Accepting request 283856 from network:ha-clustering:Factory

1 OBS-URL: https://build.opensuse.org/request/show/283856 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=23
2015-02-03 14:35:26 +00:00 · 2015-02-03 14:35:26 +00:00 · 19468e40d2
commit 19468e40d2
parent e34dc6d53d
5 changed files with 42 additions and 90 deletions
--- a/0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch
+++ b/0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch
@ -1,83 +0,0 @@
 From 7ccea2642c54f9a07f4fbd29d3b005008cd457a3 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Cyril=20Bont=C3=A9?= <cyril.bonte@free.fr>
 Date: Sun, 4 Jan 2015 15:17:36 +0100
 Subject: [PATCH] BUG/MEDIUM: backend: correctly detect the domain when
 use_domain_only is used
 balance hdr(<name>) provides on option 'use_domain_only' to match only the
 domain part in a header (designed for the Host header).
 Olivier Fredj reported that the hashes were not the same for
 'subdomain.domain.tld' and 'domain.tld'.
 This is because the pointer was rewinded one step to far, resulting in a hash
 calculated against wrong values :
 - '.domai' for 'subdomain.domain.tld'
 - ' domai' for 'domain.tld' (beginning with the space in the header line)
 Another special case is when no dot can be found in the header : the hash will
 be calculated against an empty string.
 The patch addresses both cases : 'domain' will be used to compute the hash for
 'subdomain.domain.tld', 'domain.tld' and 'domain' (using the whole header value
 for the last case).
 The fix must be backported to haproxy 1.5 and 1.4.
 (cherry picked from commit f607d81d09ab839fb1143b749ff231d6093f2038)
 ---
 src/backend.c | 28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)
 diff --git a/src/backend.c b/src/backend.c
 index ada8370..9980cf8 100644
 --- a/src/backend.c
 +++ b/src/backend.c
@@ -408,29 +408,33 @@ struct server *get_server_hh(struct session *s)
 		hash = gen_hash(px, p, len);
 	} else {
 		int dohash = 0;
 -		p += len - 1;
 -		start = end = p;
 +		p += len;
 		/* special computation, use only main domain name, not tld/host
 		 * going back from the end of string, start hashing at first
 		 * dot stop at next.
 		 * This is designed to work with the 'Host' header, and requires
 		 * a special option to activate this.
 		 */
 +		end = p;
 		while (len) {
 -			if (*p == '.') {
 -				if (!dohash) {
 -					dohash = 1;
 -					start = end = p - 1;
 -				}
 -				else
 +			if (dohash) {
 +				/* Rewind the pointer until the previous char
 +				 * is a dot, this will allow to set the start
 +				 * position of the domain. */
 +				if (*(p - 1) == '.')
 					break;
 -			} else {
 -				if (dohash)
 -					start--;
 			}
 -			len--;
 +			else if (*p == '.') {
 +				/* The pointer is rewinded to the dot before the
 +				 * tld, we memorize the end of the domain and
 +				 * can enter the domain processing. */
 +				end = p;
 +				dohash = 1;
 +			}
 			p--;
 +			len--;
 		}
 +		start = p;
 		hash = gen_hash(px, start, (end - start));
 	}
 	if ((px->lbprm.algo & BE_LB_HASH_MOD) == BE_LB_HMOD_AVAL)
 -- 
 2.1.2
--- a/haproxy-1.5.10.tar.gz
+++ b/haproxy-1.5.10.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:090264c834477c290f6ad6da558731d50aede0800996742d15e870b9947fe517
 size 1339873
--- a/haproxy-1.5.11.tar.gz
+++ b/haproxy-1.5.11.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:8b5aa462988405f09c8a6169294b202d7f524a5450a02dd92e7c216680f793bf
 size 1340429
--- a/haproxy.changes
+++ b/haproxy.changes
@ -1,3 +1,41 @@
 -------------------------------------------------------------------
 Sun Feb  1 08:27:43 UTC 2015 - mrueckert@suse.de
 - update to 1.5.11
  - BUG/MEDIUM: backend: correctly detect the domain when
    use_domain_only is used
  - MINOR: ssl: load certificates in alphabetical order
  - BUG/MINOR: checks: prevent http keep-alive with http-check
    expect
  - BUG/MEDIUM: Do not set agent health to zero if server is
    disabled in config
  - MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent
    health is zero
  - BUG/MINOR: stats:Fix incorrect printf type.
  - DOC: add missing entry for log-format and clarify the text
  - BUG/MEDIUM: http: fix header removal when previous header ends
    with pure LF
  - BUG/MEDIUM: channel: fix possible integer overflow on reserved
    size computation
  - BUG/MINOR: channel: compare to_forward with buf->i, not
    buf->size
  - MINOR: channel: add channel_in_transit()
  - MEDIUM: channel: make buffer_reserved() use
    channel_in_transit()
  - MEDIUM: channel: make bi_avail() use channel_in_transit()
  - BUG/MEDIUM: channel: don't schedule data in transit for leaving
    until connected
  - BUG/MAJOR: log: don't try to emit a log if no logger is set
  - BUG/MINOR: args: add missing entry for ARGT_MAP in
    arg_type_names
  - BUG/MEDIUM: http: make http-request set-header compute the
    string before removal
  - BUG/MINOR: http: fix incorrect header value offset in
    replace-hdr/replace-value
  - BUG/MINOR: http: abort request processing on filter failure
 - drop patch included in update:
  0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch
 -------------------------------------------------------------------
 Tue Jan  6 09:28:16 UTC 2015 - mrueckert@suse.de
--- a/haproxy.spec
+++ b/haproxy.spec
@ -33,7 +33,7 @@
 %bcond_without  apparmor
 Name:           haproxy
-Version:        1.5.10
+Version:        1.5.11
 Release:        0
 #
 #
@ -61,8 +61,6 @@ Patch1:         haproxy-1.2.16_config_haproxy_user.patch
 Patch2:         haproxy-makefile_lib.patch
 Patch3:         sec-options.patch
 Patch4:         haproxy-1.5.8-fix-bashisms.patch
 # PATCH-UPSTREAM
 Patch5:         0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch
 #
 Source99:       haproxy-rpmlintrc
 #
@ -97,7 +95,6 @@ the most work done from every CPU cycle.
 %patch2
 %patch3
 %patch4 -p1
 %patch5 -p1
 %build
 %{__make} \