BUG/MINOR: ssl: remove dead code in ssl_sock_from_buf()

When haproxy is compiled in -O0, the SSL_get_max_early_data() symbol is
used in the generated assembly, however -O2 seems to remove this symbol
when optimizing the code.

It happens because `if conn_is_back(conn)` and `if
(objt_listener(conn->target))` are opposed conditions, which mean we
never use the branch when objt_listener(conn->target) is true.

This patch removes the dead code. Bonus: SSL_get_max_early_data() is not
implemented in rustls, and that's the only thing preventing to start
with it.

This can be backported in every stable branches.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index fea5951eec2025969ae2c517afa2deea8ed57ed5..40d5da29e99568c6f740f34ea7e1bbabc33a2835 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7245,14 +7245,10 @@ static size_t ssl_sock_from_buf(struct connection *conn, void *xprt_ctx, const s
                if ((ctx->flags & SSL_SOCK_F_EARLY_ENABLED) && conn_is_back(conn)) {
                        unsigned int max_early;
 
-                       if (objt_listener(conn->target))
-                               max_early = SSL_get_max_early_data(ctx->ssl);
-                       else {
-                               if (SSL_get0_session(ctx->ssl))
-                                       max_early = SSL_SESSION_get_max_early_data(SSL_get0_session(ctx->ssl));
-                               else
-                                       max_early = 0;
-                       }
+                       if (SSL_get0_session(ctx->ssl))
+                               max_early = SSL_SESSION_get_max_early_data(SSL_get0_session(ctx->ssl));
+                       else
+                               max_early = 0;
 
                        if (try + ctx->sent_early_data > max_early) {
                                try -= (try + ctx->sent_early_data) - max_early;