BUG/MEDIUM: ssl: Make sure the alpn length is small enough
When the check for server hash was introduced to make sure we're using
the right alpn, the logic to store the new alpn was flawed. We should
always check that the new alpn length is small enough to fit in the
buffer, no matter if the server hash is not the same or not. So always
check the length first, and only check if the alpn or the server changed
after.
This should be backported whenever commit
de3f245df032073dec134f5d0f597d73a7b2575d has been backported.
projects / thirdparty / haproxy.git / commit
