From 655dec81bde67a3e1acb146b18e6a038fe8c797b Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Tue, 1 Jun 2021 17:04:10 +0200 Subject: [PATCH] BUG/MINOR: backend: do not set sni on connection reuse When reusing a backend connection, do not reapply the SNI on the connection. It should already be defined when the connection was instantiated on a previous connect_server invocation. As the SNI is a parameter used to select a connection, only connection with same value can be reused. The impact of this bug is unknown and may be null. No memory leak has been reported by valgrind. So this is more a cleaning fix. This commit relies on the SF_SRV_REUSED flag and thus depends on the following fix : BUG/MINOR: backend: restore the SF_SRV_REUSED flag original purpose This should be backported up to 2.4. --- src/backend.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/backend.c b/src/backend.c index 6382805812..2ce34d1e1c 100644 --- a/src/backend.c +++ b/src/backend.c @@ -1625,8 +1625,10 @@ skip_reuse: return err; #ifdef USE_OPENSSL - if (smp_make_safe(sni_smp)) - ssl_sock_set_servername(srv_conn, sni_smp->data.u.str.area); + if (!(s->flags & SF_SRV_REUSED)) { + if (smp_make_safe(sni_smp)) + ssl_sock_set_servername(srv_conn, sni_smp->data.u.str.area); + } #endif /* USE_OPENSSL */ /* The CO_FL_SEND_PROXY flag may have been set by the connect method, -- 2.39.5