upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-06-11 01:41:49 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14

BUG/MEDIUM: check: Don't reuse the server xprt if we should not

Browse source 
Don't assume the check will reuse the server's xprt. It may not be true
if some settings such as the ALPN has been set, and it differs from the
server's one. If the server is QUIC, and we want to use TCP for checks,
we certainly don't want to reuse its XPRT.
This commit is contained in:
Olivier Houchard 2026-03-24 15:51:34 +01:00 committed by Olivier Houchard
parent 1c1d9d2500
commit 07edaed191
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/check.c
View file

@ -1813,7 +1813,15 @@ int init_srv_check(struct server *srv)
* specified.
*/
if (!srv->check.port && !is_addr(&srv->check.addr)) {
if (!srv->check.use_ssl && srv->use_ssl != -1)
/*
* If any setting is set for the check, then we can't
* assume we'll use the same XPRT as the server, the
* server may be QUIC, but we want a TCP check.
*/
if (!srv->check.use_ssl && srv->use_ssl != -1 &&
!srv->check.via_socks4 && !srv->check.send_proxy &&
(!srv->check.alpn_len || (srv->check.alpn_len == srv->ssl_ctx.alpn_len && !strncmp(srv->check.alpn_str, srv->ssl_ctx.alpn_str, srv->check.alpn_len))) &&
(!srv->check.mux_proto || srv->check.mux_proto != srv->mux_proto))
srv->check.xprt = srv->xprt;
else if (srv->check.use_ssl == 1)
srv->check.xprt = xprt_get(XPRT_SSL);