Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-06-11 09:58:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "haproxy" Thu Jun 11 09:58:13 2020 rev:87 rq:813045 version:2.1.7+git0.8bebf80fb Changes: -------- --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-06-03 20:29:44.644666828 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.3606/haproxy.changes 2020-06-11 09:58:23.321941822 +0200 @@ -1,0 +2,31 @@ +Tue Jun 09 20:27:50 UTC 2020 - [email protected] + +- Update to version 2.1.7+git0.8bebf80fb: + * [RELEASE] Released version 2.1.7 + +------------------------------------------------------------------- +Mon Jun 08 22:04:10 UTC 2020 - [email protected] + +- Update to version 2.1.6+git1.661c88907: + * BUG/MAJOR: http-htx: Don't forget to copy error messages from defaults sections + +------------------------------------------------------------------- +Mon Jun 08 21:58:40 UTC 2020 - [email protected] + +- Update to version 2.1.6+git0.34db76106: + * [RELEASE] Released version 2.1.6 + * BUG/MINOR: mworker: fix a memleak when execvp() failed + * BUG/MINOR: ssl: fix a trash buffer leak in some error cases + * BUG/MEDIUM: mworker: fix the reload with an -- option + * BUG/MINOR: init: -S can have a parameter starting with a dash + * BUG/MINOR: init: -x can have a parameter starting with a dash + * BUG/MEDIUM: mworker: fix the copy of options in copy_argv() + * BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics + * BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations + * BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string + * BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action + * BUG/MINOR: peers: fix internal/network key type mapping. + * SCRIPTS: publish-release: pass -n to gzip to remove timestamp + * Revert "BUG/MEDIUM: connections: force connections cleanup on server changes" + +------------------------------------------------------------------- Old: ---- haproxy-2.1.5+git0.36e14bd31.tar.gz New: ---- haproxy-2.1.7+git0.8bebf80fb.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ haproxy.spec ++++++ --- /var/tmp/diff_new_pack.FohmY0/_old 2020-06-11 09:58:25.125947620 +0200 +++ /var/tmp/diff_new_pack.FohmY0/_new 2020-06-11 09:58:25.129947633 +0200 @@ -53,7 +53,7 @@ %endif Name: haproxy -Version: 2.1.5+git0.36e14bd31 +Version: 2.1.7+git0.8bebf80fb Release: 0 # # ++++++ _service ++++++ --- /var/tmp/diff_new_pack.FohmY0/_old 2020-06-11 09:58:25.177947787 +0200 +++ /var/tmp/diff_new_pack.FohmY0/_new 2020-06-11 09:58:25.181947800 +0200 @@ -6,7 +6,7 @@ <param name="versionformat">@PARENT_TAG@+git@TAG_OFFSET@.%h</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="versionrewrite-replacement">\1</param> - <param name="revision">v2.1.5</param> + <param name="revision">v2.1.7</param> <param name="changesgenerate">enable</param> </service> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.FohmY0/_old 2020-06-11 09:58:25.225947942 +0200 +++ /var/tmp/diff_new_pack.FohmY0/_new 2020-06-11 09:58:25.225947942 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">http://git.haproxy.org/git/haproxy-2.1.git</param> - <param name="changesrevision">36e14bd3189a239a146994e924c0b2fd5f7b6b46</param> + <param name="changesrevision">8bebf80fb5550f5b32e0bec83d1b819b1bf482d6</param> </service> </servicedata> \ No newline at end of file ++++++ haproxy-2.1.5+git0.36e14bd31.tar.gz -> haproxy-2.1.7+git0.8bebf80fb.