--------
- http module: only run prometheus in parent process if using --forks=N,
as the submodule collects metrics from all sub-processes as well.
+- policy.TLS_FORWARD fixes (!714)
- fix build with -DNOVERBOSELOG (#424)
Improvements
continue;
} else if (count == GNUTLS_E_REHANDSHAKE) {
/* See https://www.gnutls.org/manual/html_node/Re_002dauthentication.html */
+ struct sockaddr *peer = session_get_peer(s);
+ kr_log_verbose("[%s] TLS rehandshake with %s has started\n",
+ logstring, kr_straddr(peer));
tls_set_hs_state(tls_p, TLS_HS_IN_PROGRESS);
while (tls_p->handshake_state <= TLS_HS_IN_PROGRESS) {
int err = tls_handshake(tls_p, tls_p->handshake_cb);
}
}
- ret = worker_add_tcp_connected(worker, peer, session);
- if (deletion_res == kr_ok() && ret == kr_ok()) {
+ ret = kr_ok();
+ if (deletion_res == kr_ok()) {
+ /* peer was in the waiting list, add to the connected list. */
+ ret = worker_add_tcp_connected(worker, peer, session);
+ } else {
+ /* peer wasn't in the waiting list.
+ * In this case it must be successful rehandshake.
+ * Peer must be already in the connected list. */
+ const char *key = tcpsess_key(peer);
+ assert(key);
+ assert(map_contains(&worker->tcp_connected, key) != 0);
+ }
+ if (ret == kr_ok()) {
while (!session_waitinglist_is_empty(session)) {
struct qr_task *t = session_waitinglist_get(session);
ret = qr_task_send(t, session, NULL, NULL);
projects / thirdparty / knot-resolver.git / commitdiff
