BUG/MINOR: check: ensure check-reuse is compatible with SSL

SSL may be activated implicitely if a server relies on SSL, even without
check-ssl keyword. This is performed by init_srv_check() function. The
main operation is to change xprt layer for check to SSL.

Prior to this patch, <use_ssl> check member was also set, despite not
strictly necessary. This has a negative side-effect of rendering
check-reuse-pool ineffective. Indeed, reuse on check is only performed
if no specific check configuration has been specified (see
tcpcheck_use_nondefault_connect()).

This patch fixes check reuse with SSL : <use_ssl> is not set in case SSL
is inherited implicitely from server configuration. Thus, <use_ssl> is
now only set if an explicit check-ssl keyword is set, which disables
connection reuse for check.

This must be backported up to 3.2.

diff --git a/src/check.c b/src/check.c
index 186ddb019bc4a3b4abff61d3c118a8d3824ac451..03c85613f8f0fc5fcbfc67f93eaddece629f4a6f 100644 (file)
--- a/src/check.c
+++ b/src/check.c
@@ -1814,10 +1814,8 @@ int init_srv_check(struct server *srv)
                 * specified.
                 */
                if (!srv->check.port && !is_addr(&srv->check.addr)) {
-                       if (!srv->check.use_ssl && srv->use_ssl != -1) {
-                               srv->check.use_ssl = srv->use_ssl;
-                               srv->check.xprt    = srv->xprt;
-                       }
+                       if (!srv->check.use_ssl && srv->use_ssl != -1)
+                               srv->check.xprt = srv->xprt;
                        else if (srv->check.use_ssl == 1)
                                srv->check.xprt = xprt_get(XPRT_SSL);
                        srv->check.send_proxy |= (srv->pp_opts);