BUG/MINOR: ssl: Always start the handshake if we can't send early data.
The current code only tries to do the handshake in case we can't send early
data if we're acting as a client, which is wrong, it has to be done on the
server side too, or we end up in an infinite loop.
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index d197796..b8793fc 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5514,10 +5514,8 @@
if (try + conn->tmp_early_data > max_early) {
try -= (try + conn->tmp_early_data) - max_early;
if (try <= 0) {
- if (objt_server(conn->target)) {
- conn->flags &= ~CO_FL_EARLY_SSL_HS;
- conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
- }
+ conn->flags &= ~CO_FL_EARLY_SSL_HS;
+ conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
break;
}
}