Browse Source

haproxy: fixes from upstream

[PATCH 6/6] BUG/MEDIUM: connection: fix proxy v2 header again!

Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
lilik-openwrt-22.03
Thomas Heil 11 years ago
parent
commit
bbfeac7e06
2 changed files with 35 additions and 1 deletions
  1. +1
    -1
      net/haproxy/Makefile
  2. +34
    -0
      net/haproxy/patches/0006-BUG-MEDIUM-connection-fix-proxy-v2-header-again.patch

+ 1
- 1
net/haproxy/Makefile View File

@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
PKG_VERSION:=1.5.2
PKG_RELEASE:=05
PKG_RELEASE:=06
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
PKG_MD5SUM:=e854fed32ea751d6db7f366cb910225a


+ 34
- 0
net/haproxy/patches/0006-BUG-MEDIUM-connection-fix-proxy-v2-header-again.patch View File

@ -0,0 +1,34 @@
From 04b80cd29b23d02f373c095569e871275d128b43 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Sat, 19 Jul 2014 06:37:33 +0200
Subject: [PATCH 6/6] BUG/MEDIUM: connection: fix proxy v2 header again!
Last commit 77d1f01 ("BUG/MEDIUM: connection: fix memory corruption
when building a proxy v2 header") was wrong, using &cn_trash instead
of cn_trash resulting in a warning and the client's SSL cert CN not
being stored at the proper location.
Thanks to Lukas Tribus for spotting this quickly.
This should be backported to 1.5 after the patch above is backported.
(cherry picked from commit 3b9a0c9d4d083d749846d66f9bd4caabafe4ee78)
---
src/connection.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/connection.c b/src/connection.c
index 3435b1a..2dd2c02 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -684,7 +684,7 @@ int make_proxy_line_v2(char *buf, int buf_len, struct server *srv, struct connec
}
if (srv->pp_opts & SRV_PP_V2_SSL_CN) {
cn_trash = get_trash_chunk();
- if (ssl_sock_get_remote_common_name(remote, &cn_trash) > 0) {
+ if (ssl_sock_get_remote_common_name(remote, cn_trash) > 0) {
tlv_len = make_tlv(&buf[ret+ssl_tlv_len], (buf_len - ret - ssl_tlv_len), PP2_TYPE_SSL_CN, cn_trash->len, cn_trash->str);
ssl_tlv_len += tlv_len;
}
--
1.8.5.5

Loading…
Cancel
Save