LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10212 Commits
1 Branch
46 MiB
Tree: 94b743fb2b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '94b743fb2b'
${ noResults }
openwrt-packages-dist/net/haproxy/patches/0004-BUG-MEDIUM-ssl-sample-...

103 lines
4.8 KiB
Raw Normal View History

haproxy: Update HAProxy to v1.8.4 (+patches) - Update haproxy download URL and hash - Update the haproxy homepage - Add libatomic to the dependencies as 1.8 needs it - Make USE_REGPARM an x86-only option as this fixes many warnings and does not do much on non-x86 platforms - Add USE_GETADDRINFO=1 to use getaddrinfo() to resolve IPv6 host names - Add USE_TFO=1 to enable TCP fast open - Unbreak CFLAGS, LD and LDFLAGS by adding the missing backslash after $(ADDON) - Unbreak IGNOREGIT=1 option (typo) - Rework LDFLAGS and add libatomic - Add MEDIUM+ patches (see https://www.haproxy.org/bugs/bugs-1.8.4.html) Signed-off-by: Christian Lachner <gladiac@gmail.com>
7 years ago
 
  1. From 7ccf7c9791f2b2329f3940d1347618af3a77bebc Mon Sep 17 00:00:00 2001
  2. From: Emeric Brun <ebrun@haproxy.com>
  3. Date: Mon, 19 Feb 2018 15:59:48 +0100
  4. Subject: [PATCH] BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
  5. 

  6. Since the split between connections and conn-stream objects, this
  7. keywords are broken.
  8. 

  9. This patch must be backported in 1.8
  10. 

  11. (cherry picked from commit eb8def9f34c37537d56a69fcd211d4c4c8006bea)
  12. Signed-off-by: Willy Tarreau <w@1wt.eu>
  13. ---

  14.  src/ssl_sock.c |   31 ++++++++++++++-----------------
  15.  1 file changed, 14 insertions(+), 17 deletions(-)
  16. 

  17. diff --git a/src/ssl_sock.c b/src/ssl_sock.c

  18. index 4d0d5db..d832d76 100644

  19. --- a/src/ssl_sock.c

  20. +++ b/src/ssl_sock.c

  21. @@ -6580,8 +6580,8 @@ smp_fetch_ssl_x_key_alg(const struct arg *args, struct sample *smp, const char *

  22.  static int
  23.  smp_fetch_ssl_fc(const struct arg *args, struct sample *smp, const char *kw, void *private)
  24.  {
  25. -	struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :

  26. -	                                    smp->strm ? smp->strm->si[1].end : NULL);

  27. +	struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :

  28. +	                                    smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;

  29.  
  30.  	smp->data.type = SMP_T_BOOL;
  31.  	smp->data.u.sint = (conn && conn->xprt == &ssl_sock);
  32. @@ -6625,8 +6625,8 @@ smp_fetch_ssl_fc_is_resumed(const struct arg *args, struct sample *smp, const ch

  33.  static int
  34.  smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *kw, void *private)
  35.  {
  36. -	struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :

  37. -	                                    smp->strm ? smp->strm->si[1].end : NULL);

  38. +	struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :

  39. +	                                    smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;

  40.  
  41.  	smp->flags = 0;
  42.  	if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
  43. @@ -6651,9 +6651,8 @@ smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *

  44.  static int
  45.  smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
  46.  {
  47. -	struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :

  48. -	                                    smp->strm ? smp->strm->si[1].end : NULL);

  49. -

  50. +	struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :

  51. +	                                    smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;

  52.  	int sint;
  53.  
  54.  	smp->flags = 0;
  55. @@ -6676,8 +6675,8 @@ smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const c

  56.  static int
  57.  smp_fetch_ssl_fc_use_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
  58.  {
  59. -	struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :

  60. -	                                    smp->strm ? smp->strm->si[1].end : NULL);

  61. +	struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :

  62. +	                                    smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;

  63.  
  64.  	smp->flags = 0;
  65.  	if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
  66. @@ -6747,8 +6746,8 @@ smp_fetch_ssl_fc_alpn(const struct arg *args, struct sample *smp, const char *kw

  67.  static int
  68.  smp_fetch_ssl_fc_protocol(const struct arg *args, struct sample *smp, const char *kw, void *private)
  69.  {
  70. -	struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :

  71. -	                                    smp->strm ? smp->strm->si[1].end : NULL);

  72. +	struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :

  73. +	                                    smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;

  74.  
  75.  	smp->flags = 0;
  76.  	if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
  77. @@ -6773,9 +6772,8 @@ static int

  78.  smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
  79.  {
  80.  #if OPENSSL_VERSION_NUMBER > 0x0090800fL
  81. -	struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :

  82. -	                                    smp->strm ? smp->strm->si[1].end : NULL);

  83. -

  84. +	struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :

  85. +	                                    smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;

  86.  	SSL_SESSION *ssl_sess;
  87.  
  88.  	smp->flags = SMP_F_CONST;
  89. @@ -6917,9 +6915,8 @@ static int

  90.  smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
  91.  {
  92.  #if OPENSSL_VERSION_NUMBER > 0x0090800fL
  93. -	struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :

  94. -	                                    smp->strm ? smp->strm->si[1].end : NULL);

  95. -

  96. +	struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :

  97. +	                                    smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;

  98.  	int finished_len;
  99.  	struct chunk *finished_trash;
  100.  
  101. -- 

  102. 1.7.10.4
  103.