Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2018-06-27 10:21:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "haproxy"
Wed Jun 27 10:21:30 2018 rev:62 rq:618961 version:1.8.10~git0.ec17d7a9
Changes:
--------
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-05-29
16:53:36.352880201 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-06-27
10:21:32.323781056 +0200
@@ -1,0 +2,34 @@
+Mon Jun 25 05:16:57 UTC 2018 - kgronl...@suse.com
+
+- Update to version 1.8.10~git0.ec17d7a9:
+ * MINOR: threads: Be sure to remove threads from all_threads_mask on exit
+ * BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
+ * BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
+ * BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
+ * BUG/MAJOR: ssl: Random crash with cipherlist capture
+ * BUG/MINOR: lua: Segfaults with wrong usage of types.
+ * BUG/MAJOR: map: fix a segfault when using http-request set-map
+ * MINOR: lua: Increase debug information
+ * BUG/MINOR: signals: ha_sigmask macro for multithreading
+ * BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
+ * BUG/MEDIUM: threads: handle signal queue only in thread 0
+ * BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
+ * BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
+ * BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
+ * BUG/MINOR: contrib/modsecurity: Don't reset the status code during
disconnect
+ * BUG/MINOR: contrib/mod_defender: Don't reset the status code during
disconnect
+ * BUG/MINOR: contrib/spoa_example: Don't reset the status code during
disconnect
+ * MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
+ * BUG/MEDIUM: lua/socket: Buffer error, may segfault
+ * BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
+ * BUG/MEDIUM: lua/socket: Notification error
+ * BUG/MAJOR: lua: Dead lock with sockets
+ * BUG/MEDIUM: lua/socket: wrong scheduling for sockets
+ * MINOR: task/notification: Is notifications registered ?
+ * BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync
mode
+ * BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
+ * BUG/MEDIUM: lua/socket: Length required read doesn't work
+ * BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
+ * BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
+
+-------------------------------------------------------------------
Old:
----
haproxy-1.8.9~git9.6d82e611.tar.gz
New:
----
haproxy-1.8.10~git0.ec17d7a9.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ haproxy.spec ++++++
--- /var/tmp/diff_new_pack.mA7fTx/_old 2018-06-27 10:21:32.975757276 +0200
+++ /var/tmp/diff_new_pack.mA7fTx/_new 2018-06-27 10:21:32.975757276 +0200
@@ -40,7 +40,7 @@
%bcond_without apparmor
Name: haproxy
-Version: 1.8.9~git9.6d82e611
+Version: 1.8.10~git0.ec17d7a9
Release: 0
#
#
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.mA7fTx/_old 2018-06-27 10:21:33.043754796 +0200
+++ /var/tmp/diff_new_pack.mA7fTx/_new 2018-06-27 10:21:33.047754651 +0200
@@ -5,4 +5,4 @@
<param
name="url">http://git.haproxy.org/git/haproxy-1.7.git</param>
<param
name="changesrevision">640d526f8cdad00f7f5043b51f6a34f3f6ebb49f</param></service><service
name="tar_scm">
<param
name="url">http://git.haproxy.org/git/haproxy-1.8.git</param>
- <param
name="changesrevision">6d82e6114f393a764aa5cf423bf3782e36cebe54</param></service></servicedata>
\ No newline at end of file
+ <param
name="changesrevision">ec17d7a98f30326918219ba876fcfc56f6ad6823</param></service></servicedata>
\ No newline at end of file
++++++ haproxy-1.8.9~git9.6d82e611.tar.gz ->
haproxy-1.8.10~git0.ec17d7a9.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/CHANGELOG
new/haproxy-1.8.10~git0.ec17d7a9/CHANGELOG
--- old/haproxy-1.8.9~git9.6d82e611/CHANGELOG 2018-05-23 20:02:04.000000000
+0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/CHANGELOG 2018-06-22 15:58:22.000000000
+0200
@@ -1,6 +1,48 @@
ChangeLog :
===========
+2018/06/22 : 1.8.10
+ - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1
arguments.
+ - BUG/MEDIUM: spoe: Flags are not encoded in network order
+ - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode
flags
+ - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
+ - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn
computation
+ - BUG/MEDIUM: cache: don't cache when an Authorization header is present
+ - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check
failure.
+ - BUG/BUILD: threads: unbreak build without threads
+ - BUG/BUILD: fd: fix typo causing a warning when threads are disabled
+ - BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
+ - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
+ - BUG/MEDIUM: lua/socket: Length required read doesn't work
+ - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
+ - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync
mode
+ - MINOR: task/notification: Is notifications registered ?
+ - BUG/MEDIUM: lua/socket: wrong scheduling for sockets
+ - BUG/MAJOR: lua: Dead lock with sockets
+ - BUG/MEDIUM: lua/socket: Notification error
+ - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
+ - BUG/MEDIUM: lua/socket: Buffer error, may segfault
+ - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for
1.0
+ - BUG/MINOR: contrib/spoa_example: Don't reset the status code during
disconnect
+ - BUG/MINOR: contrib/mod_defender: Don't reset the status code during
disconnect
+ - BUG/MINOR: contrib/modsecurity: Don't reset the status code during
disconnect
+ - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
+ - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
+ - DOC: SPOE.txt: fix a typo
+ - DOC: contrib/modsecurity: few typo fixes
+ - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless
reload.
+ - BUG/MEDIUM: threads: handle signal queue only in thread 0
+ - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
+ - BUG/MINOR: signals: ha_sigmask macro for multithreading
+ - MINOR: lua: Increase debug information
+ - BUG/MAJOR: map: fix a segfault when using http-request set-map
+ - BUG/MINOR: lua: Segfaults with wrong usage of types.
