Don't crash when blocking a CONNECT request with https filtering enabled

author Fabian Keil <fk@fabiankeil.de>

Sat, 22 Feb 2020 13:38:16 +0000 (14:38 +0100)

committer Fabian Keil <fk@fabiankeil.de>

Sat, 22 Feb 2020 13:42:54 +0000 (14:42 +0100)
author Fabian Keil <fk@fabiankeil.de>
Sat, 22 Feb 2020 13:38:16 +0000 (14:38 +0100)
committer Fabian Keil <fk@fabiankeil.de>
Sat, 22 Feb 2020 13:42:54 +0000 (14:42 +0100)
diff --git a/jcc.c b/jcc.c

index 654822a..591edd7 100644 (file)
--- a/jcc.c
+++ b/jcc.c
@@ -3611,9 +3611,12 @@ static void chat(struct client_state *csp)
     build_request_line(csp, fwd, &csp->headers->first->str);
  
     /*
-    * We have a request. Check if one of the crunchers wants it.
+    * We have a request. Check if one of the crunchers wants it
+    * unless the client wants to use TLS/SSL in which case we
+    * haven't setup the TLS context yet and will send the crunch
+    * response later.
      */
-   if (crunch_response_triggered(csp, crunchers_all))
+   if (!client_use_ssl(csp) && crunch_response_triggered(csp, crunchers_all))
     {
        /*
         * Yes. The client got the crunch response and we're done here.
author	Fabian Keil <fk@fabiankeil.de>
	Sat, 22 Feb 2020 13:38:16 +0000 (14:38 +0100)
committer	Fabian Keil <fk@fabiankeil.de>
	Sat, 22 Feb 2020 13:42:54 +0000 (14:42 +0100)