소스 검색

haproxy: update to 1.5.12

[RELEASE] Released version 1.5.12

    Released version 1.5.12 with the following main changes :
        - BUG/MINOR: ssl: Display correct filename in error message
        - DOC: Fix L4TOUT typo in documentation
        - BUG/MEDIUM: Do not consider an agent check as failed on L7 error
        - BUG/MINOR: pattern: error message missing
        - BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
        - BUG/MEDIUM: buffer: one byte miss in buffer free space check
        - BUG/MAJOR: http: don't read past buffer's end in http_replace_value
        - BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax
        - BUG/MEDIUM: peers: correctly configure the client timeout
        - BUG/MINOR: compression: consider the expansion factor in init
        - BUG/MEDIUM: http: hdr_cnt would not count any header when called without name
        - BUG/MEDIUM: listener: don't report an error when resuming unbound listeners
        - BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
        - BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified
        - BUG/MEDIUM: http: remove content-length from chunked messages
        - DOC: http: update the comments about the rules for determining transfer-length
        - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
        - BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
        - BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
        - MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230
        - MEDIUM: http: add option-ignore-probes to get rid of the floods of 408
        - BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies
        - MINOR: stick-table: don't attach to peers in stopped state
        - MEDIUM: config: initialize stick-tables after peers, not before
        - MEDIUM: peers: add the ability to disable a peers section
        - DOC: document option http-ignore-probes
        - DOC: fix the comments about the meaning of msg->sol in HTTP
        - BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body
        - BUG/MAJOR: http: prevent risk of reading past end with balance url_param
        - DOC: update the doc on the proxy protocol

Signed-off-by: heil <heil@terminal-consulting.de>
heil 9 년 전
부모
커밋
26d577ac26

+ 3
- 3
net/haproxy/Makefile 파일 보기

@@ -9,12 +9,12 @@
9 9
 include $(TOPDIR)/rules.mk
10 10
 
11 11
 PKG_NAME:=haproxy
12
-PKG_VERSION:=1.5.11
13
-PKG_RELEASE:=10
12
+PKG_VERSION:=1.5.12
13
+PKG_RELEASE:=01
14 14
 PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
15 15
 PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
16 16
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
17
-PKG_MD5SUM:=5500a79d0d2b238d4a1e9749bd0c2cb2
17
+PKG_MD5SUM:=4b94b257f16d88c315716b062b22e48a
18 18
 PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
19 19
 PKG_LICENSE:=GPL-2.0
20 20
 

+ 0
- 29
net/haproxy/patches/0001-BUG-MINOR-pattern-error-message-missing.patch 파일 보기

@@ -1,30 +0,0 @@
1
-From e338a8741983acc9a4501a03ecd593d89e6fade3 Mon Sep 17 00:00:00 2001
2
-From: Thierry FOURNIER <tfournier@exceliance.fr>
3
-Date: Fri, 6 Feb 2015 17:50:55 +0100
4
-Subject: [PATCH 1/2] BUG/MINOR: pattern: error message missing
5
-
6
-This patch must be backported in 1.5 version.
7
-(cherry picked from commit 8aa8384e22dd0b66ded00c70a9c6034278b4bb69)
8
----
9
- src/pattern.c | 4 +++-
10
- 1 file changed, 3 insertions(+), 1 deletion(-)
11
-
12
-diff --git a/src/pattern.c b/src/pattern.c
13
-index 208e33a..a6fc52d 100644
14
---- a/src/pattern.c
15
-+++ b/src/pattern.c
16
-@@ -989,8 +989,10 @@ int pat_idx_list_ptr(struct pattern_expr *expr, struct pattern *pat, char **err)
17
- 
18
- 	/* allocate pattern */
19
- 	patl = calloc(1, sizeof(*patl));
20
--	if (!patl)
21
-+	if (!patl) {
22
-+		memprintf(err, "out of memory while indexing pattern");
23
- 		return 0;
24
-+	}
25
- 
26
- 	/* duplicate pattern */
27
- 	memcpy(&patl->pat, pat, sizeof(*pat));
28
-2.0.4
29
-