+ - BUG/MAJOR: ssl: Random crash with cipherlist capture
+ - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
+ - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
+ - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
+ - MINOR: threads: Be sure to remove threads from all_threads_mask on exit
+
2018/05/18 : 1.8.9
- BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
- BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/README
new/haproxy-1.8.10~git0.ec17d7a9/README
--- old/haproxy-1.8.9~git9.6d82e611/README 2018-05-23 20:02:04.000000000
+0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/README 2018-06-22 15:58:22.000000000
+0200
@@ -3,7 +3,7 @@
----------------------
version 1.8
willy tarreau
- 2018/05/18
+ 2018/06/22
1) How to build it
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/VERDATE
new/haproxy-1.8.10~git0.ec17d7a9/VERDATE
--- old/haproxy-1.8.9~git9.6d82e611/VERDATE 2018-05-23 20:02:04.000000000
+0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/VERDATE 2018-06-22 15:58:22.000000000
+0200
@@ -1,2 +1,2 @@
$Format:%ci$
-2018/05/18
+2018/06/22
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/VERSION
new/haproxy-1.8.10~git0.ec17d7a9/VERSION
--- old/haproxy-1.8.9~git9.6d82e611/VERSION 2018-05-23 20:02:04.000000000
+0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/VERSION 2018-06-22 15:58:22.000000000
+0200
@@ -1 +1 @@
-1.8.9
+1.8.10
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/haproxy-1.8.9~git9.6d82e611/contrib/mod_defender/spoa.c
new/haproxy-1.8.10~git0.ec17d7a9/contrib/mod_defender/spoa.c
--- old/haproxy-1.8.9~git9.6d82e611/contrib/mod_defender/spoa.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/contrib/mod_defender/spoa.c
2018-06-22 15:58:22.000000000 +0200
@@ -43,7 +43,7 @@
#define CONNECTION_BACKLOG 10
#define NUM_WORKERS 10
#define MAX_FRAME_SIZE 16384
-#define SPOP_VERSION "1.0"
+#define SPOP_VERSION "2.0"
#define SLEN(str) (sizeof(str)-1)
@@ -1345,7 +1345,8 @@
frame->flags = 0;
ret = prepare_agentack(frame);
- p = frame->buf + ret;
+ p = frame->buf + ret;
+ end = frame->buf+max_frame_size;
if (frame->defender_status != -1) {
DEBUG(frame->worker, "Add action : set variable status=%u",
@@ -1452,7 +1453,6 @@
if (client->status_code != SPOE_FRM_ERR_NONE)
LOG(client->worker, "<%lu> Peer closed
connection: %s",
client->id,
spoe_frm_err_reasons[client->status_code]);
- client->status_code = SPOE_FRM_ERR_NONE;
goto disconnect;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/haproxy-1.8.9~git9.6d82e611/contrib/modsecurity/README
new/haproxy-1.8.10~git0.ec17d7a9/contrib/modsecurity/README
--- old/haproxy-1.8.9~git9.6d82e611/contrib/modsecurity/README 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/contrib/modsecurity/README 2018-06-22
15:58:22.000000000 +0200
@@ -1,7 +1,7 @@
ModSecurity for HAProxy
-----------------------
-This is a third party deamon whoch speaks SPOE. It give requests send by
HAProxy
+This is a third party deamon which speaks SPOE. It gives requests send by
HAProxy
to ModSecurity and returns the verdict.
Compilation
@@ -24,7 +24,7 @@
cp standalone/*.h $PWD/INSTALL/include
cp apache2/*.h $PWD/INSTALL/include
-Note that this compilation method works, but is a litle bit rustic. I cant
+Note that this compilation method works, but is a litle bit rustic. I can't
deal with Lua, I supposed that is a dependecies problem on my computer.
Start the service
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/haproxy-1.8.9~git9.6d82e611/contrib/modsecurity/spoa.c
new/haproxy-1.8.10~git0.ec17d7a9/contrib/modsecurity/spoa.c
--- old/haproxy-1.8.9~git9.6d82e611/contrib/modsecurity/spoa.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/contrib/modsecurity/spoa.c 2018-06-22
15:58:22.000000000 +0200
@@ -1,7 +1,7 @@
/*
* Modsecurity wrapper for haproxy
*
- * This file contains the bootstrap for laucnching and scheduling modsecurity
+ * This file contains the bootstrap for launching and scheduling modsecurity
* for working with HAProxy SPOE protocol.
*
* Copyright 2016 OZON, Thierry Fournier <thierry.fourn...@ozon.io>
@@ -48,7 +48,7 @@
#define CONNECTION_BACKLOG 10
#define NUM_WORKERS 10
#define MAX_FRAME_SIZE 16384
-#define SPOP_VERSION "1.0"
+#define SPOP_VERSION "2.0"
#define SLEN(str) (sizeof(str)-1)
@@ -1374,7 +1374,8 @@
frame->flags = 0;
ret = prepare_agentack(frame);
- p = frame->buf + ret;
+ p = frame->buf + ret;
+ end = frame->buf+max_frame_size;
if (frame->modsec_code != -1) {
DEBUG(frame->worker, "Add action : set variable code=%u",
@@ -1481,7 +1482,6 @@
if (client->status_code != SPOE_FRM_ERR_NONE)
LOG(client->worker, "<%lu> Peer closed
connection: %s",
client->id,
spoe_frm_err_reasons[client->status_code]);
- client->status_code = SPOE_FRM_ERR_NONE;
goto disconnect;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/haproxy-1.8.9~git9.6d82e611/contrib/spoa_example/spoa.c
new/haproxy-1.8.10~git0.ec17d7a9/contrib/spoa_example/spoa.c
--- old/haproxy-1.8.9~git9.6d82e611/contrib/spoa_example/spoa.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/contrib/spoa_example/spoa.c
2018-06-22 15:58:22.000000000 +0200
@@ -43,7 +43,7 @@
#define CONNECTION_BACKLOG 10
#define NUM_WORKERS 10
#define MAX_FRAME_SIZE 16384
-#define SPOP_VERSION "1.0"
+#define SPOP_VERSION "2.0"
#define SLEN(str) (sizeof(str)-1)
@@ -1473,7 +1473,6 @@
if (client->status_code != SPOE_FRM_ERR_NONE)
LOG(client->worker, "<%lu> Peer closed
connection: %s",
client->id,
spoe_frm_err_reasons[client->status_code]);
- client->status_code = SPOE_FRM_ERR_NONE;
goto disconnect;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/doc/SPOE.txt
new/haproxy-1.8.10~git0.ec17d7a9/doc/SPOE.txt
--- old/haproxy-1.8.9~git9.6d82e611/doc/SPOE.txt 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/doc/SPOE.txt 2018-06-22
15:58:22.000000000 +0200
@@ -1004,7 +1004,7 @@
* set-var set the value for an existing variable. 3 arguments must be
attached to this action: the variable scope (proc, sess, txn,
- req or req), the variable name (a string) and its value.
