From ecffb7d841581694134b45dacf883d6643ce3bce Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouchard@haproxy.com>
Date: Fri, 24 Jan 2020 14:10:55 +0100
Subject: [PATCH] BUG/MEDIUM: streams: Move the conn_stream allocation outside
 #IF USE_OPENSSL.

When commit 477902bd2e8c1e978ad43d22dba1f28525bb797a made the conn_stream
allocation unconditional, it unfortunately moved the code doing the allocation
inside #if USE_OPENSSL, which means anybody compiling haproxy without
openssl wouldn't allocate any conn_stream, and would get a segfault later.
Fix that by moving the code that does the allocation outside #if USE_OPENSSL.
---
 src/backend.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/backend.c b/src/backend.c
index 2cf8c751a..1c0cf660b 100644
--- a/src/backend.c
+++ b/src/backend.c
@@ -1386,13 +1386,13 @@ int connect_server(struct stream *s)
 		else
 			return SF_ERR_INTERNAL;  /* how did we get there ? */
 
-#if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
 		srv_cs = si_alloc_cs(&s->si[1], srv_conn);
 		if (!srv_cs) {
 			conn_free(srv_conn);
 			return SF_ERR_RESOURCE;
 		}
 		srv_conn->ctx = srv_cs;
+#if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
 		if (!srv ||
 		    ((!(srv->ssl_ctx.alpn_str) && !(srv->ssl_ctx.npn_str)) ||
 		    srv->mux_proto || s->be->mode != PR_MODE_HTTP))