DoT: remove TLS-related kludge in isc__nmsocket_connecttimeout_cb() (!7687) · Merge requests · ISC Open Source Projects / BIND

Artem Boldariev requested to merge 3867-fix-xot-hang into v9_18 Mar 14, 2023

This commit ensures that 'sock->tls.pending_req' is not getting nullified during TLS connection timeout callback as it prevents the connection callback being called when connecting was not successful.

We expect 'isc__nm_failed_connect_cb() to be called from 'isc__nm_tlsdns_shutdown()' when establishing connections was successful, but with 'sock->tls.pending_req' nullified that will not happen.

The code removed most likely was required in older iterations of the NM, but to me it seems that now it does only harm. One of the well know pronounced effects is leading to irrecoverable zone transfer hangs via TLS.

Closes #3867 (closed)

DoT: remove TLS-related kludge in isc__nmsocket_connecttimeout_cb()

Merge request reports