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/CHANGELOG new/haproxy-2.1.7+git0.8bebf80fb/CHANGELOG --- old/haproxy-2.1.5+git0.36e14bd31/CHANGELOG 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/CHANGELOG 2020-06-09 08:44:30.000000000 +0200 @@ -1,6 +1,24 @@ ChangeLog : =========== +2020/06/09 : 2.1.7 + - BUG/MAJOR: http-htx: Don't forget to copy error messages from defaults sections + +2020/06/08 : 2.1.6 + - Revert "BUG/MEDIUM: connections: force connections cleanup on server changes" + - SCRIPTS: publish-release: pass -n to gzip to remove timestamp + - BUG/MINOR: peers: fix internal/network key type mapping. + - BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action + - BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string + - BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations + - BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics + - BUG/MEDIUM: mworker: fix the copy of options in copy_argv() + - BUG/MINOR: init: -x can have a parameter starting with a dash + - BUG/MINOR: init: -S can have a parameter starting with a dash + - BUG/MEDIUM: mworker: fix the reload with an -- option + - BUG/MINOR: ssl: fix a trash buffer leak in some error cases + - BUG/MINOR: mworker: fix a memleak when execvp() failed + 2020/05/29 : 2.1.5 - BUG/MINOR: protocol_buffer: Wrong maximum shifting. - MINOR: ssl: improve the errors when a crt can't be open diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/VERDATE new/haproxy-2.1.7+git0.8bebf80fb/VERDATE --- old/haproxy-2.1.5+git0.36e14bd31/VERDATE 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/VERDATE 2020-06-09 08:44:30.000000000 +0200 @@ -1,2 +1,2 @@ $Format:%ci$ -2020/05/29 +2020/06/09 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/VERSION new/haproxy-2.1.7+git0.8bebf80fb/VERSION --- old/haproxy-2.1.5+git0.36e14bd31/VERSION 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/VERSION 2020-06-09 08:44:30.000000000 +0200 @@ -1 +1 @@ -2.1.5 +2.1.7 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/contrib/prometheus-exporter/service-prometheus.c new/haproxy-2.1.7+git0.8bebf80fb/contrib/prometheus-exporter/service-prometheus.c --- old/haproxy-2.1.5+git0.36e14bd31/contrib/prometheus-exporter/service-prometheus.c 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/contrib/prometheus-exporter/service-prometheus.c 2020-06-09 08:44:30.000000000 +0200 @@ -2129,13 +2129,12 @@ static int promex_dump_metrics(struct appctx *appctx, struct stream_interface *si, struct htx *htx) { int ret; - int flags = appctx->ctx.stats.flags; switch (appctx->st1) { case PROMEX_DUMPER_INIT: appctx->ctx.stats.px = NULL; appctx->ctx.stats.sv = NULL; - appctx->ctx.stats.flags = (flags|PROMEX_FL_METRIC_HDR|PROMEX_FL_INFO_METRIC); + appctx->ctx.stats.flags |= (PROMEX_FL_METRIC_HDR|PROMEX_FL_INFO_METRIC); appctx->st2 = promex_global_metrics[INF_NAME]; appctx->st1 = PROMEX_DUMPER_GLOBAL; /* fall through */ @@ -2152,7 +2151,8 @@ appctx->ctx.stats.px = proxies_list; appctx->ctx.stats.sv = NULL; - appctx->ctx.stats.flags = (flags|PROMEX_FL_METRIC_HDR|PROMEX_FL_STATS_METRIC); + appctx->ctx.stats.flags &= ~PROMEX_FL_INFO_METRIC; + appctx->ctx.stats.flags |= (PROMEX_FL_METRIC_HDR|PROMEX_FL_STATS_METRIC); appctx->st2 = promex_front_metrics[ST_F_PXNAME]; appctx->st1 = PROMEX_DUMPER_FRONT; /* fall through */ @@ -2169,7 +2169,7 @@ appctx->ctx.stats.px = proxies_list; appctx->ctx.stats.sv = NULL; - appctx->ctx.stats.flags = (flags|PROMEX_FL_METRIC_HDR|PROMEX_FL_STATS_METRIC); + appctx->ctx.stats.flags |= PROMEX_FL_METRIC_HDR; appctx->st2 = promex_back_metrics[ST_F_PXNAME]; appctx->st1 = PROMEX_DUMPER_BACK; /* fall through */ @@ -2186,7 +2186,7 @@ appctx->ctx.stats.px = proxies_list; appctx->ctx.stats.sv = (appctx->ctx.stats.px ? appctx->ctx.stats.px->srv : NULL); - appctx->ctx.stats.flags = (flags|PROMEX_FL_METRIC_HDR|PROMEX_FL_STATS_METRIC); + appctx->ctx.stats.flags |= PROMEX_FL_METRIC_HDR; appctx->st2 = promex_srv_metrics[ST_F_PXNAME]; appctx->st1 = PROMEX_DUMPER_SRV; /* fall through */ @@ -2203,7 +2203,7 @@ appctx->ctx.stats.px = NULL; appctx->ctx.stats.sv = NULL; - appctx->ctx.stats.flags = flags; + appctx->ctx.stats.flags &= ~(PROMEX_FL_METRIC_HDR|PROMEX_FL_INFO_METRIC|PROMEX_FL_STATS_METRIC); appctx->st2 = 0; appctx->st1 = PROMEX_DUMPER_DONE; /* fall through */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/doc/configuration.txt new/haproxy-2.1.7+git0.8bebf80fb/doc/configuration.txt --- old/haproxy-2.1.5+git0.36e14bd31/doc/configuration.txt 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/doc/configuration.txt 2020-06-09 08:44:30.000000000 +0200 @@ -4,7 +4,7 @@ ---------------------- version 2.1 willy tarreau - 2020/05/29 + 2020/06/09 This document covers the configuration language as implemented in the version diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/doc/peers-v2.0.txt new/haproxy-2.1.7+git0.8bebf80fb/doc/peers-v2.0.txt --- old/haproxy-2.1.5+git0.36e14bd31/doc/peers-v2.0.txt 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/doc/peers-v2.0.txt 2020-06-09 08:44:30.000000000 +0200 @@ -191,11 +191,11 @@ Table Type present the numeric type of key used to store stick table entries: integer - 0: signed integer - 1: IPv4 address - 2: IPv6 address - 3: string - 4: binary + 2: signed integer + 4: IPv4 address + 5: IPv6 address + 6: string + 7: binary Table Keylen present the key length or max length in case of strings or binary (padded with 0). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/scripts/publish-release new/haproxy-2.1.7+git0.8bebf80fb/scripts/publish-release --- old/haproxy-2.1.5+git0.36e14bd31/scripts/publish-release 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/scripts/publish-release 2020-06-09 08:44:30.000000000 +0200 @@ -9,6 +9,7 @@ # - shows a listing of the final file USAGE="Usage: ${0##*/} [-a] [-q] [-y] [-b branch] [-n newver] DIR" +CMD_GZIP="${CMD_GZIP:-gzip -nc9}" TARGET_DIR= OUTPUT= SAYYES= @@ -161,7 +162,7 @@ echo "Archiving sources for version $NEW ..." rm -f "${TARGET_DIR}/src${DEVEL}/haproxy-${NEW}.tar.gz"{,.md5,.sha256} if ! git archive --format=tar --prefix="haproxy-${NEW}/" "v$NEW" | \ - gzip -9 > "${TARGET_DIR}/src${DEVEL}/haproxy-${NEW}.tar.gz"; then + $CMD_GZIP > "${TARGET_DIR}/src${DEVEL}/haproxy-${NEW}.tar.gz"; then die "Failed to produce the tar.gz archive" fi @@ -174,7 +175,7 @@ for i in "${DOC[@]}"; do git show "v$NEW:$i" > "$TARGET_DIR/doc/${i#doc/}" - gzip -c9 < "$TARGET_DIR/doc/${i#doc/}" > "$TARGET_DIR/doc/${i#doc/}.gz" + $CMD_GZIP < "$TARGET_DIR/doc/${i#doc/}" > "$TARGET_DIR/doc/${i#doc/}.gz" done echo "Done : ls -l ${TARGET_DIR}" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/src/cfgparse-listen.c new/haproxy-2.1.7+git0.8bebf80fb/src/cfgparse-listen.c --- old/haproxy-2.1.5+git0.36e14bd31/src/cfgparse-listen.c 