mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-20 13:21:29 +02:00
Code Issues Projects Releases Wiki Activity

OPTIM: tcpcheck: Don't set SNI and ALPN for non-ssl connections

Browse Source 
There is no reason to set the SNI and ALPN for non-ssl connections. It is
not really an issue because ssl_sock_set_servername() and
ssl_sock_set_alpn() functions will do nothing. But it is cleaner this way
and this could avoid bugs in future.

No backport needed, because there is no bug.
This commit is contained in:
Christopher Faulet 2025-09-03 16:48:11 +02:00
parent ef07d3511a
commit eb3d4eb59f
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/tcpcheck.c
View File

@ -1426,6 +1426,7 @@ enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct tcpchec
conn->ctx = check->sc; conn->ctx = check->sc;
#ifdef USE_OPENSSL #ifdef USE_OPENSSL
if (conn_is_ssl(conn)) {
if (connect->sni) if (connect->sni)
ssl_sock_set_servername(conn, connect->sni); ssl_sock_set_servername(conn, connect->sni);
else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s && s->check.sni) else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s && s->check.sni)
@ -1435,6 +1436,7 @@ enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct tcpchec
ssl_sock_set_alpn(conn, (unsigned char *)connect->alpn, connect->alpn_len); ssl_sock_set_alpn(conn, (unsigned char *)connect->alpn, connect->alpn_len);
else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s && s->check.alpn_str) else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s && s->check.alpn_str)
ssl_sock_set_alpn(conn, (unsigned char *)s->check.alpn_str, s->check.alpn_len); ssl_sock_set_alpn(conn, (unsigned char *)s->check.alpn_str, s->check.alpn_len);
}
#endif #endif
if (conn_ctrl_ready(conn) && (connect->options & TCPCHK_OPT_LINGER) && !(conn->flags & CO_FL_FDLESS)) { if (conn_ctrl_ready(conn) && (connect->options & TCPCHK_OPT_LINGER) && !(conn->flags & CO_FL_FDLESS)) {