+ req or res), the variable name (a string) and its value.
ACTION-SET-VAR : <SET-VAR:1 byte><NB-ARGS:1 byte><VAR-SCOPE:1
byte><VAR-NAME><VAR-VALUE>
@@ -1022,7 +1022,7 @@
* unset-var unset the value for an existing variable. 2 arguments must be
attached to this action: the variable scope (proc, sess, txn,
- req or req) and the variable name (a string).
+ req or res) and the variable name (a string).
ACTION-UNSET-VAR : <UNSET-VAR:1 byte><NB-ARGS:1 byte><VAR-SCOPE:1
byte><VAR-NAME>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/doc/configuration.txt
new/haproxy-1.8.10~git0.ec17d7a9/doc/configuration.txt
--- old/haproxy-1.8.9~git9.6d82e611/doc/configuration.txt 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/doc/configuration.txt 2018-06-22
15:58:22.000000000 +0200
@@ -4,7 +4,7 @@
----------------------
version 1.8
willy tarreau
- 2018/05/18
+ 2018/06/22
This document covers the configuration language as implemented in the version
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/examples/haproxy.spec
new/haproxy-1.8.10~git0.ec17d7a9/examples/haproxy.spec
--- old/haproxy-1.8.9~git9.6d82e611/examples/haproxy.spec 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/examples/haproxy.spec 2018-06-22
15:58:22.000000000 +0200
@@ -1,6 +1,6 @@
Summary: HA-Proxy is a TCP/HTTP reverse proxy for high availability
environments
Name: haproxy
-Version: 1.8.9
+Version: 1.8.10
Release: 1
License: GPL
Group: System Environment/Daemons
@@ -74,6 +74,9 @@
%attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/%{name}
%changelog
+* Fri Jun 22 2018 William Lallemand <wlallem...@haproxy.org>
+- updated to 1.8.10
+
* Fri May 18 2018 William Lallemand <wlallem...@haproxy.org>
- updated to 1.8.9
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/haproxy-1.8.9~git9.6d82e611/include/common/hathreads.h
new/haproxy-1.8.10~git0.ec17d7a9/include/common/hathreads.h
--- old/haproxy-1.8.9~git9.6d82e611/include/common/hathreads.h 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/include/common/hathreads.h 2018-06-22
15:58:22.000000000 +0200
@@ -90,6 +90,8 @@
#define HA_RWLOCK_TRYRDLOCK(lbl, l) ({ 0; })
#define HA_RWLOCK_RDUNLOCK(lbl, l) do { /* do nothing */ } while(0)
+#define ha_sigmask(how, set, oldset) sigprocmask(how, set, oldset)
+
#else /* USE_THREAD */
#include <stdio.h>
@@ -204,6 +206,9 @@
extern unsigned long all_threads_mask;
+#define ha_sigmask(how, set, oldset) pthread_sigmask(how, set, oldset)
+
+
#if defined(DEBUG_THREAD) || defined(DEBUG_FULL)
/* WARNING!!! if you update this enum, please also keep lock_label() up to
date below */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/include/proto/fd.h
new/haproxy-1.8.10~git0.ec17d7a9/include/proto/fd.h
--- old/haproxy-1.8.9~git9.6d82e611/include/proto/fd.h 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/include/proto/fd.h 2018-06-22
15:58:22.000000000 +0200
@@ -126,7 +126,7 @@
/* If update_mask is non-nul, then it's already in the list
* so we don't have to add it.
*/
- if (fdtab[fd].update_mask == 0) {
+ if ((fdtab[fd].update_mask & all_threads_mask) == 0) {
if (update_list.first == -1) {
update_list.first = update_list.last = fd;
fdtab[fd].update.next = fdtab[fd].update.prev =
-1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/include/proto/task.h
new/haproxy-1.8.10~git0.ec17d7a9/include/proto/task.h
--- old/haproxy-1.8.9~git9.6d82e611/include/proto/task.h 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/include/proto/task.h 2018-06-22
15:58:22.000000000 +0200
@@ -388,6 +388,13 @@
}
}
+/* This function returns true is some notification are pending
+ */
+static inline int notification_registered(struct list *wake)
+{
+ return !LIST_ISEMPTY(wake);
+}
+
/*
* This does 3 things :
* - wake up all expired tasks
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/checks.c
new/haproxy-1.8.10~git0.ec17d7a9/src/checks.c
--- old/haproxy-1.8.9~git9.6d82e611/src/checks.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/checks.c 2018-06-22
15:58:22.000000000 +0200
@@ -1618,7 +1618,7 @@
sigset_t set;
sigemptyset(&set);
sigaddset(&set, SIGCHLD);
- assert(sigprocmask(SIG_BLOCK, &set, NULL) == 0);
+ assert(ha_sigmask(SIG_BLOCK, &set, NULL) == 0);
}
void unblock_sigchld(void)
@@ -1626,7 +1626,7 @@
sigset_t set;
sigemptyset(&set);
sigaddset(&set, SIGCHLD);
- assert(sigprocmask(SIG_UNBLOCK, &set, NULL) == 0);
+ assert(ha_sigmask(SIG_UNBLOCK, &set, NULL) == 0);
}
static struct pid_list *pid_list_add(pid_t pid, struct task *t)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/fd.c
new/haproxy-1.8.10~git0.ec17d7a9/src/fd.c
--- old/haproxy-1.8.9~git9.6d82e611/src/fd.c 2018-05-23 20:02:04.000000000
+0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/fd.c 2018-06-22 15:58:22.000000000
+0200
@@ -202,7 +202,6 @@
port_range_release_port(fdinfo[fd].port_range, fdinfo[fd].local_port);
fdinfo[fd].port_range = NULL;
fdtab[fd].owner = NULL;
- fdtab[fd].update_mask &= ~tid_bit;
fdtab[fd].new = 0;
fdtab[fd].thread_mask = 0;
if (do_close) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/flt_spoe.c
new/haproxy-1.8.10~git0.ec17d7a9/src/flt_spoe.c
--- old/haproxy-1.8.9~git9.6d82e611/src/flt_spoe.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/flt_spoe.c 2018-06-22
15:58:22.000000000 +0200
@@ -310,12 +310,13 @@
/* All supported versions */
static struct spoe_version supported_versions[] = {
- {"1.0", 1000, 1000},
+ /* 1.0 is now unsupported because of a bug about frame's flags*/
+ {"2.0", 2000, 2000},
{NULL, 0, 0}
};
/* Comma-separated list of supported versions */
-#define SUPPORTED_VERSIONS_VAL "1.0"
+#define SUPPORTED_VERSIONS_VAL "2.0"
/* Convert a string to a SPOE version value. The string must follow the format
* "MAJOR.MINOR". It will be concerted into the integer (1000 * MAJOR + MINOR).
