From: Yann Ylavic <ylavic@apache.org>
Date: Fri, 28 Feb 2014 14:46:50 +0000 (+0000)
Subject: mod_proxy: follows up r1572630.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=905b0d6af1e946d3d50e2855d3c8786aaa4fbd78;p=thirdparty%2Fapache%2Fhttpd.git

mod_proxy: follows up r1572630.
Don't reuse a SSL backend connection with no SNI for a request requiring SNI.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1572967 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
index 27cd0f456fe..7fafbfdcf35 100644
--- a/modules/proxy/proxy_util.c
+++ b/modules/proxy/proxy_util.c
@@ -2367,9 +2367,10 @@ ap_proxy_determine_connection(apr_pool_t *p, request_rec *r,
         else {
             ssl_hostname = conn->hostname;
         }
-        if (conn->ssl_hostname != NULL &&
-                (!ssl_hostname || strcasecmp(conn->ssl_hostname,
-                                             ssl_hostname) != 0)) {
+        if (conn->ssl_hostname != NULL
+                ? (ssl_hostname == NULL || strcasecmp(conn->ssl_hostname,
+                                                      ssl_hostname) != 0)
+                : (ssl_hostname != NULL && conn->sock)) {
             socket_cleanup(conn);
         }
         if (conn->ssl_hostname == NULL) {