LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17041 Commits
1 Branch
46 MiB
Tree: 85b09eebb2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '85b09eebb2'
${ noResults }
openwrt-packages-dist/net/haproxy/patches/000-MINOR-config-warn-on-pr...

65 lines
2.4 KiB
Raw Normal View History

haproxy: Update patches for HAProxy v2.0.8 - Add new patches (see https://www.haproxy.org/bugs/bugs-2.0.8.html) Signed-off-by: Christian Lachner <gladiac@gmail.com>
5 years ago
 
  1. commit 41898a216e92c80c1354b67613834be1b3e97864
  2. Author: Willy Tarreau <w@1wt.eu>
  3. Date:   Fri Oct 25 14:16:14 2019 +0200
  4. 

  5.     MINOR: config: warn on presence of "\n" in header values/replacements
  6.     
  7.     Yves Lafon reported an interesting case where an old rsprep rule used
  8.     to conditionally append a header field by inserting a \n in the exising
  9.     value was breaking H2 in HTX mode, with the browser rightfully reporting
  10.     a PROTOCOL_ERROR when facing the \n. In legacy mode, since the response
  11.     is first parsed again as an HTTP/1 message before being converted to H2
  12.     the issue does not happen. We should definitely discourage from using
  13.     this old trick nowadays, http-request and http-response rules were made
  14.     exactly to end this. Let's detect this and emit a warning when present.
  15.     In 2.0 there is already a warning recalling that these rules are
  16.     deprecated and which explains what to do instead, so the user now gets
  17.     all the relevant information to convert them.
  18.     
  19.     There is no upstream commit ID for this patch because these rules were
  20.     indeed removed from 2.1. This patch could be backported to 1.9 as it
  21.     can also trigger the problem when HTX is enabled.
  22. 

  23. diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c

  24. index 5454f3bb..9c3e107a 100644

  25. --- a/src/cfgparse-listen.c

  26. +++ b/src/cfgparse-listen.c

  27. @@ -294,6 +294,12 @@ static int create_cond_regex_rule(const char *file, int line,

  28.  		goto err_free;
  29.  	}
  30.  
  31. +	if (repl && strchr(repl, '\n')) {

  32. +		ha_warning("parsing [%s:%d] : '%s' : hack involving '\\n' character in replacement string will fail with HTTP/2.\n",

  33. +			 file, line, cmd);

  34. +		ret_code |= ERR_WARN;

  35. +	}

  36. +

  37.  	if (dir == SMP_OPT_DIR_REQ && warnif_misplaced_reqxxx(px, file, line, cmd))
  38.  		ret_code |= ERR_WARN;
  39.  
  40. @@ -4039,6 +4045,12 @@ stats_error_parsing:

  41.  			goto out;
  42.  		}
  43.  
  44. +		if (strchr(args[1], '\n')) {

  45. +			ha_warning("parsing [%s:%d] : '%s' : hack involving '\\n' character in new header value will fail with HTTP/2.\n",

  46. +				   file, linenum, args[0]);

  47. +			err_code |= ERR_WARN;

  48. +		}

  49. +

  50.  		wl = calloc(1, sizeof(*wl));
  51.  		wl->cond = cond;
  52.  		wl->s = strdup(args[1]);
  53. @@ -4157,6 +4169,12 @@ stats_error_parsing:

  54.  			goto out;
  55.  		}
  56.  
  57. +		if (strchr(args[1], '\n')) {

  58. +			ha_warning("parsing [%s:%d] : '%s' : hack involving '\\n' character in new header value will fail with HTTP/2.\n",

  59. +				   file, linenum, args[0]);

  60. +			err_code |= ERR_WARN;

  61. +		}

  62. +

  63.  		wl = calloc(1, sizeof(*wl));
  64.  		wl->cond = cond;
  65.  		wl->s = strdup(args[1]);