From: Frédéric Lécaille Date: Thu, 4 Jul 2019 12:19:06 +0000 (+0200) Subject: MINOR: server: Add "no-tfo" option. X-Git-Tag: v2.1-dev1~34 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1b9423d2141ee9e4d5bf0bb30346dbe95361ff88;p=thirdparty%2Fhaproxy.git MINOR: server: Add "no-tfo" option. Simple patch to add "no-tfo" option to "default-server" and "server" lines to disable any usage of TCP fast open. Must be backported to 2.0. --- diff --git a/doc/configuration.txt b/doc/configuration.txt index de092dc28c..2dbbb46c8d 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -12127,6 +12127,13 @@ no-verifyhost It may also be used as "default-server" setting to reset any previous "default-server" "verifyhost" setting. +no-tfo + This option may be used as "server" setting to reset any "tfo" + setting which would have been inherited from "default-server" directive as + default value. + It may also be used as "default-server" setting to reset any previous + "default-server" "tfo" setting. + non-stick Never add connections allocated to this sever to a stick-table. This may be used in conjunction with backup to ensure that @@ -12482,7 +12489,7 @@ tfo See the "tfo" bind option for more information about TCP fast open. Please note that when using tfo, you should also use the "conn-failure", "empty-response" and "response-timeout" keywords for "retry-on", or haproxy - won't be able to retry the connection on failure. + won't be able to retry the connection on failure. See also "no-tfo". track [/] This option enables ability to set the current state of the server by tracking diff --git a/src/server.c b/src/server.c index 15c8ffe6a6..02fa2a46cb 100644 --- a/src/server.c +++ b/src/server.c @@ -583,6 +583,14 @@ static int srv_parse_no_send_proxy_v2(char **args, int *cur_arg, return srv_disable_pp_flags(newsrv, SRV_PP_V2); } +/* Parse the "no-tfo" server keyword */ +static int srv_parse_no_tfo(char **args, int *cur_arg, + struct proxy *curproxy, struct server *newsrv, char **err) +{ + newsrv->flags &= ~SRV_F_FASTOPEN; + return 0; +} + /* Parse the "non-stick" server keyword */ static int srv_parse_non_stick(char **args, int *cur_arg, struct proxy *curproxy, struct server *newsrv, char **err) @@ -1354,6 +1362,7 @@ static struct srv_kw_list srv_kws = { "ALL", { }, { { "no-check-send-proxy", srv_parse_no_check_send_proxy, 0, 1 }, /* disable PROXY protol for health checks */ { "no-send-proxy", srv_parse_no_send_proxy, 0, 1 }, /* Disable use of PROXY V1 protocol */ { "no-send-proxy-v2", srv_parse_no_send_proxy_v2, 0, 1 }, /* Disable use of PROXY V2 protocol */ + { "no-tfo", srv_parse_no_tfo, 0, 1 }, /* Disable use of TCP Fast Open */ { "non-stick", srv_parse_non_stick, 0, 1 }, /* Disable stick-table persistence */ { "observe", srv_parse_observe, 1, 1 }, /* Enables health adjusting based on observing communication with the server */ { "pool-max-conn", srv_parse_pool_max_conn, 1, 1 }, /* Set the max number of orphan idle connections, 0 means unlimited */