From c0808532e18bcd68b4a71c982468355ec4e179f6 Mon Sep 17 00:00:00 2001
From: Artem Boldariev <artem@boldariev.com>
Date: Tue, 26 Jul 2022 17:07:19 +0300
Subject: [PATCH] TLS: isc_nm_bad_request() and isc__nmsocket_reset() support

This commit adds implementations of isc_nm_bad_request() and
isc__nmsocket_reset() to the generic TLS stream code in order to make
it more compatible with TCP code.
---
 lib/isc/netmgr/netmgr-int.h |  3 +++
 lib/isc/netmgr/netmgr.c     | 13 +++++++++----
 lib/isc/netmgr/tlsstream.c  | 12 ++++++++++++
 3 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/lib/isc/netmgr/netmgr-int.h b/lib/isc/netmgr/netmgr-int.h
index d467b81d04..4bc5fc22a3 100644
--- a/lib/isc/netmgr/netmgr-int.h
+++ b/lib/isc/netmgr/netmgr-int.h
@@ -1563,6 +1563,9 @@ isc__nm_tls_cleartimeout(isc_nmhandle_t *handle);
  * around.
  */
 
+void
+isc__nmsocket_tls_reset(isc_nmsocket_t *sock);
+
 const char *
 isc__nm_tls_verify_tls_peer_result_string(const isc_nmhandle_t *handle);
 
diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c
index 9563f27ef7..d3ba6f2382 100644
--- a/lib/isc/netmgr/netmgr.c
+++ b/lib/isc/netmgr/netmgr.c
@@ -2330,6 +2330,11 @@ isc__nmsocket_reset(isc_nmsocket_t *sock) {
 		 */
 		REQUIRE(sock->parent == NULL);
 		break;
+#ifdef HAVE_LIBNGHTTP2
+	case isc_nm_tlssocket:
+		isc__nmsocket_tls_reset(sock);
+		return;
+#endif /* HAVE_LIBNGHTTP2 */
 	default:
 		UNREACHABLE();
 		break;
@@ -2548,6 +2553,10 @@ isc_nm_bad_request(isc_nmhandle_t *handle) {
 		return;
 	case isc_nm_tcpdnssocket:
 	case isc_nm_tlsdnssocket:
+	case isc_nm_tcpsocket:
+#if HAVE_LIBNGHTTP2
+	case isc_nm_tlssocket:
+#endif /* HAVE_LIBNGHTTP2 */
 		REQUIRE(sock->parent == NULL);
 		isc__nmsocket_reset(sock);
 		return;
@@ -2555,10 +2564,6 @@ isc_nm_bad_request(isc_nmhandle_t *handle) {
 	case isc_nm_httpsocket:
 		isc__nm_http_bad_request(handle);
 		return;
-#endif /* HAVE_LIBNGHTTP2 */
-	case isc_nm_tcpsocket:
-#if HAVE_LIBNGHTTP2
-	case isc_nm_tlssocket:
 #endif /* HAVE_LIBNGHTTP2 */
 	default:
 		UNREACHABLE();
diff --git a/lib/isc/netmgr/tlsstream.c b/lib/isc/netmgr/tlsstream.c
index a1e59b54ad..e1602461ee 100644
--- a/lib/isc/netmgr/tlsstream.c
+++ b/lib/isc/netmgr/tlsstream.c
@@ -1203,6 +1203,18 @@ isc__nmhandle_tls_setwritetimeout(isc_nmhandle_t *handle,
 	}
 }
 
+void
+isc__nmsocket_tls_reset(isc_nmsocket_t *sock) {
+	REQUIRE(VALID_NMSOCK(sock));
+	REQUIRE(sock->type == isc_nm_tlssocket);
+
+	if (sock->outerhandle != NULL) {
+		INSIST(VALID_NMHANDLE(sock->outerhandle));
+		REQUIRE(VALID_NMSOCK(sock->outerhandle->sock));
+		isc__nmsocket_reset(sock->outerhandle->sock);
+	}
+}
+
 const char *
 isc__nm_tls_verify_tls_peer_result_string(const isc_nmhandle_t *handle) {
 	isc_nmsocket_t *sock = NULL;