From: Lukas Tribus <lukas@ltri.eu>
Date: Mon, 26 Nov 2018 21:57:17 +0000 (+0100)
Subject: MINOR: ssl: free ctx when libssl doesn't support NPN
X-Git-Tag: v1.9-dev9~126
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7706b85e0cffa941028318d81b3a67dc724abbf9;p=thirdparty%2Fhaproxy.git

MINOR: ssl: free ctx when libssl doesn't support NPN

The previous fix da95fd90 ("BUILD/MINOR: ssl: fix build with non-alpn/
non-npn libssl") does fix the build in old OpenSSL release, but I
overlooked that the ctx is only freed when NPN is supported.

Fix this by moving the #endif to the proper place (this was broken in
c7566001 ("MINOR: server: Add "alpn" and "npn" keywords")).
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 86d4f227a4..a73fb2dd97 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4846,9 +4846,9 @@ void ssl_sock_free_srv_ctx(struct server *srv)
 #ifdef OPENSSL_NPN_NEGOTIATED
 	if (srv->ssl_ctx.npn_str)
 		free(srv->ssl_ctx.npn_str);
+#endif
 	if (srv->ssl_ctx.ctx)
 		SSL_CTX_free(srv->ssl_ctx.ctx);
-#endif
 }
 
 /* Walks down the two trees in bind_conf and frees all the certs. The pointer may