From 8c5bd7ae5e08be82fcd80919a970fd786d68812d Mon Sep 17 00:00:00 2001 From: heil Date: Tue, 21 Jun 2016 01:08:28 +0200 Subject: [PATCH] haproxy: bump to version 1.5.18 and pending patches Signed-off-by: heil --- net/haproxy/Makefile | 6 +- ...stening-IP-address-storage-for-front.patch | 131 ++++++++++++++++++ ...ection-fix-double-negation-on-memcmp.patch | 39 ++++++ ...tables-segfault-in-some-configuratio.patch | 52 +++++++ ...-add-header-header-name-copied-twice.patch | 32 +++++ 5 files changed, 257 insertions(+), 3 deletions(-) create mode 100644 net/haproxy/patches/0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch create mode 100644 net/haproxy/patches/0002-CLEANUP-connection-fix-double-negation-on-memcmp.patch create mode 100644 net/haproxy/patches/0003-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch create mode 100644 net/haproxy/patches/0004-BUG-MINOR-http-add-header-header-name-copied-twice.patch diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile index 49746ea6f3..ab18e78296 100644 --- a/net/haproxy/Makefile +++ b/net/haproxy/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=haproxy -PKG_VERSION:=1.5.16 -PKG_RELEASE:=01 +PKG_VERSION:=1.5.18 +PKG_RELEASE:=04 PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/ PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) -PKG_MD5SUM:=294fdb5aaaccba00c2070e5f4baf9f0e +PKG_MD5SUM:=21d35f114583ef731bc96af05b46c75a PKG_MAINTAINER:=Thomas Heil PKG_LICENSE:=GPL-2.0 diff --git a/net/haproxy/patches/0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch b/net/haproxy/patches/0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch new file mode 100644 index 0000000000..d12ccb08cc --- /dev/null +++ b/net/haproxy/patches/0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch @@ -0,0 +1,131 @@ +From a72d39058a7a5d004e0c6b69a91663591bb3bf89 Mon Sep 17 00:00:00 2001 +From: Vincent Bernat +Date: Thu, 19 May 2016 11:15:51 +0200 +Subject: [PATCH 1/4] BUG/MAJOR: fix listening IP address storage for frontends + +When compiled with GCC 6, the IP address specified for a frontend was +ignored and HAProxy was listening on all addresses instead. This is +caused by an incomplete copy of a "struct sockaddr_storage". + +With the GNU Libc, "struct sockaddr_storage" is defined as this: + + struct sockaddr_storage + { + sa_family_t ss_family; + unsigned long int __ss_align; + char __ss_padding[(128 - (2 * sizeof (unsigned long int)))]; + }; + +Doing an aggregate copy (ss1 = ss2) is different than using memcpy(): +only members of the aggregate have to be copied. Notably, padding can be +or not be copied. In GCC 6, some optimizations use this fact and if a +"struct sockaddr_storage" contains a "struct sockaddr_in", the port and +the address are part of the padding (between sa_family and __ss_align) +and can be not copied over. + +Therefore, we replace any aggregate copy by a memcpy(). There is another +place using the same pattern. We also fix a function receiving a "struct +sockaddr_storage" by copy instead of by reference. Since it only needs a +read-only copy, the function is converted to request a reference. + +This is a backport for 1.5 of 6e6158 and 6e46ff1. +--- + src/cfgparse.c | 4 ++-- + src/connection.c | 2 +- + src/proto_http.c | 12 ++++++------ + src/proto_tcp.c | 2 +- + 4 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/src/cfgparse.c b/src/cfgparse.c +index 39abf6b..9331415 100644 +--- a/src/cfgparse.c ++++ b/src/cfgparse.c +@@ -280,7 +280,7 @@ int str2listener(char *str, struct proxy *curproxy, struct bind_conf *bind_conf, + } + + /* OK the address looks correct */ +- ss = *ss2; ++ memcpy(&ss, ss2, sizeof(ss)); + + for (; port <= end; port++) { + l = (struct listener *)calloc(1, sizeof(struct listener)); +@@ -291,7 +291,7 @@ int str2listener(char *str, struct proxy *curproxy, struct bind_conf *bind_conf, + l->bind_conf = bind_conf; + + l->fd = fd; +- l->addr = ss; ++ memcpy(&l->addr, &ss, sizeof(ss)); + l->xprt = &raw_sock; + l->state = LI_INIT; + +diff --git a/src/connection.c