BUG/MINOR: startup: don't use internal proxies to compute the maxconn With internal proxies using the SSL activated (httpclient for example) the automatic computation of the maxconn is wrong because these proxies are always activated by default. This patch fixes the issue by not counting these internal proxies during the computation. Must be backported as far as 2.5.

commit: 0adafb307eacd75ad0305f996c07668f470da1e4 [log] [tgz]
author: William Lallemand <wlallemand@haproxy.org> Tue Dec 13 18:17:44 2022 +0100
committer: William Lallemand <wlallemand@haproxy.org> Tue Dec 13 18:28:29 2022 +0100
tree: d11154619513dc7543d8dce5952236d41ae7547b
parent: 38c5b6ea971952e2fd5ca6949d2f4076d9c1f6ff [diff]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 0b8cfb8..cbc1eb9 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -5229,8 +5229,10 @@
 {
 	int cfgerr = 0;
 	SSL_CTX *ctx;
-	/* Automatic memory computations need to know we use SSL there */
-	global.ssl_used_backend = 1;
+	/* Automatic memory computations need to know we use SSL there
+	 * If this is an internal proxy, don't use it for the computation */
+	if (!(srv->proxy && srv->proxy->cap & PR_CAP_INT))
+		global.ssl_used_backend = 1;
 
 	/* Initiate SSL context for current server */
 	if (!srv->ssl_ctx.reused_sess) {
commit	0adafb307eacd75ad0305f996c07668f470da1e4	[log] [tgz]
author	William Lallemand <wlallemand@haproxy.org>	Tue Dec 13 18:17:44 2022 +0100
committer	William Lallemand <wlallemand@haproxy.org>	Tue Dec 13 18:28:29 2022 +0100
tree	d11154619513dc7543d8dce5952236d41ae7547b
parent	38c5b6ea971952e2fd5ca6949d2f4076d9c1f6ff [diff]