From: Olivier Houchard <ohouchard@haproxy.com>
Date: Mon, 24 Jun 2019 16:57:39 +0000 (+0200)
Subject: BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx.
X-Git-Tag: v2.1-dev1~59
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0ff28651c184f2b6cc7782b0960ed69cc907ca97;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx.

In ssl_subscribe(), make sure we have a ssl_sock_ctx before doing anything.
When ssl_sock_close() is called, it wakes any subscriber up, and that
subscriber may decide to subscribe again, for some reason. If we no longer
have a context, there's not much we can do.

This should be backported to 2.0.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 1d0e4dbb1d..05240063bf 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5553,6 +5553,9 @@ static int ssl_subscribe(struct connection *conn, void *xprt_ctx, int event_type
 	struct wait_event *sw;
 	struct ssl_sock_ctx *ctx = xprt_ctx;
 
+	if (!ctx)
+		return -1;
+
 	if (event_type & SUB_RETRY_RECV) {
 		sw = param;
 		BUG_ON(ctx->recv_wait !=  NULL || (sw->events & SUB_RETRY_RECV));