MINOR: connection: use the srv pointer for the srv conn hash

The pointer of the target server is used as a first parameter for the
server connection hash calcul. This prevents the hash to be null when no
specific parameters are present, and can serve as a simple defense
against an attacker trying to reuse a non-conform connection.

include/haproxy/connection-t.h

@@ -487,6 +487,7 @@ enum conn_hash_params_t {
  * connection hash.
  */
 struct conn_hash_params {
+	struct server *srv;
 };
 
 /* This structure describes a connection with its methods and data.

src/backend.c

@@ -1251,15 +1251,18 @@ int connect_server(struct stream *s)
 
 	/* first, set unique connection parameters and then calculate hash */
 	memset(&hash_params, 0, sizeof(hash_params));
-	hash = conn_calculate_hash(&hash_params);
+
+	srv = objt_server(s->target);
+	hash_params.srv = srv;
+
+	if (srv)
+		hash = conn_calculate_hash(&hash_params);
 
 	/* This will catch some corner cases such as lying connections resulting from
 	 * retries or connect timeouts but will rarely trigger.
 	 */
 	si_release_endpoint(&s->si[1]);
 
-	srv = objt_server(s->target);
-
 	/* do not reuse if mode is http or if avail list is not allocated */
 	if ((s->be->mode != PR_MODE_HTTP) || (srv && !srv->available_conns_tree))
 		goto skip_reuse;

src/connection.c

@@ -1421,6 +1421,8 @@ XXH64_hash_t conn_calculate_hash(const struct conn_hash_params *params)
 
 	buf = trash.area;
 
+	conn_hash_update(buf, &idx, &params->srv, sizeof(params->srv), &hash_flags, 0);
+
 	hash = conn_hash_digest(buf, idx, hash_flags);
 	return hash;
 }