subject:"Log format with odd number of quotes. Bug or conf error\?"

Re: Log format with odd number of quotes. Bug or conf error?

2014-03-18 Thread Thierry FOURNIER

The patch is integrated in the current dev version.

Thierry

On Tue, 11 Mar 2014 11:39:15 +0100
William Lallemand wlallem...@irq6.net wrote:

 On Mon, 10 Mar 2014 17:30:27 -0400
 Julien Vehent jul...@linuxwall.info wrote:
 
  Thanks Thierry ! It is trivial indeed, but like you I was concerned 
  about triggering another issue by removing it...
  
  What about the second issue I'm seeing? Should request/response headers 
  be completely absent from the logs when empty? And is there a way to 
  force a  or - sign when they are empty, to play nice with log parsers?
  
  Thanks,
  Julien
  
 
 It's a bug, indeed, and thierry's patch is the right way to fix it.
 
 
 -- 
 William Lallemand

Re: Log format with odd number of quotes. Bug or conf error?

2014-03-11 Thread William Lallemand

On Mon, 10 Mar 2014 17:30:27 -0400
Julien Vehent jul...@linuxwall.info wrote:

 Thanks Thierry ! It is trivial indeed, but like you I was concerned 
 about triggering another issue by removing it...
 
 What about the second issue I'm seeing? Should request/response headers 
 be completely absent from the logs when empty? And is there a way to 
 force a  or - sign when they are empty, to play nice with log parsers?
 
 Thanks,
 Julien
 

It's a bug, indeed, and thierry's patch is the right way to fix it.


-- 
William Lallemand

Re: Log format with odd number of quotes. Bug or conf error?

2014-03-10 Thread Thierry FOURNIER

Hi Julien,

You're right, this is a bug. I can reproduce it with the joined
configuration and a simple http request:

   curl 'http://127.0.0.1:10001/'

The fix seems simple, but I can submit myself in the case of this hide
another bug. I'm CCing William.

Thierry



On Fri, 07 Mar 2014 09:34:18 -0500
Julien Vehent jul...@linuxwall.info wrote:

 Hi all,
 
 I am seeing a missing quote in the custom log format I am using:
 
  log-format [%pid]\ [%Ts.%ms]\ %ac/%fc/%bc/%bq/%sc/%sq/%rc\ 
 %Tq/%Tw/%Tc/%Tr/%Tt\ %tsc\ %ci:%cp\ %fi:%fp\ %si:%sp\ %ft\ %sslc\ %sslv\ 
 %{+Q}r\ %ST\ %b:%s\ %ID\ %{+Q}CC\ %{+Q}hr\ %{+Q}CS\ %{+Q}hs\ %B\ bytes
 
 Below is a log entry:
 
  [10247] [1394200885.571] 1/1/0/0/1/0/0 94/0/0/3/98  
 2.1.17.7:52282 10.151.122.228:443 127.0.0.1:8000 fxa-https~ 
 ECDHE-RSA-AES128-SHA TLSv1.2 GET / HTTP/1.1 200 fxa-nodejs:nodejs1 
 485B7525:CC3A_0A977AE4:01BB_5319D135_0004:2807  {|Mozilla/5.0 (X11; 
 Linux x86_64; rv:25.0) Gecko/20100101 Firefox/}  705 bytes
 
 The issue is at the end of the captured user-agent:
 
  Firefox/}  705 bytes
   ^^ ^^
   67 89
 
 6 is the closing quote of the captured request headers, but 7 is there 
 too when it shouldn't be.
 
 I took a look at the code, and while I don't pretend to understand its 
 intricacies, this function seems to log the quote character twice at the 
 end of the captured request headers. But it hasn't been touched since 
 2012, so I can't imagine it causes my issue.
 
 file src/log.c
 1402 case LOG_FMT_HDRREQUEST: // %hr
 ..
 1420 if (tmp-options  
 LOG_OPT_QUOTE)
 1421 LOGCHAR('');
 1422 last_isspace = 0;
 1423 if (tmp-options  
 LOG_OPT_QUOTE)
 1424 LOGCHAR('');
 
 
 Another issue: 8  9 enclose the response cookies, but I'm missing 
 another pair of quotes that should enclose the response headers. I tried 
 the same log format without the quoting, and should now have two dashes 
 '-' in place of the quotes, but I only see one:
 
 log format:
  ... %ID\ %CC\ %hr\ %CS\ %hs\ %B\ bytes
 
 log line:
   ... Firefox/} - 705 bytes
 
 Are the missing dash/quotes expected? If so, can I enforce it somehow?
 