+ 0
- 37
net/haproxy/patches/0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch 파일 보기

@@ -1,38 +0,0 @@
1
-From 623401b983185c1e0f6507e96557de3bc46fd41b Mon Sep 17 00:00:00 2001
2
-From: Thierry FOURNIER <tfournier@exceliance.fr>
3
-Date: Fri, 6 Feb 2015 17:53:54 +0100
4
-Subject: [PATCH 2/2] BUG/MEDIUM: pattern: some entries are not deleted with
5
- case insensitive match
6
-
7
-ACL or map entries are not deleted with the command "del acl" or "del map"
8
-if the case insentive flag is set.
9
-
10
-This is because the the case insensitive string are stored in a list and the
11
-default delete function associated with string looks in a tree. I add a check
12
-of the case insensitive flag and execute the delete function for lists if it
13
-is set.
14
-
15
-This patch must be backported in 1.5 version.
16
-(cherry picked from commit 73bc285be194f443dc7eab9c949e87e1dbe8f70c)
17
----
18
- src/pattern.c | 4 ++++
19
- 1 file changed, 4 insertions(+)
20
-
21
-diff --git a/src/pattern.c b/src/pattern.c
22
-index a6fc52d..b19ffe2 100644
23
---- a/src/pattern.c
24
-+++ b/src/pattern.c
25
-@@ -1308,6 +1308,10 @@ void pat_del_tree_str(struct pattern_expr *expr, struct pat_ref_elt *ref)
26
- 	struct ebmb_node *node, *next_node;
27
- 	struct pattern_tree *elt;
28
- 
29
-+	/* If the flag PAT_F_IGNORE_CASE is set, we cannot use trees */
30
-+	if (expr->mflags & PAT_MF_IGNORE_CASE)
31
-+		return pat_del_list_ptr(expr, ref);
32
-+
33
- 	/* browse each node of the tree. */
34
- 	for (node = ebmb_first(&expr->pattern_tree), next_node = node ? ebmb_next(node) : NULL;
35
- 	     node;
36
-2.0.4
37
-

+ 0
- 42
net/haproxy/patches/0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch 파일 보기

@@ -1,43 +0,0 @@
1
-From bfb8f885955efa1ef90f79595f16a01e30fd0dcf Mon Sep 17 00:00:00 2001
2
-From: Simon Horman <horms@verge.net.au>
3
-Date: Thu, 26 Feb 2015 11:26:17 +0900
4
-Subject: [PATCH 3/9] BUG/MEDIUM: Do not consider an agent check as failed on
5
- L7 error
6
-
7
-As failure to connect to the agent check is not sufficient to mark it as
8
-failed it stands to reason that an L7 error shouldn't either.
9
-
10
-Without this fix if an L7 error occurs, for example of connectivity to the
11
-agent is lost immediately after establishing a connection to it, then the
12
-agent check will be considered to have failed and thus may end up with zero
13
-health. Once this has occurred if the primary health check also reaches
14
-zero health, which is likely if connectivity to the server is lost, then
15
-the server will be marked as down and not be marked as up again until a
16
-successful agent check occurs regardless of the success of any primary
17
-health checks.
18
-
19
-This behaviour is not correct as a failed agent check should never cause a
20
-server to be marked as down or by extension continue to be marked as down.
21
-
22
-Signed-off-by: Simon Horman <horms@verge.net.au>
23
-(cherry picked from commit eaabd52e29a29187f9829fe727028a6ca530cbf9)
24
----
25
- src/checks.c | 2 +-
26
- 1 file changed, 1 insertion(+), 1 deletion(-)
27
-
28
-diff --git a/src/checks.c b/src/checks.c
29
-index b9048da..71debb6 100644
30
---- a/src/checks.c
31
-+++ b/src/checks.c
32
-@@ -246,7 +246,7 @@ static void set_server_check_status(struct check *check, short status, const cha
33
- 		 * cause the server to be marked down.
34
- 		 */
35
- 		if ((!(check->state & CHK_ST_AGENT) ||
36
--		    (check->status >= HCHK_STATUS_L7TOUT)) &&
37
-+		    (check->status >= HCHK_STATUS_L57DATA)) &&
38
- 		    (check->health >= check->rise)) {
39
- 			s->counters.failed_checks++;
40
- 			report = 1;
41
-2.0.5
42
-

