commit haproxy for openSUSE:Factory

3 Aug 2020

Hello community,

here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-08-03 14:12:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
 and      /work/SRC/openSUSE:Factory/.haproxy.new.3592 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "haproxy"

Mon Aug  3 14:12:25 2020 rev:90 rq:823717 version:2.2.2+git0.b8a2763d5

Changes:
--------

--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes	2020-07-26 16:17:30.532705313 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new.3592/haproxy.changes	2020-08-03 14:12:32.676328127 +0200
@@ -1,0 +2,22 @@
+Fri Jul 31 10:56:54 UTC 2020 - mrueckert@suse.de
+
+- Update to version 2.2.2+git0.b8a2763d5:
+  * [RELEASE] Released version 2.2.2
+  * BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
+  * BUG/MEDIUM: backend: always attach the transport before installing the mux
+  * SCRIPTS: announce-release: add the link to the wiki in the announce messages
+  * MINOR: stream-int: Be sure to have a mux to do sends and receives
+  * MINOR: connection: Preinstall the mux for non-ssl connect
+  * BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
+  * BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
+  * BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
+  * BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
+  * BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
+  * MEDIUM: lua: Add support for the Lua 5.4
+  * BUG/MAJOR: dns: don't treat Authority records as an error
+  * BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
+  * BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
+  * BUILD: tools: fix build with static only toolchains
+  * BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
+
+-------------------------------------------------------------------

Old:
----
  haproxy-2.2.1+git0.0ef71a557.tar.gz

New:
----
  haproxy-2.2.2+git0.b8a2763d5.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ haproxy.spec ++++++
--- /var/tmp/diff_new_pack.LDIKTz/_old	2020-08-03 14:12:33.728329182 +0200
+++ /var/tmp/diff_new_pack.LDIKTz/_new	2020-08-03 14:12:33.732329186 +0200
@@ -53,7 +53,7 @@
 %endif
 
 Name:           haproxy
-Version:        2.2.1+git0.0ef71a557
+Version:        2.2.2+git0.b8a2763d5
 Release:        0
 #
 #

++++++ _service ++++++
--- /var/tmp/diff_new_pack.LDIKTz/_old	2020-08-03 14:12:33.768329222 +0200
+++ /var/tmp/diff_new_pack.LDIKTz/_new	2020-08-03 14:12:33.768329222 +0200
@@ -6,7 +6,7 @@
     <param name="versionformat">@PARENT_TAG@+git@TAG_OFFSET@.%h</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="versionrewrite-replacement">\1</param>
-    <param name="revision">v2.2.1</param>
+    <param name="revision">v2.2.2</param>
     <param name="changesgenerate">enable</param>
   </service>
 

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.LDIKTz/_old	2020-08-03 14:12:33.788329242 +0200
+++ /var/tmp/diff_new_pack.LDIKTz/_new	2020-08-03 14:12:33.788329242 +0200
@@ -5,4 +5,4 @@
   </service>
 <service name="tar_scm">
                 <param name="url">http://git.haproxy.org/git/haproxy-2.2.git</param>
-              <param name="changesrevision">0ef71a55769353c996166a747b77e0d311867639</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">b8a2763d59c412207c4838579abd594a9a110a7d</param></service></servicedata>
\ No newline at end of file

++++++ haproxy-2.2.1+git0.0ef71a557.tar.gz -> haproxy-2.2.2+git0.b8a2763d5.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/CHANGELOG new/haproxy-2.2.2+git0.b8a2763d5/CHANGELOG
--- old/haproxy-2.2.1+git0.0ef71a557/CHANGELOG	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/CHANGELOG	2020-07-31 11:54:32.000000000 +0200
@@ -1,6 +1,24 @@
 ChangeLog :
 ===========
 
