From: Christopher Faulet Date: Fri, 24 Jan 2020 18:12:35 +0000 (+0100) Subject: BUG/MINOR: http-ana: Reset HTX first index when HAPRoxy sends a response X-Git-Tag: v2.2-dev2~23 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7a138dc9082c0e144b81cd3113e14695c16d05c6;p=thirdparty%2Fhaproxy.git BUG/MINOR: http-ana: Reset HTX first index when HAPRoxy sends a response The first index in an HTX message is the HTX block index from which the HTTP analysis must be performed. When HAProxy sends an HTTP response, on error or redirect, this index must be reset because all pending incoming data are considered as forwarded. For now, it is only a bug for 103-Early-Hints response. For other responses, it is not a problem. But it will be when the new ruleset applied on all responses will be added. For 103 responses, if the first index is not reset, if there are rewritting rules on server responses, the generated 103 responses, if any, are evaluated too. This patch must be backported and probably adapted, at least for 103 responses, as far as 1.9. --- diff --git a/src/http_act.c b/src/http_act.c index 5d3d2e2794..67eca318ae 100644 --- a/src/http_act.c +++ b/src/http_act.c @@ -1125,6 +1125,7 @@ static enum act_return http_action_early_hint(struct act_rule *rule, struct prox data = htx->data - co_data(res); c_adv(res, data); + htx->first = -1; res->total += data; } diff --git a/src/http_ana.c b/src/http_ana.c index a27652722a..eac5944bae 100644 --- a/src/http_ana.c +++ b/src/http_ana.c @@ -2669,6 +2669,7 @@ int http_apply_redirect_rule(struct redirect_rule *rule, struct stream *s, struc htx->flags |= HTX_FL_PROXY_RESP; data = htx->data - co_data(res); c_adv(res, data); + htx->first = -1; res->total += data; channel_auto_read(req); @@ -4258,6 +4259,7 @@ void http_perform_server_redirect(struct stream *s, struct stream_interface *si) */ data = htx->data - co_data(res); c_adv(res, data); + htx->first = -1; res->total += data; /* return without error. */ @@ -4564,6 +4566,7 @@ void http_server_error(struct stream *s, struct stream_interface *si, int err, htx->flags |= HTX_FL_PROXY_RESP; data = htx->data - co_data(chn); c_adv(chn, data); + htx->first = -1; chn->total += data; } } @@ -4596,6 +4599,7 @@ void http_reply_and_close(struct stream *s, short status, struct buffer *msg) htx->flags |= HTX_FL_PROXY_RESP; data = htx->data - co_data(chn); c_adv(chn, data); + htx->first = -1; chn->total += data; } } @@ -4719,6 +4723,7 @@ static int http_reply_100_continue(struct stream *s) data = htx->data - co_data(res); c_adv(res, data); + htx->first = -1; res->total += data; return 0; @@ -4795,6 +4800,7 @@ static int http_reply_40x_unauthorized(struct stream *s, const char *auth_realm) htx->flags |= HTX_FL_PROXY_RESP; data = htx->data - co_data(res); c_adv(res, data); + htx->first = -1; res->total += data; channel_auto_read(&s->req);