From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Tue, 28 Feb 2023 16:46:18 +0000 (+0100)
Subject: MINOR: ssl: Destroy ocsp update http_client during cleanup
X-Git-Tag: v2.8-dev5~63
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=926f34bc36311fe037e6fea4b917661f94047984;p=thirdparty%2Fhaproxy.git

MINOR: ssl: Destroy ocsp update http_client during cleanup

If a deinit is started while an OCSP update is in progress we might end
up with a dangling http_client instance that should be destroyed
properly.
---

diff --git a/src/ssl_ocsp.c b/src/ssl_ocsp.c
index 99edfc8750..ef624b0733 100644
--- a/src/ssl_ocsp.c
+++ b/src/ssl_ocsp.c
@@ -846,6 +846,11 @@ void ssl_destroy_ocsp_update_task(void)
 
 	ssl_sock_free_ocsp(ssl_ocsp_task_ctx.cur_ocsp);
 	ssl_ocsp_task_ctx.cur_ocsp = NULL;
+
+	if (ssl_ocsp_task_ctx.hc) {
+		httpclient_stop_and_destroy(ssl_ocsp_task_ctx.hc);
+		ssl_ocsp_task_ctx.hc = NULL;
+	}
 }
 
 static inline void ssl_ocsp_set_next_update(struct certificate_ocsp *ocsp)