Skip to content

TLS DNS: do not call accept callback twice

Artem Boldariev requested to merge artem-tlsdns-do-not-call-acceptcb-twice into main

Before the changes from this commit were introduced, the accept callback function would get called twice when accepting connection during two of these stages:

  • when accepting the TCP connection;
  • when handshake has completed.

That is clearly an error, as it should have been called only once. As far as I understand it the mistake is a result of TLS DNS transport being essentially a fork of TCP transport, where calling the accept callback immediately after accepting TCP connection makes sense.

This commit fixes this mistake. It did not have any very serious consequences because in BIND the accept callback only checks an ACL and updates stats.

Edited by Artem Boldariev

Merge request reports