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/src/cfgparse-listen.c 2020-06-09 08:44:30.000000000 +0200 @@ -262,8 +262,23 @@ } /* initialize error relocations */ - for (rc = 0; rc < HTTP_ERR_SIZE; rc++) - chunk_dup(&curproxy->errmsg[rc], &defproxy.errmsg[rc]); + for (rc = 0; rc < HTTP_ERR_SIZE; rc++) { + struct buffer *dst = &curproxy->errmsg[rc]; + const struct buffer *src = &defproxy.errmsg[rc]; + + if (b_orig(src)) { + dst->head = 0; + dst->data = 0; + dst->size = 0; + dst->area = malloc(src->size); + if (dst->area) { + dst->head = src->head; + dst->data = src->data; + dst->size = src->size; + memcpy(dst->area, src->area, dst->data); + } + } + } if (curproxy->cap & PR_CAP_FE) { curproxy->maxconn = defproxy.maxconn; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/src/haproxy.c new/haproxy-2.1.7+git0.8bebf80fb/src/haproxy.c --- old/haproxy-2.1.5+git0.36e14bd31/src/haproxy.c 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/src/haproxy.c 2020-06-09 08:44:30.000000000 +0200 @@ -231,7 +231,7 @@ */ int shut_your_big_mouth_gcc_int = 0; -static char **next_argv = NULL; +static char **old_argv = NULL; /* previous argv but cleaned up */ struct list proc_list = LIST_HEAD_INIT(proc_list); @@ -764,7 +764,10 @@ */ void mworker_reload() { + char **next_argv = NULL; + int old_argc = 0; /* previous number of argument */ int next_argc = 0; + int i = 0; char *msg = NULL; struct rlimit limit; struct per_thread_deinit_fct *ptdf; @@ -808,14 +811,19 @@ } /* compute length */ - while (next_argv[next_argc]) - next_argc++; + while (old_argv[old_argc]) + old_argc++; /* 1 for haproxy -sf, 2 for -x /socket */ - next_argv = realloc(next_argv, (next_argc + 1 + 2 + mworker_child_nb() + nb_oldpids + 1) * sizeof(char *)); + next_argv = calloc(old_argc + 1 + 2 + mworker_child_nb() + nb_oldpids + 1, sizeof(char *)); if (next_argv == NULL) goto alloc_error; + /* copy the program name */ + next_argv[next_argc++] = old_argv[0]; + + /* insert the new options just after argv[0] in case we have a -- */ + /* add -sf <PID>* to argv */ if (mworker_child_nb() > 0) { struct mworker_proc *child; @@ -825,32 +833,33 @@ list_for_each_entry(child, &proc_list, list) { if (!(child->options & (PROC_O_TYPE_WORKER|PROC_O_TYPE_PROG)) || child->pid <= -1 ) continue; - next_argv[next_argc] = memprintf(&msg, "%d", child->pid); - if (next_argv[next_argc] == NULL) + if ((next_argv[next_argc++] = memprintf(&msg, "%d", child->pid)) == NULL) goto alloc_error; msg = NULL; - next_argc++; } } - - next_argv[next_argc] = NULL; - /* add the -x option with the stat socket */ if (cur_unixsocket) { - next_argv[next_argc++] = "-x"; next_argv[next_argc++] = (char *)cur_unixsocket; - next_argv[next_argc++] = NULL; } + /* copy the previous options */ + for (i = 1; i < old_argc; i++) + next_argv[next_argc++] = old_argv[i]; + ha_warning("Reexecuting Master process\n"); signal(SIGPROF, SIG_IGN); execvp(next_argv[0], next_argv); ha_warning("Failed to reexecute the master process [%d]: %s\n", pid, strerror(errno)); + free(next_argv); + next_argv = NULL; return; alloc_error: + free(next_argv); + next_argv = NULL; ha_warning("Failed to reexecute the master process [%d]: Cannot allocate memory\n", pid); return; } @@ -1343,37 +1352,105 @@ /* * copy and cleanup the current argv - * Remove the -sf /-st parameters + * Remove the -sf /-st / -x parameters * Return an allocated copy of argv */ static char **copy_argv(int argc, char **argv) { - char **newargv; - int i = 0, j = 0; + char **newargv, **retargv; newargv = calloc(argc + 2, sizeof(char *)); if (newargv == NULL) { ha_warning("Cannot allocate memory\n"); return NULL; } + retargv = newargv; + + /* first copy argv[0] */ + *newargv++ = *argv++; + argc--; + + while (argc > 0) { + if (**argv != '-') { + /* non options are copied but will fail in the argument parser */ + *newargv++ = *argv++; + argc--; + + } else { + char *flag; + + flag = *argv + 1; + + if (flag[0] == '-' && flag[1] == 0) { + /* "--\0" copy every arguments till the end of argv */ + *newargv++ = *argv++; + argc--; - while (i < argc) { - /* -sf or -st or -x */ - if (i > 0 && argv[i][0] == '-' && - ((argv[i][1] == 's' && (argv[i][2] == 'f' || argv[i][2] == 't')) || argv[i][1] == 'x' )) { - /* list of pids to finish ('f') or terminate ('t') or unix socket (-x) */ - i++; - while (i < argc && argv[i][0] != '-') { - i++; + while (argc > 0) { + *newargv++ = *argv++; + argc--; + } + } else { + switch (*flag) { + case 's': + /* -sf / -st and their parameters are ignored */ + if (flag[1] == 'f' || flag[1] == 't') { + argc--; + argv++; + /* The list can't contain a negative value since the only + way to know the end of this list is by looking for the + next option or the end of the options */ + while (argc > 0 && argv[0][0] != '-') { + argc--; + argv++; + } + } + break; + + case 'x': + /* this option and its parameter are ignored */ + argc--; + argv++; + if (argc > 0) { + argc--; + argv++; + } + break; + + case 'C': + case 'n': + case 'm': + case 'N': + case 'L': + case 'f': + case 'p': + case 'S': + /* these options have only 1 parameter which must be copied and can start with a '-' */ + *newargv++ = *argv++; + argc--; + if (argc == 0) + goto error; + *newargv++ = *argv++; + argc--; + break; + default: + /* for other options just copy them without parameters, this is also done + * for options like "--foo", but this will fail in the argument parser. + * */ + *newargv++ = *argv++; + argc--; + break; + } } - continue; } - - newargv[j++] = argv[i++]; } - return newargv; + return retargv; + +error: + free(retargv); + return NULL; } @@ -1588,7 +1665,11 @@ int ideal_maxconn; global.mode = MODE_STARTING; - next_argv = copy_argv(argc, argv); + old_argv = copy_argv(argc, argv); + if (!old_argv) { + ha_alert("failed to copy argv.\n"); + exit(1); + } if (!init_trash_buffers(1)) { ha_alert("failed to initialize trash buffers.\n"); @@ -1739,7 +1820,7 @@ else if (*flag == 'q') arg_mode |= MODE_QUIET; else if (*flag == 'x') { - if (argc <= 1 || argv[1][0] == '-') { + if (argc <= 1) { ha_alert("Unix socket path expected with the -x flag\n\n"); usage(progname); } @@ -1753,7 +1834,7 @@ else if (*flag == 'S') { struct wordlist *c; - if (argc <= 1 || argv[1][0] == '-') { + if (argc <= 1) { ha_alert("Socket and optional bind parameters expected with the -S flag\n"); usage(progname); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/src/hlua.c new/haproxy-2.1.7+git0.8bebf80fb/src/hlua.c --- old/haproxy-2.1.5+git0.36e14bd31/src/hlua.c 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/src/hlua.c 2020-06-09 08:44:30.000000000 +0200 @@ -1259,7 +1259,9 @@ if (!ref) WILL_LJMP(luaL_error(L, "'del_acl': unknown acl file '%s'", name)); + HA_SPIN_LOCK(PATREF_LOCK, &ref->lock); pat_ref_delete(ref, key); + HA_SPIN_UNLOCK(PATREF_LOCK, &ref->lock); return 