- DOC: fix a few typos - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized" - BUG/MINOR: parse: refer curproxy instead of proxy - DOC: httplog does not support 'no' - MINOR: map/acl/dumpstats: remove the "Done." message - BUG/MEDIUM: sample: fix random number upper-bound - BUG/MEDIUM: patterns: previous fix was incomplete - BUG/MEDIUM: payload: ensure that a request channel is available - BUG/MINOR: tcp-check: don't condition data polling on check type - BUG/MEDIUM: tcp-check: don't rely on random memory contents - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect - BUG/MINOR: config: fix typo in condition when propagating process binding - BUG/MEDIUM: config: do not propagate processes between stopped processes - BUG/MAJOR: stream-int: properly check the memory allocation return - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() - BUG/MEDIUM: compression: correctly report zlib_mem Signed-off-by: Thomas Heil <heil@terminal-consulting.de>lilik-openwrt-22.03
@ -1,34 +0,0 @@ | |||||
From bad3c6f1b6d776e5d9951a3b3054b4dce8922c54 Mon Sep 17 00:00:00 2001 | |||||
From: Willy Tarreau <w@1wt.eu> | |||||
Date: Wed, 26 Nov 2014 13:17:03 +0100 | |||||
Subject: [PATCH 1/2] BUG/MEDIUM: patterns: previous fix was incomplete | |||||
Dmitry Sivachenko <trtrmitya@gmail.com> reported that commit 315ec42 | |||||
("BUG/MEDIUM: pattern: don't load more than once a pattern list.") | |||||
relies on an uninitialised variable in the stack. While it used to | |||||
work fine during the tests, if the uninitialized variable is non-null, | |||||
some patterns may be aggregated if loaded multiple times, resulting in | |||||
slower processing, which was the original issue it tried to address. | |||||
The fix needs to be backported to 1.5. | |||||
(cherry picked from commit 4deaf39243c4d941998b1b0175bad05b8a287c0b) | |||||
--- | |||||
src/pattern.c | 2 +- | |||||
1 file changed, 1 insertion(+), 1 deletion(-) | |||||
diff --git a/src/pattern.c b/src/pattern.c | |||||
index 20547f9..208e33a 100644 | |||||
--- a/src/pattern.c | |||||
+++ b/src/pattern.c | |||||
@@ -2096,7 +2096,7 @@ int pattern_read_from_file(struct pattern_head *head, unsigned int refflags, | |||||
struct pat_ref *ref; | |||||
struct pattern_expr *expr; | |||||
struct pat_ref_elt *elt; | |||||
- int reuse; | |||||
+ int reuse = 0; | |||||
/* Lookup for the existing reference. */ | |||||
ref = pat_ref_lookup(filename); | |||||
-- | |||||
2.0.4 | |||||
@ -1,49 +0,0 @@ | |||||
From 1e89acb6be9ba6400fe4defd3b6b2cc94c6667d9 Mon Sep 17 00:00:00 2001 | |||||
From: Willy Tarreau <w@1wt.eu> | |||||
Date: Wed, 26 Nov 2014 13:24:24 +0100 | |||||
Subject: [PATCH 2/2] BUG/MEDIUM: payload: ensure that a request channel is | |||||
available | |||||
Denys Fedoryshchenko reported a segfault when using certain | |||||
sample fetch functions in the "tcp-request connection" rulesets | |||||
despite the warnings. This is because some tests for the existence | |||||
of the channel were missing. | |||||
The fetches which were fixed are : | |||||
- req.ssl_hello_type | |||||
- rep.ssl_hello_type | |||||
- req.ssl_sni | |||||
This fix must be backported to 1.5. | |||||
(cherry picked from commit 83f2592bcd2e186beeabcba16be16faaab82bd39) | |||||
--- | |||||
src/payload.c | 6 ++++++ | |||||
1 file changed, 6 insertions(+) | |||||
diff --git a/src/payload.c b/src/payload.c | |||||
index 4057f6f..f62163c 100644 | |||||
--- a/src/payload.c | |||||
+++ b/src/payload.c | |||||
@@ -72,6 +72,9 @@ smp_fetch_ssl_hello_type(struct proxy *px, struct session *s, void *l7, unsigned | |||||
chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req; | |||||
+ if (!chn) | |||||
+ goto not_ssl_hello; | |||||
+ | |||||
bleft = chn->buf->i; | |||||
data = (const unsigned char *)chn->buf->p; | |||||
@@ -276,6 +279,9 @@ smp_fetch_ssl_hello_sni(struct proxy *px, struct session *s, void *l7, unsigned | |||||
chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req; | |||||
+ if (!chn) | |||||
+ goto not_ssl_hello; | |||||
+ | |||||
bleft = chn->buf->i; | |||||
data = (unsigned char *)chn->buf->p; | |||||
-- | |||||
2.0.4 | |||||