From: Aurelien DARRAGON <adarragon@haproxy.com>
Date: Wed, 8 Feb 2023 10:55:08 +0000 (+0100)
Subject: BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding server
X-Git-Tag: v2.8-dev4~24
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=86207e782cea35c4f85657855ed47ab3295e2695;p=thirdparty%2Fhaproxy.git

BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding server

When a new server was added through the cli using "server add" command,
the maxconn/minconn consistency check historically implemented in
check_config_validity() for static servers was missing.

As a result, when adding a server with the maxconn parameter without the
minconn set, the server was unable to handle any connection because
srv_dynamic_maxconn() would always return 0.

Consider the following reproducer:

    |  global
    |    stats socket /tmp/ha.sock mode 660 level admin expose-fd listeners
    |
    |  defaults
    |  timeout client 5s
    |  timeout server 5s
    |  timeout connect 5s
    |
    |  frontend test
    |    mode http
    |    bind *:8081
    |    use_backend farm
    |
    |  listen dummyok
    |    bind localhost:18999
    |    mode http
    |    http-request return status 200 hdr test "ok"
    |
    |  backend farm
    |    mode http

Start haproxy and perform the following :

  echo "add server farm/t1 127.0.0.1:18999 maxconn 100" | nc -U /tmp/ha.sock
  echo "enable server farm/t1" | nc -U /tmp/ha.sock

  curl localhost:8081 # -> 503 after 5s connect timeout

Thanks to ("MINOR: cfgparse/server: move (min/max)conn postparsing logic into
dedicated function"), we are now able to perform the consistency check after
the new dynamic server has been parsed.
This is enough to fix the issue documented here that was reported by
Thomas Pedoussaut on the ML.

This commit depends on:
 - ("MINOR: cfgparse/server: move (min/max)conn postparsing logic into
     dedicated function")

It must be backported to 2.6 and 2.7
---

diff --git a/src/server.c b/src/server.c
index 0ad51b3aba..6e9d5113fe 100644
--- a/src/server.c
+++ b/src/server.c
@@ -4830,6 +4830,9 @@ static int cli_parse_add_server(char **args, char *payload, struct appctx *appct
 		goto out;
 	}
 
+	/* ensure minconn/maxconn consistency */
+	srv_minmax_conn_apply(srv);
+
 	if (srv->use_ssl == 1 || (srv->proxy->options & PR_O_TCPCHK_SSL) ||
 	    srv->check.use_ssl == 1) {
 		if (xprt_get(XPRT_SSL) && xprt_get(XPRT_SSL)->prepare_srv) {