+ 0
- 32
net/haproxy/patches/0004-BUG-MEDIUM-peers-correctly-configure-the-client-time.patch 파일 보기

@@ -1,33 +0,0 @@
1
-From fc940eb2bf0bbd7adf5b283f28bcff136501ae7f Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Fri, 13 Mar 2015 16:18:25 +0100
4
-Subject: [PATCH 4/9] BUG/MEDIUM: peers: correctly configure the client timeout
5
-
6
-The peers frontend timeout was mistakenly set on timeout.connect instead
7
-of timeout.client, resulting in no timeout being applied to the peers
8
-connections. The impact is just that peers can establish connections and
9
-remain connected until they speak. Once they start speaking, only one of
10
-them will still be accepted, and old sessions will be killed, so the
11
-problem is limited. This fix should however be backported to 1.5 since
12
-it was introduced in 1.5-dev3 with peers.
13
-(cherry picked from commit 9ff95bb18c4cd9ae747fa5b3bef6d3f94e54172f)
14
----
15
- src/cfgparse.c | 2 +-
16
- 1 file changed, 1 insertion(+), 1 deletion(-)
17
-
18
-diff --git a/src/cfgparse.c b/src/cfgparse.c
19
-index a91e027..b7613b8 100644
20
---- a/src/cfgparse.c
21
-+++ b/src/cfgparse.c
22
-@@ -1834,7 +1834,7 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
23
- 				curpeers->peers_fe->cap = PR_CAP_FE;
24
- 				curpeers->peers_fe->maxconn = 0;
25
- 				curpeers->peers_fe->conn_retries = CONN_RETRIES;
26
--				curpeers->peers_fe->timeout.connect = 5000;
27
-+				curpeers->peers_fe->timeout.client = MS_TO_TICKS(5000);
28
- 				curpeers->peers_fe->accept = peer_accept;
29
- 				curpeers->peers_fe->options2 |= PR_O2_INDEPSTR | PR_O2_SMARTCON | PR_O2_SMARTACC;
30
- 				curpeers->peers_fe->conf.args.file = curpeers->peers_fe->conf.file = strdup(file);
31
-2.0.5
32
-

+ 0
- 29
net/haproxy/patches/0005-BUG-MEDIUM-buffer-one-byte-miss-in-buffer-free-space.patch 파일 보기

@@ -1,30 +0,0 @@
1
-From b92902814f796bb1dc24bab2179000caceb5b151 Mon Sep 17 00:00:00 2001
2
-From: Thierry FOURNIER <tfournier@exceliance.fr>
3
-Date: Tue, 10 Mar 2015 01:55:01 +0100
4
-Subject: [PATCH 5/9] BUG/MEDIUM: buffer: one byte miss in buffer free space
5
- check
6
-
7
-Space is not avalaible only if the end of the data inserted
8
-is strictly greater than the end of buffer. If these two value
9
-are equal, the space is avamaible.
10
-(cherry picked from commit fdda6777bffb4f933569c609ba54e24ea5eabf29)
11
----
12
- src/buffer.c | 2 +-
13
- 1 file changed, 1 insertion(+), 1 deletion(-)
14
-
15
-diff --git a/src/buffer.c b/src/buffer.c
16
-index 9037dd3..8d2644e 100644
17
---- a/src/buffer.c
18
-+++ b/src/buffer.c
19
-@@ -46,7 +46,7 @@ int buffer_replace2(struct buffer *b, char *pos, char *end, const char *str, int
20
- 
21
- 	delta = len - (end - pos);
22
- 
23
--	if (bi_end(b) + delta >= b->data + b->size)
24
-+	if (bi_end(b) + delta > b->data + b->size)
25
- 		return 0;  /* no space left */
26
- 
27
- 	if (buffer_not_empty(b) &&
28
-2.0.5
29
-

