Lua plugin for Let's Encrypt CA available

[Jan A. Bruder]

Thought i should put the Lua API to some good use: The plugin introduces
support for ACME domain validation against running instances of HAProxy.

https://github.com/janeczku/haproxy-acme-validation-plugin

lua: header sample fetch doesn't work in POST requests

[Jan A. Bruder]

Hi,

applet.sf:hdr(name) always returns empty strings in POST requests. It works
only in GET requests.

To reproduce:

haproxy.cfg:
global
 ...
 lua-load /etc/haproxy/test.lua
 ...

frontend http
 bind *:8081
 mode http
 acl applet_test_url path /applet-test
 http-request use-service lua.applet-test if applet_test_url
 default_backend be
...

test.lua:

-- applet test endpoint
core.register_service("applet-test", "http", function(applet)
local headerContentType = applet.sf:hdr("Content-Type")
core.Info("headerContentType:" .. headerContentType)
local headerUserAgent = applet.sf:hdr("User-Agent")
core.Info("headerUserAgent:" .. headerUserAgent)
local src = applet.sf:src()
core.Info("src:" .. src)

local response = headerContentType .. " + " .. headerUserAgent .. " + " ..
src

applet:set_status(200)
applet:add_header("content-length", string.len(response))
applet:add_header("content-type", "text/plain")
applet:start_response()
applet:send(response)
end)

curl -X GET -H "Content-Type: text/plain" http://127.0.0.1:8081/applet-test

==> applet.sf:hdr() returns the correct values

curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d
"key=value" http://127.0.0.1:8081/applet-test

==> applet.sf:hdr() returns empty strings

1.6-dev2 crashes with certain server hostname

[Jan A. Bruder]

Hi all,
this malloc crash occurs with and only with a certain hostname of one of my
backends being added to the config. See "redirector.domain.tld" in the
config below. Since this is a production server i had to mask the hostname.
As a hint: The hostname does not contain any special characters, just
alphabetic a-z characters.
Interestingly if i change only a single letter anywhere in the hostname it
doesn't crash anymore. Neither does it crash if i use it's IP instead of
the hostname. How strange is that!?
Also, i am using the same config with 1.5 stable without any problems.

The infos:

===
Running Haproxy 1.6-dev2
===

root@master:/# haproxy -d -f /etc/haproxy/haproxy-test.conf
haproxy: malloc.c:3096: sYSMALLOc: Assertion `(old_top == (((mbinptr)
(((char *) &((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct
malloc_chunk, fd && old_size == 0) || ((unsigned long) (old_size) >=
(unsigned long)__builtin_offsetof (struct malloc_chunk,
fd_nextsize))+((2 * (sizeof(size_t))) - 1)) & ~((2 * (sizeof(size_t))) -
1))) && ((old_top)->size & 0x1) && ((unsigned long)old_end & pagemask) ==
0)' failed.
Aborted (core dumped)

===
Verbose info
===
root@master:/# haproxy -vv
HA-Proxy version 1.6-dev2-ad90f0d 2015/06/17
Copyright 2000-2015 Willy Tarreau 

Build options :
  TARGET  = linux2628
  CPU = generic
  CC  = gcc
  CFLAGS  = -g -O0
  OPTIONS = USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1

Default settings :
  maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200

Encrypted password support via crypt(3): yes
Built with zlib version : 1.2.7
Compression algorithms supported : identity("identity"),
deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with OpenSSL version : OpenSSL 1.0.1e 11 Feb 2013
Running on OpenSSL version : OpenSSL 1.0.1e 11 Feb 2013
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built with PCRE version : 8.30 2012-02-04
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Built without Lua support
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT
IP_FREEBIND

Available polling systems :
  epoll : pref=300,  test result OK
   poll : pref=200,  test result OK
 select : pref=150,  test result OK
Total: 3 (3 usable), will use epoll.

===
Core dump debug
===

root@master:/# gdb haproxy
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
...
Reading symbols from /usr/sbin/haproxy...done.
(gdb) core-file core
[New LWP 14246]
warning: Can't read pathname for load map: Input/output error.
Core was generated by `haproxy -d -f /etc/haproxy/haproxy-test.conf'.
Program terminated with signal 6, Aborted.
#0  0x7faa0ea02165 in raise () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) bt full
#0  0x7faa0ea02165 in raise () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#1  0x7faa0ea053e0 in abort () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#2  0x7faa0ea45dea in ?? () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#3  0x7faa0ea48d13 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#4  0x7faa0ea4aa70 in malloc () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#5  0x004c3398 in pool_refill_alloc (pool=0xcc65d0, avail=2) at
src/memory.c:102
ptr = 0x0
failed = 0
#6  0x00411da5 in init_buffer () at src/buffer.c:54
buffer = 0xcc6550
#7  0x00408cb3 in init (argc=0, argv=0x7ffe8fb141f8) at
src/haproxy.c:818
arg_mode = 1
tmp = 0x0
cfg_pidfile = 0x0
err_code = 0
wl = 0x720a40
progname = 0x7ffe8fb14931 "haproxy"
change_dir = 0x0
curtime = {tm_sec = 29, tm_min = 39, tm_hour = 23, tm_mday = 15,
tm_mon = 6, tm_year = 115, tm_wday = 3, tm_yday = 195, tm_isdst = 0,
tm_gmtoff = 0, tm_zone = 0xcc57b0 "UTC"}
#8  0x0040b0e2 in main (argc=4, argv=0x7ffe8fb141d8) at
src/haproxy.c:1657
err = 0
retry = 4224192
limit = {rlim_cur = 140731309179056, rlim_max = 13339168}
errmsg =
"\260@\261\217\376\177\000\000\340\374q\000\000\000\000\000\004\000\000\000\000\000\000\000U*\245\017\252\177\000\000\020\227\313\000\000\000\000\000\000\227\313\000\000\000\000\000\350\003\000\000\000