From fc637fbdc35d15b7958b60dd0535fea7af6931e2 Mon Sep 17 00:00:00 2001
From: Artem Boldariev <artem@boldariev.com>
Date: Tue, 22 Nov 2022 15:11:57 +0200
Subject: [PATCH] TLS: check for sock->recv_cb when handling received data

This commit adds a check if 'sock->recv_cb' might have been nullified
during the call to 'sock->recv_cb'. That could happen, e.g. by an
indirect call to 'isc_nmhandle_close()' from within the callback when
wrapping up.

In this case, let's close the TLS connection.

(cherry picked from commit bed5e2bb08ae04fba119cffe8dd2e3c32f96e8fa)
---
 lib/isc/netmgr/tlsstream.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lib/isc/netmgr/tlsstream.c b/lib/isc/netmgr/tlsstream.c
index 3477fa313c..eb49dde747 100644
--- a/lib/isc/netmgr/tlsstream.c
+++ b/lib/isc/netmgr/tlsstream.c
@@ -519,6 +519,18 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
 				if (sock->statichandle == NULL) {
 					finish = true;
 					break;
+				} else if (sock->recv_cb == NULL) {
+					/*
+					 * The 'sock->recv_cb' might have been
+					 * nullified during the call to
+					 * 'sock->recv_cb'. That could happen,
+					 * indirectly when wrapping up.
+					 *
+					 * In this case, let's close the TLS
+					 * connection.
+					 */
+					finish = true;
+					break;
 				} else if (atomic_load(&sock->readpaused)) {
 					/*
 					 * Reading has been paused from withing