From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Thu, 19 Aug 2021 09:06:05 +0000 (+0200)
Subject: dnsdist: Fix TLS session counters for incoming DoH
X-Git-Tag: dnsdist-1.7.0-alpha1~23^2~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=60ed62af267d6d7d21801b42b77c20ec6e3bc8c5;p=thirdparty%2Fpdns.git

dnsdist: Fix TLS session counters for incoming DoH

Increase the 'new' / 'resumed' counters once per connection, not
once per query.
---

diff --git a/pdns/dnsdistdist/doh.cc b/pdns/dnsdistdist/doh.cc
index c479db666c..97294cf406 100644
--- a/pdns/dnsdistdist/doh.cc
+++ b/pdns/dnsdistdist/doh.cc
@@ -947,16 +947,18 @@ static int doh_handler(h2o_handler_t *self, h2o_req_t *req)
       return 0;
     }
 
-    if (h2o_socket_get_ssl_session_reused(sock) == 0) {
-      ++dsc->cs->tlsNewSessions;
-    }
-    else {
-      ++dsc->cs->tlsResumptions;
-    }
-
     const int descriptor = h2o_socket_get_fd(sock);
     if (descriptor != -1) {
-      ++t_conns.at(descriptor).d_nbQueries;
+      auto& conn = t_conns.at(descriptor);
+      ++conn.d_nbQueries;
+      if (conn.d_nbQueries == 1) {
+        if (h2o_socket_get_ssl_session_reused(sock) == 0) {
+          ++dsc->cs->tlsNewSessions;
+        }
+        else {
+          ++dsc->cs->tlsResumptions;
+        }
+      }
     }
 
     if (auto tlsversion = h2o_socket_get_ssl_protocol_version(sock)) {