upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-21 06:06:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

OPTIM: backend: Don't set SNI for non-ssl connections

Browse source 
There is no reason to set the SNI for non-ssl connections. It is not really
an issue because ssl_sock_set_servername() function will do nothing. But
there is no reason to uselessly evaluate an expression.

No backport needed, because there is no bug.
This commit is contained in:
Christopher Faulet 2025-09-03 16:44:15 +02:00
parent a97bd0f505
commit 52866349a1
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/backend.c
View file

@ -2107,7 +2107,7 @@ int connect_server(struct stream *s)
#ifdef USE_OPENSSL
/* Set socket SNI unless connection is reused. */
if (srv && srv->ssl_ctx.sni && !(s->flags & SF_SRV_REUSED)) {
if (conn_is_ssl(srv_conn) && srv && srv->ssl_ctx.sni && !(s->flags & SF_SRV_REUSED)) {
struct sample *sni_smp = NULL;
sni_smp = sample_fetch_as_type(s->be, s->sess, s,