LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1305 Commits
1 Branch
46 MiB
Tree: d4042ec35e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd4042ec35e'
${ noResults }
openwrt-packages-dist/net/haproxy/patches/0018-BUG-MEDIUM-check-rule-...

102 lines
3.8 KiB
Raw Normal View History

haproxy: fixes from upstream - [PATCH 15/20] BUG/MEDIUM: remove debugging code from systemd-wrapper - [PATCH 16/20] BUG/MEDIUM: http: adjust close mode when switching to - [PATCH 17/20] BUG/MINOR: config: don't propagate process binding on - [PATCH 18/20] BUG/MEDIUM: check: rule-less tcp-check must detect - [PATCH 19/20] BUG/MINOR: tcp-check: report the correct failed step in - [PATCH 20/20] BUG/MINOR: config: don't propagate process binding for Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
10 years ago
 
  1. From e61737a721c3b91c79484e51fc1789293b269f9f Mon Sep 17 00:00:00 2001
  2. From: Willy Tarreau <w@1wt.eu>
  3. Date: Thu, 2 Oct 2014 14:30:14 +0200
  4. Subject: [PATCH 18/20] BUG/MEDIUM: check: rule-less tcp-check must detect
  5.  connect failures
  6. 

  7. When "option tcp-check" is specified without any tcp-check rules, the
  8. documentation says that it's the same as the default check method. But
  9. the code path is a bit different, and we used to consider that since
  10. the end of rules was reached, the check is always successful regardless
  11. of the connection status.
  12. 

  13. This patch reorganizes the error detection, and considers the special
  14. case where there's no tcp-check rule as a real L4 check. It also avoids
  15. dereferencing the rule list head as a rule by itself.
  16. 

  17. While fixing this bug, another one related to the output messages'
  18. accuracy was noticed, it will be fixed in a separate commit and is
  19. much less important.
  20. 

  21. This bug is also present in 1.5, so this fix must be backported.
  22. (cherry picked from commit ef953953e7f33c6a72c432fce8d47c2d84c69512)
  23. ---

  24.  src/checks.c | 40 +++++++++++++++++++++++++---------------
  25.  1 file changed, 25 insertions(+), 15 deletions(-)
  26. 

  27. diff --git a/src/checks.c b/src/checks.c

  28. index f3b2b54..9c1a866 100644

  29. --- a/src/checks.c

  30. +++ b/src/checks.c

  31. @@ -1837,20 +1837,34 @@ static int tcpcheck_get_step_id(struct server *s)

  32.  static void tcpcheck_main(struct connection *conn)
  33.  {
  34.  	char *contentptr;
  35. -	struct list *head = NULL;

  36.  	struct tcpcheck_rule *cur = NULL;
  37.  	int done = 0, ret = 0;
  38. -

  39.  	struct check *check = conn->owner;
  40.  	struct server *s = check->server;
  41.  	struct task *t = check->task;
  42. +	struct list *head = &s->proxy->tcpcheck_rules;

  43.  
  44. -	/*

  45. -	 * don't do anything until the connection is established but if we're running

  46. -	 * first step which must be a connect

  47. +	/* here, we know that the check is complete or that it failed */

  48. +	if (check->result != CHK_RES_UNKNOWN)

  49. +		goto out_end_tcpcheck;

  50. +

  51. +	/* We have 4 possibilities here :

  52. +	 *   1. we've not yet attempted step 1, and step 1 is a connect, so no

  53. +	 *      connection attempt was made yet ;

  54. +	 *   2. we've not yet attempted step 1, and step 1 is a not connect or

  55. +	 *      does not exist (no rule), so a connection attempt was made

  56. +	 *      before coming here.

  57. +	 *   3. we're coming back after having started with step 1, so we may

  58. +	 *      be waiting for a connection attempt to complete.

  59. +	 *   4. the connection + handshake are complete

  60. +	 *

  61. +	 * #2 and #3 are quite similar, we want both the connection and the

  62. +	 * handshake to complete before going any further. Thus we must always

  63. +	 * wait for a connection to complete unless we're before and existing

  64. +	 * step 1.

  65.  	 */
  66. -	if (check->current_step && (!(conn->flags & CO_FL_CONNECTED))) {

  67. -		/* update expire time, should be done by process_chk */

  68. +	if ((!(conn->flags & CO_FL_CONNECTED) || (conn->flags & CO_FL_HANDSHAKE)) &&

  69. +	    (check->current_step || LIST_ISEMPTY(head))) {

  70.  		/* we allow up to min(inter, timeout.connect) for a connection
  71.  		 * to establish but only when timeout.check is set
  72.  		 * as it may be to short for a full check otherwise
  73. @@ -1867,12 +1881,11 @@ static void tcpcheck_main(struct connection *conn)

  74.  		return;
  75.  	}
  76.  
  77. -	/* here, we know that the connection is established */

  78. -	if (check->result != CHK_RES_UNKNOWN)

  79. +	/* special case: option tcp-check with no rule, a connect is enough */

  80. +	if (LIST_ISEMPTY(head)) {

  81. +		set_server_check_status(check, HCHK_STATUS_L4OK, NULL);

  82.  		goto out_end_tcpcheck;
  83. -

  84. -	/* head is be the first element of the double chained list */

  85. -	head = &s->proxy->tcpcheck_rules;

  86. +	}

  87.  
  88.  	/* no step means first step
  89.  	 * initialisation */
  90. @@ -1891,9 +1904,6 @@ static void tcpcheck_main(struct connection *conn)

  91.  		cur = check->current_step;
  92.  	}
  93.  
  94. -	if (conn->flags & CO_FL_HANDSHAKE)

  95. -		return;

  96. -

  97.  	/* It's only the rules which will enable send/recv */
  98.  	__conn_data_stop_both(conn);
  99.  
  100. -- 

  101. 2.0.4
  102.