]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: eaf05be)
BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready.
authorOlivier Houchard <cognet@ci0.org>
Mon, 30 Dec 2019 14:13:42 +0000 (15:13 +0100)
committerOlivier Houchard <cognet@ci0.org>
Mon, 30 Dec 2019 14:18:16 +0000 (15:18 +0100)
When creating a new check connection, only attempt to add an handshake
connection if the connection has fully been initialized. It can not be the
case if a DNS resolution is still pending, and thus we don't yet have the
address for the server, as the handshake code assumes the connection is fully
initialized and would otherwise crash.
This is not ideal, the check shouldn't probably run until we have an address,
as it leads to check failures with "Socket error".
While I'm there, also add an xprt handshake if we're using socks4, otherwise
checks wouldn't be able to use socks4 properly.
This should fix github issue #430

This should be backported to 2.0 and 2.1.

src/checks.c patch | blob | blame | history

diff --git a/src/checks.c b/src/checks.c
index 0cd844ccb24dceffa7fc018f9efa5bdbe8b7cf02..be8acdb2a5f28d99e0c3359a4c1bdc2c2b440433 100644 (file)
--- a/src/checks.c
+++ b/src/checks.c
@@ -1715,6 +1715,9 @@ static int connect_conn_chk(struct task *t)
        if (s->check.send_proxy && !(check->state & CHK_ST_AGENT)) {
                conn->send_proxy_ofs = 1;
                conn->flags |= CO_FL_SEND_PROXY;
+       }
+       if (conn->flags & (CO_FL_SEND_PROXY | CO_FL_SOCKS4) &&
+           conn_ctrl_ready(conn)) {
                if (xprt_add_hs(conn) < 0)
                        ret = SF_ERR_RESOURCE;
        }
@@ -2962,7 +2965,8 @@ static int tcpcheck_main(struct check *check)
                        if (proto && proto->connect)
                                ret = proto->connect(conn,
                                                     CONNECT_HAS_DATA /* I/O polling is always needed */ | (next && next->action == TCPCHK_ACT_EXPECT) ? 0 : CONNECT_DELACK_ALWAYS);
-                       if (check->current_step->conn_opts & TCPCHK_OPT_SEND_PROXY) {
+                       if (conn_ctrl_ready(conn) &&
+                               check->current_step->conn_opts & TCPCHK_OPT_SEND_PROXY) {
                                conn->send_proxy_ofs = 1;
                                conn->flags |= CO_FL_SEND_PROXY;
                                if (xprt_add_hs(conn) < 0)
Mirror of https://github.com/haproxy/haproxy.git