@@ -1027,6 +1028,8 @@
(unsigned int)stream_id, (unsigned int)frame_id);
SPOE_APPCTX(appctx)->status_code = SPOE_FRM_ERR_FRAMEID_NOTFOUND;
+ if (appctx->st0 == SPOE_APPCTX_ST_WAITING_SYNC_ACK)
+ return -1;
return 0;
found:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/haproxy.c
new/haproxy-1.8.10~git0.ec17d7a9/src/haproxy.c
--- old/haproxy-1.8.9~git9.6d82e611/src/haproxy.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/haproxy.c 2018-06-22
15:58:22.000000000 +0200
@@ -509,7 +509,7 @@
sigaddset(&set, SIGHUP);
sigaddset(&set, SIGINT);
sigaddset(&set, SIGTERM);
- sigprocmask(SIG_SETMASK, &set, NULL);
+ ha_sigmask(SIG_SETMASK, &set, NULL);
}
static void mworker_unblock_signals()
@@ -522,7 +522,7 @@
sigaddset(&set, SIGHUP);
sigaddset(&set, SIGINT);
sigaddset(&set, SIGTERM);
- sigprocmask(SIG_UNBLOCK, &set, NULL);
+ ha_sigmask(SIG_UNBLOCK, &set, NULL);
}
static void mworker_unregister_signals()
@@ -2368,10 +2368,12 @@
fd_want_recv(mworker_pipe[0]);
}
-static void sync_poll_loop()
+static int sync_poll_loop()
{
+ int stop = 0;
+
if (THREAD_NO_SYNC())
- return;
+ return stop;
THREAD_ENTER_SYNC();
@@ -2385,7 +2387,9 @@
/* *** } */
exit:
+ stop = (jobs == 0); /* stop when there's nothing left to do */
THREAD_EXIT_SYNC();
+ return stop;
}
/* Runs the polling loop */
@@ -2398,15 +2402,18 @@
/* Process a few tasks */
process_runnable_tasks();
- /* check if we caught some signals and process them */
- signal_process_queue();
+ /* check if we caught some signals and process them in the
+ first thread */
+ if (tid == 0)
+ signal_process_queue();
/* Check if we can expire some tasks */
next = wake_expired_tasks();
- /* stop when there's nothing left to do */
- if (jobs == 0)
- break;
+ /* the first thread requests a synchronization to exit when
+ * there is no active jobs anymore */
+ if (tid == 0 && jobs == 0)
+ THREAD_WANT_SYNC();
/* expire immediately if events are pending */
exp = now_ms;
@@ -2416,7 +2423,7 @@
activity[tid].wake_tasks++;
else if (active_applets_mask & tid_bit)
activity[tid].wake_applets++;
- else if (signal_queue_len)
+ else if (signal_queue_len && tid == 0)
activity[tid].wake_signal++;
else
exp = next;
@@ -2428,7 +2435,9 @@
/* Synchronize all polling loops */
- sync_poll_loop();
+ if (sync_poll_loop())
+ break;
+
activity[tid].loops++;
}
}
@@ -2463,6 +2472,8 @@
list_for_each_entry(ptdf, &per_thread_deinit_list, list)
ptdf->fct();
+ HA_ATOMIC_AND(&all_threads_mask, ~tid_bit);
+
#ifdef USE_THREAD
if (tid > 0)
pthread_exit(NULL);
@@ -3006,6 +3017,7 @@
unsigned int *tids = calloc(global.nbthread, sizeof(unsigned
int));
pthread_t *threads = calloc(global.nbthread,
sizeof(pthread_t));
int i;
+ sigset_t blocked_sig, old_sig;
THREAD_SYNC_INIT((1UL << global.nbthread) - 1);
@@ -3013,6 +3025,15 @@
for (i = 0; i < global.nbthread; i++)
tids[i] = i;
+ /* ensure the signals will be blocked in every thread */
+ sigfillset(&blocked_sig);
+ sigdelset(&blocked_sig, SIGPROF);
+ sigdelset(&blocked_sig, SIGBUS);
+ sigdelset(&blocked_sig, SIGFPE);
+ sigdelset(&blocked_sig, SIGILL);
+ sigdelset(&blocked_sig, SIGSEGV);
+ pthread_sigmask(SIG_SETMASK, &blocked_sig, &old_sig);
+
/* Create nbthread-1 thread. The first thread is the current
process */
threads[0] = pthread_self();
for (i = 1; i < global.nbthread; i++)
@@ -3046,6 +3067,9 @@
}
#endif /* !USE_CPU_AFFINITY */
+ /* when multithreading we need to let only the thread 0 handle
the signals */
+ pthread_sigmask(SIG_SETMASK, &old_sig, NULL);
+
/* Finally, start the poll loop for the first thread */
run_thread_poll_loop(&tids[0]);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/hlua.c
new/haproxy-1.8.10~git0.ec17d7a9/src/hlua.c
--- old/haproxy-1.8.9~git9.6d82e611/src/hlua.c 2018-05-23 20:02:04.000000000
+0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/hlua.c 2018-06-22 15:58:22.000000000
+0200
@@ -286,6 +286,63 @@
return lua_tostring(L, -1);
}
+__LJMP static const char *hlua_traceback(lua_State *L)
+{
+ lua_Debug ar;
+ int level = 0;
+ struct chunk *msg = get_trash_chunk();
+ int filled = 0;
+
+ while (lua_getstack(L, level++, &ar)) {
+
+ /* Add separator */
+ if (filled)
+ chunk_appendf(msg, ", ");
+ filled = 1;
+
+ /* Fill fields:
+ * 'S': fills in the fields source, short_src, linedefined,
lastlinedefined, and what;
+ * 'l': fills in the field currentline;
+ * 'n': fills in the field name and namewhat;
+ * 't': fills in the field istailcall;
+ */
+ lua_getinfo(L, "Slnt", &ar);
+
+ /* Append code localisation */
+ if (ar.currentline > 0)
+ chunk_appendf(msg, "%s:%d ", ar.short_src,
ar.currentline);
+ else
+ chunk_appendf(msg, "%s ", ar.short_src);
+
+ /*
+ * Get function name
+ *
+ * if namewhat is no empty, name is defined.
