LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

haproxy: fixes from upstream 

- [PATCH 10/12] MINOR: stats: fix minor typo in HTML page
 - [PATCH 11/12] BUG/MEDIUM: unix: do not unlink() abstract namespace
 - [PATCH 12/12] DOC: provide an example of how to use ssl_c_sha1

Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
lilik-openwrt-22.03
Thomas Heil 11 years ago
parent
e86c668446
commit
4a3440a8c3
4 changed files with 103 additions and 1 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      net/haproxy/Makefile
  2. +28
    -0
      net/haproxy/patches/0010-MINOR-stats-fix-minor-typo-in-HTML-page.patch
  3. +45
    -0
      net/haproxy/patches/0011-BUG-MEDIUM-unix-do-not-unlink-abstract-namespace-soc.patch
  4. +29
    -0
      net/haproxy/patches/0012-DOC-provide-an-example-of-how-to-use-ssl_c_sha1.patch

+ 1
- 1
net/haproxy/Makefile View File

@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy PKG_NAME:=haproxy
PKG_VERSION:=1.5.1 PKG_VERSION:=1.5.1
PKG_RELEASE:=09
PKG_RELEASE:=12
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/ PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
PKG_MD5SUM:=49640cf3ddd793a05fbd3394481a1ed4 PKG_MD5SUM:=49640cf3ddd793a05fbd3394481a1ed4


+ 28
- 0
net/haproxy/patches/0010-MINOR-stats-fix-minor-typo-in-HTML-page.patch View File

@ -0,0 +1,28 @@
From d38f5c0c1cbba00d80cad2640c005794fa5bc4f9 Mon Sep 17 00:00:00 2001
From: Marco Corte <marco@marcocorte.it>
Date: Wed, 2 Jul 2014 17:49:34 +0200
Subject: [PATCH 10/12] MINOR: stats: fix minor typo in HTML page
There is a very small typo in the statistics interface: a "set" in
lowercase where allothers are uppercase "Set".
(cherry picked from commit 8c27bcaea0116247ee055c5481a63507de4fe6e4)
---
src/dumpstats.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/dumpstats.c b/src/dumpstats.c
index c8bac08..5365042 100644
--- a/src/dumpstats.c
+++ b/src/dumpstats.c
@@ -3710,7 +3710,7 @@ static void stats_dump_html_px_end(struct stream_interface *si, struct proxy *px
"<option value=\"\"></option>"
"<option value=\"ready\">Set state to READY</option>"
"<option value=\"drain\">Set state to DRAIN</option>"
- "<option value=\"maint\">set state to MAINT</option>"
+ "<option value=\"maint\">Set state to MAINT</option>"
"<option value=\"dhlth\">Health: disable checks</option>"
"<option value=\"ehlth\">Health: enable checks</option>"
"<option value=\"hrunn\">Health: force UP</option>"
--
1.8.5.5

+ 45
- 0
net/haproxy/patches/0011-BUG-MEDIUM-unix-do-not-unlink-abstract-namespace-soc.patch View File

@ -0,0 +1,45 @@
From 76ad998e2b6ae852567ff53edb84a0b467c0c9cb Mon Sep 17 00:00:00 2001
From: Jan Seda <hodor@hodor.cz>
Date: Thu, 26 Jun 2014 20:44:05 +0200
Subject: [PATCH 11/12] BUG/MEDIUM: unix: do not unlink() abstract namespace
sockets upon failure.
When bind() fails (function uxst_bind_listener()), the fail path doesn't
consider the abstract namespace and tries to unlink paths held in
uninitiliazed memory (tempname and backname). See the strace excerpt;
the strings still hold the path from test1.
===============================================================================================
23722 bind(5, {sa_family=AF_FILE, path=@"test2"}, 110) = -1 EADDRINUSE (Address already in use)
23722 unlink("/tmp/test1.sock.23722.tmp") = -1 ENOENT (No such file or directory)
23722 close(5) = 0
23722 unlink("/tmp/test1.sock.23722.bak") = -1 ENOENT (No such file or directory)
===============================================================================================
This patch should be backported to 1.5.
(cherry picked from commit 7319b64fc4c9b7e04726816c6cc02f6ecf66a0a4)
---
src/proto_uxst.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/proto_uxst.c b/src/proto_uxst.c
index f83d34e..c9a52ff 100644
--- a/src/proto_uxst.c
+++ b/src/proto_uxst.c
@@ -309,11 +309,11 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
if (ret < 0 && errno == ENOENT)
unlink(path);
err_unlink_temp:
- if (!ext)
+ if (!ext && path[0])
unlink(tempname);
close(fd);
err_unlink_back:
- if (!ext)
+ if (!ext && path[0])
unlink(backname);
err_return:
if (msg && errlen) {
--
1.8.5.5

+ 29
- 0
net/haproxy/patches/0012-DOC-provide-an-example-of-how-to-use-ssl_c_sha1.patch View File

@ -0,0 +1,29 @@
From 9fe4cb64cd9514a72bcd4b2fd8781620da9e1f76 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Wed, 2 Jul 2014 19:01:22 +0200
Subject: [PATCH 12/12] DOC: provide an example of how to use ssl_c_sha1
As suggested by Aydan Yumerefendi, a little bit of examples never hurts.
(cherry picked from commit 2d0caa38e040b081903e50faa56bae52599b3949)
---
doc/configuration.txt | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/doc/configuration.txt b/doc/configuration.txt
index e53bb21..fcc6454 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -10722,6 +10722,10 @@ ssl_c_sha1 : binary
Returns the SHA-1 fingerprint of the certificate presented by the client when
the incoming connection was made over an SSL/TLS transport layer. This can be
used to stick a client to a server, or to pass this information to a server.
+ Note that the output is binary, so if you want to pass that signature to the
+ server, you need to encode it in hex or base64, such as in the example below:
+
+ http-request set-header X-SSL-Client-SHA1 %[ssl_c_sha1,hex]
ssl_c_sig_alg : string
Returns the name of the algorithm used to sign the certificate presented by
--
1.8.5.5

Write Preview
Loading…
Cancel
Save