From: Willy Tarreau <w@1wt.eu>
Date: Fri, 8 Feb 2019 09:22:31 +0000 (+0100)
Subject: BUG/MEDIUM: peers: check that p->srv actually exists before using p->srv->use_ssl
X-Git-Tag: v2.0-dev1~49
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1417f0b;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: peers: check that p->srv actually exists before using p->srv->use_ssl

Commit 1055e687a ("MINOR: peers: Make outgoing connection to SSL/TLS
peers work.") introduced an "srv" field in the peers, which points to
the equivalent server to hold SSL settings. This one is not set when
the peer is local so we must always test it before testing p->srv->use_ssl
otherwise haproxy dies during reloads.

No backport is needed, this is purely 2.0.
---

diff --git a/include/proto/peers.h b/include/proto/peers.h
index ce4feaa4c6..8b04cc8648 100644
--- a/include/proto/peers.h
+++ b/include/proto/peers.h
@@ -32,7 +32,7 @@
 #if defined(USE_OPENSSL)
 static inline enum obj_type *peer_session_target(struct peer *p, struct stream *s)
 {
-	if (p->srv->use_ssl)
+	if (p->srv && p->srv->use_ssl)
 		return &p->srv->obj_type;
 	else
 		return &s->be->obj_type;
@@ -40,7 +40,7 @@ static inline enum obj_type *peer_session_target(struct peer *p, struct stream *
 
 static inline struct xprt_ops *peer_xprt(struct peer *p)
 {
-	return p->srv->use_ssl ? xprt_get(XPRT_SSL) : xprt_get(XPRT_RAW);
+	return (p->srv && p->srv->use_ssl) ? xprt_get(XPRT_SSL) : xprt_get(XPRT_RAW);
 }
 #else
 static inline enum obj_type *peer_session_target(struct peer *p, struct stream *s)