fd = -1;
if (t->server) {
dns_stream_unref(t->server->stream);
t->server->stream = dns_stream_ref(s);
s->server = dns_server_ref(t->server);
}
#if ENABLE_DNS_OVER_TLS
if (DNS_SERVER_FEATURE_LEVEL_IS_TLS(t->current_feature_level)) {
assert(t->server);
@ -643,6 +637,12 @@ static int dns_transaction_emit_tcp(DnsTransaction *t) {
}
#endif
if (t->server) {
dns_stream_unref(t->server->stream);
t->server->stream = dns_stream_ref(s);
s->server = dns_server_ref(t->server);
}
s->complete = on_stream_complete;
s->on_packet = dns_stream_on_packet;