BUG/MINOR: ssl: free correctly the sni in the backend SSL cache

__ssl_sock_load_new_ckch_instance() does not free correctly the SNI in
the session cache, it only frees the one in the current tid.

This bug was introduced with e18d4e8 ("BUG/MEDIUM: ssl: backend TLS
resumption with sni and TLSv1.3").

This fix must be backported where the mentionned commit was backported.
(all maintained versions).

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 82169507f2c9f931f08a10b78d58b7a462ace7db..192ad6c666ff1981da90872130e49ee244f85b80 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -1799,7 +1799,7 @@ static void __ssl_sock_load_new_ckch_instance(struct ckch_inst *ckchi)
 
                /* flush the session cache of the server */
                for (i = 0; i < global.nbthread; i++) {
-                       ha_free(&ckchi->server->ssl_ctx.reused_sess[tid].sni);
+                       ha_free(&ckchi->server->ssl_ctx.reused_sess[i].sni);
                        ha_free(&ckchi->server->ssl_ctx.reused_sess[i].ptr);
                }
                HA_RWLOCK_WRUNLOCK(SSL_SERVER_LOCK, &ckchi->server->ssl_ctx.lock);