+2020/07/31 : 2.2.2
+    - BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
+    - BUILD: tools: fix build with static only toolchains
+    - BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
+    - BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
+    - BUG/MAJOR: dns: don't treat Authority records as an error
+    - MEDIUM: lua: Add support for the Lua 5.4
+    - BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
+    - BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
+    - BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
+    - BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
+    - BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
+    - MINOR: connection: Preinstall the mux for non-ssl connect
+    - MINOR: stream-int: Be sure to have a mux to do sends and receives
+    - SCRIPTS: announce-release: add the link to the wiki in the announce messages
+    - BUG/MEDIUM: backend: always attach the transport before installing the mux
+    - BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
+
 2020/07/23 : 2.2.1
     - BUG/MINOR: sample: Free str.area in smp_check_const_bool
     - BUG/MINOR: sample: Free str.area in smp_check_const_meth
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/VERDATE new/haproxy-2.2.2+git0.b8a2763d5/VERDATE
--- old/haproxy-2.2.1+git0.0ef71a557/VERDATE	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/VERDATE	2020-07-31 11:54:32.000000000 +0200
@@ -1,2 +1,2 @@
 $Format:%ci$
-2020/07/23
+2020/07/31
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/VERSION new/haproxy-2.2.2+git0.b8a2763d5/VERSION
--- old/haproxy-2.2.1+git0.0ef71a557/VERSION	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/VERSION	2020-07-31 11:54:32.000000000 +0200
@@ -1 +1 @@
-2.2.1
+2.2.2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/doc/configuration.txt new/haproxy-2.2.2+git0.b8a2763d5/doc/configuration.txt
--- old/haproxy-2.2.1+git0.0ef71a557/doc/configuration.txt	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/doc/configuration.txt	2020-07-31 11:54:32.000000000 +0200
@@ -4,7 +4,7 @@
                          ----------------------
                               version 2.2
                              willy tarreau
-                              2020/07/23
+                              2020/07/31
 
 
 This document covers the configuration language as implemented in the version
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/scripts/announce-release new/haproxy-2.2.2+git0.b8a2763d5/scripts/announce-release
--- old/haproxy-2.2.1+git0.0ef71a557/scripts/announce-release	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/scripts/announce-release	2020-07-31 11:54:32.000000000 +0200
@@ -165,6 +165,7 @@
  echo "   Discourse        : http://discourse.haproxy.org/"
  echo "   Slack channel    : https://slack.haproxy.org/"
  echo "   Issue tracker    : https://github.com/haproxy/haproxy/issues"
+ echo "   Wiki             : https://github.com/haproxy/wiki/wiki"
  echo "   Sources          : http://www.haproxy.org/download/${BRANCH}/src/"
  echo "   Git repository   : http://git.haproxy.org/git/${gitdir}/"
  echo "   Git Web browsing : http://git.haproxy.org/?p=${gitdir}"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/backend.c new/haproxy-2.2.2+git0.b8a2763d5/src/backend.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/backend.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/backend.c	2020-07-31 11:54:32.000000000 +0200
@@ -1459,8 +1459,8 @@
 		srv_conn->ctx = srv_cs;
 #if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
 		if (!srv ||
-		    ((!(srv->ssl_ctx.alpn_str) && !(srv->ssl_ctx.npn_str)) ||
-		    srv->mux_proto || s->be->mode != PR_MODE_HTTP))
+		    (srv->use_ssl != 1 || (!(srv->ssl_ctx.alpn_str) && !(srv->ssl_ctx.npn_str)) ||
+		     srv->mux_proto || s->be->mode != PR_MODE_HTTP))
 #endif
 			init_mux = 1;
 #if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
@@ -1519,6 +1519,16 @@
 	if (err != SF_ERR_NONE)
 		return err;
 
