From: Amaury Denoyelle Date: Thu, 27 Mar 2025 16:06:06 +0000 (+0100) Subject: BUG/MINOR: backend: do not overwrite srv dst address on reuse X-Git-Tag: v3.2-dev9~15 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d7fa8e88c4cda6d115b05c65cded5acb4069ee97;p=thirdparty%2Fhaproxy.git BUG/MINOR: backend: do not overwrite srv dst address on reuse Previously, destination address of backend connection was systematically always reassigned. However, this step is unnecessary on connection reuse. Indeed, reuse should only be conducted with connection using the same destination address matching the stream requirements. This patch removes this unnecessary assignment. It is now only performed when reuse cannot be conducted and a new connection is instantiated. Functionnally speaking, this patch should not change anything in theory, as reuse is performed in conformance with the destination address. However, it appears that it was not always properly enforced. The systematic assignment of the destination address hides these issues, so it is now remove. The identified bogus cases will then be fixed in the following patches.would This should be backported up to all stable versions. --- diff --git a/src/backend.c b/src/backend.c index eab4ea6a1..1791a38e6 100644 --- a/src/backend.c +++ b/src/backend.c @@ -1869,6 +1869,9 @@ skip_reuse: srv_conn->src = bind_addr; bind_addr = NULL; + /* copy the target address into the connection */ + *srv_conn->dst = *s->scb->dst; + /* mark? */ if (s->flags & SF_BC_MARK) { srv_conn->mark = s->bc_mark; @@ -1893,10 +1896,6 @@ skip_reuse: if (!srv_conn) return SF_ERR_RESOURCE; - /* copy the target address into the connection */ - if (s->scb->dst) - *srv_conn->dst = *s->scb->dst; - /* Copy network namespace from client connection */ srv_conn->proxy_netns = cli_conn ? cli_conn->proxy_netns : NULL;