BUG/MEDIUM: checks: Don't try to set ALPN if connection failed.

If we failed to connect, don't attempt to set the ALPN, as we don't have
a SSL context, anyway.

This should be backported to 1.9.

diff --git a/src/checks.c b/src/checks.c
index 78d4e390b60f32fc44837e85f899e7f483a6382d..e4c7a4896dc53b437ee46da1db7ae1e6b893e382 100644 (file)
--- a/src/checks.c
+++ b/src/checks.c
@@ -1641,11 +1641,13 @@ static int connect_conn_chk(struct task *t)
 
 
 #ifdef USE_OPENSSL
-       if (s->check.sni)
-               ssl_sock_set_servername(conn, s->check.sni);
-       if (s->check.alpn_str)
-               ssl_sock_set_alpn(conn, (unsigned char *)s->check.alpn_str,
-                   s->check.alpn_len);
+       if (ret == SF_ERR_NONE) {
+               if (s->check.sni)
+                       ssl_sock_set_servername(conn, s->check.sni);
+               if (s->check.alpn_str)
+                       ssl_sock_set_alpn(conn, (unsigned char *)s->check.alpn_str,
+                           s->check.alpn_len);
+       }
 #endif
        if (s->check.send_proxy && !(check->state & CHK_ST_AGENT)) {
                conn->send_proxy_ofs = 1;