+	/* The CO_FL_SEND_PROXY flag may have been set by the connect method,
+	 * if so, add our handshake pseudo-XPRT now.
+	 */
+	if ((srv_conn->flags & CO_FL_HANDSHAKE)) {
+		if (xprt_add_hs(srv_conn) < 0) {
+			conn_full_close(srv_conn);
+			return SF_ERR_INTERNAL;
+		}
+	}
+
 	/* We have to defer the mux initialization until after si_connect()
 	 * has been called, as we need the xprt to have been properly
 	 * initialized, or any attempt to recv during the mux init may
@@ -1537,16 +1547,6 @@
 		    !(srv_conn->flags & CO_FL_PRIVATE) && srv_conn->mux->avail_streams(srv_conn) > 0)
 			LIST_ADDQ(&srv->available_conns[tid], mt_list_to_list(&srv_conn->list));
 	}
-	/* The CO_FL_SEND_PROXY flag may have been set by the connect method,
-	 * if so, add our handshake pseudo-XPRT now.
-	 */
-	if ((srv_conn->flags & CO_FL_HANDSHAKE)) {
-		if (xprt_add_hs(srv_conn) < 0) {
-			conn_full_close(srv_conn);
-			return SF_ERR_INTERNAL;
-		}
-	}
-
 
 #if USE_OPENSSL && (defined(OPENSSL_IS_BORINGSSL) || (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L))
 
@@ -1627,6 +1627,14 @@
 	if ((srv_cs->flags & CS_FL_EOI) && !(si_ic(&s->si[1])->flags & CF_EOI))
 		si_ic(&s->si[1])->flags |= (CF_EOI|CF_READ_PARTIAL);
 
+	/* catch all sync connect while the mux is not already installed */
+	if (!srv_conn->mux && !(srv_conn->flags & CO_FL_WAIT_XPRT)) {
+		if (conn_create_mux(srv_conn) < 0) {
+			conn_full_close(srv_conn);
+			return SF_ERR_INTERNAL;
+		}
+	}
+
 	return SF_ERR_NONE;  /* connection is OK */
 }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/debug.c new/haproxy-2.2.2+git0.b8a2763d5/src/debug.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/debug.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/debug.c	2020-07-31 11:54:32.000000000 +0200
@@ -222,11 +222,13 @@
 		chunk_appendf(buf, "%sCurrent executing a Lua HTTP service -- ", pfx);
 	}
 
-	if (hlua) {
+	if (hlua && hlua->T) {
 		luaL_traceback(hlua->T, hlua->T, NULL, 0);
 		if (!append_prefixed_str(buf, lua_tostring(hlua->T, -1), pfx, '\n', 1))
 			b_putchr(buf, '\n');
 	}
+	else
+		b_putchr(buf, '\n');
 #endif
 }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/dns.c new/haproxy-2.2.2+git0.b8a2763d5/src/dns.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/dns.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/dns.c	2020-07-31 11:54:32.000000000 +0200
@@ -1038,6 +1038,35 @@
 	/* now parsing additional records for SRV queries only */
 	if (dns_query->type != DNS_RTYPE_SRV)
 		goto skip_parsing_additional_records;
+
+	/* if we find Authority records, just skip them */
+	for (i = 0; i < dns_p->header.nscount; i++) {
+		offset = 0;
+		len = dns_read_name(resp, bufend, reader, tmpname, DNS_MAX_NAME_SIZE,
+		                    &offset, 0);
+		if (len == 0)
+			continue;
+
+		if (reader + offset + 10 >= bufend)
+			return DNS_RESP_INVALID;
+
+		reader += offset;
+		/* skip 2 bytes for class */
+		reader += 2;
+		/* skip 2 bytes for type */
+		reader += 2;
+		/* skip 4 bytes for ttl */
+		reader += 4;
+		/* read data len */
+		len = reader[0] * 256 + reader[1];
+		reader += 2;
+
+		if (reader + len >= bufend)
+			return DNS_RESP_INVALID;
+
+		reader += len;
+	}
+
 	nb_saved_records = 0;
 	for (i = 0; i < dns_p->header.arcount; i++) {
 		if (reader >= bufend)
@@ -2421,10 +2450,8 @@
 			locked = 1;
 		}
 
-		if (resolution->step == RSLV_STEP_RUNNING) {
-			ret = ACT_RET_YIELD;
-			goto end;
-		}
+		if (resolution->step == RSLV_STEP_RUNNING)
+			goto yield;
 		if (resolution->step == RSLV_STEP_NONE) {
 			/* We update the variable only if we have a valid response. */
 			if (resolution->status == RSLV_STATUS_VALID) {
@@ -2458,14 +2485,7 @@
 			}
 		}
 