+ 0
- 51
net/haproxy/patches/0006-BUG-MAJOR-http-don-t-read-past-buffer-s-end-in-http_.patch 파일 보기

@@ -1,52 +0,0 @@
1
-From 8e05ac2044c6523c867ceaaae1f10486370eec89 Mon Sep 17 00:00:00 2001
2
-From: Thierry FOURNIER <tfournier@haproxy.com>
3
-Date: Mon, 16 Mar 2015 11:14:41 +0100
4
-Subject: [PATCH 6/9] BUG/MAJOR: http: don't read past buffer's end in
5
- http_replace_value
6
-
7
-The function http_replace_value use bad variable to detect the end
8
-of the input string.
9
-
10
-Regression introduced by the patch "MEDIUM: regex: Remove null
11
-terminated strings." (c9c2daf2)
12
-
13
-We need to backport this patch int the 1.5 stable branch.
14
-
15
-WT: there is no possibility to overwrite existing data as we only read
16
-    past the end of the request buffer, to copy into the trash. The copy
17
-    is bounded by buffer_replace2(), just like the replacement performed
18
-    by exp_replace(). However if a buffer happens to contain non-zero data
19
-    up to the next unmapped page boundary, there's a theorical risk of
20
-    crashing the process despite this not being reproducible in tests.
21
-    The risk is low because "http-request replace-value" did not work due
22
-    to this bug so that probably means it's not used yet.
23
-(cherry picked from commit 534101658d6e19aeb598bf7833a8ce167498c4ed)
24
----
25
- src/proto_http.c | 4 ++--
26
- 1 file changed, 2 insertions(+), 2 deletions(-)
27
-
28
-diff --git a/src/proto_http.c b/src/proto_http.c
29
-index 705f3b4..f53b5e2 100644
30
---- a/src/proto_http.c
31
-+++ b/src/proto_http.c
32
-@@ -3206,7 +3206,7 @@ static int http_replace_value(struct my_regex *re, char *dst, uint dst_size, cha
33
- 
34
- 		/* look for delim. */
35
- 		p_delim = p;
36
--		while (p_delim < p + len && *p_delim != delim)
37
-+		while (p_delim < val + len && *p_delim != delim)
38
- 			p_delim++;
39
- 
40
- 		if (regex_exec_match2(re, p, p_delim-p, MAX_MATCH, pmatch)) {
41
-@@ -3230,7 +3230,7 @@ static int http_replace_value(struct my_regex *re, char *dst, uint dst_size, cha
42
- 			return -1;
43
- 
44
- 		/* end of the replacements. */
45
--		if (p_delim >= p + len)
46
-+		if (p_delim >= val + len)
47
- 			break;
48
- 
49
- 		/* Next part. */
50
-2.0.5
51
-

+ 0
- 170
net/haproxy/patches/0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch 파일 보기

