From 4427ea7f049760725141bc710511c1a4c8bf59b4 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <cfaulet@haproxy.com>
Date: Wed, 23 Nov 2022 15:58:59 +0100
Subject: [PATCH] BUG/MEDIUM: mux-h1: Remove H1C_F_WAIT_NEXT_REQ flag on a next
 request

When an idle H1 connection starts to process an new request, we must take
care to remove H1C_F_WAIT_NEXT_REQ flag. This flag is used to know an idle
H1 connection has already processed at least one request and is waiting for
a next one, but nothing was received yet.

Keeping this flag leads to a crash because some running H1 connections may
be erroneously released on a soft-stop. Indeed, only idle or closed
connections must be released.

This bug was reported into #1903. It is 2.7-specific. No backport needed.
---
 src/mux_h1.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/mux_h1.c b/src/mux_h1.c
index b730364ac..15abff3d7 100644
--- a/src/mux_h1.c
+++ b/src/mux_h1.c
@@ -750,7 +750,7 @@ static struct h1s *h1s_new(struct h1c *h1c)
 	if (h1c->flags & H1C_F_WAIT_NEXT_REQ)
 		h1s->flags |= H1S_F_NOT_FIRST;
 	h1s->h1c->state = H1_CS_EMBRYONIC;
-
+	h1s->h1c->flags &= ~H1C_F_WAIT_NEXT_REQ;
 	TRACE_LEAVE(H1_EV_H1S_NEW, h1c->conn, h1s);
 	return h1s;