 Thanks for the help
 - Julien
 
 
 ---
 $ /opt/haproxy -vv
 HA-Proxy version 1.5-dev22-1a34d57 2014/02/03
 Copyright 2000-2014 Willy Tarreau w...@1wt.eu
 
 Build options :
TARGET  = linux2628
CPU = generic
CC  = gcc
CFLAGS  = -O2 -g -fno-strict-aliasing
OPTIONS = USE_OPENSSL=1
 
 Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 
 200
 
 Encrypted password support via crypt(3): yes
 Built without zlib support (USE_ZLIB not set)
 Compression algorithms supported : identity
 Built with OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
 Running on OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
 OpenSSL library supports TLS extensions : yes
 OpenSSL library supports SNI : yes
 OpenSSL library supports prefer-server-ciphers : yes
 Built without PCRE support (using libc's regex instead)
 Built with transparent proxy support using: IP_TRANSPARENT 
 IPV6_TRANSPARENT IP_FREEBIND
 
 Available polling systems :
epoll : pref=300,  test result OK
 poll : pref=200,  test result OK
   select : pref=150,  test result OK
 Total: 3 (3 usable), will use epoll.
 
diff --git a/src/log.c b/src/log.c
index 046294e..3ab40f9 100644
--- a/src/log.c
+++ b/src/log.c
@@ -1420,8 +1420,6 @@ int build_logline(struct session *s, char *dst, size_t maxsize, struct list *lis
 	if (tmp-options  LOG_OPT_QUOTE)
 		LOGCHAR('');
 	last_isspace = 0;
-	if (tmp-options  LOG_OPT_QUOTE)
-		LOGCHAR('');
 }
 break;
 


haproxy.test.conf
Description: Binary data

Re: Log format with odd number of quotes. Bug or conf error?

2014-03-10 Thread Julien Vehent

Thanks Thierry ! It is trivial indeed, but like you I was concerned 
about triggering another issue by removing it...


What about the second issue I'm seeing? Should request/response headers 
be completely absent from the logs when empty? And is there a way to 
force a  or - sign when they are empty, to play nice with log parsers?


Thanks,
Julien

On 2014-03-10 16:56, Thierry FOURNIER wrote:

Hi Julien,

You're right, this is a bug. I can reproduce it with the joined
configuration and a simple http request:

   curl 'http://127.0.0.1:10001/'

The fix seems simple, but I can submit myself in the case of this hide
another bug. I'm CCing William.

Thierry



On Fri, 07 Mar 2014 09:34:18 -0500
Julien Vehent jul...@linuxwall.info wrote:


Hi all,

I am seeing a missing quote in the custom log format I am using:

 log-format [%pid]\ [%Ts.%ms]\ %ac/%fc/%bc/%bq/%sc/%sq/%rc\
%Tq/%Tw/%Tc/%Tr/%Tt\ %tsc\ %ci:%cp\ %fi:%fp\ %si:%sp\ %ft\ %sslc\ 
%sslv\

%{+Q}r\ %ST\ %b:%s\ %ID\ %{+Q}CC\ %{+Q}hr\ %{+Q}CS\ %{+Q}hs\ %B\ bytes

Below is a log entry:

 [10247] [1394200885.571] 1/1/0/0/1/0/0 94/0/0/3/98 
2.1.17.7:52282 10.151.122.228:443 127.0.0.1:8000 fxa-https~
ECDHE-RSA-AES128-SHA TLSv1.2 GET / HTTP/1.1 200 fxa-nodejs:nodejs1
485B7525:CC3A_0A977AE4:01BB_5319D135_0004:2807  {|Mozilla/5.0 (X11;
Linux x86_64; rv:25.0) Gecko/20100101 Firefox/}  705 bytes

The issue is at the end of the captured user-agent:

 Firefox/}  705 bytes
  ^^ ^^
  67 89

6 is the closing quote of the captured request headers, but 7 is there
too when it shouldn't be.

I took a look at the code, and while I don't pretend to understand its
intricacies, this function seems to log the quote character twice at 
the

end of the captured request headers. But it hasn't been touched since
2012, so I can't imagine it causes my issue.

file src/log.c
1402 case LOG_FMT_HDRREQUEST: // %hr
..
1420 if (tmp-options 
LOG_OPT_QUOTE)
1421 LOGCHAR('');
1422 last_isspace = 0;
1423 if (tmp-options 
LOG_OPT_QUOTE)
1424 LOGCHAR('');


Another issue: 8  9 enclose the response cookies, but I'm missing
another pair of quotes that should enclose the response headers. I 
tried
the same log format without the quoting, and should now have two 
dashes

'-' in place of the quotes, but I only see one:

log format:
 ... %ID\ %CC\ %hr\ %CS\ %hs\ %B\ bytes

log line:
  ... Firefox/} - 705 bytes

Are the missing dash/quotes expected? If so, can I enforce it somehow?

