haproxy: fixes from upstream
[PATCH 6/6] BUG/MEDIUM: connection: fix proxy v2 header again! Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
This commit is contained in:
parent
08ae493776
commit
bbfeac7e06
|
@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=haproxy
|
PKG_NAME:=haproxy
|
||||||
PKG_VERSION:=1.5.2
|
PKG_VERSION:=1.5.2
|
||||||
PKG_RELEASE:=05
|
PKG_RELEASE:=06
|
||||||
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
|
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
|
||||||
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
|
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
|
||||||
PKG_MD5SUM:=e854fed32ea751d6db7f366cb910225a
|
PKG_MD5SUM:=e854fed32ea751d6db7f366cb910225a
|
||||||
|
|
|
@ -0,0 +1,34 @@
|
||||||
|
From 04b80cd29b23d02f373c095569e871275d128b43 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Willy Tarreau <w@1wt.eu>
|
||||||
|
Date: Sat, 19 Jul 2014 06:37:33 +0200
|
||||||
|
Subject: [PATCH 6/6] BUG/MEDIUM: connection: fix proxy v2 header again!
|
||||||
|
|
||||||
|
Last commit 77d1f01 ("BUG/MEDIUM: connection: fix memory corruption
|
||||||
|
when building a proxy v2 header") was wrong, using &cn_trash instead
|
||||||
|
of cn_trash resulting in a warning and the client's SSL cert CN not
|
||||||
|
being stored at the proper location.
|
||||||
|
|
||||||
|
Thanks to Lukas Tribus for spotting this quickly.
|
||||||
|
|
||||||
|
This should be backported to 1.5 after the patch above is backported.
|
||||||
|
(cherry picked from commit 3b9a0c9d4d083d749846d66f9bd4caabafe4ee78)
|
||||||
|
---
|
||||||
|
src/connection.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/connection.c b/src/connection.c
|
||||||
|
index 3435b1a..2dd2c02 100644
|
||||||
|
--- a/src/connection.c
|
||||||
|
+++ b/src/connection.c
|
||||||
|
@@ -684,7 +684,7 @@ int make_proxy_line_v2(char *buf, int buf_len, struct server *srv, struct connec
|
||||||
|
}
|
||||||
|
if (srv->pp_opts & SRV_PP_V2_SSL_CN) {
|
||||||
|
cn_trash = get_trash_chunk();
|
||||||
|
- if (ssl_sock_get_remote_common_name(remote, &cn_trash) > 0) {
|
||||||
|
+ if (ssl_sock_get_remote_common_name(remote, cn_trash) > 0) {
|
||||||
|
tlv_len = make_tlv(&buf[ret+ssl_tlv_len], (buf_len - ret - ssl_tlv_len), PP2_TYPE_SSL_CN, cn_trash->len, cn_trash->str);
|
||||||
|
ssl_tlv_len += tlv_len;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.8.5.5
|
||||||
|
|
Loading…
Reference in New Issue