0; } @@ -1281,7 +1283,9 @@ if (!ref) WILL_LJMP(luaL_error(L, "'del_map': unknown acl file '%s'", name)); + HA_SPIN_LOCK(PATREF_LOCK, &ref->lock); pat_ref_delete(ref, key); + HA_SPIN_UNLOCK(PATREF_LOCK, &ref->lock); return 0; } @@ -1303,8 +1307,10 @@ if (!ref) WILL_LJMP(luaL_error(L, "'add_acl': unknown acl file '%s'", name)); + HA_SPIN_LOCK(PATREF_LOCK, &ref->lock); if (pat_ref_find_elt(ref, key) == NULL) pat_ref_add(ref, key, NULL, NULL); + HA_SPIN_UNLOCK(PATREF_LOCK, &ref->lock); return 0; } @@ -1329,10 +1335,12 @@ if (!ref) WILL_LJMP(luaL_error(L, "'set_map': unknown map file '%s'", name)); + HA_SPIN_LOCK(PATREF_LOCK, &ref->lock); if (pat_ref_find_elt(ref, key) != NULL) pat_ref_set(ref, key, value, NULL); else pat_ref_add(ref, key, value, NULL); + HA_SPIN_UNLOCK(PATREF_LOCK, &ref->lock); return 0; } @@ -6211,6 +6219,15 @@ s->hlua->max_time = hlua_timeout_session; } + /* Always reset the analyse expiration timeout for the corresponding + * channel in case the lua script yield, to be sure to not keep an + * expired timeout. + */ + if (dir == SMP_OPT_DIR_REQ) + s->req.analyse_exp = TICK_ETERNITY; + else + s->res.analyse_exp = TICK_ETERNITY; + /* Execute the function. */ switch (hlua_ctx_resume(s->hlua, !(flags & ACT_FLAG_FINAL))) { /* finished. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/src/peers.c new/haproxy-2.1.7+git0.8bebf80fb/src/peers.c --- old/haproxy-2.1.5+git0.36e14bd31/src/peers.c 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/src/peers.c 2020-06-09 08:44:30.000000000 +0200 @@ -124,6 +124,48 @@ PEER_MSG_ERR_SIZELIMIT, }; +/* network key types; + * network types were directly and mistakenly + * mapped on sample types, to keep backward + * compatiblitiy we keep those values but + * we now use a internal/network mapping + * to avoid further mistakes adding or + * modifying internals types + */ +enum { + PEER_KT_ANY = 0, /* any type */ + PEER_KT_RESV1, /* UNUSED */ + PEER_KT_SINT, /* signed 64bits integer type */ + PEER_KT_RESV3, /* UNUSED */ + PEER_KT_IPV4, /* ipv4 type */ + PEER_KT_IPV6, /* ipv6 type */ + PEER_KT_STR, /* char string type */ + PEER_KT_BIN, /* buffer type */ + PEER_KT_TYPES /* number of types, must always be last */ +}; + +/* Map used to retrieve network type from internal type + * Note: Undeclared mapping maps entry to PEER_KT_ANY == 0 + */ +static int peer_net_key_type[SMP_TYPES] = { + [SMP_T_SINT] = PEER_KT_SINT, + [SMP_T_IPV4] = PEER_KT_IPV4, + [SMP_T_IPV6] = PEER_KT_IPV6, + [SMP_T_STR] = PEER_KT_STR, + [SMP_T_BIN] = PEER_KT_BIN, +}; + +/* Map used to retrieve internal type from external type + * Note: Undeclared mapping maps entry to SMP_T_ANY == 0 + */ +static int peer_int_key_type[PEER_KT_TYPES] = { + [PEER_KT_SINT] = SMP_T_SINT, + [PEER_KT_IPV4] = SMP_T_IPV4, + [PEER_KT_IPV6] = SMP_T_IPV6, + [PEER_KT_STR] = SMP_T_STR, + [PEER_KT_BIN] = SMP_T_BIN, +}; + /* * Parameters used by functions to build peer protocol messages. */ struct peer_prep_params { @@ -619,7 +661,7 @@ /* encode table type */ - intencode(st->table->type, &cursor); + intencode(peer_net_key_type[st->table->type], &cursor); /* encode table key size */ intencode(st->table->key_size, &cursor); @@ -1654,7 +1696,7 @@ if (!