-		free(s->dns_ctx.hostname_dn); s->dns_ctx.hostname_dn = NULL;
-		s->dns_ctx.hostname_dn_len = 0;
-		dns_unlink_resolution(s->dns_ctx.dns_requester);
-
-		pool_free(dns_requester_pool, s->dns_ctx.dns_requester);
-		s->dns_ctx.dns_requester = NULL;
-
-		goto end;
+		goto release_requester;
 	}
 
 	/* need to configure and start a new DNS resolution */
@@ -2486,26 +2506,38 @@
 
 	/* Check if there is a fresh enough response in the cache of our associated resolution */
 	req = s->dns_ctx.dns_requester;
-	if (!req || !req->resolution) {
-		dns_trigger_resolution(s->dns_ctx.dns_requester);
-		ret = ACT_RET_YIELD;
-		goto end;
-	}
+	if (!req || !req->resolution)
+		goto release_requester; /* on error, ignore the action */
 	res = req->resolution;
 
 	exp = tick_add(res->last_resolution, resolvers->hold.valid);
 	if (resolvers->t && res->status == RSLV_STATUS_VALID && tick_isset(res->last_resolution)
-		       && !tick_is_expired(exp, now_ms)) {
+	    && !tick_is_expired(exp, now_ms)) {
 		goto use_cache;
 	}
 
 	dns_trigger_resolution(s->dns_ctx.dns_requester);
+
+  yield:
+	if (flags & ACT_OPT_FINAL)
+		goto release_requester;
 	ret = ACT_RET_YIELD;
 
   end:
 	if (locked)
 		HA_SPIN_UNLOCK(DNS_LOCK, &resolvers->lock);
 	return ret;
+
+  release_requester:
+	free(s->dns_ctx.hostname_dn);
+	s->dns_ctx.hostname_dn = NULL;
+	s->dns_ctx.hostname_dn_len = 0;
+	if (s->dns_ctx.dns_requester) {
+		dns_unlink_resolution(s->dns_ctx.dns_requester);
+		pool_free(dns_requester_pool, s->dns_ctx.dns_requester);
+		s->dns_ctx.dns_requester = NULL;
+	}
+	goto end;
 }
 
 static void release_dns_action(struct act_rule *rule)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/hlua.c new/haproxy-2.2.2+git0.b8a2763d5/src/hlua.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/hlua.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/hlua.c	2020-07-31 11:54:32.000000000 +0200
@@ -1069,6 +1069,9 @@
  */
 static enum hlua_exec hlua_ctx_resume(struct hlua *lua, int yield_allowed)
 {
+#if defined(LUA_VERSION_NUM) && LUA_VERSION_NUM >= 504
+	int nres;
+#endif
 	int ret;
 	const char *msg;
 	const char *trace;
@@ -1100,7 +1103,11 @@
 	lua->wake_time = TICK_ETERNITY;
 
 	/* Call the function. */
+#if defined(LUA_VERSION_NUM) && LUA_VERSION_NUM >= 504
+	ret = lua_resume(lua->T, gL.T, lua->nargs, &nres);
+#else
 	ret = lua_resume(lua->T, gL.T, lua->nargs);
+#endif
 	switch (ret) {
 
 	case LUA_OK:
@@ -6642,11 +6649,16 @@
 			act_ret = lua_tointeger(s->hlua->T, -1);
 
 		/* Set timeout in the required channel. */
-		if (act_ret == ACT_RET_YIELD && s->hlua->wake_time != TICK_ETERNITY) {
-			if (dir == SMP_OPT_DIR_REQ)
-				s->req.analyse_exp = s->hlua->wake_time;
-			else
-				s->res.analyse_exp = s->hlua->wake_time;
+		if (act_ret == ACT_RET_YIELD) {
+			if (flags & ACT_OPT_FINAL)
+				goto err_yield;
+
+			if (s->hlua->wake_time != TICK_ETERNITY) {
+				if (dir == SMP_OPT_DIR_REQ)
+					s->req.analyse_exp = s->hlua->wake_time;
+				else
+					s->res.analyse_exp = s->hlua->wake_time;
+			}
 		}
 		goto end;
 