+ * what contains "Lua" for Lua function, "C" for C function,
+ * or "main" for main code.
+ */
+ if (*ar.namewhat != '\0' && ar.name != NULL) /* is there a
name from code? */
+ chunk_appendf(msg, "%s '%s'", ar.namewhat, ar.name);
/* use it */
+
+ else if (*ar.what == 'm') /* "main", the code is not executed
in a function */
+ chunk_appendf(msg, "main chunk");
+
+ else if (*ar.what != 'C') /* for Lua functions, use
<file:line> */
+ chunk_appendf(msg, "C function line %d",
ar.linedefined);
+
+ else /* nothing left... */
+ chunk_appendf(msg, "?");
+
+
+ /* Display tailed call */
+ if (ar.istailcall)
+ chunk_appendf(msg, " ...");
+ }
+
+ return msg->str;
+}
+
+
/* This function check the number of arguments available in the
* stack. If the number of arguments available is not the same
* then <nb> an error is throwed.
@@ -984,6 +1041,7 @@
{
int ret;
const char *msg;
+ const char *trace;
/* Initialise run time counter. */
if (!HLUA_IS_RUNNING(lua))
@@ -1078,10 +1136,11 @@
msg = lua_tostring(lua->T, -1);
lua_settop(lua->T, 0); /* Empty the stack. */
lua_pop(lua->T, 1);
+ trace = hlua_traceback(lua->T);
if (msg)
- lua_pushfstring(lua->T, "runtime error: %s", msg);
+ lua_pushfstring(lua->T, "runtime error: %s from %s",
msg, trace);
else
- lua_pushfstring(lua->T, "unknown runtime error");
+ lua_pushfstring(lua->T, "unknown runtime error from
%s", trace);
ret = HLUA_E_ERRMSG;
break;
@@ -1569,6 +1628,18 @@
/* Wake the tasks which wants to read if the buffer contains data. */
if (!channel_is_empty(si_oc(si)))
notification_wake(&appctx->ctx.hlua_cosocket.wake_on_read);
+
+ /* Some data were injected in the buffer, notify the stream
+ * interface.
+ */
+ if (!channel_is_empty(si_ic(si)))
+ stream_int_update(si);
+
+ /* If write notifications are registered, we considers we want
+ * to write, so we set the flag cant put
+ */
+ if (notification_registered(&appctx->ctx.hlua_cosocket.wake_on_write))
+ si_applet_cant_put(si);
}
/* This function is called when the "struct stream" is destroyed.
@@ -1685,6 +1756,7 @@
struct stream_interface *si;
struct stream *s;
struct xref *peer;
+ int missing_bytes;
/* Check if this lua stack is schedulable. */
if (!hlua || !hlua->task)
@@ -1754,11 +1826,12 @@
if (nblk == 0) /* No data avalaible. */
goto connection_empty;
- if (len1 > wanted) {
+ missing_bytes = wanted - socket->b.n;
+ if (len1 > missing_bytes) {
nblk = 1;
- len1 = wanted;
- } if (nblk == 2 && len1 + len2 > wanted)
- len2 = wanted - len1;
+ len1 = missing_bytes;
+ } if (nblk == 2 && len1 + len2 > missing_bytes)
+ len2 = missing_bytes - len1;
}
len = len1;
@@ -1773,15 +1846,14 @@
co_skip(oc, len + skip_at_end);
/* Don't wait anything. */
- stream_int_notify(&s->si[0]);
- stream_int_update_applet(&s->si[0]);
+ appctx_wakeup(appctx);
/* If the pattern reclaim to read all the data
* in the connection, got out.
*/
if (wanted == HLSR_READ_ALL)
goto connection_empty;
- else if (wanted >= 0 && len < wanted)
+ else if (wanted >= 0 && socket->b.n < wanted)
goto connection_empty;
/* Return result. */
@@ -1806,7 +1878,6 @@
connection_empty:
- appctx = objt_appctx(s->si[0].end);
if (!notification_new(&hlua->com,
&appctx->ctx.hlua_cosocket.wake_on_read, hlua->task)) {
xref_unlock(&socket->xref, peer);
WILL_LJMP(luaL_error(L, "out of memory"));
@@ -1958,7 +2029,6 @@
* the request buffer if its not required.