@@ -1,171 +0,0 @@
1
-From 06170c50ae5cd0fb23510b832826f7e63a5a8894 Mon Sep 17 00:00:00 2001
2
-From: Thierry FOURNIER <tfournier@haproxy.com>
3
-Date: Mon, 16 Mar 2015 23:23:53 +0100
4
-Subject: [PATCH 7/9] BUG/MEDIUM: http: the function "(req|res)-replace-value"
5
- doesn't respect the HTTP syntax
6
-
7
-These function used an invalid header parser.
8
- - The trailing white-spaces were embedded in the replacement regex,
9
- - The double-quote (") containing comma (,) were not respected.
10
-
11
-This patch replace this parser by the "official" parser http_find_header2().
12
-(cherry picked from commit 191f9efdc58f21af1d9dde3db5ba198d7f1ce22e)
13
----
14
- src/proto_http.c | 126 +++++++++++++++----------------------------------------
15
- 1 file changed, 34 insertions(+), 92 deletions(-)
16
-
17
-diff --git a/src/proto_http.c b/src/proto_http.c
18
-index f53b5e2..c49c4f4 100644
19
---- a/src/proto_http.c
20
-+++ b/src/proto_http.c
21
-@@ -3179,113 +3179,55 @@ static inline void inet_set_tos(int fd, struct sockaddr_storage from, int tos)
22
- #endif
23
- }
24
- 
25
--/* Returns the number of characters written to destination,
26
-- * -1 on internal error and -2 if no replacement took place.
27
-- */
28
--static int http_replace_header(struct my_regex *re, char *dst, uint dst_size, char *val, int len,
29
--                               const char *rep_str)
30
--{
31
--	if (!regex_exec_match2(re, val, len, MAX_MATCH, pmatch))
32
--		return -2;
33
--
34
--	return exp_replace(dst, dst_size, val, rep_str, pmatch);
35
--}
36
--
37
--/* Returns the number of characters written to destination,
38
-- * -1 on internal error and -2 if no replacement took place.
39
-- */
40
--static int http_replace_value(struct my_regex *re, char *dst, uint dst_size, char *val, int len, char delim,
41
--                              const char *rep_str)
42
--{
43
--	char* p = val;
44
--	char* dst_end = dst + dst_size;
45
--	char* dst_p = dst;
46
--
47
--	for (;;) {
48
--		char *p_delim;
49
--
50
--		/* look for delim. */
51
--		p_delim = p;
52
--		while (p_delim < val + len && *p_delim != delim)
53
--			p_delim++;
54
--
55
--		if (regex_exec_match2(re, p, p_delim-p, MAX_MATCH, pmatch)) {
56
--			int replace_n = exp_replace(dst_p, dst_end - dst_p, p, rep_str, pmatch);
57
--
58
--			if (replace_n < 0)
59
--				return -1;
60
--
61
--			dst_p += replace_n;
62
--		} else {
63
--			uint len = p_delim - p;
64
--
65
--			if (dst_p + len >= dst_end)
66
--				return -1;
67
--
68
--			memcpy(dst_p, p, len);
69
--			dst_p += len;
70
--		}
71
--
72
--		if (dst_p >= dst_end)
73
--			return -1;
74
--
75
--		/* end of the replacements. */
76
--		if (p_delim >= val + len)
77
--			break;
78
--
79
--		/* Next part. */
80
--		*dst_p++ = delim;
81
--		p = p_delim + 1;
82
--	}
83
--
84
--	return dst_p - dst;
85
--}
86
--
87
- static int http_transform_header(struct session* s, struct http_msg *msg, const char* name, uint name_len,
88
-                                  char* buf, struct hdr_idx* idx, struct list *fmt, struct my_regex *re,
89
-                                  struct hdr_ctx* ctx, int action)
90
- {
91
-+	int (*http_find_hdr_func)(const char *name, int len, char *sol,
92
-+	                          struct hdr_idx *idx, struct hdr_ctx *ctx);
93
-+	struct chunk *replace = get_trash_chunk();
94
-+	struct chunk *output = get_trash_chunk();
95
-+
96
-+	replace->len = build_logline(s, replace->str, replace->size, fmt);
97
-+	if (replace->len >= replace->size - 1)
98
-+		return -1;
99
-+
100
- 	ctx->idx = 0;
101
- 
102
--	while (http_find_full_header2(name, name_len, buf, idx, ctx)) {
103
-+	/* Choose the header browsing function. */
104
-+	switch (action) {
105
-+	case HTTP_REQ_ACT_REPLACE_VAL:
106
-+	case HTTP_RES_ACT_REPLACE_VAL:
107
-+		http_find_hdr_func = http_find_header2;
108
-+		break;
109
-+	case HTTP_REQ_ACT_REPLACE_HDR:
110
-+	case HTTP_RES_ACT_REPLACE_HDR:
111
-+		http_find_hdr_func = http_find_full_header2;
112
-+		break;
113
-+	default: /* impossible */
114
-+		return -1;
115
-+	}
116
-+
117
-+	while (http_find_hdr_func(name, name_len, buf, idx, ctx)) {
118
- 		struct hdr_idx_elem *hdr = idx->v + ctx->idx;
119
- 		int delta;
120
--		char* val = (char*)ctx->line + ctx->val;
121
--		char* val_end = (char*)ctx->line + hdr->len;
122
--		char* reg_dst_buf;
123
--		uint reg_dst_buf_size;
124
--		int n_replaced;
125
--
126
--		trash.len = build_logline(s, trash.str, trash.size, fmt);
127
--
128
--		if (trash.len >= trash.size - 1)
129
--			return -1;
130
-+		char *val = ctx->line + ctx->val;
131
-+		char* val_end = val + ctx->vlen;
132
- 
133
--		reg_dst_buf = trash.str + trash.len + 1;
134
--		reg_dst_buf_size = trash.size - trash.len - 1;
135
-+		if (!regex_exec_match2(re, val, val_end-val, MAX_MATCH, pmatch))
136
-+			continue;
137
- 
138
--		switch (action) {
139
--		case HTTP_REQ_ACT_REPLACE_VAL:
140
--		case HTTP_RES_ACT_REPLACE_VAL:
141
--			n_replaced = http_replace_value(re, reg_dst_buf, reg_dst_buf_size, val, val_end-val, ',', trash.str);
142
--			break;
143
--		case HTTP_REQ_ACT_REPLACE_HDR:
144
--		case HTTP_RES_ACT_REPLACE_HDR:
145
--			n_replaced = http_replace_header(re, reg_dst_buf, reg_dst_buf_size, val, val_end-val, trash.str);
146
--			break;
147
--		default: /* impossible */
148
-+		output->len = exp_replace(output->str, output->size, val, replace->str, pmatch);
149
-+		if (output->len == -1)
150
- 			return -1;
151
--		}
152
- 
153
--		switch (n_replaced) {
154
--		case -1: return -1;
155
--		case -2: continue;
156
--		}
157
--
158
--		delta = buffer_replace2(msg->chn->buf, val, val_end, reg_dst_buf, n_replaced);
159
-+		delta = buffer_replace2(msg->chn->buf, val, val_end, output->str, output->len);
160
- 
161
- 		hdr->len += delta;
162
- 		http_msg_move_end(msg, delta);
163
-+
164
-+		/* Adjust the length of the current value of the index. */
165
-+		ctx->vlen += delta;
166
- 	}
167
- 
168
- 	return 0;
169
-2.0.5
170
-