b/src/connection.c +index dab1c90..09fd04e 100644 +--- a/src/connection.c ++++ b/src/connection.c +@@ -620,7 +620,7 @@ int make_proxy_line_v2(char *buf, int buf_len, struct server *srv, struct connec + const char pp2_signature[] = PP2_SIGNATURE; + int ret = 0; + struct proxy_hdr_v2 *hdr = (struct proxy_hdr_v2 *)buf; +- struct sockaddr_storage null_addr = {0}; ++ struct sockaddr_storage null_addr = { .ss_family = 0 }; + struct sockaddr_storage *src = &null_addr; + struct sockaddr_storage *dst = &null_addr; + #ifdef USE_OPENSSL +diff --git a/src/proto_http.c b/src/proto_http.c +index b3aa4d8..0b13c5e 100644 +--- a/src/proto_http.c ++++ b/src/proto_http.c +@@ -3220,15 +3220,15 @@ int http_handle_stats(struct session *s, struct channel *req) + /* Sets the TOS header in IPv4 and the traffic class header in IPv6 packets + * (as per RFC3260 #4 and BCP37 #4.2 and #5.2). + */ +-static inline void inet_set_tos(int fd, struct sockaddr_storage from, int tos) ++static inline void inet_set_tos(int fd, struct sockaddr_storage *from, int tos) + { + #ifdef IP_TOS +- if (from.ss_family == AF_INET) ++ if (from->ss_family == AF_INET) + setsockopt(fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); + #endif + #ifdef IPV6_TCLASS +- if (from.ss_family == AF_INET6) { +- if (IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&from)->sin6_addr)) ++ if (from->ss_family == AF_INET6) { ++ if (IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)from)->sin6_addr)) + /* v4-mapped addresses need IP_TOS */ + setsockopt(fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); + else +@@ -3366,7 +3366,7 @@ http_req_get_intercept_rule(struct proxy *px, struct list *rules, struct session + + case HTTP_REQ_ACT_SET_TOS: + if ((cli_conn = objt_conn(s->req->prod->end)) && conn_ctrl_ready(cli_conn)) +- inet_set_tos(cli_conn->t.sock.fd, cli_conn->addr.from, rule->arg.tos); ++ inet_set_tos(cli_conn->t.sock.fd, &cli_conn->addr.from, rule->arg.tos); + break; + + case HTTP_REQ_ACT_SET_MARK: +@@ -3563,7 +3563,7 @@ http_res_get_intercept_rule(struct proxy *px, struct list *rules, struct session + + case HTTP_RES_ACT_SET_TOS: + if ((cli_conn = objt_conn(s->req->prod->end)) && conn_ctrl_ready(cli_conn)) +- inet_set_tos(cli_conn->t.sock.fd, cli_conn->addr.from, rule->arg.tos); ++ inet_set_tos(cli_conn->t.sock.fd, &cli_conn->addr.from, rule->arg.tos); + break; + + case HTTP_RES_ACT_SET_MARK: +diff --git a/src/proto_tcp.c b/src/proto_tcp.c +index cfa62f7..8c06441 100644 +--- a/src/proto_tcp.c ++++ b/src/proto_tcp.c +@@ -394,7 +394,7 @@ int tcp_connect_server(struct connection *conn, int data, int delack) + struct sockaddr_storage sa; + + ret = 1; +- sa = src->source_addr; ++ memcpy(&sa, &src->source_addr, sizeof(sa)); + + do { + /* note: in case of retry, we may have to release a previously +-- +2.7.3 + diff --git a/net/haproxy/patches/0002-CLEANUP-connection-fix-double-negation-on-memcmp.patch b/net/haproxy/patches/0002-CLEANUP-connection-fix-double-negation-on-memcmp.patch new file mode 100644 index 0000000000..917bf753b2 --- /dev/null +++ b/net/haproxy/patches/0002-CLEANUP-connection-fix-double-negation-on-memcmp.patch @@ -0,0 +1,39 @@ +From fab41521192c6f62f0284faf53d6ad40955ef3db Mon Sep 17 00:00:00 2001 +From: David CARLIER +Date: Thu, 24 Mar 2016 09:22:36 +0000 +Subject: [PATCH 2/4] CLEANUP: connection: fix double negation on memcmp() + +Nothing harmful in here, just clarify that it applies to the whole +expression. + +(cherry picked from commit 42ff05e2d3d10e8a1e070e66e8883c5eabe196d7) +(cherry picked from commit c4809151b4c9ccc312cb451e99fd556e867242fc) +--- + src/connection.