From 5cbb271a9028cde80c4a03980f2efb4997a47de8 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 7 Oct 2019 16:32:13 +0200
Subject: [PATCH] dnsdist: Clear the DoH Session Ticket Encryption Key in the
 ctor

---
 pdns/doh.hh | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/pdns/doh.hh b/pdns/doh.hh
index 41e600329..6b5503620 100644
--- a/pdns/doh.hh
+++ b/pdns/doh.hh
@@ -40,6 +40,11 @@ private:
 
 struct DOHFrontend
 {
+  DOHFrontend()
+  {
+    d_rotatingTicketsKey.clear();
+  }
+
   std::shared_ptr<DOHServerConfig> d_dsc{nullptr};
   std::vector<std::pair<std::string, std::string>> d_certKeyPairs;
   std::vector<std::string> d_ocspFiles;
@@ -58,9 +63,7 @@ struct DOHFrontend
   std::vector<std::string> d_urls;
   std::string d_ticketKeyFile;
 
-  std::atomic_flag d_rotatingTicketsKey;
   time_t d_ticketsKeyRotationDelay{43200};
-  time_t d_ticketsKeyNextRotation{0};
   size_t d_maxStoredSessions{20480};
   uint8_t d_numberOfTicketsKeys{5};
   bool d_enableTickets{true};
@@ -124,6 +127,10 @@ struct DOHFrontend
   void handleTicketsKeyRotation();
 
 #endif /* HAVE_DNS_OVER_HTTPS */
+
+private:
+  time_t d_ticketsKeyNextRotation{0};
+  std::atomic_flag d_rotatingTicketsKey;
 };
 
 #ifndef HAVE_DNS_OVER_HTTPS
-- 
2.50.1