*/
if (s->req.buf->size == 0) {
- appctx = hlua->task->context;
if (!channel_alloc_buffer(&s->req, &appctx->buffer_wait))
goto hlua_socket_write_yield_return;
}
@@ -1966,18 +2036,13 @@
/* Check for avalaible space. */
len = buffer_total_space(s->req.buf);
if (len <= 0) {
- appctx = objt_appctx(s->si[0].end);
- if (!notification_new(&hlua->com,
&appctx->ctx.hlua_cosocket.wake_on_write, hlua->task)) {
- xref_unlock(&socket->xref, peer);
- WILL_LJMP(luaL_error(L, "out of memory"));
- }
goto hlua_socket_write_yield_return;
}
/* send data */
if (len < send_len)
send_len = len;
- len = ci_putblk(&s->req, buf+sent, send_len);
+ len = ci_putblk(&s->req, buf, send_len);
/* "Not enough space" (-1), "Buffer too little to contain
* the data" (-2) are not expected because the available length
@@ -1996,8 +2061,7 @@
}
/* update buffers. */
- stream_int_notify(&s->si[0]);
- stream_int_update_applet(&s->si[0]);
+ appctx_wakeup(appctx);
s->req.rex = TICK_ETERNITY;
s->res.wex = TICK_ETERNITY;
@@ -2013,6 +2077,10 @@
}
hlua_socket_write_yield_return:
+ if (!notification_new(&hlua->com,
&appctx->ctx.hlua_cosocket.wake_on_write, hlua->task)) {
+ xref_unlock(&socket->xref, peer);
+ WILL_LJMP(luaL_error(L, "out of memory"));
+ }
xref_unlock(&socket->xref, peer);
WILL_LJMP(hlua_yieldk(L, 0, 0, hlua_socket_write_yield, TICK_ETERNITY,
0));
return 0;
@@ -3189,7 +3257,7 @@
{
struct hlua_smp *hsmp;
struct sample_fetch *f;
- struct arg args[ARGM_NBARGS + 1];
+ struct arg args[ARGM_NBARGS + 1] = {{0}};
int i;
struct sample smp;
@@ -3303,7 +3371,7 @@
{
struct hlua_smp *hsmp;
struct sample_conv *conv;
- struct arg args[ARGM_NBARGS + 1];
+ struct arg args[ARGM_NBARGS + 1] = {{0}};
int i;
struct sample smp;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/pattern.c
new/haproxy-1.8.10~git0.ec17d7a9/src/pattern.c
--- old/haproxy-1.8.9~git9.6d82e611/src/pattern.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/pattern.c 2018-06-22
15:58:22.000000000 +0200
@@ -1815,12 +1815,14 @@
list_for_each_entry(elt, &ref->head, list) {
if (strcmp(key, elt->pattern) == 0) {
if (!pat_ref_set_elt(ref, elt, value, merr)) {
- if (!found)
- *err = *merr;
- else {
- memprintf(err, "%s, %s", *err, *merr);
- free(*merr);
- *merr = NULL;
+ if (err && merr) {
+ if (!found) {
+ *err = *merr;
+ } else {
+ memprintf(err, "%s, %s", *err,
*merr);
+ free(*merr);
+ *merr = NULL;
+ }
}
}
found = 1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/proto_uxst.c
new/haproxy-1.8.10~git0.ec17d7a9/src/proto_uxst.c
--- old/haproxy-1.8.9~git9.6d82e611/src/proto_uxst.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/proto_uxst.c 2018-06-22
15:58:22.000000000 +0200
@@ -146,7 +146,12 @@
after_sockname++;
if (!strcmp(after_sockname, ".tmp"))
break;
- }
+ /* abns sockets sun_path starts with a \0 */
+ } else if (un1->sun_path[0] == 0
+ && un2->sun_path[0] == 0
+ && !memcmp(&un1->sun_path[1], &un2->sun_path[1],
+ sizeof(un1->sun_path) - 1))
+ break;
}
xfer_sock = xfer_sock->next;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/proxy.c
new/haproxy-1.8.10~git0.ec17d7a9/src/proxy.c
--- old/haproxy-1.8.9~git9.6d82e611/src/proxy.c 2018-05-23 20:02:04.000000000
+0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/proxy.c 2018-06-22
15:58:22.000000000 +0200
@@ -1450,6 +1450,9 @@
inet_ntop(srv->addr.ss_family, &((struct
sockaddr_in6 *)&srv->addr)->sin6_addr,
srv_addr, INET6_ADDRSTRLEN + 1);
break;
+ default:
+ memcpy(srv_addr, "-\0", 2);
+ break;
}
srv_time_since_last_change = now.tv_sec - srv->last_change;
bk_f_forced_id = px->options & PR_O_FORCED_ID ? 1 : 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/server.c
new/haproxy-1.8.10~git0.ec17d7a9/src/server.c
--- old/haproxy-1.8.9~git9.6d82e611/src/server.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/server.c 2018-06-22
15:58:22.000000000 +0200
@@ -2898,7 +2898,8 @@
server_recalc_eweight(srv);
/* load server IP address */
- srv->lastaddr = strdup(params[0]);
+ if (strcmp(params[0], "-"))
+ srv->lastaddr = strdup(params[0]);
if (fqdn && srv->hostname) {
if (!strcmp(srv->hostname, fqdn)) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/signal.c
new/haproxy-1.8.10~git0.ec17d7a9/src/signal.c
--- old/haproxy-1.8.9~git9.6d82e611/src/signal.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/signal.c 2018-06-22
15:58:22.000000000 +0200
@@ -13,6 +13,8 @@
#include <signal.h>
#include <string.h>
+#include <common/hathreads.h>
+
#include <proto/signal.h>
#include <proto/log.h>
#include <proto/task.h>
@@ -31,7 +33,6 @@
sigset_t blocked_sig;
int signal_pending = 0; /* non-zero if t least one signal remains unprocessed
*/
-__decl_hathreads(HA_SPINLOCK_T signals_lock);
/* Common signal handler, used by all signals. Received signals are queued.
