Re: [PATCH] BUG/MAJOR: tcp/http: set-dst-port action broken

2017-10-03 Thread Willy Tarreau 
Hi Baptiste,

On Tue, Oct 03, 2017 at 11:31:37PM +0200, Baptiste wrote:
> Hi,
> 
> A regression has been introduced into the function handling TCP/HTTP action
> "set-dst-port".
> It actually does not change the right port (changing the source port on the
> server side connection instead of changing the destination one).
> 
> The patch in attachment fixes this issue.

Now applied (and stepped down to medium), thanks!

Willy

[PATCH] BUG/MAJOR: tcp/http: set-dst-port action broken

2017-10-03 Thread Baptiste 
Hi,

A regression has been introduced into the function handling TCP/HTTP action
"set-dst-port".
It actually does not change the right port (changing the source port on the
server side connection instead of changing the destination one).

The patch in attachment fixes this issue.

Baptiste
From 8cf82be9a8d424804386f3818536716731bd8f74 Mon Sep 17 00:00:00 2001
From: Baptiste Assmann <bed...@gmail.com>
Date: Tue, 3 Oct 2017 23:16:36 +0200
Subject: [PATCH] BUG/MAJOR: tcp/http: set-dst-port action broken

A regression has been introduced in commit
5ce5a14310d248c9f20af9ef258d245d43b1: the port being changed is the
one from 'cli_conn->addr.from' instead of 'cli_conn->addr.to'.

This patch fixes the regression.

Backport status: should be backported to HAProxy 1.7 and above.
---
 src/proto_tcp.c | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/proto_tcp.c b/src/proto_tcp.c
index 0fad867..fdb897e 100644
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@@ -1300,14 +1300,14 @@ enum act_return tcp_action_req_set_dst_port(struct act_rule *rule, struct proxy
 
 		smp = sample_fetch_as_type(px, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->arg.expr, SMP_T_SINT);
 		if (smp) {
-			if (cli_conn->addr.from.ss_family == AF_INET6) {
-((struct sockaddr_in6 *)_conn->addr.from)->sin6_port = htons(smp->data.u.sint);
+			if (cli_conn->addr.to.ss_family == AF_INET6) {
+((struct sockaddr_in6 *)_conn->addr.to)->sin6_port = htons(smp->data.u.sint);
 			} else {
-if (cli_conn->addr.from.ss_family != AF_INET) {
-	cli_conn->addr.from.ss_family = AF_INET;
-	((struct sockaddr_in *)_conn->addr.from)->sin_addr.s_addr = 0;
+if (cli_conn->addr.to.ss_family != AF_INET) {
+	cli_conn->addr.to.ss_family = AF_INET;
+	((struct sockaddr_in *)_conn->addr.to)->sin_addr.s_addr = 0;
 }
-((struct sockaddr_in *)_conn->addr.from)->sin_port = htons(smp->data.u.sint);
+((struct sockaddr_in *)_conn->addr.to)->sin_port = htons(smp->data.u.sint);
 			}
 		}
 	}
-- 
2.7.4