MINOR: startup: Add HAVE_WORKING_TCP_MD5SIG in haproxy -vv

the TCP_MD5SIG ifdef is not enough to check if the feature is usable.
The code might compile but the OS could prevent to use it.

This patch tries to use the TCP_MD5SIG setsockopt before adding
HAVE_WORKING_TCP_MD5SIG in the feature list.  so it would prevent to
start reg-tests if the OS can't run it.

diff --git a/reg-tests/connection/tcp_md5_signature.vtc b/reg-tests/connection/tcp_md5_signature.vtc
index 383658e747578694295f26603137e424c1c12f3f..c82516e0ee67ffd2eaadbc4bc69cdb5f07b7ba5e 100644 (file)
--- a/reg-tests/connection/tcp_md5_signature.vtc
+++ b/reg-tests/connection/tcp_md5_signature.vtc
@@ -1,6 +1,6 @@
 varnishtest "Test the support for tcp-md5sig option (linux only)"
 
-feature cmd "$HAPROXY_PROGRAM -cc 'feature(HAVE_TCP_MD5SIG)'"
+feature cmd "$HAPROXY_PROGRAM -cc 'feature(HAVE_WORKING_TCP_MD5SIG)'"
 feature ignore_unknown_macro
 
 haproxy h1 -conf {

diff --git a/src/proto_tcp.c b/src/proto_tcp.c
index 7278452634d573163665ab4ee568e33a150d5916..0b6b71f7e2e7c004fe0f26efc0c8c8289c718d05 100644 (file)
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@@ -1029,6 +1029,31 @@ static int tcp_get_info(struct connection *conn, long long int *info, int info_n
 static void __proto_tcp_init(void)
 {
 #if defined(__linux__) && defined(TCP_MD5SIG)
+       /* check if the setsockopt works to register a line in haproxy -vv */
+       struct sockaddr_in *addr;
+       int fd;
+       struct tcp_md5sig md5 = {};
+
+
+       addr = (struct sockaddr_in *)&md5.tcpm_addr;
+
+       addr->sin_family = AF_INET;
+       addr->sin_port = 0;
+       addr->sin_addr.s_addr = htonl(0x7F000001);
+
+       fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+       if (fd < 0) {
+               goto end;
+       }
+       md5.tcpm_keylen = strlcpy2((char*)md5.tcpm_key, "foobar", sizeof(md5.tcpm_key));
+       if (setsockopt(fd, IPPROTO_TCP, TCP_MD5SIG, &md5, sizeof(md5)) < 0) {
+               goto end;
+       }
+       hap_register_feature("HAVE_WORKING_TCP_MD5SIG");
+end:
+       if (fd >= 0)
+               close(fd);
+
        hap_register_feature("HAVE_TCP_MD5SIG");
 #endif
 }