*msg_cur) goto malformed_exit; - if (p->remote_table->table->type != table_type + if (p->remote_table->table->type != peer_int_key_type[table_type] || p->remote_table->table->key_size != table_keylen) { p->remote_table = NULL; goto ignore_msg; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/src/server.c new/haproxy-2.1.7+git0.8bebf80fb/src/server.c --- old/haproxy-2.1.5+git0.36e14bd31/src/server.c 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/src/server.c 2020-06-09 08:44:30.000000000 +0200 @@ -55,7 +55,6 @@ static int srv_set_fqdn(struct server *srv, const char *fqdn, int dns_locked); static void srv_state_parse_line(char *buf, const int version, char **params, char **srv_params); static int srv_state_get_version(FILE *f); -static void srv_cleanup_connections(struct server *srv); /* List head of all known server keywords */ static struct srv_kw_list srv_keywords = { @@ -3945,11 +3944,8 @@ } out: - if (changed) { - /* force connection cleanup on the given server */ - srv_cleanup_connections(s); + if (changed) srv_set_dyncookie(s); - } if (updater) chunk_appendf(msg, " by '%s'", updater); chunk_appendf(msg, "\n"); @@ -5110,8 +5106,6 @@ if (s->onmarkeddown & HANA_ONMARKEDDOWN_SHUTDOWNSESSIONS) srv_shutdown_streams(s, SF_ERR_DOWN); - /* force connection cleanup on the given server */ - srv_cleanup_connections(s); /* we might have streams queued on this server and waiting for * a connection. Those which are redispatchable will be queued * to another server or to the proxy itself. @@ -5440,37 +5434,6 @@ return task; } -/* cleanup connections for a given server - * might be useful when going on forced maintenance or live changing ip/port - */ -static void srv_cleanup_connections(struct server *srv) -{ - struct connection *conn; - int did_remove; - int i; - int j; - - HA_SPIN_LOCK(OTHER_LOCK, &idle_conn_srv_lock); - for (i = 0; i < global.nbthread; i++) { - did_remove = 0; - HA_SPIN_LOCK(OTHER_LOCK, &toremove_lock[i]); - for (j = 0; j < srv->curr_idle_conns; j++) { - conn = LIST_ELEM(srv->idle_conns[tid].n, struct connection *, list); - if (!conn) - conn = LIST_ELEM(srv->safe_conns[tid].n, - struct connection *, list); - if (!conn) - break; - did_remove = 1; - MT_LIST_ADDQ(&toremove_connections[i], (struct mt_list *)&conn->list); - } - HA_SPIN_UNLOCK(OTHER_LOCK, &toremove_lock[i]); - if (did_remove) - task_wakeup(idle_conn_cleanup[i], TASK_WOKEN_OTHER); - } - HA_SPIN_UNLOCK(OTHER_LOCK, &idle_conn_srv_lock); -} - struct task *srv_cleanup_idle_connections(struct task *task, void *context, unsigned short state) { struct server *srv; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/src/ssl_sock.c new/haproxy-2.1.7+git0.8bebf80fb/src/ssl_sock.c --- old/haproxy-2.1.5+git0.36e14bd31/src/ssl_sock.c 2020-05-29 13:17:23.000000000 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/src/ssl_sock.c 2020-06-09 08:44:30.000000000 +0200 @@ -10327,9 +10327,6 @@ if (!cli_has_level(appctx, ACCESS_LVL_ADMIN)) return 1; - if ((buf = alloc_trash_chunk()) == NULL) - return cli_err(appctx, "Can't allocate memory\n"); - if (!*args[3] || !payload) return cli_err(appctx, "'set ssl cert expects a filename and a certificat as a payload\n"); @@ -10338,6 +10335,9 @@ if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock)) return cli_err(appctx, "Can't update the certificate!\nOperations on certificates are currently locked!\n"); + if ((buf = alloc_trash_chunk()) == NULL) + return cli_err(appctx, "Can't allocate memory\n"); + if (!chunk_strcpy(buf, args[3])) { memprintf(&err, "%sCan't allocate memory\n", err ? err : ""); errcode |= ERR_ALERT | ERR_FATAL;
