From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Wed, 17 Nov 2021 18:03:46 +0000 (+0100)
Subject: dnsdist: Fix a memory leak when reusing TLS tickets for outgoing connections
X-Git-Tag: dnsdist-1.7.0-beta2~5^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F10999%2Fhead;p=thirdparty%2Fpdns.git

dnsdist: Fix a memory leak when reusing TLS tickets for outgoing connections

We were not properly freeing the memory of TLS session tickets reused
for outgoing TLS (DoT / DoH) connections.

Reported by Stéphane Bortzmeyer (many thanks!).
---

diff --git a/pdns/tcpiohandler.cc b/pdns/tcpiohandler.cc
index 6068c1bc84..18121be131 100644
--- a/pdns/tcpiohandler.cc
+++ b/pdns/tcpiohandler.cc
@@ -498,7 +498,7 @@ public:
     if (ret != 1) {
       throw std::runtime_error("Error setting up session: " + libssl_get_error_string());
     }
-    native.release();
+    session.reset();
   }
 
   void addNewTicket(SSL_SESSION* session)
@@ -916,12 +916,9 @@ public:
     d_sess.data = nullptr;
   }
 
-  gnutls_datum_t getNative()
+  const gnutls_datum_t& getNative()
   {
-    auto ret = d_sess;
-    d_sess.data = nullptr;
-    d_sess.size = 0;
-    return ret;
+    return d_sess;
   }
 
 private:
@@ -1424,8 +1421,7 @@ public:
     if (ret != GNUTLS_E_SUCCESS) {
       throw std::runtime_error("Error setting up GnuTLS session: " + std::string(gnutls_strerror(ret)));
     }
-
-    session.release();
+    session.reset();
   }
 
   void close() override