From fee3bd48b414c88f7e5abc37775f944aa94c808b Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Tue, 9 Sep 2025 14:27:24 +0200 Subject: [PATCH] OPTIM: check: do not delay MUX for ALPN if SSL not active To ensure ALPN is properly applied on checks, MUX initialization is delayed so that it is created on SSL handshake completion. However, this does not check if SSL is really active for the connection. This patch adjusts the condition so that MUX init is not delayed if SSL is not active for the check connection. A similar process is already conducted for normal connections via connect_server(). This must be backported up to 2.4. Despite not being a bug, it must be backported for the following patch which fixes check ALPN inheritance from server settings. --- src/tcpcheck.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/tcpcheck.c b/src/tcpcheck.c index 144ea256c..b4b032ef0 100644 --- a/src/tcpcheck.c +++ b/src/tcpcheck.c @@ -1511,7 +1511,8 @@ enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct tcpchec * is no alpn. */ if (!s || ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && check->mux_proto) || - connect->mux_proto || (!connect->alpn && !check->alpn_str)) { + connect->mux_proto || + (!conn_is_ssl(conn) || (!connect->alpn && !check->alpn_str))) { const struct mux_ops *mux_ops; TRACE_DEVEL("try to install mux now", CHK_EV_TCPCHK_CONN, check);