@@ -6687,6 +6699,8 @@
 		goto end;
 
 	case HLUA_E_YIELD:
+	  err_yield:
+		act_ret = ACT_RET_CONT;
 		SEND_ERR(px, "Lua function '%s': aborting Lua processing on expired timeout.\n",
 		         rule->arg.hlua_rule->fcn.name);
 		goto end;
@@ -7845,10 +7859,12 @@
 		memprintf(err, "Lua message handler error: %s\n", lua_tostring(gL.T, -1));
 		lua_pop(gL.T, 1);
 		return -1;
+#if defined(LUA_VERSION_NUM) && LUA_VERSION_NUM <= 503
 	case LUA_ERRGCMM:
 		memprintf(err, "Lua garbage collector error: %s\n", lua_tostring(gL.T, -1));
 		lua_pop(gL.T, 1);
 		return -1;
+#endif
 	default:
 		memprintf(err, "Lua unknown error: %s\n", lua_tostring(gL.T, -1));
 		lua_pop(gL.T, 1);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/mux_fcgi.c new/haproxy-2.2.2+git0.b8a2763d5/src/mux_fcgi.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/mux_fcgi.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/mux_fcgi.c	2020-07-31 11:54:32.000000000 +0200
@@ -1303,27 +1303,21 @@
 		struct ist path = http_get_path(params->uri);
 		int len;
 
-		/* Decode the path. it must first be copied to keep the URI
-		 * untouched.
-		 */
-		chunk_memcat(params->p, path.ptr, path.len);
-		path.ptr = b_tail(params->p) - path.len;
-		path.ptr[path.len] = '\0';
-		len = url_decode(path.ptr, 0);
-		if (len < 0)
-			goto error;
-		path.len = len;
-
 		/* No scrit_name set but no valid path ==> error */
 		if (!(params->mask & FCGI_SP_SCRIPT_NAME) && !istlen(path))
 			goto error;
 
-		/* Find limit between the path and the query-string */
-		for (len = 0; len < path.len && *(path.ptr + len) != '?'; len++);
-
 		/* If there is a query-string, Set it if not already set */
-		if (!(params->mask & FCGI_SP_REQ_QS) && len < path.len)
-			params->qs = ist2(path.ptr+len+1, path.len-len-1);
+		if (!(params->mask & FCGI_SP_REQ_QS)) {
+			struct ist qs = istfind(path, '?');
+
+			/* Update the path length */
+			path.len -= qs.len;
+
+			/* Set the query-string skipping the '?', if any */
+			if (istlen(qs))
+				params->qs = istnext(qs);
+		}
 
 		/* If the script_name is set, don't try to deduce the path_info
 		 * too. The opposite is not true.
@@ -1333,8 +1327,18 @@
 			goto end;
 		}
 
+		/* Decode the path. it must first be copied to keep the URI
+		 * untouched.
+		 */
+		chunk_memcat(params->p, path.ptr, path.len);
+		path.ptr = b_tail(params->p) - path.len;
+		len = url_decode(ist0(path), 0);
+		if (len < 0)
+			goto error;
+		path.len = len;
+
 		/* script_name not set, preset it with the path for now */
-		params->scriptname = ist2(path.ptr, len);
+		params->scriptname = path;
 
 		/* If there is no regex to match the pathinfo, just to the last
 		 * part and see if the index must be used.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/server.c new/haproxy-2.2.2+git0.b8a2763d5/src/server.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/server.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/server.c	2020-07-31 11:54:32.000000000 +0200
@@ -3731,6 +3731,15 @@
 	struct dns_resolution *resolution = s->dns_requester->resolution;
 	int exp;
 
