From: Thierry FOURNIER Date: Tue, 11 Feb 2014 14:23:04 +0000 (+0100) Subject: MINOR: standard: Disable ip resolution during the runtime X-Git-Tag: v1.5-dev23~83 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fc7ac7b89c7a9148cd1cd85db4e4f79f8ee8d704;p=thirdparty%2Fhaproxy.git MINOR: standard: Disable ip resolution during the runtime The function str2net runs DNS resolution if valid ip cannot be parsed. The DNS function used is the standard function of the libc and it performs asynchronous request. The asynchronous request is not compatible with the haproxy archictecture. str2net() is used during the runtime throught the "socket". This patch remove the DNS resolution during the runtime. --- diff --git a/include/common/standard.h b/include/common/standard.h index 9ed06688f7..1a3020dc5c 100644 --- a/include/common/standard.h +++ b/include/common/standard.h @@ -248,7 +248,7 @@ int cidr2dotted(int cidr, struct in_addr *mask); * is optionnal and either in the dotted or CIDR notation. * Note: "addr" can also be a hostname. Returns 1 if OK, 0 if error. */ -int str2net(const char *str, struct in_addr *addr, struct in_addr *mask); +int str2net(const char *str, int resolve, struct in_addr *addr, struct in_addr *mask); /* * converts to two struct in6_addr* which must be pre-allocated. diff --git a/src/cfgparse.c b/src/cfgparse.c index 6611d6cfc1..5635c5716a 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -2198,7 +2198,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) goto out; } else if (!strcmp(args[0], "monitor-net")) { /* set the range of IPs to ignore */ - if (!*args[1] || !str2net(args[1], &curproxy->mon_net, &curproxy->mon_mask)) { + if (!*args[1] || !str2net(args[1], 1, &curproxy->mon_net, &curproxy->mon_mask)) { Alert("parsing [%s:%d] : '%s' expects address[/mask].\n", file, linenum, args[0]); err_code |= ERR_ALERT | ERR_FATAL; @@ -3928,7 +3928,7 @@ stats_error_parsing: while (*(args[cur_arg])) { if (!strcmp(args[cur_arg], "except")) { /* suboption except - needs additional argument for it */ - if (!*(args[cur_arg+1]) || !str2net(args[cur_arg+1], &curproxy->except_net, &curproxy->except_mask)) { + if (!*(args[cur_arg+1]) || !str2net(args[cur_arg+1], 1, &curproxy->except_net, &curproxy->except_mask)) { Alert("parsing [%s:%d] : '%s %s %s' expects
[/mask] as argument.\n", file, linenum, args[0], args[1], args[cur_arg]); err_code |= ERR_ALERT | ERR_FATAL; @@ -3979,7 +3979,7 @@ stats_error_parsing: while (*(args[cur_arg])) { if (!strcmp(args[cur_arg], "except")) { /* suboption except - needs additional argument for it */ - if (!*(args[cur_arg+1]) || !str2net(args[cur_arg+1], &curproxy->except_to, &curproxy->except_mask_to)) { + if (!*(args[cur_arg+1]) || !str2net(args[cur_arg+1], 1, &curproxy->except_to, &curproxy->except_mask_to)) { Alert("parsing [%s:%d] : '%s %s %s' expects
[/mask] as argument.\n", file, linenum, args[0], args[1], args[cur_arg]); err_code |= ERR_ALERT | ERR_FATAL; diff --git a/src/pattern.c b/src/pattern.c index dad2472de1..22aa9d4b71 100644 --- a/src/pattern.c +++ b/src/pattern.c @@ -405,7 +405,8 @@ int pat_parse_dotted_ver(const char *text, struct pattern *pattern, char **err) */ int pat_parse_ip(const char *text, struct pattern *pattern, char **err) { - if (str2net(text, &pattern->val.ipv4.addr, &pattern->val.ipv4.mask)) { + if (str2net(text, global.mode & MODE_STARTING, + &pattern->val.ipv4.addr, &pattern->val.ipv4.mask)) { pattern->type = SMP_T_IPV4; return 1; } diff --git a/src/standard.c b/src/standard.c index 89af08f72a..d435c3c5b3 100644 --- a/src/standard.c +++ b/src/standard.c @@ -809,7 +809,7 @@ int cidr2dotted(int cidr, struct in_addr *mask) { * is optionnal and either in the dotted or CIDR notation. * Note: "addr" can also be a hostname. Returns 1 if OK, 0 if error. */ -int str2net(const char *str, struct in_addr *addr, struct in_addr *mask) +int str2net(const char *str, int resolve, struct in_addr *addr, struct in_addr *mask) { __label__ out_free, out_err; char *c, *s; @@ -834,6 +834,9 @@ int str2net(const char *str, struct in_addr *addr, struct in_addr *mask) if (!inet_pton(AF_INET, s, addr)) { struct hostent *he; + if (!resolve) + goto out_err; + if ((he = gethostbyname(s)) == NULL) { goto out_err; }