mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 20:46:11 +02:00
Code Issues Projects Releases Wiki Activity

OPTIM: backend: Don't set SNI for non-ssl connections

Browse Source 
There is no reason to set the SNI for non-ssl connections. It is not really
an issue because ssl_sock_set_servername() function will do nothing. But
there is no reason to uselessly evaluate an expression.

No backport needed, because there is no bug.
This commit is contained in:
Christopher Faulet 2025-09-03 16:44:15 +02:00
parent a97bd0f505
commit 52866349a1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/backend.c
View File

@ -2107,7 +2107,7 @@ int connect_server(struct stream *s)
#ifdef USE_OPENSSL
/* Set socket SNI unless connection is reused. */
if (srv && srv->ssl_ctx.sni && !(s->flags & SF_SRV_REUSED)) {
if (conn_is_ssl(srv_conn) && srv && srv->ssl_ctx.sni && !(s->flags & SF_SRV_REUSED)) {
struct sample *sni_smp = NULL;
sni_smp = sample_fetch_as_type(s->be, s->sess, s,