+	/* If resolution is NULL we're dealing with SRV records Additional records */
+	if (resolution == NULL) {
+		if (s->next_admin & SRV_ADMF_RMAINT)
+			return 1;
+
+		srv_set_admin_flag(s, SRV_ADMF_RMAINT, "entry removed from SRV record");
+		return 0;
+	}
+
 	switch (resolution->status) {
 		case RSLV_STATUS_NONE:
 			/* status when HAProxy has just (re)started.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/stream_interface.c new/haproxy-2.2.2+git0.b8a2763d5/src/stream_interface.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/stream_interface.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/stream_interface.c	2020-07-31 11:54:32.000000000 +0200
@@ -661,6 +661,10 @@
 	if (oc->flags & CF_SHUTW)
 		return 1;
 
+	/* we must wait because the mux is not installed yet */
+	if (!conn->mux)
+		return 0;
+
 	if (oc->pipe && conn->xprt->snd_pipe && conn->mux->snd_pipe) {
 		ret = conn->mux->snd_pipe(cs, oc->pipe);
 		if (ret > 0)
@@ -1220,6 +1224,10 @@
 	if (ic->flags & CF_SHUTR)
 		return 1;
 
+	/* we must wait because the mux is not installed yet */
+	if (!conn->mux)
+		return 0;
+
 	/* stop here if we reached the end of data */
 	if (cs->flags & CS_FL_EOS)
 		goto end_recv;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/tcp_rules.c new/haproxy-2.2.2+git0.b8a2763d5/src/tcp_rules.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/tcp_rules.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/tcp_rules.c	2020-07-31 11:54:32.000000000 +0200
@@ -354,7 +354,9 @@
 
  missing_data:
 	channel_dont_close(rep);
-	s->current_rule = rule;
+	/* just set the analyser timeout once at the beginning of the response */
+	if (!tick_isset(rep->analyse_exp) && s->be->tcp_rep.inspect_delay)
+		rep->analyse_exp = tick_add(now_ms, s->be->tcp_rep.inspect_delay);
 	DBG_TRACE_DEVEL("waiting for more data", STRM_EV_STRM_ANA|STRM_EV_TCP_ANA, s);
 	return 0;
 
@@ -389,7 +391,7 @@
 	channel_abort(&s->req);
 
   abort:
-	rep->analysers &= AN_REQ_FLT_END;
+	rep->analysers &= AN_RES_FLT_END;
 
 	if (!(s->flags & SF_ERR_MASK))
 		s->flags |= SF_ERR_PRXCOND;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/tcpcheck.c new/haproxy-2.2.2+git0.b8a2763d5/src/tcpcheck.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/tcpcheck.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/tcpcheck.c	2020-07-31 11:54:32.000000000 +0200
@@ -1096,31 +1096,6 @@
 	conn->flags |= CO_FL_PRIVATE;
 	conn->ctx = cs;
 
-	/* The mux may be initialized now if there isn't server attached to the
-	 * check (email alerts) or if there is a mux proto specified or if there
-	 * is no alpn.
-	 */
-	if (!s || ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && check->mux_proto) ||
-	    connect->mux_proto || (!connect->alpn && !check->alpn_str)) {
-		const struct mux_ops *mux_ops;
-
-		if (connect->mux_proto)
-			mux_ops = connect->mux_proto->mux;
-		else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && check->mux_proto)
-			mux_ops = check->mux_proto->mux;
-		else {
-			int mode = ((check->tcpcheck_rules->flags & TCPCHK_RULES_PROTO_CHK) == TCPCHK_RULES_HTTP_CHK
-				    ? PROTO_MODE_HTTP
-				    : PROTO_MODE_TCP);
-
-			mux_ops = conn_get_best_mux(conn, IST_NULL, PROTO_SIDE_BE, mode);
-		}
-		if (mux_ops && conn_install_mux(conn, mux_ops, cs, proxy, check->sess) < 0) {
-			status = SF_ERR_INTERNAL;
-			goto fail_check;
-		}
-	}
-
 #ifdef USE_OPENSSL
 	if (connect->sni)
 		ssl_sock_set_servername(conn, connect->sni);
@@ -1160,6 +1135,31 @@
 			status = SF_ERR_RESOURCE;
 	}
 
