On 08/14/2018 11:27 AM, Lukas Tribus wrote:
Hello,
Hi,
the "set server <backend>/<server> fqdn <FQDN>" admin socket command requires the internal DNS resolver to be configured and enabled for that specific server. This is undocumented, and I will provide a doc fix soon. However, when the resolver is not configured, and when haproxy is compiled with thread support, after issuing the set server fqdn admin socket command, haproxy segfaults (from haproxy 1.8.0 to current 1.9 head):
As this bug came with b418c122 I take a look at it. It has been fixed then came back with thread support.
Reg testing file provided. Fred.
>From 995007d2edb8c296761bcf9922413e377f295b94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= <[email protected]> Date: Tue, 21 Aug 2018 15:04:23 +0200 Subject: [PATCH] Subject: BUG/MINOR: server: Crash when setting FQDN via CLI. This patch ensures that a DNS resolution may be launched before setting a server FQDN via the CLI. Especially, it checks that resolvers was set. A LEVEL 4 reg testing file is provided. Thanks to Lukas Tribus for having reported this issue. Must be backported to 1.8. --- reg-tests/server/b00000.vtc | 32 ++++++++++++++++++++++++++++++++ src/server.c | 4 ++++ 2 files changed, 36 insertions(+) create mode 100644 reg-tests/server/b00000.vtc diff --git a/reg-tests/server/b00000.vtc b/reg-tests/server/b00000.vtc new file mode 100644 index 00000000..a746dbea --- /dev/null +++ b/reg-tests/server/b00000.vtc @@ -0,0 +1,32 @@ +varnishtest "Set server FQDN via CLI crash" + +feature ignore_unknown_macro + +# Do nothing. Is there only to create s1_* macros +server s1 { +} -start + +haproxy h1 -conf { + defaults + mode http + timeout connect 1s + timeout client 1s + timeout server 1s + + frontend myfrontend + bind "fd@${my_fe}" + default_backend test + + backend test + server www1 ${s1_addr}:${s1_port} +} -start + +haproxy h1 -cli { + send "set server test/www1 fqdn foo.fqdn" + expect ~ "could not update test/www1 FQDN by 'stats socket command'" + send "show servers state test" + expect ~ "test 1 www1 ${s1_addr} .* - ${s1_port}" +} -wait + + + diff --git a/src/server.c b/src/server.c index 78d5a0fc..9319d71f 100644 --- a/src/server.c +++ b/src/server.c @@ -3928,6 +3928,10 @@ int srv_set_fqdn(struct server *srv, const char *hostname, int dns_locked) char *hostname_dn; int hostname_len, hostname_dn_len; + /* Note that the server lock is already held. */ + if (!srv->resolvers) + return -1; + if (!dns_locked) HA_SPIN_LOCK(DNS_LOCK, &srv->resolvers->lock); /* run time DNS resolution was not active for this server -- 2.11.0