+ 0
- 42
net/haproxy/patches/0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch 파일 보기

@@ -1,43 +0,0 @@
1
-From 9b9531d90dfd8a334958d23394afafd0185bfa21 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Sat, 28 Mar 2015 12:20:33 +0100
4
-Subject: [PATCH 8/9] BUG/MINOR: compression: consider the expansion factor in
5
- init
6
-
7
-When checking if the buffer is large enough, we used to rely on a fixed
8
-size that was "apparently" enough. We need to consider the expansion
9
-factor of deflate-encoded streams instead, which is of 5 bytes per 32kB.
10
-The previous value was OK till 128kB buffers but became wrong past that.
11
-It's totally harmless since we always keep the reserve when compressiong,
12
-so there's 1kB or so available, which is enough for buffers as large as
13
-6.5 MB, but better fix the check anyway.
14
-
15
-This fix could be backported into 1.5 since compression was added there.
16
-(cherry picked from commit 2aee2215c908c6997addcd1714b5b10f73c0703d)
17
----
18
- src/compression.c | 9 ++++++---
19
- 1 file changed, 6 insertions(+), 3 deletions(-)
20
-
21
-diff --git a/src/compression.c b/src/compression.c
22
-index 3d6085e..d55f14e 100644
23
---- a/src/compression.c
24
-+++ b/src/compression.c
25
-@@ -130,9 +130,12 @@ int http_compression_buffer_init(struct session *s, struct buffer *in, struct bu
26
- {
27
- 	int left;
28
- 
29
--	/* not enough space */
30
--	if (in->size - buffer_len(in) < 40)
31
--	    return -1;
32
-+	/* output stream requires at least 10 bytes for the gzip header, plus
33
-+	 * at least 8 bytes for the gzip trailer (crc+len), plus a possible
34
-+	 * plus at most 5 bytes per 32kB block and 2 bytes to close the stream.
35
-+	 */
36
-+	if (in->size - buffer_len(in) < 20 + 5 * ((in->i + 32767) >> 15))
37
-+		return -1;
38
- 
39
- 	/* We start by copying the current buffer's pending outgoing data into
40
- 	 * a new temporary buffer that we initialize with a new empty chunk.
41
-2.0.5
42
-