Thanks for the help
- Julien


---
$ /opt/haproxy -vv
HA-Proxy version 1.5-dev22-1a34d57 2014/02/03
Copyright 2000-2014 Willy Tarreau w...@1wt.eu

Build options :
   TARGET  = linux2628
   CPU = generic
   CC  = gcc
   CFLAGS  = -O2 -g -fno-strict-aliasing
   OPTIONS = USE_OPENSSL=1

Default settings :
   maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents =
200

Encrypted password support via crypt(3): yes
Built without zlib support (USE_ZLIB not set)
Compression algorithms supported : identity
Built with OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
Running on OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built without PCRE support (using libc's regex instead)
Built with transparent proxy support using: IP_TRANSPARENT
IPV6_TRANSPARENT IP_FREEBIND

Available polling systems :
   epoll : pref=300,  test result OK
poll : pref=200,  test result OK
  select : pref=150,  test result OK
Total: 3 (3 usable), will use epoll.

Log format with odd number of quotes. Bug or conf error?

2014-03-07 Thread Julien Vehent


Hi all,

I am seeing a missing quote in the custom log format I am using:

log-format [%pid]\ [%Ts.%ms]\ %ac/%fc/%bc/%bq/%sc/%sq/%rc\ 
%Tq/%Tw/%Tc/%Tr/%Tt\ %tsc\ %ci:%cp\ %fi:%fp\ %si:%sp\ %ft\ %sslc\ %sslv\ 
%{+Q}r\ %ST\ %b:%s\ %ID\ %{+Q}CC\ %{+Q}hr\ %{+Q}CS\ %{+Q}hs\ %B\ bytes


Below is a log entry:

[10247] [1394200885.571] 1/1/0/0/1/0/0 94/0/0/3/98  
2.1.17.7:52282 10.151.122.228:443 127.0.0.1:8000 fxa-https~ 
ECDHE-RSA-AES128-SHA TLSv1.2 GET / HTTP/1.1 200 fxa-nodejs:nodejs1 
485B7525:CC3A_0A977AE4:01BB_5319D135_0004:2807  {|Mozilla/5.0 (X11; 
Linux x86_64; rv:25.0) Gecko/20100101 Firefox/}  705 bytes


The issue is at the end of the captured user-agent:

Firefox/}  705 bytes
 ^^ ^^
 67 89

6 is the closing quote of the captured request headers, but 7 is there 
too when it shouldn't be.


I took a look at the code, and while I don't pretend to understand its 
intricacies, this function seems to log the quote character twice at the 
end of the captured request headers. But it hasn't been touched since 
2012, so I can't imagine it causes my issue.


file src/log.c
1402 case LOG_FMT_HDRREQUEST: // %hr
..
1420 if (tmp-options  
LOG_OPT_QUOTE)

1421 LOGCHAR('');
1422 last_isspace = 0;
1423 if (tmp-options  
LOG_OPT_QUOTE)

1424 LOGCHAR('');


Another issue: 8  9 enclose the response cookies, but I'm missing 
another pair of quotes that should enclose the response headers. I tried 
the same log format without the quoting, and should now have two dashes 
'-' in place of the quotes, but I only see one:


log format:
... %ID\ %CC\ %hr\ %CS\ %hs\ %B\ bytes

log line:
 ... Firefox/} - 705 bytes

Are the missing dash/quotes expected? If so, can I enforce it somehow?

Thanks for the help
- Julien


---
$ /opt/haproxy -vv
HA-Proxy version 1.5-dev22-1a34d57 2014/02/03
Copyright 2000-2014 Willy Tarreau w...@1wt.eu

Build options :
  TARGET  = linux2628
  CPU = generic
  CC  = gcc
  CFLAGS  = -O2 -g -fno-strict-aliasing
  OPTIONS = USE_OPENSSL=1

Default settings :
  maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 
200


Encrypted password support via crypt(3): yes
Built without zlib support (USE_ZLIB not set)
Compression algorithms supported : identity
Built with OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
Running on OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built without PCRE support (using libc's regex instead)
Built with transparent proxy support using: IP_TRANSPARENT 
IPV6_TRANSPARENT IP_FREEBIND


Available polling systems :
  epoll : pref=300,  test result OK
   poll : pref=200,  test result OK
 select : pref=150,  test result OK
Total: 3 (3 usable), will use epoll.

Re: Log format with odd number of quotes. Bug or conf error?

Re: Log format with odd number of quotes. Bug or conf error?

Re: Log format with odd number of quotes. Bug or conf error?

Re: Log format with odd number of quotes. Bug or conf error?

Log format with odd number of quotes. Bug or conf error?

5 matches

Site Navigation

Mail list logo

Footer information