* Signal number zero has a specific status, as it cannot be delivered by the
@@ -71,11 +72,8 @@
struct signal_descriptor *desc;
sigset_t old_sig;
- if (HA_SPIN_TRYLOCK(SIGNALS_LOCK, &signals_lock))
- return;
-
/* block signal delivery during processing */
- sigprocmask(SIG_SETMASK, &blocked_sig, &old_sig);
+ ha_sigmask(SIG_SETMASK, &blocked_sig, &old_sig);
/* It is important that we scan the queue forwards so that we can
* catch any signal that would have been queued by another signal
@@ -99,8 +97,7 @@
signal_queue_len = 0;
/* restore signal delivery */
- sigprocmask(SIG_SETMASK, &old_sig, NULL);
- HA_SPIN_UNLOCK(SIGNALS_LOCK, &signals_lock);
+ ha_sigmask(SIG_SETMASK, &old_sig, NULL);
}
/* perform minimal intializations, report 0 in case of error, 1 if OK. */
@@ -112,8 +109,6 @@
memset(signal_queue, 0, sizeof(signal_queue));
memset(signal_state, 0, sizeof(signal_state));
- HA_SPIN_INIT(&signals_lock);
-
/* Ensure signals are not blocked. Some shells or service managers may
* accidently block all of our signals unfortunately, causing lots of
* zombie processes to remain in the background during reloads.
@@ -123,10 +118,18 @@
* parsing We don't want the process to be killed by an unregistered
* USR2 signal when the master-worker is reloading */
sigaddset(&blocked_sig, SIGUSR2);
- sigprocmask(SIG_SETMASK, &blocked_sig, NULL);
+ ha_sigmask(SIG_SETMASK, &blocked_sig, NULL);
sigfillset(&blocked_sig);
sigdelset(&blocked_sig, SIGPROF);
+ /* man sigprocmask: If SIGBUS, SIGFPE, SIGILL, or SIGSEGV are
+ generated while they are blocked, the result is undefined, unless
+ the signal was generated by kill(2),
+ sigqueue(3), or raise(3) */
+ sigdelset(&blocked_sig, SIGBUS);
+ sigdelset(&blocked_sig, SIGFPE);
+ sigdelset(&blocked_sig, SIGILL);
+ sigdelset(&blocked_sig, SIGSEGV);
for (sig = 0; sig < MAX_SIGNAL; sig++)
LIST_INIT(&signal_state[sig].handlers);
@@ -148,7 +151,6 @@
pool_free(pool_head_sig_handlers, sh);
}
}
- HA_SPIN_DESTROY(&signals_lock);
}
/* Register a function and an integer argument on a signal. A pointer to the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/ssl_sock.c
new/haproxy-1.8.10~git0.ec17d7a9/src/ssl_sock.c
--- old/haproxy-1.8.9~git9.6d82e611/src/ssl_sock.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/ssl_sock.c 2018-06-22
15:58:22.000000000 +0200
@@ -260,6 +260,7 @@
};
struct pool_head *pool_head_ssl_capture = NULL;
static int ssl_capture_ptr_index = -1;
+static int ssl_app_data_index = -1;
#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
struct list tlskeys_reference = LIST_HEAD_INIT(tlskeys_reference);
@@ -825,7 +826,7 @@
int i;
int ret = -1; /* error by default */
- conn = SSL_get_app_data(s);
+ conn = SSL_get_ex_data(s, ssl_app_data_index);
ref = objt_listener(conn->target)->bind_conf->keys_ref;
HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
@@ -1389,7 +1390,7 @@
void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
{
- struct connection *conn = SSL_get_app_data(ssl);
+ struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
BIO *write_bio;
(void)ret; /* shut gcc stupid warning */
@@ -1427,7 +1428,7 @@
int err, depth;
ssl = X509_STORE_CTX_get_ex_data(x_store,
SSL_get_ex_data_X509_STORE_CTX_idx());
- conn = SSL_get_app_data(ssl);
+ conn = SSL_get_ex_data(ssl, ssl_app_data_index);
conn->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
@@ -1575,7 +1576,7 @@
/* test heartbeat received (write_p is set to 0
for a received record) */
if ((content_type == TLS1_RT_HEARTBEAT) && (write_p == 0)) {
- struct connection *conn = SSL_get_app_data(ssl);
+ struct connection *conn = SSL_get_ex_data(ssl,
ssl_app_data_index);
const unsigned char *p = buf;
unsigned int payload;
@@ -1903,7 +1904,7 @@
ssl_sock_generate_certificate_from_conn(struct bind_conf *bind_conf, SSL *ssl)
{
unsigned int key;
- struct connection *conn = SSL_get_app_data(ssl);
+ struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
conn_get_to_addr(conn);
if (conn->flags & CO_FL_ADDR_TO_SET) {
@@ -2099,7 +2100,7 @@
int allow_early = 0;
int i;
- conn = SSL_get_app_data(ssl);
+ conn = SSL_get_ex_data(ssl, ssl_app_data_index);
s = objt_listener(conn->target)->bind_conf;
if (s->ssl_conf.early_data)
@@ -3876,7 +3877,7 @@
/* SSL callback used when a new session is created while connecting to a
server */
static int ssl_sess_new_srv_cb(SSL *ssl, SSL_SESSION *sess)
{
- struct connection *conn = SSL_get_app_data(ssl);
+ struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
struct server *s;
s = objt_server(conn->target);
@@ -4373,7 +4374,7 @@
return ok;
ssl = X509_STORE_CTX_get_ex_data(ctx,
SSL_get_ex_data_X509_STORE_CTX_idx());
- conn = SSL_get_app_data(ssl);
+ conn = SSL_get_ex_data(ssl, ssl_app_data_index);
/* We're checking if the provided hostnames match the desired one. The
* desired hostname comes from the SNI we presented if any, or if not
@@ -4948,7 +4949,7 @@
}
/* set connection pointer */
- if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
+ if (!SSL_set_ex_data(conn->xprt_ctx, ssl_app_data_index, conn))
{
SSL_free(conn->xprt_ctx);
conn->xprt_ctx = NULL;
if (may_retry--) {
@@ -5007,7 +5008,7 @@
}
/* set connection pointer */
- if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
+ if (!SSL_set_ex_data(conn->xprt_ctx, ssl_app_data_index, conn))
{
SSL_free(conn->xprt_ctx);
conn->xprt_ctx = NULL;
if (may_retry--) {
@@ -8805,7 +8806,8 @@
#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT &&
!defined OPENSSL_IS_BORINGSSL && !defined LIBRESSL_VERSION_NUMBER)
sctl_ex_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL,
ssl_sock_sctl_free_func);
#endif
- ssl_capture_ptr_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL,
ssl_sock_capture_free_func);
+ ssl_app_data_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
+ ssl_capture_ptr_index = SSL_get_ex_new_index(0, NULL, NULL, NULL,
ssl_sock_capture_free_func);
sample_register_fetches(&sample_fetch_keywords);
acl_register_keywords(&acl_kws);
bind_register_keywords(&bind_kws);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/src/stick_table.c
new/haproxy-1.8.10~git0.ec17d7a9/src/stick_table.c
