Re: Small patch for the appsession feature

2009-11-29 Thread Cyril Bonté
Hello, considering what we said in this thread, here is the complete patch. To sum up : - len : it's now the max number of characters for the value, preventing garbaged results. - a new option prefix is added, this allows to use dynamic cookie names (e.g. ASPSESSIONIDXXX). Previously in the

Re: Small patch for the appsession feature

2009-11-29 Thread Cyril Bonté
Le dimanche 29 novembre 2009 23:43:15, Willy Tarreau a écrit : The suggested way to to that is to enclose the values between the comment and the mask like here (though any other proposal might fit) : /* appsession */ #define PR_O2_AS_REQL 0x4000 /* learn the session id from the

Re: Small patch for the appsession feature

2009-11-29 Thread Willy Tarreau
Hi Cyril, On Mon, Nov 30, 2009 at 12:53:34AM +0100, Cyril Bonté wrote: Could you please check on your side and confirm/infirm my doubts ? Basically I want to ensure we never dereference the buffer past its end, so begin+len bust always be below the buffer size. If you think a control is

Re: Small patch for the appsession feature

2009-11-17 Thread Aleksandar Lazic
On Mon 16.11.2009 22:52, Cyril Bonté wrote: Le lundi 16 novembre 2009 13:41:14, Willy Tarreau a écrit : On Mon, Nov 16, 2009 at 01:04:17PM +0100, Aleksandar Lazic wrote: [snipp] For example: if in the url the delimiter changes from ';' to ',' then you should set the following

Re: Small patch for the appsession feature

2009-11-17 Thread Willy Tarreau
On Tue, Nov 17, 2009 at 11:25:56PM +0100, Aleksandar Lazic wrote: And for now, I see 2 modes : - path-parameters (the default) - query-string (the one that made me look at the code :-) ) (and if needed weblogic) Looks ok for me. What I'am not sure now is how we can prevent that

Re: Small patch for the appsession feature

2009-11-16 Thread Aleksandar Lazic
On Mon 16.11.2009 08:52, Willy Tarreau wrote: Hi, On Sun, Nov 15, 2009 at 10:28:21PM +0100, Aleksandar Lazic wrote: Hi Cyril, On Fre 13.11.2009 22:50, Cyril Bonté wrote: Hello Willy, [snipp] First I added it as I did for request-learn but shouldn't it be better to define these options

Re: Small patch for the appsession feature

2009-11-16 Thread Willy Tarreau
On Mon, Nov 16, 2009 at 10:08:56AM +0100, Aleksandar Lazic wrote: What you can do however is to create a new prefix keyword like we have for timeout or tcp-request and put the flags somewhere else. appsession would have been fine but it's already used. Maybe you can use appcookie ? Something

Re: Small patch for the appsession feature

2009-11-16 Thread Willy Tarreau
On Mon, Nov 16, 2009 at 01:04:17PM +0100, Aleksandar Lazic wrote: (...) app* delimiterstart (default ;) app* delimiterstop (defautl =) I'm sorry, I don't understand what you mean. Could you give an example of configuration using this ? For example: if in the url the delimiter changes

Re: Small patch for the appsession feature

2009-11-16 Thread Cyril Bonté
Le lundi 16 novembre 2009 13:41:14, Willy Tarreau a écrit : On Mon, Nov 16, 2009 at 01:04:17PM +0100, Aleksandar Lazic wrote: (...) app* delimiterstart (default ;) app* delimiterstop (defautl =) I'm sorry, I don't understand what you mean. Could you give an example of configuration

Re: Small patch for the appsession feature

2009-11-15 Thread Aleksandar Lazic
Hi Cyril, On Fre 13.11.2009 22:50, Cyril Bonté wrote: Hello Willy, sorry, I didn't have time to work on the patch as I wanted. Le jeudi 5 novembre 2009 06:19:41, Willy Tarreau a écrit : Sorry but I can't see in the haproxy sources how the cookie prefix can be used for appsession. capture

Re: Small patch for the appsession feature

2009-11-15 Thread Willy Tarreau
Hi, On Sun, Nov 15, 2009 at 10:28:21PM +0100, Aleksandar Lazic wrote: Hi Cyril, On Fre 13.11.2009 22:50, Cyril Bonté wrote: Hello Willy, sorry, I didn't have time to work on the patch as I wanted. Le jeudi 5 novembre 2009 06:19:41, Willy Tarreau a écrit : Sorry but I can't see in the

Re: Small patch for the appsession feature

2009-11-14 Thread Cyril Bonté
Hello Willy, sorry, I didn't have time to work on the patch as I wanted. Le jeudi 5 novembre 2009 06:19:41, Willy Tarreau a écrit : Sorry but I can't see in the haproxy sources how the cookie prefix can be used for appsession. capture cookie allows to find this cookie prefix but it seems

Re: Small patch for the appsession feature

2009-11-02 Thread Willy Tarreau
Hi Cyril, On Sun, Nov 01, 2009 at 12:19:05AM +0100, Cyril Bonté wrote: Hello Willy and Aleksandar, If you agree, I would like to apply this new patch to add some more integrity checking on appsession. * the session value (provided by the URL or by the request/response cookie) is now well

