upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-02 15:49:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

OPTIM: proto_rhttp: Don't set SNI for non-ssl connections

Browse source 
There is no reason to set the SNI for non-ssl connections. It is not really
an issue because ssl_sock_set_servername() function will do nothing. But
there is no reason to uselessly evaluate an expression.

No backport needed, because there is no bug.
This commit is contained in:
Christopher Faulet 2025-09-03 16:47:00 +02:00
parent 52866349a1
commit ef07d3511a
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/proto_rhttp.c
View file

@ -98,7 +98,7 @@ static struct connection *new_reverse_conn(struct listener *l, struct server *sr
goto err;
#ifdef USE_OPENSSL
if (srv->ssl_ctx.sni) {
if (conn_is_ssl(conn) && srv->ssl_ctx.sni) {
struct sample *sni_smp = NULL;
/* TODO remove NULL session which can cause crash depending on the SNI sample expr used. */
sni_smp = sample_fetch_as_type(srv->proxy, sess, NULL,