+	/* The mux may be initialized now if there isn't server attached to the
+	 * check (email alerts) or if there is a mux proto specified or if there
+	 * is no alpn.
+	 */
+	if (!s || ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && check->mux_proto) ||
+	    connect->mux_proto || (!connect->alpn && !check->alpn_str)) {
+		const struct mux_ops *mux_ops;
+
+		if (connect->mux_proto)
+			mux_ops = connect->mux_proto->mux;
+		else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && check->mux_proto)
+			mux_ops = check->mux_proto->mux;
+		else {
+			int mode = ((check->tcpcheck_rules->flags & TCPCHK_RULES_PROTO_CHK) == TCPCHK_RULES_HTTP_CHK
+				    ? PROTO_MODE_HTTP
+				    : PROTO_MODE_TCP);
+
+			mux_ops = conn_get_best_mux(conn, IST_NULL, PROTO_SIDE_BE, mode);
+		}
+		if (mux_ops && conn_install_mux(conn, mux_ops, cs, proxy, check->sess) < 0) {
+			status = SF_ERR_INTERNAL;
+			goto fail_check;
+		}
+	}
+
   fail_check:
 	/* It can return one of :
 	 *  - SF_ERR_NONE if everything's OK
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/src/tools.c new/haproxy-2.2.2+git0.b8a2763d5/src/tools.c
--- old/haproxy-2.2.1+git0.0ef71a557/src/tools.c	2020-07-23 09:04:24.000000000 +0200
+++ new/haproxy-2.2.2+git0.b8a2763d5/src/tools.c	2020-07-31 11:54:32.000000000 +0200
@@ -10,7 +10,7 @@
  *
  */
 
-#ifdef __ELF__
+#if (defined(__ELF__) && !defined(__linux__)) || defined(USE_DL)
 #define _GNU_SOURCE
 #include <dlfcn.h>
 #include <link.h>
@@ -4387,7 +4387,7 @@
 	return ret;
 }
 
-#ifdef __ELF__
+#if (defined(__ELF__) && !defined(__linux__)) || defined(USE_DL)
 /* calls dladdr() or dladdr1() on <addr> and <dli>. If dladdr1 is available,
  * also returns the symbol size in <size>, otherwise returns 0 there.
  */
@@ -4421,7 +4421,7 @@
  * The file name (lib or executable) is limited to what lies between the last
  * '/' and the first following '.'. An optional prefix <pfx> is prepended before
  * the output if not null. The file is not dumped when it's the same as the one
- * that contains the "main" symbol, or when __ELF__ is not set.
+ * that contains the "main" symbol, or when __ELF__ && USE_DL are not set.
  *
  * The symbol's base address is returned, or NULL when unresolved, in order to
  * allow the caller to match it against known ones.
@@ -4449,7 +4449,7 @@
 #endif
 	};
 
-#ifdef __ELF__
+#if (defined(__ELF__) && !defined(__linux__)) || defined(USE_DL)
 	Dl_info dli, dli_main;
 	size_t size;
 	const char *fname, *p;
@@ -4466,7 +4466,7 @@
 		}
 	}
 
-#ifdef __ELF__
+#if (defined(__ELF__) && !defined(__linux__)) || defined(USE_DL)
 	/* Now let's try to be smarter */
 	if (!dladdr_and_size(addr, &dli, &size))
 		goto unknown;
@@ -4506,7 +4506,7 @@
 		chunk_appendf(buf, "+%#lx", (long)(addr - dli.dli_fbase));
 		return NULL;
 	}
-#endif /* __ELF__ */
+#endif /* __ELF__ && !__linux__ || USE_DL */
  unknown:
 	/* unresolved symbol from the main file, report relative offset to main */
 	if ((void*)addr < (void*)main)

    

root

tags

participants (1)