From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 15 Apr 2024 14:58:44 +0000 (+0200)
Subject: dnsdist: Fix DNS over plain HTTP broken by `reloadAllCertificates()`
X-Git-Tag: rec-5.1.0-alpha1~37^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F14070%2Fhead;p=thirdparty%2Fpdns.git

dnsdist: Fix DNS over plain HTTP broken by `reloadAllCertificates()`

This was introduced in 1.9.0, with the use of the `nghttp2` library
for incoming DNS over HTTP(S).
---

diff --git a/pdns/dnsdistdist/dnsdist-doh-common.cc b/pdns/dnsdistdist/dnsdist-doh-common.cc
index 71cd87cd0f..dcbd183d7c 100644
--- a/pdns/dnsdistdist/dnsdist-doh-common.cc
+++ b/pdns/dnsdistdist/dnsdist-doh-common.cc
@@ -115,7 +115,9 @@ size_t DOHFrontend::getTicketsKeysCount()
 
 void DOHFrontend::reloadCertificates()
 {
-  d_tlsContext.setupTLS();
+  if (isHTTPS()) {
+    d_tlsContext.setupTLS();
+  }
 }
 
 void DOHFrontend::setup()