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/connection.c b/src/connection.c +index 09fd04e..af18878 100644 +--- a/src/connection.c ++++ b/src/connection.c +@@ -289,7 +289,7 @@ int conn_recv_proxy(struct connection *conn, int flag) + if (trash.len < 9) /* shortest possible line */ + goto missing; + +- if (!memcmp(line, "TCP4 ", 5) != 0) { ++ if (memcmp(line, "TCP4 ", 5) == 0) { + u32 src3, dst3, sport, dport; + + line += 5; +@@ -330,7 +330,7 @@ int conn_recv_proxy(struct connection *conn, int flag) + ((struct sockaddr_in *)&conn->addr.to)->sin_port = htons(dport); + conn->flags |= CO_FL_ADDR_FROM_SET | CO_FL_ADDR_TO_SET; + } +- else if (!memcmp(line, "TCP6 ", 5) != 0) { ++ else if (memcmp(line, "TCP6 ", 5) == 0) { + u32 sport, dport; + char *src_s; + char *dst_s, *sport_s, *dport_s; +-- +2.7.3 + diff --git a/net/haproxy/patches/0003-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch b/net/haproxy/patches/0003-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch new file mode 100644 index 0000000000..8ce2b68d39 --- /dev/null +++ b/net/haproxy/patches/0003-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch @@ -0,0 +1,52 @@ +From 294c8d2f81847e0e2d26aa0700564ac2f6aaffa6 Mon Sep 17 00:00:00 2001 +From: Thierry Fournier +Date: Mon, 6 Jun 2016 18:28:05 +0200 +Subject: [PATCH 3/4] BUG/MEDIUM: sticktables: segfault in some configuration + error cases + +When a stick table is tracked, and another one is used later on the +configuration, a segfault occurs. + +The function "smp_create_src_stkctr" can return a NULL value, and +its value is not tested, so one other function try to dereference +a NULL pointer. This patch just add a verification of the NULL +pointer. + +The problem is reproduced with this configuration: + + listen www + mode http + bind :12345 + tcp-request content track-sc0 src table IPv4 + http-request allow if { sc0_inc_gpc0(IPv6) gt 0 } + server dummy 127.0.0.1:80 + backend IPv4 + stick-table type ip size 10 expire 60s store gpc0 + backend IPv6 + stick-table type ipv6 size 10 expire 60s store gpc0 + +Thank to kabefuna@gmail.com for the bug report. + +This patch must be backported in the 1.6 and 1.5 version. +(cherry picked from commit 6fc340ff07171bb85d11d835fa4158bbdef240a0) +(cherry picked from commit 4693e2302271252044038c9be38487fb16218e5b) +--- + src/session.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/session.c b/src/session.c +index 4e84803..fbd5094 100644 +--- a/src/session.c ++++ b/src/session.c +@@ -2908,7 +2908,7 @@ smp_fetch_sc_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned i + smp->flags = SMP_F_VOL_TEST; + smp->type = SMP_T_UINT; + smp->data.uint = 0; +- if (stkctr_entry(stkctr) != NULL) { ++ if (stkctr && stkctr_entry(stkctr)) { + void *ptr; + + /* First, update gpc0_rate if it's tracked. Second, update its +-- +2.7.3 + diff --git a/net/haproxy/patches/0004-BUG-MINOR-http-add-header-header-name-copied-twice.patch b/net/haproxy/patches/0004-BUG-MINOR-http-add-header-header-name-copied-twice.patch new file mode 100644 index 0000000000..5bab319339 --- /dev/null +++ b/net/haproxy/patches/0004-BUG-MINOR-http-add-header-header-name-copied-twice.patch @@ -0,0 +1,32 @@ +From cba3bd6e5ce9b0be83c701c3c7a103d01d5b516d Mon Sep 17 00:00:00 2001 +From: Thierry Fournier +Date: Wed, 1 Jun 2016 13:36:20 +0200 +Subject: [PATCH 4/4] BUG/MINOR: http: add-header: header name copied twice + +The header name is copied two time in the buffer. The first copy is a printf-like +function writing the name and the http separators in the buffer, and the second +form is a memcopy. This seems to be inherited from some changes. This patch +removes the printf like, format. + +This patch must be backported in 1.6 and 1.5 versions +(cherry picked from commit 53c1a9b7cb8f3fe79b5492218363b6c0ff608fc1) +(cherry picked from commit d281d68d3aa010f7e1a635c92ab486f7f2c666b9) +--- + src/proto_http.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/proto_http.c b/src/proto_http.c +index 0b13c5e..8801592 100644 +--- a/src/proto_http.c ++++ b/src/proto_http.c +@@ -3399,7 +3399,6 @@ http_req_get_intercept_rule(struct proxy *px, struct list *rules, struct session + + case HTTP_REQ_ACT_SET_HDR: + case HTTP_REQ_ACT_ADD_HDR: +- chunk_printf(&trash, "%s: ", rule->arg.hdr_add.name); + memcpy(trash.str, rule->arg.hdr_add.name, rule->arg.hdr_add.name_len); + trash.len = rule->arg.hdr_add.name_len; + trash.str[trash.len++] = ':'; +-- +2.7.3 +