From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 8 Feb 2021 14:24:28 +0000 (+0100)
Subject: dnsdist: Make sure we close the TLS layer before the descriptor
X-Git-Tag: dnsdist-1.6.0-alpha2~11^2~34
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=61e1924bb072d58a93cb82afc4f9534b610c35f4;p=thirdparty%2Fpdns.git

dnsdist: Make sure we close the TLS layer before the descriptor
---

diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc
index 4aad805705..b32b81b7c7 100644
--- a/pdns/dnsdist-tcp.cc
+++ b/pdns/dnsdist-tcp.cc
@@ -166,6 +166,11 @@ IncomingTCPConnectionState::~IncomingTCPConnectionState()
     auto diff = now - d_connectionStartTime;
     d_ci.cs->updateTCPMetrics(d_queriesCount, diff.tv_sec * 1000.0 + diff.tv_usec / 1000.0);
   }
+
+  // would have been done when the object is destroyed anyway,
+  // but that way we make sure it's done before the ConnectionInfo is destroyed,
+  // closing the descriptor, instead of relying on the declaration order of the objects in the class
+  d_handler.close();
 }
 
 std::shared_ptr<TCPConnectionToBackend> IncomingTCPConnectionState::getDownstreamConnection(std::shared_ptr<DownstreamState>& ds, const std::unique_ptr<std::vector<ProxyProtocolValue>>& tlvs, const struct timeval& now)
diff --git a/pdns/tcpiohandler.hh b/pdns/tcpiohandler.hh
index f326438290..3af40566ce 100644
--- a/pdns/tcpiohandler.hh
+++ b/pdns/tcpiohandler.hh
@@ -197,12 +197,20 @@ public:
   }
 
   ~TCPIOHandler()
+  {
+    close();
+  }
+
+  /* Prepare the connection but does not close the descriptor */
+  void close()
   {
     if (d_conn) {
       d_conn->close();
+      d_conn.reset();
     }
     else if (d_socket != -1) {
       shutdown(d_socket, SHUT_RDWR);
+      d_socket = -1;
     }
   }