From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 26 Sep 2023 09:27:12 +0000 (+0200)
Subject: dnsdist: Fix timeouts on incoming DoH connections with nghttp2
X-Git-Tag: rec-5.0.0-alpha2~31^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ee33b77e98abe0f225151ea763775e21d1ee5a54;p=thirdparty%2Fpdns.git

dnsdist: Fix timeouts on incoming DoH connections with nghttp2
---

diff --git a/pdns/dnsdistdist/dnsdist-nghttp2-in.cc b/pdns/dnsdistdist/dnsdist-nghttp2-in.cc
index 7bd9f75855..0302d536fe 100644
--- a/pdns/dnsdistdist/dnsdist-nghttp2-in.cc
+++ b/pdns/dnsdistdist/dnsdist-nghttp2-in.cc
@@ -951,23 +951,7 @@ int IncomingHTTP2Connection::on_stream_close_callback(nghttp2_session* session,
 {
   auto* conn = static_cast<IncomingHTTP2Connection*>(user_data);
 
-  if (error_code == 0) {
-    return 0;
-  }
-
-  auto stream = conn->d_currentStreams.find(stream_id);
-  if (stream == conn->d_currentStreams.end()) {
-    /* we don't care, then */
-    return 0;
-  }
-
-  struct timeval now
-  {
-  };
-  gettimeofday(&now, nullptr);
-  auto request = std::move(stream->second);
-  conn->d_currentStreams.erase(stream->first);
-
+  conn->d_currentStreams.erase(stream_id);
   return 0;
 }
 
@@ -1167,11 +1151,6 @@ void IncomingHTTP2Connection::handleWritableIOCallback([[maybe_unused]] int desc
   conn->writeToSocket(true);
 }
 
-bool IncomingHTTP2Connection::isIdle() const
-{
-  return getConcurrentStreamsCount() == 0;
-}
-
 void IncomingHTTP2Connection::stopIO()
 {
   d_ioState->reset();
@@ -1217,7 +1196,9 @@ void IncomingHTTP2Connection::updateIO(IOState newState, const FDMultiplexer::ca
     gettimeofday(&now, nullptr);
 
     if (newState == IOState::NeedRead) {
-      if (isIdle()) {
+      /* use the idle TTL if the handshake has been completed (and proxy protocol payload received, if any),
+         and we have processed at least one query, otherwise we use the shorter read TTL  */
+      if ((d_state == State::waitingForQuery || d_state == State::idle) && (d_queriesCount > 0 || d_currentQueriesCount)) {
         ttd = getIdleClientReadTTD(now);
       }
       else {
diff --git a/pdns/dnsdistdist/dnsdist-nghttp2-in.hh b/pdns/dnsdistdist/dnsdist-nghttp2-in.hh
index a648a5027b..020e1c26e3 100644
--- a/pdns/dnsdistdist/dnsdist-nghttp2-in.hh
+++ b/pdns/dnsdistdist/dnsdist-nghttp2-in.hh
@@ -86,7 +86,6 @@ private:
   std::unique_ptr<DOHUnitInterface> getDOHUnit(uint32_t streamID) override;
 
   void stopIO();
-  bool isIdle() const;
   uint32_t getConcurrentStreamsCount() const;
   void updateIO(IOState newState, const FDMultiplexer::callbackfunc_t& callback);
   void handleIOError();