[multiple] reset http vers, avoid rare crash (fixes #3152)

(thx ultimator)

do not set r->http_version to HTTP_VERSION_2 when selecting TLS ALPN
if r->handler_module already set, since handler module is likely
mod_sockproxy, and con->h2 will not get initialized.

This does continue to select "h2", so the mod_sockproxy backend
should be prepared to receive the HTTP/2 client connection preface.

x-ref:
  "Random Segfaults with version 1.4.64 w/ mod_sockproxy and ALPN h2"
  https://redmine.lighttpd.net/issues/3152

1 files changed, 4 insertions, 2 deletions

diff --git a/src/mod_mbedtls.c b/src/mod_mbedtls.c
index 00acbaa5..f68b236a 100644
--- a/src/mod_mbedtls.c
+++ b/src/mod_mbedtls.c
@@ -1202,7 +1202,8 @@ mod_mbedtls_alpn_selected (handler_ctx * const hctx, const char * const in)
       case 2:  /* "h2" */
         if (in[i] == 'h' && in[i+1] == '2') {
             proto = MOD_MBEDTLS_ALPN_H2;
-            hctx->r->http_version = HTTP_VERSION_2;
+            if (hctx->r->handler_module == NULL)/*(e.g. not mod_sockproxy)*/
+                hctx->r->http_version = HTTP_VERSION_2;
             break;
         }
         return 0;
@@ -1247,7 +1248,8 @@ mod_mbedtls_alpn_select_cb (handler_ctx *hctx, const unsigned char *in, const un
             if (in[i] == 'h' && in[i+1] == '2') {
                 if (!hctx->r->conf.h2proto) continue;
                 hctx->alpn = MOD_MBEDTLS_ALPN_H2;
-                hctx->r->http_version = HTTP_VERSION_2;
+                if (hctx->r->handler_module == NULL)/*(e.g. not mod_sockproxy)*/
+                    hctx->r->http_version = HTTP_VERSION_2;
                 return 0;
             }
             continue;