BUG/MINOR: ssl: Always start the handshake if we can't send early data. The current code only tries to do the handshake in case we can't send early data if we're acting as a client, which is wrong, it has to be done on the server side too, or we end up in an infinite loop.

commit: 777e4b98a3252f89615d528f686087a9ab22d169 [log] [tgz]
author: Olivier Houchard <ohouchard@haproxy.com> Wed Nov 22 17:38:37 2017 +0100
committer: Willy Tarreau <w@1wt.eu> Wed Nov 22 19:27:09 2017 +0100
tree: 09fba78d0004c2d63d85d8da926d20d47bf2f0bc
parent: 1f89b1805b308df51a1329aea9a81d2ba55dfedc [diff] [blame]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index d197796..b8793fc 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -5514,10 +5514,8 @@
 			if (try + conn->tmp_early_data > max_early) {
 				try -= (try + conn->tmp_early_data) - max_early;
 				if (try <= 0) {
-					if (objt_server(conn->target)) {
-						conn->flags &= ~CO_FL_EARLY_SSL_HS;
-						conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
-					}
+					conn->flags &= ~CO_FL_EARLY_SSL_HS;
+					conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
 					break;
 				}
 			}
commit	777e4b98a3252f89615d528f686087a9ab22d169	[log] [tgz]
author	Olivier Houchard <ohouchard@haproxy.com>	Wed Nov 22 17:38:37 2017 +0100
committer	Willy Tarreau <w@1wt.eu>	Wed Nov 22 19:27:09 2017 +0100
tree	09fba78d0004c2d63d85d8da926d20d47bf2f0bc
parent	1f89b1805b308df51a1329aea9a81d2ba55dfedc [diff] [blame]