dnsdist: Fix a memory leak when reusing TLS tickets for outgoing connections

We were not properly freeing the memory of TLS session tickets reused
for outgoing TLS (DoT / DoH) connections.

Reported by Stéphane Bortzmeyer (many thanks!).

diff --git a/pdns/tcpiohandler.cc b/pdns/tcpiohandler.cc
index 6068c1bc84eaa273a4d1ac9888c675506f5319ab..18121be131c33006c3d162b5f02760537acb8f6a 100644 (file)
--- a/pdns/tcpiohandler.cc
+++ b/pdns/tcpiohandler.cc
@@ -498,7 +498,7 @@ public:
     if (ret != 1) {
       throw std::runtime_error("Error setting up session: " + libssl_get_error_string());
     }
-    native.release();
+    session.reset();
   }
 
   void addNewTicket(SSL_SESSION* session)
@@ -916,12 +916,9 @@ public:
     d_sess.data = nullptr;
   }
 
-  gnutls_datum_t getNative()
+  const gnutls_datum_t& getNative()
   {
-    auto ret = d_sess;
-    d_sess.data = nullptr;
-    d_sess.size = 0;
-    return ret;
+    return d_sess;
   }
 
 private:
@@ -1424,8 +1421,7 @@ public:
     if (ret != GNUTLS_E_SUCCESS) {
       throw std::runtime_error("Error setting up GnuTLS session: " + std::string(gnutls_strerror(ret)));
     }
-
-    session.release();
+    session.reset();
   }
 
   void close() override