MINOR: ssl: do not set ALPN callback with the empty string
While it does not have any effect, it's better not to try to setup an
ALPN callback nor to try to lookup algorithms when the configured ALPN
string is empty as a result of "no-alpn" being used.
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index cb544d4..e7f6d41 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4717,7 +4717,7 @@
ssl_conf_cur = ssl_conf;
else if (bind_conf->ssl_conf.alpn_str)
ssl_conf_cur = &bind_conf->ssl_conf;
- if (ssl_conf_cur)
+ if (ssl_conf_cur && ssl_conf_cur->alpn_len)
SSL_CTX_set_alpn_select_cb(ctx, ssl_sock_advertise_alpn_protos, ssl_conf_cur);
#endif
#if defined(SSL_CTX_set1_curves_list)
@@ -5150,7 +5150,7 @@
SSL_CTX_set_next_proto_select_cb(ctx, ssl_sock_srv_select_protos, (struct server*)srv);
#endif
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
- if (srv->ssl_ctx.alpn_str)
+ if (srv->ssl_ctx.alpn_str && srv->ssl_ctx.alpn_len)
SSL_CTX_set_alpn_protos(ctx, (unsigned char *)srv->ssl_ctx.alpn_str, srv->ssl_ctx.alpn_len);
#endif