--- old/haproxy-1.8.9~git9.6d82e611/src/stick_table.c 2018-05-23
20:02:04.000000000 +0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/src/stick_table.c 2018-06-22
15:58:22.000000000 +0200
@@ -873,6 +873,7 @@
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = !!ts;
smp->flags = SMP_F_VOL_TEST;
+ stktable_release(t, ts);
return 1;
}
@@ -905,12 +906,12 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_BYTES_IN_RATE);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint =
read_freq_ctr_period(&stktable_data_cast(ptr, bytes_in_rate),
+
t->data_arg[STKTABLE_DT_BYTES_IN_RATE].u);
- smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr,
bytes_in_rate),
-
t->data_arg[STKTABLE_DT_BYTES_IN_RATE].u);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -942,11 +943,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_CONN_CNT);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, conn_cnt);
- smp->data.u.sint = stktable_data_cast(ptr, conn_cnt);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -978,11 +979,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_CONN_CUR);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, conn_cur);
- smp->data.u.sint = stktable_data_cast(ptr, conn_cur);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1014,12 +1015,12 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_CONN_RATE);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint =
read_freq_ctr_period(&stktable_data_cast(ptr, conn_rate),
+
t->data_arg[STKTABLE_DT_CONN_RATE].u);
- smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr,
conn_rate),
-
t->data_arg[STKTABLE_DT_CONN_RATE].u);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1051,12 +1052,12 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_BYTES_OUT_RATE);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint =
read_freq_ctr_period(&stktable_data_cast(ptr, bytes_out_rate),
+
t->data_arg[STKTABLE_DT_BYTES_OUT_RATE].u);
- smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr,
bytes_out_rate),
-
t->data_arg[STKTABLE_DT_BYTES_OUT_RATE].u);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1088,11 +1089,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_GPT0);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, gpt0);
- smp->data.u.sint = stktable_data_cast(ptr, gpt0);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1124,11 +1125,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_GPC0);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, gpc0);
- smp->data.u.sint = stktable_data_cast(ptr, gpc0);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1160,12 +1161,12 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_GPC0_RATE);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint =
read_freq_ctr_period(&stktable_data_cast(ptr, gpc0_rate),
+
t->data_arg[STKTABLE_DT_GPC0_RATE].u);
- smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr,
gpc0_rate),
-
t->data_arg[STKTABLE_DT_GPC0_RATE].u);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1197,11 +1198,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_HTTP_ERR_CNT);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, http_err_cnt);
- smp->data.u.sint = stktable_data_cast(ptr, http_err_cnt);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1233,12 +1234,12 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_HTTP_ERR_RATE);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint =
read_freq_ctr_period(&stktable_data_cast(ptr, http_err_rate),
+
t->data_arg[STKTABLE_DT_HTTP_ERR_RATE].u);
- smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr,
http_err_rate),
-
t->data_arg[STKTABLE_DT_HTTP_ERR_RATE].u);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1270,11 +1271,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_HTTP_REQ_CNT);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, http_req_cnt);
- smp->data.u.sint = stktable_data_cast(ptr, http_req_cnt);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1306,12 +1307,12 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_HTTP_REQ_RATE);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint =
read_freq_ctr_period(&stktable_data_cast(ptr, http_req_rate),
+
t->data_arg[STKTABLE_DT_HTTP_REQ_RATE].u);
- smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr,
http_req_rate),
-
t->data_arg[STKTABLE_DT_HTTP_REQ_RATE].u);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1343,11 +1344,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_BYTES_IN_CNT);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, bytes_in_cnt) >> 10;
- smp->data.u.sint = stktable_data_cast(ptr, bytes_in_cnt) >> 10;
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1379,11 +1380,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_BYTES_OUT_CNT);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, bytes_out_cnt) >> 10;
- smp->data.u.sint = stktable_data_cast(ptr, bytes_out_cnt) >> 10;
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1415,11 +1416,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_SERVER_ID);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, server_id);
- smp->data.u.sint = stktable_data_cast(ptr, server_id);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1451,11 +1452,11 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_SESS_CNT);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint = stktable_data_cast(ptr, sess_cnt);
- smp->data.u.sint = stktable_data_cast(ptr, sess_cnt);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1487,12 +1488,12 @@
return 1;
ptr = stktable_data_ptr(t, ts, STKTABLE_DT_SESS_RATE);
- if (!ptr)
- return 0; /* parameter not stored */
+ if (ptr)
+ smp->data.u.sint =
read_freq_ctr_period(&stktable_data_cast(ptr, sess_rate),
+
t->data_arg[STKTABLE_DT_SESS_RATE].u);
- smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr,
sess_rate),
-
t->data_arg[STKTABLE_DT_SESS_RATE].u);
- return 1;
+ stktable_release(t, ts);
+ return !!ptr;
}
/* Casts sample <smp> to the type of the table specified in arg(0), and looks
@@ -1522,6 +1523,7 @@
if (ts)
smp->data.u.sint = ts->ref_cnt;
+ stktable_release(t, ts);
return 1;
}
