BUG/MINOR: quic/ssl: crash in ClientHello callback ssl traces

Such crashes may occur for QUIC frontends only when the SSL traces are enabled.

ssl_sock_switchctx_cbk() ClientHello callback may be called without any connection
initialize (<conn>) for QUIC connections leading to crashes when passing
conn->err_code to TRACE_ERROR().

Modify the TRACE_ERROR() statement to pass this parameter only when <conn> is
initialized.

Must be backported as far as 3.2.

diff --git a/src/ssl_clienthello.c b/src/ssl_clienthello.c
index ffc06b94b2d96380ac1f2eb22e5904646ff13dae..af4b1d9ffd507c95d78e384c70a03f6070f3d680 100644 (file)
--- a/src/ssl_clienthello.c
+++ b/src/ssl_clienthello.c
@@ -506,7 +506,8 @@ sni_lookup:
        /* abort handshake (was SSL_TLSEXT_ERR_ALERT_FATAL) */
        if (conn)
                conn->err_code = CO_ER_SSL_HANDSHAKE;
-       TRACE_ERROR("No suitable SSL context found", SSL_EV_CONN_SWITCHCTX_CB|SSL_EV_CONN_ERR, conn, ssl, &conn->err_code);
+       TRACE_ERROR("No suitable SSL context found", SSL_EV_CONN_SWITCHCTX_CB|SSL_EV_CONN_ERR,
+                   conn, ssl, conn ? &conn->err_code : NULL);
 #if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
        return ssl_select_cert_error;
 #else