Re: Small patch for the appsession feature

2009-11-02 Thread Cyril Bonté
Le lundi 2 novembre 2009 12:09:43, Willy Tarreau a écrit : * it adds a verification on the '=' char : currently (with appsession JSESSIONID for example), an URL like http://haproxy/path;jsessionidfake=0123... matches the session id ake=0123... = with the patch, jsessionidfake won't be

Re: Small patch for the appsession feature

2009-10-31 Thread Cyril Bonté
Hello Willy and Aleksandar, If you agree, I would like to apply this new patch to add some more integrity checking on appsession. * the session value (provided by the URL or by the request/response cookie) is now well delimited : currently, setting len 52 on a 32 chars value has a bad effect on

Re: Small patch for the appsession feature

2009-10-31 Thread Cyril Bonté
Le dimanche 1 novembre 2009 00:19:05, Cyril Bonté a écrit : Hello Willy and Aleksandar, If you agree, I would like to apply this new patch to add some more integrity checking on appsession. Forget the previous patch file, this new one also prevents forcing the load balancing to one server

Re: Small patch for the appsession feature

2009-10-18 Thread Willy Tarreau
On Thu, Oct 15, 2009 at 12:15:40AM +0200, Cyril Bonté wrote: OK, here comes the 2 patch files for haproxy-1.3.21 and haproxy-1.4-dev4. Please note 3 minor changes in those versions (proto_http.c / proto_http.h) : Cyril, I have merged your two patches. I applied a very minor change, I removed

Re: Small patch for the appsession feature

2009-10-18 Thread Cyril Bonté
Le dimanche 18 octobre 2009 12:05:55, Willy Tarreau a écrit : Cyril, I have merged your two patches. Thanks ! I'm thinking of working on a second patch. The documentation says that appsession looks for the session in the query string but this is not really the case. Currently, it parses the

Re: Small patch for the appsession feature

2009-10-14 Thread Willy Tarreau
On Tue, Oct 13, 2009 at 10:41:59PM +0200, Aleksandar Lazic wrote: On Die 13.10.2009 21:34, Cyril Bonté wrote: Le lundi 12 octobre 2009 23:17:43, Aleksandar Lazic a écrit : Yes, you're right, I missed it after several tests on different snapshots. Here comes a second patch to reintroduce

Re: Small patch for the appsession feature

2009-10-14 Thread Aleksandar Lazic
On Mit 14.10.2009 21:40, Willy Tarreau wrote: On Tue, Oct 13, 2009 at 10:41:59PM +0200, Aleksandar Lazic wrote: On Die 13.10.2009 21:34, Cyril Bonté wrote: Le lundi 12 octobre 2009 23:17:43, Aleksandar Lazic a écrit : Yes, you're right, I missed it after several tests on different snapshots.

Re: Small patch for the appsession feature

2009-10-14 Thread Willy Tarreau
On Wed, Oct 14, 2009 at 10:20:04PM +0200, Aleksandar Lazic wrote: On Mit 14.10.2009 21:40, Willy Tarreau wrote: On Tue, Oct 13, 2009 at 10:41:59PM +0200, Aleksandar Lazic wrote: On Die 13.10.2009 21:34, Cyril Bonté wrote: Le lundi 12 octobre 2009 23:17:43, Aleksandar Lazic a écrit : Yes,

Re: Small patch for the appsession feature

2009-10-14 Thread Cyril Bonté
Le mercredi 14 octobre 2009 22:23:54, Willy Tarreau a écrit : Cyril, care to send an updated patch with the latest changes ? OK ! Do it for either 1.3 or 1.4, I'll do the back/forward port. If you prefer to proceed on both, of course feel free to do so :-) I can do both, this will let you

Re: Small patch for the appsession feature

2009-10-14 Thread Willy Tarreau
On Wed, Oct 14, 2009 at 10:36:49PM +0200, Cyril Bonté wrote: Le mercredi 14 octobre 2009 22:23:54, Willy Tarreau a écrit : Cyril, care to send an updated patch with the latest changes ? OK ! Do it for either 1.3 or 1.4, I'll do the back/forward port. If you prefer to proceed on both,

Re: Small patch for the appsession feature

2009-10-14 Thread Cyril Bonté
Le mercredi 14 octobre 2009 22:39:39, Willy Tarreau a écrit : Do it for either 1.3 or 1.4, I'll do the back/forward port. If you prefer to proceed on both, of course feel free to do so :-) I can do both, this will let you work on something else ;) Nice, I appreciate it. OK, here

Re: Small patch for the appsession feature

2009-10-13 Thread Cyril Bonté
Le lundi 12 octobre 2009 23:17:43, Aleksandar Lazic a écrit : Hi Cyril, good catch. +} + +/* -#if defined(DEBUG_HASH) -Alert(manage_client_side_cookies\n); - appsession_hash_dump((t-be-htbl_proxy)); -#endif

Re: Small patch for the appsession feature

2009-10-13 Thread Aleksandar Lazic
On Die 13.10.2009 21:34, Cyril Bonté wrote: Le lundi 12 octobre 2009 23:17:43, Aleksandar Lazic a écrit : Yes, you're right, I missed it after several tests on different snapshots. Here comes a second patch to reintroduce these debug lines : Thanks.