+ 0
- 69
net/haproxy/patches/0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch 파일 보기

@@ -1,70 +0,0 @@
1
-From 2943734024525d4b9aeec13cca2c1d230c358ee5 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Wed, 1 Apr 2015 19:16:09 +0200
4
-Subject: [PATCH 9/9] BUG/MEDIUM: http: hdr_cnt would not count any header when
5
- called without name
6
-
7
-It's documented that these sample fetch functions should count all headers
8
-and/or all values when called with no name but in practice it's not what is
9
-being done as a missing name causes an immediate return and an absence of
10
-result.
11
-
12
-This bug is present in 1.5 as well and must be backported.
13
-(cherry picked from commit 601a4d1741100d7a861b6d9b66561335c9911277)
14
----
15
- src/proto_http.c | 20 ++++++++++++++------
16
- 1 file changed, 14 insertions(+), 6 deletions(-)
17
-
18
-diff --git a/src/proto_http.c b/src/proto_http.c
19
-index c49c4f4..ccd52ad 100644
20
---- a/src/proto_http.c
21
-+++ b/src/proto_http.c
22
-@@ -10014,15 +10014,19 @@ smp_fetch_fhdr_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int
23
- 	struct hdr_ctx ctx;
24
- 	const struct http_msg *msg = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ) ? &txn->req : &txn->rsp;
25
- 	int cnt;
26
-+	const char *name = NULL;
27
-+	int len = 0;
28
- 
29
--	if (!args || args->type != ARGT_STR)
30
--		return 0;
31
-+	if (args && args->type == ARGT_STR) {
32
-+		name = args->data.str.str;
33
-+		len = args->data.str.len;
34
-+	}
35
- 
36
- 	CHECK_HTTP_MESSAGE_FIRST();
37
- 
38
- 	ctx.idx = 0;
39
- 	cnt = 0;
40
--	while (http_find_full_header2(args->data.str.str, args->data.str.len, msg->chn->buf->p, idx, &ctx))
41
-+	while (http_find_full_header2(name, len, msg->chn->buf->p, idx, &ctx))
42
- 		cnt++;
43
- 
44
- 	smp->type = SMP_T_UINT;
45
-@@ -10101,15 +10105,19 @@ smp_fetch_hdr_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int o
46
- 	struct hdr_ctx ctx;
47
- 	const struct http_msg *msg = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ) ? &txn->req : &txn->rsp;
48
- 	int cnt;
49
-+	const char *name = NULL;
50
-+	int len = 0;
51
- 
52
--	if (!args || args->type != ARGT_STR)
53
--		return 0;
54
-+	if (args && args->type == ARGT_STR) {
55
-+		name = args->data.str.str;
56
-+		len = args->data.str.len;
57
-+	}
58
- 
59
- 	CHECK_HTTP_MESSAGE_FIRST();
60
- 
61
- 	ctx.idx = 0;
62
- 	cnt = 0;
63
--	while (http_find_header2(args->data.str.str, args->data.str.len, msg->chn->buf->p, idx, &ctx))
64
-+	while (http_find_header2(name, len, msg->chn->buf->p, idx, &ctx))
65
- 		cnt++;
66
- 
67
- 	smp->type = SMP_T_UINT;
68
-2.0.5
69
-